OLD | NEW |
| (Empty) |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #include "crypto/signature_verifier.h" | |
6 | |
7 #include <openssl/bytestring.h> | |
8 #include <openssl/digest.h> | |
9 #include <openssl/evp.h> | |
10 #include <stdint.h> | |
11 | |
12 #include <memory> | |
13 #include <vector> | |
14 | |
15 #include "base/logging.h" | |
16 #include "crypto/openssl_util.h" | |
17 #include "crypto/scoped_openssl_types.h" | |
18 | |
19 namespace crypto { | |
20 | |
21 namespace { | |
22 | |
23 const EVP_MD* ToOpenSSLDigest(SignatureVerifier::HashAlgorithm hash_alg) { | |
24 switch (hash_alg) { | |
25 case SignatureVerifier::SHA1: | |
26 return EVP_sha1(); | |
27 case SignatureVerifier::SHA256: | |
28 return EVP_sha256(); | |
29 } | |
30 return NULL; | |
31 } | |
32 | |
33 } // namespace | |
34 | |
35 struct SignatureVerifier::VerifyContext { | |
36 ScopedEVP_MD_CTX ctx; | |
37 }; | |
38 | |
39 SignatureVerifier::SignatureVerifier() | |
40 : verify_context_(NULL) { | |
41 } | |
42 | |
43 SignatureVerifier::~SignatureVerifier() { | |
44 Reset(); | |
45 } | |
46 | |
47 bool SignatureVerifier::VerifyInit(SignatureAlgorithm signature_algorithm, | |
48 const uint8_t* signature, | |
49 int signature_len, | |
50 const uint8_t* public_key_info, | |
51 int public_key_info_len) { | |
52 int pkey_type = EVP_PKEY_NONE; | |
53 const EVP_MD* digest = nullptr; | |
54 switch (signature_algorithm) { | |
55 case RSA_PKCS1_SHA1: | |
56 pkey_type = EVP_PKEY_RSA; | |
57 digest = EVP_sha1(); | |
58 break; | |
59 case RSA_PKCS1_SHA256: | |
60 pkey_type = EVP_PKEY_RSA; | |
61 digest = EVP_sha256(); | |
62 break; | |
63 case ECDSA_SHA256: | |
64 pkey_type = EVP_PKEY_EC; | |
65 digest = EVP_sha256(); | |
66 break; | |
67 } | |
68 DCHECK_NE(EVP_PKEY_NONE, pkey_type); | |
69 DCHECK(digest); | |
70 | |
71 return CommonInit(pkey_type, digest, signature, signature_len, | |
72 public_key_info, public_key_info_len, nullptr); | |
73 } | |
74 | |
75 bool SignatureVerifier::VerifyInitRSAPSS(HashAlgorithm hash_alg, | |
76 HashAlgorithm mask_hash_alg, | |
77 int salt_len, | |
78 const uint8_t* signature, | |
79 int signature_len, | |
80 const uint8_t* public_key_info, | |
81 int public_key_info_len) { | |
82 OpenSSLErrStackTracer err_tracer(FROM_HERE); | |
83 const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); | |
84 DCHECK(digest); | |
85 if (!digest) { | |
86 return false; | |
87 } | |
88 | |
89 EVP_PKEY_CTX* pkey_ctx; | |
90 if (!CommonInit(EVP_PKEY_RSA, digest, signature, signature_len, | |
91 public_key_info, public_key_info_len, &pkey_ctx)) { | |
92 return false; | |
93 } | |
94 | |
95 int rv = EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING); | |
96 if (rv != 1) | |
97 return false; | |
98 const EVP_MD* const mgf_digest = ToOpenSSLDigest(mask_hash_alg); | |
99 DCHECK(mgf_digest); | |
100 if (!mgf_digest) { | |
101 return false; | |
102 } | |
103 return EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf_digest) && | |
104 EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len); | |
105 } | |
106 | |
107 void SignatureVerifier::VerifyUpdate(const uint8_t* data_part, | |
108 int data_part_len) { | |
109 DCHECK(verify_context_); | |
110 OpenSSLErrStackTracer err_tracer(FROM_HERE); | |
111 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(), | |
112 data_part, data_part_len); | |
113 DCHECK_EQ(rv, 1); | |
114 } | |
115 | |
116 bool SignatureVerifier::VerifyFinal() { | |
117 DCHECK(verify_context_); | |
118 OpenSSLErrStackTracer err_tracer(FROM_HERE); | |
119 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(), signature_.data(), | |
120 signature_.size()); | |
121 DCHECK_EQ(static_cast<int>(!!rv), rv); | |
122 Reset(); | |
123 return rv == 1; | |
124 } | |
125 | |
126 bool SignatureVerifier::CommonInit(int pkey_type, | |
127 const EVP_MD* digest, | |
128 const uint8_t* signature, | |
129 int signature_len, | |
130 const uint8_t* public_key_info, | |
131 int public_key_info_len, | |
132 EVP_PKEY_CTX** pkey_ctx) { | |
133 if (verify_context_) | |
134 return false; | |
135 | |
136 verify_context_ = new VerifyContext; | |
137 | |
138 signature_.assign(signature, signature + signature_len); | |
139 | |
140 CBS cbs; | |
141 CBS_init(&cbs, public_key_info, public_key_info_len); | |
142 ScopedEVP_PKEY public_key(EVP_parse_public_key(&cbs)); | |
143 if (!public_key || CBS_len(&cbs) != 0 || | |
144 EVP_PKEY_id(public_key.get()) != pkey_type) { | |
145 return false; | |
146 } | |
147 | |
148 verify_context_->ctx.reset(EVP_MD_CTX_create()); | |
149 int rv = EVP_DigestVerifyInit(verify_context_->ctx.get(), pkey_ctx, | |
150 digest, nullptr, public_key.get()); | |
151 return rv == 1; | |
152 } | |
153 | |
154 void SignatureVerifier::Reset() { | |
155 delete verify_context_; | |
156 verify_context_ = NULL; | |
157 signature_.clear(); | |
158 } | |
159 | |
160 } // namespace crypto | |
OLD | NEW |