OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ | 5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_ |
6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ | 6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
| 10 #include <memory> |
10 #include <string> | 11 #include <string> |
11 #include <vector> | 12 #include <vector> |
12 | 13 |
13 #include "crypto/crypto_export.h" | 14 #include "crypto/crypto_export.h" |
14 | 15 |
15 namespace crypto { | 16 namespace crypto { |
16 | 17 |
17 class ECPrivateKey; | 18 class ECPrivateKey; |
18 class ECSignatureCreator; | 19 class ECSignatureCreator; |
19 | 20 |
20 class CRYPTO_EXPORT ECSignatureCreatorFactory { | 21 class CRYPTO_EXPORT ECSignatureCreatorFactory { |
21 public: | 22 public: |
22 virtual ~ECSignatureCreatorFactory() {} | 23 virtual ~ECSignatureCreatorFactory() {} |
23 | 24 |
24 virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0; | 25 virtual std::unique_ptr<ECSignatureCreator> Create(ECPrivateKey* key) = 0; |
25 }; | 26 }; |
26 | 27 |
27 // Signs data using a bare private key (as opposed to a full certificate). | 28 // Signs data using a bare private key (as opposed to a full certificate). |
28 // We need this class because SignatureCreator is hardcoded to use | 29 // We need this class because SignatureCreator is hardcoded to use |
29 // RSAPrivateKey. | 30 // RSAPrivateKey. |
30 class CRYPTO_EXPORT ECSignatureCreator { | 31 class CRYPTO_EXPORT ECSignatureCreator { |
31 public: | 32 public: |
32 virtual ~ECSignatureCreator() {} | 33 virtual ~ECSignatureCreator() {} |
33 | 34 |
34 // Create an instance. The caller must ensure that the provided PrivateKey | 35 // Create an instance. The caller must ensure that the provided PrivateKey |
35 // instance outlives the created ECSignatureCreator. | 36 // instance outlives the created ECSignatureCreator. |
36 // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should | 37 // TODO(rch): This is currently hard coded to use SHA256. Ideally, we should |
37 // pass in the hash algorithm identifier. | 38 // pass in the hash algorithm identifier. |
38 static ECSignatureCreator* Create(ECPrivateKey* key); | 39 static std::unique_ptr<ECSignatureCreator> Create(ECPrivateKey* key); |
39 | 40 |
40 // Set a factory to make the Create function return non-standard | 41 // Set a factory to make the Create function return non-standard |
41 // ECSignatureCreator objects. Because the ECDSA algorithm involves | 42 // ECSignatureCreator objects. Because the ECDSA algorithm involves |
42 // randomness, this is useful for higher-level tests that want to have | 43 // randomness, this is useful for higher-level tests that want to have |
43 // deterministic mocked output to compare. | 44 // deterministic mocked output to compare. |
44 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); | 45 static void SetFactoryForTesting(ECSignatureCreatorFactory* factory); |
45 | 46 |
46 // Signs |data_len| bytes from |data| and writes the results into | 47 // Signs |data_len| bytes from |data| and writes the results into |
47 // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279. | 48 // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279. |
48 // | 49 // |
49 // ECDSA-Sig-Value ::= SEQUENCE { | 50 // ECDSA-Sig-Value ::= SEQUENCE { |
50 // r INTEGER, | 51 // r INTEGER, |
51 // s INTEGER } | 52 // s INTEGER } |
52 virtual bool Sign(const uint8_t* data, | 53 virtual bool Sign(const uint8_t* data, |
53 int data_len, | 54 int data_len, |
54 std::vector<uint8_t>* signature) = 0; | 55 std::vector<uint8_t>* signature) = 0; |
55 | 56 |
56 // DecodeSignature converts from a DER encoded ECDSA-Sig-Value (as produced | 57 // DecodeSignature converts from a DER encoded ECDSA-Sig-Value (as produced |
57 // by Sign) to a `raw' ECDSA signature which consists of a pair of | 58 // by Sign) to a `raw' ECDSA signature which consists of a pair of |
58 // big-endian, zero-padded, 256-bit integers, r and s. On success it returns | 59 // big-endian, zero-padded, 256-bit integers, r and s. On success it returns |
59 // true and puts the raw signature into |out_raw_sig|. | 60 // true and puts the raw signature into |out_raw_sig|. |
60 // (Only P-256 signatures are supported.) | 61 // (Only P-256 signatures are supported.) |
61 virtual bool DecodeSignature(const std::vector<uint8_t>& signature, | 62 virtual bool DecodeSignature(const std::vector<uint8_t>& signature, |
62 std::vector<uint8_t>* out_raw_sig) = 0; | 63 std::vector<uint8_t>* out_raw_sig) = 0; |
63 }; | 64 }; |
64 | 65 |
65 } // namespace crypto | 66 } // namespace crypto |
66 | 67 |
67 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ | 68 #endif // CRYPTO_EC_SIGNATURE_CREATOR_H_ |
OLD | NEW |