OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_SIGNATURE_VERIFIER_H_ | 5 #ifndef CRYPTO_SIGNATURE_VERIFIER_H_ |
6 #define CRYPTO_SIGNATURE_VERIFIER_H_ | 6 #define CRYPTO_SIGNATURE_VERIFIER_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <memory> | 10 #include <memory> |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
47 // The signature is encoded according to the signature algorithm. | 47 // The signature is encoded according to the signature algorithm. |
48 // | 48 // |
49 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo | 49 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo |
50 // structure, which contains not only the public key but also its type | 50 // structure, which contains not only the public key but also its type |
51 // (algorithm): | 51 // (algorithm): |
52 // SubjectPublicKeyInfo ::= SEQUENCE { | 52 // SubjectPublicKeyInfo ::= SEQUENCE { |
53 // algorithm AlgorithmIdentifier, | 53 // algorithm AlgorithmIdentifier, |
54 // subjectPublicKey BIT STRING } | 54 // subjectPublicKey BIT STRING } |
55 bool VerifyInit(SignatureAlgorithm signature_algorithm, | 55 bool VerifyInit(SignatureAlgorithm signature_algorithm, |
56 const uint8_t* signature, | 56 const uint8_t* signature, |
57 int signature_len, | 57 size_t signature_len, |
58 const uint8_t* public_key_info, | 58 const uint8_t* public_key_info, |
59 int public_key_info_len); | 59 size_t public_key_info_len); |
60 | 60 |
61 // Initiates a RSA-PSS signature verification operation. This should be | 61 // Initiates a RSA-PSS signature verification operation. This should be |
62 // followed by one or more VerifyUpdate calls and a VerifyFinal call. | 62 // followed by one or more VerifyUpdate calls and a VerifyFinal call. |
63 // | 63 // |
64 // The RSA-PSS signature algorithm parameters are specified with the | 64 // The RSA-PSS signature algorithm parameters are specified with the |
65 // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments. | 65 // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments. |
66 // | 66 // |
67 // An RSA-PSS signature is a nonnegative integer encoded as a byte string | 67 // An RSA-PSS signature is a nonnegative integer encoded as a byte string |
68 // (of the same length as the RSA modulus) in big-endian byte order. It | 68 // (of the same length as the RSA modulus) in big-endian byte order. It |
69 // must not be further encoded in an ASN.1 BIT STRING. | 69 // must not be further encoded in an ASN.1 BIT STRING. |
70 // | 70 // |
71 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo | 71 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo |
72 // structure, which contains not only the public key but also its type | 72 // structure, which contains not only the public key but also its type |
73 // (algorithm): | 73 // (algorithm): |
74 // SubjectPublicKeyInfo ::= SEQUENCE { | 74 // SubjectPublicKeyInfo ::= SEQUENCE { |
75 // algorithm AlgorithmIdentifier, | 75 // algorithm AlgorithmIdentifier, |
76 // subjectPublicKey BIT STRING } | 76 // subjectPublicKey BIT STRING } |
77 bool VerifyInitRSAPSS(HashAlgorithm hash_alg, | 77 bool VerifyInitRSAPSS(HashAlgorithm hash_alg, |
78 HashAlgorithm mask_hash_alg, | 78 HashAlgorithm mask_hash_alg, |
79 int salt_len, | 79 size_t salt_len, |
80 const uint8_t* signature, | 80 const uint8_t* signature, |
81 int signature_len, | 81 size_t signature_len, |
82 const uint8_t* public_key_info, | 82 const uint8_t* public_key_info, |
83 int public_key_info_len); | 83 size_t public_key_info_len); |
84 | 84 |
85 // Feeds a piece of the data to the signature verifier. | 85 // Feeds a piece of the data to the signature verifier. |
86 void VerifyUpdate(const uint8_t* data_part, int data_part_len); | 86 void VerifyUpdate(const uint8_t* data_part, size_t data_part_len); |
87 | 87 |
88 // Concludes a signature verification operation. Returns true if the | 88 // Concludes a signature verification operation. Returns true if the |
89 // signature is valid. Returns false if the signature is invalid or an | 89 // signature is valid. Returns false if the signature is invalid or an |
90 // error occurred. | 90 // error occurred. |
91 bool VerifyFinal(); | 91 bool VerifyFinal(); |
92 | 92 |
93 private: | 93 private: |
94 bool CommonInit(int pkey_type, | 94 bool CommonInit(int pkey_type, |
95 const EVP_MD* digest, | 95 const EVP_MD* digest, |
96 const uint8_t* signature, | 96 const uint8_t* signature, |
97 int signature_len, | 97 size_t signature_len, |
98 const uint8_t* public_key_info, | 98 const uint8_t* public_key_info, |
99 int public_key_info_len, | 99 size_t public_key_info_len, |
100 EVP_PKEY_CTX** pkey_ctx); | 100 EVP_PKEY_CTX** pkey_ctx); |
101 | 101 |
102 void Reset(); | 102 void Reset(); |
103 | 103 |
104 std::vector<uint8_t> signature_; | 104 std::vector<uint8_t> signature_; |
105 | 105 |
106 struct VerifyContext; | 106 struct VerifyContext; |
107 std::unique_ptr<VerifyContext> verify_context_; | 107 std::unique_ptr<VerifyContext> verify_context_; |
108 }; | 108 }; |
109 | 109 |
110 } // namespace crypto | 110 } // namespace crypto |
111 | 111 |
112 #endif // CRYPTO_SIGNATURE_VERIFIER_H_ | 112 #endif // CRYPTO_SIGNATURE_VERIFIER_H_ |
OLD | NEW |