OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/ec_signature_creator_impl.h" | 5 #include "crypto/ec_signature_creator_impl.h" |
6 | 6 |
| 7 #include <openssl/bn.h> |
| 8 #include <openssl/ec.h> |
| 9 #include <openssl/ecdsa.h> |
| 10 #include <openssl/evp.h> |
| 11 #include <openssl/sha.h> |
| 12 |
7 #include "base/logging.h" | 13 #include "base/logging.h" |
| 14 #include "crypto/ec_private_key.h" |
| 15 #include "crypto/openssl_util.h" |
8 | 16 |
9 namespace crypto { | 17 namespace crypto { |
10 | 18 |
11 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) | 19 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) |
12 : key_(key) { | 20 : key_(key), signature_len_(0) { |
13 NOTIMPLEMENTED(); | 21 EnsureOpenSSLInit(); |
14 } | 22 } |
15 | 23 |
16 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} | 24 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {} |
17 | 25 |
18 bool ECSignatureCreatorImpl::Sign(const uint8* data, | 26 bool ECSignatureCreatorImpl::Sign(const uint8* data, |
19 int data_len, | 27 int data_len, |
20 std::vector<uint8>* signature) { | 28 std::vector<uint8>* signature) { |
21 NOTIMPLEMENTED(); | 29 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
22 return false; | 30 ScopedOpenSSL<EVP_MD_CTX, EVP_MD_CTX_destroy> ctx(EVP_MD_CTX_create()); |
| 31 size_t sig_len = 0; |
| 32 if (!ctx.get() || |
| 33 !EVP_DigestSignInit(ctx.get(), NULL, EVP_sha256(), NULL, key_->key()) || |
| 34 !EVP_DigestSignUpdate(ctx.get(), data, data_len) || |
| 35 !EVP_DigestSignFinal(ctx.get(), NULL, &sig_len)) { |
| 36 return false; |
| 37 } |
| 38 |
| 39 signature->resize(sig_len); |
| 40 if (!EVP_DigestSignFinal(ctx.get(), &signature->front(), &sig_len)) |
| 41 return false; |
| 42 |
| 43 // NOTE: A call to EVP_DigestSignFinal() with a NULL second parameter returns |
| 44 // a maximum allocation size, while the call without a NULL returns the real |
| 45 // one, which may be smaller. |
| 46 signature->resize(sig_len); |
| 47 return true; |
23 } | 48 } |
24 | 49 |
25 bool ECSignatureCreatorImpl::DecodeSignature(const std::vector<uint8>& der_sig, | 50 bool ECSignatureCreatorImpl::DecodeSignature(const std::vector<uint8>& der_sig, |
26 std::vector<uint8>* out_raw_sig) { | 51 std::vector<uint8>* out_raw_sig) { |
27 NOTIMPLEMENTED(); | 52 OpenSSLErrStackTracer err_tracer(FROM_HERE); |
28 return false; | 53 // Create ECDSA_SIG object from DER-encoded data. |
| 54 const unsigned char* der_data = &der_sig.front(); |
| 55 ScopedOpenSSL<ECDSA_SIG, ECDSA_SIG_free> ecdsa_sig( |
| 56 d2i_ECDSA_SIG(NULL, &der_data, static_cast<long>(der_sig.size()))); |
| 57 if (!ecdsa_sig.get()) |
| 58 return false; |
| 59 |
| 60 // The result is made of two 32-byte vectors. |
| 61 const size_t kMaxBytesPerBN = 32; |
| 62 std::vector<uint8> result; |
| 63 result.resize(2 * kMaxBytesPerBN); |
| 64 memset(&result[0], 0, result.size()); |
| 65 |
| 66 BIGNUM* r = ecdsa_sig.get()->r; |
| 67 BIGNUM* s = ecdsa_sig.get()->s; |
| 68 int r_bytes = BN_num_bytes(r); |
| 69 int s_bytes = BN_num_bytes(s); |
| 70 // NOTE: Can't really check for equality here since sometimes the value |
| 71 // returned by BN_num_bytes() will be slightly smaller than kMaxBytesPerBN. |
| 72 if (r_bytes > static_cast<int>(kMaxBytesPerBN) || |
| 73 s_bytes > static_cast<int>(kMaxBytesPerBN)) { |
| 74 DLOG(ERROR) << "Invalid key sizes r(" << r_bytes << ") s(" << s_bytes |
| 75 << ")"; |
| 76 return false; |
| 77 } |
| 78 BN_bn2bin(ecdsa_sig.get()->r, &result[kMaxBytesPerBN - r_bytes]); |
| 79 BN_bn2bin(ecdsa_sig.get()->s, &result[2 * kMaxBytesPerBN - s_bytes]); |
| 80 out_raw_sig->swap(result); |
| 81 return true; |
29 } | 82 } |
30 | 83 |
31 } // namespace crypto | 84 } // namespace crypto |
OLD | NEW |