OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CRYPTO_SIGNATURE_CREATOR_H_ | 5 #ifndef CRYPTO_SIGNATURE_CREATOR_H_ |
6 #define CRYPTO_SIGNATURE_CREATOR_H_ | 6 #define CRYPTO_SIGNATURE_CREATOR_H_ |
7 | 7 |
8 #include <vector> | 8 #include <vector> |
9 | 9 |
10 #include "build/build_config.h" | 10 #include "build/build_config.h" |
11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
12 #include "crypto/crypto_export.h" | 12 #include "crypto/crypto_export.h" |
13 | 13 |
14 #if defined(USE_OPENSSL) | 14 #if defined(USE_OPENSSL) |
15 // Forward declaration for openssl/*.h | 15 // Forward declaration for openssl/*.h |
16 typedef struct env_md_ctx_st EVP_MD_CTX; | 16 typedef struct env_md_ctx_st EVP_MD_CTX; |
17 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) | 17 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
18 // Forward declaration. | 18 // Forward declaration. |
19 struct SGNContextStr; | 19 struct SGNContextStr; |
20 #endif | 20 #endif |
21 | 21 |
22 namespace crypto { | 22 namespace crypto { |
23 | 23 |
24 class RSAPrivateKey; | 24 class RSAPrivateKey; |
25 | 25 |
26 // Signs data using a bare private key (as opposed to a full certificate). | 26 // Signs data using a bare private key (as opposed to a full certificate). |
27 // Currently can only sign data using SHA-1 with RSA encryption. | 27 // Currently can only sign data using SHA-1 or SHA-256 with RSA encryption. |
Ryan Sleevi
2014/09/10 22:09:29
Would you mind updating this comment to be more pr
dougsteed
2014/09/12 00:14:37
Done in upcoming new version.
| |
28 class CRYPTO_EXPORT SignatureCreator { | 28 class CRYPTO_EXPORT SignatureCreator { |
29 public: | 29 public: |
30 // The set of supported hash functions. Extend as required. | |
31 enum HashAlgorithm { | |
32 SHA1, | |
33 SHA256, | |
34 }; | |
35 | |
30 ~SignatureCreator(); | 36 ~SignatureCreator(); |
31 | 37 |
32 // Create an instance. The caller must ensure that the provided PrivateKey | 38 // Create an instance. The caller must ensure that the provided PrivateKey |
33 // instance outlives the created SignatureCreator. | 39 // instance outlives the created SignatureCreator. Uses SHA-1. |
34 static SignatureCreator* Create(RSAPrivateKey* key); | 40 static SignatureCreator* Create(RSAPrivateKey* key); |
Ryan Sleevi
2014/09/10 22:09:29
FWIW, Would prefer to update all of these callsite
dougsteed
2014/09/12 00:14:37
No, it's not a lot, but our callsite itself has no
Ryan Sleevi
2014/09/12 00:19:02
If it's upstream, we fix it in the entire codebase
| |
35 | 41 |
42 // Create an instance. As above, but with the HashAlgorithm specified. | |
43 static SignatureCreator* CreateUsingSpecifiedHash(RSAPrivateKey* key, | |
davidben
2014/09/10 22:03:54
Nit: Maybe s/UsingSpecified/With/ or s/UsingSpecif
dougsteed
2014/09/12 00:14:37
Since you describe it as a nit, can I continue to
Ryan Sleevi
2014/09/12 00:19:02
I'm not sure why longer is better. CreateWithHash
| |
44 HashAlgorithm hash_alg); | |
45 | |
36 // Signs the precomputed SHA-1 digest |data| using private |key| as | 46 // Signs the precomputed SHA-1 digest |data| using private |key| as |
37 // specified in PKCS #1 v1.5. | 47 // specified in PKCS #1 v1.5. |
Ryan Sleevi
2014/09/10 22:09:29
If adding hash-algorithm support, why not make the
dougsteed
2014/09/12 00:14:37
Done below. As with the above, I kept the existing
| |
38 static bool Sign(RSAPrivateKey* key, | 48 static bool Sign(RSAPrivateKey* key, |
39 const uint8* data, | 49 const uint8* data, |
40 int data_len, | 50 int data_len, |
41 std::vector<uint8>* signature); | 51 std::vector<uint8>* signature); |
42 | 52 |
53 // Signs the precomputed |hash_alg| digest |data| using private |key| as | |
54 // specified in PKCS #1 v1.5. | |
55 static bool SignUsingSpecifiedHash(RSAPrivateKey* key, | |
56 HashAlgorithm hash_alg, | |
57 const uint8* data, | |
58 int data_len, | |
59 std::vector<uint8>* signature); | |
60 | |
43 // Update the signature with more data. | 61 // Update the signature with more data. |
44 bool Update(const uint8* data_part, int data_part_len); | 62 bool Update(const uint8* data_part, int data_part_len); |
45 | 63 |
46 // Finalize the signature. | 64 // Finalize the signature. |
47 bool Final(std::vector<uint8>* signature); | 65 bool Final(std::vector<uint8>* signature); |
48 | 66 |
49 private: | 67 private: |
50 // Private constructor. Use the Create() method instead. | 68 // Private constructor. Use the Create() method instead. |
51 SignatureCreator(); | 69 SignatureCreator(); |
52 | 70 |
53 RSAPrivateKey* key_; | 71 RSAPrivateKey* key_; |
54 | 72 |
55 #if defined(USE_OPENSSL) | 73 #if defined(USE_OPENSSL) |
56 EVP_MD_CTX* sign_context_; | 74 EVP_MD_CTX* sign_context_; |
57 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) | 75 #elif defined(USE_NSS) || defined(OS_WIN) || defined(OS_MACOSX) |
58 SGNContextStr* sign_context_; | 76 SGNContextStr* sign_context_; |
59 #endif | 77 #endif |
60 | 78 |
61 DISALLOW_COPY_AND_ASSIGN(SignatureCreator); | 79 DISALLOW_COPY_AND_ASSIGN(SignatureCreator); |
62 }; | 80 }; |
63 | 81 |
64 } // namespace crypto | 82 } // namespace crypto |
65 | 83 |
66 #endif // CRYPTO_SIGNATURE_CREATOR_H_ | 84 #endif // CRYPTO_SIGNATURE_CREATOR_H_ |
OLD | NEW |