| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/signature_creator.h" | 5 #include "crypto/signature_creator.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "crypto/nss_util.h" | 13 #include "crypto/nss_util.h" |
| 14 #include "crypto/rsa_private_key.h" | 14 #include "crypto/rsa_private_key.h" |
| 15 | 15 |
| 16 namespace crypto { | 16 namespace crypto { |
| 17 | 17 |
| 18 namespace { |
| 19 |
| 20 SECOidTag ToNSSSigOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 21 switch (hash_alg) { |
| 22 case SignatureCreator::SHA1: |
| 23 return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; |
| 24 case SignatureCreator::SHA256: |
| 25 return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; |
| 26 } |
| 27 return SEC_OID_UNKNOWN; |
| 28 } |
| 29 |
| 30 SECOidTag ToNSSHashOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 31 switch (hash_alg) { |
| 32 case SignatureCreator::SHA1: |
| 33 return SEC_OID_SHA1; |
| 34 case SignatureCreator::SHA256: |
| 35 return SEC_OID_SHA256; |
| 36 } |
| 37 return SEC_OID_UNKNOWN; |
| 38 } |
| 39 |
| 40 } // namespace |
| 41 |
| 18 SignatureCreator::~SignatureCreator() { | 42 SignatureCreator::~SignatureCreator() { |
| 19 if (sign_context_) { | 43 if (sign_context_) { |
| 20 SGN_DestroyContext(sign_context_, PR_TRUE); | 44 SGN_DestroyContext(sign_context_, PR_TRUE); |
| 21 sign_context_ = NULL; | 45 sign_context_ = NULL; |
| 22 } | 46 } |
| 23 } | 47 } |
| 24 | 48 |
| 25 // static | 49 // static |
| 26 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { | 50 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { |
| 51 return CreateUsingSpecifiedHash(key, SignatureCreator::SHA1); |
| 52 } |
| 53 |
| 54 // static |
| 55 SignatureCreator* SignatureCreator::CreateUsingSpecifiedHash( |
| 56 RSAPrivateKey* key, |
| 57 HashAlgorithm hash_alg) { |
| 27 scoped_ptr<SignatureCreator> result(new SignatureCreator); | 58 scoped_ptr<SignatureCreator> result(new SignatureCreator); |
| 28 result->key_ = key; | 59 result->key_ = key; |
| 29 | 60 |
| 30 result->sign_context_ = SGN_NewContext(SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, | 61 result->sign_context_ = SGN_NewContext(ToNSSSigOid(hash_alg), key->key()); |
| 31 key->key()); | |
| 32 if (!result->sign_context_) { | 62 if (!result->sign_context_) { |
| 33 NOTREACHED(); | 63 NOTREACHED(); |
| 34 return NULL; | 64 return NULL; |
| 35 } | 65 } |
| 36 | 66 |
| 37 SECStatus rv = SGN_Begin(result->sign_context_); | 67 SECStatus rv = SGN_Begin(result->sign_context_); |
| 38 if (rv != SECSuccess) { | 68 if (rv != SECSuccess) { |
| 39 NOTREACHED(); | 69 NOTREACHED(); |
| 40 return NULL; | 70 return NULL; |
| 41 } | 71 } |
| 42 | 72 |
| 43 return result.release(); | 73 return result.release(); |
| 44 } | 74 } |
| 45 | 75 |
| 46 // static | 76 // static |
| 47 bool SignatureCreator::Sign(RSAPrivateKey* key, | 77 bool SignatureCreator::Sign(RSAPrivateKey* key, |
| 48 const uint8* data, | 78 const uint8* data, |
| 49 int data_len, | 79 int data_len, |
| 50 std::vector<uint8>* signature) { | 80 std::vector<uint8>* signature) { |
| 81 return SignUsingSpecifiedHash( |
| 82 key, SignatureCreator::SHA1, data, data_len, signature); |
| 83 } |
| 84 |
| 85 // static |
| 86 bool SignatureCreator::SignUsingSpecifiedHash(RSAPrivateKey* key, |
| 87 HashAlgorithm hash_alg, |
| 88 const uint8* data, |
| 89 int data_len, |
| 90 std::vector<uint8>* signature) { |
| 51 SECItem data_item; | 91 SECItem data_item; |
| 52 data_item.type = siBuffer; | 92 data_item.type = siBuffer; |
| 53 data_item.data = const_cast<unsigned char*>(data); | 93 data_item.data = const_cast<unsigned char*>(data); |
| 54 data_item.len = data_len; | 94 data_item.len = data_len; |
| 55 | 95 |
| 56 SECItem signature_item; | 96 SECItem signature_item; |
| 57 SECStatus rv = SGN_Digest(key->key(), SEC_OID_SHA1, &signature_item, | 97 SECStatus rv = SGN_Digest(key->key(), ToNSSHashOid(hash_alg), &signature_item, |
| 58 &data_item); | 98 &data_item); |
| 59 if (rv != SECSuccess) { | 99 if (rv != SECSuccess) { |
| 60 NOTREACHED(); | 100 NOTREACHED(); |
| 61 return false; | 101 return false; |
| 62 } | 102 } |
| 63 signature->assign(signature_item.data, | 103 signature->assign(signature_item.data, |
| 64 signature_item.data + signature_item.len); | 104 signature_item.data + signature_item.len); |
| 65 SECITEM_FreeItem(&signature_item, PR_FALSE); | 105 SECITEM_FreeItem(&signature_item, PR_FALSE); |
| 66 return true; | 106 return true; |
| 67 } | 107 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 88 return true; | 128 return true; |
| 89 } | 129 } |
| 90 | 130 |
| 91 SignatureCreator::SignatureCreator() | 131 SignatureCreator::SignatureCreator() |
| 92 : key_(NULL), | 132 : key_(NULL), |
| 93 sign_context_(NULL) { | 133 sign_context_(NULL) { |
| 94 EnsureNSSInit(); | 134 EnsureNSSInit(); |
| 95 } | 135 } |
| 96 | 136 |
| 97 } // namespace crypto | 137 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 560583002:
Generalize crypto::SignatureCreator to allow choice of hash function, so as to support SHA256 (not … (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master