OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "crypto/signature_creator.h" | 5 #include "crypto/signature_creator.h" |
6 | 6 |
7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
8 #include <keyhi.h> | 8 #include <keyhi.h> |
9 #include <stdlib.h> | 9 #include <stdlib.h> |
10 | 10 |
11 #include "base/logging.h" | 11 #include "base/logging.h" |
12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
13 #include "crypto/nss_util.h" | 13 #include "crypto/nss_util.h" |
14 #include "crypto/rsa_private_key.h" | 14 #include "crypto/rsa_private_key.h" |
15 | 15 |
16 namespace crypto { | 16 namespace crypto { |
17 | 17 |
| 18 namespace { |
| 19 |
| 20 SECOidTag ToNSSSigOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 21 switch (hash_alg) { |
| 22 case SignatureCreator::SHA1: |
| 23 return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; |
| 24 case SignatureCreator::SHA256: |
| 25 return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; |
| 26 } |
| 27 return SEC_OID_UNKNOWN; |
| 28 } |
| 29 |
| 30 SECOidTag ToNSSHashOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 31 switch (hash_alg) { |
| 32 case SignatureCreator::SHA1: |
| 33 return SEC_OID_SHA1; |
| 34 case SignatureCreator::SHA256: |
| 35 return SEC_OID_SHA256; |
| 36 } |
| 37 return SEC_OID_UNKNOWN; |
| 38 } |
| 39 |
| 40 } // namespace |
| 41 |
18 SignatureCreator::~SignatureCreator() { | 42 SignatureCreator::~SignatureCreator() { |
19 if (sign_context_) { | 43 if (sign_context_) { |
20 SGN_DestroyContext(sign_context_, PR_TRUE); | 44 SGN_DestroyContext(sign_context_, PR_TRUE); |
21 sign_context_ = NULL; | 45 sign_context_ = NULL; |
22 } | 46 } |
23 } | 47 } |
24 | 48 |
25 // static | 49 // static |
26 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { | 50 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { |
| 51 return CreateUsingSpecifiedHash(key, SignatureCreator::SHA1); |
| 52 } |
| 53 |
| 54 // static |
| 55 SignatureCreator* SignatureCreator::CreateUsingSpecifiedHash( |
| 56 RSAPrivateKey* key, |
| 57 HashAlgorithm hash_alg) { |
27 scoped_ptr<SignatureCreator> result(new SignatureCreator); | 58 scoped_ptr<SignatureCreator> result(new SignatureCreator); |
28 result->key_ = key; | 59 result->key_ = key; |
29 | 60 |
30 result->sign_context_ = SGN_NewContext(SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, | 61 result->sign_context_ = SGN_NewContext(ToNSSSigOid(hash_alg), key->key()); |
31 key->key()); | |
32 if (!result->sign_context_) { | 62 if (!result->sign_context_) { |
33 NOTREACHED(); | 63 NOTREACHED(); |
34 return NULL; | 64 return NULL; |
35 } | 65 } |
36 | 66 |
37 SECStatus rv = SGN_Begin(result->sign_context_); | 67 SECStatus rv = SGN_Begin(result->sign_context_); |
38 if (rv != SECSuccess) { | 68 if (rv != SECSuccess) { |
39 NOTREACHED(); | 69 NOTREACHED(); |
40 return NULL; | 70 return NULL; |
41 } | 71 } |
42 | 72 |
43 return result.release(); | 73 return result.release(); |
44 } | 74 } |
45 | 75 |
46 // static | 76 // static |
47 bool SignatureCreator::Sign(RSAPrivateKey* key, | 77 bool SignatureCreator::Sign(RSAPrivateKey* key, |
48 const uint8* data, | 78 const uint8* data, |
49 int data_len, | 79 int data_len, |
50 std::vector<uint8>* signature) { | 80 std::vector<uint8>* signature) { |
| 81 return SignUsingSpecifiedHash( |
| 82 key, SignatureCreator::SHA1, data, data_len, signature); |
| 83 } |
| 84 |
| 85 // static |
| 86 bool SignatureCreator::SignUsingSpecifiedHash(RSAPrivateKey* key, |
| 87 HashAlgorithm hash_alg, |
| 88 const uint8* data, |
| 89 int data_len, |
| 90 std::vector<uint8>* signature) { |
51 SECItem data_item; | 91 SECItem data_item; |
52 data_item.type = siBuffer; | 92 data_item.type = siBuffer; |
53 data_item.data = const_cast<unsigned char*>(data); | 93 data_item.data = const_cast<unsigned char*>(data); |
54 data_item.len = data_len; | 94 data_item.len = data_len; |
55 | 95 |
56 SECItem signature_item; | 96 SECItem signature_item; |
57 SECStatus rv = SGN_Digest(key->key(), SEC_OID_SHA1, &signature_item, | 97 SECStatus rv = SGN_Digest(key->key(), ToNSSHashOid(hash_alg), &signature_item, |
58 &data_item); | 98 &data_item); |
59 if (rv != SECSuccess) { | 99 if (rv != SECSuccess) { |
60 NOTREACHED(); | 100 NOTREACHED(); |
61 return false; | 101 return false; |
62 } | 102 } |
63 signature->assign(signature_item.data, | 103 signature->assign(signature_item.data, |
64 signature_item.data + signature_item.len); | 104 signature_item.data + signature_item.len); |
65 SECITEM_FreeItem(&signature_item, PR_FALSE); | 105 SECITEM_FreeItem(&signature_item, PR_FALSE); |
66 return true; | 106 return true; |
67 } | 107 } |
(...skipping 20 matching lines...) Expand all Loading... |
88 return true; | 128 return true; |
89 } | 129 } |
90 | 130 |
91 SignatureCreator::SignatureCreator() | 131 SignatureCreator::SignatureCreator() |
92 : key_(NULL), | 132 : key_(NULL), |
93 sign_context_(NULL) { | 133 sign_context_(NULL) { |
94 EnsureNSSInit(); | 134 EnsureNSSInit(); |
95 } | 135 } |
96 | 136 |
97 } // namespace crypto | 137 } // namespace crypto |
OLD | NEW |