| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "crypto/signature_creator.h" | 5 #include "crypto/signature_creator.h" |
| 6 | 6 |
| 7 #include <cryptohi.h> | 7 #include <cryptohi.h> |
| 8 #include <keyhi.h> | 8 #include <keyhi.h> |
| 9 #include <stdlib.h> | 9 #include <stdlib.h> |
| 10 | 10 |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/memory/scoped_ptr.h" | 12 #include "base/memory/scoped_ptr.h" |
| 13 #include "crypto/nss_util.h" | 13 #include "crypto/nss_util.h" |
| 14 #include "crypto/rsa_private_key.h" | 14 #include "crypto/rsa_private_key.h" |
| 15 | 15 |
| 16 namespace crypto { | 16 namespace crypto { |
| 17 | 17 |
| 18 namespace { |
| 19 |
| 20 SECOidTag ToNSSSigOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 21 switch (hash_alg) { |
| 22 case SignatureCreator::SHA1: |
| 23 return SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; |
| 24 case SignatureCreator::SHA256: |
| 25 return SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; |
| 26 } |
| 27 return SEC_OID_UNKNOWN; |
| 28 } |
| 29 |
| 30 SECOidTag ToNSSHashOid(SignatureCreator::HashAlgorithm hash_alg) { |
| 31 switch (hash_alg) { |
| 32 case SignatureCreator::SHA1: |
| 33 return SEC_OID_SHA1; |
| 34 case SignatureCreator::SHA256: |
| 35 return SEC_OID_SHA256; |
| 36 } |
| 37 return SEC_OID_UNKNOWN; |
| 38 } |
| 39 |
| 40 } // namespace |
| 41 |
| 18 SignatureCreator::~SignatureCreator() { | 42 SignatureCreator::~SignatureCreator() { |
| 19 if (sign_context_) { | 43 if (sign_context_) { |
| 20 SGN_DestroyContext(sign_context_, PR_TRUE); | 44 SGN_DestroyContext(sign_context_, PR_TRUE); |
| 21 sign_context_ = NULL; | 45 sign_context_ = NULL; |
| 22 } | 46 } |
| 23 } | 47 } |
| 24 | 48 |
| 25 // static | 49 // static |
| 26 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) { | 50 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key, |
| 51 HashAlgorithm hash_alg) { |
| 27 scoped_ptr<SignatureCreator> result(new SignatureCreator); | 52 scoped_ptr<SignatureCreator> result(new SignatureCreator); |
| 28 result->key_ = key; | 53 result->key_ = key; |
| 29 | 54 |
| 30 result->sign_context_ = SGN_NewContext(SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION, | 55 result->sign_context_ = SGN_NewContext(ToNSSSigOid(hash_alg), key->key()); |
| 31 key->key()); | |
| 32 if (!result->sign_context_) { | 56 if (!result->sign_context_) { |
| 33 NOTREACHED(); | 57 NOTREACHED(); |
| 34 return NULL; | 58 return NULL; |
| 35 } | 59 } |
| 36 | 60 |
| 37 SECStatus rv = SGN_Begin(result->sign_context_); | 61 SECStatus rv = SGN_Begin(result->sign_context_); |
| 38 if (rv != SECSuccess) { | 62 if (rv != SECSuccess) { |
| 39 NOTREACHED(); | 63 NOTREACHED(); |
| 40 return NULL; | 64 return NULL; |
| 41 } | 65 } |
| 42 | 66 |
| 43 return result.release(); | 67 return result.release(); |
| 44 } | 68 } |
| 45 | 69 |
| 46 // static | 70 // static |
| 47 bool SignatureCreator::Sign(RSAPrivateKey* key, | 71 bool SignatureCreator::Sign(RSAPrivateKey* key, |
| 72 HashAlgorithm hash_alg, |
| 48 const uint8* data, | 73 const uint8* data, |
| 49 int data_len, | 74 int data_len, |
| 50 std::vector<uint8>* signature) { | 75 std::vector<uint8>* signature) { |
| 51 SECItem data_item; | 76 SECItem data_item; |
| 52 data_item.type = siBuffer; | 77 data_item.type = siBuffer; |
| 53 data_item.data = const_cast<unsigned char*>(data); | 78 data_item.data = const_cast<unsigned char*>(data); |
| 54 data_item.len = data_len; | 79 data_item.len = data_len; |
| 55 | 80 |
| 56 SECItem signature_item; | 81 SECItem signature_item; |
| 57 SECStatus rv = SGN_Digest(key->key(), SEC_OID_SHA1, &signature_item, | 82 SECStatus rv = SGN_Digest(key->key(), ToNSSHashOid(hash_alg), &signature_item, |
| 58 &data_item); | 83 &data_item); |
| 59 if (rv != SECSuccess) { | 84 if (rv != SECSuccess) { |
| 60 NOTREACHED(); | 85 NOTREACHED(); |
| 61 return false; | 86 return false; |
| 62 } | 87 } |
| 63 signature->assign(signature_item.data, | 88 signature->assign(signature_item.data, |
| 64 signature_item.data + signature_item.len); | 89 signature_item.data + signature_item.len); |
| 65 SECITEM_FreeItem(&signature_item, PR_FALSE); | 90 SECITEM_FreeItem(&signature_item, PR_FALSE); |
| 66 return true; | 91 return true; |
| 67 } | 92 } |
| (...skipping 20 matching lines...) Expand all Loading... |
| 88 return true; | 113 return true; |
| 89 } | 114 } |
| 90 | 115 |
| 91 SignatureCreator::SignatureCreator() | 116 SignatureCreator::SignatureCreator() |
| 92 : key_(NULL), | 117 : key_(NULL), |
| 93 sign_context_(NULL) { | 118 sign_context_(NULL) { |
| 94 EnsureNSSInit(); | 119 EnsureNSSInit(); |
| 95 } | 120 } |
| 96 | 121 |
| 97 } // namespace crypto | 122 } // namespace crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 560583002:
Generalize crypto::SignatureCreator to allow choice of hash function, so as to support SHA256 (not … (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master