Generalize crypto::SignatureCreator to allow choice of hash function, so as to support SHA256 (not …

crypto/signature_creator_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "crypto/signature_creator.h"
 
 #include <openssl/evp.h>
 #include <openssl/rsa.h>
 
 #include "base/logging.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/stl_util.h"
 #include "crypto/openssl_util.h"
 #include "crypto/rsa_private_key.h"
 #include "crypto/scoped_openssl_types.h"
 
 namespace crypto {
 
+namespace {
+
+const EVP_MD* ToOpenSSLDigest(SignatureCreator::HashAlgorithm hash_alg) {
+  switch (hash_alg) {
+    case SignatureCreator::SHA1:
+      return EVP_sha1();
+    case SignatureCreator::SHA256:
+      return EVP_sha256();
+  }
+  return NULL;
+}
+
+int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) {
+  switch (hash_alg) {
+    case SignatureCreator::SHA1:
+      return NID_sha1;
+    case SignatureCreator::SHA256:
+      return NID_sha256;
+  }
+  return NID_undef;
+}
+
+}  // namespace
+
 // static
-SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) {
+SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key,
+                                           HashAlgorithm hash_alg) {
   OpenSSLErrStackTracer err_tracer(FROM_HERE);
   scoped_ptr<SignatureCreator> result(new SignatureCreator);
   result->key_ = key;
-  if (!EVP_SignInit_ex(result->sign_context_, EVP_sha1(), NULL))
+  const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
+  DCHECK(digest);
+  if (!digest) {
+    return NULL;
+  }
+  if (!EVP_SignInit_ex(result->sign_context_, digest, NULL))
     return NULL;
   return result.release();
 }
 
 // static
 bool SignatureCreator::Sign(RSAPrivateKey* key,
+                            HashAlgorithm hash_alg,
                             const uint8* data,
                             int data_len,
                             std::vector<uint8>* signature) {
   ScopedRSA rsa_key(EVP_PKEY_get1_RSA(key->key()));
   if (!rsa_key)
     return false;
   signature->resize(RSA_size(rsa_key.get()));
 
   unsigned int len = 0;
-  bool success = RSA_sign(NID_sha1, data, data_len, vector_as_array(signature),
-                          &len, rsa_key.get());
+  bool success = RSA_sign(ToOpenSSLDigestType(hash_alg), data, data_len,
+                          vector_as_array(signature), &len, rsa_key.get());
   if (!success) {
     signature->clear();
     return false;
   }
   signature->resize(len);
   return true;
 }
 
 SignatureCreator::SignatureCreator()
     : sign_context_(EVP_MD_CTX_create()) {
@@ skipping 17 matching lines @@
   int rv = EVP_SignFinal(sign_context_, vector_as_array(signature), &len, key);
   if (!rv) {
     signature->clear();
     return false;
   }
   signature->resize(len);
   return true;
 }
 
 }  // namespace crypto