Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(960)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: base/crypto/signature_verifier_mac.cc

Issue 63089: Implement the signature verification API. (Closed) Base URL: svn://chrome-svn/chrome/trunk/src/
Patch Set: Upload before checkin Created 11 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « base/crypto/signature_verifier.h ('k') | base/crypto/signature_verifier_nss.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "base/crypto/signature_verifier.h"
6
7 #include <stdlib.h>
8
9 #include "base/crypto/cssm_init.h"
10 #include "base/logging.h"
11
12 namespace {
13
14 void* AppMalloc(CSSM_SIZE size, void *alloc_ref) {
15 return malloc(size);
16 }
17
18 void AppFree(void* mem_ptr, void* alloc_ref) {
19 free(mem_ptr);
20 }
21
22 void* AppRealloc(void* ptr, CSSM_SIZE size, void* alloc_ref) {
23 return realloc(ptr, size);
24 }
25
26 void* AppCalloc(uint32 num, CSSM_SIZE size, void* alloc_ref) {
27 return calloc(num, size);
28 }
29
30 const CSSM_API_MEMORY_FUNCS mem_funcs = {
31 AppMalloc,
32 AppFree,
33 AppRealloc,
34 AppCalloc,
35 NULL
36 };
37
38 } // namespace
39
40 namespace base {
41
42 SignatureVerifier::SignatureVerifier() : csp_handle_(0), sig_handle_(0) {
43 EnsureCSSMInit();
44
45 static CSSM_VERSION version = {2, 0};
46 CSSM_RETURN crtn;
47 crtn = CSSM_ModuleAttach(&gGuidAppleCSP, &version, &mem_funcs, 0,
48 CSSM_SERVICE_CSP, 0, CSSM_KEY_HIERARCHY_NONE,
49 NULL, 0, NULL, &csp_handle_);
50 DCHECK(crtn == CSSM_OK);
51 }
52
53 SignatureVerifier::~SignatureVerifier() {
54 Reset();
55 if (csp_handle_) {
56 CSSM_RETURN crtn = CSSM_ModuleDetach(csp_handle_);
57 DCHECK(crtn == CSSM_OK);
58 }
59 }
60
61 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
62 int signature_algorithm_len,
63 const uint8* signature,
64 int signature_len,
65 const uint8* public_key_info,
66 int public_key_info_len) {
67 signature_.assign(signature, signature + signature_len);
68 public_key_info_.assign(public_key_info,
69 public_key_info + public_key_info_len);
70
71 CSSM_ALGORITHMS key_alg = CSSM_ALGID_RSA; // TODO(wtc): hardcoded.
72
73 memset(&public_key_, 0, sizeof(public_key_));
74 public_key_.KeyData.Data = const_cast<uint8*>(&public_key_info_[0]);
75 public_key_.KeyData.Length = public_key_info_.size();
76 public_key_.KeyHeader.HeaderVersion = CSSM_KEYHEADER_VERSION;
77 public_key_.KeyHeader.BlobType = CSSM_KEYBLOB_RAW;
78 public_key_.KeyHeader.Format = CSSM_KEYBLOB_RAW_FORMAT_X509;
79 public_key_.KeyHeader.AlgorithmId = key_alg;
80 public_key_.KeyHeader.KeyClass = CSSM_KEYCLASS_PUBLIC_KEY;
81 public_key_.KeyHeader.KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
82 public_key_.KeyHeader.KeyUsage = CSSM_KEYUSE_VERIFY;
83 CSSM_KEY_SIZE key_size;
84 CSSM_RETURN crtn;
85 crtn = CSSM_QueryKeySizeInBits(csp_handle_, NULL, &public_key_, &key_size);
86 if (crtn) {
87 NOTREACHED() << "CSSM_QueryKeySizeInBits failed: " << crtn;
88 return false;
89 }
90 public_key_.KeyHeader.LogicalKeySizeInBits = key_size.LogicalKeySizeInBits;
91
92 // TODO(wtc): decode signature_algorithm...
93 CSSM_ALGORITHMS sig_alg = CSSM_ALGID_SHA1WithRSA;
94
95 crtn = CSSM_CSP_CreateSignatureContext(csp_handle_, sig_alg, NULL,
96 &public_key_, &sig_handle_);
97 if (crtn) {
98 NOTREACHED();
99 return false;
100 }
101 crtn = CSSM_VerifyDataInit(sig_handle_);
102 if (crtn) {
103 NOTREACHED();
104 return false;
105 }
106 return true;
107 }
108
109 void SignatureVerifier::VerifyUpdate(const uint8* data_part,
110 int data_part_len) {
111 CSSM_DATA data;
112 data.Data = const_cast<uint8*>(data_part);
113 data.Length = data_part_len;
114 CSSM_RETURN crtn = CSSM_VerifyDataUpdate(sig_handle_, &data, 1);
115 DCHECK(crtn == CSSM_OK);
116 }
117
118 bool SignatureVerifier::VerifyFinal() {
119 CSSM_DATA sig;
120 sig.Data = const_cast<uint8*>(&signature_[0]);
121 sig.Length = signature_.size();
122 CSSM_RETURN crtn = CSSM_VerifyDataFinal(sig_handle_, &sig);
123 Reset();
124
125 // crtn is CSSMERR_CSP_VERIFY_FAILED if signature verification fails.
126 return (crtn == CSSM_OK);
127 }
128
129 void SignatureVerifier::Reset() {
130 CSSM_RETURN crtn;
131 if (sig_handle_) {
132 crtn = CSSM_DeleteContext(sig_handle_);
133 DCHECK(crtn == CSSM_OK);
134 sig_handle_ = 0;
135 }
136 signature_.clear();
137
138 // Can't call CSSM_FreeKey on public_key_ because we constructed
139 // public_key_ manually.
140 }
141
142 } // namespace base
143
OLDNEW
« no previous file with comments | « base/crypto/signature_verifier.h ('k') | base/crypto/signature_verifier_nss.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698