Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1155)

Unified Diff: base/crypto/signature_verifier_nss.cc

Issue 6805019: Move crypto files out of base, to a top level directory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Fixes comments by eroman Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « base/crypto/signature_verifier_mac.cc ('k') | base/crypto/signature_verifier_openssl.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: base/crypto/signature_verifier_nss.cc
===================================================================
--- base/crypto/signature_verifier_nss.cc (revision 81350)
+++ base/crypto/signature_verifier_nss.cc (working copy)
@@ -1,113 +0,0 @@
-// Copyright (c) 2009 The Chromium Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style license that can be
-// found in the LICENSE file.
-
-#include "base/crypto/signature_verifier.h"
-
-#include <cryptohi.h>
-#include <keyhi.h>
-#include <stdlib.h>
-
-#include "base/logging.h"
-#include "base/nss_util.h"
-
-namespace base {
-
-SignatureVerifier::SignatureVerifier() : vfy_context_(NULL) {
- EnsureNSSInit();
-}
-
-SignatureVerifier::~SignatureVerifier() {
- Reset();
-}
-
-bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
- int signature_algorithm_len,
- const uint8* signature,
- int signature_len,
- const uint8* public_key_info,
- int public_key_info_len) {
- signature_.assign(signature, signature + signature_len);
-
- CERTSubjectPublicKeyInfo* spki = NULL;
- SECItem spki_der;
- spki_der.type = siBuffer;
- spki_der.data = const_cast<uint8*>(public_key_info);
- spki_der.len = public_key_info_len;
- spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_der);
- if (!spki)
- return false;
- SECKEYPublicKey* public_key = SECKEY_ExtractPublicKey(spki);
- SECKEY_DestroySubjectPublicKeyInfo(spki); // Done with spki.
- if (!public_key)
- return false;
-
- PLArenaPool* arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
- if (!arena) {
- SECKEY_DestroyPublicKey(public_key);
- return false;
- }
-
- SECItem sig_alg_der;
- sig_alg_der.type = siBuffer;
- sig_alg_der.data = const_cast<uint8*>(signature_algorithm);
- sig_alg_der.len = signature_algorithm_len;
- SECAlgorithmID sig_alg_id;
- SECStatus rv;
- rv = SEC_QuickDERDecodeItem(arena, &sig_alg_id, SECOID_AlgorithmIDTemplate,
- &sig_alg_der);
- if (rv != SECSuccess) {
- SECKEY_DestroyPublicKey(public_key);
- PORT_FreeArena(arena, PR_TRUE);
- return false;
- }
-
- SECItem sig;
- sig.type = siBuffer;
- sig.data = const_cast<uint8*>(signature);
- sig.len = signature_len;
- SECOidTag hash_alg_tag;
- vfy_context_ = VFY_CreateContextWithAlgorithmID(public_key, &sig,
- &sig_alg_id, &hash_alg_tag,
- NULL);
- SECKEY_DestroyPublicKey(public_key); // Done with public_key.
- PORT_FreeArena(arena, PR_TRUE); // Done with sig_alg_id.
- if (!vfy_context_) {
- // A corrupted RSA signature could be detected without the data, so
- // VFY_CreateContextWithAlgorithmID may fail with SEC_ERROR_BAD_SIGNATURE
- // (-8182).
- return false;
- }
-
- rv = VFY_Begin(vfy_context_);
- if (rv != SECSuccess) {
- NOTREACHED();
- return false;
- }
- return true;
-}
-
-void SignatureVerifier::VerifyUpdate(const uint8* data_part,
- int data_part_len) {
- SECStatus rv = VFY_Update(vfy_context_, data_part, data_part_len);
- DCHECK(rv == SECSuccess);
-}
-
-bool SignatureVerifier::VerifyFinal() {
- SECStatus rv = VFY_End(vfy_context_);
- Reset();
-
- // If signature verification fails, the error code is
- // SEC_ERROR_BAD_SIGNATURE (-8182).
- return (rv == SECSuccess);
-}
-
-void SignatureVerifier::Reset() {
- if (vfy_context_) {
- VFY_DestroyContext(vfy_context_, PR_TRUE);
- vfy_context_ = NULL;
- }
- signature_.clear();
-}
-
-} // namespace base
« no previous file with comments | « base/crypto/signature_verifier_mac.cc ('k') | base/crypto/signature_verifier_openssl.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698