[email protected] | 5ee44d4 | 2012-02-08 00:14:54 | [diff] [blame] | 1 | // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 2 | // Use of this source code is governed by a BSD-style license that can be |
| 3 | // found in the LICENSE file. |
| 4 | |
[email protected] | 4b559b4d | 2011-04-14 17:37:14 | [diff] [blame] | 5 | #include "crypto/signature_creator.h" |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 6 | |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 7 | #include <openssl/evp.h> |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 8 | #include <openssl/rsa.h> |
avi | dd373b8b | 2015-12-21 21:34:43 | [diff] [blame] | 9 | #include <stddef.h> |
| 10 | #include <stdint.h> |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 11 | |
thakis | d1a1847 | 2016-04-08 22:30:41 | [diff] [blame^] | 12 | #include <memory> |
| 13 | |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 14 | #include "base/logging.h" |
[email protected] | 4b559b4d | 2011-04-14 17:37:14 | [diff] [blame] | 15 | #include "crypto/openssl_util.h" |
[email protected] | 5ee44d4 | 2012-02-08 00:14:54 | [diff] [blame] | 16 | #include "crypto/rsa_private_key.h" |
[email protected] | 2741040 | 2014-07-14 21:01:52 | [diff] [blame] | 17 | #include "crypto/scoped_openssl_types.h" |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 18 | |
[email protected] | 4b559b4d | 2011-04-14 17:37:14 | [diff] [blame] | 19 | namespace crypto { |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 20 | |
dougsteed | 0cf460ec | 2014-09-19 18:46:09 | [diff] [blame] | 21 | namespace { |
| 22 | |
| 23 | const EVP_MD* ToOpenSSLDigest(SignatureCreator::HashAlgorithm hash_alg) { |
| 24 | switch (hash_alg) { |
| 25 | case SignatureCreator::SHA1: |
| 26 | return EVP_sha1(); |
| 27 | case SignatureCreator::SHA256: |
| 28 | return EVP_sha256(); |
| 29 | } |
| 30 | return NULL; |
| 31 | } |
| 32 | |
| 33 | int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) { |
| 34 | switch (hash_alg) { |
| 35 | case SignatureCreator::SHA1: |
| 36 | return NID_sha1; |
| 37 | case SignatureCreator::SHA256: |
| 38 | return NID_sha256; |
| 39 | } |
| 40 | return NID_undef; |
| 41 | } |
| 42 | |
| 43 | } // namespace |
| 44 | |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 45 | // static |
dougsteed | 0cf460ec | 2014-09-19 18:46:09 | [diff] [blame] | 46 | SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key, |
| 47 | HashAlgorithm hash_alg) { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 48 | OpenSSLErrStackTracer err_tracer(FROM_HERE); |
thakis | d1a1847 | 2016-04-08 22:30:41 | [diff] [blame^] | 49 | std::unique_ptr<SignatureCreator> result(new SignatureCreator); |
dougsteed | 0cf460ec | 2014-09-19 18:46:09 | [diff] [blame] | 50 | const EVP_MD* const digest = ToOpenSSLDigest(hash_alg); |
| 51 | DCHECK(digest); |
| 52 | if (!digest) { |
| 53 | return NULL; |
| 54 | } |
davidben | 183ce63 | 2015-01-21 14:21:36 | [diff] [blame] | 55 | if (!EVP_DigestSignInit(result->sign_context_, NULL, digest, NULL, |
| 56 | key->key())) { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 57 | return NULL; |
davidben | 183ce63 | 2015-01-21 14:21:36 | [diff] [blame] | 58 | } |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 59 | return result.release(); |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 60 | } |
| 61 | |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 62 | // static |
| 63 | bool SignatureCreator::Sign(RSAPrivateKey* key, |
dougsteed | 0cf460ec | 2014-09-19 18:46:09 | [diff] [blame] | 64 | HashAlgorithm hash_alg, |
avi | dd373b8b | 2015-12-21 21:34:43 | [diff] [blame] | 65 | const uint8_t* data, |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 66 | int data_len, |
avi | dd373b8b | 2015-12-21 21:34:43 | [diff] [blame] | 67 | std::vector<uint8_t>* signature) { |
[email protected] | 2741040 | 2014-07-14 21:01:52 | [diff] [blame] | 68 | ScopedRSA rsa_key(EVP_PKEY_get1_RSA(key->key())); |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 69 | if (!rsa_key) |
| 70 | return false; |
[email protected] | 2741040 | 2014-07-14 21:01:52 | [diff] [blame] | 71 | signature->resize(RSA_size(rsa_key.get())); |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 72 | |
| 73 | unsigned int len = 0; |
davidben | 50a133b5 | 2014-10-02 02:20:43 | [diff] [blame] | 74 | if (!RSA_sign(ToOpenSSLDigestType(hash_alg), data, data_len, |
davidben | 4507eaa | 2015-11-19 19:07:06 | [diff] [blame] | 75 | signature->data(), &len, rsa_key.get())) { |
[email protected] | ed31834b | 2013-07-09 08:32:40 | [diff] [blame] | 76 | signature->clear(); |
| 77 | return false; |
| 78 | } |
| 79 | signature->resize(len); |
| 80 | return true; |
| 81 | } |
| 82 | |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 83 | SignatureCreator::SignatureCreator() |
| 84 | : sign_context_(EVP_MD_CTX_create()) { |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 85 | } |
| 86 | |
| 87 | SignatureCreator::~SignatureCreator() { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 88 | EVP_MD_CTX_destroy(sign_context_); |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 89 | } |
| 90 | |
avi | dd373b8b | 2015-12-21 21:34:43 | [diff] [blame] | 91 | bool SignatureCreator::Update(const uint8_t* data_part, int data_part_len) { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 92 | OpenSSLErrStackTracer err_tracer(FROM_HERE); |
davidben | 183ce63 | 2015-01-21 14:21:36 | [diff] [blame] | 93 | return !!EVP_DigestSignUpdate(sign_context_, data_part, data_part_len); |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 94 | } |
| 95 | |
avi | dd373b8b | 2015-12-21 21:34:43 | [diff] [blame] | 96 | bool SignatureCreator::Final(std::vector<uint8_t>* signature) { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 97 | OpenSSLErrStackTracer err_tracer(FROM_HERE); |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 98 | |
davidben | 183ce63 | 2015-01-21 14:21:36 | [diff] [blame] | 99 | // Determine the maximum length of the signature. |
| 100 | size_t len = 0; |
| 101 | if (!EVP_DigestSignFinal(sign_context_, NULL, &len)) { |
| 102 | signature->clear(); |
| 103 | return false; |
| 104 | } |
| 105 | signature->resize(len); |
| 106 | |
| 107 | // Sign it. |
davidben | 4507eaa | 2015-11-19 19:07:06 | [diff] [blame] | 108 | if (!EVP_DigestSignFinal(sign_context_, signature->data(), &len)) { |
[email protected] | be796bb | 2010-11-18 15:43:43 | [diff] [blame] | 109 | signature->clear(); |
| 110 | return false; |
| 111 | } |
| 112 | signature->resize(len); |
| 113 | return true; |
[email protected] | 70372d4 | 2010-10-22 13:12:34 | [diff] [blame] | 114 | } |
| 115 | |
[email protected] | 4b559b4d | 2011-04-14 17:37:14 | [diff] [blame] | 116 | } // namespace crypto |