crypto/signature_creator.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/signature_creator.h"
   6
   7 #include <stddef.h>
   8 #include <stdint.h>
   9
  10 #include "base/logging.h"
  11 #include "crypto/openssl_util.h"
  12 #include "crypto/rsa_private_key.h"
  13 #include "third_party/boringssl/src/include/openssl/evp.h"
  14 #include "third_party/boringssl/src/include/openssl/rsa.h"
  15
  16 namespace crypto {
  17
  18 namespace {
  19
  20 const EVP_MD* ToOpenSSLDigest(SignatureCreator::HashAlgorithm hash_alg) {
  21   switch (hash_alg) {
  22     case SignatureCreator::SHA1:
  23       return EVP_sha1();
  24     case SignatureCreator::SHA256:
  25       return EVP_sha256();
  26   }
  27   return nullptr;
  28 }
  29
  30 int ToOpenSSLDigestType(SignatureCreator::HashAlgorithm hash_alg) {
  31   switch (hash_alg) {
  32     case SignatureCreator::SHA1:
  33       return NID_sha1;
  34     case SignatureCreator::SHA256:
  35       return NID_sha256;
  36   }
  37   return NID_undef;
  38 }
  39
  40 }  // namespace
  41
  42 SignatureCreator::~SignatureCreator() {
  43   EVP_MD_CTX_destroy(sign_context_);
  44 }
  45
  46 // static
  47 std::unique_ptr<SignatureCreator> SignatureCreator::Create(
  48     RSAPrivateKey* key,
  49     HashAlgorithm hash_alg) {
  50   OpenSSLErrStackTracer err_tracer(FROM_HERE);
  51   std::unique_ptr<SignatureCreator> result(new SignatureCreator);
  52   const EVP_MD* const digest = ToOpenSSLDigest(hash_alg);
  53   DCHECK(digest);
  54   if (!digest) {
  55     return nullptr;
  56   }
  57   if (!EVP_DigestSignInit(result->sign_context_, nullptr, digest, nullptr,
  58                           key->key())) {
  59     return nullptr;
  60   }
  61   return result;
  62 }
  63
  64 // static
  65 bool SignatureCreator::Sign(RSAPrivateKey* key,
  66                             HashAlgorithm hash_alg,
  67                             const uint8_t* data,
  68                             int data_len,
  69                             std::vector<uint8_t>* signature) {
  70   bssl::UniquePtr<RSA> rsa_key(EVP_PKEY_get1_RSA(key->key()));
  71   if (!rsa_key)
  72     return false;
  73   signature->resize(RSA_size(rsa_key.get()));
  74
  75   unsigned int len = 0;
  76   if (!RSA_sign(ToOpenSSLDigestType(hash_alg), data, data_len,
  77                 signature->data(), &len, rsa_key.get())) {
  78     signature->clear();
  79     return false;
  80   }
  81   signature->resize(len);
  82   return true;
  83 }
  84
  85 bool SignatureCreator::Update(const uint8_t* data_part, int data_part_len) {
  86   OpenSSLErrStackTracer err_tracer(FROM_HERE);
  87   return !!EVP_DigestSignUpdate(sign_context_, data_part, data_part_len);
  88 }
  89
  90 bool SignatureCreator::Final(std::vector<uint8_t>* signature) {
  91   OpenSSLErrStackTracer err_tracer(FROM_HERE);
  92
  93   // Determine the maximum length of the signature.
  94   size_t len = 0;
  95   if (!EVP_DigestSignFinal(sign_context_, nullptr, &len)) {
  96     signature->clear();
  97     return false;
  98   }
  99   signature->resize(len);
 100
 101   // Sign it.
 102   if (!EVP_DigestSignFinal(sign_context_, signature->data(), &len)) {
 103     signature->clear();
 104     return false;
 105   }
 106   signature->resize(len);
 107   return true;
 108 }
 109
 110 SignatureCreator::SignatureCreator() : sign_context_(EVP_MD_CTX_create()) {}
 111
 112 }  // namespace crypto