1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/signature_verifier.h"
12 #include "base/logging.h"
13 #include "crypto/openssl_util.h"
14 #include "third_party/boringssl/src/include/openssl/bytestring.h"
15 #include "third_party/boringssl/src/include/openssl/digest.h"
16 #include "third_party/boringssl/src/include/openssl/evp.h"
17 #include "third_party/boringssl/src/include/openssl/rsa.h"
21 struct SignatureVerifier::VerifyContext {
22 bssl::ScopedEVP_MD_CTX ctx;
25 SignatureVerifier::SignatureVerifier() = default;
27 SignatureVerifier::~SignatureVerifier() = default;
29 bool SignatureVerifier::VerifyInit(SignatureAlgorithm signature_algorithm,
30 const uint8_t* signature,
32 const uint8_t* public_key_info,
33 size_t public_key_info_len) {
34 OpenSSLErrStackTracer err_tracer(FROM_HERE);
36 int pkey_type = EVP_PKEY_NONE;
37 const EVP_MD* digest = nullptr;
38 switch (signature_algorithm) {
40 pkey_type = EVP_PKEY_RSA;
43 case RSA_PKCS1_SHA256:
45 pkey_type = EVP_PKEY_RSA;
46 digest = EVP_sha256();
49 pkey_type = EVP_PKEY_EC;
50 digest = EVP_sha256();
53 DCHECK_NE(EVP_PKEY_NONE, pkey_type);
59 verify_context_.reset(new VerifyContext);
60 signature_.assign(signature, signature + signature_len);
63 CBS_init(&cbs, public_key_info, public_key_info_len);
64 bssl::UniquePtr<EVP_PKEY> public_key(EVP_parse_public_key(&cbs));
65 if (!public_key || CBS_len(&cbs) != 0 ||
66 EVP_PKEY_id(public_key.get()) != pkey_type) {
70 EVP_PKEY_CTX* pkey_ctx;
71 if (!EVP_DigestVerifyInit(verify_context_->ctx.get(), &pkey_ctx, digest,
72 nullptr, public_key.get())) {
76 if (signature_algorithm == RSA_PSS_SHA256) {
77 if (!EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) ||
78 !EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, digest) ||
79 !EVP_PKEY_CTX_set_rsa_pss_saltlen(
80 pkey_ctx, -1 /* match digest and salt length */)) {
88 void SignatureVerifier::VerifyUpdate(const uint8_t* data_part,
89 size_t data_part_len) {
90 DCHECK(verify_context_);
91 OpenSSLErrStackTracer err_tracer(FROM_HERE);
92 int rv = EVP_DigestVerifyUpdate(verify_context_->ctx.get(), data_part,
97 bool SignatureVerifier::VerifyFinal() {
98 DCHECK(verify_context_);
99 OpenSSLErrStackTracer err_tracer(FROM_HERE);
100 int rv = EVP_DigestVerifyFinal(verify_context_->ctx.get(), signature_.data(),
102 DCHECK_EQ(static_cast<int>(!!rv), rv);
107 void SignatureVerifier::Reset() {
108 verify_context_.reset();
112 } // namespace crypto