1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "crypto/ec_signature_creator_impl.h"
7 #include <openssl/bn.h>
8 #include <openssl/ec.h>
9 #include <openssl/ecdsa.h>
10 #include <openssl/evp.h>
11 #include <openssl/sha.h>
13 #include "base/logging.h"
14 #include "crypto/ec_private_key.h"
15 #include "crypto/openssl_util.h"
19 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey
* key
)
20 : key_(key
), signature_len_(0) {
24 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {}
26 bool ECSignatureCreatorImpl::Sign(const uint8
* data
,
28 std::vector
<uint8
>* signature
) {
29 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
30 ScopedOpenSSL
<EVP_MD_CTX
, EVP_MD_CTX_destroy
> ctx(EVP_MD_CTX_create());
33 !EVP_DigestSignInit(ctx
.get(), NULL
, EVP_sha256(), NULL
, key_
->key()) ||
34 !EVP_DigestSignUpdate(ctx
.get(), data
, data_len
) ||
35 !EVP_DigestSignFinal(ctx
.get(), NULL
, &sig_len
)) {
39 signature
->resize(sig_len
);
40 if (!EVP_DigestSignFinal(ctx
.get(), &signature
->front(), &sig_len
))
43 // NOTE: A call to EVP_DigestSignFinal() with a NULL second parameter returns
44 // a maximum allocation size, while the call without a NULL returns the real
45 // one, which may be smaller.
46 signature
->resize(sig_len
);
50 bool ECSignatureCreatorImpl::DecodeSignature(const std::vector
<uint8
>& der_sig
,
51 std::vector
<uint8
>* out_raw_sig
) {
52 OpenSSLErrStackTracer
err_tracer(FROM_HERE
);
53 // Create ECDSA_SIG object from DER-encoded data.
54 const unsigned char* der_data
= &der_sig
.front();
55 ScopedOpenSSL
<ECDSA_SIG
, ECDSA_SIG_free
> ecdsa_sig(
56 d2i_ECDSA_SIG(NULL
, &der_data
, static_cast<long>(der_sig
.size())));
60 // The result is made of two 32-byte vectors.
61 const size_t kMaxBytesPerBN
= 32;
62 std::vector
<uint8
> result
;
63 result
.resize(2 * kMaxBytesPerBN
);
64 memset(&result
[0], 0, result
.size());
66 BIGNUM
* r
= ecdsa_sig
.get()->r
;
67 BIGNUM
* s
= ecdsa_sig
.get()->s
;
68 int r_bytes
= BN_num_bytes(r
);
69 int s_bytes
= BN_num_bytes(s
);
70 // NOTE: Can't really check for equality here since sometimes the value
71 // returned by BN_num_bytes() will be slightly smaller than kMaxBytesPerBN.
72 if (r_bytes
> static_cast<int>(kMaxBytesPerBN
) ||
73 s_bytes
> static_cast<int>(kMaxBytesPerBN
)) {
74 DLOG(ERROR
) << "Invalid key sizes r(" << r_bytes
<< ") s(" << s_bytes
78 BN_bn2bin(ecdsa_sig
.get()->r
, &result
[kMaxBytesPerBN
- r_bytes
]);
79 BN_bn2bin(ecdsa_sig
.get()->s
, &result
[2 * kMaxBytesPerBN
- s_bytes
]);
80 out_raw_sig
->swap(result
);