crypto/signature_verifier_mac.cc

   1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/signature_verifier.h"
   6
   7 #include <stdlib.h>
   8
   9 #include "base/logging.h"
  10 #include "crypto/cssm_init.h"
  11
  12 namespace crypto {
  13
  14 SignatureVerifier::SignatureVerifier() : sig_handle_(0) {
  15   memset(&public_key_, 0, sizeof(public_key_));
  16   EnsureCSSMInit();
  17 }
  18
  19 SignatureVerifier::~SignatureVerifier() {
  20   Reset();
  21 }
  22
  23 bool SignatureVerifier::VerifyInit(const uint8* signature_algorithm,
  24                                    int signature_algorithm_len,
  25                                    const uint8* signature,
  26                                    int signature_len,
  27                                    const uint8* public_key_info,
  28                                    int public_key_info_len) {
  29   signature_.assign(signature, signature + signature_len);
  30   public_key_info_.assign(public_key_info,
  31                           public_key_info + public_key_info_len);
  32
  33   CSSM_ALGORITHMS key_alg = CSSM_ALGID_RSA;  // TODO(wtc): hardcoded.
  34
  35   memset(&public_key_, 0, sizeof(public_key_));
  36   public_key_.KeyData.Data = const_cast<uint8*>(&public_key_info_[0]);
  37   public_key_.KeyData.Length = public_key_info_.size();
  38   public_key_.KeyHeader.HeaderVersion = CSSM_KEYHEADER_VERSION;
  39   public_key_.KeyHeader.BlobType = CSSM_KEYBLOB_RAW;
  40   public_key_.KeyHeader.Format = CSSM_KEYBLOB_RAW_FORMAT_X509;
  41   public_key_.KeyHeader.AlgorithmId = key_alg;
  42   public_key_.KeyHeader.KeyClass = CSSM_KEYCLASS_PUBLIC_KEY;
  43   public_key_.KeyHeader.KeyAttr = CSSM_KEYATTR_EXTRACTABLE;
  44   public_key_.KeyHeader.KeyUsage = CSSM_KEYUSE_VERIFY;
  45   CSSM_KEY_SIZE key_size;
  46   CSSM_RETURN crtn;
  47   crtn = CSSM_QueryKeySizeInBits(GetSharedCSPHandle(), NULL,
  48                                  &public_key_, &key_size);
  49   if (crtn) {
  50     NOTREACHED() << "CSSM_QueryKeySizeInBits failed: " << crtn;
  51     return false;
  52   }
  53   public_key_.KeyHeader.LogicalKeySizeInBits = key_size.LogicalKeySizeInBits;
  54
  55   // TODO(wtc): decode signature_algorithm...
  56   CSSM_ALGORITHMS sig_alg = CSSM_ALGID_SHA1WithRSA;
  57
  58   crtn = CSSM_CSP_CreateSignatureContext(GetSharedCSPHandle(), sig_alg, NULL,
  59                                          &public_key_, &sig_handle_);
  60   if (crtn) {
  61     NOTREACHED();
  62     return false;
  63   }
  64   crtn = CSSM_VerifyDataInit(sig_handle_);
  65   if (crtn) {
  66     NOTREACHED();
  67     return false;
  68   }
  69   return true;
  70 }
  71
  72 void SignatureVerifier::VerifyUpdate(const uint8* data_part,
  73                                      int data_part_len) {
  74   CSSM_DATA data;
  75   data.Data = const_cast<uint8*>(data_part);
  76   data.Length = data_part_len;
  77   CSSM_RETURN crtn = CSSM_VerifyDataUpdate(sig_handle_, &data, 1);
  78   DCHECK_EQ(CSSM_OK, crtn);
  79 }
  80
  81 bool SignatureVerifier::VerifyFinal() {
  82   CSSM_DATA sig;
  83   sig.Data = const_cast<uint8*>(&signature_[0]);
  84   sig.Length = signature_.size();
  85   CSSM_RETURN crtn = CSSM_VerifyDataFinal(sig_handle_, &sig);
  86   Reset();
  87
  88   // crtn is CSSMERR_CSP_VERIFY_FAILED if signature verification fails.
  89   return (crtn == CSSM_OK);
  90 }
  91
  92 void SignatureVerifier::Reset() {
  93   CSSM_RETURN crtn;
  94   if (sig_handle_) {
  95     crtn = CSSM_DeleteContext(sig_handle_);
  96     DCHECK_EQ(CSSM_OK, crtn);
  97     sig_handle_ = 0;
  98   }
  99   signature_.clear();
 100
 101   // Can't call CSSM_FreeKey on public_key_ because we constructed
 102   // public_key_ manually.
 103 }
 104
 105 }  // namespace crypto
 106