crypto/ec_signature_creator.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_
   6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_
   7
   8 #include <string>
   9 #include <vector>
  10
  11 #include "base/basictypes.h"
  12 #include "crypto/crypto_export.h"
  13
  14 namespace crypto {
  15
  16 class ECPrivateKey;
  17 class ECSignatureCreator;
  18
  19 class CRYPTO_EXPORT ECSignatureCreatorFactory {
  20  public:
  21   virtual ~ECSignatureCreatorFactory() {}
  22
  23   virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0;
  24 };
  25
  26 // Signs data using a bare private key (as opposed to a full certificate).
  27 // We need this class because SignatureCreator is hardcoded to use
  28 // RSAPrivateKey.
  29 class CRYPTO_EXPORT ECSignatureCreator {
  30  public:
  31   virtual ~ECSignatureCreator() {}
  32
  33   // Create an instance. The caller must ensure that the provided PrivateKey
  34   // instance outlives the created ECSignatureCreator.
  35   // TODO(rch):  This is currently hard coded to use SHA256. Ideally, we should
  36   // pass in the hash algorithm identifier.
  37   static ECSignatureCreator* Create(ECPrivateKey* key);
  38
  39   // Set a factory to make the Create function return non-standard
  40   // ECSignatureCreator objects.  Because the ECDSA algorithm involves
  41   // randomness, this is useful for higher-level tests that want to have
  42   // deterministic mocked output to compare.
  43   static void SetFactoryForTesting(ECSignatureCreatorFactory* factory);
  44
  45   // Signs |data_len| bytes from |data| and writes the results into
  46   // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279.
  47   //
  48   //  ECDSA-Sig-Value ::= SEQUENCE {
  49   //    r     INTEGER,
  50   //    s     INTEGER }
  51   virtual bool Sign(const uint8* data,
  52                     int data_len,
  53                     std::vector<uint8>* signature) = 0;
  54
  55   // DecodeSignature converts from a DER encoded ECDSA-Sig-Value (as produced
  56   // by Sign) to a `raw' ECDSA signature which consists of a pair of
  57   // big-endian, zero-padded, 256-bit integers, r and s. On success it returns
  58   // true and puts the raw signature into |out_raw_sig|.
  59   // (Only P-256 signatures are supported.)
  60   virtual bool DecodeSignature(const std::vector<uint8>& signature,
  61                                std::vector<uint8>* out_raw_sig) = 0;
  62 };
  63
  64 }  // namespace crypto
  65
  66 #endif  // CRYPTO_EC_SIGNATURE_CREATOR_H_