Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / platform / external / chromium_org / ba1358b4f36b4f9ab67310ac2dc3eae207e4e8a5 / . / crypto / signature_verifier.h
blob: 93591d2a82dbb697030518e482b67f7ce1a4ed5c [file] [log] [blame]
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CRYPTO_SIGNATURE_VERIFIER_H_
6#define CRYPTO_SIGNATURE_VERIFIER_H_
7
8#include "build/build_config.h"
9
10#include <vector>
11
12#include "base/basictypes.h"
13#include "crypto/crypto_export.h"
14
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]15#if defined(USE_OPENSSL)
16typedef struct env_md_st EVP_MD;
17typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
18#else
19typedef struct HASHContextStr HASHContext;
20typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]21typedef struct VFYContextStr VFYContext;
22#endif
23
24namespace crypto {
25
26// The SignatureVerifier class verifies a signature using a bare public key
27// (as opposed to a certificate).
28class CRYPTO_EXPORT SignatureVerifier {
29 public:
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]30 // The set of supported hash functions. Extend as required.
31 enum HashAlgorithm {
32 SHA1,
33 SHA256,
34 };
35
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]36 SignatureVerifier();
37 ~SignatureVerifier();
38
39 // Streaming interface:
40
41 // Initiates a signature verification operation. This should be followed
42 // by one or more VerifyUpdate calls and a VerifyFinal call.
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]43 // NOTE: for RSA-PSS signatures, use VerifyInitRSAPSS instead.
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]44 //
45 // The signature algorithm is specified as a DER encoded ASN.1
46 // AlgorithmIdentifier structure:
47 // AlgorithmIdentifier ::= SEQUENCE {
48 // algorithm OBJECT IDENTIFIER,
49 // parameters ANY DEFINED BY algorithm OPTIONAL }
50 //
51 // The signature is encoded according to the signature algorithm, but it
52 // must not be further encoded in an ASN.1 BIT STRING.
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]53 // Note: An RSA signature is actually a big integer. It must be in
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]54 // big-endian byte order.
55 //
56 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
57 // structure, which contains not only the public key but also its type
58 // (algorithm):
59 // SubjectPublicKeyInfo ::= SEQUENCE {
60 // algorithm AlgorithmIdentifier,
61 // subjectPublicKey BIT STRING }
62 bool VerifyInit(const uint8* signature_algorithm,
63 int signature_algorithm_len,
64 const uint8* signature,
65 int signature_len,
66 const uint8* public_key_info,
67 int public_key_info_len);
68
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]69 // Initiates a RSA-PSS signature verification operation. This should be
70 // followed by one or more VerifyUpdate calls and a VerifyFinal call.
71 //
72 // The RSA-PSS signature algorithm parameters are specified with the
73 // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments.
74 //
75 // An RSA-PSS signature is a nonnegative integer encoded as a byte string
76 // (of the same length as the RSA modulus) in big-endian byte order. It
77 // must not be further encoded in an ASN.1 BIT STRING.
78 //
79 // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
80 // structure, which contains not only the public key but also its type
81 // (algorithm):
82 // SubjectPublicKeyInfo ::= SEQUENCE {
83 // algorithm AlgorithmIdentifier,
84 // subjectPublicKey BIT STRING }
85 bool VerifyInitRSAPSS(HashAlgorithm hash_alg,
86 HashAlgorithm mask_hash_alg,
87 int salt_len,
88 const uint8* signature,
89 int signature_len,
90 const uint8* public_key_info,
91 int public_key_info_len);
92
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]93 // Feeds a piece of the data to the signature verifier.
94 void VerifyUpdate(const uint8* data_part, int data_part_len);
95
96 // Concludes a signature verification operation. Returns true if the
97 // signature is valid. Returns false if the signature is invalid or an
98 // error occurred.
99 bool VerifyFinal();
100
101 // Note: we can provide a one-shot interface if there is interest:
102 // bool Verify(const uint8* data,
103 // int data_len,
104 // const uint8* signature_algorithm,
105 // int signature_algorithm_len,
106 // const uint8* signature,
107 // int signature_len,
108 // const uint8* public_key_info,
109 // int public_key_info_len);
110
111 private:
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]112#if defined(USE_OPENSSL)
113 bool CommonInit(const EVP_MD* digest,
114 const uint8* signature,
115 int signature_len,
116 const uint8* public_key_info,
117 int public_key_info_len,
118 EVP_PKEY_CTX** pkey_ctx);
119#else
120 static SECKEYPublicKey* DecodePublicKeyInfo(const uint8* public_key_info,
121 int public_key_info_len);
122#endif
123
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]124 void Reset();
125
126 std::vector<uint8> signature_;
127
128#if defined(USE_OPENSSL)
129 struct VerifyContext;
130 VerifyContext* verify_context_;
131#else
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]132 // Used for all signature types except RSA-PSS.
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]133 VFYContext* vfy_context_;
Ben Murdocheb525c52013-07-10 11:40:50 +0100[diff] [blame]134
135 // Used for RSA-PSS signatures.
136 HashAlgorithm hash_alg_;
137 HashAlgorithm mask_hash_alg_;
138 unsigned int salt_len_;
139 SECKEYPublicKey* public_key_;
140 HASHContext* hash_context_;
Torne (Richard Coles)58218062012-11-14 11:43:16 +0000[diff] [blame]141#endif
142};
143
144} // namespace crypto
145
146#endif // CRYPTO_SIGNATURE_VERIFIER_H_