Home | History | Annotate | Download | only in crypto 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "crypto/ec_signature_creator_impl.h"
      6 
      7 #include <openssl/bn.h>
      8 #include <openssl/ec.h>
      9 #include <openssl/ecdsa.h>
     10 #include <openssl/evp.h>
     11 #include <openssl/sha.h>
     12 
     13 #include "base/logging.h"
     14 #include "crypto/ec_private_key.h"
     15 #include "crypto/openssl_util.h"
     16 #include "crypto/scoped_openssl_types.h"
     17 
     18 namespace crypto {
     19 
     20 namespace {
     21 
     22 typedef ScopedOpenSSL<ECDSA_SIG, ECDSA_SIG_free>::Type ScopedECDSA_SIG;
     23 
     24 }  // namespace
     25 
     26 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key)
     27     : key_(key), signature_len_(0) {
     28   EnsureOpenSSLInit();
     29 }
     30 
     31 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() {}
     32 
     33 bool ECSignatureCreatorImpl::Sign(const uint8* data,
     34                                   int data_len,
     35                                   std::vector<uint8>* signature) {
     36   OpenSSLErrStackTracer err_tracer(FROM_HERE);
     37   ScopedEVP_MD_CTX ctx(EVP_MD_CTX_create());
     38   size_t sig_len = 0;
     39   if (!ctx.get() ||
     40       !EVP_DigestSignInit(ctx.get(), NULL, EVP_sha256(), NULL, key_->key()) ||
     41       !EVP_DigestSignUpdate(ctx.get(), data, data_len) ||
     42       !EVP_DigestSignFinal(ctx.get(), NULL, &sig_len)) {
     43     return false;
     44   }
     45 
     46   signature->resize(sig_len);
     47   if (!EVP_DigestSignFinal(ctx.get(), &signature->front(), &sig_len))
     48     return false;
     49 
     50   // NOTE: A call to EVP_DigestSignFinal() with a NULL second parameter returns
     51   // a maximum allocation size, while the call without a NULL returns the real
     52   // one, which may be smaller.
     53   signature->resize(sig_len);
     54   return true;
     55 }
     56 
     57 bool ECSignatureCreatorImpl::DecodeSignature(const std::vector<uint8>& der_sig,
     58                                              std::vector<uint8>* out_raw_sig) {
     59   OpenSSLErrStackTracer err_tracer(FROM_HERE);
     60   // Create ECDSA_SIG object from DER-encoded data.
     61   const unsigned char* der_data = &der_sig.front();
     62   ScopedECDSA_SIG ecdsa_sig(
     63       d2i_ECDSA_SIG(NULL, &der_data, static_cast<long>(der_sig.size())));
     64   if (!ecdsa_sig.get())
     65     return false;
     66 
     67   // The result is made of two 32-byte vectors.
     68   const size_t kMaxBytesPerBN = 32;
     69   std::vector<uint8> result;
     70   result.resize(2 * kMaxBytesPerBN);
     71   memset(&result[0], 0, result.size());
     72 
     73   BIGNUM* r = ecdsa_sig.get()->r;
     74   BIGNUM* s = ecdsa_sig.get()->s;
     75   int r_bytes = BN_num_bytes(r);
     76   int s_bytes = BN_num_bytes(s);
     77   // NOTE: Can't really check for equality here since sometimes the value
     78   // returned by BN_num_bytes() will be slightly smaller than kMaxBytesPerBN.
     79   if (r_bytes > static_cast<int>(kMaxBytesPerBN) ||
     80       s_bytes > static_cast<int>(kMaxBytesPerBN)) {
     81     DLOG(ERROR) << "Invalid key sizes r(" << r_bytes << ") s(" << s_bytes
     82                 << ")";
     83     return false;
     84   }
     85   BN_bn2bin(ecdsa_sig.get()->r, &result[kMaxBytesPerBN - r_bytes]);
     86   BN_bn2bin(ecdsa_sig.get()->s, &result[2 * kMaxBytesPerBN - s_bytes]);
     87   out_raw_sig->swap(result);
     88   return true;
     89 }
     90 
     91 }  // namespace crypto
     92