Introduce SignatureCreator.

Review URL: http://codereview.chromium.org/118277

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@17745 0039d316-1c4b-4281-b951-d872f2087c98

6 files changed, 718 insertions, 0 deletions

diff --git a/base/crypto/rsa_private_key.h b/base/crypto/rsa_private_key.h
new file mode 100644
index 0000000..21aa601
--- /dev/null
+++ b/base/crypto/rsa_private_key.h
@@ -0,0 +1,66 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BASE_CRYPTO_RSA_PRIVATE_KEY_H_
+#define BASE_CRYPTO_RSA_PRIVATE_KEY_H_
+
+#include "build/build_config.h"
+
+#if defined(OS_WIN)
+#include <windows.h>
+#include <wincrypt.h>
+#else
+// TODO(port)
+#endif
+
+#include <vector>
+
+#include "base/basictypes.h"
+
+namespace base {
+
+// Encapsulates an RSA private key. Can be used to generate new keys, export
+// keys to other formats, or to extract a public key.
+class RSAPrivateKey {
+ public:
+  // Create a new random instance. Can return NULL if initialization fails.
+  static RSAPrivateKey* Create(uint16 num_bits);
+
+  // Create a new instance by importing an existing private key. The format is
+  // an ASN.1-encoded PrivateKeyInfo block from PKCS #8. This can return NULL if
+  // initialization fails.
+  static RSAPrivateKey* CreateFromPrivateKeyInfo(
+      const std::vector<uint8>& input);
+
+  ~RSAPrivateKey();
+
+#if defined(OS_WIN)
+  HCRYPTPROV provider() { return provider_; }
+  HCRYPTKEY key() { return key_; }
+#endif
+
+  // Exports the private key to a PKCS #1 PrivateKey block.
+  bool ExportPrivateKey(std::vector<uint8>* output);
+
+  // Exports the public key to an X509 SubjectPublicKeyInfo block.
+  bool ExportPublicKey(std::vector<uint8>* output);
+
+private:
+  // Constructor is private. Use Create() or CreateFromPrivateKeyInfo()
+  // instead.
+  RSAPrivateKey();
+
+#if defined(OS_WIN)
+  bool InitProvider();
+
+  HCRYPTPROV provider_;
+  HCRYPTKEY key_;
+#endif
+
+  DISALLOW_COPY_AND_ASSIGN(RSAPrivateKey);
+};
+
+}  // namespace base
+
+#endif  // BASE_CRYPTO_RSA_PRIVATE_KEY_H_
diff --git a/base/crypto/rsa_private_key_unittest.cc b/base/crypto/rsa_private_key_unittest.cc
new file mode 100644
index 0000000..e6f3475
--- /dev/null
+++ b/base/crypto/rsa_private_key_unittest.cc
@@ -0,0 +1,48 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/file_util.h"
+#include "base/crypto/rsa_private_key.h"
+#include "base/scoped_ptr.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+TEST(RSAPrivateKeyUnitTest, InitRandomTest) {
+  // Generate random private keys with two different sizes. Reimport, then
+  // export them again. We should get back the same exact bytes.
+  scoped_ptr<base::RSAPrivateKey> keypair1(base::RSAPrivateKey::Create(1024));
+  scoped_ptr<base::RSAPrivateKey> keypair2(base::RSAPrivateKey::Create(2048));
+  ASSERT_TRUE(keypair1.get());
+  ASSERT_TRUE(keypair2.get());
+
+  std::vector<uint8> privkey1;
+  std::vector<uint8> privkey2;
+  std::vector<uint8> pubkey1;
+  std::vector<uint8> pubkey2;
+
+  ASSERT_TRUE(keypair1->ExportPrivateKey(&privkey1));
+  ASSERT_TRUE(keypair2->ExportPrivateKey(&privkey2));
+  ASSERT_TRUE(keypair1->ExportPublicKey(&pubkey1));
+  ASSERT_TRUE(keypair2->ExportPublicKey(&pubkey2));
+
+  scoped_ptr<base::RSAPrivateKey> keypair3(
+      base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey1));
+  scoped_ptr<base::RSAPrivateKey> keypair4(
+      base::RSAPrivateKey::CreateFromPrivateKeyInfo(privkey2));
+  ASSERT_TRUE(keypair3.get());
+  ASSERT_TRUE(keypair4.get());
+
+  std::vector<uint8> privkey3;
+  std::vector<uint8> privkey4;
+  ASSERT_TRUE(keypair3->ExportPrivateKey(&privkey3));
+  ASSERT_TRUE(keypair4->ExportPrivateKey(&privkey4));
+
+  ASSERT_EQ(privkey1.size(), privkey3.size());
+  ASSERT_EQ(privkey2.size(), privkey4.size());
+  ASSERT_TRUE(0 == memcmp(&privkey1.front(), &privkey3.front(),
+                          privkey1.size()));
+  ASSERT_TRUE(0 == memcmp(&privkey2.front(), &privkey4.front(),
+                          privkey2.size()));
+}
+
+// TODO(aa): Consider importing some private keys from other software.
diff --git a/base/crypto/rsa_private_key_win.cc b/base/crypto/rsa_private_key_win.cc
new file mode 100644
index 0000000..e963f7f
--- /dev/null
+++ b/base/crypto/rsa_private_key_win.cc
@@ -0,0 +1,445 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/crypto/rsa_private_key.h"
+
+#include <list>
+
+#include "base/logging.h"
+#include "base/scoped_ptr.h"
+
+
+// This file manually encodes and decodes RSA private keys using PrivateKeyInfo
+// from PKCS #8 and RSAPrivateKey from PKCS #1. These structures are:
+//
+// PrivateKeyInfo ::= SEQUENCE {
+//   version Version,
+//   privateKeyAlgorithm PrivateKeyAlgorithmIdentifier,
+//   privateKey PrivateKey,
+//   attributes [0] IMPLICIT Attributes OPTIONAL
+// }
+//
+// RSAPrivateKey ::= SEQUENCE {
+//   version Version,
+//   modulus INTEGER,
+//   publicExponent INTEGER,
+//   privateExponent INTEGER,
+//   prime1 INTEGER,
+//   prime2 INTEGER,
+//   exponent1 INTEGER,
+//   exponent2 INTEGER,
+//   coefficient INTEGER
+// }
+
+
+namespace {
+
+// ASN.1 encoding of the AlgorithmIdentifier from PKCS #8.
+const uint8 kRsaAlgorithmIdentifier[] = {
+  0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01,
+  0x05, 0x00
+};
+
+// ASN.1 tags for some types we use.
+const uint8 kSequenceTag = 0x30;
+const uint8 kIntegerTag = 0x02;
+const uint8 kNullTag = 0x05;
+const uint8 kOctetStringTag = 0x04;
+
+// Helper function to prepend an array of bytes into a list, reversing their
+// order. This is needed because ASN.1 integers are big-endian, while CryptoAPI
+// uses little-endian.
+static void PrependBytesInReverseOrder(uint8* val, int num_bytes,
+                                       std::list<uint8>* data) {
+  for (int i = 0; i < num_bytes; ++i)
+    data->push_front(val[i]);
+}
+
+// Helper to prepend an ASN.1 length field.
+static void PrependLength(size_t size, std::list<uint8>* data) {
+  // The high bit is used to indicate whether additional octets are needed to
+  // represent the length.
+  if (size < 0x80) {
+    data->push_front(static_cast<uint8>(size));
+  } else {
+    uint8 num_bytes = 0;
+    while (size > 0) {
+      data->push_front(static_cast<uint8>(size & 0xFF));
+      size >>= 8;
+      num_bytes++;
+    }
+    CHECK(num_bytes <= 4);
+    data->push_front(0x80 | num_bytes);
+  }
+}
+
+// Helper to prepend an ASN.1 type header.
+static void PrependTypeHeaderAndLength(uint8 type, uint32 length,
+                                       std::list<uint8>* output) {
+  PrependLength(length, output);
+  output->push_front(type);
+}
+
+// Helper to prepend an ASN.1 integer.
+static void PrependInteger(uint8* val, int num_bytes, std::list<uint8>* data) {
+  // If the MSB is set, we need an extra null byte at the front.
+  bool needs_null_byte = !(val[num_bytes - 1] & 0x80);
+  int length = needs_null_byte ? num_bytes + 1 : num_bytes;
+
+  PrependBytesInReverseOrder(val, num_bytes, data);
+
+  // Add a null byte to force the integer to be positive if necessary.
+  if (needs_null_byte)
+    data->push_front(0x00);
+
+  PrependTypeHeaderAndLength(kIntegerTag, length, data);
+}
+
+// Helper for error handling during key import.
+#define READ_ASSERT(truth) \
+  if (!(truth)) { \
+    NOTREACHED(); \
+    return false; \
+  }
+
+// Read an ASN.1 length field. This also checks that the length does not extend
+// beyond |end|.
+static bool ReadLength(uint8** pos, uint8* end, uint32* result) {
+  READ_ASSERT(*pos < end);
+  int length = 0;
+
+  // If the MSB is not set, the length is just the byte itself.
+  if (!(**pos & 0x80)) {
+    length = **pos;
+    (*pos)++;
+  } else {
+    // Otherwise, the lower 7 indicate the length of the length.
+    int length_of_length = **pos & 0x7F;
+    READ_ASSERT(length_of_length <= 4);
+    (*pos)++;
+    READ_ASSERT(*pos + length_of_length < end);
+
+    length = 0;
+    for (int i = 0; i < length_of_length; ++i) {
+      length <<= 8;
+      length |= **pos;
+      (*pos)++;
+    }
+  }
+
+  READ_ASSERT(*pos + length <= end);
+  if (result) *result = length;
+  return true;
+}
+
+// Read an ASN.1 type header and its length.
+static bool ReadTypeHeaderAndLength(uint8** pos, uint8* end,
+                                    uint8 expected_tag, uint32* length) {
+  READ_ASSERT(*pos < end);
+  READ_ASSERT(**pos == expected_tag);
+  (*pos)++;
+
+  return ReadLength(pos, end, length);
+}
+
+// Read an ASN.1 sequence declaration. This consumes the type header and length
+// field, but not the contents of the sequence.
+static bool ReadSequence(uint8** pos, uint8* end) {
+  return ReadTypeHeaderAndLength(pos, end, kSequenceTag, NULL);
+}
+
+// Read the RSA AlgorithmIdentifier.
+static bool ReadAlgorithmIdentifier(uint8** pos, uint8* end) {
+  READ_ASSERT(*pos + sizeof(kRsaAlgorithmIdentifier) < end);
+  READ_ASSERT(memcmp(*pos, kRsaAlgorithmIdentifier,
+                     sizeof(kRsaAlgorithmIdentifier)) == 0);
+  (*pos) += sizeof(kRsaAlgorithmIdentifier);
+  return true;
+}
+
+// Read one of the two version fields in PrivateKeyInfo.
+static bool ReadVersion(uint8** pos, uint8* end) {
+  uint32 length = 0;
+  if (!ReadTypeHeaderAndLength(pos, end, kIntegerTag, &length))
+    return false;
+
+  // The version should be zero.
+  for (uint32 i = 0; i < length; ++i) {
+    READ_ASSERT(**pos == 0x00);
+    (*pos)++;
+  }
+
+  return true;
+}
+
+// Read an ASN.1 integer.
+static bool ReadInteger(uint8** pos, uint8* end, std::vector<uint8>* out) {
+  uint32 length = 0;
+  if (!ReadTypeHeaderAndLength(pos, end, kIntegerTag, &length))
+    return false;
+
+  // Read the bytes out in reverse order because of endianness.
+  for (uint32 i = length - 1; i > 0; --i)
+    out->push_back(*(*pos + i));
+
+  // The last byte can be zero to force positiveness. We can ignore this.
+  if (**pos != 0x00)
+    out->push_back(**pos);
+
+  (*pos) += length;
+  return true;
+}
+
+}  // namespace
+
+
+namespace base {
+
+// static
+RSAPrivateKey* RSAPrivateKey::Create(uint16 num_bits) {
+  scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
+  if (!result->InitProvider())
+    return NULL;
+
+  DWORD flags = CRYPT_EXPORTABLE;
+
+  // The size is encoded as the upper 16 bits of the flags. :: sigh ::.
+  flags |= (num_bits << 16);
+  if (!CryptGenKey(result->provider_, CALG_RSA_SIGN, flags, &result->key_))
+    return NULL;
+
+  return result.release();
+}
+
+// static
+RSAPrivateKey* RSAPrivateKey::CreateFromPrivateKeyInfo(
+    const std::vector<uint8>& input) {
+  scoped_ptr<RSAPrivateKey> result(new RSAPrivateKey);
+  if (!result->InitProvider())
+    return NULL;
+
+  uint8* src = const_cast<uint8*>(&input.front());
+  uint8* end = src + input.size();
+  int version = -1;
+  std::vector<uint8> modulus;
+  std::vector<uint8> public_exponent;
+  std::vector<uint8> private_exponent;
+  std::vector<uint8> prime1;
+  std::vector<uint8> prime2;
+  std::vector<uint8> exponent1;
+  std::vector<uint8> exponent2;
+  std::vector<uint8> coefficient;
+
+  if (!ReadSequence(&src, end) ||
+      !ReadVersion(&src, end) ||
+      !ReadAlgorithmIdentifier(&src, end) ||
+      !ReadTypeHeaderAndLength(&src, end, kOctetStringTag, NULL) ||
+      !ReadSequence(&src, end) ||
+      !ReadVersion(&src, end) ||
+      !ReadInteger(&src, end, &modulus) ||
+      !ReadInteger(&src, end, &public_exponent) ||
+      !ReadInteger(&src, end, &private_exponent) ||
+      !ReadInteger(&src, end, &prime1) ||
+      !ReadInteger(&src, end, &prime2) ||
+      !ReadInteger(&src, end, &exponent1) ||
+      !ReadInteger(&src, end, &exponent2) ||
+      !ReadInteger(&src, end, &coefficient))
+    return false;
+
+  READ_ASSERT(src == end);
+
+  int blob_size = sizeof(PUBLICKEYSTRUC) + sizeof(RSAPUBKEY) + modulus.size() +
+                  prime1.size() + prime2.size() +
+                  exponent1.size() + exponent2.size() +
+                  coefficient.size() + private_exponent.size();
+  scoped_array<BYTE> blob(new BYTE[blob_size]);
+
+  uint8* dest = blob.get();
+  PUBLICKEYSTRUC* public_key_struc = reinterpret_cast<PUBLICKEYSTRUC*>(dest);
+  public_key_struc->bType = PRIVATEKEYBLOB;
+  public_key_struc->bVersion = 0x02;
+  public_key_struc->reserved = 0;
+  public_key_struc->aiKeyAlg = CALG_RSA_SIGN;
+  dest += sizeof(PUBLICKEYSTRUC);
+
+  RSAPUBKEY* rsa_pub_key = reinterpret_cast<RSAPUBKEY*>(dest);
+  rsa_pub_key->magic = 0x32415352;
+  rsa_pub_key->bitlen = modulus.size() * 8;
+  int public_exponent_int = 0;
+  for (size_t i = public_exponent.size(); i > 0; --i) {
+    public_exponent_int <<= 8;
+    public_exponent_int |= public_exponent[i - 1];
+  }
+  rsa_pub_key->pubexp = public_exponent_int;
+  dest += sizeof(RSAPUBKEY);
+
+  memcpy(dest, &modulus.front(), modulus.size());
+  dest += modulus.size();
+  memcpy(dest, &prime1.front(), prime1.size());
+  dest += prime1.size();
+  memcpy(dest, &prime2.front(), prime2.size());
+  dest += prime2.size();
+  memcpy(dest, &exponent1.front(), exponent1.size());
+  dest += exponent1.size();
+  memcpy(dest, &exponent2.front(), exponent2.size());
+  dest += exponent2.size();
+  memcpy(dest, &coefficient.front(), coefficient.size());
+  dest += coefficient.size();
+  memcpy(dest, &private_exponent.front(), private_exponent.size());
+  dest += private_exponent.size();
+
+  READ_ASSERT(dest == blob.get() + blob_size);
+  if (!CryptImportKey(
+      result->provider_, reinterpret_cast<uint8*>(public_key_struc), blob_size,
+      NULL, CRYPT_EXPORTABLE, &result->key_)) {
+    return NULL;
+  }
+
+  return result.release();
+}
+
+RSAPrivateKey::RSAPrivateKey() : provider_(NULL), key_(NULL) {}
+
+RSAPrivateKey::~RSAPrivateKey() {
+  if (key_) {
+    if (!CryptDestroyKey(key_))
+      NOTREACHED();
+  }
+
+  if (provider_) {
+    if (!CryptReleaseContext(provider_, 0))
+      NOTREACHED();
+  }
+}
+
+bool RSAPrivateKey::InitProvider() {
+  return FALSE != CryptAcquireContext(&provider_, NULL, NULL,
+                                      PROV_RSA_FULL, CRYPT_VERIFYCONTEXT);
+}
+
+bool RSAPrivateKey::ExportPrivateKey(std::vector<uint8>* output) {
+  // Export the key
+  DWORD blob_length = 0;
+  if (!CryptExportKey(key_, NULL, PRIVATEKEYBLOB, 0, NULL, &blob_length)) {
+    NOTREACHED();
+    return false;
+  }
+
+  scoped_array<uint8> blob(new uint8[blob_length]);
+  if (!CryptExportKey(key_, NULL, PRIVATEKEYBLOB, 0, blob.get(),
+                      &blob_length)) {
+    NOTREACHED();
+    return false;
+  }
+
+  uint8* pos = blob.get();
+  PUBLICKEYSTRUC *publickey_struct = reinterpret_cast<PUBLICKEYSTRUC*>(pos);
+  pos += sizeof(PUBLICKEYSTRUC);
+
+  RSAPUBKEY *rsa_pub_key = reinterpret_cast<RSAPUBKEY*>(pos);
+  pos += sizeof(RSAPUBKEY);
+
+  int mod_size = rsa_pub_key->bitlen / 8;
+  int primes_size = rsa_pub_key->bitlen / 16;
+  int exponents_size = primes_size;
+  int coefficient_size = primes_size;
+  int private_exponent_size = mod_size;
+
+  uint8* modulus = pos;
+  pos += mod_size;
+
+  uint8* prime1 = pos;
+  pos += primes_size;
+  uint8* prime2 = pos;
+  pos += primes_size;
+
+  uint8* exponent1 = pos;
+  pos += exponents_size;
+  uint8* exponent2 = pos;
+  pos += exponents_size;
+
+  uint8* coefficient = pos;
+  pos += coefficient_size;
+
+  uint8* private_exponent = pos;
+  pos += private_exponent_size;
+
+  CHECK((pos - blob_length) == reinterpret_cast<BYTE*>(publickey_struct));
+
+  std::list<uint8> content;
+
+  // Version (always zero)
+  uint8 version = 0;
+
+  // We build up the output in reverse order to prevent having to do copies to
+  // figure out the length.
+  PrependInteger(coefficient, coefficient_size, &content);
+  PrependInteger(exponent2, exponents_size, &content);
+  PrependInteger(exponent1, exponents_size, &content);
+  PrependInteger(prime2, primes_size, &content);
+  PrependInteger(prime1, primes_size, &content);
+  PrependInteger(private_exponent, private_exponent_size, &content);
+  PrependInteger(reinterpret_cast<uint8*>(&rsa_pub_key->pubexp), 4, &content);
+  PrependInteger(modulus, mod_size, &content);
+  PrependInteger(&version, 1, &content);
+  PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content);
+  PrependTypeHeaderAndLength(kOctetStringTag, content.size(), &content);
+
+  // RSA algorithm OID
+  for (size_t i = sizeof(kRsaAlgorithmIdentifier); i > 0; --i)
+    content.push_front(kRsaAlgorithmIdentifier[i - 1]);
+
+  PrependInteger(&version, 1, &content);
+  PrependTypeHeaderAndLength(kSequenceTag, content.size(), &content);
+
+  // Copy everying into the output.
+  output->reserve(content.size());
+  for (std::list<uint8>::iterator i = content.begin(); i != content.end(); ++i)
+    output->push_back(*i);
+
+  return true;
+}
+
+bool RSAPrivateKey::ExportPublicKey(std::vector<uint8>* output) {
+  DWORD key_info_len;
+  if (!CryptExportPublicKeyInfo(
+      provider_, AT_SIGNATURE, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+      NULL, &key_info_len)) {
+    NOTREACHED();
+    return false;
+  }
+
+  scoped_array<uint8> key_info(new uint8[key_info_len]);
+  if (!CryptExportPublicKeyInfo(
+      provider_, AT_SIGNATURE, X509_ASN_ENCODING | PKCS_7_ASN_ENCODING,
+      reinterpret_cast<CERT_PUBLIC_KEY_INFO*>(key_info.get()), &key_info_len)) {
+    NOTREACHED();
+    return false;
+  }
+
+  DWORD encoded_length;
+  if (!CryptEncodeObject(
+      X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, X509_PUBLIC_KEY_INFO,
+      reinterpret_cast<CERT_PUBLIC_KEY_INFO*>(key_info.get()), NULL,
+      &encoded_length)) {
+    NOTREACHED();
+    return false;
+  }
+
+  scoped_array<BYTE> encoded(new BYTE[encoded_length]);
+  if (!CryptEncodeObject(
+      X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, X509_PUBLIC_KEY_INFO,
+      reinterpret_cast<CERT_PUBLIC_KEY_INFO*>(key_info.get()), encoded.get(),
+      &encoded_length)) {
+    NOTREACHED();
+    return false;
+  }
+
+  for (size_t i = 0; i < encoded_length; ++i)
+    output->push_back(encoded[i]);
+
+  return true;
+}
+
+}  // namespace base
diff --git a/base/crypto/signature_creator.h b/base/crypto/signature_creator.h
new file mode 100644
index 0000000..0b66baa
--- /dev/null
+++ b/base/crypto/signature_creator.h
@@ -0,0 +1,53 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BASE_CRYPTO_SIGNATURE_CREATOR_H_
+#define BASE_CRYPTO_SIGNATURE_CREATOR_H_
+
+#if defined(OS_WIN)
+#include <windows.h>
+#include <wincrypt.h>
+#else
+// TODO(PORT)
+#endif
+
+#include <vector>
+
+#include "base/basictypes.h"
+#include "base/crypto/rsa_private_key.h"
+
+namespace base {
+
+// Signs data using a bare private key (as opposed to a full certificate).
+// Currently can only sign data using SHA-1 with RSA encryption.
+class SignatureCreator {
+ public:
+  // Create an instance. The caller must ensure that the provided PrivateKey
+  // instance outlives the created SignatureCreator.
+  static SignatureCreator* Create(RSAPrivateKey* key);
+
+  ~SignatureCreator();
+
+  // Update the signature with more data.
+  bool Update(const uint8* data_part, int data_part_len);
+
+  // Finalize the signature.
+  bool Final(std::vector<uint8>* signature);
+
+ private:
+  // Private constructor. Use the Create() method instead.
+  SignatureCreator() {}
+
+  RSAPrivateKey* key_;
+
+#if defined(OS_WIN)
+  HCRYPTHASH hash_object_;
+#endif
+
+  DISALLOW_COPY_AND_ASSIGN(SignatureCreator);
+};
+
+}  // namespace base
+
+#endif  // BASE_CRYPTO_SIGNATURE_CREATOR_H_
diff --git a/base/crypto/signature_creator_unittest.cc b/base/crypto/signature_creator_unittest.cc
new file mode 100644
index 0000000..a65ad22
--- /dev/null
+++ b/base/crypto/signature_creator_unittest.cc
@@ -0,0 +1,44 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <vector>
+
+#include "base/crypto/signature_creator.h"
+#include "base/crypto/signature_verifier.h"
+#include "base/scoped_ptr.h"
+#include "testing/gtest/include/gtest/gtest.h"
+
+TEST(SignatureCreatorTest, BasicTest) {
+  // Do a verify round trip.
+  scoped_ptr<base::RSAPrivateKey> key(base::RSAPrivateKey::Create(1024));
+  ASSERT_TRUE(key.get());
+
+  scoped_ptr<base::SignatureCreator> signer(
+      base::SignatureCreator::Create(key.get()));
+  ASSERT_TRUE(signer.get());
+
+  std::string data("Hello, world!");
+  ASSERT_TRUE(signer->Update(reinterpret_cast<const uint8*>(data.c_str()),
+                             data.size()));
+
+  std::vector<uint8> signature;
+  ASSERT_TRUE(signer->Final(&signature));
+
+  std::vector<uint8> public_key_info;
+  ASSERT_TRUE(key->ExportPublicKey(&public_key_info));
+
+  // This is the algorithm ID for SHA-1 with RSA encryption.
+  // TODO(aa): Factor this out into some shared location.
+  const uint8 kSHA1WithRSAAlgorithmID[] = {
+    0x30, 0x0d, 0x06, 0x09, 0x2a, 0x86, 0x48, 0x86,
+    0xf7, 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00
+  };
+  base::SignatureVerifier verifier;
+  ASSERT_TRUE(verifier.VerifyInit(
+      kSHA1WithRSAAlgorithmID, sizeof(kSHA1WithRSAAlgorithmID),
+      &signature.front(), signature.size(),
+      &public_key_info.front(), public_key_info.size()));
+}
+
+// TODO(aa): Would be nice to test some well-known signatures.
diff --git a/base/crypto/signature_creator_win.cc b/base/crypto/signature_creator_win.cc
new file mode 100644
index 0000000..651ed7a
--- /dev/null
+++ b/base/crypto/signature_creator_win.cc
@@ -0,0 +1,62 @@
+// Copyright (c) 2009 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "base/crypto/signature_creator.h"
+
+#include "base/logging.h"
+#include "base/scoped_ptr.h"
+
+namespace base {
+
+// static
+SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) {
+  scoped_ptr<SignatureCreator> result(new SignatureCreator);
+  result->key_ = key;
+
+  if (!CryptCreateHash(key->provider(), CALG_SHA1, 0, 0,
+                       &result->hash_object_)) {
+    NOTREACHED();
+    return NULL;
+  }
+
+  return result.release();
+}
+
+SignatureCreator::~SignatureCreator() {
+  if (hash_object_) {
+    if (!CryptDestroyHash(hash_object_))
+      NOTREACHED();
+
+    hash_object_ = 0;
+  }
+}
+
+bool SignatureCreator::Update(const uint8* data_part, int data_part_len) {
+  if (!CryptHashData(hash_object_, data_part, data_part_len, 0)) {
+    NOTREACHED();
+    return false;
+  }
+
+  return true;
+}
+
+bool SignatureCreator::Final(std::vector<uint8>* signature) {
+  DWORD signature_length = 0;
+  if (!CryptSignHash(hash_object_, AT_SIGNATURE, NULL, 0, NULL,
+                     &signature_length)) {
+    return false;
+  }
+
+  signature->resize(signature_length);
+  if (!CryptSignHash(hash_object_, AT_SIGNATURE, NULL, 0, &signature->front(),
+                     &signature_length)) {
+    return false;
+  }
+
+  signature->resize(signature_length);
+  hash_object_ = 0;
+  return true;
+}
+
+}  // namespace base