Add SignatureVerifier::VerifyInitRSAPSS for verifying RSA-PSS signatures.

Change the OpenSSL-based SignatureVerifier to use EVP_DigestVerifyInit instead of EVP_VerifyInit_ex. Copy the PSS padding verification code from NSS to the NSS-based SignatureVerifier because the RSA-PSS code in the NSS softoken isn't exposed via the NSS PK11_ or VFY_ functions yet. R=agl@chromium.org,rsleevi@chromium.org BUG=none TEST=to be added to net_unittests via testing net::quic::ProofVerifier. Review URL: https://chromiumcodereview.appspot.com/17776003 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@209178 0039d316-1c4b-4281-b951-d872f2087c98
author: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-28 17:46:53 +0000
committer: wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2013-06-28 17:46:53 +0000
commit: 9b898661f246b337e278343318b7eea0c2c0ca20 (patch)
tree: 4243f662fd6c35aac49a2668d9723bd158ab42ed /crypto/signature_verifier.h
parent: 6aec09b8ad4dd6dcd11babae85322d5208a464c6 (diff)
download: chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.zip
chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.tar.gz
chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.tar.bz2
1 files changed, 58 insertions, 2 deletions
diff --git a/crypto/signature_verifier.h b/crypto/signature_verifier.h
index 505ed0c..93591d2 100644
--- a/crypto/signature_verifier.h
+++ b/crypto/signature_verifier.h
@@ -12,7 +12,12 @@
 #include "base/basictypes.h"
 #include "crypto/crypto_export.h"
 
-#if !defined(USE_OPENSSL)
+#if defined(USE_OPENSSL)
+typedef struct env_md_st EVP_MD;
+typedef struct evp_pkey_ctx_st EVP_PKEY_CTX;
+#else
+typedef struct HASHContextStr HASHContext;
+typedef struct SECKEYPublicKeyStr SECKEYPublicKey;
 typedef struct VFYContextStr VFYContext;
 #endif
 
@@ -22,6 +27,12 @@ namespace crypto {
 // (as opposed to a certificate).
 class CRYPTO_EXPORT SignatureVerifier {
  public:
+  // The set of supported hash functions. Extend as required.
+  enum HashAlgorithm {
+    SHA1,
+    SHA256,
+  };
+
   SignatureVerifier();
   ~SignatureVerifier();
 
@@ -29,6 +40,7 @@ class CRYPTO_EXPORT SignatureVerifier {
 
   // Initiates a signature verification operation.  This should be followed
   // by one or more VerifyUpdate calls and a VerifyFinal call.
+  // NOTE: for RSA-PSS signatures, use VerifyInitRSAPSS instead.
   //
   // The signature algorithm is specified as a DER encoded ASN.1
   // AlgorithmIdentifier structure:
@@ -38,7 +50,7 @@ class CRYPTO_EXPORT SignatureVerifier {
   //
   // The signature is encoded according to the signature algorithm, but it
   // must not be further encoded in an ASN.1 BIT STRING.
-  // Note: An RSA signatures is actually a big integer.  It must be in the
+  // Note: An RSA signature is actually a big integer.  It must be in
   // big-endian byte order.
   //
   // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
@@ -54,6 +66,30 @@ class CRYPTO_EXPORT SignatureVerifier {
                   const uint8* public_key_info,
                   int public_key_info_len);
 
+  // Initiates a RSA-PSS signature verification operation.  This should be
+  // followed by one or more VerifyUpdate calls and a VerifyFinal call.
+  //
+  // The RSA-PSS signature algorithm parameters are specified with the
+  // |hash_alg|, |mask_hash_alg|, and |salt_len| arguments.
+  //
+  // An RSA-PSS signature is a nonnegative integer encoded as a byte string
+  // (of the same length as the RSA modulus) in big-endian byte order. It
+  // must not be further encoded in an ASN.1 BIT STRING.
+  //
+  // The public key is specified as a DER encoded ASN.1 SubjectPublicKeyInfo
+  // structure, which contains not only the public key but also its type
+  // (algorithm):
+  //   SubjectPublicKeyInfo  ::=  SEQUENCE  {
+  //       algorithm            AlgorithmIdentifier,
+  //       subjectPublicKey     BIT STRING  }
+  bool VerifyInitRSAPSS(HashAlgorithm hash_alg,
+                        HashAlgorithm mask_hash_alg,
+                        int salt_len,
+                        const uint8* signature,
+                        int signature_len,
+                        const uint8* public_key_info,
+                        int public_key_info_len);
+
   // Feeds a piece of the data to the signature verifier.
   void VerifyUpdate(const uint8* data_part, int data_part_len);
 
@@ -73,6 +109,18 @@ class CRYPTO_EXPORT SignatureVerifier {
   //               int public_key_info_len);
 
  private:
+#if defined(USE_OPENSSL)
+  bool CommonInit(const EVP_MD* digest,
+                  const uint8* signature,
+                  int signature_len,
+                  const uint8* public_key_info,
+                  int public_key_info_len,
+                  EVP_PKEY_CTX** pkey_ctx);
+#else
+  static SECKEYPublicKey* DecodePublicKeyInfo(const uint8* public_key_info,
+                                              int public_key_info_len);
+#endif
+
   void Reset();
 
   std::vector<uint8> signature_;
@@ -81,7 +129,15 @@ class CRYPTO_EXPORT SignatureVerifier {
   struct VerifyContext;
   VerifyContext* verify_context_;
 #else
+  // Used for all signature types except RSA-PSS.
   VFYContext* vfy_context_;
+
+  // Used for RSA-PSS signatures.
+  HashAlgorithm hash_alg_;
+  HashAlgorithm mask_hash_alg_;
+  unsigned int salt_len_;
+  SECKEYPublicKey* public_key_;
+  HASHContext* hash_context_;
 #endif
 };
author	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-28 17:46:53 +0000
committer	wtc@chromium.org <wtc@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2013-06-28 17:46:53 +0000
commit	9b898661f246b337e278343318b7eea0c2c0ca20 (patch)
tree	4243f662fd6c35aac49a2668d9723bd158ab42ed /crypto/signature_verifier.h
parent	6aec09b8ad4dd6dcd11babae85322d5208a464c6 (diff)
download	chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.zip chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.tar.gz chromium_src-9b898661f246b337e278343318b7eea0c2c0ca20.tar.bz2