summaryrefslogtreecommitdiffstats
path: root/crypto/ec_signature_creator_nss.cc
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/ec_signature_creator_nss.cc')
-rw-r--r--crypto/ec_signature_creator_nss.cc26
1 files changed, 23 insertions, 3 deletions
diff --git a/crypto/ec_signature_creator_nss.cc b/crypto/ec_signature_creator_nss.cc
index a85b1e9..3e3626f 100644
--- a/crypto/ec_signature_creator_nss.cc
+++ b/crypto/ec_signature_creator_nss.cc
@@ -24,7 +24,8 @@ namespace {
SECStatus SignData(SECItem* result,
SECItem* input,
SECKEYPrivateKey* key,
- HASH_HashType hash_type) {
+ HASH_HashType hash_type,
+ size_t* out_signature_len) {
if (key->keyType != ecKey) {
DLOG(FATAL) << "Should be using an EC key.";
PORT_SetError(SEC_ERROR_INVALID_ARGS);
@@ -49,6 +50,8 @@ SECStatus SignData(SECItem* result,
if (rv != SECSuccess)
return rv;
+ *out_signature_len = sig.len;
+
// DER encode the signature.
return DSAU_EncodeDerSigWithLen(result, &sig, sig.len);
}
@@ -56,7 +59,8 @@ SECStatus SignData(SECItem* result,
} // namespace
ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key)
- : key_(key) {
+ : key_(key),
+ signature_len_(0) {
EnsureNSSInit();
}
@@ -79,7 +83,7 @@ bool ECSignatureCreatorImpl::Sign(const uint8* data,
// Sign the secret data and save it to |result|.
SECStatus rv =
- SignData(&result, &secret, key_->key(), HASH_AlgSHA1);
+ SignData(&result, &secret, key_->key(), HASH_AlgSHA256, &signature_len_);
if (rv != SECSuccess) {
DLOG(ERROR) << "DerSignData: " << PORT_GetError();
return false;
@@ -91,4 +95,20 @@ bool ECSignatureCreatorImpl::Sign(const uint8* data,
return true;
}
+bool ECSignatureCreatorImpl::DecodeSignature(
+ const std::vector<uint8>& der_sig,
+ std::vector<uint8>* out_raw_sig) {
+ SECItem der_sig_item;
+ der_sig_item.type = siBuffer;
+ der_sig_item.len = der_sig.size();
+ der_sig_item.data = const_cast<uint8*>(&der_sig[0]);
+
+ SECItem* raw_sig = DSAU_DecodeDerSigToLen(&der_sig_item, signature_len_);
+ if (!raw_sig)
+ return false;
+ out_raw_sig->assign(raw_sig->data, raw_sig->data + raw_sig->len);
+ SECITEM_FreeItem(raw_sig, PR_TRUE /* free SECItem structure itself. */);
+ return true;
+}
+
} // namespace crypto
generated by cgit v1.1 at 2024-06-19 00:55:34 +0000