1 // Copyright 2015 The Chromium Authors 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_CERT_PKI_VERIFY_SIGNED_DATA_H_ 6 #define NET_CERT_PKI_VERIFY_SIGNED_DATA_H_ 7 8 #include "crypto/openssl_util.h" 9 #include "net/base/net_export.h" 10 #include "net/cert/pki/signature_algorithm.h" 11 #include "net/cert/pki/signature_verify_cache.h" 12 #include "third_party/boringssl/src/include/openssl/evp.h" 13 14 namespace net { 15 16 namespace der { 17 class BitString; 18 class Input; 19 } // namespace der 20 21 // Verifies that |signature_value| is a valid signature of |signed_data| using 22 // the algorithm |algorithm| and the public key |public_key|. 23 // 24 // |algorithm| - The parsed AlgorithmIdentifier 25 // |signed_data| - The blob of data to verify 26 // |signature_value| - The BIT STRING for the signature's value 27 // |public_key| - The parsed (non-null) public key. 28 // 29 // Returns true if verification was successful. 30 [[nodiscard]] NET_EXPORT bool VerifySignedData( 31 SignatureAlgorithm algorithm, 32 const der::Input& signed_data, 33 const der::BitString& signature_value, 34 EVP_PKEY* public_key, 35 SignatureVerifyCache* cache); 36 37 // Same as above overload, only the public key is inputted as an SPKI and will 38 // be parsed internally. 39 [[nodiscard]] NET_EXPORT bool VerifySignedData( 40 SignatureAlgorithm algorithm, 41 const der::Input& signed_data, 42 const der::BitString& signature_value, 43 const der::Input& public_key_spki, 44 SignatureVerifyCache* cache); 45 46 [[nodiscard]] NET_EXPORT bool ParsePublicKey( 47 const der::Input& public_key_spki, 48 bssl::UniquePtr<EVP_PKEY>* public_key); 49 50 } // namespace net 51 52 #endif // NET_CERT_PKI_VERIFY_SIGNED_DATA_H_ 53