• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2023 Google LLC
2 //
3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at
6 //
7 //    https://www.apache.org/licenses/LICENSE-2.0
8 //
9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS,
11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 // See the License for the specific language governing permissions and
13 // limitations under the License.
14 
15 #ifndef ANONYMOUS_TOKENS_CPP_CRYPTO_RSA_SSA_PSS_VERIFIER_H_
16 #define ANONYMOUS_TOKENS_CPP_CRYPTO_RSA_SSA_PSS_VERIFIER_H_
17 
18 #include <stdint.h>
19 
20 #include <memory>
21 #include <optional>
22 
23 #include "absl/status/status.h"
24 #include "absl/status/statusor.h"
25 #include "absl/strings/string_view.h"
26 #include "anonymous_tokens/cpp/crypto/crypto_utils.h"
27 #include "anonymous_tokens/cpp/crypto/verifier.h"
28 #include "anonymous_tokens/proto/anonymous_tokens.pb.h"
29 
30 
31 namespace anonymous_tokens {
32 
33 // RsaSsaPssVerifier is able to verify an unblinded token (signature) against an
34 // inputted message using a public key and other input parameters.
35 class RsaSsaPssVerifier : public Verifier {
36  public:
37   // Passing of public_metadata is optional. If it is set to any value including
38   // an empty string, RsaSsaPssVerifier will assume that partially blind RSA
39   // signature protocol is being executed.
40   //
41   // If public metadata is passed and the boolean "use_rsa_public_exponent" is
42   // set to false, the public exponent in the public_key is not used in any
43   // computations in the protocol.
44   //
45   // Setting "use_rsa_public_exponent" to true is deprecated. All new users
46   // should set it to false.
47   static absl::StatusOr<std::unique_ptr<RsaSsaPssVerifier>> New(
48       int salt_length, const EVP_MD* sig_hash, const EVP_MD* mgf1_hash,
49       const RSAPublicKey& public_key, bool use_rsa_public_exponent,
50       std::optional<absl::string_view> public_metadata = std::nullopt);
51 
52   // Verifies the signature.
53   //
54   // Returns OkStatus() on successful verification. Otherwise returns an error.
55   absl::Status Verify(absl::string_view unblind_token,
56                       absl::string_view message) override;
57 
58  private:
59   // Use `New` to construct
60   RsaSsaPssVerifier(int salt_length,
61                     std::optional<absl::string_view> public_metadata,
62                     const EVP_MD* sig_hash, const EVP_MD* mgf1_hash,
63                     bssl::UniquePtr<RSA> rsa_public_key);
64 
65   const int salt_length_;
66   std::optional<std::string> public_metadata_;
67   const EVP_MD* const sig_hash_;   // Owned by BoringSSL.
68   const EVP_MD* const mgf1_hash_;  // Owned by BoringSSL.
69 
70   // If public metadata is passed to RsaSsaPssVerifier::New, rsa_public_key_
71   // will be initialized using RSA_new_public_key_large_e method.
72   const bssl::UniquePtr<RSA> rsa_public_key_;
73 };
74 
75 }  // namespace anonymous_tokens
76 
77 
78 #endif  // ANONYMOUS_TOKENS_CPP_CRYPTO_RSA_SSA_PSS_VERIFIER_H_
79