• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2012 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "crypto/ec_signature_creator_impl.h"
6 
7 #include <stddef.h>
8 #include <stdint.h>
9 
10 #include "crypto/ec_private_key.h"
11 #include "crypto/openssl_util.h"
12 #include "third_party/boringssl/src/include/openssl/bn.h"
13 #include "third_party/boringssl/src/include/openssl/ec.h"
14 #include "third_party/boringssl/src/include/openssl/ecdsa.h"
15 #include "third_party/boringssl/src/include/openssl/evp.h"
16 #include "third_party/boringssl/src/include/openssl/sha.h"
17 
18 namespace crypto {
19 
ECSignatureCreatorImpl(ECPrivateKey * key)20 ECSignatureCreatorImpl::ECSignatureCreatorImpl(ECPrivateKey* key) : key_(key) {}
21 
22 ECSignatureCreatorImpl::~ECSignatureCreatorImpl() = default;
23 
Sign(base::span<const uint8_t> data,std::vector<uint8_t> * signature)24 bool ECSignatureCreatorImpl::Sign(base::span<const uint8_t> data,
25                                   std::vector<uint8_t>* signature) {
26   OpenSSLErrStackTracer err_tracer(FROM_HERE);
27   bssl::ScopedEVP_MD_CTX ctx;
28   size_t sig_len = 0;
29   if (!ctx.get() ||
30       !EVP_DigestSignInit(ctx.get(), nullptr, EVP_sha256(), nullptr,
31                           key_->key()) ||
32       !EVP_DigestSignUpdate(ctx.get(), data.data(), data.size()) ||
33       !EVP_DigestSignFinal(ctx.get(), nullptr, &sig_len)) {
34     return false;
35   }
36 
37   signature->resize(sig_len);
38   if (!EVP_DigestSignFinal(ctx.get(), &signature->front(), &sig_len))
39     return false;
40 
41   // NOTE: A call to EVP_DigestSignFinal() with a nullptr second parameter
42   // returns a maximum allocation size, while the call without a nullptr
43   // returns the real one, which may be smaller.
44   signature->resize(sig_len);
45   return true;
46 }
47 
DecodeSignature(const std::vector<uint8_t> & der_sig,std::vector<uint8_t> * out_raw_sig)48 bool ECSignatureCreatorImpl::DecodeSignature(
49     const std::vector<uint8_t>& der_sig,
50     std::vector<uint8_t>* out_raw_sig) {
51   OpenSSLErrStackTracer err_tracer(FROM_HERE);
52   // Create ECDSA_SIG object from DER-encoded data.
53   bssl::UniquePtr<ECDSA_SIG> ecdsa_sig(
54       ECDSA_SIG_from_bytes(der_sig.data(), der_sig.size()));
55   if (!ecdsa_sig.get())
56     return false;
57 
58   // The result is made of two 32-byte vectors.
59   const size_t kMaxBytesPerBN = 32;
60   std::vector<uint8_t> result(2 * kMaxBytesPerBN);
61 
62   if (!BN_bn2bin_padded(&result[0], kMaxBytesPerBN, ecdsa_sig->r) ||
63       !BN_bn2bin_padded(&result[kMaxBytesPerBN], kMaxBytesPerBN,
64                         ecdsa_sig->s)) {
65     return false;
66   }
67   out_raw_sig->swap(result);
68   return true;
69 }
70 
71 }  // namespace crypto
72