• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CRYPTO_EC_SIGNATURE_CREATOR_H_
6 #define CRYPTO_EC_SIGNATURE_CREATOR_H_
7 
8 #include <string>
9 #include <vector>
10 
11 #include "base/basictypes.h"
12 #include "crypto/crypto_export.h"
13 
14 namespace crypto {
15 
16 class ECPrivateKey;
17 class ECSignatureCreator;
18 
19 class CRYPTO_EXPORT ECSignatureCreatorFactory {
20  public:
~ECSignatureCreatorFactory()21   virtual ~ECSignatureCreatorFactory() {}
22 
23   virtual ECSignatureCreator* Create(ECPrivateKey* key) = 0;
24 };
25 
26 // Signs data using a bare private key (as opposed to a full certificate).
27 // We need this class because SignatureCreator is hardcoded to use
28 // RSAPrivateKey.
29 class CRYPTO_EXPORT ECSignatureCreator {
30  public:
~ECSignatureCreator()31   virtual ~ECSignatureCreator() {}
32 
33   // Create an instance. The caller must ensure that the provided PrivateKey
34   // instance outlives the created ECSignatureCreator.
35   // TODO(rch):  This is currently hard coded to use SHA256. Ideally, we should
36   // pass in the hash algorithm identifier.
37   static ECSignatureCreator* Create(ECPrivateKey* key);
38 
39   // Set a factory to make the Create function return non-standard
40   // ECSignatureCreator objects.  Because the ECDSA algorithm involves
41   // randomness, this is useful for higher-level tests that want to have
42   // deterministic mocked output to compare.
43   static void SetFactoryForTesting(ECSignatureCreatorFactory* factory);
44 
45   // Signs |data_len| bytes from |data| and writes the results into
46   // |signature| as a DER encoded ECDSA-Sig-Value from RFC 3279.
47   //
48   //  ECDSA-Sig-Value ::= SEQUENCE {
49   //    r     INTEGER,
50   //    s     INTEGER }
51   virtual bool Sign(const uint8* data,
52                     int data_len,
53                     std::vector<uint8>* signature) = 0;
54 
55   // DecodeSignature converts from a DER encoded ECDSA-Sig-Value (as produced
56   // by Sign) to a `raw' ECDSA signature which consists of a pair of
57   // big-endian, zero-padded, 256-bit integers, r and s. On success it returns
58   // true and puts the raw signature into |out_raw_sig|.
59   // (Only P-256 signatures are supported.)
60   virtual bool DecodeSignature(const std::vector<uint8>& signature,
61                                std::vector<uint8>* out_raw_sig) = 0;
62 };
63 
64 }  // namespace crypto
65 
66 #endif  // CRYPTO_EC_SIGNATURE_CREATOR_H_
67