crypto/signature_creator_nss.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "crypto/signature_creator.h"
   6
   7 #include <cryptohi.h>
   8 #include <keyhi.h>
   9 #include <stdlib.h>
  10
  11 #include "base/logging.h"
  12 #include "base/memory/scoped_ptr.h"
  13 #include "crypto/nss_util.h"
  14 #include "crypto/rsa_private_key.h"
  15
  16 namespace crypto {
  17
  18 SignatureCreator::~SignatureCreator() {
  19   if (sign_context_) {
  20     SGN_DestroyContext(sign_context_, PR_TRUE);
  21     sign_context_ = NULL;
  22   }
  23 }
  24
  25 // static
  26 SignatureCreator* SignatureCreator::Create(RSAPrivateKey* key) {
  27   scoped_ptr<SignatureCreator> result(new SignatureCreator);
  28   result->key_ = key;
  29
  30   result->sign_context_ = SGN_NewContext(SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION,
  31       key->key());
  32   if (!result->sign_context_) {
  33     NOTREACHED();
  34     return NULL;
  35   }
  36
  37   SECStatus rv = SGN_Begin(result->sign_context_);
  38   if (rv != SECSuccess) {
  39     NOTREACHED();
  40     return NULL;
  41   }
  42
  43   return result.release();
  44 }
  45
  46 bool SignatureCreator::Update(const uint8* data_part, int data_part_len) {
  47   // TODO(wtc): Remove this const_cast when we require NSS 3.12.5.
  48   // See NSS bug https://bugzilla.mozilla.org/show_bug.cgi?id=518255
  49   SECStatus rv = SGN_Update(sign_context_,
  50                             const_cast<unsigned char*>(data_part),
  51                             data_part_len);
  52   if (rv != SECSuccess) {
  53     NOTREACHED();
  54     return false;
  55   }
  56
  57   return true;
  58 }
  59
  60 bool SignatureCreator::Final(std::vector<uint8>* signature) {
  61   SECItem signature_item;
  62   SECStatus rv = SGN_End(sign_context_, &signature_item);
  63   if (rv != SECSuccess) {
  64     NOTREACHED();
  65     return false;
  66   }
  67   signature->assign(signature_item.data,
  68                     signature_item.data + signature_item.len);
  69   SECITEM_FreeItem(&signature_item, PR_FALSE);
  70   return true;
  71 }
  72
  73 SignatureCreator::SignatureCreator()
  74     : key_(NULL),
  75       sign_context_(NULL) {
  76   EnsureNSSInit();
  77 }
  78
  79 }  // namespace crypto