net/quic/crypto/channel_id_nss.cc - platform/external/chromium_org - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/quic/crypto/channel_id.h"

 #include <keythi.h>
 #include <pk11pub.h>
 #include <sechash.h>

 using base::StringPiece;

 namespace net {

 // static
 bool ChannelIDVerifier::Verify(StringPiece key,
                                StringPiece signed_data,
                                StringPiece signature) {
   return VerifyRaw(key, signed_data, signature, true);
 }

 // static
 bool ChannelIDVerifier::VerifyRaw(StringPiece key,
                                   StringPiece signed_data,
                                   StringPiece signature,
                                   bool is_channel_id_signature) {
   if (key.size() != 32 * 2 ||
       signature.size() != 32 * 2) {
     return false;
   }

   SECKEYPublicKey public_key;
   memset(&public_key, 0, sizeof(public_key));

   // DER encoding of the object identifier (OID) of the named curve P-256
   // (1.2.840.10045.3.1.7). See RFC 6637 Section 11.
   static const unsigned char p256_oid[] = {
     0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
   };
   public_key.keyType = ecKey;
   public_key.u.ec.DEREncodedParams.type = siBuffer;
   public_key.u.ec.DEREncodedParams.data = const_cast<unsigned char*>(p256_oid);
   public_key.u.ec.DEREncodedParams.len = sizeof(p256_oid);

   unsigned char key_buf[65];
   key_buf[0] = 0x04;
   memcpy(&key_buf[1], key.data(), key.size());
   public_key.u.ec.publicValue.type = siBuffer;
   public_key.u.ec.publicValue.data = key_buf;
   public_key.u.ec.publicValue.len = sizeof(key_buf);

   SECItem signature_item = {
     siBuffer,
     reinterpret_cast<unsigned char*>(const_cast<char*>(signature.data())),
     static_cast<unsigned int>(signature.size())
   };

   unsigned char hash_buf[SHA256_LENGTH];
   SECItem hash_item = { siBuffer, hash_buf, sizeof(hash_buf) };

   HASHContext* sha256 = HASH_Create(HASH_AlgSHA256);
   if (!sha256) {
     return false;
   }
   HASH_Begin(sha256);
   if (is_channel_id_signature) {
     HASH_Update(sha256, reinterpret_cast<const unsigned char*>(kContextStr),
                 strlen(kContextStr) + 1);
     HASH_Update(sha256,
                 reinterpret_cast<const unsigned char*>(kClientToServerStr),
                 strlen(kClientToServerStr) + 1);
   }
   HASH_Update(sha256,
               reinterpret_cast<const unsigned char*>(signed_data.data()),
               signed_data.size());
   HASH_End(sha256, hash_buf, &hash_item.len, sizeof(hash_buf));
   HASH_Destroy(sha256);

   return PK11_Verify(&public_key, &signature_item, &hash_item, NULL) ==
          SECSuccess;
 }

 }  // namespace net
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/quic/crypto/channel_id.h"

	#include <keythi.h>
	#include <pk11pub.h>
	#include <sechash.h>

	using base::StringPiece;

	namespace net {

	// static
	bool ChannelIDVerifier::Verify(StringPiece key,
	StringPiece signed_data,
	StringPiece signature) {
	return VerifyRaw(key, signed_data, signature, true);
	}

	// static
	bool ChannelIDVerifier::VerifyRaw(StringPiece key,
	StringPiece signed_data,
	StringPiece signature,
	bool is_channel_id_signature) {
	if (key.size() != 32 * 2 \|\|
	signature.size() != 32 * 2) {
	return false;
	}

	SECKEYPublicKey public_key;
	memset(&public_key, 0, sizeof(public_key));

	// DER encoding of the object identifier (OID) of the named curve P-256
	// (1.2.840.10045.3.1.7). See RFC 6637 Section 11.
	static const unsigned char p256_oid[] = {
	0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07
	};
	public_key.keyType = ecKey;
	public_key.u.ec.DEREncodedParams.type = siBuffer;
	public_key.u.ec.DEREncodedParams.data = const_cast<unsigned char*>(p256_oid);
	public_key.u.ec.DEREncodedParams.len = sizeof(p256_oid);

	unsigned char key_buf[65];
	key_buf[0] = 0x04;
	memcpy(&key_buf[1], key.data(), key.size());
	public_key.u.ec.publicValue.type = siBuffer;
	public_key.u.ec.publicValue.data = key_buf;
	public_key.u.ec.publicValue.len = sizeof(key_buf);

	SECItem signature_item = {
	siBuffer,
	reinterpret_cast<unsigned char>(const_cast<char>(signature.data())),
	static_cast<unsigned int>(signature.size())
	};

	unsigned char hash_buf[SHA256_LENGTH];
	SECItem hash_item = { siBuffer, hash_buf, sizeof(hash_buf) };

	HASHContext* sha256 = HASH_Create(HASH_AlgSHA256);
	if (!sha256) {
	return false;
	}
	HASH_Begin(sha256);
	if (is_channel_id_signature) {
	HASH_Update(sha256, reinterpret_cast<const unsigned char*>(kContextStr),
	strlen(kContextStr) + 1);
	HASH_Update(sha256,
	reinterpret_cast<const unsigned char*>(kClientToServerStr),
	strlen(kClientToServerStr) + 1);
	}
	HASH_Update(sha256,
	reinterpret_cast<const unsigned char*>(signed_data.data()),
	signed_data.size());
	HASH_End(sha256, hash_buf, &hash_item.len, sizeof(hash_buf));
	HASH_Destroy(sha256);

	return PK11_Verify(&public_key, &signature_item, &hash_item, NULL) ==
	SECSuccess;
	}

	} // namespace net