| // Copyright 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/quic/crypto/channel_id.h" |
| |
| #include <keythi.h> |
| #include <pk11pub.h> |
| #include <sechash.h> |
| |
| using base::StringPiece; |
| |
| namespace net { |
| |
| // static |
| bool ChannelIDVerifier::Verify(StringPiece key, |
| StringPiece signed_data, |
| StringPiece signature) { |
| return VerifyRaw(key, signed_data, signature, true); |
| } |
| |
| // static |
| bool ChannelIDVerifier::VerifyRaw(StringPiece key, |
| StringPiece signed_data, |
| StringPiece signature, |
| bool is_channel_id_signature) { |
| if (key.size() != 32 * 2 || |
| signature.size() != 32 * 2) { |
| return false; |
| } |
| |
| SECKEYPublicKey public_key; |
| memset(&public_key, 0, sizeof(public_key)); |
| |
| // DER encoding of the object identifier (OID) of the named curve P-256 |
| // (1.2.840.10045.3.1.7). See RFC 6637 Section 11. |
| static const unsigned char p256_oid[] = { |
| 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07 |
| }; |
| public_key.keyType = ecKey; |
| public_key.u.ec.DEREncodedParams.type = siBuffer; |
| public_key.u.ec.DEREncodedParams.data = const_cast<unsigned char*>(p256_oid); |
| public_key.u.ec.DEREncodedParams.len = sizeof(p256_oid); |
| |
| unsigned char key_buf[65]; |
| key_buf[0] = 0x04; |
| memcpy(&key_buf[1], key.data(), key.size()); |
| public_key.u.ec.publicValue.type = siBuffer; |
| public_key.u.ec.publicValue.data = key_buf; |
| public_key.u.ec.publicValue.len = sizeof(key_buf); |
| |
| SECItem signature_item = { |
| siBuffer, |
| reinterpret_cast<unsigned char*>(const_cast<char*>(signature.data())), |
| static_cast<unsigned int>(signature.size()) |
| }; |
| |
| unsigned char hash_buf[SHA256_LENGTH]; |
| SECItem hash_item = { siBuffer, hash_buf, sizeof(hash_buf) }; |
| |
| HASHContext* sha256 = HASH_Create(HASH_AlgSHA256); |
| if (!sha256) { |
| return false; |
| } |
| HASH_Begin(sha256); |
| if (is_channel_id_signature) { |
| HASH_Update(sha256, reinterpret_cast<const unsigned char*>(kContextStr), |
| strlen(kContextStr) + 1); |
| HASH_Update(sha256, |
| reinterpret_cast<const unsigned char*>(kClientToServerStr), |
| strlen(kClientToServerStr) + 1); |
| } |
| HASH_Update(sha256, |
| reinterpret_cast<const unsigned char*>(signed_data.data()), |
| signed_data.size()); |
| HASH_End(sha256, hash_buf, &hash_item.len, sizeof(hash_buf)); |
| HASH_Destroy(sha256); |
| |
| return PK11_Verify(&public_key, &signature_item, &hash_item, NULL) == |
| SECSuccess; |
| } |
| |
| } // namespace net |