1/* 2 * Copyright (c) 2000-2001,2011,2014 Apple Inc. All Rights Reserved. 3 * 4 * The contents of this file constitute Original Code as defined in and are 5 * subject to the Apple Public Source License Version 1.2 (the 'License'). 6 * You may not use this file except in compliance with the License. Please obtain 7 * a copy of the License at http://www.apple.com/publicsource and read it before 8 * using this file. 9 * 10 * This Original Code and all software distributed under the License are 11 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS 12 * OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES, INCLUDING WITHOUT 13 * LIMITATION, ANY WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR 14 * PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT. Please see the License for the 15 * specific language governing rights and limitations under the License. 16 */ 17 18 19/* 20 * SignatureContext.h - AppleCSPContext sublass for generic sign/verify 21 */ 22 23#include "SignatureContext.h" 24#include "AppleCSPUtils.h" 25#include "AppleCSPSession.h" 26#include <Security/cssmtype.h> 27 28#include <security_utilities/debugging.h> 29 30#define cspSigDebug(args...) secdebug("cspSig", ## args) 31 32SignatureContext::~SignatureContext() 33{ 34 delete &mDigest; 35 delete &mSigner; 36 mInitFlag = false; 37} 38 39/* both sign & verify */ 40void SignatureContext::init( 41 const Context &context, 42 bool isSigning) 43{ 44 mDigest.digestInit(); 45 mSigner.signerInit(context, isSigning); 46 mInitFlag = true; 47} 48 49/* both sign & verify */ 50void SignatureContext::update( 51 const CssmData &data) 52{ 53 mDigest.digestUpdate(data.Data, data.Length); 54} 55 56/* sign only */ 57void SignatureContext::final( 58 CssmData &out) 59{ 60 void *digest; 61 size_t digestLen; 62 void *sig = out.data(); 63 size_t sigLen = out.length(); 64 65 /* first obtain the digest */ 66 digestLen = mDigest.digestSizeInBytes(); 67 digest = session().malloc(digestLen); 68 mDigest.digestFinal(digest); 69 70 /* now sign */ 71 try { 72 mSigner.sign(digest, 73 digestLen, 74 sig, 75 &sigLen); 76 } 77 catch(...) { 78 session().free(digest); 79 throw; 80 } 81 session().free(digest); 82 if(out.length() < sigLen) { 83 cspSigDebug("SignatureContext: mallocd sig too small!"); 84 CssmError::throwMe(CSSMERR_CSP_INTERNAL_ERROR); 85 } 86 out.length(sigLen); 87} 88 89/* verify only */ 90void SignatureContext::final( 91 const CssmData &in) 92{ 93 void *digest; 94 size_t digestLen; 95 96 /* first obtain the digest */ 97 digestLen = mDigest.digestSizeInBytes(); 98 digest = session().malloc(digestLen); 99 mDigest.digestFinal(digest); 100 101 /* now verify */ 102 try { 103 mSigner.verify(digest, 104 digestLen, 105 in.Data, 106 in.Length); 107 } 108 catch(...) { 109 session().free(digest); 110 throw; 111 } 112 session().free(digest); 113} 114 115size_t SignatureContext::outputSize( 116 bool final, 117 size_t inSize) 118{ 119 return mSigner.maxSigSize(); 120} 121 122/* for raw sign/verify - optionally called after init */ 123void SignatureContext::setDigestAlgorithm( 124 CSSM_ALGORITHMS digestAlg) 125{ 126 mSigner.setDigestAlg(digestAlg); 127} 128