void CryptoAlgorithmRSASSA_PKCS1_v1_5::verify(const CryptoAlgorithmParameters& parameters, const CryptoKey& key, const CryptoOperationData& signature, const CryptoOperationData& data, std::unique_ptr<PromiseWrapper> promise, ExceptionCode& ec) { const CryptoAlgorithmRsaSsaParams& rsaSSAParameters = toCryptoAlgorithmRsaSsaParams(parameters); if (!isCryptoKeyRSA(key)) { ec = NOT_SUPPORTED_ERR; return; } const CryptoKeyRSA& rsaKey = toCryptoKeyRSA(key); CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(rsaSSAParameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(rsaSSAParameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); CCCryptorStatus status = CCRSACryptorVerify(rsaKey.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.first, signature.second); if (!status) promise->fulfill(true); else if (status == kCCNotVerified || kCCDecodeError) // <rdar://problem/15464982> CCRSACryptorVerify returns kCCDecodeError instead of kCCNotVerified sometimes promise->fulfill(false); else promise->reject(nullptr); }
bool CryptoAlgorithmRSA_OAEP::keyAlgorithmMatches(const CryptoAlgorithmRsaOaepParams& algorithmParameters, const CryptoKey& key) const { if (key.algorithmIdentifier() != s_identifier) return false; ASSERT(isCryptoKeyRSA(key)); CryptoAlgorithmIdentifier keyHash; if (toCryptoKeyRSA(key).isRestrictedToHash(keyHash) && keyHash != algorithmParameters.hash) return false; return true; }
void CryptoAlgorithmRSASSA_PKCS1_v1_5::sign(const CryptoAlgorithmParameters& parameters, const CryptoKey& key, const CryptoOperationData& data, std::unique_ptr<PromiseWrapper> promise, ExceptionCode& ec) { const CryptoAlgorithmRsaSsaParams& rsaSSAParameters = toCryptoAlgorithmRsaSsaParams(parameters); if (!isCryptoKeyRSA(key)) { ec = NOT_SUPPORTED_ERR; return; } const CryptoKeyRSA& rsaKey = toCryptoKeyRSA(key); CCDigestAlgorithm digestAlgorithm; if (!getCommonCryptoDigestAlgorithm(rsaSSAParameters.hash, digestAlgorithm)) { ec = NOT_SUPPORTED_ERR; return; } std::unique_ptr<CryptoDigest> digest = CryptoDigest::create(rsaSSAParameters.hash); if (!digest) { ec = NOT_SUPPORTED_ERR; return; } digest->addBytes(data.first, data.second); Vector<uint8_t> digestData = digest->computeHash(); Vector<uint8_t> signature(512); size_t signatureSize = signature.size(); CCCryptorStatus status = CCRSACryptorSign(rsaKey.platformKey(), ccPKCS1Padding, digestData.data(), digestData.size(), digestAlgorithm, 0, signature.data(), &signatureSize); if (status) { promise->reject(nullptr); return; } signature.resize(signatureSize); promise->fulfill(signature); }