25 #include "ndn-cxx/security/impl/openssl-helper.hpp"
27 #include <boost/lexical_cast.hpp>
33 class VerifierFilter::Impl
37 Impl(span<const uint8_t>
sig)
44 span<const uint8_t>
sig;
49 : m_impl(make_unique<Impl>(
sig))
50 , m_keyType(key.getKeyType())
52 init(algo, key.getEvpPkey());
56 : m_impl(make_unique<Impl>(
sig))
57 , m_keyType(key.getKeyType())
62 init(algo, key.getEvpPkey());
70 const EVP_MD* md = detail::digestAlgorithmToEvpMd(algo);
73 boost::lexical_cast<std::string>(algo)));
77 ret = EVP_DigestSignInit(m_impl->ctx,
nullptr, md,
nullptr,
reinterpret_cast<EVP_PKEY*
>(pkey));
79 ret = EVP_DigestVerifyInit(m_impl->ctx,
nullptr, md,
nullptr,
reinterpret_cast<EVP_PKEY*
>(pkey));
83 boost::lexical_cast<std::string>(algo) +
" digest and " +
84 boost::lexical_cast<std::string>(m_keyType) +
" key"));
88 VerifierFilter::convert(span<const uint8_t> buf)
92 ret = EVP_DigestSignUpdate(m_impl->ctx, buf.data(), buf.size());
94 ret = EVP_DigestVerifyUpdate(m_impl->ctx, buf.data(), buf.size());
103 VerifierFilter::finalize()
107 auto hmacBuf = make_unique<OBuffer>(EVP_MAX_MD_SIZE);
110 if (EVP_DigestSignFinal(m_impl->ctx, hmacBuf->data(), &hmacLen) != 1)
113 ok = CRYPTO_memcmp(hmacBuf->data(), m_impl->sig.data(), std::min(hmacLen, m_impl->sig.size())) == 0;
116 ok = EVP_DigestVerifyFinal(m_impl->ctx, m_impl->sig.data(), m_impl->sig.size()) == 1;
119 auto buffer = make_unique<OBuffer>(1);
120 (*buffer)[0] = ok ? 1 : 0;
126 unique_ptr<Transform>
129 return make_unique<VerifierFilter>(algo, key,
sig);
132 unique_ptr<Transform>
135 return make_unique<VerifierFilter>(algo, key,
sig);
@ HMAC
HMAC key, supports sign/verify operations.
span< const uint8_t > sig