25 #include "ndn-cxx/security/impl/openssl-helper.hpp"
27 #include <boost/lexical_cast.hpp>
31 class VerifierFilter::Impl
35 Impl(span<const uint8_t>
sig)
42 span<const uint8_t>
sig;
47 : m_impl(make_unique<Impl>(
sig))
48 , m_keyType(key.getKeyType())
50 init(algo, key.getEvpPkey());
54 : m_impl(make_unique<Impl>(
sig))
55 , m_keyType(key.getKeyType())
60 init(algo, key.getEvpPkey());
68 const EVP_MD* md = detail::digestAlgorithmToEvpMd(algo);
71 boost::lexical_cast<std::string>(algo)));
75 ret = EVP_DigestSignInit(m_impl->ctx,
nullptr, md,
nullptr,
reinterpret_cast<EVP_PKEY*
>(pkey));
77 ret = EVP_DigestVerifyInit(m_impl->ctx,
nullptr, md,
nullptr,
reinterpret_cast<EVP_PKEY*
>(pkey));
81 boost::lexical_cast<std::string>(algo) +
" digest and " +
82 boost::lexical_cast<std::string>(m_keyType) +
" key"));
86 VerifierFilter::convert(span<const uint8_t> buf)
90 ret = EVP_DigestSignUpdate(m_impl->ctx, buf.data(), buf.size());
92 ret = EVP_DigestVerifyUpdate(m_impl->ctx, buf.data(), buf.size());
101 VerifierFilter::finalize()
105 auto hmacBuf = make_unique<OBuffer>(EVP_MAX_MD_SIZE);
106 size_t hmacLen = EVP_MAX_MD_SIZE;
108 if (EVP_DigestSignFinal(m_impl->ctx, hmacBuf->data(), &hmacLen) != 1)
111 ok = CRYPTO_memcmp(hmacBuf->data(), m_impl->sig.data(), std::min(hmacLen, m_impl->sig.size())) == 0;
114 ok = EVP_DigestVerifyFinal(m_impl->ctx, m_impl->sig.data(), m_impl->sig.size()) == 1;
117 auto buffer = make_unique<OBuffer>(1);
118 (*buffer)[0] = ok ? 1 : 0;
124 unique_ptr<Transform>
127 return make_unique<VerifierFilter>(algo, key,
sig);
130 unique_ptr<Transform>
133 return make_unique<VerifierFilter>(algo, key,
sig);
@ HMAC
HMAC key, supports sign/verify operations.
span< const uint8_t > sig