Google Git
Sign in
boringssl / boringssl.git / 8d19c850d4dbde4bd7ece463c3b3f3685571a779 / . / pki / verify_signed_data.h
blob: 27b5af51a2b248f012b245ae6492ad7e89ed0207 [file] [log] [blame]
Bob Beckbc97b7a2023-04-18 08:35:15 -0600[diff] [blame]1// Copyright 2015 The Chromium Authors
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef BSSL_PKI_VERIFY_SIGNED_DATA_H_
6#define BSSL_PKI_VERIFY_SIGNED_DATA_H_
7
8#include "fillins/openssl_util.h"
9#include "fillins/openssl_util.h"
10
11#include "signature_algorithm.h"
12#include "signature_verify_cache.h"
13#include <openssl/evp.h>
14
15namespace bssl {
16
17namespace der {
18class BitString;
19class Input;
20} // namespace der
21
22// Verifies that |signature_value| is a valid signature of |signed_data| using
23// the algorithm |algorithm| and the public key |public_key|.
24//
25// |algorithm| - The parsed AlgorithmIdentifier
26// |signed_data| - The blob of data to verify
27// |signature_value| - The BIT STRING for the signature's value
28// |public_key| - The parsed (non-null) public key.
29//
30// Returns true if verification was successful.
31[[nodiscard]] OPENSSL_EXPORT bool VerifySignedData(
32 SignatureAlgorithm algorithm,
33 const der::Input& signed_data,
34 const der::BitString& signature_value,
35 EVP_PKEY* public_key,
36 SignatureVerifyCache* cache);
37
38// Same as above overload, only the public key is inputted as an SPKI and will
39// be parsed internally.
40[[nodiscard]] OPENSSL_EXPORT bool VerifySignedData(
41 SignatureAlgorithm algorithm,
42 const der::Input& signed_data,
43 const der::BitString& signature_value,
44 const der::Input& public_key_spki,
45 SignatureVerifyCache* cache);
46
47[[nodiscard]] OPENSSL_EXPORT bool ParsePublicKey(
48 const der::Input& public_key_spki,
49 bssl::UniquePtr<EVP_PKEY>* public_key);
50
51} // namespace net
52
53#endif // BSSL_PKI_VERIFY_SIGNED_DATA_H_