in kmsp11/operation/kms_digesting_signer.cc [34:71]
absl::Status KmsDigestingSigner::Sign(KmsClient* client,
absl::Span<const uint8_t> data,
absl::Span<uint8_t> signature) {
if (md_ctx_) {
return FailedPreconditionError(
"Sign cannot be used to terminate a multi-part signing operation",
CKR_FUNCTION_FAILED, SOURCE_LOCATION);
}
const size_t md_size = EVP_MD_size(md_);
std::vector<uint8_t> evp_digest(md_size);
unsigned int digest_len;
bssl::UniquePtr<EVP_MD_CTX> ctx(EVP_MD_CTX_new());
if (EVP_Digest(data.data(), data.size(), evp_digest.data(), &digest_len, md_,
nullptr) != 1) {
return NewInternalError(
absl::StrFormat(
"failed while computing EVP digest with digest size %d: %s",
md_size, SslErrorToString()),
SOURCE_LOCATION);
}
if (digest_len != md_size) {
return NewInternalError(
absl::StrFormat(
"computed digest has incorrect size (got %d, want %d): %s",
digest_len, md_size, SslErrorToString()),
SOURCE_LOCATION);
}
if (IsRawRsaAlgorithm(object()->algorithm().algorithm)) {
ASSIGN_OR_RETURN(std::vector<uint8_t> digest_info,
BuildRsaDigestInfo(EVP_MD_type(md_), evp_digest));
return inner_signer_->Sign(client, digest_info, signature);
}
return inner_signer_->Sign(client, evp_digest, signature);
}