Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(63)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/dnssec_keyset.cc

Issue 6805019: Move crypto files out of base, to a top level directory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Fixes comments by eroman Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/base/dnssec_keyset.h ('k') | net/base/keygen_handler.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/base/dnssec_keyset.h" 5 #include "net/base/dnssec_keyset.h"
6 6
7 #include <cryptohi.h> 7 #include <cryptohi.h>
8 #include <cryptoht.h> 8 #include <cryptoht.h>
9 #include <keyhi.h> 9 #include <keyhi.h>
10 10
11 #include "base/logging.h" 11 #include "base/logging.h"
12 #include "base/memory/scoped_ptr.h" 12 #include "base/memory/scoped_ptr.h"
13 #include "base/nss_util.h"
14 #include "base/time.h" 13 #include "base/time.h"
14 #include "crypto/nss_util.h"
15 #include "net/base/dns_util.h" 15 #include "net/base/dns_util.h"
16 16
17 namespace { 17 namespace {
18 18
19 // These are encoded AlgorithmIdentifiers for the given signature algorithm. 19 // These are encoded AlgorithmIdentifiers for the given signature algorithm.
20 const unsigned char kRSAWithSHA1[] = { 20 const unsigned char kRSAWithSHA1[] = {
21 0x30, 0xd, 0x6, 0x9, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0xd, 0x1, 0x1, 0x5, 5, 0 21 0x30, 0xd, 0x6, 0x9, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0xd, 0x1, 0x1, 0x5, 5, 0
22 }; 22 };
23 23
24 const unsigned char kRSAWithSHA256[] = { 24 const unsigned char kRSAWithSHA256[] = {
(...skipping 161 matching lines...) Expand 10 before | Expand all | Expand 10 after
186 void DNSSECKeySet::IgnoreTimestamps() { 186 void DNSSECKeySet::IgnoreTimestamps() {
187 ignore_timestamps_ = true; 187 ignore_timestamps_ = true;
188 } 188 }
189 189
190 bool DNSSECKeySet::VerifySignature( 190 bool DNSSECKeySet::VerifySignature(
191 base::StringPiece signature_algorithm, 191 base::StringPiece signature_algorithm,
192 base::StringPiece signature, 192 base::StringPiece signature,
193 base::StringPiece public_key, 193 base::StringPiece public_key,
194 base::StringPiece signed_data) { 194 base::StringPiece signed_data) {
195 // This code is largely a copy-and-paste from 195 // This code is largely a copy-and-paste from
196 // base/crypto/signature_verifier_nss.cc. We can't change 196 // crypto/signature_verifier_nss.cc. We can't change
197 // base::SignatureVerifier to always use NSS because we want the ability to 197 // crypto::SignatureVerifier to always use NSS because we want the ability to
198 // be FIPS 140-2 compliant. However, we can't use base::SignatureVerifier 198 // be FIPS 140-2 compliant. However, we can't use crypto::SignatureVerifier
199 // here because some platforms don't support SHA256 signatures. Therefore, we 199 // here because some platforms don't support SHA256 signatures. Therefore, we
200 // use NSS directly. 200 // use NSS directly.
201 201
202 base::EnsureNSSInit(); 202 crypto::EnsureNSSInit();
203 203
204 CERTSubjectPublicKeyInfo* spki = NULL; 204 CERTSubjectPublicKeyInfo* spki = NULL;
205 SECItem spki_der; 205 SECItem spki_der;
206 spki_der.type = siBuffer; 206 spki_der.type = siBuffer;
207 spki_der.data = (uint8*) public_key.data(); 207 spki_der.data = (uint8*) public_key.data();
208 spki_der.len = public_key.size(); 208 spki_der.len = public_key.size();
209 spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_der); 209 spki = SECKEY_DecodeDERSubjectPublicKeyInfo(&spki_der);
210 if (!spki) 210 if (!spki)
211 return false; 211 return false;
212 SECKEYPublicKey* pub_key = SECKEY_ExtractPublicKey(spki); 212 SECKEYPublicKey* pub_key = SECKEY_ExtractPublicKey(spki);
(...skipping 238 matching lines...) Expand 10 before | Expand all | Expand 10 after
451 out[j++] = exp >> (8 * i); 451 out[j++] = exp >> (8 * i);
452 length--; 452 length--;
453 } 453 }
454 454
455 DCHECK_EQ(0u, length); 455 DCHECK_EQ(0u, length);
456 456
457 return std::string(reinterpret_cast<char*>(out.get()), j); 457 return std::string(reinterpret_cast<char*>(out.get()), j);
458 } 458 }
459 459
460 } // namespace net 460 } // namespace net
OLDNEW
« no previous file with comments | « net/base/dnssec_keyset.h ('k') | net/base/keygen_handler.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698