Chromium Code Reviews Chromium Code Reviews
Issue 1223763002:
Recognize the legacy OID 1.3.14.3.2.29 (sha1WithRSASignature) as equivalent to (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@sign_parse_alg| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/internal/signature_algorithm.h" | 5 #include "net/cert/internal/signature_algorithm.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "net/der/input.h" | 9 #include "net/der/input.h" |
| 10 #include "net/der/parser.h" | 10 #include "net/der/parser.h" |
| 11 | 11 |
| 12 namespace net { | 12 namespace net { |
| 13 | 13 |
| 14 namespace { | 14 namespace { |
| 15 | 15 |
| 16 // From RFC 3279 section 2.2.1: | 16 // From RFC 3279 section 2.2.1: |
| 17 // sha-1WithRSAEncryption OBJECT IDENTIFIER ::= { | 17 // sha-1WithRSAEncryption OBJECT IDENTIFIER ::= { |
| 18 // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) | 18 // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) |
| 19 // pkcs-1(1) 5 } | 19 // pkcs-1(1) 5 } |
| 20 // In dotted notation: 1.2.840.113549.1.1.5 | 20 // In dotted notation: 1.2.840.113549.1.1.5 |
| 21 const uint8_t kOidSha1WithRsaEncryption[] = | 21 const uint8_t kOidSha1WithRsaEncryption[] = |
| 22 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05}; | 22 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05}; |
| 23 | 23 |
| 24 // sha1WithRSASignature is a deprecated equivalent of | |
| 25 // sha-1WithRSAEncryption. | |
| 26 // | |
| 27 // It originates from the NIST Open Systems Environment (OSE) | |
| 28 // Implementor's Workshop (OIW). | |
| 29 // | |
| 30 // It is supported for compatibility with Microsoft products such as | |
| 31 // Fiddler, which depend on certificates containing this OID. | |
|
Ryan Sleevi
2015/07/06 14:41:08
Fiddler is not a Microsoft product.
// It is supp
eroman
2015/07/06 22:53:25
Done.
| |
| 32 // | |
| 33 // See also: https://bugzilla.mozilla.org/show_bug.cgi?id=1042479 | |
| 34 // | |
| 35 // In dotted notation: 1.3.14.3.2.29 | |
| 36 const uint8_t kOidSha1WithRsaSignature[] = {0x2b, 0x0e, 0x03, 0x02, 0x1d}; | |
| 37 | |
| 24 // From RFC 4055 section 6: | 38 // From RFC 4055 section 6: |
| 25 // pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) | 39 // pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) |
| 26 // us(840) rsadsi(113549) pkcs(1) 1 } | 40 // us(840) rsadsi(113549) pkcs(1) 1 } |
| 27 | 41 |
| 28 // From RFC 4055 section 5: | 42 // From RFC 4055 section 5: |
| 29 // sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 } | 43 // sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 } |
| 30 // In dotted notation: 1.2.840.113549.1.1.11 | 44 // In dotted notation: 1.2.840.113549.1.1.11 |
| 31 const uint8_t kOidSha256WithRsaEncryption[] = | 45 const uint8_t kOidSha256WithRsaEncryption[] = |
| 32 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b}; | 46 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b}; |
| 33 | 47 |
| (...skipping 242 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 276 | 290 |
| 277 if (oid.Equals(der::Input(kOidEcdsaWithSha384))) | 291 if (oid.Equals(der::Input(kOidEcdsaWithSha384))) |
| 278 return ParseEcdsa(DigestAlgorithm::Sha384, params, this); | 292 return ParseEcdsa(DigestAlgorithm::Sha384, params, this); |
| 279 | 293 |
| 280 if (oid.Equals(der::Input(kOidEcdsaWithSha512))) | 294 if (oid.Equals(der::Input(kOidEcdsaWithSha512))) |
| 281 return ParseEcdsa(DigestAlgorithm::Sha512, params, this); | 295 return ParseEcdsa(DigestAlgorithm::Sha512, params, this); |
| 282 | 296 |
| 283 if (oid.Equals(der::Input(kOidRsaSsaPss))) | 297 if (oid.Equals(der::Input(kOidRsaSsaPss))) |
| 284 return ParseRsaPss(params, this); | 298 return ParseRsaPss(params, this); |
| 285 | 299 |
| 300 if (oid.Equals(der::Input(kOidSha1WithRsaSignature))) | |
| 301 return ParseRsaPkcs1(DigestAlgorithm::Sha1, params, this); | |
| 302 | |
| 286 return false; // Unsupported OID. | 303 return false; // Unsupported OID. |
| 287 } | 304 } |
| 288 | 305 |
| 289 void SignatureAlgorithm::AssignRsaPkcs1(DigestAlgorithm digest) { | 306 void SignatureAlgorithm::AssignRsaPkcs1(DigestAlgorithm digest) { |
| 290 algorithm_ = SignatureAlgorithmId::RsaPkcs1; | 307 algorithm_ = SignatureAlgorithmId::RsaPkcs1; |
| 291 digest_ = digest; | 308 digest_ = digest; |
| 292 params_.reset(); | 309 params_.reset(); |
| 293 } | 310 } |
| 294 | 311 |
| 295 void SignatureAlgorithm::AssignEcdsa(DigestAlgorithm digest) { | 312 void SignatureAlgorithm::AssignEcdsa(DigestAlgorithm digest) { |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 328 return nullptr; | 345 return nullptr; |
| 329 } | 346 } |
| 330 | 347 |
| 331 void SignatureAlgorithm::AssignInvalid() { | 348 void SignatureAlgorithm::AssignInvalid() { |
| 332 algorithm_ = static_cast<SignatureAlgorithmId>(-1); | 349 algorithm_ = static_cast<SignatureAlgorithmId>(-1); |
| 333 digest_ = static_cast<DigestAlgorithm>(-1); | 350 digest_ = static_cast<DigestAlgorithm>(-1); |
| 334 params_.reset(); | 351 params_.reset(); |
| 335 } | 352 } |
| 336 | 353 |
| 337 } // namespace net | 354 } // namespace net |
| OLD | NEW |
