Index: net/cert/internal/signature_algorithm.cc |
diff --git a/net/cert/internal/signature_algorithm.cc b/net/cert/internal/signature_algorithm.cc |
index 4ea2e390d598efd3cceceb18291901fc0b2ed181..2a4ce7678fbf0bc4ff664d9fd93de8f589c64585 100644 |
--- a/net/cert/internal/signature_algorithm.cc |
+++ b/net/cert/internal/signature_algorithm.cc |
@@ -21,6 +21,20 @@ namespace { |
const uint8_t kOidSha1WithRsaEncryption[] = |
{0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05}; |
+// sha1WithRSASignature is a deprecated equivalent of |
+// sha-1WithRSAEncryption. |
+// |
+// It originates from the NIST Open Systems Environment (OSE) |
+// Implementor's Workshop (OIW). |
+// |
+// It is supported for compatibility with Microsoft products such as |
+// Fiddler, which depend on certificates containing this OID. |
Ryan Sleevi
2015/07/06 14:41:08
Fiddler is not a Microsoft product.
// It is supp
eroman
2015/07/06 22:53:25
Done.
|
+// |
+// See also: https://bugzilla.mozilla.org/show_bug.cgi?id=1042479 |
+// |
+// In dotted notation: 1.3.14.3.2.29 |
+const uint8_t kOidSha1WithRsaSignature[] = {0x2b, 0x0e, 0x03, 0x02, 0x1d}; |
+ |
// From RFC 4055 section 6: |
// pkcs-1 OBJECT IDENTIFIER ::= { iso(1) member-body(2) |
// us(840) rsadsi(113549) pkcs(1) 1 } |
@@ -283,6 +297,9 @@ bool SignatureAlgorithm::ParseDer(const der::Input& algorithm_identifier) { |
if (oid.Equals(der::Input(kOidRsaSsaPss))) |
return ParseRsaPss(params, this); |
+ if (oid.Equals(der::Input(kOidSha1WithRsaSignature))) |
+ return ParseRsaPkcs1(DigestAlgorithm::Sha1, params, this); |
+ |
return false; // Unsupported OID. |
} |