Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(388)

Unified Diff: net/third_party/nss/ssl/sslplatf.c

Issue 14772023: Implement TLS 1.2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Remove an incorrect assertion I added Created 7 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: net/third_party/nss/ssl/sslplatf.c
===================================================================
--- net/third_party/nss/ssl/sslplatf.c (revision 199250)
+++ net/third_party/nss/ssl/sslplatf.c (working copy)
@@ -125,11 +125,34 @@
buf->data = NULL;
+ switch (hash->hashAlg) {
+ case SEC_OID_UNKNOWN:
+ hashAlg = 0;
+ break;
+ case SEC_OID_SHA1:
+ hashAlg = CALG_SHA1;
+ break;
+ case SEC_OID_SHA256:
+ hashAlg = CALG_SHA_256;
+ break;
+ case SEC_OID_SHA384:
+ hashAlg = CALG_SHA_384;
+ break;
+ case SEC_OID_SHA512:
+ hashAlg = CALG_SHA_512;
+ break;
+ default:
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM);
+ return SECFailure;
+ }
+
switch (keyType) {
case rsaKey:
- hashAlg = CALG_SSL3_SHAMD5;
- hashItem.data = hash->md5;
- hashItem.len = sizeof(SSL3Hashes);
+ if (hashAlg == 0) {
+ hashAlg = CALG_SSL3_SHAMD5;
+ }
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
break;
case dsaKey:
case ecKey:
@@ -138,9 +161,14 @@
} else {
doDerEncode = isTLS;
}
- hashAlg = CALG_SHA1;
- hashItem.data = hash->sha;
- hashItem.len = sizeof(hash->sha);
+ if (hashAlg == 0) {
+ hashAlg = CALG_SHA1;
+ hashItem.data = hash->u.s.sha;
+ hashItem.len = sizeof(hash->u.s.sha);
+ } else {
+ hashItem.data = hash->u.raw;
+ hashItem.len = hash->len;
+ }
break;
default:
PORT_SetError(SEC_ERROR_INVALID_KEY);
@@ -268,11 +296,36 @@
goto done; /* error code was set. */
sigAlg = cssmKey->KeyHeader.AlgorithmId;
+ if (keyType == rsaKey) {
+ switch (hash->hashAlg) {
+ case SEC_OID_UNKNOWN:
+ PORT_Assert(sigAlg == CSSM_ALGID_RSA);
+ break;
+ case SEC_OID_SHA1:
+ sigAlg = CSSM_ALGID_SHA1WithRSA;
+ break;
+ case SEC_OID_SHA224:
+ sigAlg = CSSM_ALGID_SHA224WithRSA;
+ break;
+ case SEC_OID_SHA256:
+ sigAlg = CSSM_ALGID_SHA256WithRSA;
+ break;
+ case SEC_OID_SHA384:
+ sigAlg = CSSM_ALGID_SHA384WithRSA;
+ break;
+ case SEC_OID_SHA512:
+ sigAlg = CSSM_ALGID_SHA512WithRSA;
+ break;
+ default:
+ PORT_SetError(SSL_ERROR_UNSUPPORTED_HASH_ALGORITHM);
+ goto done;
+ }
+ }
+
switch (keyType) {
case rsaKey:
- PORT_Assert(sigAlg == CSSM_ALGID_RSA);
- hashData.Data = hash->md5;
- hashData.Length = sizeof(SSL3Hashes);
+ hashData.Data = hash->u.raw;
+ hashData.Length = hash->len;
break;
case dsaKey:
case ecKey:
@@ -283,8 +336,13 @@
PORT_Assert(sigAlg == CSSM_ALGID_DSA);
doDerEncode = isTLS;
}
- hashData.Data = hash->sha;
- hashData.Length = sizeof(hash->sha);
+ if (hash->hashAlg == SEC_OID_UNKNOWN) {
+ hashData.Data = hash->u.s.sha;
+ hashData.Length = sizeof(hash->u.s.sha);
+ } else {
+ hashData.Data = hash->u.raw;
+ hashData.Length = hash->len;
+ }
break;
default:
PORT_SetError(SEC_ERROR_INVALID_KEY);

Powered by Google App Engine
This is Rietveld 408576698