Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(313)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm.cc

Issue 1541213002: Adding OCSP Parser (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix serial number parsing. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/signature_algorithm.h ('k') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('j') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/signature_algorithm.h" 5 #include "net/cert/internal/signature_algorithm.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/numerics/safe_math.h" 9 #include "base/numerics/safe_math.h"
10 #include "net/der/input.h" 10 #include "net/der/input.h"
(...skipping 301 matching lines...) Expand 10 before | Expand all | Expand 10 after
312 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 } 312 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 }
313 // } 313 // }
314 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest, 314 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest,
315 const der::Input& params) { 315 const der::Input& params) {
316 if (!IsEmpty(params)) 316 if (!IsEmpty(params))
317 return nullptr; 317 return nullptr;
318 318
319 return SignatureAlgorithm::CreateEcdsa(digest); 319 return SignatureAlgorithm::CreateEcdsa(digest);
320 } 320 }
321 321
322 // Parses a HashAlgorithm as defined by RFC 5912:
323 //
324 // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM,
325 // {HashAlgorithms}}
326 //
327 // HashAlgorithms DIGEST-ALGORITHM ::= {
328 // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } |
329 // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } |
330 // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } |
331 // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } |
332 // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent }
333 // }
334 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input,
335 DigestAlgorithm* out) {
336 der::Input oid;
337 der::Input params;
338 if (!ParseAlgorithmIdentifier(input, &oid, &params))
339 return false;
340
341 DigestAlgorithm hash;
342
343 if (oid == der::Input(kOidSha1)) {
344 hash = DigestAlgorithm::Sha1;
345 } else if (oid == der::Input(kOidSha256)) {
346 hash = DigestAlgorithm::Sha256;
347 } else if (oid == der::Input(kOidSha384)) {
348 hash = DigestAlgorithm::Sha384;
349 } else if (oid == der::Input(kOidSha512)) {
350 hash = DigestAlgorithm::Sha512;
351 } else {
352 // Unsupported digest algorithm.
353 return false;
354 }
355
356 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say
357 // the can either be absent, or NULL.
358 if (!IsEmpty(params) && !IsNull(params))
359 return false;
360
361 *out = hash;
362 return true;
363 }
364
365 // Parses a MaskGenAlgorithm as defined by RFC 5912: 322 // Parses a MaskGenAlgorithm as defined by RFC 5912:
366 // 323 //
367 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM, 324 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM,
368 // {PKCS1MGFAlgorithms}} 325 // {PKCS1MGFAlgorithms}}
369 // 326 //
370 // mgf1SHA1 MaskGenAlgorithm ::= { 327 // mgf1SHA1 MaskGenAlgorithm ::= {
371 // algorithm id-mgf1, 328 // algorithm id-mgf1,
372 // parameters HashAlgorithm : sha1Identifier 329 // parameters HashAlgorithm : sha1Identifier
373 // } 330 // }
374 // 331 //
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after
530 // There must not be any unconsumed data left. (RFC 5912 does not explicitly 487 // There must not be any unconsumed data left. (RFC 5912 does not explicitly
531 // include an extensibility point for RSASSA-PSS-params) 488 // include an extensibility point for RSASSA-PSS-params)
532 if (params_parser.HasMore()) 489 if (params_parser.HasMore())
533 return nullptr; 490 return nullptr;
534 491
535 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); 492 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length);
536 } 493 }
537 494
538 } // namespace 495 } // namespace
539 496
497 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input,
498 DigestAlgorithm* out) {
499 der::Input oid;
500 der::Input params;
501 if (!ParseAlgorithmIdentifier(input, &oid, &params))
502 return false;
503
504 DigestAlgorithm hash;
505
506 if (oid == der::Input(kOidSha1)) {
507 hash = DigestAlgorithm::Sha1;
508 } else if (oid == der::Input(kOidSha256)) {
509 hash = DigestAlgorithm::Sha256;
510 } else if (oid == der::Input(kOidSha384)) {
511 hash = DigestAlgorithm::Sha384;
512 } else if (oid == der::Input(kOidSha512)) {
513 hash = DigestAlgorithm::Sha512;
514 } else {
515 // Unsupported digest algorithm.
516 return false;
517 }
518
519 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say
520 // the can either be absent, or NULL.
521 if (!IsEmpty(params) && !IsNull(params))
522 return false;
523
524 *out = hash;
525 return true;
526 }
527
540 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash, 528 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash,
541 uint32_t salt_length) 529 uint32_t salt_length)
542 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) { 530 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) {
543 } 531 }
544 532
545 SignatureAlgorithm::~SignatureAlgorithm() { 533 SignatureAlgorithm::~SignatureAlgorithm() {
546 } 534 }
547 535
548 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer( 536 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer(
549 const der::Input& algorithm_identifier) { 537 const der::Input& algorithm_identifier) {
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
615 return nullptr; 603 return nullptr;
616 } 604 }
617 605
618 SignatureAlgorithm::SignatureAlgorithm( 606 SignatureAlgorithm::SignatureAlgorithm(
619 SignatureAlgorithmId algorithm, 607 SignatureAlgorithmId algorithm,
620 DigestAlgorithm digest, 608 DigestAlgorithm digest,
621 scoped_ptr<SignatureAlgorithmParameters> params) 609 scoped_ptr<SignatureAlgorithmParameters> params)
622 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} 610 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {}
623 611
624 } // namespace net 612 } // namespace net
OLDNEW
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/signature_algorithm.h ('k') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('j') | net/data/parse_ocsp_unittest/bad_ocsp_type.pem » ('J')

Powered by Google App Engine
This is Rietveld 408576698