Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(94)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm.cc

Issue 1541213002: Adding OCSP Parser (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Moving Verify to end. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/signature_algorithm.h ('k') | net/data/parse_ocsp_unittest/annotate_test_data.py » ('j') | net/data/parse_ocsp_unittest/annotate_test_data.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/internal/signature_algorithm.h" 5 #include "net/cert/internal/signature_algorithm.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/numerics/safe_math.h" 9 #include "base/numerics/safe_math.h"
10 #include "net/der/input.h" 10 #include "net/der/input.h"
(...skipping 302 matching lines...) Expand 10 before | Expand all | Expand 10 after
313 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 } 313 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 }
314 // } 314 // }
315 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest, 315 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest,
316 const der::Input& params) { 316 const der::Input& params) {
317 if (!IsEmpty(params)) 317 if (!IsEmpty(params))
318 return nullptr; 318 return nullptr;
319 319
320 return SignatureAlgorithm::CreateEcdsa(digest); 320 return SignatureAlgorithm::CreateEcdsa(digest);
321 } 321 }
322 322
323 // Parses a HashAlgorithm as defined by RFC 5912:
324 //
325 // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM,
326 // {HashAlgorithms}}
327 //
328 // HashAlgorithms DIGEST-ALGORITHM ::= {
329 // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } |
330 // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } |
331 // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } |
332 // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } |
333 // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent }
334 // }
335 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input,
336 DigestAlgorithm* out) {
337 der::Input oid;
338 der::Input params;
339 if (!ParseAlgorithmIdentifier(input, &oid, &params))
340 return false;
341
342 DigestAlgorithm hash;
343
344 if (oid == der::Input(kOidSha1)) {
345 hash = DigestAlgorithm::Sha1;
346 } else if (oid == der::Input(kOidSha256)) {
347 hash = DigestAlgorithm::Sha256;
348 } else if (oid == der::Input(kOidSha384)) {
349 hash = DigestAlgorithm::Sha384;
350 } else if (oid == der::Input(kOidSha512)) {
351 hash = DigestAlgorithm::Sha512;
352 } else {
353 // Unsupported digest algorithm.
354 return false;
355 }
356
357 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say
358 // the can either be absent, or NULL.
359 if (!IsEmpty(params) && !IsNull(params))
360 return false;
361
362 *out = hash;
363 return true;
364 }
365
366 // Parses a MaskGenAlgorithm as defined by RFC 5912: 323 // Parses a MaskGenAlgorithm as defined by RFC 5912:
367 // 324 //
368 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM, 325 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM,
369 // {PKCS1MGFAlgorithms}} 326 // {PKCS1MGFAlgorithms}}
370 // 327 //
371 // mgf1SHA1 MaskGenAlgorithm ::= { 328 // mgf1SHA1 MaskGenAlgorithm ::= {
372 // algorithm id-mgf1, 329 // algorithm id-mgf1,
373 // parameters HashAlgorithm : sha1Identifier 330 // parameters HashAlgorithm : sha1Identifier
374 // } 331 // }
375 // 332 //
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after
531 // There must not be any unconsumed data left. (RFC 5912 does not explicitly 488 // There must not be any unconsumed data left. (RFC 5912 does not explicitly
532 // include an extensibility point for RSASSA-PSS-params) 489 // include an extensibility point for RSASSA-PSS-params)
533 if (params_parser.HasMore()) 490 if (params_parser.HasMore())
534 return nullptr; 491 return nullptr;
535 492
536 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); 493 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length);
537 } 494 }
538 495
539 } // namespace 496 } // namespace
540 497
498 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input,
499 DigestAlgorithm* out) {
500 der::Input oid;
501 der::Input params;
502 if (!ParseAlgorithmIdentifier(input, &oid, &params))
503 return false;
504
505 DigestAlgorithm hash;
506
507 if (oid == der::Input(kOidSha1)) {
508 hash = DigestAlgorithm::Sha1;
509 } else if (oid == der::Input(kOidSha256)) {
510 hash = DigestAlgorithm::Sha256;
511 } else if (oid == der::Input(kOidSha384)) {
512 hash = DigestAlgorithm::Sha384;
513 } else if (oid == der::Input(kOidSha512)) {
514 hash = DigestAlgorithm::Sha512;
515 } else {
516 // Unsupported digest algorithm.
517 return false;
518 }
519
520 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say
521 // the can either be absent, or NULL.
522 if (!IsEmpty(params) && !IsNull(params))
523 return false;
524
525 *out = hash;
526 return true;
527 }
528
541 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash, 529 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash,
542 uint32_t salt_length) 530 uint32_t salt_length)
543 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) { 531 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) {
544 } 532 }
545 533
546 SignatureAlgorithm::~SignatureAlgorithm() { 534 SignatureAlgorithm::~SignatureAlgorithm() {
547 } 535 }
548 536
549 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer( 537 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer(
550 const der::Input& algorithm_identifier) { 538 const der::Input& algorithm_identifier) {
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after
616 return nullptr; 604 return nullptr;
617 } 605 }
618 606
619 SignatureAlgorithm::SignatureAlgorithm( 607 SignatureAlgorithm::SignatureAlgorithm(
620 SignatureAlgorithmId algorithm, 608 SignatureAlgorithmId algorithm,
621 DigestAlgorithm digest, 609 DigestAlgorithm digest,
622 scoped_ptr<SignatureAlgorithmParameters> params) 610 scoped_ptr<SignatureAlgorithmParameters> params)
623 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} 611 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {}
624 612
625 } // namespace net 613 } // namespace net
OLDNEW
« net/cert/internal/parse_ocsp.cc ('K') | « net/cert/internal/signature_algorithm.h ('k') | net/data/parse_ocsp_unittest/annotate_test_data.py » ('j') | net/data/parse_ocsp_unittest/annotate_test_data.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698