OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/internal/signature_algorithm.h" | 5 #include "net/cert/internal/signature_algorithm.h" |
6 | 6 |
7 #include <utility> | 7 #include <utility> |
8 | 8 |
9 #include "base/numerics/safe_math.h" | 9 #include "base/numerics/safe_math.h" |
10 #include "net/der/input.h" | 10 #include "net/der/input.h" |
(...skipping 303 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
314 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 } | 314 // SMIME-CAPS { IDENTIFIED BY ecdsa-with-SHA512 } |
315 // } | 315 // } |
316 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest, | 316 scoped_ptr<SignatureAlgorithm> ParseEcdsa(DigestAlgorithm digest, |
317 const der::Input& params) { | 317 const der::Input& params) { |
318 if (!IsEmpty(params)) | 318 if (!IsEmpty(params)) |
319 return nullptr; | 319 return nullptr; |
320 | 320 |
321 return SignatureAlgorithm::CreateEcdsa(digest); | 321 return SignatureAlgorithm::CreateEcdsa(digest); |
322 } | 322 } |
323 | 323 |
324 // Parses a HashAlgorithm as defined by RFC 5912: | |
325 // | |
326 // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM, | |
327 // {HashAlgorithms}} | |
328 // | |
329 // HashAlgorithms DIGEST-ALGORITHM ::= { | |
330 // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } | | |
331 // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } | | |
332 // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } | | |
333 // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } | | |
334 // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent } | |
335 // } | |
336 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input, | |
337 DigestAlgorithm* out) { | |
338 der::Input oid; | |
339 der::Input params; | |
340 if (!ParseAlgorithmIdentifier(input, &oid, ¶ms)) | |
341 return false; | |
342 | |
343 DigestAlgorithm hash; | |
344 | |
345 if (oid == der::Input(kOidSha1)) { | |
346 hash = DigestAlgorithm::Sha1; | |
347 } else if (oid == der::Input(kOidSha256)) { | |
348 hash = DigestAlgorithm::Sha256; | |
349 } else if (oid == der::Input(kOidSha384)) { | |
350 hash = DigestAlgorithm::Sha384; | |
351 } else if (oid == der::Input(kOidSha512)) { | |
352 hash = DigestAlgorithm::Sha512; | |
353 } else { | |
354 // Unsupported digest algorithm. | |
355 return false; | |
356 } | |
357 | |
358 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say | |
359 // the can either be absent, or NULL. | |
360 if (!IsEmpty(params) && !IsNull(params)) | |
361 return false; | |
362 | |
363 *out = hash; | |
364 return true; | |
365 } | |
366 | |
367 // Parses a MaskGenAlgorithm as defined by RFC 5912: | 324 // Parses a MaskGenAlgorithm as defined by RFC 5912: |
368 // | 325 // |
369 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM, | 326 // MaskGenAlgorithm ::= AlgorithmIdentifier{ALGORITHM, |
370 // {PKCS1MGFAlgorithms}} | 327 // {PKCS1MGFAlgorithms}} |
371 // | 328 // |
372 // mgf1SHA1 MaskGenAlgorithm ::= { | 329 // mgf1SHA1 MaskGenAlgorithm ::= { |
373 // algorithm id-mgf1, | 330 // algorithm id-mgf1, |
374 // parameters HashAlgorithm : sha1Identifier | 331 // parameters HashAlgorithm : sha1Identifier |
375 // } | 332 // } |
376 // | 333 // |
(...skipping 155 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
532 // There must not be any unconsumed data left. (RFC 5912 does not explicitly | 489 // There must not be any unconsumed data left. (RFC 5912 does not explicitly |
533 // include an extensibility point for RSASSA-PSS-params) | 490 // include an extensibility point for RSASSA-PSS-params) |
534 if (params_parser.HasMore()) | 491 if (params_parser.HasMore()) |
535 return nullptr; | 492 return nullptr; |
536 | 493 |
537 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); | 494 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); |
538 } | 495 } |
539 | 496 |
540 } // namespace | 497 } // namespace |
541 | 498 |
| 499 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input, |
| 500 DigestAlgorithm* out) { |
| 501 der::Input oid; |
| 502 der::Input params; |
| 503 if (!ParseAlgorithmIdentifier(input, &oid, ¶ms)) |
| 504 return false; |
| 505 |
| 506 DigestAlgorithm hash; |
| 507 |
| 508 if (oid == der::Input(kOidSha1)) { |
| 509 hash = DigestAlgorithm::Sha1; |
| 510 } else if (oid == der::Input(kOidSha256)) { |
| 511 hash = DigestAlgorithm::Sha256; |
| 512 } else if (oid == der::Input(kOidSha384)) { |
| 513 hash = DigestAlgorithm::Sha384; |
| 514 } else if (oid == der::Input(kOidSha512)) { |
| 515 hash = DigestAlgorithm::Sha512; |
| 516 } else { |
| 517 // Unsupported digest algorithm. |
| 518 return false; |
| 519 } |
| 520 |
| 521 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say |
| 522 // the can either be absent, or NULL. |
| 523 if (!IsEmpty(params) && !IsNull(params)) |
| 524 return false; |
| 525 |
| 526 *out = hash; |
| 527 return true; |
| 528 } |
| 529 |
542 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash, | 530 RsaPssParameters::RsaPssParameters(DigestAlgorithm mgf1_hash, |
543 uint32_t salt_length) | 531 uint32_t salt_length) |
544 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) { | 532 : mgf1_hash_(mgf1_hash), salt_length_(salt_length) { |
545 } | 533 } |
546 | 534 |
547 SignatureAlgorithm::~SignatureAlgorithm() { | 535 SignatureAlgorithm::~SignatureAlgorithm() { |
548 } | 536 } |
549 | 537 |
550 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer( | 538 scoped_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateFromDer( |
551 const der::Input& algorithm_identifier) { | 539 const der::Input& algorithm_identifier) { |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
617 return nullptr; | 605 return nullptr; |
618 } | 606 } |
619 | 607 |
620 SignatureAlgorithm::SignatureAlgorithm( | 608 SignatureAlgorithm::SignatureAlgorithm( |
621 SignatureAlgorithmId algorithm, | 609 SignatureAlgorithmId algorithm, |
622 DigestAlgorithm digest, | 610 DigestAlgorithm digest, |
623 scoped_ptr<SignatureAlgorithmParameters> params) | 611 scoped_ptr<SignatureAlgorithmParameters> params) |
624 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} | 612 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} |
625 | 613 |
626 } // namespace net | 614 } // namespace net |
OLD | NEW |