Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(193)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: components/update_client/client_update_protocol_ecdsa.cc

Issue 1685323002: Implement CUP signing in UpdateClient. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase and remove duplicated code comment. Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « components/update_client/client_update_protocol_ecdsa.h ('k') | components/update_client/client_update_protocol_ecdsa_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: components/update_client/client_update_protocol_ecdsa.cc
diff --git a/components/update_client/client_update_protocol_ecdsa.cc b/components/update_client/client_update_protocol_ecdsa.cc
index 499ece735ebc75b22ddb76beb5b533e58e4f6d43..8479ceb03fb64a89ebaa324f7a18e63ac89f24ba 100644
--- a/components/update_client/client_update_protocol_ecdsa.cc
+++ b/components/update_client/client_update_protocol_ecdsa.cc
@@ -5,6 +5,7 @@
#include "components/update_client/client_update_protocol_ecdsa.h"
#include "base/logging.h"
+#include "base/macros.h"
#include "base/memory/scoped_ptr.h"
#include "base/strings/string_number_conversions.h"
#include "base/strings/string_piece.h"
@@ -14,6 +15,8 @@
#include "crypto/sha2.h"
#include "crypto/signature_verifier.h"
+namespace update_client {
+
namespace {
// This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT.
@@ -46,7 +49,7 @@ std::vector<uint8_t> SHA256HashVec(const std::vector<uint8_t>& vec) {
reinterpret_cast<const char*>(&vec.front()), vec.size()));
}
-bool ParseETagHeader(const base::StringPiece& etag_header_value,
+bool ParseETagHeader(const base::StringPiece& etag_header_value_in,
std::vector<uint8_t>* ecdsa_signature_out,
std::vector<uint8_t>* request_hash_out) {
DCHECK(ecdsa_signature_out);
@@ -55,6 +58,20 @@ bool ParseETagHeader(const base::StringPiece& etag_header_value,
// The ETag value is a UTF-8 string, formatted as "S:H", where:
// * S is the ECDSA signature in DER-encoded ASN.1 form, converted to hex.
// * H is the SHA-256 hash of the observed request body, standard hex format.
+ // A Weak ETag is formatted as W/"S:H". This function treats it the same as a
+ // strong ETag.
+ base::StringPiece etag_header_value(etag_header_value_in);
+
+ // Remove the weak prefix, then remove the begin and the end quotes.
+ const char kWeakETagPrefix[] = "W/";
+ if (etag_header_value.starts_with(kWeakETagPrefix))
+ etag_header_value.remove_prefix(arraysize(kWeakETagPrefix) - 1);
+ if (etag_header_value.size() >= 2 && etag_header_value.starts_with("\"") &&
+ etag_header_value.ends_with("\"")) {
+ etag_header_value.remove_prefix(1);
+ etag_header_value.remove_suffix(1);
+ }
+
const base::StringPiece::size_type delim_pos = etag_header_value.find(':');
if (delim_pos == base::StringPiece::npos || delim_pos == 0 ||
delim_pos == etag_header_value.size() - 1)
@@ -188,3 +205,5 @@ bool ClientUpdateProtocolEcdsa::ValidateResponse(
static_cast<int>(signed_message_hash.size()));
return verifier.VerifyFinal();
}
+
+} // namespace update_client
« no previous file with comments | « components/update_client/client_update_protocol_ecdsa.h ('k') | components/update_client/client_update_protocol_ecdsa_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698