| Index: nss/lib/cryptohi/secsign.c
|
| diff --git a/nss/lib/cryptohi/secsign.c b/nss/lib/cryptohi/secsign.c
|
| index fa4bf5fff47aa379040f48e1da6e7116f29e21bc..0243c2648239f92bf903dfd173089485733c6743 100644
|
| --- a/nss/lib/cryptohi/secsign.c
|
| +++ b/nss/lib/cryptohi/secsign.c
|
| @@ -40,25 +40,25 @@ SGN_NewContext(SECOidTag alg, SECKEYPrivateKey *key)
|
| * it may just support CKM_SHA1_RSA_PKCS and/or CKM_MD5_RSA_PKCS.
|
| */
|
| /* we have a private key, not a public key, so don't pass it in */
|
| - rv = sec_DecodeSigAlg(NULL, alg, NULL, &signalg, &hashalg);
|
| + rv = sec_DecodeSigAlg(NULL, alg, NULL, &signalg, &hashalg);
|
| if (rv != SECSuccess) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
| - return 0;
|
| + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
| + return 0;
|
| }
|
| keyType = seckey_GetKeyType(signalg);
|
|
|
| /* verify our key type */
|
| if (key->keyType != keyType &&
|
| - !((key->keyType == dsaKey) && (keyType == fortezzaKey)) ) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
| - return 0;
|
| + !((key->keyType == dsaKey) && (keyType == fortezzaKey))) {
|
| + PORT_SetError(SEC_ERROR_INVALID_ALGORITHM);
|
| + return 0;
|
| }
|
|
|
| - cx = (SGNContext*) PORT_ZAlloc(sizeof(SGNContext));
|
| + cx = (SGNContext *)PORT_ZAlloc(sizeof(SGNContext));
|
| if (cx) {
|
| - cx->hashalg = hashalg;
|
| - cx->signalg = signalg;
|
| - cx->key = key;
|
| + cx->hashalg = hashalg;
|
| + cx->signalg = signalg;
|
| + cx->key = key;
|
| }
|
| return cx;
|
| }
|
| @@ -67,13 +67,13 @@ void
|
| SGN_DestroyContext(SGNContext *cx, PRBool freeit)
|
| {
|
| if (cx) {
|
| - if (cx->hashcx != NULL) {
|
| - (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
|
| - cx->hashcx = NULL;
|
| - }
|
| - if (freeit) {
|
| - PORT_ZFree(cx, sizeof(SGNContext));
|
| - }
|
| + if (cx->hashcx != NULL) {
|
| + (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
|
| + cx->hashcx = NULL;
|
| + }
|
| + if (freeit) {
|
| + PORT_ZFree(cx, sizeof(SGNContext));
|
| + }
|
| }
|
| }
|
|
|
| @@ -81,17 +81,17 @@ SECStatus
|
| SGN_Begin(SGNContext *cx)
|
| {
|
| if (cx->hashcx != NULL) {
|
| - (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
|
| - cx->hashcx = NULL;
|
| + (*cx->hashobj->destroy)(cx->hashcx, PR_TRUE);
|
| + cx->hashcx = NULL;
|
| }
|
|
|
| cx->hashobj = HASH_GetHashObjectByOidTag(cx->hashalg);
|
| if (!cx->hashobj)
|
| - return SECFailure; /* error code is already set */
|
| + return SECFailure; /* error code is already set */
|
|
|
| cx->hashcx = (*cx->hashobj->create)();
|
| if (cx->hashcx == NULL)
|
| - return SECFailure;
|
| + return SECFailure;
|
|
|
| (*cx->hashobj->begin)(cx->hashcx);
|
| return SECSuccess;
|
| @@ -101,8 +101,8 @@ SECStatus
|
| SGN_Update(SGNContext *cx, const unsigned char *input, unsigned int inputLen)
|
| {
|
| if (cx->hashcx == NULL) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| - return SECFailure;
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + return SECFailure;
|
| }
|
| (*cx->hashobj->update)(cx->hashcx, input, inputLen);
|
| return SECSuccess;
|
| @@ -111,12 +111,12 @@ SGN_Update(SGNContext *cx, const unsigned char *input, unsigned int inputLen)
|
| /* XXX Old template; want to expunge it eventually. */
|
| static DERTemplate SECAlgorithmIDTemplate[] = {
|
| { DER_SEQUENCE,
|
| - 0, NULL, sizeof(SECAlgorithmID) },
|
| + 0, NULL, sizeof(SECAlgorithmID) },
|
| { DER_OBJECT_ID,
|
| - offsetof(SECAlgorithmID,algorithm), },
|
| + offsetof(SECAlgorithmID, algorithm) },
|
| { DER_OPTIONAL | DER_ANY,
|
| - offsetof(SECAlgorithmID,parameters), },
|
| - { 0, }
|
| + offsetof(SECAlgorithmID, parameters) },
|
| + { 0 }
|
| };
|
|
|
| /*
|
| @@ -125,13 +125,13 @@ static DERTemplate SECAlgorithmIDTemplate[] = {
|
| */
|
| static DERTemplate SGNDigestInfoTemplate[] = {
|
| { DER_SEQUENCE,
|
| - 0, NULL, sizeof(SGNDigestInfo) },
|
| + 0, NULL, sizeof(SGNDigestInfo) },
|
| { DER_INLINE,
|
| - offsetof(SGNDigestInfo,digestAlgorithm),
|
| - SECAlgorithmIDTemplate, },
|
| + offsetof(SGNDigestInfo, digestAlgorithm),
|
| + SECAlgorithmIDTemplate },
|
| { DER_OCTET_STRING,
|
| - offsetof(SGNDigestInfo,digest), },
|
| - { 0, }
|
| + offsetof(SGNDigestInfo, digest) },
|
| + { 0 }
|
| };
|
|
|
| SECStatus
|
| @@ -151,36 +151,35 @@ SGN_End(SGNContext *cx, SECItem *result)
|
|
|
| /* Finish up digest function */
|
| if (cx->hashcx == NULL) {
|
| - PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| - return SECFailure;
|
| + PORT_SetError(SEC_ERROR_INVALID_ARGS);
|
| + return SECFailure;
|
| }
|
| (*cx->hashobj->end)(cx->hashcx, digest, &part1, sizeof(digest));
|
|
|
| -
|
| if (privKey->keyType == rsaKey) {
|
|
|
| - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| - if ( !arena ) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| - }
|
| -
|
| - /* Construct digest info */
|
| - di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
|
| - if (!di) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| - }
|
| -
|
| - /* Der encode the digest as a DigestInfo */
|
| + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| + if (!arena) {
|
| + rv = SECFailure;
|
| + goto loser;
|
| + }
|
| +
|
| + /* Construct digest info */
|
| + di = SGN_CreateDigestInfo(cx->hashalg, digest, part1);
|
| + if (!di) {
|
| + rv = SECFailure;
|
| + goto loser;
|
| + }
|
| +
|
| + /* Der encode the digest as a DigestInfo */
|
| rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate,
|
| di);
|
| - if (rv != SECSuccess) {
|
| - goto loser;
|
| - }
|
| + if (rv != SECSuccess) {
|
| + goto loser;
|
| + }
|
| } else {
|
| - digder.data = digest;
|
| - digder.len = part1;
|
| + digder.data = digest;
|
| + digder.len = part1;
|
| }
|
|
|
| /*
|
| @@ -189,41 +188,41 @@ SGN_End(SGNContext *cx, SECItem *result)
|
| */
|
| signatureLen = PK11_SignatureLen(privKey);
|
| if (signatureLen <= 0) {
|
| - PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| - rv = SECFailure;
|
| - goto loser;
|
| + PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| + rv = SECFailure;
|
| + goto loser;
|
| }
|
| sigitem.len = signatureLen;
|
| - sigitem.data = (unsigned char*) PORT_Alloc(signatureLen);
|
| + sigitem.data = (unsigned char *)PORT_Alloc(signatureLen);
|
|
|
| if (sigitem.data == NULL) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| + rv = SECFailure;
|
| + goto loser;
|
| }
|
|
|
| rv = PK11_Sign(privKey, &sigitem, &digder);
|
| if (rv != SECSuccess) {
|
| - PORT_Free(sigitem.data);
|
| - sigitem.data = NULL;
|
| - goto loser;
|
| + PORT_Free(sigitem.data);
|
| + sigitem.data = NULL;
|
| + goto loser;
|
| }
|
|
|
| if ((cx->signalg == SEC_OID_ANSIX9_DSA_SIGNATURE) ||
|
| (cx->signalg == SEC_OID_ANSIX962_EC_PUBLIC_KEY)) {
|
| /* DSAU_EncodeDerSigWithLen works for DSA and ECDSA */
|
| - rv = DSAU_EncodeDerSigWithLen(result, &sigitem, sigitem.len);
|
| - PORT_Free(sigitem.data);
|
| - if (rv != SECSuccess)
|
| - goto loser;
|
| + rv = DSAU_EncodeDerSigWithLen(result, &sigitem, sigitem.len);
|
| + PORT_Free(sigitem.data);
|
| + if (rv != SECSuccess)
|
| + goto loser;
|
| } else {
|
| - result->len = sigitem.len;
|
| - result->data = sigitem.data;
|
| + result->len = sigitem.len;
|
| + result->data = sigitem.data;
|
| }
|
|
|
| - loser:
|
| +loser:
|
| SGN_DestroyDigestInfo(di);
|
| if (arena != NULL) {
|
| - PORT_FreeArena(arena, PR_FALSE);
|
| + PORT_FreeArena(arena, PR_FALSE);
|
| }
|
| return rv;
|
| }
|
| @@ -236,71 +235,69 @@ SGN_End(SGNContext *cx, SECItem *result)
|
| */
|
| SECStatus
|
| SEC_SignData(SECItem *res, const unsigned char *buf, int len,
|
| - SECKEYPrivateKey *pk, SECOidTag algid)
|
| + SECKEYPrivateKey *pk, SECOidTag algid)
|
| {
|
| SECStatus rv;
|
| SGNContext *sgn;
|
|
|
| -
|
| sgn = SGN_NewContext(algid, pk);
|
|
|
| if (sgn == NULL)
|
| - return SECFailure;
|
| + return SECFailure;
|
|
|
| rv = SGN_Begin(sgn);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| rv = SGN_Update(sgn, buf, len);
|
| if (rv != SECSuccess)
|
| - goto loser;
|
| + goto loser;
|
|
|
| rv = SGN_End(sgn, res);
|
|
|
| - loser:
|
| +loser:
|
| SGN_DestroyContext(sgn, PR_TRUE);
|
| return rv;
|
| }
|
|
|
| /************************************************************************/
|
| -
|
| +
|
| DERTemplate CERTSignedDataTemplate[] =
|
| -{
|
| - { DER_SEQUENCE,
|
| - 0, NULL, sizeof(CERTSignedData) },
|
| - { DER_ANY,
|
| - offsetof(CERTSignedData,data), },
|
| - { DER_INLINE,
|
| - offsetof(CERTSignedData,signatureAlgorithm),
|
| - SECAlgorithmIDTemplate, },
|
| - { DER_BIT_STRING,
|
| - offsetof(CERTSignedData,signature), },
|
| - { 0, }
|
| -};
|
| + {
|
| + { DER_SEQUENCE,
|
| + 0, NULL, sizeof(CERTSignedData) },
|
| + { DER_ANY,
|
| + offsetof(CERTSignedData, data) },
|
| + { DER_INLINE,
|
| + offsetof(CERTSignedData, signatureAlgorithm),
|
| + SECAlgorithmIDTemplate },
|
| + { DER_BIT_STRING,
|
| + offsetof(CERTSignedData, signature) },
|
| + { 0 }
|
| + };
|
|
|
| SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate)
|
|
|
| const SEC_ASN1Template CERT_SignedDataTemplate[] =
|
| -{
|
| - { SEC_ASN1_SEQUENCE,
|
| - 0, NULL, sizeof(CERTSignedData) },
|
| - { SEC_ASN1_ANY,
|
| - offsetof(CERTSignedData,data), },
|
| - { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
|
| - offsetof(CERTSignedData,signatureAlgorithm),
|
| - SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate), },
|
| - { SEC_ASN1_BIT_STRING,
|
| - offsetof(CERTSignedData,signature), },
|
| - { 0, }
|
| -};
|
| + {
|
| + { SEC_ASN1_SEQUENCE,
|
| + 0, NULL, sizeof(CERTSignedData) },
|
| + { SEC_ASN1_ANY,
|
| + offsetof(CERTSignedData, data) },
|
| + { SEC_ASN1_INLINE | SEC_ASN1_XTRN,
|
| + offsetof(CERTSignedData, signatureAlgorithm),
|
| + SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate) },
|
| + { SEC_ASN1_BIT_STRING,
|
| + offsetof(CERTSignedData, signature) },
|
| + { 0 }
|
| + };
|
|
|
| SEC_ASN1_CHOOSER_IMPLEMENT(CERT_SignedDataTemplate)
|
|
|
| -
|
| SECStatus
|
| SEC_DerSignData(PLArenaPool *arena, SECItem *result,
|
| - const unsigned char *buf, int len, SECKEYPrivateKey *pk,
|
| - SECOidTag algID)
|
| + const unsigned char *buf, int len, SECKEYPrivateKey *pk,
|
| + SECOidTag algID)
|
| {
|
| SECItem it;
|
| CERTSignedData sd;
|
| @@ -313,58 +310,60 @@ SEC_DerSignData(PLArenaPool *arena, SECItem *result,
|
| */
|
|
|
| if (algID == SEC_OID_UNKNOWN) {
|
| - switch(pk->keyType) {
|
| - case rsaKey:
|
| - algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
|
| - break;
|
| - case dsaKey:
|
| - /* get Signature length (= q_len*2) and work from there */
|
| - switch (PK11_SignatureLen(pk)) {
|
| - case 448:
|
| - algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
|
| - break;
|
| - case 512:
|
| - algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
|
| - break;
|
| - default:
|
| - algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
| - break;
|
| - }
|
| - break;
|
| - case ecKey:
|
| - algID = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
|
| - break;
|
| - default:
|
| - PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| - return SECFailure;
|
| - }
|
| + switch (pk->keyType) {
|
| + case rsaKey:
|
| + algID = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case dsaKey:
|
| + /* get Signature length (= q_len*2) and work from there */
|
| + switch (PK11_SignatureLen(pk)) {
|
| + case 448:
|
| + algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
|
| + break;
|
| + case 512:
|
| + algID = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
|
| + break;
|
| + default:
|
| + algID = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
| + break;
|
| + }
|
| + break;
|
| + case ecKey:
|
| + algID = SEC_OID_ANSIX962_ECDSA_SIGNATURE_WITH_SHA1_DIGEST;
|
| + break;
|
| + default:
|
| + PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| + return SECFailure;
|
| + }
|
| }
|
|
|
| /* Sign input buffer */
|
| rv = SEC_SignData(&it, buf, len, pk, algID);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| /* Fill out SignedData object */
|
| PORT_Memset(&sd, 0, sizeof(sd));
|
| - sd.data.data = (unsigned char*) buf;
|
| + sd.data.data = (unsigned char *)buf;
|
| sd.data.len = len;
|
| sd.signature.data = it.data;
|
| - sd.signature.len = it.len << 3; /* convert to bit string */
|
| + sd.signature.len = it.len << 3; /* convert to bit string */
|
| rv = SECOID_SetAlgorithmID(arena, &sd.signatureAlgorithm, algID, 0);
|
| - if (rv) goto loser;
|
| + if (rv)
|
| + goto loser;
|
|
|
| /* DER encode the signed data object */
|
| rv = DER_Encode(arena, result, CERTSignedDataTemplate, &sd);
|
| /* FALL THROUGH */
|
|
|
| - loser:
|
| +loser:
|
| PORT_Free(it.data);
|
| return rv;
|
| }
|
|
|
| SECStatus
|
| SGN_Digest(SECKEYPrivateKey *privKey,
|
| - SECOidTag algtag, SECItem *result, SECItem *digest)
|
| + SECOidTag algtag, SECItem *result, SECItem *digest)
|
| {
|
| int modulusLen;
|
| SECStatus rv;
|
| @@ -372,33 +371,32 @@ SGN_Digest(SECKEYPrivateKey *privKey,
|
| PLArenaPool *arena = 0;
|
| SGNDigestInfo *di = 0;
|
|
|
| -
|
| result->data = 0;
|
|
|
| if (privKey->keyType == rsaKey) {
|
|
|
| - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| - if ( !arena ) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| - }
|
| -
|
| - /* Construct digest info */
|
| - di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
|
| - if (!di) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| - }
|
| -
|
| - /* Der encode the digest as a DigestInfo */
|
| + arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
|
| + if (!arena) {
|
| + rv = SECFailure;
|
| + goto loser;
|
| + }
|
| +
|
| + /* Construct digest info */
|
| + di = SGN_CreateDigestInfo(algtag, digest->data, digest->len);
|
| + if (!di) {
|
| + rv = SECFailure;
|
| + goto loser;
|
| + }
|
| +
|
| + /* Der encode the digest as a DigestInfo */
|
| rv = DER_Encode(arena, &digder, SGNDigestInfoTemplate,
|
| di);
|
| - if (rv != SECSuccess) {
|
| - goto loser;
|
| - }
|
| + if (rv != SECSuccess) {
|
| + goto loser;
|
| + }
|
| } else {
|
| - digder.data = digest->data;
|
| - digder.len = digest->len;
|
| + digder.data = digest->data;
|
| + digder.len = digest->len;
|
| }
|
|
|
| /*
|
| @@ -407,29 +405,29 @@ SGN_Digest(SECKEYPrivateKey *privKey,
|
| */
|
| modulusLen = PK11_SignatureLen(privKey);
|
| if (modulusLen <= 0) {
|
| - PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| - rv = SECFailure;
|
| - goto loser;
|
| + PORT_SetError(SEC_ERROR_INVALID_KEY);
|
| + rv = SECFailure;
|
| + goto loser;
|
| }
|
| result->len = modulusLen;
|
| - result->data = (unsigned char*) PORT_Alloc(modulusLen);
|
| + result->data = (unsigned char *)PORT_Alloc(modulusLen);
|
| result->type = siBuffer;
|
|
|
| if (result->data == NULL) {
|
| - rv = SECFailure;
|
| - goto loser;
|
| + rv = SECFailure;
|
| + goto loser;
|
| }
|
|
|
| rv = PK11_Sign(privKey, result, &digder);
|
| if (rv != SECSuccess) {
|
| - PORT_Free(result->data);
|
| - result->data = NULL;
|
| + PORT_Free(result->data);
|
| + result->data = NULL;
|
| }
|
|
|
| - loser:
|
| +loser:
|
| SGN_DestroyDigestInfo(di);
|
| if (arena != NULL) {
|
| - PORT_FreeArena(arena, PR_FALSE);
|
| + PORT_FreeArena(arena, PR_FALSE);
|
| }
|
| return rv;
|
| }
|
| @@ -440,58 +438,73 @@ SEC_GetSignatureAlgorithmOidTag(KeyType keyType, SECOidTag hashAlgTag)
|
| SECOidTag sigTag = SEC_OID_UNKNOWN;
|
|
|
| switch (keyType) {
|
| - case rsaKey:
|
| - switch (hashAlgTag) {
|
| - case SEC_OID_MD2:
|
| - sigTag = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_MD5:
|
| - sigTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_SHA1:
|
| - sigTag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_SHA224:
|
| - sigTag = SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_UNKNOWN: /* default for RSA if not specified */
|
| - case SEC_OID_SHA256:
|
| - sigTag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_SHA384:
|
| - sigTag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION; break;
|
| - case SEC_OID_SHA512:
|
| - sigTag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION; break;
|
| - default:
|
| - break;
|
| - }
|
| - break;
|
| - case dsaKey:
|
| - switch (hashAlgTag) {
|
| - case SEC_OID_UNKNOWN: /* default for DSA if not specified */
|
| - case SEC_OID_SHA1:
|
| - sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST; break;
|
| - case SEC_OID_SHA224:
|
| - sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST; break;
|
| - case SEC_OID_SHA256:
|
| - sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST; break;
|
| - default:
|
| - break;
|
| - }
|
| - break;
|
| - case ecKey:
|
| - switch (hashAlgTag) {
|
| - case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
|
| - case SEC_OID_SHA1:
|
| - sigTag = SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE; break;
|
| - case SEC_OID_SHA224:
|
| - sigTag = SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE; break;
|
| - case SEC_OID_SHA256:
|
| - sigTag = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE; break;
|
| - case SEC_OID_SHA384:
|
| - sigTag = SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE; break;
|
| - case SEC_OID_SHA512:
|
| - sigTag = SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE; break;
|
| - default:
|
| - break;
|
| - }
|
| - default:
|
| - break;
|
| + case rsaKey:
|
| + switch (hashAlgTag) {
|
| + case SEC_OID_MD2:
|
| + sigTag = SEC_OID_PKCS1_MD2_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_MD5:
|
| + sigTag = SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_SHA1:
|
| + sigTag = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_SHA224:
|
| + sigTag = SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_UNKNOWN: /* default for RSA if not specified */
|
| + case SEC_OID_SHA256:
|
| + sigTag = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_SHA384:
|
| + sigTag = SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + case SEC_OID_SHA512:
|
| + sigTag = SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION;
|
| + break;
|
| + default:
|
| + break;
|
| + }
|
| + break;
|
| + case dsaKey:
|
| + switch (hashAlgTag) {
|
| + case SEC_OID_UNKNOWN: /* default for DSA if not specified */
|
| + case SEC_OID_SHA1:
|
| + sigTag = SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST;
|
| + break;
|
| + case SEC_OID_SHA224:
|
| + sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST;
|
| + break;
|
| + case SEC_OID_SHA256:
|
| + sigTag = SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST;
|
| + break;
|
| + default:
|
| + break;
|
| + }
|
| + break;
|
| + case ecKey:
|
| + switch (hashAlgTag) {
|
| + case SEC_OID_UNKNOWN: /* default for ECDSA if not specified */
|
| + case SEC_OID_SHA1:
|
| + sigTag = SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE;
|
| + break;
|
| + case SEC_OID_SHA224:
|
| + sigTag = SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE;
|
| + break;
|
| + case SEC_OID_SHA256:
|
| + sigTag = SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE;
|
| + break;
|
| + case SEC_OID_SHA384:
|
| + sigTag = SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE;
|
| + break;
|
| + case SEC_OID_SHA512:
|
| + sigTag = SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE;
|
| + break;
|
| + default:
|
| + break;
|
| + }
|
| + default:
|
| + break;
|
| }
|
| return sigTag;
|
| }
|
|
|
Chromium Code Reviews
Issue 1843333003:
Update NSPR to 4.12 and NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/deps/nss.git@master