OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/internal/signature_algorithm.h" | 5 #include "net/cert/internal/signature_algorithm.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
11 #include "base/numerics/safe_math.h" | 11 #include "base/numerics/safe_math.h" |
12 #include "net/der/input.h" | 12 #include "net/der/input.h" |
13 #include "net/der/parse_values.h" | 13 #include "net/der/parse_values.h" |
14 #include "net/der/parser.h" | 14 #include "net/der/parser.h" |
15 | 15 |
16 namespace net { | 16 namespace net { |
17 | 17 |
18 namespace { | 18 namespace { |
19 | 19 |
| 20 // md2WithRSAEncryption |
| 21 // In dotted notation: 1.2.840.113549.1.1.2 |
| 22 const uint8_t kOidMd2WithRsaEncryption[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 23 0x0d, 0x01, 0x01, 0x02}; |
| 24 |
| 25 // md4WithRSAEncryption |
| 26 // In dotted notation: 1.2.840.113549.1.1.3 |
| 27 const uint8_t kOidMd4WithRsaEncryption[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 28 0x0d, 0x01, 0x01, 0x03}; |
| 29 |
| 30 // md5WithRSAEncryption |
| 31 // In dotted notation: 1.2.840.113549.1.1.4 |
| 32 const uint8_t kOidMd5WithRsaEncryption[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, |
| 33 0x0d, 0x01, 0x01, 0x04}; |
| 34 |
20 // From RFC 5912: | 35 // From RFC 5912: |
21 // | 36 // |
22 // sha1WithRSAEncryption OBJECT IDENTIFIER ::= { | 37 // sha1WithRSAEncryption OBJECT IDENTIFIER ::= { |
23 // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) | 38 // iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) |
24 // pkcs-1(1) 5 } | 39 // pkcs-1(1) 5 } |
25 // | 40 // |
26 // In dotted notation: 1.2.840.113549.1.1.5 | 41 // In dotted notation: 1.2.840.113549.1.1.5 |
27 const uint8_t kOidSha1WithRsaEncryption[] = | 42 const uint8_t kOidSha1WithRsaEncryption[] = |
28 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05}; | 43 {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05}; |
29 | 44 |
(...skipping 479 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
509 | 524 |
510 if (oid == der::Input(kOidSha1)) { | 525 if (oid == der::Input(kOidSha1)) { |
511 hash = DigestAlgorithm::Sha1; | 526 hash = DigestAlgorithm::Sha1; |
512 } else if (oid == der::Input(kOidSha256)) { | 527 } else if (oid == der::Input(kOidSha256)) { |
513 hash = DigestAlgorithm::Sha256; | 528 hash = DigestAlgorithm::Sha256; |
514 } else if (oid == der::Input(kOidSha384)) { | 529 } else if (oid == der::Input(kOidSha384)) { |
515 hash = DigestAlgorithm::Sha384; | 530 hash = DigestAlgorithm::Sha384; |
516 } else if (oid == der::Input(kOidSha512)) { | 531 } else if (oid == der::Input(kOidSha512)) { |
517 hash = DigestAlgorithm::Sha512; | 532 hash = DigestAlgorithm::Sha512; |
518 } else { | 533 } else { |
| 534 // TODO(eroman): Support MD2, MD4, MD5 for completeness? |
519 // Unsupported digest algorithm. | 535 // Unsupported digest algorithm. |
520 return false; | 536 return false; |
521 } | 537 } |
522 | 538 |
523 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say | 539 // From RFC 5912: "PARAMS TYPE NULL ARE preferredPresent". Which is to say |
524 // the can either be absent, or NULL. | 540 // the can either be absent, or NULL. |
525 if (!IsEmpty(params) && !IsNull(params)) | 541 if (!IsEmpty(params) && !IsNull(params)) |
526 return false; | 542 return false; |
527 | 543 |
528 *out = hash; | 544 *out = hash; |
(...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
573 | 589 |
574 if (oid == der::Input(kOidEcdsaWithSha512)) | 590 if (oid == der::Input(kOidEcdsaWithSha512)) |
575 return ParseEcdsa(DigestAlgorithm::Sha512, params); | 591 return ParseEcdsa(DigestAlgorithm::Sha512, params); |
576 | 592 |
577 if (oid == der::Input(kOidRsaSsaPss)) | 593 if (oid == der::Input(kOidRsaSsaPss)) |
578 return ParseRsaPss(params); | 594 return ParseRsaPss(params); |
579 | 595 |
580 if (oid == der::Input(kOidSha1WithRsaSignature)) | 596 if (oid == der::Input(kOidSha1WithRsaSignature)) |
581 return ParseRsaPkcs1(DigestAlgorithm::Sha1, params); | 597 return ParseRsaPkcs1(DigestAlgorithm::Sha1, params); |
582 | 598 |
| 599 if (oid == der::Input(kOidMd2WithRsaEncryption)) |
| 600 return ParseRsaPkcs1(DigestAlgorithm::Md2, params); |
| 601 |
| 602 if (oid == der::Input(kOidMd4WithRsaEncryption)) |
| 603 return ParseRsaPkcs1(DigestAlgorithm::Md4, params); |
| 604 |
| 605 if (oid == der::Input(kOidMd5WithRsaEncryption)) |
| 606 return ParseRsaPkcs1(DigestAlgorithm::Md5, params); |
| 607 |
583 // TODO(crbug.com/634443): Add an error indicating what the OID | 608 // TODO(crbug.com/634443): Add an error indicating what the OID |
584 // was. | 609 // was. |
585 | 610 |
586 return nullptr; // Unsupported OID. | 611 return nullptr; // Unsupported OID. |
587 } | 612 } |
588 | 613 |
589 std::unique_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateRsaPkcs1( | 614 std::unique_ptr<SignatureAlgorithm> SignatureAlgorithm::CreateRsaPkcs1( |
590 DigestAlgorithm digest) { | 615 DigestAlgorithm digest) { |
591 return base::WrapUnique( | 616 return base::WrapUnique( |
592 new SignatureAlgorithm(SignatureAlgorithmId::RsaPkcs1, digest, nullptr)); | 617 new SignatureAlgorithm(SignatureAlgorithmId::RsaPkcs1, digest, nullptr)); |
(...skipping 20 matching lines...) Expand all Loading... |
613 return nullptr; | 638 return nullptr; |
614 } | 639 } |
615 | 640 |
616 SignatureAlgorithm::SignatureAlgorithm( | 641 SignatureAlgorithm::SignatureAlgorithm( |
617 SignatureAlgorithmId algorithm, | 642 SignatureAlgorithmId algorithm, |
618 DigestAlgorithm digest, | 643 DigestAlgorithm digest, |
619 std::unique_ptr<SignatureAlgorithmParameters> params) | 644 std::unique_ptr<SignatureAlgorithmParameters> params) |
620 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} | 645 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} |
621 | 646 |
622 } // namespace net | 647 } // namespace net |
OLD | NEW |