OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/internal/signature_algorithm.h" | 5 #include "net/cert/internal/signature_algorithm.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <utility> | 8 #include <utility> |
9 | 9 |
10 #include "base/memory/ptr_util.h" | 10 #include "base/memory/ptr_util.h" |
(...skipping 495 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
506 // There must not be any unconsumed data left. (RFC 5912 does not explicitly | 506 // There must not be any unconsumed data left. (RFC 5912 does not explicitly |
507 // include an extensibility point for RSASSA-PSS-params) | 507 // include an extensibility point for RSASSA-PSS-params) |
508 if (params_parser.HasMore()) | 508 if (params_parser.HasMore()) |
509 return nullptr; | 509 return nullptr; |
510 | 510 |
511 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); | 511 return SignatureAlgorithm::CreateRsaPss(hash, mgf1_hash, salt_length); |
512 } | 512 } |
513 | 513 |
514 } // namespace | 514 } // namespace |
515 | 515 |
516 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input, | 516 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input& input, |
517 DigestAlgorithm* out) { | 517 DigestAlgorithm* out) { |
518 der::Input oid; | 518 der::Input oid; |
519 der::Input params; | 519 der::Input params; |
520 if (!ParseAlgorithmIdentifier(input, &oid, ¶ms)) | 520 if (!ParseAlgorithmIdentifier(input, &oid, ¶ms)) |
521 return false; | 521 return false; |
522 | 522 |
523 DigestAlgorithm hash; | 523 DigestAlgorithm hash; |
524 | 524 |
525 if (oid == der::Input(kOidSha1)) { | 525 if (oid == der::Input(kOidSha1)) { |
526 hash = DigestAlgorithm::Sha1; | 526 hash = DigestAlgorithm::Sha1; |
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
631 SignatureAlgorithmId::RsaPss, digest, | 631 SignatureAlgorithmId::RsaPss, digest, |
632 base::MakeUnique<RsaPssParameters>(mgf1_hash, salt_length))); | 632 base::MakeUnique<RsaPssParameters>(mgf1_hash, salt_length))); |
633 } | 633 } |
634 | 634 |
635 const RsaPssParameters* SignatureAlgorithm::ParamsForRsaPss() const { | 635 const RsaPssParameters* SignatureAlgorithm::ParamsForRsaPss() const { |
636 if (algorithm_ == SignatureAlgorithmId::RsaPss) | 636 if (algorithm_ == SignatureAlgorithmId::RsaPss) |
637 return static_cast<RsaPssParameters*>(params_.get()); | 637 return static_cast<RsaPssParameters*>(params_.get()); |
638 return nullptr; | 638 return nullptr; |
639 } | 639 } |
640 | 640 |
641 bool SignatureAlgorithm::IsEquivalent(const der::Input& alg1_tlv, | |
642 const der::Input& alg2_tlv) { | |
643 if (alg1_tlv == alg2_tlv) | |
644 return true; | |
645 | |
646 auto alg1 = Create(alg1_tlv, nullptr); | |
647 auto alg2 = Create(alg2_tlv, nullptr); | |
Ryan Sleevi
2017/03/09 00:45:26
I think this runs afoul of several of the principl
eroman
2017/03/09 01:09:44
Done.
| |
648 | |
649 // Do checks that apply to all algorithms. | |
650 if (!alg1 || !alg2 || (alg1->algorithm() != alg2->algorithm()) || | |
651 (alg1->digest() != alg2->digest())) { | |
652 return false; | |
653 } | |
654 | |
655 // Check algorithm-specific parameters for equality. | |
656 switch (alg1->algorithm()) { | |
657 case SignatureAlgorithmId::RsaPkcs1: | |
658 case SignatureAlgorithmId::Ecdsa: | |
659 DCHECK(!alg1->has_params()); | |
660 DCHECK(!alg2->has_params()); | |
661 return true; | |
662 case SignatureAlgorithmId::RsaPss: { | |
663 const auto* params1 = alg1->ParamsForRsaPss(); | |
664 const auto* params2 = alg2->ParamsForRsaPss(); | |
Ryan Sleevi
2017/03/09 00:45:26
ditto here
eroman
2017/03/09 01:09:44
Done.
| |
665 return params1 && params2 && | |
666 (params1->salt_length() == params2->salt_length()) && | |
667 (params1->mgf1_hash() == params2->mgf1_hash()); | |
668 } | |
669 } | |
670 | |
671 return false; | |
672 } | |
673 | |
641 SignatureAlgorithm::SignatureAlgorithm( | 674 SignatureAlgorithm::SignatureAlgorithm( |
642 SignatureAlgorithmId algorithm, | 675 SignatureAlgorithmId algorithm, |
643 DigestAlgorithm digest, | 676 DigestAlgorithm digest, |
644 std::unique_ptr<SignatureAlgorithmParameters> params) | 677 std::unique_ptr<SignatureAlgorithmParameters> params) |
645 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} | 678 : algorithm_(algorithm), digest_(digest), params_(std::move(params)) {} |
646 | 679 |
647 } // namespace net | 680 } // namespace net |
OLD | NEW |