Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(332)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/internal/signature_algorithm.h

Issue 2731603002: Check TBSCertificate.algorithm and Certificate.signatureAlgorithm for (Closed)
Patch Set: add tests for root Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/cert_verify_proc_unittest.cc ('K') | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/internal/signature_algorithm.cc » ('j') | net/cert/internal/signature_algorithm.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_ 5 #ifndef NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_
6 #define NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_ 6 #define NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_
7 7
8 #include <stdint.h> 8 #include <stdint.h>
9 9
10 #include <memory> 10 #include <memory>
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
45 // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM, 45 // HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM,
46 // {HashAlgorithms}} 46 // {HashAlgorithms}}
47 // 47 //
48 // HashAlgorithms DIGEST-ALGORITHM ::= { 48 // HashAlgorithms DIGEST-ALGORITHM ::= {
49 // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } | 49 // { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } |
50 // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } | 50 // { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } |
51 // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } | 51 // { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } |
52 // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } | 52 // { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } |
53 // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent } 53 // { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent }
54 // } 54 // }
55 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input, 55 WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input& input,
56 DigestAlgorithm* out); 56 DigestAlgorithm* out);
57 57
58 // Base class for describing algorithm parameters. 58 // Base class for describing algorithm parameters.
59 class NET_EXPORT SignatureAlgorithmParameters { 59 class NET_EXPORT SignatureAlgorithmParameters {
60 public: 60 public:
61 SignatureAlgorithmParameters() {} 61 SignatureAlgorithmParameters() {}
62 virtual ~SignatureAlgorithmParameters(){}; 62 virtual ~SignatureAlgorithmParameters(){};
63 63
64 private: 64 private:
65 DISALLOW_COPY_AND_ASSIGN(SignatureAlgorithmParameters); 65 DISALLOW_COPY_AND_ASSIGN(SignatureAlgorithmParameters);
(...skipping 45 matching lines...) Expand 10 before | Expand all | Expand 10 after
111 111
112 // The following methods retrieve the parameters for the signature algorithm. 112 // The following methods retrieve the parameters for the signature algorithm.
113 // 113 //
114 // The correct parameters should be chosen based on the algorithm ID. For 114 // The correct parameters should be chosen based on the algorithm ID. For
115 // instance a SignatureAlgorithm with |algorithm() == RsaPss| should retrieve 115 // instance a SignatureAlgorithm with |algorithm() == RsaPss| should retrieve
116 // parameters via ParametersForRsaPss(). 116 // parameters via ParametersForRsaPss().
117 // 117 //
118 // The returned pointer is non-owned, and has the same lifetime as |this|. 118 // The returned pointer is non-owned, and has the same lifetime as |this|.
119 const RsaPssParameters* ParamsForRsaPss() const; 119 const RsaPssParameters* ParamsForRsaPss() const;
120 120
121 bool has_params() const { return !!params_; }
122
123 // Returns true if |alg1_tlv| and |alg2_tlv| represent an equivalent
124 // AlgorithmIdentifier once parsed.
125 static bool IsEquivalent(const der::Input& alg1_tlv,
126 const der::Input& alg2_tlv);
127
121 private: 128 private:
122 SignatureAlgorithm(SignatureAlgorithmId algorithm, 129 SignatureAlgorithm(SignatureAlgorithmId algorithm,
123 DigestAlgorithm digest, 130 DigestAlgorithm digest,
124 std::unique_ptr<SignatureAlgorithmParameters> params); 131 std::unique_ptr<SignatureAlgorithmParameters> params);
125 132
126 const SignatureAlgorithmId algorithm_; 133 const SignatureAlgorithmId algorithm_;
127 const DigestAlgorithm digest_; 134 const DigestAlgorithm digest_;
128 const std::unique_ptr<SignatureAlgorithmParameters> params_; 135 const std::unique_ptr<SignatureAlgorithmParameters> params_;
129 136
130 DISALLOW_COPY_AND_ASSIGN(SignatureAlgorithm); 137 DISALLOW_COPY_AND_ASSIGN(SignatureAlgorithm);
131 }; 138 };
132 139
133 } // namespace net 140 } // namespace net
134 141
135 #endif // NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_ 142 #endif // NET_CERT_INTERNAL_SIGNATURE_ALGORITHM_H_
OLDNEW
« net/cert/cert_verify_proc_unittest.cc ('K') | « net/cert/cert_verify_proc_unittest.cc ('k') | net/cert/internal/signature_algorithm.cc » ('j') | net/cert/internal/signature_algorithm.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698