Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(245)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/x509_certificate_win.cc

Issue 2731603002: Check TBSCertificate.algorithm and Certificate.signatureAlgorithm for (Closed)
Patch Set: Use rsleevi's background comment Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/x509_certificate_openssl.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/x509_certificate.h" 5 #include "net/cert/x509_certificate.h"
6 6
7 #include <memory> 7 #include <memory>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/memory/free_deleter.h" 10 #include "base/memory/free_deleter.h"
(...skipping 403 matching lines...) Expand 10 before | Expand all | Expand 10 after
414 break; 414 break;
415 case CALG_ECDSA: 415 case CALG_ECDSA:
416 *type = kPublicKeyTypeECDSA; 416 *type = kPublicKeyTypeECDSA;
417 break; 417 break;
418 case CALG_ECDH: 418 case CALG_ECDH:
419 *type = kPublicKeyTypeECDH; 419 *type = kPublicKeyTypeECDH;
420 break; 420 break;
421 } 421 }
422 } 422 }
423 423
424 X509Certificate::SignatureHashAlgorithm
425 X509Certificate::GetSignatureHashAlgorithm(OSCertHandle cert_handle) {
426 const char* algorithm = cert_handle->pCertInfo->SignatureAlgorithm.pszObjId;
427 if (strcmp(algorithm, szOID_RSA_MD5RSA) == 0) {
428 // md5WithRSAEncryption: 1.2.840.113549.1.1.4
429 return kSignatureHashAlgorithmMd5;
430 }
431 if (strcmp(algorithm, szOID_RSA_MD2RSA) == 0) {
432 // md2WithRSAEncryption: 1.2.840.113549.1.1.2
433 return kSignatureHashAlgorithmMd2;
434 }
435 if (strcmp(algorithm, szOID_RSA_MD4RSA) == 0) {
436 // md4WithRSAEncryption: 1.2.840.113549.1.1.3
437 return kSignatureHashAlgorithmMd4;
438 }
439 if (strcmp(algorithm, szOID_RSA_SHA1RSA) == 0 ||
440 strcmp(algorithm, szOID_X957_SHA1DSA) == 0 ||
441 strcmp(algorithm, szOID_ECDSA_SHA1) == 0) {
442 // sha1WithRSAEncryption: 1.2.840.113549.1.1.5
443 // id-dsa-with-sha1: 1.2.840.10040.4.3
444 // ecdsa-with-SHA1: 1.2.840.10045.4.1
445 return kSignatureHashAlgorithmSha1;
446 }
447
448 return kSignatureHashAlgorithmOther;
449 }
450
451 bool X509Certificate::IsIssuedByEncoded( 424 bool X509Certificate::IsIssuedByEncoded(
452 const std::vector<std::string>& valid_issuers) { 425 const std::vector<std::string>& valid_issuers) {
453 426
454 // If the certificate's issuer in the list? 427 // If the certificate's issuer in the list?
455 if (IsCertNameBlobInIssuerList(&cert_handle_->pCertInfo->Issuer, 428 if (IsCertNameBlobInIssuerList(&cert_handle_->pCertInfo->Issuer,
456 valid_issuers)) { 429 valid_issuers)) {
457 return true; 430 return true;
458 } 431 }
459 // Otherwise, is any of the intermediate CA subjects in the list? 432 // Otherwise, is any of the intermediate CA subjects in the list?
460 for (OSCertHandles::iterator it = intermediate_ca_certs_.begin(); 433 for (OSCertHandles::iterator it = intermediate_ca_certs_.begin();
(...skipping 15 matching lines...) Expand all
476 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT, 449 CRYPT_VERIFY_CERT_SIGN_ISSUER_CERT,
477 reinterpret_cast<void*>(const_cast<PCERT_CONTEXT>(cert_handle)), 0, NULL); 450 reinterpret_cast<void*>(const_cast<PCERT_CONTEXT>(cert_handle)), 0, NULL);
478 if (!valid_signature) 451 if (!valid_signature)
479 return false; 452 return false;
480 return !!CertCompareCertificateName(X509_ASN_ENCODING, 453 return !!CertCompareCertificateName(X509_ASN_ENCODING,
481 &cert_handle->pCertInfo->Subject, 454 &cert_handle->pCertInfo->Subject,
482 &cert_handle->pCertInfo->Issuer); 455 &cert_handle->pCertInfo->Issuer);
483 } 456 }
484 457
485 } // namespace net 458 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/x509_certificate_openssl.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698