| Index: net/cert/internal/signature_algorithm.cc
|
| diff --git a/net/cert/internal/signature_algorithm.cc b/net/cert/internal/signature_algorithm.cc
|
| index 9853ac024988d47ea2c051313497b71487af5cdb..98129ac9a45d93f745c793f677a13735aee380cd 100644
|
| --- a/net/cert/internal/signature_algorithm.cc
|
| +++ b/net/cert/internal/signature_algorithm.cc
|
| @@ -513,7 +513,7 @@ std::unique_ptr<SignatureAlgorithm> ParseRsaPss(const der::Input& params) {
|
|
|
| } // namespace
|
|
|
| -WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input input,
|
| +WARN_UNUSED_RESULT bool ParseHashAlgorithm(const der::Input& input,
|
| DigestAlgorithm* out) {
|
| der::Input oid;
|
| der::Input params;
|
| @@ -638,6 +638,26 @@ const RsaPssParameters* SignatureAlgorithm::ParamsForRsaPss() const {
|
| return nullptr;
|
| }
|
|
|
| +bool SignatureAlgorithm::IsEquivalent(const der::Input& alg1_tlv,
|
| + const der::Input& alg2_tlv) {
|
| + if (alg1_tlv == alg2_tlv)
|
| + return true;
|
| +
|
| + auto alg1 = Create(alg1_tlv, nullptr);
|
| + auto alg2 = Create(alg2_tlv, nullptr);
|
| +
|
| + if (!alg1 || !alg2 || (alg1->algorithm() != alg2->algorithm()) ||
|
| + (alg1->digest() != alg2->digest())) {
|
| + return false;
|
| + }
|
| +
|
| + // For simplicity don't check the parsed parameters (only applicable
|
| + // for RSA-PSS). This does mean RSA-PSS AlgorithmIdentifiers need to
|
| + // use identical encodings to be considered equivalent by this
|
| + // function.
|
| + return !alg1->has_params() && !alg2->has_params();
|
| +}
|
| +
|
| SignatureAlgorithm::SignatureAlgorithm(
|
| SignatureAlgorithmId algorithm,
|
| DigestAlgorithm digest,
|
|
|
Chromium Code Reviews
Issue 2731603002:
Check TBSCertificate.algorithm and Certificate.signatureAlgorithm for (Closed)
