Bring in the core of chromium certificate verifier as libpki
Initially this leaves the canonical source in chrome, Additions
and fillins are committed directly, the chrome files are coverted
using the IMPORT script run from the pki directory for the moment.
The intention here is to continue frequent automatic conversion
(and avoid wholesale cosmetic changes in here for now) until
chrome converts to use these files in place of it's versions.
At that point these will become the definiative files, and the
IMPORT script can be tossed out.
A middle step along the way will be to change google3's verify.cc
in third_party/chromium_certificate_verifier to use this instead
of it's own extracted copy.
Status (and what is not done yet) being roughly tracked in README.md
Bug: chromium:1322914
Change-Id: Ibdb5479bc68985fa61ce6b10f98f31f6b3a7cbdf
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/60285
Commit-Queue: Bob Beck <bbe@google.com>
Reviewed-by: Adam Langley <agl@google.com>
diff --git a/pki/signature_algorithm.h b/pki/signature_algorithm.h
new file mode 100644
index 0000000..069ab7e
--- /dev/null
+++ b/pki/signature_algorithm.h
@@ -0,0 +1,87 @@
+// Copyright 2015 The Chromium Authors
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef BSSL_PKI_SIGNATURE_ALGORITHM_H_
+#define BSSL_PKI_SIGNATURE_ALGORITHM_H_
+
+#include "fillins/openssl_util.h"
+#include <stdint.h>
+
+
+#include <optional>
+#include <openssl/evp.h>
+
+namespace bssl {
+
+namespace der {
+class Input;
+} // namespace der
+
+// The digest algorithm used within a signature.
+enum class DigestAlgorithm {
+ Md2,
+ Md4,
+ Md5,
+ Sha1,
+ Sha256,
+ Sha384,
+ Sha512,
+};
+
+// The signature algorithm used within a certificate.
+enum class SignatureAlgorithm {
+ kRsaPkcs1Sha1,
+ kRsaPkcs1Sha256,
+ kRsaPkcs1Sha384,
+ kRsaPkcs1Sha512,
+ kEcdsaSha1,
+ kEcdsaSha256,
+ kEcdsaSha384,
+ kEcdsaSha512,
+ // These RSA-PSS constants match RFC 8446 and refer to RSASSA-PSS with MGF-1,
+ // using the specified hash as both the signature and MGF-1 hash, and the hash
+ // length as the salt length.
+ kRsaPssSha256,
+ kRsaPssSha384,
+ kRsaPssSha512,
+};
+
+// Parses AlgorithmIdentifier as defined by RFC 5280 section 4.1.1.2:
+//
+// AlgorithmIdentifier ::= SEQUENCE {
+// algorithm OBJECT IDENTIFIER,
+// parameters ANY DEFINED BY algorithm OPTIONAL }
+[[nodiscard]] OPENSSL_EXPORT bool ParseAlgorithmIdentifier(const der::Input& input,
+ der::Input* algorithm,
+ der::Input* parameters);
+
+// Parses a HashAlgorithm as defined by RFC 5912:
+//
+// HashAlgorithm ::= AlgorithmIdentifier{DIGEST-ALGORITHM,
+// {HashAlgorithms}}
+//
+// HashAlgorithms DIGEST-ALGORITHM ::= {
+// { IDENTIFIER id-sha1 PARAMS TYPE NULL ARE preferredPresent } |
+// { IDENTIFIER id-sha224 PARAMS TYPE NULL ARE preferredPresent } |
+// { IDENTIFIER id-sha256 PARAMS TYPE NULL ARE preferredPresent } |
+// { IDENTIFIER id-sha384 PARAMS TYPE NULL ARE preferredPresent } |
+// { IDENTIFIER id-sha512 PARAMS TYPE NULL ARE preferredPresent }
+// }
+[[nodiscard]] bool ParseHashAlgorithm(const der::Input& input,
+ DigestAlgorithm* out);
+
+// Parses an AlgorithmIdentifier into a signature algorithm and returns it, or
+// returns `std::nullopt` if `algorithm_identifer` either cannot be parsed or
+// is not a recognized signature algorithm.
+OPENSSL_EXPORT std::optional<SignatureAlgorithm> ParseSignatureAlgorithm(
+ const der::Input& algorithm_identifier);
+
+// Returns the hash to be used with the tls-server-end-point channel binding
+// (RFC 5929) or `std::nullopt`, if not supported for this signature algorithm.
+std::optional<DigestAlgorithm> GetTlsServerEndpointDigestAlgorithm(
+ SignatureAlgorithm alg);
+
+} // namespace net
+
+#endif // BSSL_PKI_SIGNATURE_ALGORITHM_H_
