File: SignedCertificateTimestamp.cpp

package info (click to toggle)
firefox 147.0-1
  • links: PTS, VCS
  • area: main
  • in suites: sid
  • size: 4,683,324 kB
  • sloc: cpp: 7,607,156; javascript: 6,532,492; ansic: 3,775,158; python: 1,415,368; xml: 634,556; asm: 438,949; java: 186,241; sh: 62,751; makefile: 18,079; objc: 13,092; perl: 12,808; yacc: 4,583; cs: 3,846; pascal: 3,448; lex: 1,720; ruby: 1,003; php: 436; lisp: 258; awk: 247; sql: 66; sed: 54; csh: 10; exp: 6
file content (90 lines) | stat: -rw-r--r-- 2,762 bytes parent folder | download | duplicates (11) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
 
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

#include "SignedCertificateTimestamp.h"

#include "CTUtils.h"

namespace mozilla {
namespace ct {

pkix::Result SignedCertificateTimestamp::DecodeExtensions() {
  if (extensions.empty()) {
    return pkix::Success;
  }

  // `extensions` is a sequence of Extension:
  //     struct {
  //         ExtensionType extension_type;
  //         opaque extension_data<0..2^16-1>;
  //     } Extension;
  const size_t kExtensionDataLengthBytes = 2;
  // Currently, the only supported extension type is `leaf_index`. Others are
  // ignored.
  //     enum {
  //         leaf_index(0), (255)
  //     } ExtensionType;
  const size_t kExtensionTypeLength = 1;
  const uint8_t kExtensionTypeLeafIndex = 0;

  pkix::Input input;
  pkix::Result rv = input.Init(extensions.data(), extensions.size());
  if (rv != pkix::Success) {
    return rv;
  }
  pkix::Reader reader(input);
  while (!reader.AtEnd()) {
    uint8_t extensionType;
    rv = ReadUint<kExtensionTypeLength>(reader, extensionType);
    if (rv != pkix::Success) {
      return rv;
    }
    pkix::Input extensionData;
    rv = ReadVariableBytes<kExtensionDataLengthBytes>(reader, extensionData);
    if (rv != pkix::Success) {
      return rv;
    }
    if (extensionType == kExtensionTypeLeafIndex) {
      // Duplicate extensions are not allowed.
      if (leafIndex.isSome()) {
        return pkix::Result::ERROR_EXTENSION_VALUE_INVALID;
      }
      // A leaf index is a big-endian, unsigned 40-bit value. In other words,
      // it is 5 8-bit bytes, like so:
      //     uint8 uint40[5];
      //     uint40 LeafIndex;
      const size_t kLeafIndexLength = 5;
      uint64_t leafIndexValue;
      pkix::Reader leafIndexReader(extensionData);
      rv = ReadUint<kLeafIndexLength>(leafIndexReader, leafIndexValue);
      if (rv != pkix::Success) {
        return rv;
      }
      if (!leafIndexReader.AtEnd()) {
        return pkix::Result::ERROR_EXTENSION_VALUE_INVALID;
      }
      leafIndex.emplace(leafIndexValue);
    }
  }
  return pkix::Success;
}

void LogEntry::Reset() {
  type = LogEntry::Type::X509;
  leafCertificate.clear();
  issuerKeyHash.clear();
  tbsCertificate.clear();
}

bool DigitallySigned::SignatureParametersMatch(
    HashAlgorithm aHashAlgorithm,
    SignatureAlgorithm aSignatureAlgorithm) const {
  return (hashAlgorithm == aHashAlgorithm) &&
         (signatureAlgorithm == aSignatureAlgorithm);
}

}  // namespace ct
}  // namespace mozilla