generic-library/webrtc
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update talk to 54527154.

Browse Source 
TBR=wu

Review URL: https://webrtc-codereview.appspot.com/2389004

git-svn-id: http://webrtc.googlecode.com/svn/trunk@4954 4adac7df-926f-26a2-2b94-8c16560cd09d
This commit is contained in:
mallinath@webrtc.org
2013-10-13 17:18:27 +00:00
parent 7419a72383
commit 19f27e6a24
34 changed files with 587 additions and 116 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
talk/base/fakesslidentity.h
View File

@@ -58,6 +58,12 @@ class FakeSSLCertificate : public talk_base::SSLCertificate {
VERIFY(SSLIdentity::PemToDer(kPemTypeCertificate, data_, &der_string));
der_buffer->SetData(der_string.c_str(), der_string.size());
}
virtual bool GetSignatureDigestAlgorithm(std::string* algorithm) const {
// SHA-1 is chosen because it is available in all build configurations
// used for unit testing.
*algorithm = DIGEST_SHA_1;
return true;
}
virtual bool ComputeDigest(const std::string &algorithm,
unsigned char *digest, std::size_t size,
std::size_t *length) const {

48
talk/base/nssidentity.cc
View File

@@ -175,6 +175,54 @@ bool NSSCertificate::GetDigestLength(const std::string &algorithm,
return true;
}
bool NSSCertificate::GetSignatureDigestAlgorithm(std::string* algorithm) const {
// The function sec_DecodeSigAlg in NSS provides this mapping functionality.
// Unfortunately it is private, so the functionality must be duplicated here.
// See https://bugzilla.mozilla.org/show_bug.cgi?id=925165 .
SECOidTag sig_alg = SECOID_GetAlgorithmTag(&certificate_->signature);
switch (sig_alg) {
case SEC_OID_PKCS1_MD5_WITH_RSA_ENCRYPTION:
*algorithm = DIGEST_MD5;
break;
case SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION:
case SEC_OID_ISO_SHA_WITH_RSA_SIGNATURE:
case SEC_OID_ISO_SHA1_WITH_RSA_SIGNATURE:
case SEC_OID_ANSIX9_DSA_SIGNATURE_WITH_SHA1_DIGEST:
case SEC_OID_BOGUS_DSA_SIGNATURE_WITH_SHA1_DIGEST:
case SEC_OID_ANSIX962_ECDSA_SHA1_SIGNATURE:
case SEC_OID_MISSI_DSS:
case SEC_OID_MISSI_KEA_DSS:
case SEC_OID_MISSI_KEA_DSS_OLD:
case SEC_OID_MISSI_DSS_OLD:
*algorithm = DIGEST_SHA_1;
break;
case SEC_OID_ANSIX962_ECDSA_SHA224_SIGNATURE:
case SEC_OID_PKCS1_SHA224_WITH_RSA_ENCRYPTION:
case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA224_DIGEST:
*algorithm = DIGEST_SHA_224;
break;
case SEC_OID_ANSIX962_ECDSA_SHA256_SIGNATURE:
case SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION:
case SEC_OID_NIST_DSA_SIGNATURE_WITH_SHA256_DIGEST:
*algorithm = DIGEST_SHA_256;
break;
case SEC_OID_ANSIX962_ECDSA_SHA384_SIGNATURE:
case SEC_OID_PKCS1_SHA384_WITH_RSA_ENCRYPTION:
*algorithm = DIGEST_SHA_384;
break;
case SEC_OID_ANSIX962_ECDSA_SHA512_SIGNATURE:
case SEC_OID_PKCS1_SHA512_WITH_RSA_ENCRYPTION:
*algorithm = DIGEST_SHA_512;
break;
default:
// Unknown algorithm. There are several unhandled options that are less
// common and more complex.
algorithm->clear();
return false;
}
return true;
}
bool NSSCertificate::ComputeDigest(const std::string &algorithm,
unsigned char *digest, std::size_t size,
std::size_t *length) const {

2
talk/base/nssidentity.h
View File

@@ -81,6 +81,8 @@ class NSSCertificate : public SSLCertificate {
virtual void ToDER(Buffer* der_buffer) const;
virtual bool GetSignatureDigestAlgorithm(std::string* algorithm) const;
virtual bool ComputeDigest(const std::string& algorithm,
unsigned char* digest, std::size_t size,
std::size_t* length) const;

28
talk/base/openssldigest.cc
View File

@@ -98,6 +98,34 @@ bool OpenSSLDigest::GetDigestEVP(const std::string& algorithm,
return true;
}
bool OpenSSLDigest::GetDigestName(const EVP_MD* md,
std::string* algorithm) {
ASSERT(md != NULL);
ASSERT(algorithm != NULL);
int md_type = EVP_MD_type(md);
if (md_type == NID_md5) {
*algorithm = DIGEST_MD5;
} else if (md_type == NID_sha1) {
*algorithm = DIGEST_SHA_1;
#if OPENSSL_VERSION_NUMBER >= 0x00908000L
} else if (md_type == NID_sha224) {
*algorithm = DIGEST_SHA_224;
} else if (md_type == NID_sha256) {
*algorithm = DIGEST_SHA_256;
} else if (md_type == NID_sha384) {
*algorithm = DIGEST_SHA_384;
} else if (md_type == NID_sha512) {
*algorithm = DIGEST_SHA_512;
#endif
} else {
algorithm->clear();
return false;
}
return true;
}
bool OpenSSLDigest::GetDigestSize(const std::string& algorithm,
size_t* length) {
const EVP_MD *md;

19
talk/base/openssldigest.h
View File

@@ -2,26 +2,26 @@
* libjingle
* Copyright 2004--2012, Google Inc.
*
* Redistribution and use in source and binary forms, with or without
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* 1. Redistributions of source code must retain the above copyright notice,
* 1. Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
* EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
* PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
* OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
* OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
@@ -47,9 +47,12 @@ class OpenSSLDigest : public MessageDigest {
// Outputs the digest value to |buf| with length |len|.
virtual size_t Finish(void* buf, size_t len);
// Helper function to look up a digest.
// Helper function to look up a digest's EVP by name.
static bool GetDigestEVP(const std::string &algorithm,
const EVP_MD** md);
// Helper function to look up a digest's name by EVP.
static bool GetDigestName(const EVP_MD* md,
std::string* algorithm);
// Helper function to get the length of a digest.
static bool GetDigestSize(const std::string &algorithm,
size_t* len);

8
talk/base/opensslidentity.cc
View File

@@ -235,6 +235,14 @@ OpenSSLCertificate* OpenSSLCertificate::FromPEMString(
return ret;
}
// NOTE: This implementation only functions correctly after InitializeSSL
// and before CleanupSSL.
bool OpenSSLCertificate::GetSignatureDigestAlgorithm(
std::string* algorithm) const {
return OpenSSLDigest::GetDigestName(
EVP_get_digestbyobj(x509_->sig_alg->algorithm), algorithm);
}
bool OpenSSLCertificate::ComputeDigest(const std::string &algorithm,
unsigned char *digest,
std::size_t size,

2
talk/base/opensslidentity.h
View File

@@ -105,6 +105,8 @@ class OpenSSLCertificate : public SSLCertificate {
std::size_t size,
std::size_t *length);
virtual bool GetSignatureDigestAlgorithm(std::string* algorithm) const;
virtual bool GetChain(SSLCertChain** chain) const {
// Chains are not yet supported when using OpenSSL.
// OpenSSLStreamAdapter::SSLVerifyCallback currently requires the remote

4
talk/base/sslidentity.h
View File

@@ -76,6 +76,10 @@ class SSLCertificate {
// Provides a DER encoded binary representation of the certificate.
virtual void ToDER(Buffer* der_buffer) const = 0;
// Gets the name of the digest algorithm that was used to compute this
// certificate's signature.
virtual bool GetSignatureDigestAlgorithm(std::string* algorithm) const = 0;
// Compute the digest of the certificate given algorithm
virtual bool ComputeDigest(const std::string &algorithm,
unsigned char* digest, std::size_t size,

20
talk/base/sslidentity_unittest.cc
View File

@@ -83,6 +83,22 @@ class SSLIdentityTest : public testing::Test {
ASSERT_TRUE(test_cert_);
}
void TestGetSignatureDigestAlgorithm() {
std::string digest_algorithm;
// Both NSSIdentity::Generate and OpenSSLIdentity::Generate are
// hard-coded to generate RSA-SHA1 certificates.
ASSERT_TRUE(identity1_->certificate().GetSignatureDigestAlgorithm(
&digest_algorithm));
ASSERT_EQ(talk_base::DIGEST_SHA_1, digest_algorithm);
ASSERT_TRUE(identity2_->certificate().GetSignatureDigestAlgorithm(
&digest_algorithm));
ASSERT_EQ(talk_base::DIGEST_SHA_1, digest_algorithm);
// The test certificate has an MD5-based signature.
ASSERT_TRUE(test_cert_->GetSignatureDigestAlgorithm(&digest_algorithm));
ASSERT_EQ(talk_base::DIGEST_MD5, digest_algorithm);
}
void TestDigest(const std::string &algorithm, size_t expected_len,
const unsigned char *expected_digest = NULL) {
unsigned char digest1[64];
@@ -203,3 +219,7 @@ TEST_F(SSLIdentityTest, PemDerConversion) {
"CERTIFICATE",
reinterpret_cast<const unsigned char*>(der.data()), der.length()));
}
TEST_F(SSLIdentityTest, GetSignatureDigestAlgorithm) {
TestGetSignatureDigestAlgorithm();
}

4
talk/base/thread.cc
View File

@@ -411,11 +411,15 @@ void Thread::Send(MessageHandler *phandler, uint32 id, MessageData *pdata) {
ss_->WakeUp();
bool waited = false;
crit_.Enter();
while (!ready) {
crit_.Leave();
current_thread->ReceiveSends();
current_thread->socketserver()->Wait(kForever, false);
waited = true;
crit_.Enter();
}
crit_.Leave();
// Our Wait loop above may have consumed some WakeUp events for this
// MessageQueue, that weren't relevant to this Send. Losing these WakeUps can