pRevert 5371 "Revert 5367 "Update talk to 59410372.""

> Revert 5367 "Update talk to 59410372." > > > Update talk to 59410372. > > > > R=jiayl@webrtc.org, wu@webrtc.org > > > > Review URL: https://webrtc-codereview.appspot.com/6929004 > > TBR=mallinath@webrtc.org > > Review URL: https://webrtc-codereview.appspot.com/6999004 TBR=henrika@webrtc.org Review URL: https://webrtc-codereview.appspot.com/7109004 git-svn-id: http://webrtc.googlecode.com/svn/trunk@5381 4adac7df-926f-26a2-2b94-8c16560cd09d
2014-01-14 10:00:58 +00:00
parent 4371d4650a
commit aebb1ade9d
50 changed files with 974 additions and 746 deletions
--- a/talk/base/messagedigest.cc
+++ b/talk/base/messagedigest.cc
@@ -70,6 +70,19 @@ MessageDigest* MessageDigestFactory::Create(const std::string& alg) {
 #endif
 }

+bool IsFips180DigestAlgorithm(const std::string& alg) {
+  // These are the FIPS 180 algorithms.  According to RFC 4572 Section 5,
+  // "Self-signed certificates (for which legacy certificates are not a
+  // consideration) MUST use one of the FIPS 180 algorithms (SHA-1,
+  // SHA-224, SHA-256, SHA-384, or SHA-512) as their signature algorithm,
+  // and thus also MUST use it to calculate certificate fingerprints."
+  return alg == DIGEST_SHA_1 ||
+         alg == DIGEST_SHA_224 ||
+         alg == DIGEST_SHA_256 ||
+         alg == DIGEST_SHA_384 ||
+         alg == DIGEST_SHA_512;
+}
+
 size_t ComputeDigest(MessageDigest* digest, const void* input, size_t in_len,
                     void* output, size_t out_len) {
  digest->Update(input, in_len);