Index: crypto/ec_signature_creator_unittest.cc |
diff --git a/crypto/ec_signature_creator_unittest.cc b/crypto/ec_signature_creator_unittest.cc |
index b34022b1861ec89e39b98870a600652af8ded17b..bc0cb4a6b60d4a79872cd20a154b98f3686923fb 100644 |
--- a/crypto/ec_signature_creator_unittest.cc |
+++ b/crypto/ec_signature_creator_unittest.cc |
@@ -54,12 +54,22 @@ TEST(ECSignatureCreatorTest, BasicTest) { |
std::vector<uint8> public_key_info; |
ASSERT_TRUE(key_original->ExportPublicKey(&public_key_info)); |
- // This is the algorithm ID for SHA-256 with EC encryption. |
+ // This is the algorithm ID for ECDSA with SHA-256. Parameters are ABSENT. |
+ // RFC 5758: |
+ // ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { iso(1) member-body(2) |
+ // us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2(3) 2 } |
+ // ... |
+ // When the ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with-SHA384, or |
+ // ecdsa-with-SHA512 algorithm identifier appears in the algorithm field |
+ // as an AlgorithmIdentifier, the encoding MUST omit the parameters |
+ // field. That is, the AlgorithmIdentifier SHALL be a SEQUENCE of one |
+ // component, the OID ecdsa-with-SHA224, ecdsa-with-SHA256, ecdsa-with- |
+ // SHA384, or ecdsa-with-SHA512. |
+ // See also RFC 5480, Appendix A. |
const uint8 kECDSAWithSHA256AlgorithmID[] = { |
- 0x30, 0x0c, |
+ 0x30, 0x0a, |
0x06, 0x08, |
0x2a, 0x86, 0x48, 0xce, 0x3d, 0x04, 0x03, 0x02, |
- 0x05, 0x00 |
}; |
crypto::SignatureVerifier verifier; |
ASSERT_TRUE(verifier.VerifyInit( |