| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_log_verifier.h" | 5 #include "net/cert/ct_log_verifier.h" |
| 6 | 6 |
| 7 #include <openssl/evp.h> | 7 #include <openssl/evp.h> |
| 8 #include <openssl/x509.h> | 8 #include <openssl/x509.h> |
| 9 | 9 |
| 10 #include "base/logging.h" | 10 #include "base/logging.h" |
| (...skipping 29 matching lines...) Expand all Loading... |
| 40 | 40 |
| 41 } // namespace | 41 } // namespace |
| 42 | 42 |
| 43 CTLogVerifier::~CTLogVerifier() { | 43 CTLogVerifier::~CTLogVerifier() { |
| 44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 45 | 45 |
| 46 if (public_key_) | 46 if (public_key_) |
| 47 EVP_PKEY_free(public_key_); | 47 EVP_PKEY_free(public_key_); |
| 48 } | 48 } |
| 49 | 49 |
| 50 CTLogVerifier::CTLogVerifier() | 50 bool CTLogVerifier::Init(const base::StringPiece& public_key) { |
| 51 : hash_algorithm_(ct::DigitallySigned::HASH_ALGO_NONE), | |
| 52 signature_algorithm_(ct::DigitallySigned::SIG_ALGO_ANONYMOUS), | |
| 53 public_key_(NULL) {} | |
| 54 | |
| 55 bool CTLogVerifier::Init(const base::StringPiece& public_key, | |
| 56 const base::StringPiece& description) { | |
| 57 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 51 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 58 | 52 |
| 59 const uint8_t* ptr = reinterpret_cast<const uint8_t*>(public_key.data()); | 53 const uint8_t* ptr = reinterpret_cast<const uint8_t*>(public_key.data()); |
| 60 const uint8_t* end = ptr + public_key.size(); | 54 const uint8_t* end = ptr + public_key.size(); |
| 61 public_key_ = d2i_PUBKEY(nullptr, &ptr, public_key.size()); | 55 public_key_ = d2i_PUBKEY(nullptr, &ptr, public_key.size()); |
| 62 if (!public_key_ || ptr != end) | 56 if (!public_key_ || ptr != end) |
| 63 return false; | 57 return false; |
| 64 | 58 |
| 65 key_id_ = crypto::SHA256HashString(public_key); | 59 key_id_ = crypto::SHA256HashString(public_key); |
| 66 description_ = description.as_string(); | |
| 67 | 60 |
| 68 // Right now, only RSASSA-PKCS1v15 with SHA-256 and ECDSA with SHA-256 are | 61 // Right now, only RSASSA-PKCS1v15 with SHA-256 and ECDSA with SHA-256 are |
| 69 // supported. | 62 // supported. |
| 70 switch (EVP_PKEY_type(public_key_->type)) { | 63 switch (EVP_PKEY_type(public_key_->type)) { |
| 71 case EVP_PKEY_RSA: | 64 case EVP_PKEY_RSA: |
| 72 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256; | 65 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256; |
| 73 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_RSA; | 66 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_RSA; |
| 74 break; | 67 break; |
| 75 case EVP_PKEY_EC: | 68 case EVP_PKEY_EC: |
| 76 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256; | 69 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256; |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 110 1 == EVP_DigestVerifyFinal( | 103 1 == EVP_DigestVerifyFinal( |
| 111 &ctx, | 104 &ctx, |
| 112 reinterpret_cast<const uint8_t*>(signature.data()), | 105 reinterpret_cast<const uint8_t*>(signature.data()), |
| 113 signature.size())); | 106 signature.size())); |
| 114 | 107 |
| 115 EVP_MD_CTX_cleanup(&ctx); | 108 EVP_MD_CTX_cleanup(&ctx); |
| 116 return ok; | 109 return ok; |
| 117 } | 110 } |
| 118 | 111 |
| 119 } // namespace net | 112 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1100003006:
Certificate Transparency: Fetching of Signed Tree Heads (DRAFT) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master