OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/ct_log_verifier.h" | 5 #include "net/cert/ct_log_verifier.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "net/cert/ct_serialization.h" | 8 #include "net/cert/ct_serialization.h" |
9 #include "net/cert/signed_tree_head.h" | 9 #include "net/cert/signed_tree_head.h" |
10 | 10 |
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
52 std::string serialized_data; | 52 std::string serialized_data; |
53 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, | 53 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, |
54 sct.extensions, &serialized_data)) { | 54 sct.extensions, &serialized_data)) { |
55 DVLOG(1) << "Unable to create SCT to verify."; | 55 DVLOG(1) << "Unable to create SCT to verify."; |
56 return false; | 56 return false; |
57 } | 57 } |
58 | 58 |
59 return VerifySignature(serialized_data, sct.signature.signature_data); | 59 return VerifySignature(serialized_data, sct.signature.signature_data); |
60 } | 60 } |
61 | 61 |
62 bool CTLogVerifier::SetSignedTreeHead( | 62 bool CTLogVerifier::VerifySignedTreeHead( |
63 scoped_ptr<ct::SignedTreeHead> signed_tree_head) { | 63 const ct::SignedTreeHead* signed_tree_head) { |
64 if (!SignatureParametersMatch(signed_tree_head->signature)) | 64 if (!SignatureParametersMatch(signed_tree_head->signature)) |
65 return false; | 65 return false; |
66 | 66 |
67 std::string serialized_data; | 67 std::string serialized_data; |
68 ct::EncodeTreeHeadSignature(*signed_tree_head.get(), &serialized_data); | 68 ct::EncodeTreeHeadSignature(*signed_tree_head, &serialized_data); |
69 if (VerifySignature(serialized_data, | 69 if (VerifySignature(serialized_data, |
70 signed_tree_head->signature.signature_data)) { | 70 signed_tree_head->signature.signature_data)) { |
71 signed_tree_head_.reset(signed_tree_head.release()); | |
72 return true; | 71 return true; |
73 } | 72 } |
74 return false; | 73 return false; |
75 } | 74 } |
76 | 75 |
77 bool CTLogVerifier::SignatureParametersMatch( | 76 bool CTLogVerifier::SignatureParametersMatch( |
78 const ct::DigitallySigned& signature) { | 77 const ct::DigitallySigned& signature) { |
79 if (!signature.SignatureParametersMatch(hash_algorithm_, | 78 if (!signature.SignatureParametersMatch(hash_algorithm_, |
80 signature_algorithm_)) { | 79 signature_algorithm_)) { |
81 DVLOG(1) << "Mismatched hash or signature algorithm. Hash: " | 80 DVLOG(1) << "Mismatched hash or signature algorithm. Hash: " |
82 << hash_algorithm_ << " vs " << signature.hash_algorithm | 81 << hash_algorithm_ << " vs " << signature.hash_algorithm |
83 << " Signature: " << signature_algorithm_ << " vs " | 82 << " Signature: " << signature_algorithm_ << " vs " |
84 << signature.signature_algorithm << "."; | 83 << signature.signature_algorithm << "."; |
85 return false; | 84 return false; |
86 } | 85 } |
87 | 86 |
88 return true; | 87 return true; |
89 } | 88 } |
90 | 89 |
91 } // namespace net | 90 } // namespace net |
OLD | NEW |