| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_log_verifier.h" | 5 #include "net/cert/ct_log_verifier.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "net/cert/ct_serialization.h" | 8 #include "net/cert/ct_serialization.h" |
| 9 #include "net/cert/signed_tree_head.h" | 9 #include "net/cert/signed_tree_head.h" |
| 10 | 10 |
| (...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 52 std::string serialized_data; | 52 std::string serialized_data; |
| 53 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, | 53 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, |
| 54 sct.extensions, &serialized_data)) { | 54 sct.extensions, &serialized_data)) { |
| 55 DVLOG(1) << "Unable to create SCT to verify."; | 55 DVLOG(1) << "Unable to create SCT to verify."; |
| 56 return false; | 56 return false; |
| 57 } | 57 } |
| 58 | 58 |
| 59 return VerifySignature(serialized_data, sct.signature.signature_data); | 59 return VerifySignature(serialized_data, sct.signature.signature_data); |
| 60 } | 60 } |
| 61 | 61 |
| 62 bool CTLogVerifier::SetSignedTreeHead( | 62 bool CTLogVerifier::VerifySignedTreeHead( |
| 63 scoped_ptr<ct::SignedTreeHead> signed_tree_head) { | 63 const ct::SignedTreeHead* signed_tree_head) { |
| 64 if (!SignatureParametersMatch(signed_tree_head->signature)) | 64 if (!SignatureParametersMatch(signed_tree_head->signature)) |
| 65 return false; | 65 return false; |
| 66 | 66 |
| 67 std::string serialized_data; | 67 std::string serialized_data; |
| 68 ct::EncodeTreeHeadSignature(*signed_tree_head.get(), &serialized_data); | 68 ct::EncodeTreeHeadSignature(*signed_tree_head, &serialized_data); |
| 69 if (VerifySignature(serialized_data, | 69 if (VerifySignature(serialized_data, |
| 70 signed_tree_head->signature.signature_data)) { | 70 signed_tree_head->signature.signature_data)) { |
| 71 signed_tree_head_.reset(signed_tree_head.release()); | |
| 72 return true; | 71 return true; |
| 73 } | 72 } |
| 74 return false; | 73 return false; |
| 75 } | 74 } |
| 76 | 75 |
| 77 bool CTLogVerifier::SignatureParametersMatch( | 76 bool CTLogVerifier::SignatureParametersMatch( |
| 78 const ct::DigitallySigned& signature) { | 77 const ct::DigitallySigned& signature) { |
| 79 if (!signature.SignatureParametersMatch(hash_algorithm_, | 78 if (!signature.SignatureParametersMatch(hash_algorithm_, |
| 80 signature_algorithm_)) { | 79 signature_algorithm_)) { |
| 81 DVLOG(1) << "Mismatched hash or signature algorithm. Hash: " | 80 DVLOG(1) << "Mismatched hash or signature algorithm. Hash: " |
| 82 << hash_algorithm_ << " vs " << signature.hash_algorithm | 81 << hash_algorithm_ << " vs " << signature.hash_algorithm |
| 83 << " Signature: " << signature_algorithm_ << " vs " | 82 << " Signature: " << signature_algorithm_ << " vs " |
| 84 << signature.signature_algorithm << "."; | 83 << signature.signature_algorithm << "."; |
| 85 return false; | 84 return false; |
| 86 } | 85 } |
| 87 | 86 |
| 88 return true; | 87 return true; |
| 89 } | 88 } |
| 90 | 89 |
| 91 } // namespace net | 90 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1100003006:
Certificate Transparency: Fetching of Signed Tree Heads (DRAFT) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master