| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/multi_log_ct_verifier.h" | 5 #include "net/cert/multi_log_ct_verifier.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/callback_helpers.h" | 10 #include "base/callback_helpers.h" |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 53 10, | 53 10, |
| 54 11); | 54 11); |
| 55 } | 55 } |
| 56 | 56 |
| 57 } // namespace | 57 } // namespace |
| 58 | 58 |
| 59 MultiLogCTVerifier::MultiLogCTVerifier() { } | 59 MultiLogCTVerifier::MultiLogCTVerifier() { } |
| 60 | 60 |
| 61 MultiLogCTVerifier::~MultiLogCTVerifier() { } | 61 MultiLogCTVerifier::~MultiLogCTVerifier() { } |
| 62 | 62 |
| 63 void MultiLogCTVerifier::AddLog(scoped_ptr<CTLogVerifier> log_verifier) { | |
| 64 DCHECK(log_verifier); | |
| 65 if (!log_verifier) | |
| 66 return; | |
| 67 | |
| 68 linked_ptr<CTLogVerifier> log(log_verifier.release()); | |
| 69 logs_[log->key_id()] = log; | |
| 70 } | |
| 71 | |
| 72 void MultiLogCTVerifier::AddLogs( | 63 void MultiLogCTVerifier::AddLogs( |
| 73 ScopedVector<CTLogVerifier> log_verifiers) { | 64 const std::vector<linked_ptr<CTLogVerifier>>& log_verifiers) { |
| 74 for (ScopedVector<CTLogVerifier>::iterator it = | 65 for (auto it = log_verifiers.begin(); it != log_verifiers.end(); ++it) { |
| 75 log_verifiers.begin(); it != log_verifiers.end(); ++it) { | |
| 76 linked_ptr<CTLogVerifier> log(*it); | 66 linked_ptr<CTLogVerifier> log(*it); |
| 77 VLOG(1) << "Adding CT log: " << log->description(); | 67 VLOG(1) << "Adding CT log: " << log->description(); |
| 78 logs_[log->key_id()] = log; | 68 logs_[log->key_id()] = log; |
| 79 } | 69 } |
| 70 } |
| 80 | 71 |
| 81 // Ownership of the pointers in |log_verifiers| is transferred to |logs_| | 72 void MultiLogCTVerifier::SetObserver(Observer* observer) { |
| 82 log_verifiers.weak_clear(); | 73 observer_ = observer; |
| 83 } | 74 } |
| 84 | 75 |
| 85 int MultiLogCTVerifier::Verify( | 76 int MultiLogCTVerifier::Verify( |
| 86 X509Certificate* cert, | 77 X509Certificate* cert, |
| 87 const std::string& stapled_ocsp_response, | 78 const std::string& stapled_ocsp_response, |
| 88 const std::string& sct_list_from_tls_extension, | 79 const std::string& sct_list_from_tls_extension, |
| 89 ct::CTVerifyResult* result, | 80 ct::CTVerifyResult* result, |
| 90 const BoundNetLog& net_log) { | 81 const BoundNetLog& net_log) { |
| 91 DCHECK(cert); | 82 DCHECK(cert); |
| 92 DCHECK(result); | 83 DCHECK(result); |
| (...skipping 131 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 224 // SCT verified ok, just make sure the timestamp is legitimate. | 215 // SCT verified ok, just make sure the timestamp is legitimate. |
| 225 if (sct->timestamp > base::Time::Now()) { | 216 if (sct->timestamp > base::Time::Now()) { |
| 226 DVLOG(1) << "SCT is from the future!"; | 217 DVLOG(1) << "SCT is from the future!"; |
| 227 result->invalid_scts.push_back(sct); | 218 result->invalid_scts.push_back(sct); |
| 228 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID); | 219 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID); |
| 229 return false; | 220 return false; |
| 230 } | 221 } |
| 231 | 222 |
| 232 LogSCTStatusToUMA(ct::SCT_STATUS_OK); | 223 LogSCTStatusToUMA(ct::SCT_STATUS_OK); |
| 233 result->verified_scts.push_back(sct); | 224 result->verified_scts.push_back(sct); |
| 225 if (observer_) |
| 226 observer_->OnSCTVerified(sct.get(), it->second.get()); |
| 234 return true; | 227 return true; |
| 235 } | 228 } |
| 236 | 229 |
| 230 void MultiLogCTVerifier::StopNotifications() { |
| 231 DVLOG(1) << "Stopping notifications."; |
| 232 observer_ = nullptr; |
| 233 } |
| 234 |
| 237 } // namespace net | 235 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1100003006:
Certificate Transparency: Fetching of Signed Tree Heads (DRAFT) (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master