Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(152)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/multi_log_ct_verifier.cc

Issue 1216153010: Certificate Transparency: Add observer for Signed Certificate Timestamps (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 5 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/ct_verifier.h ('K') | « net/cert/multi_log_ct_verifier.h ('k') | net/cert/multi_log_ct_verifier_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/multi_log_ct_verifier.h" 5 #include "net/cert/multi_log_ct_verifier.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/callback_helpers.h" 10 #include "base/callback_helpers.h"
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
49 result.invalid_scts.size() + 49 result.invalid_scts.size() +
50 result.verified_scts.size() + 50 result.verified_scts.size() +
51 result.unknown_logs_scts.size(), 51 result.unknown_logs_scts.size(),
52 1, 52 1,
53 10, 53 10,
54 11); 54 11);
55 } 55 }
56 56
57 } // namespace 57 } // namespace
58 58
59 MultiLogCTVerifier::MultiLogCTVerifier() { } 59 MultiLogCTVerifier::MultiLogCTVerifier() : observer_(nullptr) {
60 }
60 61
61 MultiLogCTVerifier::~MultiLogCTVerifier() { } 62 MultiLogCTVerifier::~MultiLogCTVerifier() { }
62 63
63 void MultiLogCTVerifier::AddLogs( 64 void MultiLogCTVerifier::AddLogs(
64 const std::vector<scoped_refptr<CTLogVerifier>>& log_verifiers) { 65 const std::vector<scoped_refptr<CTLogVerifier>>& log_verifiers) {
65 for (const auto& log_verifier : log_verifiers) { 66 for (const auto& log_verifier : log_verifiers) {
66 VLOG(1) << "Adding CT log: " << log_verifier->description(); 67 VLOG(1) << "Adding CT log: " << log_verifier->description();
67 logs_[log_verifier->key_id()] = log_verifier; 68 logs_[log_verifier->key_id()] = log_verifier;
68 } 69 }
69 } 70 }
70 71
72 void MultiLogCTVerifier::SetObserver(Observer* observer) {
73 observer_ = observer;
74 }
75
71 int MultiLogCTVerifier::Verify( 76 int MultiLogCTVerifier::Verify(
72 X509Certificate* cert, 77 X509Certificate* cert,
73 const std::string& stapled_ocsp_response, 78 const std::string& stapled_ocsp_response,
74 const std::string& sct_list_from_tls_extension, 79 const std::string& sct_list_from_tls_extension,
75 ct::CTVerifyResult* result, 80 ct::CTVerifyResult* result,
76 const BoundNetLog& net_log) { 81 const BoundNetLog& net_log) {
77 DCHECK(cert); 82 DCHECK(cert);
78 DCHECK(result); 83 DCHECK(result);
79 84
80 result->verified_scts.clear(); 85 result->verified_scts.clear();
(...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after
210 // SCT verified ok, just make sure the timestamp is legitimate. 215 // SCT verified ok, just make sure the timestamp is legitimate.
211 if (sct->timestamp > base::Time::Now()) { 216 if (sct->timestamp > base::Time::Now()) {
212 DVLOG(1) << "SCT is from the future!"; 217 DVLOG(1) << "SCT is from the future!";
213 result->invalid_scts.push_back(sct); 218 result->invalid_scts.push_back(sct);
214 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID); 219 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID);
215 return false; 220 return false;
216 } 221 }
217 222
218 LogSCTStatusToUMA(ct::SCT_STATUS_OK); 223 LogSCTStatusToUMA(ct::SCT_STATUS_OK);
219 result->verified_scts.push_back(sct); 224 result->verified_scts.push_back(sct);
225 if (observer_)
226 observer_->OnSCTVerified(sct.get(), it->second.get());
220 return true; 227 return true;
221 } 228 }
222 229
230 void MultiLogCTVerifier::StopNotifications() {
231 DVLOG(1) << "Stopping notifications.";
232 observer_ = nullptr;
233 }
234
223 } // namespace net 235 } // namespace net
OLDNEW
« net/cert/ct_verifier.h ('K') | « net/cert/multi_log_ct_verifier.h ('k') | net/cert/multi_log_ct_verifier_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698