| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | 5 #ifndef NET_CERT_MULTI_LOG_CT_VERIFIER_H_ |
| 6 #define NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | 6 #define NET_CERT_MULTI_LOG_CT_VERIFIER_H_ |
| 7 | 7 |
| 8 #include <map> | 8 #include <map> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| (...skipping 22 matching lines...) Expand all Loading... |
| 33 | 33 |
| 34 void AddLogs(const std::vector<scoped_refptr<CTLogVerifier>>& log_verifiers); | 34 void AddLogs(const std::vector<scoped_refptr<CTLogVerifier>>& log_verifiers); |
| 35 | 35 |
| 36 // CTVerifier implementation: | 36 // CTVerifier implementation: |
| 37 int Verify(X509Certificate* cert, | 37 int Verify(X509Certificate* cert, |
| 38 const std::string& stapled_ocsp_response, | 38 const std::string& stapled_ocsp_response, |
| 39 const std::string& sct_list_from_tls_extension, | 39 const std::string& sct_list_from_tls_extension, |
| 40 ct::CTVerifyResult* result, | 40 ct::CTVerifyResult* result, |
| 41 const BoundNetLog& net_log) override; | 41 const BoundNetLog& net_log) override; |
| 42 | 42 |
| 43 void StopNotifications() override; |
| 44 |
| 45 void SetObserver(Observer* observer) override; |
| 46 |
| 43 private: | 47 private: |
| 44 // Verify a list of SCTs from |encoded_sct_list| over |expected_entry|, | 48 // Verify a list of SCTs from |encoded_sct_list| over |expected_entry|, |
| 45 // placing the verification results in |result|. The SCTs in the list | 49 // placing the verification results in |result|. The SCTs in the list |
| 46 // come from |origin| (as will be indicated in the origin field of each SCT). | 50 // come from |origin| (as will be indicated in the origin field of each SCT). |
| 47 bool VerifySCTs(const std::string& encoded_sct_list, | 51 bool VerifySCTs(const std::string& encoded_sct_list, |
| 48 const ct::LogEntry& expected_entry, | 52 const ct::LogEntry& expected_entry, |
| 49 ct::SignedCertificateTimestamp::Origin origin, | 53 ct::SignedCertificateTimestamp::Origin origin, |
| 50 ct::CTVerifyResult* result); | 54 ct::CTVerifyResult* result); |
| 51 | 55 |
| 52 // Verifies a single, parsed SCT against all logs. | 56 // Verifies a single, parsed SCT against all logs. |
| 53 bool VerifySingleSCT( | 57 bool VerifySingleSCT( |
| 54 scoped_refptr<ct::SignedCertificateTimestamp> sct, | 58 scoped_refptr<ct::SignedCertificateTimestamp> sct, |
| 55 const ct::LogEntry& expected_entry, | 59 const ct::LogEntry& expected_entry, |
| 56 ct::CTVerifyResult* result); | 60 ct::CTVerifyResult* result); |
| 57 | 61 |
| 58 // Mapping from a log's ID to the verifier for this log. | 62 // Mapping from a log's ID to the verifier for this log. |
| 59 // A log's ID is the SHA-256 of the log's key, as defined in section 3.2. | 63 // A log's ID is the SHA-256 of the log's key, as defined in section 3.2. |
| 60 // of RFC6962. | 64 // of RFC6962. |
| 61 std::map<std::string, scoped_refptr<CTLogVerifier>> logs_; | 65 std::map<std::string, scoped_refptr<CTLogVerifier>> logs_; |
| 62 | 66 |
| 67 Observer* observer_; |
| 68 |
| 63 DISALLOW_COPY_AND_ASSIGN(MultiLogCTVerifier); | 69 DISALLOW_COPY_AND_ASSIGN(MultiLogCTVerifier); |
| 64 }; | 70 }; |
| 65 | 71 |
| 66 } // namespace net | 72 } // namespace net |
| 67 | 73 |
| 68 #endif // NET_CERT_MULTI_LOG_CT_VERIFIER_H_ | 74 #endif // NET_CERT_MULTI_LOG_CT_VERIFIER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1216153010:
Certificate Transparency: Add observer for Signed Certificate Timestamps (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master