| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/proof_source_chromium.h" | 5 #include "net/quic/crypto/proof_source_chromium.h" |
| 6 | 6 |
| 7 #include <openssl/digest.h> | 7 #include <openssl/digest.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 #include <openssl/rsa.h> | 9 #include <openssl/rsa.h> |
| 10 | 10 |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 65 return false; | 65 return false; |
| 66 } | 66 } |
| 67 return true; | 67 return true; |
| 68 } | 68 } |
| 69 | 69 |
| 70 bool ProofSourceChromium::GetProof(const IPAddressNumber& server_ip, | 70 bool ProofSourceChromium::GetProof(const IPAddressNumber& server_ip, |
| 71 const string& hostname, | 71 const string& hostname, |
| 72 const string& server_config, | 72 const string& server_config, |
| 73 bool ecdsa_ok, | 73 bool ecdsa_ok, |
| 74 const vector<string>** out_certs, | 74 const vector<string>** out_certs, |
| 75 string* out_signature) { | 75 string* out_signature, |
| 76 string* out_leaf_cert_sct) { |
| 76 DCHECK(private_key_.get()) << " this: " << this; | 77 DCHECK(private_key_.get()) << " this: " << this; |
| 77 | 78 |
| 78 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 79 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
| 79 crypto::ScopedEVP_MD_CTX sign_context(EVP_MD_CTX_create()); | 80 crypto::ScopedEVP_MD_CTX sign_context(EVP_MD_CTX_create()); |
| 80 EVP_PKEY_CTX* pkey_ctx; | 81 EVP_PKEY_CTX* pkey_ctx; |
| 81 if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(), nullptr, | 82 if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(), nullptr, |
| 82 private_key_->key()) || | 83 private_key_->key()) || |
| 83 !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) || | 84 !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) || |
| 84 !EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1) || | 85 !EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, -1) || |
| 85 !EVP_DigestSignUpdate(sign_context.get(), reinterpret_cast<const uint8*>( | 86 !EVP_DigestSignUpdate(sign_context.get(), reinterpret_cast<const uint8*>( |
| (...skipping 19 matching lines...) Expand all Loading... |
| 105 signature.resize(len); | 106 signature.resize(len); |
| 106 out_signature->assign(reinterpret_cast<const char*>(&signature[0]), | 107 out_signature->assign(reinterpret_cast<const char*>(&signature[0]), |
| 107 signature.size()); | 108 signature.size()); |
| 108 *out_certs = &certificates_; | 109 *out_certs = &certificates_; |
| 109 VLOG(1) << "signature: " | 110 VLOG(1) << "signature: " |
| 110 << base::HexEncode(out_signature->data(), out_signature->size()); | 111 << base::HexEncode(out_signature->data(), out_signature->size()); |
| 111 return true; | 112 return true; |
| 112 } | 113 } |
| 113 | 114 |
| 114 } // namespace net | 115 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1416583005:
Add support of serving SCT on the server side in QUIC, gated by QUIC_VERSION_30. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@106687764