Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(927)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_log_verifier_openssl.cc

Issue 1440643002: Certificate Transparency: Per-profile CT verification (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Made CTLogVerifier const throughout. Created 5 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« chrome/browser/profiles/profile_io_data.cc ('K') | « net/cert/ct_log_verifier_nss.cc ('k') | net/cert/ct_log_verifier_unittest.cc » ('j') | net/cert/ct_verifier.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_log_verifier.h" 5 #include "net/cert/ct_log_verifier.h"
6 6
7 #include <openssl/evp.h> 7 #include <openssl/evp.h>
8 #include <openssl/x509.h> 8 #include <openssl/x509.h>
9 9
10 #include "base/logging.h" 10 #include "base/logging.h"
(...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after
79 if (signature_algorithm_ == ct::DigitallySigned::SIG_ALGO_RSA && 79 if (signature_algorithm_ == ct::DigitallySigned::SIG_ALGO_RSA &&
80 EVP_PKEY_size(public_key_) < 256) { 80 EVP_PKEY_size(public_key_) < 256) {
81 DVLOG(1) << "Too small a public key."; 81 DVLOG(1) << "Too small a public key.";
82 return false; 82 return false;
83 } 83 }
84 84
85 return true; 85 return true;
86 } 86 }
87 87
88 bool CTLogVerifier::VerifySignature(const base::StringPiece& data_to_sign, 88 bool CTLogVerifier::VerifySignature(const base::StringPiece& data_to_sign,
89 const base::StringPiece& signature) { 89 const base::StringPiece& signature) const {
90 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 90 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
91 91
92 const EVP_MD* hash_alg = GetEvpAlg(hash_algorithm_); 92 const EVP_MD* hash_alg = GetEvpAlg(hash_algorithm_);
93 if (hash_alg == NULL) 93 if (hash_alg == NULL)
94 return false; 94 return false;
95 95
96 EVP_MD_CTX ctx; 96 EVP_MD_CTX ctx;
97 EVP_MD_CTX_init(&ctx); 97 EVP_MD_CTX_init(&ctx);
98 98
99 bool ok = ( 99 bool ok = (
100 1 == EVP_DigestVerifyInit(&ctx, NULL, hash_alg, NULL, public_key_) && 100 1 == EVP_DigestVerifyInit(&ctx, NULL, hash_alg, NULL, public_key_) &&
101 1 == EVP_DigestVerifyUpdate( 101 1 == EVP_DigestVerifyUpdate(
102 &ctx, data_to_sign.data(), data_to_sign.size()) && 102 &ctx, data_to_sign.data(), data_to_sign.size()) &&
103 1 == EVP_DigestVerifyFinal( 103 1 == EVP_DigestVerifyFinal(
104 &ctx, 104 &ctx,
105 reinterpret_cast<const uint8_t*>(signature.data()), 105 reinterpret_cast<const uint8_t*>(signature.data()),
106 signature.size())); 106 signature.size()));
107 107
108 EVP_MD_CTX_cleanup(&ctx); 108 EVP_MD_CTX_cleanup(&ctx);
109 return ok; 109 return ok;
110 } 110 }
111 111
112 } // namespace net 112 } // namespace net
OLDNEW
« chrome/browser/profiles/profile_io_data.cc ('K') | « net/cert/ct_log_verifier_nss.cc ('k') | net/cert/ct_log_verifier_unittest.cc » ('j') | net/cert/ct_verifier.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698