net/cert/ct_log_verifier_openssl.cc - Issue 1742873002: Switch //net to the new SPKI and PKCS#8 APIs.

Side by Side Diff: net/cert/ct_log_verifier_openssl.cc

Issue 1742873002: Switch //net to the new SPKI and PKCS#8 APIs. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@spki-crypto

Patch Set: const_cast Created 4 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "net/cert/ct_log_verifier.h"	5 #include "net/cert/ct_log_verifier.h"

6	6

	7 #include <openssl/bytestring.h>

7 #include <openssl/evp.h>	8 #include <openssl/evp.h>

8 #include <openssl/x509.h>

9	9

10 #include "base/logging.h"	10 #include "base/logging.h"

11 #include "crypto/openssl_util.h"	11 #include "crypto/openssl_util.h"

12 #include "crypto/scoped_openssl_types.h"	12 #include "crypto/scoped_openssl_types.h"

13 #include "crypto/sha2.h"	13 #include "crypto/sha2.h"

14 #include "net/cert/signed_tree_head.h"	14 #include "net/cert/signed_tree_head.h"

15	15

16 namespace net {	16 namespace net {

17	17

18 namespace {	18 namespace {

(...skipping 24 matching lines...) Expand all Loading...
43 CTLogVerifier::~CTLogVerifier() {	43 CTLogVerifier::~CTLogVerifier() {

44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);	44 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);

45	45

46 if (public_key_)	46 if (public_key_)

47 EVP_PKEY_free(public_key_);	47 EVP_PKEY_free(public_key_);

48 }	48 }

49	49

50 bool CTLogVerifier::Init(const base::StringPiece& public_key) {	50 bool CTLogVerifier::Init(const base::StringPiece& public_key) {

51 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);	51 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);

52	52

53 const uint8_t* ptr = reinterpret_cast<const uint8_t*>(public_key.data());	53 CBS cbs;

54 const uint8_t* end = ptr + public_key.size();	54 CBS_init(&cbs, reinterpret_cast<const uint8_t*>(public_key.data()),

55 public_key_ = d2i_PUBKEY(nullptr, &ptr, public_key.size());	55 public_key.size());

56 if (!public_key_ \|\| ptr != end)	56 public_key_ = EVP_parse_public_key(&cbs);

	57 if (!public_key_ \|\| CBS_len(&cbs) != 0)

57 return false;	58 return false;

58	59

59 key_id_ = crypto::SHA256HashString(public_key);	60 key_id_ = crypto::SHA256HashString(public_key);

60	61

61 // Right now, only RSASSA-PKCS1v15 with SHA-256 and ECDSA with SHA-256 are	62 // Right now, only RSASSA-PKCS1v15 with SHA-256 and ECDSA with SHA-256 are

62 // supported.	63 // supported.

63 switch (EVP_PKEY_type(public_key_->type)) {	64 switch (EVP_PKEY_type(public_key_->type)) {

64 case EVP_PKEY_RSA:	65 case EVP_PKEY_RSA:

65 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256;	66 hash_algorithm_ = ct::DigitallySigned::HASH_ALGO_SHA256;

66 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_RSA;	67 signature_algorithm_ = ct::DigitallySigned::SIG_ALGO_RSA;

(...skipping 36 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
103 1 == EVP_DigestVerifyFinal(	104 1 == EVP_DigestVerifyFinal(

104 &ctx,	105 &ctx,

105 reinterpret_cast<const uint8_t*>(signature.data()),	106 reinterpret_cast<const uint8_t*>(signature.data()),

106 signature.size()));	107 signature.size()));

107	108

108 EVP_MD_CTX_cleanup(&ctx);	109 EVP_MD_CTX_cleanup(&ctx);

109 return ok;	110 return ok;

110 }	111 }

111	112

112 } // namespace net	113 } // namespace net

OLD	NEW

« net/base/keygen_handler_openssl.cc ('K') | « net/base/openssl_private_key_store_android.cc ('k') | net/cert/internal/verify_signed_data.cc » ('j') | no next file with comments »