| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/api/networking_private/networking_private_cry
pto.h" | 5 #include "chrome/common/extensions/api/networking_private/networking_private_cry
pto.h" |
| 6 | 6 |
| 7 #include <openssl/digest.h> | 7 #include <openssl/digest.h> |
| 8 #include <openssl/evp.h> | 8 #include <openssl/evp.h> |
| 9 #include <openssl/rsa.h> | 9 #include <openssl/rsa.h> |
| 10 #include <openssl/x509.h> | 10 #include <openssl/x509.h> |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 90 LOG(WARNING) << "Failed to parse intermediate certificates."; | 90 LOG(WARNING) << "Failed to parse intermediate certificates."; |
| 91 } | 91 } |
| 92 } | 92 } |
| 93 | 93 |
| 94 // Note that the device certificate's policy is not enforced here. The goal | 94 // Note that the device certificate's policy is not enforced here. The goal |
| 95 // is simply to verify that the device belongs to the Cast ecosystem. | 95 // is simply to verify that the device belongs to the Cast ecosystem. |
| 96 cast_crypto::CastDeviceCertPolicy unused_policy; | 96 cast_crypto::CastDeviceCertPolicy unused_policy; |
| 97 | 97 |
| 98 std::unique_ptr<cast_crypto::CertVerificationContext> verification_context; | 98 std::unique_ptr<cast_crypto::CertVerificationContext> verification_context; |
| 99 if (!cast_crypto::VerifyDeviceCert(certs, time, &verification_context, | 99 if (!cast_crypto::VerifyDeviceCert(certs, time, &verification_context, |
| 100 &unused_policy)) { | 100 &unused_policy, nullptr)) { |
| 101 LOG(ERROR) << kErrorPrefix << "Failed verifying cast device cert"; | 101 LOG(ERROR) << kErrorPrefix << "Failed verifying cast device cert"; |
| 102 return false; | 102 return false; |
| 103 } | 103 } |
| 104 | 104 |
| 105 // Check that the device listed in the certificate is correct. | 105 // Check that the device listed in the certificate is correct. |
| 106 // Something like evt_e161 001a11ffacdf | 106 // Something like evt_e161 001a11ffacdf |
| 107 std::string common_name = verification_context->GetCommonName(); | 107 std::string common_name = verification_context->GetCommonName(); |
| 108 std::string translated_mac; | 108 std::string translated_mac; |
| 109 base::RemoveChars(connected_mac, ":", &translated_mac); | 109 base::RemoveChars(connected_mac, ":", &translated_mac); |
| 110 if (!base::EndsWith(common_name, translated_mac, | 110 if (!base::EndsWith(common_name, translated_mac, |
| (...skipping 68 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 179 rsa.get(), RSA_PKCS1_PADDING); | 179 rsa.get(), RSA_PKCS1_PADDING); |
| 180 if (output_length < 0) { | 180 if (output_length < 0) { |
| 181 LOG(ERROR) << "Error during decryption."; | 181 LOG(ERROR) << "Error during decryption."; |
| 182 return false; | 182 return false; |
| 183 } | 183 } |
| 184 decrypted_output->resize(output_length); | 184 decrypted_output->resize(output_length); |
| 185 return true; | 185 return true; |
| 186 } | 186 } |
| 187 | 187 |
| 188 } // namespace networking_private_crypto | 188 } // namespace networking_private_crypto |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2050983002:
Cast device revocation checking. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master