Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(381)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_log_verifier.cc

Issue 2269383003: Certificate Transparency: Make DNS front-end required. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Removing the md file Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/certificate_transparency/single_tree_tracker_unittest.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_log_verifier.h" 5 #include "net/cert/ct_log_verifier.h"
6 6
7 #include <string.h> 7 #include <string.h>
8 #include <openssl/bytestring.h> 8 #include <openssl/bytestring.h>
9 #include <openssl/evp.h> 9 #include <openssl/evp.h>
10 10
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after
73 CTLogVerifier::CTLogVerifier(const base::StringPiece& description, 73 CTLogVerifier::CTLogVerifier(const base::StringPiece& description,
74 const GURL& url, 74 const GURL& url,
75 const base::StringPiece& dns_domain) 75 const base::StringPiece& dns_domain)
76 : description_(description.as_string()), 76 : description_(description.as_string()),
77 url_(url), 77 url_(url),
78 dns_domain_(dns_domain.as_string()), 78 dns_domain_(dns_domain.as_string()),
79 hash_algorithm_(ct::DigitallySigned::HASH_ALGO_NONE), 79 hash_algorithm_(ct::DigitallySigned::HASH_ALGO_NONE),
80 signature_algorithm_(ct::DigitallySigned::SIG_ALGO_ANONYMOUS), 80 signature_algorithm_(ct::DigitallySigned::SIG_ALGO_ANONYMOUS),
81 public_key_(NULL) { 81 public_key_(NULL) {
82 DCHECK(url_.is_valid()); 82 DCHECK(url_.is_valid());
83 DCHECK(!dns_domain_.empty());
83 } 84 }
84 85
85 bool CTLogVerifier::Verify(const ct::LogEntry& entry, 86 bool CTLogVerifier::Verify(const ct::LogEntry& entry,
86 const ct::SignedCertificateTimestamp& sct) const { 87 const ct::SignedCertificateTimestamp& sct) const {
87 if (sct.log_id != key_id()) { 88 if (sct.log_id != key_id()) {
88 DVLOG(1) << "SCT is not signed by this log."; 89 DVLOG(1) << "SCT is not signed by this log.";
89 return false; 90 return false;
90 } 91 }
91 92
92 if (!SignatureParametersMatch(sct.signature)) 93 if (!SignatureParametersMatch(sct.signature))
(...skipping 212 matching lines...) Expand 10 before | Expand all | Expand 10 after
305 data_to_sign.size()) && 306 data_to_sign.size()) &&
306 1 == EVP_DigestVerifyFinal( 307 1 == EVP_DigestVerifyFinal(
307 &ctx, reinterpret_cast<const uint8_t*>(signature.data()), 308 &ctx, reinterpret_cast<const uint8_t*>(signature.data()),
308 signature.size())); 309 signature.size()));
309 310
310 EVP_MD_CTX_cleanup(&ctx); 311 EVP_MD_CTX_cleanup(&ctx);
311 return ok; 312 return ok;
312 } 313 }
313 314
314 } // namespace net 315 } // namespace net
OLDNEW
« no previous file with comments | « components/certificate_transparency/single_tree_tracker_unittest.cc ('k') | net/cert/ct_objects_extractor_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698