Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(231)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/cast_certificate/cast_crl.cc

Issue 2303673004: Hook up Chrome Cast sender to Cast CRL. (Closed)
Patch Set: Cleaned up unused headers. Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« components/cast_certificate/cast_crl.h ('K') | « components/cast_certificate/cast_crl.h ('k') | components/cast_certificate/cast_crl_unittest.cc » ('j') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/cast_certificate/cast_crl.h" 5 #include "components/cast_certificate/cast_crl.h"
6 6
7 #include <unordered_map> 7 #include <unordered_map>
8 #include <unordered_set> 8 #include <unordered_set>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
(...skipping 296 matching lines...) Expand 10 before | Expand all | Expand 10 after
307 VLOG(2) << "Serial number is revoked"; 307 VLOG(2) << "Serial number is revoked";
308 return false; 308 return false;
309 } 309 }
310 } 310 }
311 } 311 }
312 } 312 }
313 } 313 }
314 return true; 314 return true;
315 } 315 }
316 316
317 } // namespace
318
317 // Parses and verifies the CRL used to verify the revocation status of 319 // Parses and verifies the CRL used to verify the revocation status of
318 // Cast device certificates. 320 // Cast device certificates.
319 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto, 321 std::unique_ptr<CastCRL> ParseAndVerifyCRLUsingCustomTrustStore(
320 const base::Time& time, 322 const std::string& crl_proto,
321 net::TrustStore* trust_store) { 323 const base::Time& time,
324 net::TrustStore* trust_store) {
325 if (!trust_store)
326 return nullptr;
327
322 CrlBundle crl_bundle; 328 CrlBundle crl_bundle;
323 if (!crl_bundle.ParseFromString(crl_proto)) { 329 if (!crl_bundle.ParseFromString(crl_proto)) {
324 LOG(ERROR) << "CRL - Binary could not be parsed."; 330 LOG(ERROR) << "CRL - Binary could not be parsed.";
325 return nullptr; 331 return nullptr;
326 } 332 }
327 for (auto const& crl : crl_bundle.crls()) { 333 for (auto const& crl : crl_bundle.crls()) {
328 TbsCrl tbs_crl; 334 TbsCrl tbs_crl;
329 if (!tbs_crl.ParseFromString(crl.tbs_crl())) { 335 if (!tbs_crl.ParseFromString(crl.tbs_crl())) {
330 LOG(WARNING) << "Binary TBS CRL could not be parsed."; 336 LOG(WARNING) << "Binary TBS CRL could not be parsed.";
331 continue; 337 continue;
332 } 338 }
333 if (tbs_crl.version() != CRL_VERSION_0) { 339 if (tbs_crl.version() != CRL_VERSION_0) {
334 continue; 340 continue;
335 } 341 }
336 net::der::GeneralizedTime overall_not_after; 342 net::der::GeneralizedTime overall_not_after;
337 if (!VerifyCRL(crl, tbs_crl, time, trust_store, &overall_not_after)) { 343 if (!VerifyCRL(crl, tbs_crl, time, trust_store, &overall_not_after)) {
338 LOG(ERROR) << "CRL - Verification failed."; 344 LOG(ERROR) << "CRL - Verification failed.";
339 return nullptr; 345 return nullptr;
340 } 346 }
341 return base::WrapUnique(new CastCRLImpl(tbs_crl, overall_not_after)); 347 return base::WrapUnique(new CastCRLImpl(tbs_crl, overall_not_after));
342 } 348 }
343 LOG(ERROR) << "No supported version of revocation data."; 349 LOG(ERROR) << "No supported version of revocation data.";
344 return nullptr; 350 return nullptr;
345 } 351 }
346 352
347 } // namespace
348
349 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto, 353 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto,
350 const base::Time& time) { 354 const base::Time& time) {
351 return ParseAndVerifyCRL(crl_proto, time, &CastCRLTrustStore::Get()); 355 return ParseAndVerifyCRLUsingCustomTrustStore(crl_proto, time,
352 } 356 &CastCRLTrustStore::Get());
353
354 std::unique_ptr<CastCRL> ParseAndVerifyCRLForTest(
355 const std::string& crl_proto,
356 const base::Time& time,
357 net::TrustStore* trust_store) {
358 return ParseAndVerifyCRL(crl_proto, time, trust_store);
359 } 357 }
360 358
361 } // namespace cast_certificate 359 } // namespace cast_certificate
OLDNEW
« components/cast_certificate/cast_crl.h ('K') | « components/cast_certificate/cast_crl.h ('k') | components/cast_certificate/cast_crl_unittest.cc » ('j') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698