Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(183)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/cast_certificate/cast_crl.cc

Issue 2303673004: Hook up Chrome Cast sender to Cast CRL. (Closed)
Patch Set: Addresses comments Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « components/cast_certificate/cast_crl.h ('k') | components/cast_certificate/cast_crl_unittest.cc » ('j') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/cast_certificate/cast_crl.h" 5 #include "components/cast_certificate/cast_crl.h"
6 6
7 #include <unordered_map> 7 #include <unordered_map>
8 #include <unordered_set> 8 #include <unordered_set>
9 9
10 #include "base/base64.h" 10 #include "base/base64.h"
(...skipping 298 matching lines...) Expand 10 before | Expand all | Expand 10 after
309 VLOG(2) << "Serial number is revoked"; 309 VLOG(2) << "Serial number is revoked";
310 return false; 310 return false;
311 } 311 }
312 } 312 }
313 } 313 }
314 } 314 }
315 } 315 }
316 return true; 316 return true;
317 } 317 }
318 318
319 // Parses and verifies the CRL used to verify the revocation status of 319 } // namespace
320 // Cast device certificates. 320
321 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto, 321 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto,
322 const base::Time& time, 322 const base::Time& time) {
323 net::TrustStore* trust_store) { 323 return ParseAndVerifyCRLUsingCustomTrustStore(crl_proto, time,
324 &CastCRLTrustStore::Get());
325 }
326
327 std::unique_ptr<CastCRL> ParseAndVerifyCRLUsingCustomTrustStore(
328 const std::string& crl_proto,
329 const base::Time& time,
330 net::TrustStore* trust_store) {
331 if (!trust_store)
332 return ParseAndVerifyCRL(crl_proto, time);
333
324 CrlBundle crl_bundle; 334 CrlBundle crl_bundle;
325 if (!crl_bundle.ParseFromString(crl_proto)) { 335 if (!crl_bundle.ParseFromString(crl_proto)) {
326 LOG(ERROR) << "CRL - Binary could not be parsed."; 336 LOG(ERROR) << "CRL - Binary could not be parsed.";
327 return nullptr; 337 return nullptr;
328 } 338 }
329 for (auto const& crl : crl_bundle.crls()) { 339 for (auto const& crl : crl_bundle.crls()) {
330 TbsCrl tbs_crl; 340 TbsCrl tbs_crl;
331 if (!tbs_crl.ParseFromString(crl.tbs_crl())) { 341 if (!tbs_crl.ParseFromString(crl.tbs_crl())) {
332 LOG(WARNING) << "Binary TBS CRL could not be parsed."; 342 LOG(WARNING) << "Binary TBS CRL could not be parsed.";
333 continue; 343 continue;
334 } 344 }
335 if (tbs_crl.version() != CRL_VERSION_0) { 345 if (tbs_crl.version() != CRL_VERSION_0) {
336 continue; 346 continue;
337 } 347 }
338 net::der::GeneralizedTime overall_not_after; 348 net::der::GeneralizedTime overall_not_after;
339 if (!VerifyCRL(crl, tbs_crl, time, trust_store, &overall_not_after)) { 349 if (!VerifyCRL(crl, tbs_crl, time, trust_store, &overall_not_after)) {
340 LOG(ERROR) << "CRL - Verification failed."; 350 LOG(ERROR) << "CRL - Verification failed.";
341 return nullptr; 351 return nullptr;
342 } 352 }
343 return base::MakeUnique<CastCRLImpl>(tbs_crl, overall_not_after); 353 return base::MakeUnique<CastCRLImpl>(tbs_crl, overall_not_after);
344 } 354 }
345 LOG(ERROR) << "No supported version of revocation data."; 355 LOG(ERROR) << "No supported version of revocation data.";
346 return nullptr; 356 return nullptr;
347 } 357 }
348 358
349 } // namespace
350
351 std::unique_ptr<CastCRL> ParseAndVerifyCRL(const std::string& crl_proto,
352 const base::Time& time) {
353 return ParseAndVerifyCRL(crl_proto, time, &CastCRLTrustStore::Get());
354 }
355
356 std::unique_ptr<CastCRL> ParseAndVerifyCRLForTest(
357 const std::string& crl_proto,
358 const base::Time& time,
359 net::TrustStore* trust_store) {
360 return ParseAndVerifyCRL(crl_proto, time, trust_store);
361 }
362
363 } // namespace cast_certificate 359 } // namespace cast_certificate
OLDNEW
« no previous file with comments | « components/cast_certificate/cast_crl.h ('k') | components/cast_certificate/cast_crl_unittest.cc » ('j') | extensions/browser/api/cast_channel/cast_auth_util.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698