net/cert/ct_serialization.cc - Issue 230713002: Certificate Transparency: Parse Signed Tree Heads and validate them

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/cert/ct_serialization.cc

Issue 230713002: Certificate Transparency: Parse Signed Tree Heads and validate them (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Explicitly exporting symbol Created 6 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/cert/ct_serialization.cc

diff --git a/net/cert/ct_serialization.cc b/net/cert/ct_serialization.cc

index 3de512c81813386fa14cdc38ab315aa4899f56ec..57707e7a1077873d31614cfe613075fdafae6fd6 100644

--- a/net/cert/ct_serialization.cc

+++ b/net/cert/ct_serialization.cc

@@ -34,6 +34,9 @@ const size_t kTbsCertificateLengthBytes = 3;

const size_t kSCTListLengthBytes = 2;

const size_t kSerializedSCTLengthBytes = 2;

+// Members of digitally-signed struct of a STH

+const size_t kTreeSizeLength = 8;

enum SignatureType {

SIGNATURE_TYPE_CERTIFICATE_TIMESTAMP = 0,

TREE_HASH = 1,

@@ -285,6 +288,12 @@ bool EncodeLogEntry(const LogEntry& input, std::string* output) {

return false;

}

+static void WriteTimeSinceEpoch(const base::Time& timestamp,

+ std::string* output) {

+ base::TimeDelta time_since_epoch = timestamp - base::Time::UnixEpoch();

+ WriteUint(kTimestampLength, time_since_epoch.InMilliseconds(), output);

bool EncodeV1SCTSignedData(const base::Time& timestamp,

const std::string& serialized_log_entry,

const std::string& extensions,

@@ -293,15 +302,22 @@ bool EncodeV1SCTSignedData(const base::Time& timestamp,

output);

WriteUint(kSignatureTypeLength, SIGNATURE_TYPE_CERTIFICATE_TIMESTAMP,

output);

- base::TimeDelta time_since_epoch = timestamp - base::Time::UnixEpoch();

- WriteUint(kTimestampLength, time_since_epoch.InMilliseconds(),

- output);

+ WriteTimeSinceEpoch(timestamp, output);

// NOTE: serialized_log_entry must already be serialized and contain the

// length as the prefix.

WriteEncodedBytes(serialized_log_entry, output);

return WriteVariableBytes(kExtensionsLengthBytes, extensions, output);

}

+void EncodeTreeHeadSignature(const SignedTreeHead& sth, std::string* output) {

+ WriteUint(kVersionLength, sth.version, output);

+ WriteUint(kSignatureTypeLength, TREE_HASH, output);

+ WriteTimeSinceEpoch(sth.timestamp, output);

+ WriteUint(kTreeSizeLength, sth.tree_size, output);

+ WriteEncodedBytes(base::StringPiece(sth.sha256_root_hash, kSthRootHashLength),

+ output);

bool DecodeSCTList(base::StringPiece* input,

std::vector<base::StringPiece>* output) {

std::vector<base::StringPiece> result;

« net/cert/ct_serialization.h ('K') | « net/cert/ct_serialization.h ('k') | net/cert/ct_serialization_unittest.cc » ('j') | net/cert/ct_serialization_unittest.cc » ('J')