Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(494)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/multi_log_ct_verifier.cc

Issue 2315613002: Extracted NetLog class's inner enum types into their own enum classes and (Closed)
Patch Set: Ran "git cl format" on code. Much formatting ensued. Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/ct_policy_enforcer.cc ('k') | net/cert/multi_log_ct_verifier_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/multi_log_ct_verifier.h" 5 #include "net/cert/multi_log_ct_verifier.h"
6 6
7 #include <vector> 7 #include <vector>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/callback_helpers.h" 10 #include "base/callback_helpers.h"
11 #include "base/metrics/histogram_macros.h" 11 #include "base/metrics/histogram_macros.h"
12 #include "base/values.h" 12 #include "base/values.h"
13 #include "net/base/net_errors.h" 13 #include "net/base/net_errors.h"
14 #include "net/cert/ct_log_verifier.h" 14 #include "net/cert/ct_log_verifier.h"
15 #include "net/cert/ct_objects_extractor.h" 15 #include "net/cert/ct_objects_extractor.h"
16 #include "net/cert/ct_serialization.h" 16 #include "net/cert/ct_serialization.h"
17 #include "net/cert/ct_signed_certificate_timestamp_log_param.h" 17 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
18 #include "net/cert/ct_verify_result.h" 18 #include "net/cert/ct_verify_result.h"
19 #include "net/cert/sct_status_flags.h" 19 #include "net/cert/sct_status_flags.h"
20 #include "net/cert/x509_certificate.h" 20 #include "net/cert/x509_certificate.h"
21 #include "net/log/net_log.h" 21 #include "net/log/net_log.h"
22 #include "net/log/net_log_event_type.h"
22 23
23 namespace net { 24 namespace net {
24 25
25 namespace { 26 namespace {
26 27
27 // Record SCT verification status. This metric would help detecting presence 28 // Record SCT verification status. This metric would help detecting presence
28 // of unknown CT logs as well as bad deployments (invalid SCTs). 29 // of unknown CT logs as well as bad deployments (invalid SCTs).
29 void LogSCTStatusToUMA(ct::SCTVerifyStatus status) { 30 void LogSCTStatusToUMA(ct::SCTVerifyStatus status) {
30 // Note SCT_STATUS_MAX + 1 is passed to the UMA_HISTOGRAM_ENUMERATION as that 31 // Note SCT_STATUS_MAX + 1 is passed to the UMA_HISTOGRAM_ENUMERATION as that
31 // macro requires the values to be strictly less than the boundary value, 32 // macro requires the values to be strictly less than the boundary value,
(...skipping 82 matching lines...) Expand 10 before | Expand all | Expand 10 after
114 cert->GetIntermediateCertificates().front(), cert->serial_number(), 115 cert->GetIntermediateCertificates().front(), cert->serial_number(),
115 stapled_ocsp_response, &sct_list_from_ocsp); 116 stapled_ocsp_response, &sct_list_from_ocsp);
116 } 117 }
117 118
118 // Log to Net Log, after extracting SCTs but before possibly failing on 119 // Log to Net Log, after extracting SCTs but before possibly failing on
119 // X.509 entry creation. 120 // X.509 entry creation.
120 NetLog::ParametersCallback net_log_callback = 121 NetLog::ParametersCallback net_log_callback =
121 base::Bind(&NetLogRawSignedCertificateTimestampCallback, 122 base::Bind(&NetLogRawSignedCertificateTimestampCallback,
122 &embedded_scts, &sct_list_from_ocsp, &sct_list_from_tls_extension); 123 &embedded_scts, &sct_list_from_ocsp, &sct_list_from_tls_extension);
123 124
124 net_log.AddEvent( 125 net_log.AddEvent(NetLogEventType::SIGNED_CERTIFICATE_TIMESTAMPS_RECEIVED,
125 NetLog::TYPE_SIGNED_CERTIFICATE_TIMESTAMPS_RECEIVED, 126 net_log_callback);
126 net_log_callback);
127 127
128 ct::LogEntry x509_entry; 128 ct::LogEntry x509_entry;
129 if (ct::GetX509LogEntry(cert->os_cert_handle(), &x509_entry)) { 129 if (ct::GetX509LogEntry(cert->os_cert_handle(), &x509_entry)) {
130 has_verified_scts |= VerifySCTs( 130 has_verified_scts |= VerifySCTs(
131 sct_list_from_ocsp, x509_entry, 131 sct_list_from_ocsp, x509_entry,
132 ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE, cert, result); 132 ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE, cert, result);
133 133
134 has_verified_scts |= VerifySCTs( 134 has_verified_scts |= VerifySCTs(
135 sct_list_from_tls_extension, x509_entry, 135 sct_list_from_tls_extension, x509_entry,
136 ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION, cert, result); 136 ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION, cert, result);
137 } 137 }
138 138
139 NetLog::ParametersCallback net_log_checked_callback = 139 NetLog::ParametersCallback net_log_checked_callback =
140 base::Bind(&NetLogSignedCertificateTimestampCallback, result); 140 base::Bind(&NetLogSignedCertificateTimestampCallback, result);
141 141
142 net_log.AddEvent( 142 net_log.AddEvent(NetLogEventType::SIGNED_CERTIFICATE_TIMESTAMPS_CHECKED,
143 NetLog::TYPE_SIGNED_CERTIFICATE_TIMESTAMPS_CHECKED, 143 net_log_checked_callback);
144 net_log_checked_callback);
145 144
146 LogNumSCTsToUMA(*result); 145 LogNumSCTsToUMA(*result);
147 146
148 if (has_verified_scts) 147 if (has_verified_scts)
149 return OK; 148 return OK;
150 149
151 return ERR_CT_NO_SCTS_VERIFIED_OK; 150 return ERR_CT_NO_SCTS_VERIFIED_OK;
152 } 151 }
153 152
154 bool MultiLogCTVerifier::VerifySCTs( 153 bool MultiLogCTVerifier::VerifySCTs(
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
214 return false; 213 return false;
215 } 214 }
216 215
217 AddSCTAndLogStatus(sct, ct::SCT_STATUS_OK, &(result->scts)); 216 AddSCTAndLogStatus(sct, ct::SCT_STATUS_OK, &(result->scts));
218 if (observer_) 217 if (observer_)
219 observer_->OnSCTVerified(cert, sct.get()); 218 observer_->OnSCTVerified(cert, sct.get());
220 return true; 219 return true;
221 } 220 }
222 221
223 } // namespace net 222 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/ct_policy_enforcer.cc ('k') | net/cert/multi_log_ct_verifier_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698