Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(55)

Side by Side Diff: net/quic/chromium/crypto/proof_source_chromium.cc

Issue 2463093003: Landing Recent QUIC changes until Sat Oct 29 14:59:35. (Closed)
Patch Set: add change to quiartc_session_test.cc Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/quic/chromium/crypto/proof_source_chromium.h" 5 #include "net/quic/chromium/crypto/proof_source_chromium.h"
6 6
7 #include "base/strings/string_number_conversions.h" 7 #include "base/strings/string_number_conversions.h"
8 #include "crypto/openssl_util.h" 8 #include "crypto/openssl_util.h"
9 #include "net/quic/core/crypto/crypto_protocol.h" 9 #include "net/quic/core/crypto/crypto_protocol.h"
10 #include "third_party/boringssl/src/include/openssl/digest.h" 10 #include "third_party/boringssl/src/include/openssl/digest.h"
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
70 return true; 70 return true;
71 71
72 if (!base::ReadFileToString(sct_path, &signed_certificate_timestamp_)) { 72 if (!base::ReadFileToString(sct_path, &signed_certificate_timestamp_)) {
73 DLOG(FATAL) << "Unable to read signed certificate timestamp."; 73 DLOG(FATAL) << "Unable to read signed certificate timestamp.";
74 return false; 74 return false;
75 } 75 }
76 76
77 return true; 77 return true;
78 } 78 }
79 79
80 bool ProofSourceChromium::GetProof(const IPAddress& server_ip, 80 bool ProofSourceChromium::GetProof(
81 const string& hostname, 81 const IPAddress& server_ip,
82 const string& server_config, 82 const string& hostname,
83 QuicVersion quic_version, 83 const string& server_config,
84 base::StringPiece chlo_hash, 84 QuicVersion quic_version,
85 scoped_refptr<ProofSource::Chain>* out_chain, 85 base::StringPiece chlo_hash,
86 string* out_signature, 86 const QuicTagVector& /* connection_options */,
87 string* out_leaf_cert_sct) { 87 scoped_refptr<ProofSource::Chain>* out_chain,
88 string* out_signature,
89 string* out_leaf_cert_sct) {
88 DCHECK(private_key_.get()) << " this: " << this; 90 DCHECK(private_key_.get()) << " this: " << this;
89 91
90 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); 92 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE);
91 bssl::ScopedEVP_MD_CTX sign_context; 93 bssl::ScopedEVP_MD_CTX sign_context;
92 EVP_PKEY_CTX* pkey_ctx; 94 EVP_PKEY_CTX* pkey_ctx;
93 95
94 uint32_t len_tmp = chlo_hash.length(); 96 uint32_t len_tmp = chlo_hash.length();
95 if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(), nullptr, 97 if (!EVP_DigestSignInit(sign_context.get(), &pkey_ctx, EVP_sha256(), nullptr,
96 private_key_->key()) || 98 private_key_->key()) ||
97 !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) || 99 !EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) ||
(...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after
130 << base::HexEncode(out_signature->data(), out_signature->size()); 132 << base::HexEncode(out_signature->data(), out_signature->size());
131 *out_leaf_cert_sct = signed_certificate_timestamp_; 133 *out_leaf_cert_sct = signed_certificate_timestamp_;
132 return true; 134 return true;
133 } 135 }
134 136
135 void ProofSourceChromium::GetProof(const IPAddress& server_ip, 137 void ProofSourceChromium::GetProof(const IPAddress& server_ip,
136 const std::string& hostname, 138 const std::string& hostname,
137 const std::string& server_config, 139 const std::string& server_config,
138 QuicVersion quic_version, 140 QuicVersion quic_version,
139 base::StringPiece chlo_hash, 141 base::StringPiece chlo_hash,
142 const QuicTagVector& connection_options,
140 std::unique_ptr<Callback> callback) { 143 std::unique_ptr<Callback> callback) {
141 // As a transitional implementation, just call the synchronous version of 144 // As a transitional implementation, just call the synchronous version of
142 // GetProof, then invoke the callback with the results and destroy it. 145 // GetProof, then invoke the callback with the results and destroy it.
143 scoped_refptr<ProofSource::Chain> chain; 146 scoped_refptr<ProofSource::Chain> chain;
144 string signature; 147 string signature;
145 string leaf_cert_sct; 148 string leaf_cert_sct;
146 const bool ok = GetProof(server_ip, hostname, server_config, quic_version, 149 const bool ok =
147 chlo_hash, &chain, &signature, &leaf_cert_sct); 150 GetProof(server_ip, hostname, server_config, quic_version, chlo_hash,
151 connection_options, &chain, &signature, &leaf_cert_sct);
148 callback->Run(ok, chain, signature, leaf_cert_sct, nullptr /* details */); 152 callback->Run(ok, chain, signature, leaf_cert_sct, nullptr /* details */);
149 } 153 }
150 154
151 } // namespace net 155 } // namespace net
OLDNEW
« no previous file with comments | « net/quic/chromium/crypto/proof_source_chromium.h ('k') | net/quic/chromium/crypto/proof_test_chromium.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698