Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2338)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_objects_extractor.cc

Issue 2604513002: Optimize CT & OCSP handling code (Closed)
Patch Set: Actually optimize for OCSP Created 3 years, 12 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/ct_objects_extractor.h ('k') | net/cert/ct_signed_certificate_timestamp_log_param.h » ('j') | net/cert/ct_verifier.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/ct_objects_extractor.h" 5 #include "net/cert/ct_objects_extractor.h"
6 6
7 #include <string.h> 7 #include <string.h>
8 8
9 #include "base/logging.h" 9 #include "base/logging.h"
10 #include "base/sha1.h" 10 #include "base/sha1.h"
(...skipping 234 matching lines...) Expand 10 before | Expand all | Expand 10 after
245 return false; 245 return false;
246 246
247 result->Reset(); 247 result->Reset();
248 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509; 248 result->type = ct::LogEntry::LOG_ENTRY_TYPE_X509;
249 result->leaf_certificate.swap(encoded); 249 result->leaf_certificate.swap(encoded);
250 return true; 250 return true;
251 } 251 }
252 252
253 bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer, 253 bool ExtractSCTListFromOCSPResponse(X509Certificate::OSCertHandle issuer,
254 const std::string& cert_serial_number, 254 const std::string& cert_serial_number,
255 const std::string& ocsp_response, 255 base::StringPiece ocsp_response,
256 std::string* sct_list) { 256 std::string* sct_list) {
257 // The input is an OCSPResponse. See RFC2560, section 4.2.1. The SCT list is 257 // The input is an OCSPResponse. See RFC2560, section 4.2.1. The SCT list is
258 // in the extensions field of the SingleResponse which matches the input 258 // in the extensions field of the SingleResponse which matches the input
259 // certificate. 259 // certificate.
260 CBS cbs; 260 CBS cbs;
261 CBS_init(&cbs, reinterpret_cast<const uint8_t*>(ocsp_response.data()), 261 CBS_init(&cbs, reinterpret_cast<const uint8_t*>(ocsp_response.data()),
262 ocsp_response.size()); 262 ocsp_response.size());
263 263
264 // Parse down to the ResponseBytes. The ResponseBytes is optional, but if it's 264 // Parse down to the ResponseBytes. The ResponseBytes is optional, but if it's
265 // missing, this can't include an SCT list. 265 // missing, this can't include an SCT list.
(...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after
342 if (!x509_exts || ptr != CBS_data(&extensions) + CBS_len(&extensions)) 342 if (!x509_exts || ptr != CBS_data(&extensions) + CBS_len(&extensions))
343 return false; 343 return false;
344 344
345 return GetSCTListFromX509_EXTENSIONS(x509_exts.get(), kOCSPExtensionOid, 345 return GetSCTListFromX509_EXTENSIONS(x509_exts.get(), kOCSPExtensionOid,
346 sizeof(kOCSPExtensionOid), sct_list); 346 sizeof(kOCSPExtensionOid), sct_list);
347 } 347 }
348 348
349 } // namespace ct 349 } // namespace ct
350 350
351 } // namespace net 351 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/ct_objects_extractor.h ('k') | net/cert/ct_signed_certificate_timestamp_log_param.h » ('j') | net/cert/ct_verifier.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698