| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_log_verifier.h" | 5 #include "net/cert/ct_log_verifier.h" |
| 6 | 6 |
| 7 #include <string.h> | 7 #include <string.h> |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 : description_(description.as_string()), | 78 : description_(description.as_string()), |
| 79 url_(url), | 79 url_(url), |
| 80 dns_domain_(dns_domain.as_string()), | 80 dns_domain_(dns_domain.as_string()), |
| 81 hash_algorithm_(ct::DigitallySigned::HASH_ALGO_NONE), | 81 hash_algorithm_(ct::DigitallySigned::HASH_ALGO_NONE), |
| 82 signature_algorithm_(ct::DigitallySigned::SIG_ALGO_ANONYMOUS), | 82 signature_algorithm_(ct::DigitallySigned::SIG_ALGO_ANONYMOUS), |
| 83 public_key_(NULL) { | 83 public_key_(NULL) { |
| 84 DCHECK(url_.is_valid()); | 84 DCHECK(url_.is_valid()); |
| 85 DCHECK(!dns_domain_.empty()); | 85 DCHECK(!dns_domain_.empty()); |
| 86 } | 86 } |
| 87 | 87 |
| 88 bool CTLogVerifier::Verify(const ct::LogEntry& entry, | 88 bool CTLogVerifier::Verify(const ct::SignedEntryData& entry, |
| 89 const ct::SignedCertificateTimestamp& sct) const { | 89 const ct::SignedCertificateTimestamp& sct) const { |
| 90 if (sct.log_id != key_id()) { | 90 if (sct.log_id != key_id()) { |
| 91 DVLOG(1) << "SCT is not signed by this log."; | 91 DVLOG(1) << "SCT is not signed by this log."; |
| 92 return false; | 92 return false; |
| 93 } | 93 } |
| 94 | 94 |
| 95 if (!SignatureParametersMatch(sct.signature)) | 95 if (!SignatureParametersMatch(sct.signature)) |
| 96 return false; | 96 return false; |
| 97 | 97 |
| 98 std::string serialized_log_entry; | 98 std::string serialized_log_entry; |
| 99 if (!ct::EncodeLogEntry(entry, &serialized_log_entry)) { | 99 if (!ct::EncodeSignedEntry(entry, &serialized_log_entry)) { |
| 100 DVLOG(1) << "Unable to serialize entry."; | 100 DVLOG(1) << "Unable to serialize entry."; |
| 101 return false; | 101 return false; |
| 102 } | 102 } |
| 103 std::string serialized_data; | 103 std::string serialized_data; |
| 104 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, | 104 if (!ct::EncodeV1SCTSignedData(sct.timestamp, serialized_log_entry, |
| 105 sct.extensions, &serialized_data)) { | 105 sct.extensions, &serialized_data)) { |
| 106 DVLOG(1) << "Unable to create SCT to verify."; | 106 DVLOG(1) << "Unable to create SCT to verify."; |
| 107 return false; | 107 return false; |
| 108 } | 108 } |
| 109 | 109 |
| (...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 357 bssl::ScopedEVP_MD_CTX ctx; | 357 bssl::ScopedEVP_MD_CTX ctx; |
| 358 return EVP_DigestVerifyInit(ctx.get(), NULL, hash_alg, NULL, public_key_) && | 358 return EVP_DigestVerifyInit(ctx.get(), NULL, hash_alg, NULL, public_key_) && |
| 359 EVP_DigestVerifyUpdate(ctx.get(), data_to_sign.data(), | 359 EVP_DigestVerifyUpdate(ctx.get(), data_to_sign.data(), |
| 360 data_to_sign.size()) && | 360 data_to_sign.size()) && |
| 361 EVP_DigestVerifyFinal( | 361 EVP_DigestVerifyFinal( |
| 362 ctx.get(), reinterpret_cast<const uint8_t*>(signature.data()), | 362 ctx.get(), reinterpret_cast<const uint8_t*>(signature.data()), |
| 363 signature.size()); | 363 signature.size()); |
| 364 } | 364 } |
| 365 | 365 |
| 366 } // namespace net | 366 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2824983002:
Rename net::ct::LogEntry to SignedEntryData and clarify the comment. (Closed)
