Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(275)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/multi_log_ct_verifier.cc

Issue 337603003: Certificate Transparency: Switch to using a generated CT log list (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Addressing review comments Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/ct_known_logs_static.h ('K') | « net/cert/multi_log_ct_verifier.h ('k') | net/net.gypi » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/multi_log_ct_verifier.h" 5 #include "net/cert/multi_log_ct_verifier.h"
6 6
7 #include <vector>
8
7 #include "base/bind.h" 9 #include "base/bind.h"
8 #include "base/callback_helpers.h" 10 #include "base/callback_helpers.h"
9 #include "base/metrics/histogram.h" 11 #include "base/metrics/histogram.h"
10 #include "net/base/net_errors.h" 12 #include "net/base/net_errors.h"
11 #include "net/base/net_log.h" 13 #include "net/base/net_log.h"
12 #include "net/cert/ct_log_verifier.h" 14 #include "net/cert/ct_log_verifier.h"
13 #include "net/cert/ct_objects_extractor.h" 15 #include "net/cert/ct_objects_extractor.h"
14 #include "net/cert/ct_serialization.h" 16 #include "net/cert/ct_serialization.h"
15 #include "net/cert/ct_signed_certificate_timestamp_log_param.h" 17 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
16 #include "net/cert/ct_verify_result.h" 18 #include "net/cert/ct_verify_result.h"
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
59 61
60 void MultiLogCTVerifier::AddLog(scoped_ptr<CTLogVerifier> log_verifier) { 62 void MultiLogCTVerifier::AddLog(scoped_ptr<CTLogVerifier> log_verifier) {
61 DCHECK(log_verifier); 63 DCHECK(log_verifier);
62 if (!log_verifier) 64 if (!log_verifier)
63 return; 65 return;
64 66
65 linked_ptr<CTLogVerifier> log(log_verifier.release()); 67 linked_ptr<CTLogVerifier> log(log_verifier.release());
66 logs_[log->key_id()] = log; 68 logs_[log->key_id()] = log;
67 } 69 }
68 70
71 void MultiLogCTVerifier::AddLogs(
72 ScopedVector<CTLogVerifier> log_verifiers) {
73 std::vector<CTLogVerifier*> swapped_verifiers;
74 log_verifiers.release(&swapped_verifiers);
75
76 for (std::vector<CTLogVerifier*>::iterator it =
77 swapped_verifiers.begin(); it != swapped_verifiers.end(); ++it) {
78 linked_ptr<CTLogVerifier> log(*it);
79 VLOG(1) << "Adding CT log: " << log->description();
80 logs_[log->key_id()] = log;
81 }
Ryan Sleevi 2014/06/17 19:48:54 You could avoid the .release() with the use of .we
Eran Messeri 2014/06/18 14:37:57 Done.
82 }
83
69 int MultiLogCTVerifier::Verify( 84 int MultiLogCTVerifier::Verify(
70 X509Certificate* cert, 85 X509Certificate* cert,
71 const std::string& stapled_ocsp_response, 86 const std::string& stapled_ocsp_response,
72 const std::string& sct_list_from_tls_extension, 87 const std::string& sct_list_from_tls_extension,
73 ct::CTVerifyResult* result, 88 ct::CTVerifyResult* result,
74 const BoundNetLog& net_log) { 89 const BoundNetLog& net_log) {
75 DCHECK(cert); 90 DCHECK(cert);
76 DCHECK(result); 91 DCHECK(result);
77 92
78 result->verified_scts.clear(); 93 result->verified_scts.clear();
(...skipping 133 matching lines...) Expand 10 before | Expand all | Expand 10 after
212 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID); 227 LogSCTStatusToUMA(ct::SCT_STATUS_INVALID);
213 return false; 228 return false;
214 } 229 }
215 230
216 LogSCTStatusToUMA(ct::SCT_STATUS_OK); 231 LogSCTStatusToUMA(ct::SCT_STATUS_OK);
217 result->verified_scts.push_back(sct); 232 result->verified_scts.push_back(sct);
218 return true; 233 return true;
219 } 234 }
220 235
221 } // namespace net 236 } // namespace net
OLDNEW
« net/cert/ct_known_logs_static.h ('K') | « net/cert/multi_log_ct_verifier.h ('k') | net/net.gypi » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698