Certificate Transparency: Add the high-level interface for verifying SCTs over multiple logs

net/cert/multi_log_ct_verifier.h

Index: net/cert/multi_log_ct_verifier.h
diff --git a/net/cert/multi_log_ct_verifier.h b/net/cert/multi_log_ct_verifier.h
new file mode 100644
index 0000000000000000000000000000000000000000..7d2f7dfe29e5d99be1c96e6e7117e67da812d33c
--- /dev/null
+++ b/net/cert/multi_log_ct_verifier.h
@@ -0,0 +1,62 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_CERT_MULTI_LOG_CT_VERIFIER_H_
+#define NET_CERT_MULTI_LOG_CT_VERIFIER_H_
+
+#include <string>
+
+#include "base/memory/scoped_ptr.h"
+#include "base/memory/scoped_vector.h"
+#include "net/base/net_export.h"
+#include "net/cert/ct_verifier.h"
+#include "net/cert/signed_certificate_timestamp.h"
+
+namespace net {
+
+namespace ct {
+struct LogEntry;
+}  // namespace ct
+
+class CTLogVerifier;
+
+class NET_EXPORT MultiLogCTVerifier : public CTVerifier {

[Ryan Sleevi, 2013/11/20 01:09:42]

Style Nit: Please add documentation about this class and how to use it right.

[Eran M. (Google), 2013/11/20 19:45:06]

Done, in the header file.

+ public:
+  explicit MultiLogCTVerifier(scoped_ptr<CTLogVerifier> log_verifier);

[Ryan Sleevi, 2013/11/20 01:09:42]

API design: Why use two different methods for adding a log (ctor & AddLog),
versus a consistent interface (eg: always using AddLog)

[Eran M. (Google), 2013/11/20 19:45:06]

Good point, left AddLog and removed the argument from the c'tor.

+  virtual ~MultiLogCTVerifier();
+
+  virtual void AddLog(scoped_ptr<CTLogVerifier> log_verifier);

[Ryan Sleevi, 2013/11/20 01:09:42]

Why does this need to be virtual?

[Eran M. (Google), 2013/11/20 19:45:06]

Does not - removed virtual qualifier.

[Eran M. (Google), 2013/11/20 19:45:06]

Does not - removed.

+  // CTVerifier implementation:

[Ryan Sleevi, 2013/11/20 01:09:42]

nit: newline before the comment

[Eran M. (Google), 2013/11/20 19:45:06]

Done.

+  virtual int Verify(X509Certificate* verified_cert,
+                     const std::string& sct_list_from_ocsp,
+                     const std::string& sct_list_from_tls_handshake,
+                     ct::CTVerifyResult* result,
+                     const CompletionCallback& callback,
+                     const BoundNetLog& net_log) OVERRIDE;
+
+ private:
+  MultiLogCTVerifier();
+
+  // Verify a list of SCTs from |encoded_sct_list|, placing the verification
+  // results in |result|. Fills in the origin field of each SCT from
+  // |origin|.
+  bool VerifySCTs(const std::string& encoded_sct_list,
+                  const ct::LogEntry& expected_entry,
+                  ct::SignedCertificateTimestamp::Origin origin,
+                  ct::CTVerifyResult* result);
+
+  // Verifies a single, parsed SCT against all logs.
+  bool VerifySingleSCT(
+      const ct::SignedCertificateTimestamp& sct,
+      const ct::LogEntry& expected_entry,
+      ct::CTVerifyResult* result);
+
+  ScopedVector<CTLogVerifier> logs_;

[Ryan Sleevi, 2013/11/20 01:09:42]

API design: Why a vector, when every CTLogVerifier has an associated log id that
may make it more efficient as a map lookup for the given SCT's log id?

[Eran M. (Google), 2013/11/20 19:45:06]

Good point - a map would make more sense here.
As discussed offline, switching to a map of strings to linked_ptr<CTLogVerifier>

+
+  DISALLOW_COPY_AND_ASSIGN(MultiLogCTVerifier);
+};
+
+}  // namespace net
+
+#endif  // NET_CERT_MULTI_LOG_CT_VERIFIER_H_