| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/crypto/proof_verifier_chromium.h" | 5 #include "net/quic/crypto/proof_verifier_chromium.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/callback_helpers.h" | 9 #include "base/callback_helpers.h" |
| 10 #include "base/compiler_specific.h" | 10 #include "base/compiler_specific.h" |
| 11 #include "base/logging.h" | 11 #include "base/logging.h" |
| 12 #include "base/metrics/histogram.h" | 12 #include "base/metrics/histogram.h" |
| 13 #include "base/profiler/scoped_tracker.h" |
| 13 #include "base/stl_util.h" | 14 #include "base/stl_util.h" |
| 14 #include "base/strings/stringprintf.h" | 15 #include "base/strings/stringprintf.h" |
| 15 #include "crypto/signature_verifier.h" | 16 #include "crypto/signature_verifier.h" |
| 16 #include "net/base/net_errors.h" | 17 #include "net/base/net_errors.h" |
| 17 #include "net/base/net_log.h" | 18 #include "net/base/net_log.h" |
| 18 #include "net/cert/asn1_util.h" | 19 #include "net/cert/asn1_util.h" |
| 19 #include "net/cert/cert_status_flags.h" | 20 #include "net/cert/cert_status_flags.h" |
| 20 #include "net/cert/cert_verifier.h" | 21 #include "net/cert/cert_verifier.h" |
| 21 #include "net/cert/cert_verify_result.h" | 22 #include "net/cert/cert_verify_result.h" |
| 22 #include "net/cert/single_request_cert_verifier.h" | 23 #include "net/cert/single_request_cert_verifier.h" |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 113 } | 114 } |
| 114 | 115 |
| 115 QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof( | 116 QuicAsyncStatus ProofVerifierChromium::Job::VerifyProof( |
| 116 const string& hostname, | 117 const string& hostname, |
| 117 const string& server_config, | 118 const string& server_config, |
| 118 const vector<string>& certs, | 119 const vector<string>& certs, |
| 119 const string& signature, | 120 const string& signature, |
| 120 std::string* error_details, | 121 std::string* error_details, |
| 121 scoped_ptr<ProofVerifyDetails>* verify_details, | 122 scoped_ptr<ProofVerifyDetails>* verify_details, |
| 122 ProofVerifierCallback* callback) { | 123 ProofVerifierCallback* callback) { |
| 124 // TODO(vadimt): Remove ScopedTracker below once crbug.com/422516 is fixed. |
| 125 tracked_objects::ScopedTracker tracking_profile( |
| 126 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 127 "422516 ProofVerifierChromium::Job::VerifyProof")); |
| 128 |
| 123 DCHECK(error_details); | 129 DCHECK(error_details); |
| 124 DCHECK(verify_details); | 130 DCHECK(verify_details); |
| 125 DCHECK(callback); | 131 DCHECK(callback); |
| 126 | 132 |
| 127 error_details->clear(); | 133 error_details->clear(); |
| 128 | 134 |
| 129 if (STATE_NONE != next_state_) { | 135 if (STATE_NONE != next_state_) { |
| 130 *error_details = "Certificate is already set and VerifyProof has begun"; | 136 *error_details = "Certificate is already set and VerifyProof has begun"; |
| 131 DLOG(DFATAL) << *error_details; | 137 DLOG(DFATAL) << *error_details; |
| 132 return QUIC_FAILURE; | 138 return QUIC_FAILURE; |
| (...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 227 hostname_, | 233 hostname_, |
| 228 flags, | 234 flags, |
| 229 SSLConfigService::GetCRLSet().get(), | 235 SSLConfigService::GetCRLSet().get(), |
| 230 &verify_details_->cert_verify_result, | 236 &verify_details_->cert_verify_result, |
| 231 base::Bind(&ProofVerifierChromium::Job::OnIOComplete, | 237 base::Bind(&ProofVerifierChromium::Job::OnIOComplete, |
| 232 base::Unretained(this)), | 238 base::Unretained(this)), |
| 233 net_log_); | 239 net_log_); |
| 234 } | 240 } |
| 235 | 241 |
| 236 int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) { | 242 int ProofVerifierChromium::Job::DoVerifyCertComplete(int result) { |
| 243 // TODO(vadimt): Remove ScopedTracker below once crbug.com/422516 is fixed. |
| 244 tracked_objects::ScopedTracker tracking_profile( |
| 245 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 246 "422516 ProofVerifierChromium::Job::DoVerifyCertComplete")); |
| 247 |
| 237 verifier_.reset(); | 248 verifier_.reset(); |
| 238 | 249 |
| 239 const CertVerifyResult& cert_verify_result = | 250 const CertVerifyResult& cert_verify_result = |
| 240 verify_details_->cert_verify_result; | 251 verify_details_->cert_verify_result; |
| 241 const CertStatus cert_status = cert_verify_result.cert_status; | 252 const CertStatus cert_status = cert_verify_result.cert_status; |
| 242 if (transport_security_state_ && | 253 if (transport_security_state_ && |
| 243 (result == OK || | 254 (result == OK || |
| 244 (IsCertificateError(result) && IsCertStatusMinorError(cert_status))) && | 255 (IsCertificateError(result) && IsCertStatusMinorError(cert_status))) && |
| 245 !transport_security_state_->CheckPublicKeyPins( | 256 !transport_security_state_->CheckPublicKeyPins( |
| 246 hostname_, | 257 hostname_, |
| (...skipping 24 matching lines...) Expand all Loading... |
| 271 } | 282 } |
| 272 | 283 |
| 273 // Exit DoLoop and return the result to the caller to VerifyProof. | 284 // Exit DoLoop and return the result to the caller to VerifyProof. |
| 274 DCHECK_EQ(STATE_NONE, next_state_); | 285 DCHECK_EQ(STATE_NONE, next_state_); |
| 275 return result; | 286 return result; |
| 276 } | 287 } |
| 277 | 288 |
| 278 bool ProofVerifierChromium::Job::VerifySignature(const string& signed_data, | 289 bool ProofVerifierChromium::Job::VerifySignature(const string& signed_data, |
| 279 const string& signature, | 290 const string& signature, |
| 280 const string& cert) { | 291 const string& cert) { |
| 292 // TODO(vadimt): Remove ScopedTracker below once crbug.com/422516 is fixed. |
| 293 tracked_objects::ScopedTracker tracking_profile( |
| 294 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 295 "422516 ProofVerifierChromium::Job::VerifySignature")); |
| 296 |
| 281 StringPiece spki; | 297 StringPiece spki; |
| 282 if (!asn1::ExtractSPKIFromDERCert(cert, &spki)) { | 298 if (!asn1::ExtractSPKIFromDERCert(cert, &spki)) { |
| 283 DLOG(WARNING) << "ExtractSPKIFromDERCert failed"; | 299 DLOG(WARNING) << "ExtractSPKIFromDERCert failed"; |
| 284 return false; | 300 return false; |
| 285 } | 301 } |
| 286 | 302 |
| 287 crypto::SignatureVerifier verifier; | 303 crypto::SignatureVerifier verifier; |
| 288 | 304 |
| 289 size_t size_bits; | 305 size_t size_bits; |
| 290 X509Certificate::PublicKeyType type; | 306 X509Certificate::PublicKeyType type; |
| (...skipping 73 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 364 | 380 |
| 365 QuicAsyncStatus ProofVerifierChromium::VerifyProof( | 381 QuicAsyncStatus ProofVerifierChromium::VerifyProof( |
| 366 const std::string& hostname, | 382 const std::string& hostname, |
| 367 const std::string& server_config, | 383 const std::string& server_config, |
| 368 const std::vector<std::string>& certs, | 384 const std::vector<std::string>& certs, |
| 369 const std::string& signature, | 385 const std::string& signature, |
| 370 const ProofVerifyContext* verify_context, | 386 const ProofVerifyContext* verify_context, |
| 371 std::string* error_details, | 387 std::string* error_details, |
| 372 scoped_ptr<ProofVerifyDetails>* verify_details, | 388 scoped_ptr<ProofVerifyDetails>* verify_details, |
| 373 ProofVerifierCallback* callback) { | 389 ProofVerifierCallback* callback) { |
| 390 // TODO(vadimt): Remove ScopedTracker below once crbug.com/422516 is fixed. |
| 391 tracked_objects::ScopedTracker tracking_profile( |
| 392 FROM_HERE_WITH_EXPLICIT_FUNCTION( |
| 393 "422516 ProofVerifierChromium::VerifyProof")); |
| 394 |
| 374 if (!verify_context) { | 395 if (!verify_context) { |
| 375 *error_details = "Missing context"; | 396 *error_details = "Missing context"; |
| 376 return QUIC_FAILURE; | 397 return QUIC_FAILURE; |
| 377 } | 398 } |
| 378 const ProofVerifyContextChromium* chromium_context = | 399 const ProofVerifyContextChromium* chromium_context = |
| 379 reinterpret_cast<const ProofVerifyContextChromium*>(verify_context); | 400 reinterpret_cast<const ProofVerifyContextChromium*>(verify_context); |
| 380 scoped_ptr<Job> job(new Job(this, | 401 scoped_ptr<Job> job(new Job(this, |
| 381 cert_verifier_, | 402 cert_verifier_, |
| 382 transport_security_state_, | 403 transport_security_state_, |
| 383 chromium_context->net_log)); | 404 chromium_context->net_log)); |
| 384 QuicAsyncStatus status = job->VerifyProof(hostname, server_config, certs, | 405 QuicAsyncStatus status = job->VerifyProof(hostname, server_config, certs, |
| 385 signature, error_details, | 406 signature, error_details, |
| 386 verify_details, callback); | 407 verify_details, callback); |
| 387 if (status == QUIC_PENDING) { | 408 if (status == QUIC_PENDING) { |
| 388 active_jobs_.insert(job.release()); | 409 active_jobs_.insert(job.release()); |
| 389 } | 410 } |
| 390 return status; | 411 return status; |
| 391 } | 412 } |
| 392 | 413 |
| 393 void ProofVerifierChromium::OnJobComplete(Job* job) { | 414 void ProofVerifierChromium::OnJobComplete(Job* job) { |
| 394 active_jobs_.erase(job); | 415 active_jobs_.erase(job); |
| 395 delete job; | 416 delete job; |
| 396 } | 417 } |
| 397 | 418 |
| 398 } // namespace net | 419 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 885443002:
Roll Chrome into Mojo. (Closed)
Base URL: https://github.com/domokit/mojo.git@master