| Index: net/cert/multi_log_ct_verifier.cc
|
| diff --git a/net/cert/multi_log_ct_verifier.cc b/net/cert/multi_log_ct_verifier.cc
|
| index d91195f74efbf5085b259ade686595afc282faa7..05a32da81ebc3d6ccebb3f4a0f898e6a32843505 100644
|
| --- a/net/cert/multi_log_ct_verifier.cc
|
| +++ b/net/cert/multi_log_ct_verifier.cc
|
| @@ -32,7 +32,7 @@ void MultiLogCTVerifier::AddLog(scoped_ptr<CTLogVerifier> log_verifier) {
|
|
|
| int MultiLogCTVerifier::Verify(
|
| X509Certificate* cert,
|
| - const std::string& sct_list_from_ocsp,
|
| + const std::string& stapled_ocsp_response,
|
| const std::string& sct_list_from_tls_extension,
|
| ct::CTVerifyResult* result,
|
| const BoundNetLog& net_log) {
|
| @@ -64,8 +64,16 @@ int MultiLogCTVerifier::Verify(
|
| result);
|
| }
|
|
|
| - // Log to Net Log, after extracting embedded SCTs but before
|
| - // possibly failing on X.509 entry creation.
|
| + std::string sct_list_from_ocsp;
|
| + if (!stapled_ocsp_response.empty() &&
|
| + !cert->GetIntermediateCertificates().empty()) {
|
| + ct::ExtractSCTListFromOCSPResponse(
|
| + cert->GetIntermediateCertificates().front(), cert->serial_number(),
|
| + stapled_ocsp_response, &sct_list_from_ocsp);
|
| + }
|
| +
|
| + // Log to Net Log, after extracting SCTs but before possibly failing on
|
| + // X.509 entry creation.
|
| NetLog::ParametersCallback net_log_callback =
|
| base::Bind(&NetLogRawSignedCertificateTimestampCallback,
|
| &embedded_scts, &sct_list_from_ocsp, &sct_list_from_tls_extension);
|
|
|
Chromium Code Reviews
Issue 92443002:
Extract Certificate Transparency SCTs from stapled OCSP responses (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@extract_scts