| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "net/cert/ct_log_response_parser.h" | |
| 6 | |
| 7 #include "base/base64.h" | |
| 8 #include "base/json/json_reader.h" | |
| 9 #include "base/json/json_value_converter.h" | |
| 10 #include "base/logging.h" | |
| 11 #include "base/strings/string_piece.h" | |
| 12 #include "base/time/time.h" | |
| 13 #include "base/values.h" | |
| 14 #include "net/cert/ct_serialization.h" | |
| 15 #include "net/cert/signed_tree_head.h" | |
| 16 | |
| 17 namespace net { | |
| 18 | |
| 19 namespace ct { | |
| 20 | |
| 21 namespace { | |
| 22 | |
| 23 // Structure for making JSON decoding easier. The string fields | |
| 24 // are base64-encoded so will require further decoding. | |
| 25 struct JsonSignedTreeHead { | |
| 26 int tree_size; | |
| 27 double timestamp; | |
| 28 std::string sha256_root_hash; | |
| 29 DigitallySigned signature; | |
| 30 | |
| 31 static void RegisterJSONConverter( | |
| 32 base::JSONValueConverter<JsonSignedTreeHead>* converted); | |
| 33 }; | |
| 34 | |
| 35 bool ConvertSHA256RootHash(const base::StringPiece& s, std::string* result) { | |
| 36 if (!base::Base64Decode(s, result)) { | |
| 37 DVLOG(1) << "Failed decoding sha256_root_hash"; | |
| 38 return false; | |
| 39 } | |
| 40 | |
| 41 if (result->length() != kSthRootHashLength) { | |
| 42 DVLOG(1) << "sha256_root_hash is expected to be 32 bytes, but is " | |
| 43 << result->length() << " bytes."; | |
| 44 return false; | |
| 45 } | |
| 46 | |
| 47 return true; | |
| 48 } | |
| 49 | |
| 50 bool ConvertTreeHeadSignature(const base::StringPiece& s, | |
| 51 DigitallySigned* result) { | |
| 52 std::string tree_head_signature; | |
| 53 if (!base::Base64Decode(s, &tree_head_signature)) { | |
| 54 DVLOG(1) << "Failed decoding tree_head_signature"; | |
| 55 return false; | |
| 56 } | |
| 57 | |
| 58 base::StringPiece sp(tree_head_signature); | |
| 59 if (!DecodeDigitallySigned(&sp, result)) { | |
| 60 DVLOG(1) << "Failed decoding signature to DigitallySigned"; | |
| 61 return false; | |
| 62 } | |
| 63 return true; | |
| 64 } | |
| 65 | |
| 66 void JsonSignedTreeHead::RegisterJSONConverter( | |
| 67 base::JSONValueConverter<JsonSignedTreeHead>* converter) { | |
| 68 converter->RegisterIntField("tree_size", &JsonSignedTreeHead::tree_size); | |
| 69 converter->RegisterDoubleField("timestamp", &JsonSignedTreeHead::timestamp); | |
| 70 converter->RegisterCustomField("sha256_root_hash", | |
| 71 &JsonSignedTreeHead::sha256_root_hash, | |
| 72 &ConvertSHA256RootHash); | |
| 73 converter->RegisterCustomField<DigitallySigned>( | |
| 74 "tree_head_signature", | |
| 75 &JsonSignedTreeHead::signature, | |
| 76 &ConvertTreeHeadSignature); | |
| 77 } | |
| 78 | |
| 79 bool IsJsonSTHStructurallyValid(const JsonSignedTreeHead& sth) { | |
| 80 if (sth.tree_size < 0) { | |
| 81 DVLOG(1) << "Tree size in Signed Tree Head JSON is negative: " | |
| 82 << sth.tree_size; | |
| 83 return false; | |
| 84 } | |
| 85 | |
| 86 if (sth.timestamp < 0) { | |
| 87 DVLOG(1) << "Timestamp in Signed Tree Head JSON is negative: " | |
| 88 << sth.timestamp; | |
| 89 return false; | |
| 90 } | |
| 91 | |
| 92 if (sth.sha256_root_hash.empty()) { | |
| 93 DVLOG(1) << "Missing SHA256 root hash from Signed Tree Head JSON."; | |
| 94 return false; | |
| 95 } | |
| 96 | |
| 97 if (sth.signature.signature_data.empty()) { | |
| 98 DVLOG(1) << "Missing SHA256 root hash from Signed Tree Head JSON."; | |
| 99 return false; | |
| 100 } | |
| 101 | |
| 102 return true; | |
| 103 } | |
| 104 | |
| 105 } // namespace | |
| 106 | |
| 107 bool FillSignedTreeHead(const base::StringPiece& json_signed_tree_head, | |
| 108 SignedTreeHead* signed_tree_head) { | |
| 109 base::JSONReader json_reader; | |
| 110 scoped_ptr<base::Value> json(json_reader.Read(json_signed_tree_head)); | |
| 111 if (json.get() == NULL) { | |
| 112 DVLOG(1) << "Empty Signed Tree Head JSON."; | |
| 113 return false; | |
| 114 } | |
| 115 | |
| 116 JsonSignedTreeHead parsed_sth; | |
| 117 base::JSONValueConverter<JsonSignedTreeHead> converter; | |
| 118 if (!converter.Convert(*json.get(), &parsed_sth)) { | |
| 119 DVLOG(1) << "Invalid Signed Tree Head JSON."; | |
| 120 return false; | |
| 121 } | |
| 122 | |
| 123 if (!IsJsonSTHStructurallyValid(parsed_sth)) | |
| 124 return false; | |
| 125 | |
| 126 signed_tree_head->version = SignedTreeHead::V1; | |
| 127 signed_tree_head->tree_size = parsed_sth.tree_size; | |
| 128 signed_tree_head->timestamp = | |
| 129 base::Time::UnixEpoch() + | |
| 130 base::TimeDelta::FromMilliseconds( | |
| 131 static_cast<int64>(parsed_sth.timestamp)); | |
| 132 signed_tree_head->signature = parsed_sth.signature; | |
| 133 memcpy(signed_tree_head->sha256_root_hash, | |
| 134 parsed_sth.sha256_root_hash.c_str(), | |
| 135 kSthRootHashLength); | |
| 136 return true; | |
| 137 } | |
| 138 | |
| 139 } // namespace ct | |
| 140 | |
| 141 } // namespace net | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master