OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/transport_security_state.h" | 5 #include "net/base/transport_security_state.h" |
6 | 6 |
7 #include <nspr.h> | 7 #include <nspr.h> |
8 | 8 |
9 #include <cryptohi.h> | 9 #include <cryptohi.h> |
10 #include <hasht.h> | 10 #include <hasht.h> |
11 #include <keyhi.h> | 11 #include <keyhi.h> |
12 #include <pk11pub.h> | 12 #include <pk11pub.h> |
13 | 13 |
14 // NSS leaks #defines from its headers which will upset base/sha1.h. | |
15 #if defined(SHA1_LENGTH) | |
16 #undef SHA1_LENGTH | |
17 #endif | |
18 | |
19 #include "base/base64.h" | 14 #include "base/base64.h" |
20 #include "base/json/json_reader.h" | 15 #include "base/json/json_reader.h" |
21 #include "base/json/json_writer.h" | 16 #include "base/json/json_writer.h" |
22 #include "base/logging.h" | 17 #include "base/logging.h" |
23 #include "base/memory/scoped_ptr.h" | 18 #include "base/memory/scoped_ptr.h" |
24 #include "base/sha1.h" | 19 #include "base/sha1.h" |
25 #include "base/string_number_conversions.h" | 20 #include "base/string_number_conversions.h" |
26 #include "base/string_tokenizer.h" | 21 #include "base/string_tokenizer.h" |
27 #include "base/string_util.h" | 22 #include "base/string_util.h" |
28 #include "base/utf_string_conversions.h" | 23 #include "base/utf_string_conversions.h" |
(...skipping 543 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
572 enabled_hosts_.clear(); | 567 enabled_hosts_.clear(); |
573 return Deserialise(input, dirty, &enabled_hosts_); | 568 return Deserialise(input, dirty, &enabled_hosts_); |
574 } | 569 } |
575 | 570 |
576 static bool AddHash(const std::string& type_and_base64, | 571 static bool AddHash(const std::string& type_and_base64, |
577 std::vector<SHA1Fingerprint>* out) { | 572 std::vector<SHA1Fingerprint>* out) { |
578 std::string hash_str; | 573 std::string hash_str; |
579 if (type_and_base64.find("sha1/") == 0 && | 574 if (type_and_base64.find("sha1/") == 0 && |
580 base::Base64Decode(type_and_base64.substr(5, type_and_base64.size() - 5), | 575 base::Base64Decode(type_and_base64.substr(5, type_and_base64.size() - 5), |
581 &hash_str) && | 576 &hash_str) && |
582 hash_str.size() == base::SHA1_LENGTH) { | 577 hash_str.size() == base::kSHA1Length) { |
583 SHA1Fingerprint hash; | 578 SHA1Fingerprint hash; |
584 memcpy(hash.data, hash_str.data(), sizeof(hash.data)); | 579 memcpy(hash.data, hash_str.data(), sizeof(hash.data)); |
585 out->push_back(hash); | 580 out->push_back(hash); |
586 return true; | 581 return true; |
587 } | 582 } |
588 return false; | 583 return false; |
589 } | 584 } |
590 | 585 |
591 // static | 586 // static |
592 bool TransportSecurityState::Deserialise( | 587 bool TransportSecurityState::Deserialise( |
(...skipping 411 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1004 } | 999 } |
1005 | 1000 |
1006 LOG(ERROR) << "Rejecting public key chain for domain " << domain | 1001 LOG(ERROR) << "Rejecting public key chain for domain " << domain |
1007 << ". Validated chain: " << HashesToBase64String(hashes) | 1002 << ". Validated chain: " << HashesToBase64String(hashes) |
1008 << ", expected: " << HashesToBase64String(public_key_hashes); | 1003 << ", expected: " << HashesToBase64String(public_key_hashes); |
1009 | 1004 |
1010 return false; | 1005 return false; |
1011 } | 1006 } |
1012 | 1007 |
1013 } // namespace | 1008 } // namespace |
OLD | NEW |