Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(202)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/net/crl_set_fetcher.cc

Issue 8342054: net: enable CRL sets behind a command line flag. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 9 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref.cc » ('j') | net/base/cert_verifier.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/net/crl_set_fetcher.h" 5 #include "chrome/browser/net/crl_set_fetcher.h"
6 6
7 #include "base/file_util.h" 7 #include "base/file_util.h"
8 #include "base/path_service.h" 8 #include "base/path_service.h"
9 #include "base/rand_util.h" 9 #include "base/rand_util.h"
10 #include "base/time.h" 10 #include "base/time.h"
(...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after
115 LOG(WARNING) << "Refusing to downgrade CRL set from #" 115 LOG(WARNING) << "Refusing to downgrade CRL set from #"
116 << old_crl_set->sequence() 116 << old_crl_set->sequence()
117 << "to #" 117 << "to #"
118 << crl_set->sequence(); 118 << crl_set->sequence();
119 } else { 119 } else {
120 net::SSLConfigService::SetCRLSet(crl_set); 120 net::SSLConfigService::SetCRLSet(crl_set);
121 VLOG(1) << "Installed CRL set #" << crl_set->sequence(); 121 VLOG(1) << "Installed CRL set #" << crl_set->sequence();
122 } 122 }
123 } 123 }
124 124
125 // TODO(agl): this is a key for testing only. Replace with a real key. 125 // kPublicKeySHA256 is the SHA256 hash of the SubjectPublicKeyInfo of the key
126 // that's used to sign generated CRL sets.
126 static const uint8 kPublicKeySHA256[32] = { 127 static const uint8 kPublicKeySHA256[32] = {
127 0x0f, 0x0e, 0xa7, 0x94, 0x37, 0x6b, 0x60, 0x9a, 128 0x75, 0xda, 0xf8, 0xcb, 0x77, 0x68, 0x40, 0x33,
128 0x90, 0x09, 0x3e, 0xbb, 0xce, 0xe8, 0xd7, 0x4b, 129 0x65, 0x4c, 0x97, 0xe5, 0xc5, 0x1b, 0xcd, 0x81,
129 0xc2, 0x78, 0x17, 0x43, 0x63, 0xd5, 0xb4, 0x43, 130 0x7b, 0x1e, 0xeb, 0x11, 0x2c, 0xe1, 0xa4, 0x33,
130 0xc1, 0x49, 0xc6, 0x44, 0x40, 0x43, 0xae, 0x2a, 131 0x8c, 0xf5, 0x72, 0x5e, 0xed, 0xb8, 0x43, 0x97,
131 }; 132 };
132 133
133 void CRLSetFetcher::RegisterComponent(uint32 sequence_of_loaded_crl) { 134 void CRLSetFetcher::RegisterComponent(uint32 sequence_of_loaded_crl) {
134 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 135 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
135 136
136 CrxComponent component; 137 CrxComponent component;
137 component.pk_hash.assign(&kPublicKeySHA256[0], 138 component.pk_hash.assign(kPublicKeySHA256,
138 &kPublicKeySHA256[0] + sizeof(kPublicKeySHA256)); 139 kPublicKeySHA256 + sizeof(kPublicKeySHA256));
139 component.installer = this; 140 component.installer = this;
140 component.name = "CRLSet"; 141 component.name = "CRLSet";
141 component.version = Version(base::UintToString(sequence_of_loaded_crl)); 142 component.version = Version(base::UintToString(sequence_of_loaded_crl));
142 if (!component.version.IsValid()) { 143 if (!component.version.IsValid()) {
143 NOTREACHED(); 144 NOTREACHED();
144 component.version = Version("0"); 145 component.version = Version("0");
145 } 146 }
146 147
147 if (cus_->RegisterComponent(component) != 148 if (cus_->RegisterComponent(component) !=
148 ComponentUpdateService::kOk) { 149 ComponentUpdateService::kOk) {
(...skipping 10 matching lines...) Expand all
159 const FilePath& unpack_path) { 160 const FilePath& unpack_path) {
160 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); 161 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));
161 162
162 FilePath crl_set_file_path = unpack_path.Append(FILE_PATH_LITERAL("crl-set")); 163 FilePath crl_set_file_path = unpack_path.Append(FILE_PATH_LITERAL("crl-set"));
163 FilePath save_to; 164 FilePath save_to;
164 if (!GetCRLSetFilePath(&save_to)) 165 if (!GetCRLSetFilePath(&save_to))
165 return true; 166 return true;
166 LoadFromDisk(crl_set_file_path, save_to, NULL); 167 LoadFromDisk(crl_set_file_path, save_to, NULL);
167 return true; 168 return true;
168 } 169 }
OLDNEW
« no previous file with comments | « no previous file | chrome/browser/net/ssl_config_service_manager_pref.cc » ('j') | net/base/cert_verifier.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698