OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // public_key_hashes_check.go runs tests on public_key_hashes.h. It's not run | 5 // public_key_hashes_check.go runs tests on public_key_hashes.h. It's not run |
6 // automatically, but rather as part of the process of manually updating | 6 // automatically, but rather as part of the process of manually updating |
7 // public_key_hashes.h | 7 // public_key_hashes.h |
8 // | 8 // |
9 // It verifies that each hash in the file is correct given the preceeding | 9 // It verifies that each hash in the file is correct given the preceeding |
10 // certificate and that the name of the variable matches the name given in the | 10 // certificate and that the name of the variable matches the name given in the |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
46 // the given CN. | 46 // the given CN. |
47 func matchNames(name, v string) error { | 47 func matchNames(name, v string) error { |
48 words := strings.Split(name, " ") | 48 words := strings.Split(name, " ") |
49 if len(words) == 0 { | 49 if len(words) == 0 { |
50 return errors.New("No words in certificate name") | 50 return errors.New("No words in certificate name") |
51 } | 51 } |
52 firstWord := words[0] | 52 firstWord := words[0] |
53 if strings.HasSuffix(firstWord, ",") { | 53 if strings.HasSuffix(firstWord, ",") { |
54 firstWord = firstWord[:len(firstWord)-1] | 54 firstWord = firstWord[:len(firstWord)-1] |
55 } | 55 } |
| 56 if pos := strings.Index(firstWord, "."); pos != -1 { |
| 57 firstWord = firstWord[:pos] |
| 58 } |
| 59 if pos := strings.Index(firstWord, "-"); pos != -1 { |
| 60 firstWord = firstWord[:pos] |
| 61 } |
56 if !strings.HasPrefix(v, firstWord) { | 62 if !strings.HasPrefix(v, firstWord) { |
57 return errors.New("The first word of the certificate name isn't
a prefix of the variable name") | 63 return errors.New("The first word of the certificate name isn't
a prefix of the variable name") |
58 } | 64 } |
59 | 65 |
60 for i, word := range words { | 66 for i, word := range words { |
61 if word == "Class" && i+1 < len(words) { | 67 if word == "Class" && i+1 < len(words) { |
62 if strings.Index(v, word+words[i+1]) == -1 { | 68 if strings.Index(v, word+words[i+1]) == -1 { |
63 return errors.New("Class specification doesn't a
ppear in the variable name") | 69 return errors.New("Class specification doesn't a
ppear in the variable name") |
64 } | 70 } |
65 } else if len(word) == 1 && word[0] >= '0' && word[0] <= '9' { | 71 } else if len(word) == 1 && word[0] >= '0' && word[0] <= '9' { |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
128 cert = append(cert, newLine...) | 134 cert = append(cert, newLine...) |
129 case POSTDECL: | 135 case POSTDECL: |
130 trimmed := bytes.TrimSpace(line) | 136 trimmed := bytes.TrimSpace(line) |
131 if len(trimmed) < 8 || !bytes.HasPrefix(trimmed, []byte(
"\"sha1/")) { | 137 if len(trimmed) < 8 || !bytes.HasPrefix(trimmed, []byte(
"\"sha1/")) { |
132 fmt.Fprintf(os.Stderr, "Line %d is immediately a
fter a declation, but failed to find a hash on it\n", lineNo) | 138 fmt.Fprintf(os.Stderr, "Line %d is immediately a
fter a declation, but failed to find a hash on it\n", lineNo) |
133 return | 139 return |
134 } | 140 } |
135 trimmed = trimmed[6 : len(trimmed)-2] | 141 trimmed = trimmed[6 : len(trimmed)-2] |
136 h := sha1.New() | 142 h := sha1.New() |
137 h.Write(x509Cert.RawSubjectPublicKeyInfo) | 143 h.Write(x509Cert.RawSubjectPublicKeyInfo) |
138 » » » shouldBe := base64.StdEncoding.EncodeToString(h.Sum()) | 144 » » » shouldBe := base64.StdEncoding.EncodeToString(h.Sum(nil)
) |
139 if shouldBe != string(trimmed) { | 145 if shouldBe != string(trimmed) { |
140 fmt.Fprintf(os.Stderr, "Line %d: hash should be
%s, but found %s\n", lineNo, shouldBe, trimmed) | 146 fmt.Fprintf(os.Stderr, "Line %d: hash should be
%s, but found %s\n", lineNo, shouldBe, trimmed) |
141 return | 147 return |
142 } | 148 } |
143 if _, ok := seenHashes[shouldBe]; ok { | 149 if _, ok := seenHashes[shouldBe]; ok { |
144 fmt.Fprintf(os.Stderr, "Line %d: duplicated hash
\n", lineNo) | 150 fmt.Fprintf(os.Stderr, "Line %d: duplicated hash
\n", lineNo) |
145 return | 151 return |
146 } | 152 } |
147 seenHashes[shouldBe] = true | 153 seenHashes[shouldBe] = true |
148 state = PRECERT | 154 state = PRECERT |
(...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
220 state = POSTDECL | 226 state = POSTDECL |
221 case POSTDECL: | 227 case POSTDECL: |
222 fmt.Fprintf(os.Stderr, "Found declation at line
%d, but missed the hash value of the previous one\n", lineNo) | 228 fmt.Fprintf(os.Stderr, "Found declation at line
%d, but missed the hash value of the previous one\n", lineNo) |
223 return | 229 return |
224 default: | 230 default: |
225 panic("bad state") | 231 panic("bad state") |
226 } | 232 } |
227 } | 233 } |
228 } | 234 } |
229 } | 235 } |
OLD | NEW |