OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/base/x509_cert_types.h" | 5 #include "net/base/x509_cert_types.h" |
6 | 6 |
7 #include <cstdlib> | 7 #include <cstdlib> |
8 #include <cstring> | 8 #include <cstring> |
9 | 9 |
10 #include "base/base64.h" | |
10 #include "base/logging.h" | 11 #include "base/logging.h" |
11 #include "base/sha1.h" | 12 #include "base/sha1.h" |
12 #include "base/string_number_conversions.h" | 13 #include "base/string_number_conversions.h" |
13 #include "base/string_piece.h" | 14 #include "base/string_piece.h" |
15 #include "base/string_split.h" | |
16 #include "base/string_util.h" | |
14 #include "base/time.h" | 17 #include "base/time.h" |
15 #include "net/base/x509_certificate.h" | 18 #include "net/base/x509_certificate.h" |
16 | 19 |
17 namespace net { | 20 namespace net { |
18 | 21 |
19 namespace { | 22 namespace { |
20 | 23 |
21 // Helper for ParseCertificateDate. |*field| must contain at least | 24 // Helper for ParseCertificateDate. |*field| must contain at least |
22 // |field_len| characters. |*field| will be advanced by |field_len| on exit. | 25 // |field_len| characters. |*field| will be advanced by |field_len| on exit. |
23 // |*ok| is set to false if there is an error in parsing the number, but left | 26 // |*ok| is set to false if there is an error in parsing the number, but left |
24 // untouched otherwise. Returns the parsed integer. | 27 // untouched otherwise. Returns the parsed integer. |
25 int ParseIntAndAdvance(const char** field, size_t field_len, bool* ok) { | 28 int ParseIntAndAdvance(const char** field, size_t field_len, bool* ok) { |
26 int result = 0; | 29 int result = 0; |
27 *ok &= base::StringToInt(base::StringPiece(*field, field_len), &result); | 30 *ok &= base::StringToInt(base::StringPiece(*field, field_len), &result); |
28 *field += field_len; | 31 *field += field_len; |
29 return result; | 32 return result; |
30 } | 33 } |
31 | 34 |
32 // CompareSHA1Hashes is a helper function for using bsearch() with an array of | 35 // CompareSHA1Hashes is a helper function for using bsearch() with an array of |
33 // SHA1 hashes. | 36 // SHA1 hashes. |
34 int CompareSHA1Hashes(const void* a, const void* b) { | 37 int CompareSHA1Hashes(const void* a, const void* b) { |
35 return memcmp(a, b, base::kSHA1Length); | 38 return memcmp(a, b, base::kSHA1Length); |
36 } | 39 } |
37 | 40 |
38 } // namespace | 41 } // namespace |
39 | 42 |
40 // static | |
41 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, | 43 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash, |
42 const uint8* array, | 44 const uint8* array, |
43 size_t array_byte_len) { | 45 size_t array_byte_len) { |
44 DCHECK_EQ(0u, array_byte_len % base::kSHA1Length); | 46 DCHECK_EQ(0u, array_byte_len % base::kSHA1Length); |
45 const size_t arraylen = array_byte_len / base::kSHA1Length; | 47 const size_t arraylen = array_byte_len / base::kSHA1Length; |
46 return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length, | 48 return NULL != bsearch(hash.data, array, arraylen, base::kSHA1Length, |
47 CompareSHA1Hashes); | 49 CompareSHA1Hashes); |
48 } | 50 } |
49 | 51 |
52 bool HashesIntersect(const HashValueVector& a, | |
53 const HashValueVector& b) { | |
54 for (HashValueVector::const_iterator i = a.begin(); i != a.end(); ++i) { | |
55 HashValueVector::const_iterator j = | |
56 std::find_if(b.begin(), b.end(), HashValuesEqualPredicate(*i)); | |
57 if (j != b.end()) | |
58 return true; | |
59 } | |
60 return false; | |
61 } | |
62 | |
63 std::string HashesToBase64String(const HashValueVector& hashes) { | |
64 std::string str; | |
65 for (size_t i = 0; i != hashes.size(); ++i) { | |
66 if (i != 0) | |
67 str += ","; | |
68 str += hashes[i].WriteBase64String(); | |
69 } | |
70 return str; | |
71 } | |
72 | |
73 bool Base64StringToHashes(const std::string& hashes_str, | |
74 HashValueVector* hashes) { | |
75 if (!hashes_str.empty()) { | |
Ryan Sleevi
2012/10/25 01:59:09
Rather than structuring code along the
if (success
Ryan Sleevi
2012/10/25 01:59:09
design nit:
You have not documented what the pre-a
unsafe
2012/10/25 06:59:54
Fixed - documented, clears |hashes|, returns true
| |
76 std::vector<std::string> type_and_b64s; | |
77 base::SplitString(hashes_str, ',', &type_and_b64s); | |
78 | |
79 for (size_t i = 0; i != type_and_b64s.size(); i++) { | |
Ryan Sleevi
2012/10/25 01:59:09
style nit: pre-increment (++i)
http://google-styl
unsafe
2012/10/25 06:59:54
Done.
| |
80 std::string type_and_b64; | |
81 RemoveChars(type_and_b64s[i], " \t\r\n", &type_and_b64); | |
Ryan Sleevi
2012/10/25 01:59:09
RemoveChars(type_and_b64s[i], " \t\r\n", &type_and
unsafe
2012/10/25 06:59:54
This function isn't processing the HTTP header, it
| |
82 net::HashValue hash; | |
83 if (!hash.ParseBase64String(type_and_b64)) | |
84 return false; | |
85 hashes->push_back(hash); | |
86 } | |
87 } | |
88 return true; | |
89 } | |
90 | |
50 CertPrincipal::CertPrincipal() { | 91 CertPrincipal::CertPrincipal() { |
51 } | 92 } |
52 | 93 |
53 CertPrincipal::CertPrincipal(const std::string& name) : common_name(name) {} | 94 CertPrincipal::CertPrincipal(const std::string& name) : common_name(name) {} |
54 | 95 |
55 CertPrincipal::~CertPrincipal() { | 96 CertPrincipal::~CertPrincipal() { |
56 } | 97 } |
57 | 98 |
58 std::string CertPrincipal::GetDisplayName() const { | 99 std::string CertPrincipal::GetDisplayName() const { |
59 if (!common_name.empty()) | 100 if (!common_name.empty()) |
(...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
150 case HASH_VALUE_SHA1: | 191 case HASH_VALUE_SHA1: |
151 return fingerprint.sha1.Equals(other.fingerprint.sha1); | 192 return fingerprint.sha1.Equals(other.fingerprint.sha1); |
152 case HASH_VALUE_SHA256: | 193 case HASH_VALUE_SHA256: |
153 return fingerprint.sha256.Equals(other.fingerprint.sha256); | 194 return fingerprint.sha256.Equals(other.fingerprint.sha256); |
154 default: | 195 default: |
155 NOTREACHED() << "Unknown HashValueTag " << tag; | 196 NOTREACHED() << "Unknown HashValueTag " << tag; |
156 return false; | 197 return false; |
157 } | 198 } |
158 } | 199 } |
159 | 200 |
201 bool HashValue::ParseBase64String(const std::string& value) { | |
202 std::string b64; | |
Ryan Sleevi
2012/10/25 01:59:09
naming nit: b64 is too abbreviated. Applies throug
unsafe
2012/10/25 06:59:54
Changed the names.
| |
203 if (value.substr(0, 5) == "sha1/") { | |
204 tag = HASH_VALUE_SHA1; | |
205 b64 = value.substr(5, 28); // length of base64 string | |
206 } else if (value.substr(0, 7) == "sha256/") { | |
207 tag = HASH_VALUE_SHA256; | |
208 b64 = value.substr(7, 44); // length of base64 string | |
209 } else { | |
210 return false; | |
211 } | |
212 | |
213 std::string decoded; | |
214 if (!base::Base64Decode(b64, &decoded) || decoded.size() != size()) { | |
215 return false; | |
216 } | |
217 memcpy(data(), decoded.data(), size()); | |
218 return true; | |
219 } | |
220 | |
221 std::string HashValue::WriteBase64String() const { | |
222 std::string b64; | |
223 base::Base64Encode(std::string((const char*)data(), size()), &b64); | |
Ryan Sleevi
2012/10/25 01:59:09
design nit: Encode expects a base::StringPiece rat
unsafe
2012/10/25 06:59:54
Done.
| |
224 if (tag == HASH_VALUE_SHA1) | |
225 return std::string("sha1/" + b64); | |
226 else if (tag == HASH_VALUE_SHA256) | |
227 return std::string("sha256/" + b64); | |
228 return std::string("unknown/" + b64); | |
Ryan Sleevi
2012/10/25 01:59:09
nit: Write this as a switch statement, with no "de
unsafe
2012/10/25 06:59:54
Changed to a switch. The existing code in this fi
| |
229 } | |
230 | |
160 size_t HashValue::size() const { | 231 size_t HashValue::size() const { |
161 switch (tag) { | 232 switch (tag) { |
162 case HASH_VALUE_SHA1: | 233 case HASH_VALUE_SHA1: |
163 return sizeof(fingerprint.sha1.data); | 234 return sizeof(fingerprint.sha1.data); |
164 case HASH_VALUE_SHA256: | 235 case HASH_VALUE_SHA256: |
165 return sizeof(fingerprint.sha256.data); | 236 return sizeof(fingerprint.sha256.data); |
166 default: | 237 default: |
167 NOTREACHED() << "Unknown HashValueTag " << tag; | 238 NOTREACHED() << "Unknown HashValueTag " << tag; |
168 // Although this is NOTREACHED, this function might be inlined and its | 239 // Although this is NOTREACHED, this function might be inlined and its |
169 // return value can be passed to memset as the length argument. If we | 240 // return value can be passed to memset as the length argument. If we |
(...skipping 15 matching lines...) Expand all Loading... | |
185 return fingerprint.sha1.data; | 256 return fingerprint.sha1.data; |
186 case HASH_VALUE_SHA256: | 257 case HASH_VALUE_SHA256: |
187 return fingerprint.sha256.data; | 258 return fingerprint.sha256.data; |
188 default: | 259 default: |
189 NOTREACHED() << "Unknown HashValueTag " << tag; | 260 NOTREACHED() << "Unknown HashValueTag " << tag; |
190 return NULL; | 261 return NULL; |
191 } | 262 } |
192 } | 263 } |
193 | 264 |
194 } // namespace net | 265 } // namespace net |
OLD | NEW |