Separate http_security_headers from transport_security_state

net/base/x509_cert_types.cc

Index: net/base/x509_cert_types.cc
===================================================================
--- net/base/x509_cert_types.cc	(revision 164213)
+++ net/base/x509_cert_types.cc	(working copy)
@@ -7,10 +7,13 @@
 #include <cstdlib>
 #include <cstring>
 
+#include "base/base64.h"
 #include "base/logging.h"
 #include "base/sha1.h"
 #include "base/string_number_conversions.h"
 #include "base/string_piece.h"
+#include "base/string_split.h"
+#include "base/string_util.h"
 #include "base/time.h"
 #include "net/base/x509_certificate.h"
 
@@ -37,7 +40,6 @@
 
 }  // namespace
 
-// static
 bool IsSHA1HashInSortedArray(const SHA1HashValue& hash,
                              const uint8* array,
                              size_t array_byte_len) {
@@ -47,6 +49,46 @@
                          CompareSHA1Hashes);
 }
 
+bool HashesIntersect(const HashValueVector& a,
+                     const HashValueVector& b) {
+  for (HashValueVector::const_iterator i = a.begin(); i != a.end(); ++i) {
+    HashValueVector::const_iterator j =
+      std::find_if(b.begin(), b.end(), HashValuesEqual(*i));
+    if (j != b.end())
+      return true;
+  }
+  return false;
+}
+
+std::string HashesToBase64String(const HashValueVector& hashes) {
+  std::string str;
+  for (size_t i = 0; i != hashes.size(); ++i) {
+    if (i != 0)
+      str += ",";
+    str += hashes[i].WriteBase64String();
+  }
+  return str;
+}
+
+bool Base64StringToHashes(const std::string& hashes_str,
+                          HashValueVector* hashes) {
+  hashes->clear();
+  if (hashes_str.empty())
+    return true;
+  std::vector<std::string> vector_hash_str;
+  base::SplitString(hashes_str, ',', &vector_hash_str);
+
+  for (size_t i = 0; i != vector_hash_str.size(); ++i) {
+    std::string hash_str;
+    RemoveChars(vector_hash_str[i], " \t\r\n", &hash_str);
+    net::HashValue hash;
+    if (!hash.ParseBase64String(hash_str))
+      return false;
+    hashes->push_back(hash);
+  }
+  return true;
+}
+
 CertPrincipal::CertPrincipal() {
 }
 
@@ -157,6 +199,42 @@
   }
 }
 
+bool HashValue::ParseBase64String(const std::string& value) {
+  std::string base64_str;
+  if (value.substr(0, 5) == "sha1/") {
+    tag = HASH_VALUE_SHA1;
+    base64_str = value.substr(5, 28);  // length of base64 string
+  } else if (value.substr(0, 7) == "sha256/") {
+    tag = HASH_VALUE_SHA256;
+    base64_str = value.substr(7, 44);  // length of base64 string
+  } else {
+    return false;
+  }
+
+  std::string decoded;
+  if (!base::Base64Decode(base64_str, &decoded) ||
+      decoded.size() != size()) {
+    return false;
+  }
+  memcpy(data(), decoded.data(), size());
+  return true;
+}
+
+std::string HashValue::WriteBase64String() const {
+  std::string base64_str;
+  base::Base64Encode(base::StringPiece(reinterpret_cast<const char*>(data()),
+                                       size()), &base64_str);
+  switch (tag) {
+  case HASH_VALUE_SHA1:
+    return std::string("sha1/" + base64_str);
+  case HASH_VALUE_SHA256:
+    return std::string("sha256/" + base64_str);
+  default:
+    NOTREACHED() << "Unknown HashValueTag " << tag;
+    return std::string("unknown/" + base64_str);
+  }
+}
+
 size_t HashValue::size() const {
   switch (tag) {
     case HASH_VALUE_SHA1: