OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/ssl_errors/error_classification.h" | 5 #include "components/ssl_errors/error_classification.h" |
6 | 6 |
7 #include <limits.h> | 7 #include <limits.h> |
8 #include <stddef.h> | 8 #include <stddef.h> |
9 | 9 |
10 #include <vector> | 10 #include <vector> |
(...skipping 278 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
289 // deletions or substitutions) required to change one word into the other. | 289 // deletions or substitutions) required to change one word into the other. |
290 // https://en.wikipedia.org/wiki/Levenshtein_distance | 290 // https://en.wikipedia.org/wiki/Levenshtein_distance |
291 size_t GetLevenshteinDistance(const std::string& str1, | 291 size_t GetLevenshteinDistance(const std::string& str1, |
292 const std::string& str2) { | 292 const std::string& str2) { |
293 if (str1 == str2) | 293 if (str1 == str2) |
294 return 0; | 294 return 0; |
295 if (str1.size() == 0) | 295 if (str1.size() == 0) |
296 return str2.size(); | 296 return str2.size(); |
297 if (str2.size() == 0) | 297 if (str2.size() == 0) |
298 return str1.size(); | 298 return str1.size(); |
299 std::vector<size_t> kFirstRow(str2.size() + 1, 0); | |
300 std::vector<size_t> kSecondRow(str2.size() + 1, 0); | |
301 | 299 |
302 for (size_t i = 0; i < kFirstRow.size(); ++i) | 300 std::vector<size_t> row(str2.size() + 1); |
303 kFirstRow[i] = i; | 301 for (size_t i = 0; i < row.size(); ++i) |
| 302 row[i] = i; |
| 303 |
304 for (size_t i = 0; i < str1.size(); ++i) { | 304 for (size_t i = 0; i < str1.size(); ++i) { |
305 kSecondRow[0] = i + 1; | 305 row[0] = i + 1; |
| 306 size_t previous = i; |
306 for (size_t j = 0; j < str2.size(); ++j) { | 307 for (size_t j = 0; j < str2.size(); ++j) { |
| 308 size_t old_row = row[j + 1]; |
307 int cost = str1[i] == str2[j] ? 0 : 1; | 309 int cost = str1[i] == str2[j] ? 0 : 1; |
308 kSecondRow[j + 1] = | 310 row[j + 1] = std::min(std::min(row[j], row[j + 1]) + 1, previous + cost); |
309 std::min(std::min(kSecondRow[j] + 1, kFirstRow[j + 1] + 1), | 311 previous = old_row; |
310 kFirstRow[j] + cost); | |
311 } | 312 } |
312 for (size_t j = 0; j < kFirstRow.size(); j++) | |
313 kFirstRow[j] = kSecondRow[j]; | |
314 } | 313 } |
315 return kSecondRow[str2.size()]; | 314 return row[str2.size()]; |
316 } | 315 } |
317 | 316 |
318 bool IsSubDomainOutsideWildcard(const GURL& request_url, | 317 bool IsSubDomainOutsideWildcard(const GURL& request_url, |
319 const net::X509Certificate& cert) { | 318 const net::X509Certificate& cert) { |
320 std::string host_name = request_url.host(); | 319 std::string host_name = request_url.host(); |
321 HostnameTokens host_name_tokens = Tokenize(host_name); | 320 HostnameTokens host_name_tokens = Tokenize(host_name); |
322 std::vector<std::string> dns_names; | 321 std::vector<std::string> dns_names; |
323 cert.GetDNSNames(&dns_names); | 322 cert.GetDNSNames(&dns_names); |
324 bool result = false; | 323 bool result = false; |
325 | 324 |
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
373 static const int kDistinctNameThreshold = 5; | 372 static const int kDistinctNameThreshold = 5; |
374 if (dns_names_size > kDistinctNameThreshold) | 373 if (dns_names_size > kDistinctNameThreshold) |
375 return true; | 374 return true; |
376 | 375 |
377 // Heuristic - The edit distance between all the strings should be at least 5 | 376 // Heuristic - The edit distance between all the strings should be at least 5 |
378 // for it to be counted as a shared SSLCertificate. If even one pair of | 377 // for it to be counted as a shared SSLCertificate. If even one pair of |
379 // strings edit distance is below 5 then the certificate is no longer | 378 // strings edit distance is below 5 then the certificate is no longer |
380 // considered as a shared certificate. Include the host name in the URL also | 379 // considered as a shared certificate. Include the host name in the URL also |
381 // while comparing. | 380 // while comparing. |
382 dns_names.push_back(host_name); | 381 dns_names.push_back(host_name); |
383 static const size_t kMinimumEditDsitance = 5; | 382 static const size_t kMinimumEditDistance = 5; |
384 for (size_t i = 0; i < dns_names_size; ++i) { | 383 for (size_t i = 0; i < dns_names_size; ++i) { |
385 for (size_t j = i + 1; j < dns_names_size; ++j) { | 384 for (size_t j = i + 1; j < dns_names_size; ++j) { |
386 size_t edit_distance = GetLevenshteinDistance(dns_names[i], dns_names[j]); | 385 size_t edit_distance = GetLevenshteinDistance(dns_names[i], dns_names[j]); |
387 if (edit_distance < kMinimumEditDsitance) | 386 if (edit_distance < kMinimumEditDistance) |
388 return false; | 387 return false; |
389 } | 388 } |
390 } | 389 } |
391 return true; | 390 return true; |
392 } | 391 } |
393 | 392 |
394 bool IsCertLikelyFromSameDomain(const GURL& request_url, | 393 bool IsCertLikelyFromSameDomain(const GURL& request_url, |
395 const net::X509Certificate& cert) { | 394 const net::X509Certificate& cert) { |
396 std::string host_name = request_url.host(); | 395 std::string host_name = request_url.host(); |
397 std::vector<std::string> dns_names; | 396 std::vector<std::string> dns_names; |
(...skipping 16 matching lines...) Expand all Loading... |
414 return std::find(dns_names_domain.begin(), dns_names_domain.end() - 1, | 413 return std::find(dns_names_domain.begin(), dns_names_domain.end() - 1, |
415 host_name_domain) != dns_names_domain.end() - 1; | 414 host_name_domain) != dns_names_domain.end() - 1; |
416 } | 415 } |
417 | 416 |
418 bool IsHostnameNonUniqueOrDotless(const std::string& hostname) { | 417 bool IsHostnameNonUniqueOrDotless(const std::string& hostname) { |
419 return net::IsHostnameNonUnique(hostname) || | 418 return net::IsHostnameNonUnique(hostname) || |
420 hostname.find('.') == std::string::npos; | 419 hostname.find('.') == std::string::npos; |
421 } | 420 } |
422 | 421 |
423 } // namespace ssl_errors | 422 } // namespace ssl_errors |
OLD | NEW |