Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(37)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: components/gcm_driver/crypto/encryption_header_parsers.cc

Issue 2106333003: Disallow identical names for the Encryption and Crypto-Key headers (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@headers-changes
Patch Set: spell value properly Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | components/gcm_driver/crypto/encryption_header_parsers_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2015 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "components/gcm_driver/crypto/encryption_header_parsers.h" 5 #include "components/gcm_driver/crypto/encryption_header_parsers.h"
6 6
7 #include "base/base64url.h" 7 #include "base/base64url.h"
8 #include "base/strings/string_number_conversions.h" 8 #include "base/strings/string_number_conversions.h"
9 9
10 #include "base/strings/string_util.h" 10 #include "base/strings/string_util.h"
(...skipping 57 matching lines...) Expand 10 before | Expand all | Expand 10 after
68 rs_ = kDefaultRecordSizeBytes; 68 rs_ = kDefaultRecordSizeBytes;
69 69
70 if (!iterator_.GetNext()) 70 if (!iterator_.GetNext())
71 return false; 71 return false;
72 72
73 net::HttpUtil::NameValuePairsIterator name_value_pairs( 73 net::HttpUtil::NameValuePairsIterator name_value_pairs(
74 iterator_.value_begin(), iterator_.value_end(), ';', 74 iterator_.value_begin(), iterator_.value_end(), ';',
75 net::HttpUtil::NameValuePairsIterator::Values::REQUIRED, 75 net::HttpUtil::NameValuePairsIterator::Values::REQUIRED,
76 net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT); 76 net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT);
77 77
78 bool found_keyid = false;
79 bool found_salt = false;
80 bool found_rs = false;
81
78 while (name_value_pairs.GetNext()) { 82 while (name_value_pairs.GetNext()) {
79 const base::StringPiece name(name_value_pairs.name_begin(), 83 const base::StringPiece name(name_value_pairs.name_begin(),
80 name_value_pairs.name_end()); 84 name_value_pairs.name_end());
81 const base::StringPiece value(name_value_pairs.value_begin(), 85 const base::StringPiece value(name_value_pairs.value_begin(),
82 name_value_pairs.value_end()); 86 name_value_pairs.value_end());
83 87
84 if (base::LowerCaseEqualsASCII(name, "keyid")) { 88 if (base::LowerCaseEqualsASCII(name, "keyid")) {
89 if (found_keyid)
90 return false;
85 value.CopyToString(&keyid_); 91 value.CopyToString(&keyid_);
92 found_keyid = true;
86 } else if (base::LowerCaseEqualsASCII(name, "salt")) { 93 } else if (base::LowerCaseEqualsASCII(name, "salt")) {
87 if (!ValueToDecodedString(value, &salt_)) 94 if (found_salt || !ValueToDecodedString(value, &salt_))
88 return false; 95 return false;
96 found_salt = true;
89 } else if (base::LowerCaseEqualsASCII(name, "rs")) { 97 } else if (base::LowerCaseEqualsASCII(name, "rs")) {
90 if (!RecordSizeToInt(value, &rs_)) 98 if (found_rs || !RecordSizeToInt(value, &rs_))
91 return false; 99 return false;
100 found_rs = true;
92 } else { 101 } else {
93 // Silently ignore unknown directives for forward compatibility. 102 // Silently ignore unknown directives for forward compatibility.
94 } 103 }
95 } 104 }
96 105
97 return name_value_pairs.valid(); 106 return name_value_pairs.valid();
98 } 107 }
99 108
100 CryptoKeyHeaderIterator::CryptoKeyHeaderIterator( 109 CryptoKeyHeaderIterator::CryptoKeyHeaderIterator(
101 std::string::const_iterator header_begin, 110 std::string::const_iterator header_begin,
102 std::string::const_iterator header_end) 111 std::string::const_iterator header_end)
103 : iterator_(header_begin, header_end, ',') {} 112 : iterator_(header_begin, header_end, ',') {}
104 113
105 CryptoKeyHeaderIterator::~CryptoKeyHeaderIterator() {} 114 CryptoKeyHeaderIterator::~CryptoKeyHeaderIterator() {}
106 115
107 bool CryptoKeyHeaderIterator::GetNext() { 116 bool CryptoKeyHeaderIterator::GetNext() {
108 keyid_.clear(); 117 keyid_.clear();
109 aesgcm128_.clear(); 118 aesgcm128_.clear();
110 dh_.clear(); 119 dh_.clear();
111 120
112 if (!iterator_.GetNext()) 121 if (!iterator_.GetNext())
113 return false; 122 return false;
114 123
115 net::HttpUtil::NameValuePairsIterator name_value_pairs( 124 net::HttpUtil::NameValuePairsIterator name_value_pairs(
116 iterator_.value_begin(), iterator_.value_end(), ';', 125 iterator_.value_begin(), iterator_.value_end(), ';',
117 net::HttpUtil::NameValuePairsIterator::Values::REQUIRED, 126 net::HttpUtil::NameValuePairsIterator::Values::REQUIRED,
118 net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT); 127 net::HttpUtil::NameValuePairsIterator::Quotes::NOT_STRICT);
119 128
129 bool found_keyid = false;
130 bool found_aesgcm128 = false;
131 bool found_dh = false;
132
120 while (name_value_pairs.GetNext()) { 133 while (name_value_pairs.GetNext()) {
121 const base::StringPiece name(name_value_pairs.name_begin(), 134 const base::StringPiece name(name_value_pairs.name_begin(),
122 name_value_pairs.name_end()); 135 name_value_pairs.name_end());
123 const base::StringPiece value(name_value_pairs.value_begin(), 136 const base::StringPiece value(name_value_pairs.value_begin(),
124 name_value_pairs.value_end()); 137 name_value_pairs.value_end());
125 138
126 if (base::LowerCaseEqualsASCII(name, "keyid")) { 139 if (base::LowerCaseEqualsASCII(name, "keyid")) {
140 if (found_keyid)
141 return false;
127 value.CopyToString(&keyid_); 142 value.CopyToString(&keyid_);
143 found_keyid = true;
128 } else if (base::LowerCaseEqualsASCII(name, "aesgcm128")) { 144 } else if (base::LowerCaseEqualsASCII(name, "aesgcm128")) {
129 if (!ValueToDecodedString(value, &aesgcm128_)) 145 if (found_aesgcm128 || !ValueToDecodedString(value, &aesgcm128_))
130 return false; 146 return false;
147 found_aesgcm128 = true;
131 } else if (base::LowerCaseEqualsASCII(name, "dh")) { 148 } else if (base::LowerCaseEqualsASCII(name, "dh")) {
132 if (!ValueToDecodedString(value, &dh_)) 149 if (found_dh || !ValueToDecodedString(value, &dh_))
133 return false; 150 return false;
151 found_dh = true;
134 } else { 152 } else {
135 // Silently ignore unknown directives for forward compatibility. 153 // Silently ignore unknown directives for forward compatibility.
136 } 154 }
137 } 155 }
138 156
139 return name_value_pairs.valid(); 157 return name_value_pairs.valid();
140 } 158 }
141 159
142 } // namespace gcm 160 } // namespace gcm
OLDNEW
« no previous file with comments | « no previous file | components/gcm_driver/crypto/encryption_header_parsers_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698