| Index: components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.cc
|
| diff --git a/components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.cc b/components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.cc
|
| deleted file mode 100644
|
| index bcb8cdb0bbffbb568d1004d8012efc1122e78d9d..0000000000000000000000000000000000000000
|
| --- a/components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.cc
|
| +++ /dev/null
|
| @@ -1,152 +0,0 @@
|
| -// Copyright 2014 The Chromium Authors. All rights reserved.
|
| -// Use of this source code is governed by a BSD-style license that can be
|
| -// found in the LICENSE file.
|
| -
|
| -#include "components/packed_ct_ev_whitelist/packed_ct_ev_whitelist.h"
|
| -
|
| -#include <string.h>
|
| -
|
| -#include <algorithm>
|
| -
|
| -#include "base/big_endian.h"
|
| -#include "base/files/file_util.h"
|
| -#include "base/lazy_instance.h"
|
| -#include "base/logging.h"
|
| -#include "components/packed_ct_ev_whitelist/bit_stream_reader.h"
|
| -#include "content/public/browser/browser_thread.h"
|
| -#include "net/ssl/ssl_config_service.h"
|
| -
|
| -namespace {
|
| -const uint8_t kCertHashLengthBits = 64; // 8 bytes
|
| -const uint8_t kCertHashLength = kCertHashLengthBits / 8;
|
| -const uint64_t kGolombMParameterBits = 47; // 2^47
|
| -
|
| -void SetEVWhitelistInSSLConfigService(
|
| - const scoped_refptr<net::ct::EVCertsWhitelist>& new_whitelist) {
|
| - VLOG(1) << "Setting new EV Certs whitelist.";
|
| - net::SSLConfigService::SetEVCertsWhitelist(new_whitelist);
|
| -}
|
| -
|
| -int TruncatedHashesComparator(const void* v1, const void* v2) {
|
| - const uint64_t& h1(*(static_cast<const uint64_t*>(v1)));
|
| - const uint64_t& h2(*(static_cast<const uint64_t*>(v2)));
|
| - if (h1 < h2)
|
| - return -1;
|
| - else if (h1 > h2)
|
| - return 1;
|
| - return 0;
|
| -}
|
| -} // namespace
|
| -
|
| -namespace packed_ct_ev_whitelist {
|
| -
|
| -void SetEVCertsWhitelist(scoped_refptr<net::ct::EVCertsWhitelist> whitelist) {
|
| - if (!whitelist->IsValid()) {
|
| - VLOG(1) << "EV Certs whitelist is not valid, not setting.";
|
| - return;
|
| - }
|
| -
|
| - base::Closure assign_cb =
|
| - base::Bind(SetEVWhitelistInSSLConfigService, whitelist);
|
| - content::BrowserThread::PostTask(
|
| - content::BrowserThread::IO, FROM_HERE, assign_cb);
|
| -}
|
| -
|
| -bool PackedEVCertsWhitelist::UncompressEVWhitelist(
|
| - const std::string& compressed_whitelist,
|
| - std::vector<uint64_t>* uncompressed_list) {
|
| - internal::BitStreamReader reader(base::StringPiece(
|
| - compressed_whitelist.data(), compressed_whitelist.size()));
|
| - std::vector<uint64_t> result;
|
| - // Reserve exactly the right amount of memory to avoid reallocs. The size
|
| - // changes very rarely and if it does change the code will still be correct,
|
| - // just slightly less efficient.
|
| - result.reserve(110610);
|
| -
|
| - VLOG(1) << "Uncompressing EV whitelist of size "
|
| - << compressed_whitelist.size();
|
| - uint64_t curr_hash(0);
|
| - if (!reader.ReadBits(kCertHashLengthBits, &curr_hash)) {
|
| - VLOG(1) << "Failed reading first hash.";
|
| - return false;
|
| - }
|
| - result.push_back(curr_hash);
|
| - // M is the tunable parameter used by the Golomb coding.
|
| - static const uint64_t kGolombParameterM = static_cast<uint64_t>(1)
|
| - << kGolombMParameterBits;
|
| -
|
| - while (reader.BitsLeft() > kGolombMParameterBits) {
|
| - uint64_t read_prefix = 0;
|
| - if (!reader.ReadUnaryEncoding(&read_prefix)) {
|
| - VLOG(1) << "Failed reading unary-encoded prefix.";
|
| - return false;
|
| - }
|
| - if (read_prefix > (UINT64_MAX / kGolombParameterM)) {
|
| - VLOG(1) << "Received value that would cause overflow: " << read_prefix;
|
| - return false;
|
| - }
|
| -
|
| - uint64_t r = 0;
|
| - if (!reader.ReadBits(kGolombMParameterBits, &r)) {
|
| - VLOG(1) << "Failed reading " << kGolombMParameterBits << " bits.";
|
| - return false;
|
| - }
|
| - DCHECK_LT(r, kGolombParameterM);
|
| -
|
| - uint64_t curr_diff = read_prefix * kGolombParameterM + r;
|
| - curr_hash += curr_diff;
|
| -
|
| - result.push_back(curr_hash);
|
| - }
|
| -
|
| - // If there is excess capacity then trim it.
|
| - if (result.size() < result.capacity()) {
|
| - std::vector<uint64_t> temp(result.size());
|
| - memcpy(&temp[0], &result[0], result.size() * sizeof(result[0]));
|
| -
|
| - // Swap the right-sized vector with the over-sized vector.
|
| - result.swap(temp);
|
| - }
|
| -
|
| - // Make sure our size trimming code worked.
|
| - DCHECK(result.size() == result.capacity());
|
| -
|
| - uncompressed_list->swap(result);
|
| - return true;
|
| -}
|
| -
|
| -PackedEVCertsWhitelist::PackedEVCertsWhitelist(
|
| - const std::string& compressed_whitelist,
|
| - const base::Version& version)
|
| - : version_(version) {
|
| - if (!UncompressEVWhitelist(compressed_whitelist, &whitelist_)) {
|
| - whitelist_.clear();
|
| - return;
|
| - }
|
| -}
|
| -
|
| -PackedEVCertsWhitelist::~PackedEVCertsWhitelist() {
|
| -}
|
| -
|
| -bool PackedEVCertsWhitelist::ContainsCertificateHash(
|
| - const std::string& certificate_hash) const {
|
| - DCHECK(!whitelist_.empty());
|
| - uint64_t hash_to_lookup;
|
| -
|
| - base::ReadBigEndian(certificate_hash.data(), &hash_to_lookup);
|
| - return bsearch(&hash_to_lookup,
|
| - &whitelist_[0],
|
| - whitelist_.size(),
|
| - kCertHashLength,
|
| - TruncatedHashesComparator) != NULL;
|
| -}
|
| -
|
| -bool PackedEVCertsWhitelist::IsValid() const {
|
| - return whitelist_.size() > 0;
|
| -}
|
| -
|
| -base::Version PackedEVCertsWhitelist::Version() const {
|
| - return version_;
|
| -}
|
| -
|
| -} // namespace packed_ct_ev_whitelist
|
|
|
Chromium Code Reviews
Issue 2937563002:
Remove the EV Certs Whitelist (Closed)
