OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include <limits> | 5 #include <limits> |
6 | 6 |
7 #include "base/base64.h" | 7 #include "base/base64.h" |
| 8 #include "base/stl_util.h" |
8 #include "base/strings/string_piece.h" | 9 #include "base/strings/string_piece.h" |
9 #include "base/strings/string_tokenizer.h" | 10 #include "base/strings/string_tokenizer.h" |
10 #include "base/strings/string_util.h" | 11 #include "base/strings/string_util.h" |
11 #include "net/base/parse_number.h" | 12 #include "net/base/parse_number.h" |
12 #include "net/http/http_security_headers.h" | 13 #include "net/http/http_security_headers.h" |
13 #include "net/http/http_util.h" | 14 #include "net/http/http_util.h" |
14 #include "url/gurl.h" | 15 #include "url/gurl.h" |
15 | 16 |
16 namespace net { | 17 namespace net { |
17 | 18 |
(...skipping 24 matching lines...) Expand all Loading... |
42 *result = limit; | 43 *result = limit; |
43 | 44 |
44 return true; | 45 return true; |
45 } | 46 } |
46 | 47 |
47 // Returns true iff there is an item in |pins| which is not present in | 48 // Returns true iff there is an item in |pins| which is not present in |
48 // |from_cert_chain|. Such an SPKI hash is called a "backup pin". | 49 // |from_cert_chain|. Such an SPKI hash is called a "backup pin". |
49 bool IsBackupPinPresent(const HashValueVector& pins, | 50 bool IsBackupPinPresent(const HashValueVector& pins, |
50 const HashValueVector& from_cert_chain) { | 51 const HashValueVector& from_cert_chain) { |
51 for (const auto& pin : pins) { | 52 for (const auto& pin : pins) { |
52 auto p = std::find(from_cert_chain.begin(), from_cert_chain.end(), pin); | 53 if (!base::ContainsValue(from_cert_chain, pin)) |
53 if (p == from_cert_chain.end()) | |
54 return true; | 54 return true; |
55 } | 55 } |
56 return false; | 56 return false; |
57 } | 57 } |
58 | 58 |
59 // Returns true if the intersection of |a| and |b| is not empty. If either | 59 // Returns true if the intersection of |a| and |b| is not empty. If either |
60 // |a| or |b| is empty, returns false. | 60 // |a| or |b| is empty, returns false. |
61 bool HashesIntersect(const HashValueVector& a, | 61 bool HashesIntersect(const HashValueVector& a, |
62 const HashValueVector& b) { | 62 const HashValueVector& b) { |
63 for (const auto& pin : a) { | 63 for (const auto& pin : a) { |
64 auto p = std::find(b.begin(), b.end(), pin); | 64 if (base::ContainsValue(b, pin)) |
65 if (p != b.end()) | |
66 return true; | 65 return true; |
67 } | 66 } |
68 return false; | 67 return false; |
69 } | 68 } |
70 | 69 |
71 // Returns true iff |pins| contains both a live and a backup pin. A live pin | 70 // Returns true iff |pins| contains both a live and a backup pin. A live pin |
72 // is a pin whose SPKI is present in the certificate chain in |ssl_info|. A | 71 // is a pin whose SPKI is present in the certificate chain in |ssl_info|. A |
73 // backup pin is a pin intended for disaster recovery, not day-to-day use, and | 72 // backup pin is a pin intended for disaster recovery, not day-to-day use, and |
74 // thus must be absent from the certificate chain. The Public-Key-Pins header | 73 // thus must be absent from the certificate chain. The Public-Key-Pins header |
75 // specification requires both. | 74 // specification requires both. |
(...skipping 354 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
430 if (!parsed_max_age) | 429 if (!parsed_max_age) |
431 return false; | 430 return false; |
432 | 431 |
433 *max_age = base::TimeDelta::FromSeconds(max_age_candidate); | 432 *max_age = base::TimeDelta::FromSeconds(max_age_candidate); |
434 *enforce = enforce_candidate; | 433 *enforce = enforce_candidate; |
435 *report_uri = parsed_report_uri; | 434 *report_uri = parsed_report_uri; |
436 return true; | 435 return true; |
437 } | 436 } |
438 | 437 |
439 } // namespace net | 438 } // namespace net |
OLD | NEW |