OLD | NEW |
---|---|
(Empty) | |
1 // Copyright 2014 The Chromium Authors. All rights reserved. | |
2 // Use of this source code is governed by a BSD-style license that can be | |
3 // found in the LICENSE file. | |
4 | |
5 #ifndef NET_CERT_CT_EV_WHITELIST_H_ | |
6 #define NET_CERT_CT_EV_WHITELIST_H_ | |
7 | |
8 #include <set> | |
9 #include <string> | |
10 | |
11 #include "base/files/file_path.h" | |
12 #include "net/base/net_export.h" | |
13 | |
14 namespace net { | |
15 | |
16 namespace ct { | |
17 | |
18 namespace internal { | |
19 | |
20 // Abstraction over a stream of bits, to be read independently | |
21 // of the bytes they're packed into. Bits are read MSB-first from the stream. | |
22 // It is limited to 64-bit reads and is inefficient as a design choice - Since | |
23 // it is used infrequently to unpack the Golomb-coded EV certificate hashes | |
24 // whitelist in a blocking thread. | |
Ryan Sleevi
2014/09/08 19:48:00
First glance: This comment needs serious rewording
Eran Messeri
2014/09/10 12:42:25
Tried re-wording it a bit, although I think that t
| |
25 // | |
26 // This class is declared here so it can be tested. | |
Ryan Sleevi
2014/09/08 19:48:00
Delete this comment (and then line 25)
Eran Messeri
2014/09/10 12:42:24
Done.
| |
27 class NET_EXPORT_PRIVATE BitStreamReader { | |
28 public: | |
29 BitStreamReader(const char* source, size_t length); | |
Ryan Sleevi
2014/09/08 19:48:00
Design choice: Why not base::StringPiece as our pr
Eran Messeri
2014/09/10 12:42:25
Done. Note that the implication is copying the dat
| |
30 | |
31 // Reads unary-encoded number into |out|. Returns true if | |
32 // there was at least one bit to read, false otherwise. | |
33 bool ReadUnaryEncoding(uint64* out); | |
Ryan Sleevi
2014/09/08 19:48:00
1) #include <stdint.h>
2) uint64_t as the type
3)
Eran Messeri
2014/09/10 12:42:24
Done.
| |
34 // Reads |num_bits| (up to 64) into |out|. |out| is filled from the MSB to the | |
35 // LSB. If |num_bits| is less than 64, the most significant |64 - num_bits| | |
36 // bits are unused and left as zeros. Returns true if the stream had the | |
37 // requested |num_bits|, false otherwise. | |
38 bool ReadBits(uint8 num_bits, uint64* out); | |
Ryan Sleevi
2014/09/08 19:48:00
1) uint8_t, uint64_t
2) newline before line 39
Eran Messeri
2014/09/10 12:42:25
Done.
| |
39 // Returns the number of bits left in the stream. | |
40 uint64 BitsLeft() const; | |
41 | |
42 private: | |
43 // Reads a single bit. Within a byte, the bits are read from the MSB to the | |
44 // LSB. | |
45 uint8 ReadBit(); | |
46 | |
47 const char* const source_; | |
48 const size_t length_; | |
49 | |
50 // Index of the byte currently being read from. | |
51 uint64 current_byte_; | |
52 // Index of the last bit read within |current_byte_|. Since bits are read | |
Ryan Sleevi
2014/09/08 19:48:00
newline between 51/52
Eran Messeri
2014/09/10 12:42:24
Done.
| |
53 // from the MSB to the LSB, this value is initialized to 7 and decremented | |
54 // after each read. | |
55 int8 current_bit_; | |
56 }; | |
57 | |
58 // Given a Golomb-coded list of hashes in |compressed_whitelist|, unpack into | |
59 // |uncompressed_list|. Returns true if the format of the compressed whitelist | |
60 // is valid, false otherwise. | |
61 NET_EXPORT_PRIVATE bool UncompressEVWhitelist( | |
62 const std::string& compressed_whitelist, | |
63 std::set<std::string>* uncompressed_list); | |
Ryan Sleevi
2014/09/08 19:48:00
From an API design, it seems a very design-limitin
Eran Messeri
2014/09/10 12:42:25
Done - created a class for the EV whitelist data.
| |
64 | |
65 // Sets the given |ev_whitelist| into the global context. | |
66 // Note that |ev_whitelist| will contain the old EV whitelist data after this | |
67 // call as the implementation is using set::swap() to efficiently switch the | |
68 // sets. | |
69 NET_EXPORT_PRIVATE void SetEVWhitelistData(std::set<std::string>& ev_whitelist); | |
70 | |
71 } // namespace internal | |
72 | |
73 // Sets the global EV certificate hashes whitelist from | |
74 // |compressed_whitelist_file| in the global context, after uncompressing it. | |
75 // If the data in |compressed_whitelist_file| is not a valid compressed | |
76 // whitelist, does nothing. | |
77 NET_EXPORT void SetEVWhitelistFromFile( | |
Ryan Sleevi
2014/09/08 19:48:00
This being a global in the //net layer is also a r
Eran Messeri
2014/09/10 12:42:24
As we discussed offline, I've switched to the mode
| |
78 const base::FilePath& compressed_whitelist_file); | |
79 | |
80 // Returns true if the |certificate_hash| appears in the EV certificate hashes | |
81 // whitelist. | |
82 NET_EXPORT bool IsCertificateHashInWhitelist( | |
83 const std::string& certificate_hash); | |
84 | |
85 // Returns true if the global EV certificate hashes whitelist is non-empty, | |
86 // false otherwise. | |
87 NET_EXPORT bool HasValidEVWhitelist(); | |
88 | |
89 } // namespace ct | |
90 | |
91 } // namespace net | |
92 | |
93 #endif // NET_CERT_CT_EV_WHITELIST_H_ | |
OLD | NEW |