Certificate Transparency: Code for unpacking EV cert hashes whitelist

chrome/browser/net/packed_ct_ev_whitelist.h

Index: chrome/browser/net/packed_ct_ev_whitelist.h
diff --git a/chrome/browser/net/packed_ct_ev_whitelist.h b/chrome/browser/net/packed_ct_ev_whitelist.h
new file mode 100644
index 0000000000000000000000000000000000000000..962863be822208b0540a6f22ebd55c3fe2e72f0e
--- /dev/null
+++ b/chrome/browser/net/packed_ct_ev_whitelist.h
@@ -0,0 +1,111 @@
+// Copyright 2014 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_NET_PACKED_CT_EV_WHITELIST_H_
+#define CHROME_BROWSER_NET_PACKED_CT_EV_WHITELIST_H_
+
+#include <stdint.h>
+
+#include <set>
+#include <string>
+
+#include "base/gtest_prod_util.h"
+#include "base/memory/ref_counted.h"
+#include "base/strings/string_piece.h"
+#include "net/cert/ct_ev_whitelist.h"
+
+namespace base {
+class FilePath;
+}
+
+namespace net {
+class SSLConfigService;
+}  // namespace net
+
+namespace internal {
+
+// A class for reading individual bits from a buffer of bytes they are packed
+// into. Bits are read MSB-first from the stream.
+// It is limited to 64-bit reads and is inefficient as a design choice - Since
+// it is used infrequently to unpack the Golomb-coded EV certificate hashes
+// whitelist in a blocking thread.
+class BitStreamReader {

[Ryan Sleevi, 2014/10/01 20:15:42]

Split into separate files?

[Eran Messeri, 2014/10/03 12:00:11]

Done.

+ public:
+  explicit BitStreamReader(const base::StringPiece& source);
+
+  // Reads unary-encoded number into |out|. Returns true if
+  // there was at least one bit to read, false otherwise.
+  bool ReadUnaryEncoding(uint64_t* out);
+
+  // Reads |num_bits| (up to 64) into |out|. |out| is filled from the MSB to the
+  // LSB. If |num_bits| is less than 64, the most significant |64 - num_bits|
+  // bits are unused and left as zeros. Returns true if the stream had the
+  // requested |num_bits|, false otherwise.
+  bool ReadBits(uint8_t num_bits, uint64_t* out);
+
+  // Returns the number of bits left in the stream.
+  uint64_t BitsLeft() const;
+
+ private:
+  // Reads a single bit. Within a byte, the bits are read from the MSB to the
+  // LSB.
+  uint8_t ReadBit();
+
+  const base::StringPiece source_;
+
+  // Index of the byte currently being read from.
+  uint64_t current_byte_;
+
+  // Index of the last bit read within |current_byte_|. Since bits are read
+  // from the MSB to the LSB, this value is initialized to 7 and decremented
+  // after each read.
+  int8 current_bit_;
+};
+
+}  // namespace internal
+
+class PackedEVCertsWhitelist : public net::ct::EVCertsWhitelist {
+ public:
+  explicit PackedEVCertsWhitelist(const std::string& compressed_whitelist);
+
+  // Returns true if the |certificate_hash| appears in the EV certificate hashes
+  // whitelist.
+  virtual bool ContainsCertificateHash(
+      const std::string& certificate_hash) const OVERRIDE;
+
+  // Returns true if the global EV certificate hashes whitelist is non-empty,
+  // false otherwise.
+  virtual bool IsValid() const OVERRIDE;
+
+ protected:
+  virtual ~PackedEVCertsWhitelist();
+  // Given a Golomb-coded list of hashes in |compressed_whitelist|, unpack into
+  // |uncompressed_list|. Returns true if the format of the compressed whitelist
+  // is valid, false otherwise.
+  static bool UncompressEVWhitelist(const std::string& compressed_whitelist,
+                                    std::set<std::string>* uncompressed_list);
+
+  FRIEND_TEST_ALL_PREFIXES(PackedEVCertsWhitelistTest,
+                           UncompressFailsForTooShortList);
+  FRIEND_TEST_ALL_PREFIXES(PackedEVCertsWhitelistTest,
+                           UncompressFailsForTruncatedList);
+  FRIEND_TEST_ALL_PREFIXES(PackedEVCertsWhitelistTest,
+                           UncompressesWhitelistCorrectly);
+
+ private:
+  friend class base::RefCountedThreadSafe<net::ct::EVCertsWhitelist>;
+
+  bool is_whitelist_valid_;
+  std::set<std::string> whitelist_;
+};
+
+// Sets the EV certificate hashes whitelist from |compressed_whitelist_file|
+// in |ssl_config_service|, after uncompressing it.
+// If the data in |compressed_whitelist_file| is not a valid compressed
+// whitelist, does nothing.
+void SetEVWhitelistFromFile(
+    const base::FilePath& compressed_whitelist_file,
+    scoped_refptr<net::SSLConfigService> ssl_config_service);
+
+#endif  // CHROME_BROWSER_NET_PACKED_CT_EV_WHITELIST_H_