Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(148)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state_static.h

Issue 55893003: net: trim allowed Google pins now that we have switched to GIAG2. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: ... Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/http/transport_security_state_static.certs » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This file is automatically generated by transport_security_state_static_gener ate.go 5 // This file is automatically generated by transport_security_state_static_gener ate.go
6 6
7 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_ 7 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_
8 #define NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_ 8 #define NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_
9 9
10 // These are SubjectPublicKeyInfo hashes for public key pinning. The 10 // These are SubjectPublicKeyInfo hashes for public key pinning. The
11 // hashes are SHA1 digests. 11 // hashes are SHA1 digests.
12 12
13 static const char kSPKIHash_TestSPKI[] = 13 static const char kSPKIHash_TestSPKI[] =
14 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" 14 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
15 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; 15 "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
16 16
17 static const char kSPKIHash_VeriSignClass3[] = 17 static const char kSPKIHash_VeriSignClass3[] =
18 "\xe2\x7f\x7b\xd8\x77\xd5\xdf\x9e\x0a\x3f" 18 "\xe2\x7f\x7b\xd8\x77\xd5\xdf\x9e\x0a\x3f"
19 "\x9e\xb4\xcb\x0e\x2e\xa9\xef\xdb\x69\x77"; 19 "\x9e\xb4\xcb\x0e\x2e\xa9\xef\xdb\x69\x77";
20 20
21 static const char kSPKIHash_VeriSignClass3_G3[] = 21 static const char kSPKIHash_VeriSignClass3_G3[] =
22 "\x22\xf1\x9e\x2e\xc6\xea\xcc\xfc\x5d\x23" 22 "\x22\xf1\x9e\x2e\xc6\xea\xcc\xfc\x5d\x23"
23 "\x46\xf4\xc2\xe8\xf6\xc5\x54\xdd\x5e\x07"; 23 "\x46\xf4\xc2\xe8\xf6\xc5\x54\xdd\x5e\x07";
24 24
25 static const char kSPKIHash_Google1024[] =
26 "\x40\xc5\x40\x1d\x6f\x8c\xba\xf0\x8b\x00"
27 "\xed\xef\xb1\xee\x87\xd0\x05\xb3\xb9\xcd";
28
29 static const char kSPKIHash_Google2048[] =
30 "\x01\xb9\x21\xc5\x8d\x0b\xdf\x8d\xe0\x29"
31 "\xff\x9c\x92\x2e\xcd\x55\x6a\x7e\xa3\x39";
32
33 static const char kSPKIHash_GoogleBackup1024[] =
34 "\x7d\x5b\xa3\xca\x8e\x37\x65\x1d\x7c\x71"
35 "\xc3\xe3\xb7\x74\xcd\xe9\x7b\x1b\x59\x43";
36
37 static const char kSPKIHash_GoogleBackup2048[] = 25 static const char kSPKIHash_GoogleBackup2048[] =
38 "\xbe\xae\xce\xca\x34\xa7\xa8\xe7\x28\xf6" 26 "\xbe\xae\xce\xca\x34\xa7\xa8\xe7\x28\xf6"
39 "\x7c\x8c\x08\x31\x9d\xcb\xbe\xde\x8a\x33"; 27 "\x7c\x8c\x08\x31\x9d\xcb\xbe\xde\x8a\x33";
40 28
41 static const char kSPKIHash_GoogleG2[] = 29 static const char kSPKIHash_GoogleG2[] =
42 "\x43\xda\xd6\x30\xee\x53\xf8\xa9\x80\xca" 30 "\x43\xda\xd6\x30\xee\x53\xf8\xa9\x80\xca"
43 "\x6e\xfd\x85\xf4\x6a\xa3\x79\x90\xe0\xea"; 31 "\x6e\xfd\x85\xf4\x6a\xa3\x79\x90\xe0\xea";
44 32
45 static const char kSPKIHash_ThawteSGCCA[] =
46 "\x87\x31\xea\x0e\x3d\xf5\xe8\x70\x3e\x83"
47 "\x72\x57\x77\xa9\x65\x3b\x3b\xfa\x5e\x14";
48
49 static const char kSPKIHash_VeriSignClass3SSPIntermediateCA[] =
50 "\x99\x6a\x20\x6a\x85\x57\x62\xcb\x9a\xf2"
51 "\x02\x37\xb3\xc0\x69\x5d\xa9\x1e\xc2\x22";
52
53 static const char kSPKIHash_EquifaxSecureCA[] =
54 "\x48\xe6\x68\xf9\x2b\xd2\xb2\x95\xd7\x47"
55 "\xd8\x23\x20\x10\x4f\x33\x98\x90\x9f\xd4";
56
57 static const char kSPKIHash_Aetna[] =
58 "\x92\x52\xaa\x14\xde\xbf\x80\xae\x30\xaa"
59 "\xd9\x4e\x60\x38\x70\x24\xa5\x43\x2f\x1a";
60
61 static const char kSPKIHash_GeoTrustGlobal[] = 33 static const char kSPKIHash_GeoTrustGlobal[] =
62 "\xc0\x7a\x98\x68\x8d\x89\xfb\xab\x05\x64" 34 "\xc0\x7a\x98\x68\x8d\x89\xfb\xab\x05\x64"
63 "\x0c\x11\x7d\xaa\x7d\x65\xb8\xca\xcc\x4e"; 35 "\x0c\x11\x7d\xaa\x7d\x65\xb8\xca\xcc\x4e";
64 36
65 static const char kSPKIHash_GeoTrustPrimary[] = 37 static const char kSPKIHash_GeoTrustPrimary[] =
66 "\xb0\x19\x89\xe7\xef\xfb\x4a\xaf\xcb\x14" 38 "\xb0\x19\x89\xe7\xef\xfb\x4a\xaf\xcb\x14"
67 "\x8f\x58\x46\x39\x76\x22\x41\x50\xe1\xba"; 39 "\x8f\x58\x46\x39\x76\x22\x41\x50\xe1\xba";
68 40
69 static const char kSPKIHash_Intel[] =
70 "\x0e\xc6\x2a\xf7\x59\xb2\x08\x10\x90\x25"
71 "\x6f\xc3\xdd\xfd\x8a\x66\x31\x30\x2b\xc5";
72
73 static const char kSPKIHash_TCTrustCenter[] =
74 "\x83\x3b\x84\x10\x00\x7f\x6e\x4a\x9d\x41"
75 "\x2d\xc4\x22\x39\x36\x6f\x2e\xe5\x5b\xe9";
76
77 static const char kSPKIHash_Vodafone[] =
78 "\x0d\x7f\xe1\x5c\x55\x14\x36\x68\x99\xfc"
79 "\x40\xd6\x22\x08\xef\x22\xeb\xd1\x15\x1c";
80
81 static const char kSPKIHash_RapidSSL[] = 41 static const char kSPKIHash_RapidSSL[] =
82 "\xa3\x93\x99\xc4\x04\xc3\xb2\x09\xb0\x81" 42 "\xa3\x93\x99\xc4\x04\xc3\xb2\x09\xb0\x81"
83 "\xc2\x1f\x21\x62\x27\x78\xc2\x74\x8e\x4c"; 43 "\xc2\x1f\x21\x62\x27\x78\xc2\x74\x8e\x4c";
84 44
85 static const char kSPKIHash_DigiCertEVRoot[] = 45 static const char kSPKIHash_DigiCertEVRoot[] =
86 "\x83\x31\x7e\x62\x85\x42\x53\xd6\xd7\x78" 46 "\x83\x31\x7e\x62\x85\x42\x53\xd6\xd7\x78"
87 "\x31\x90\xec\x91\x90\x56\xe9\x91\xb9\xe3"; 47 "\x31\x90\xec\x91\x90\x56\xe9\x91\xb9\xe3";
88 48
89 static const char kSPKIHash_DigiCertAssuredIDRoot[] = 49 static const char kSPKIHash_DigiCertAssuredIDRoot[] =
90 "\x68\x33\x0e\x61\x35\x85\x21\x59\x29\x83" 50 "\x68\x33\x0e\x61\x35\x85\x21\x59\x29\x83"
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
261 static const char* const kTestAcceptableCerts[] = { 221 static const char* const kTestAcceptableCerts[] = {
262 kSPKIHash_TestSPKI, 222 kSPKIHash_TestSPKI,
263 NULL, 223 NULL,
264 }; 224 };
265 #define kTestPins { \ 225 #define kTestPins { \
266 kTestAcceptableCerts, \ 226 kTestAcceptableCerts, \
267 kNoRejectedPublicKeys, \ 227 kNoRejectedPublicKeys, \
268 } 228 }
269 229
270 static const char* const kGoogleAcceptableCerts[] = { 230 static const char* const kGoogleAcceptableCerts[] = {
271 kSPKIHash_VeriSignClass3,
272 kSPKIHash_VeriSignClass3_G3,
273 kSPKIHash_Google1024,
274 kSPKIHash_Google2048,
275 kSPKIHash_GoogleBackup1024,
276 kSPKIHash_GoogleBackup2048, 231 kSPKIHash_GoogleBackup2048,
277 kSPKIHash_GoogleG2, 232 kSPKIHash_GoogleG2,
278 kSPKIHash_EquifaxSecureCA,
279 kSPKIHash_GeoTrustGlobal,
280 NULL,
281 };
282 static const char* const kGoogleRejectedCerts[] = {
283 kSPKIHash_Aetna,
284 kSPKIHash_Intel,
285 kSPKIHash_TCTrustCenter,
286 kSPKIHash_Vodafone,
287 kSPKIHash_ThawteSGCCA,
288 kSPKIHash_VeriSignClass3SSPIntermediateCA,
289 NULL, 233 NULL,
290 }; 234 };
291 #define kGooglePins { \ 235 #define kGooglePins { \
292 kGoogleAcceptableCerts, \ 236 kGoogleAcceptableCerts, \
293 kGoogleRejectedCerts, \ 237 kNoRejectedPublicKeys, \
294 } 238 }
295 239
296 static const char* const kTorAcceptableCerts[] = { 240 static const char* const kTorAcceptableCerts[] = {
297 kSPKIHash_RapidSSL, 241 kSPKIHash_RapidSSL,
298 kSPKIHash_DigiCertEVRoot, 242 kSPKIHash_DigiCertEVRoot,
299 kSPKIHash_Tor1, 243 kSPKIHash_Tor1,
300 kSPKIHash_Tor2, 244 kSPKIHash_Tor2,
301 kSPKIHash_Tor3, 245 kSPKIHash_Tor3,
302 NULL, 246 NULL,
303 }; 247 };
(...skipping 597 matching lines...) Expand 10 before | Expand all | Expand 10 after
901 {11, false, "\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM }, 845 {11, false, "\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },
902 {16, false, "\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMAIL_COM }, 846 {16, false, "\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMAIL_COM },
903 {15, false, "\003www\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM }, 847 {15, false, "\003www\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },
904 {20, false, "\003www\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMA IL_COM }, 848 {20, false, "\003www\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMA IL_COM },
905 {22, true, "\020google-analytics\003com", false, kGooglePins, DOMAIN_GOOGLE_AN ALYTICS_COM }, 849 {22, true, "\020google-analytics\003com", false, kGooglePins, DOMAIN_GOOGLE_AN ALYTICS_COM },
906 {18, true, "\014googlegroups\003com", false, kGooglePins, DOMAIN_GOOGLEGROUPS_ COM }, 850 {18, true, "\014googlegroups\003com", false, kGooglePins, DOMAIN_GOOGLEGROUPS_ COM },
907 }; 851 };
908 static const size_t kNumPreloadedSNISTS = ARRAYSIZE_UNSAFE(kPreloadedSNISTS); 852 static const size_t kNumPreloadedSNISTS = ARRAYSIZE_UNSAFE(kPreloadedSNISTS);
909 853
910 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_ 854 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_
OLDNEW
« no previous file with comments | « no previous file | net/http/transport_security_state_static.certs » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698