| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/safe_browsing/safe_browsing_database.h" | 5 #include "chrome/browser/safe_browsing/safe_browsing_database.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <iterator> | 8 #include <iterator> |
| 9 | 9 |
| 10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
| 11 #include "base/metrics/histogram.h" | 11 #include "base/metrics/histogram.h" |
| 12 #include "base/metrics/stats_counters.h" | 12 #include "base/metrics/stats_counters.h" |
| 13 #include "base/time.h" | 13 #include "base/time.h" |
| 14 #include "base/message_loop.h" | 14 #include "base/message_loop.h" |
| 15 #include "base/process_util.h" | 15 #include "base/process_util.h" |
| 16 #include "base/sha2.h" | 16 #include "crypto/sha2.h" |
| 17 #include "chrome/browser/safe_browsing/bloom_filter.h" | 17 #include "chrome/browser/safe_browsing/bloom_filter.h" |
| 18 #include "chrome/browser/safe_browsing/prefix_set.h" | 18 #include "chrome/browser/safe_browsing/prefix_set.h" |
| 19 #include "chrome/browser/safe_browsing/safe_browsing_store_file.h" | 19 #include "chrome/browser/safe_browsing/safe_browsing_store_file.h" |
| 20 #include "content/browser/browser_thread.h" | 20 #include "content/browser/browser_thread.h" |
| 21 #include "googleurl/src/gurl.h" | 21 #include "googleurl/src/gurl.h" |
| 22 | 22 |
| 23 namespace { | 23 namespace { |
| 24 | 24 |
| 25 // Filename suffix for the bloom filter. | 25 // Filename suffix for the bloom filter. |
| 26 const FilePath::CharType kBloomFilterFile[] = FILE_PATH_LITERAL(" Filter 2"); | 26 const FilePath::CharType kBloomFilterFile[] = FILE_PATH_LITERAL(" Filter 2"); |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 64 } | 64 } |
| 65 | 65 |
| 66 // Get the prefix for download url. | 66 // Get the prefix for download url. |
| 67 void GetDownloadUrlPrefix(const GURL& url, SBPrefix* prefix) { | 67 void GetDownloadUrlPrefix(const GURL& url, SBPrefix* prefix) { |
| 68 std::string hostname; | 68 std::string hostname; |
| 69 std::string path; | 69 std::string path; |
| 70 std::string query; | 70 std::string query; |
| 71 safe_browsing_util::CanonicalizeUrl(url, &hostname, &path, &query); | 71 safe_browsing_util::CanonicalizeUrl(url, &hostname, &path, &query); |
| 72 | 72 |
| 73 SBFullHash full_hash; | 73 SBFullHash full_hash; |
| 74 base::SHA256HashString(hostname + path + query, &full_hash, | 74 crypto::SHA256HashString(hostname + path + query, &full_hash, |
| 75 sizeof(full_hash)); | 75 sizeof(full_hash)); |
| 76 *prefix = full_hash.prefix; | 76 *prefix = full_hash.prefix; |
| 77 } | 77 } |
| 78 | 78 |
| 79 // Generate the set of full hashes to check for |url|. If | 79 // Generate the set of full hashes to check for |url|. If |
| 80 // |include_whitelist_hashes| is true we will generate additional path-prefixes | 80 // |include_whitelist_hashes| is true we will generate additional path-prefixes |
| 81 // to match against the csd whitelist. E.g., if the path-prefix /foo is on the | 81 // to match against the csd whitelist. E.g., if the path-prefix /foo is on the |
| 82 // whitelist it should also match /foo/bar which is not the case for all the | 82 // whitelist it should also match /foo/bar which is not the case for all the |
| 83 // other lists. | 83 // other lists. |
| 84 // TODO(shess): This function is almost the same as | 84 // TODO(shess): This function is almost the same as |
| 85 // |CompareFullHashes()| in safe_browsing_util.cc, except that code | 85 // |CompareFullHashes()| in safe_browsing_util.cc, except that code |
| (...skipping 10 matching lines...) Expand all Loading... |
| 96 safe_browsing_util::GenerateHostsToCheck(url, &hosts); | 96 safe_browsing_util::GenerateHostsToCheck(url, &hosts); |
| 97 } | 97 } |
| 98 | 98 |
| 99 std::vector<std::string> paths; | 99 std::vector<std::string> paths; |
| 100 safe_browsing_util::GeneratePathsToCheck(url, &paths); | 100 safe_browsing_util::GeneratePathsToCheck(url, &paths); |
| 101 | 101 |
| 102 for (size_t i = 0; i < hosts.size(); ++i) { | 102 for (size_t i = 0; i < hosts.size(); ++i) { |
| 103 for (size_t j = 0; j < paths.size(); ++j) { | 103 for (size_t j = 0; j < paths.size(); ++j) { |
| 104 const std::string& path = paths[j]; | 104 const std::string& path = paths[j]; |
| 105 SBFullHash full_hash; | 105 SBFullHash full_hash; |
| 106 base::SHA256HashString(hosts[i] + path, &full_hash, | 106 crypto::SHA256HashString(hosts[i] + path, &full_hash, |
| 107 sizeof(full_hash)); | 107 sizeof(full_hash)); |
| 108 full_hashes->push_back(full_hash); | 108 full_hashes->push_back(full_hash); |
| 109 | 109 |
| 110 // We may have /foo as path-prefix in the whitelist which should | 110 // We may have /foo as path-prefix in the whitelist which should |
| 111 // also match with /foo/bar and /foo?bar. Hence, for every path | 111 // also match with /foo/bar and /foo?bar. Hence, for every path |
| 112 // that ends in '/' we also add the path without the slash. | 112 // that ends in '/' we also add the path without the slash. |
| 113 if (include_whitelist_hashes && | 113 if (include_whitelist_hashes && |
| 114 path.size() > 1 && | 114 path.size() > 1 && |
| 115 path[path.size() - 1] == '/') { | 115 path[path.size() - 1] == '/') { |
| 116 base::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1), | 116 crypto::SHA256HashString(hosts[i] + path.substr(0, path.size() - 1), |
| 117 &full_hash, sizeof(full_hash)); | 117 &full_hash, sizeof(full_hash)); |
| 118 full_hashes->push_back(full_hash); | 118 full_hashes->push_back(full_hash); |
| 119 } | 119 } |
| 120 } | 120 } |
| 121 } | 121 } |
| 122 } | 122 } |
| 123 | 123 |
| 124 // Find the entries in |full_hashes| with prefix in |prefix_hits|, and | 124 // Find the entries in |full_hashes| with prefix in |prefix_hits|, and |
| 125 // add them to |full_hits| if not expired. "Not expired" is when | 125 // add them to |full_hits| if not expired. "Not expired" is when |
| 126 // either |last_update| was recent enough, or the item has been | 126 // either |last_update| was recent enough, or the item has been |
| 127 // received recently enough. Expired items are not deleted because a | 127 // received recently enough. Expired items are not deleted because a |
| (...skipping 1162 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1290 } | 1290 } |
| 1291 | 1291 |
| 1292 std::vector<SBFullHash> new_csd_whitelist; | 1292 std::vector<SBFullHash> new_csd_whitelist; |
| 1293 for (std::vector<SBAddFullHash>::const_iterator it = full_hashes.begin(); | 1293 for (std::vector<SBAddFullHash>::const_iterator it = full_hashes.begin(); |
| 1294 it != full_hashes.end(); ++it) { | 1294 it != full_hashes.end(); ++it) { |
| 1295 new_csd_whitelist.push_back(it->full_hash); | 1295 new_csd_whitelist.push_back(it->full_hash); |
| 1296 } | 1296 } |
| 1297 std::sort(new_csd_whitelist.begin(), new_csd_whitelist.end()); | 1297 std::sort(new_csd_whitelist.begin(), new_csd_whitelist.end()); |
| 1298 | 1298 |
| 1299 SBFullHash kill_switch; | 1299 SBFullHash kill_switch; |
| 1300 base::SHA256HashString(kCsdKillSwitchUrl, &kill_switch, sizeof(kill_switch)); | 1300 crypto::SHA256HashString(kCsdKillSwitchUrl, &kill_switch, |
| 1301 sizeof(kill_switch)); |
| 1301 if (std::binary_search(new_csd_whitelist.begin(), new_csd_whitelist.end(), | 1302 if (std::binary_search(new_csd_whitelist.begin(), new_csd_whitelist.end(), |
| 1302 kill_switch)) { | 1303 kill_switch)) { |
| 1303 // The kill switch is whitelisted hence we whitelist all URLs. | 1304 // The kill switch is whitelisted hence we whitelist all URLs. |
| 1304 CsdWhitelistAllUrls(); | 1305 CsdWhitelistAllUrls(); |
| 1305 } else { | 1306 } else { |
| 1306 base::AutoLock locked(lookup_lock_); | 1307 base::AutoLock locked(lookup_lock_); |
| 1307 csd_whitelist_all_urls_ = false; | 1308 csd_whitelist_all_urls_ = false; |
| 1308 csd_whitelist_.swap(new_csd_whitelist); | 1309 csd_whitelist_.swap(new_csd_whitelist); |
| 1309 } | 1310 } |
| 1310 } | 1311 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6805019:
Move crypto files out of base, to a top level directory. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/