Implement SHA-256 fingerprint support

chrome/browser/net/transport_security_persister_unittest.cc

Index: chrome/browser/net/transport_security_persister_unittest.cc
===================================================================
--- chrome/browser/net/transport_security_persister_unittest.cc	(revision 150170)
+++ chrome/browser/net/transport_security_persister_unittest.cc	(working copy)
@@ -6,6 +6,7 @@
 
 #include <map>
 #include <string>
+#include <vector>
 
 #include "base/file_path.h"
 #include "base/file_util.h"
@@ -96,10 +97,12 @@
 
 TEST_F(TransportSecurityPersisterTest, SerializeData3) {
   // Add an entry.
-  net::SHA1Fingerprint fp1;
-  memset(fp1.data, 0, sizeof(fp1.data));
-  net::SHA1Fingerprint fp2;
-  memset(fp2.data, 1, sizeof(fp2.data));
+  net::HashValue fp1;
+  fp1.tag = net::HASH_VALUE_SHA1;
+  memset(fp1.data(), 0, fp1.size());
+  net::HashValue fp2;
+  fp2.tag = net::HASH_VALUE_SHA1;
+  memset(fp2.data(), 1, fp2.size());
   TransportSecurityState::DomainState example_state;
   example_state.upgrade_expiry =
       base::Time::Now() + base::TimeDelta::FromSeconds(1000);
@@ -111,8 +114,8 @@
   state_.EnableHost("www.example.com", example_state);
 
   // Add another entry.
-  memset(fp1.data, 2, sizeof(fp1.data));
-  memset(fp2.data, 3, sizeof(fp2.data));
+  memset(fp1.data(), 2, fp1.size());
+  memset(fp2.data(), 3, fp2.size());
   example_state.upgrade_expiry =
       base::Time::Now() + base::TimeDelta::FromSeconds(3000);
   example_state.upgrade_mode =
@@ -181,17 +184,26 @@
   TransportSecurityState::DomainState domain_state;
   static const char kTestDomain[] = "example.com";
   EXPECT_FALSE(state_.GetDomainState(kTestDomain, false, &domain_state));
-  net::FingerprintVector hashes;
-  EXPECT_TRUE(domain_state.IsChainOfPublicKeysPermitted(hashes));
+  std::vector<net::HashValueVector> hashes;
+  for (size_t i = 0; i < net::HASH_VALUE_TAGS_COUNT; ++i) {
+    net::HashValueVector v;
+    hashes.push_back(v);
+  }
+  EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes));
 
-  net::SHA1Fingerprint hash;
-  memset(hash.data, '1', sizeof(hash.data));
-  domain_state.static_spki_hashes.push_back(hash);
+  net::HashValue sha1;
+  sha1.tag = net::HASH_VALUE_SHA1;
+  memset(sha1.data(), '1', sha1.size());
+  domain_state.static_spki_hashes.push_back(sha1);
 
   EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes));
-  hashes.push_back(hash);
+
+DLOG(WARNING) << hashes[net::HASH_VALUE_SHA1].size();
+  hashes[net::HASH_VALUE_SHA1].push_back(sha1);
+DLOG(WARNING) << hashes[net::HASH_VALUE_SHA1].size();

[wtc, 2012/08/07 15:00:54]

Nit: should these two lines be indented?

   EXPECT_TRUE(domain_state.IsChainOfPublicKeysPermitted(hashes));
-  hashes[0].data[0] = '2';
+
+  hashes[net::HASH_VALUE_SHA1][0].data()[0] = '2';
   EXPECT_FALSE(domain_state.IsChainOfPublicKeysPermitted(hashes));
 
   const base::Time current_time(base::Time::Now());
@@ -204,8 +216,9 @@
   EXPECT_TRUE(persister_->LoadEntries(ser, &dirty));
   EXPECT_TRUE(state_.GetDomainState(kTestDomain, false, &domain_state));
   EXPECT_EQ(1u, domain_state.static_spki_hashes.size());
-  EXPECT_EQ(0, memcmp(domain_state.static_spki_hashes[0].data, hash.data,
-                      sizeof(hash.data)));
+  EXPECT_EQ(sha1.tag, domain_state.static_spki_hashes[0].tag);
+  EXPECT_EQ(0, memcmp(domain_state.static_spki_hashes[0].data(), sha1.data(),
+                      sha1.size()));
 }
 
 TEST_F(TransportSecurityPersisterTest, ForcePreloads) {