| Index: net/base/x509_cert_types.h
|
| ===================================================================
|
| --- net/base/x509_cert_types.h (revision 155029)
|
| +++ net/base/x509_cert_types.h (working copy)
|
| @@ -11,6 +11,7 @@
|
| #include <string>
|
| #include <vector>
|
|
|
| +#include "base/logging.h"
|
| #include "base/string_piece.h"
|
| #include "build/build_config.h"
|
| #include "net/base/net_export.h"
|
| @@ -28,32 +29,84 @@
|
| class X509Certificate;
|
|
|
| // SHA-1 fingerprint (160 bits) of a certificate.
|
| -struct NET_EXPORT SHA1Fingerprint {
|
| - bool Equals(const SHA1Fingerprint& other) const {
|
| +struct NET_EXPORT SHA1HashValue {
|
| + bool Equals(const SHA1HashValue& other) const {
|
| return memcmp(data, other.data, sizeof(data)) == 0;
|
| }
|
|
|
| unsigned char data[20];
|
| };
|
|
|
| -// In the future there will be a generic Fingerprint type, with at least two
|
| -// implementations: SHA1 and SHA256. See http://crbug.com/117914. Until that
|
| -// work is done (in a separate patch) this typedef bridges the gap.
|
| -typedef SHA1Fingerprint Fingerprint;
|
| +class NET_EXPORT SHA1HashValueLessThan {
|
| + public:
|
| + bool operator()(const SHA1HashValue& lhs,
|
| + const SHA1HashValue& rhs) const {
|
| + return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
|
| + }
|
| +};
|
|
|
| -typedef std::vector<Fingerprint> FingerprintVector;
|
| +struct NET_EXPORT SHA256HashValue {
|
| + bool Equals(const SHA256HashValue& other) const {
|
| + return memcmp(data, other.data, sizeof(data)) == 0;
|
| + }
|
|
|
| -class NET_EXPORT SHA1FingerprintLessThan {
|
| + unsigned char data[32];
|
| +};
|
| +
|
| +class NET_EXPORT SHA256HashValueLessThan {
|
| public:
|
| - bool operator() (const SHA1Fingerprint& lhs,
|
| - const SHA1Fingerprint& rhs) const {
|
| + bool operator()(const SHA256HashValue& lhs,
|
| + const SHA256HashValue& rhs) const {
|
| return memcmp(lhs.data, rhs.data, sizeof(lhs.data)) < 0;
|
| }
|
| };
|
|
|
| +enum HashValueTag {
|
| + HASH_VALUE_SHA1,
|
| + HASH_VALUE_SHA256,
|
| +
|
| + // This must always be last.
|
| + HASH_VALUE_TAGS_COUNT
|
| +};
|
| +
|
| +class NET_EXPORT HashValue {
|
| + public:
|
| + explicit HashValue(HashValueTag tag) : tag(tag) {}
|
| + HashValue() : tag(HASH_VALUE_SHA1) {}
|
| +
|
| + bool Equals(const HashValue& other) const;
|
| + size_t size() const;
|
| + unsigned char* data();
|
| + const unsigned char* data() const;
|
| +
|
| + HashValueTag tag;
|
| +
|
| + private:
|
| + union {
|
| + SHA1HashValue sha1;
|
| + SHA256HashValue sha256;
|
| + } fingerprint;
|
| +};
|
| +
|
| +class NET_EXPORT HashValueLessThan {
|
| + public:
|
| + bool operator()(const HashValue& lhs,
|
| + const HashValue& rhs) const {
|
| + size_t lhs_size = lhs.size();
|
| + size_t rhs_size = rhs.size();
|
| +
|
| + if (lhs_size != rhs_size)
|
| + return lhs_size < rhs_size;
|
| +
|
| + return memcmp(lhs.data(), rhs.data(), lhs_size) < 0;
|
| + }
|
| +};
|
| +
|
| +typedef std::vector<HashValue> HashValueVector;
|
| +
|
| // IsSHA1HashInSortedArray returns true iff |hash| is in |array|, a sorted
|
| // array of SHA1 hashes.
|
| -bool NET_EXPORT IsSHA1HashInSortedArray(const SHA1Fingerprint& hash,
|
| +bool NET_EXPORT IsSHA1HashInSortedArray(const SHA1HashValue& hash,
|
| const uint8* array,
|
| size_t array_byte_len);
|
|
|
| @@ -130,10 +183,10 @@
|
|
|
| private:
|
| // The set of fingerprints of allowed certificates.
|
| - std::set<SHA1Fingerprint, SHA1FingerprintLessThan> allowed_;
|
| + std::set<SHA1HashValue, SHA1HashValueLessThan> allowed_;
|
|
|
| // The set of fingerprints of denied certificates.
|
| - std::set<SHA1Fingerprint, SHA1FingerprintLessThan> denied_;
|
| + std::set<SHA1HashValue, SHA1HashValueLessThan> denied_;
|
| };
|
|
|
| #if defined(OS_MACOSX) && !defined(OS_IOS)
|
|
|
Chromium Code Reviews
Issue 10826257:
Implement SHA-256 fingerprint support (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/