net/http/transport_security_state_static.h - Issue 23523051: Blacklist semi-private intermediate issuers from issuing for Google domains.

Side by Side Diff: net/http/transport_security_state_static.h

Issue 23523051: Blacklist semi-private intermediate issuers from issuing for Google domains. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 7 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 // This file is automatically generated by transport_security_state_static_gener ate.go	5 // This file is automatically generated by transport_security_state_static_gener ate.go

6	6

7 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_	7 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_

8 #define NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_	8 #define NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_

9	9

10 // These are SubjectPublicKeyInfo hashes for public key pinning. The	10 // These are SubjectPublicKeyInfo hashes for public key pinning. The

(...skipping 28 matching lines...) Expand all Loading...
39 "\x7c\x8c\x08\x31\x9d\xcb\xbe\xde\x8a\x33";	39 "\x7c\x8c\x08\x31\x9d\xcb\xbe\xde\x8a\x33";

40	40

41 static const char kSPKIHash_GoogleG2[] =	41 static const char kSPKIHash_GoogleG2[] =

42 "\x43\xda\xd6\x30\xee\x53\xf8\xa9\x80\xca"	42 "\x43\xda\xd6\x30\xee\x53\xf8\xa9\x80\xca"

43 "\x6e\xfd\x85\xf4\x6a\xa3\x79\x90\xe0\xea";	43 "\x6e\xfd\x85\xf4\x6a\xa3\x79\x90\xe0\xea";

44	44

45 static const char kSPKIHash_ThawteSGCCA[] =	45 static const char kSPKIHash_ThawteSGCCA[] =

46 "\x87\x31\xea\x0e\x3d\xf5\xe8\x70\x3e\x83"	46 "\x87\x31\xea\x0e\x3d\xf5\xe8\x70\x3e\x83"

47 "\x72\x57\x77\xa9\x65\x3b\x3b\xfa\x5e\x14";	47 "\x72\x57\x77\xa9\x65\x3b\x3b\xfa\x5e\x14";

48	48

	49 static const char kSPKIHash_VeriSignClass3SSPIntermediateCA[] =

	50 "\x99\x6a\x20\x6a\x85\x57\x62\xcb\x9a\xf2"

	51 "\x02\x37\xb3\xc0\x69\x5d\xa9\x1e\xc2\x22";

	52

49 static const char kSPKIHash_EquifaxSecureCA[] =	53 static const char kSPKIHash_EquifaxSecureCA[] =

50 "\x48\xe6\x68\xf9\x2b\xd2\xb2\x95\xd7\x47"	54 "\x48\xe6\x68\xf9\x2b\xd2\xb2\x95\xd7\x47"

51 "\xd8\x23\x20\x10\x4f\x33\x98\x90\x9f\xd4";	55 "\xd8\x23\x20\x10\x4f\x33\x98\x90\x9f\xd4";

52	56

53 static const char kSPKIHash_Aetna[] =	57 static const char kSPKIHash_Aetna[] =

54 "\x92\x52\xaa\x14\xde\xbf\x80\xae\x30\xaa"	58 "\x92\x52\xaa\x14\xde\xbf\x80\xae\x30\xaa"

55 "\xd9\x4e\x60\x38\x70\x24\xa5\x43\x2f\x1a";	59 "\xd9\x4e\x60\x38\x70\x24\xa5\x43\x2f\x1a";

56	60

57 static const char kSPKIHash_GeoTrustGlobal[] =	61 static const char kSPKIHash_GeoTrustGlobal[] =

58 "\xc0\x7a\x98\x68\x8d\x89\xfb\xab\x05\x64"	62 "\xc0\x7a\x98\x68\x8d\x89\xfb\xab\x05\x64"

(...skipping 211 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
270 kSPKIHash_EquifaxSecureCA,	274 kSPKIHash_EquifaxSecureCA,

271 kSPKIHash_GeoTrustGlobal,	275 kSPKIHash_GeoTrustGlobal,

272 NULL,	276 NULL,

273 };	277 };

274 static const char* const kGoogleRejectedCerts[] = {	278 static const char* const kGoogleRejectedCerts[] = {

275 kSPKIHash_Aetna,	279 kSPKIHash_Aetna,

276 kSPKIHash_Intel,	280 kSPKIHash_Intel,

277 kSPKIHash_TCTrustCenter,	281 kSPKIHash_TCTrustCenter,

278 kSPKIHash_Vodafone,	282 kSPKIHash_Vodafone,

279 kSPKIHash_ThawteSGCCA,	283 kSPKIHash_ThawteSGCCA,

	284 kSPKIHash_VeriSignClass3SSPIntermediateCA,

280 NULL,	285 NULL,

281 };	286 };

282 #define kGooglePins { \	287 #define kGooglePins { \

283 kGoogleAcceptableCerts, \	288 kGoogleAcceptableCerts, \

284 kGoogleRejectedCerts, \	289 kGoogleRejectedCerts, \

285 }	290 }

286	291

287 static const char* const kTorAcceptableCerts[] = {	292 static const char* const kTorAcceptableCerts[] = {

288 kSPKIHash_RapidSSL,	293 kSPKIHash_RapidSSL,

289 kSPKIHash_DigiCertEVRoot,	294 kSPKIHash_DigiCertEVRoot,

(...skipping 579 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
869 {11, false, "\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },	874 {11, false, "\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },

870 {16, false, "\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMAIL_COM },	875 {16, false, "\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMAIL_COM },

871 {15, false, "\003www\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },	876 {15, false, "\003www\005gmail\003com", true, kGooglePins, DOMAIN_GMAIL_COM },

872 {20, false, "\003www\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMA IL_COM },	877 {20, false, "\003www\012googlemail\003com", true, kGooglePins, DOMAIN_GOOGLEMA IL_COM },

873 {22, true, "\020google-analytics\003com", false, kGooglePins, DOMAIN_GOOGLE_AN ALYTICS_COM },	878 {22, true, "\020google-analytics\003com", false, kGooglePins, DOMAIN_GOOGLE_AN ALYTICS_COM },

874 {18, true, "\014googlegroups\003com", false, kGooglePins, DOMAIN_GOOGLEGROUPS_ COM },	879 {18, true, "\014googlegroups\003com", false, kGooglePins, DOMAIN_GOOGLEGROUPS_ COM },

875 };	880 };

876 static const size_t kNumPreloadedSNISTS = ARRAYSIZE_UNSAFE(kPreloadedSNISTS);	881 static const size_t kNumPreloadedSNISTS = ARRAYSIZE_UNSAFE(kPreloadedSNISTS);

877	882

878 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_	883 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_STATIC_H_

OLD	NEW

« no previous file with comments | « net/cert/cert_verify_proc.cc ('k') | net/http/transport_security_state_static.certs » ('j') | no next file with comments »