Support SHA-256 in public key pins for HTTPS.

The HTTP-based Public Key Pinning Internet Draft (tools.ietf.org/html/draft-ietf-websec-key-pinning) requires this. Per wtc, give the *Fingeprint* types more meaningful *HashValue* names. Cleaning up lint along the way. BUG=117914 TEST=net_unittests, unit_tests TransportSecurityPersisterTest Review URL: https://chromiumcodereview.appspot.com/10545166 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@149261 0039d316-1c4b-4281-b951-d872f2087c98
author: palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-07-31 20:15:57 +0000
committer: palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> 2012-07-31 20:15:57 +0000
commit: 18fb0c3b499607a6890c844f5bba2019159b26d0 (patch)
tree: 7a31b3c0bea4c24af258ba0dbcce84df5a00137f /chrome/browser/net/transport_security_persister.cc
parent: f6a37b54c1e97fa7774d9b12aacc5848bcd02aea (diff)
download: chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.zip
chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.tar.gz
chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.tar.bz2
1 files changed, 23 insertions, 9 deletions
diff --git a/chrome/browser/net/transport_security_persister.cc b/chrome/browser/net/transport_security_persister.cc
index 76bc514..c6a27d2 100644
--- a/chrome/browser/net/transport_security_persister.cc
+++ b/chrome/browser/net/transport_security_persister.cc
@@ -20,32 +20,46 @@
 #include "net/base/x509_certificate.h"
 
 using content::BrowserThread;
-using net::Fingerprint;
-using net::FingerprintVector;
+using net::HashValue;
+using net::HashValueTag;
+using net::HashValueVector;
 using net::TransportSecurityState;
 
 namespace {
 
-ListValue* SPKIHashesToListValue(const FingerprintVector& hashes) {
+ListValue* SPKIHashesToListValue(const HashValueVector& hashes) {
   ListValue* pins = new ListValue;
 
-  for (FingerprintVector::const_iterator i = hashes.begin();
+  for (HashValueVector::const_iterator i = hashes.begin();
        i != hashes.end(); ++i) {
-    std::string hash_str(reinterpret_cast<const char*>(i->data),
-                         sizeof(i->data));
+    std::string label;
+    switch (i->tag) {
+      case net::HASH_VALUE_SHA1:
+        label = "sha1/";
+        break;
+      case net::HASH_VALUE_SHA256:
+        label = "sha256/";
+        break;
+      default:
+        LOG(WARNING) << "Skipping invalid fingerprint with unknown type "
+                     << i->tag;
+        continue;
+    }
+
+    std::string hash_str(reinterpret_cast<const char*>(i->data()), i->size());
     std::string b64;
     base::Base64Encode(hash_str, &b64);
-    pins->Append(new StringValue("sha1/" + b64));
+    pins->Append(new StringValue(label + b64));
   }
 
   return pins;
 }
 
-void SPKIHashesFromListValue(const ListValue& pins, FingerprintVector* hashes) {
+void SPKIHashesFromListValue(const ListValue& pins, HashValueVector* hashes) {
   size_t num_pins = pins.GetSize();
   for (size_t i = 0; i < num_pins; ++i) {
     std::string type_and_base64;
-    Fingerprint fingerprint;
+    HashValue fingerprint;
     if (pins.GetString(i, &type_and_base64) &&
         TransportSecurityState::ParsePin(type_and_base64, &fingerprint)) {
       hashes->push_back(fingerprint);
author	palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-07-31 20:15:57 +0000
committer	palmer@chromium.org <palmer@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98>	2012-07-31 20:15:57 +0000
commit	18fb0c3b499607a6890c844f5bba2019159b26d0 (patch)
tree	7a31b3c0bea4c24af258ba0dbcce84df5a00137f /chrome/browser/net/transport_security_persister.cc
parent	f6a37b54c1e97fa7774d9b12aacc5848bcd02aea (diff)
download	chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.zip chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.tar.gz chromium_src-18fb0c3b499607a6890c844f5bba2019159b26d0.tar.bz2