From ce82c057bf25ea69aede1a546eff032ef3a79c45 Mon Sep 17 00:00:00 2001 From: "bryner@chromium.org" Date: Mon, 16 Apr 2012 21:22:19 +0000 Subject: Replace SafeBrowsing MAC with downloads over SSL. BUG=119662 TEST=updated unittests, ran Chrome and verified SB functionality on new profile Review URL: http://codereview.chromium.org/10069031 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@132456 0039d316-1c4b-4281-b951-d872f2087c98 --- chrome/browser/safe_browsing/protocol_parser.cc | 117 +----------------------- 1 file changed, 1 insertion(+), 116 deletions(-) (limited to 'chrome/browser/safe_browsing/protocol_parser.cc') diff --git a/chrome/browser/safe_browsing/protocol_parser.cc b/chrome/browser/safe_browsing/protocol_parser.cc index ba207be..47ef41d 100644 --- a/chrome/browser/safe_browsing/protocol_parser.cc +++ b/chrome/browser/safe_browsing/protocol_parser.cc @@ -44,8 +44,6 @@ SafeBrowsingProtocolParser::SafeBrowsingProtocolParser() { bool SafeBrowsingProtocolParser::ParseGetHash( const char* chunk_data, int chunk_len, - const std::string& key, - bool* re_key, std::vector* full_hashes) { full_hashes->clear(); int length = chunk_len; @@ -53,23 +51,6 @@ bool SafeBrowsingProtocolParser::ParseGetHash( int offset; std::string line; - if (!key.empty()) { - if (!GetLine(data, length, &line)) - return false; // Error! Bad GetHash result. - - if (line == "e:pleaserekey") { - *re_key = true; - return true; - } - - offset = static_cast(line.size()) + 1; - data += offset; - length -= offset; - - if (!safe_browsing_util::VerifyMAC(key, line, data, length)) - return false; - } - while (length > 0) { if (!GetLine(data, length, &line)) return false; @@ -125,9 +106,7 @@ void SafeBrowsingProtocolParser::FormatGetHash( bool SafeBrowsingProtocolParser::ParseUpdate( const char* chunk_data, int chunk_len, - const std::string& key, int* next_update_sec, - bool* re_key, bool* reset, std::vector* deletes, std::vector* chunk_urls) { @@ -141,12 +120,6 @@ bool SafeBrowsingProtocolParser::ParseUpdate( // Populated below. std::string list_name; - // If we requested the MAC, the response must start with a MAC command. - // This test ensures it is present, the value will be verified in the - // switch statement below. - if (!key.empty() && (length < 1 || data[0] != 'm')) - return false; - while (length > 0) { std::string cmd_line; if (!GetLine(data, length, &cmd_line)) @@ -184,50 +157,20 @@ bool SafeBrowsingProtocolParser::ParseUpdate( break; } - case 'e': - if (cmd_parts[1] != "pleaserekey") - return false; - *re_key = true; - break; - case 'i': // The line providing the name of the list (i.e. 'goog-phish-shavar'). list_name = cmd_parts[1]; break; - case 'm': - // Verify that the MAC of the remainer of this chunk is what we expect. - if (!key.empty() && - !safe_browsing_util::VerifyMAC(key, cmd_parts[1], data, length)) - return false; - break; - case 'n': // The line providing the next earliest time (in seconds) to re-query. *next_update_sec = atoi(cmd_parts[1].c_str()); break; case 'u': { - // The redirect command is of the form: u:, where can - // contain multiple colons, commas or any valid URL characters. We scan - // backwards in the string looking for the first ',' we encounter and - // assume that everything before that is the URL and everything after - // is the MAC (if the MAC was requested). - std::string mac; - std::string redirect_url(cmd_line, 2); // Skip the initial "u:". - if (!key.empty()) { - std::string::size_type mac_pos = redirect_url.rfind(','); - if (mac_pos == std::string::npos) - return false; - mac = redirect_url.substr(mac_pos + 1); - redirect_url = redirect_url.substr(0, mac_pos); - } - ChunkUrl chunk_url; - chunk_url.url = redirect_url; + chunk_url.url = cmd_line.substr(2); // Skip the initial "u:". chunk_url.list_name = list_name; - if (!key.empty()) - chunk_url.mac = mac; chunk_urls->push_back(chunk_url); break; } @@ -250,18 +193,10 @@ bool SafeBrowsingProtocolParser::ParseUpdate( bool SafeBrowsingProtocolParser::ParseChunk(const std::string& list_name, const char* data, int length, - const std::string& key, - const std::string& mac, - bool* re_key, SBChunkList* chunks) { int remaining = length; const char* chunk_data = data; - if (!key.empty() && - !safe_browsing_util::VerifyMAC(key, mac, data, length)) { - return false; - } - while (remaining > 0) { std::string cmd_line; if (!GetLine(chunk_data, length, &cmd_line)) @@ -272,15 +207,7 @@ bool SafeBrowsingProtocolParser::ParseChunk(const std::string& list_name, remaining -= line_len; std::vector cmd_parts; base::SplitString(cmd_line, ':', &cmd_parts); - - // Handle a possible re-key command. if (cmd_parts.size() != 4) { - if (cmd_parts.size() == 2 && - cmd_parts[0] == "e" && - cmd_parts[1] == "pleaserekey") { - *re_key = true; - continue; - } return false; } @@ -485,45 +412,3 @@ bool SafeBrowsingProtocolParser::ReadPrefixes( return true; } - -bool SafeBrowsingProtocolParser::ParseNewKey(const char* chunk_data, - int chunk_length, - std::string* client_key, - std::string* wrapped_key) { - DCHECK(client_key && wrapped_key); - client_key->clear(); - wrapped_key->clear(); - - const char* data = chunk_data; - int remaining = chunk_length; - - while (remaining > 0) { - std::string line; - if (!GetLine(data, remaining, &line)) - return false; - - std::vector cmd_parts; - base::SplitString(line, ':', &cmd_parts); - if (cmd_parts.size() != 3) - return false; - - if (static_cast(cmd_parts[2].size()) != atoi(cmd_parts[1].c_str())) - return false; - - if (cmd_parts[0] == "clientkey") { - client_key->assign(cmd_parts[2]); - } else if (cmd_parts[0] == "wrappedkey") { - wrapped_key->assign(cmd_parts[2]); - } else { - return false; - } - - data += line.size() + 1; - remaining -= static_cast(line.size()) + 1; - } - - if (client_key->empty() || wrapped_key->empty()) - return false; - - return true; -} -- cgit v1.1