| // Copyright 2013 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "net/cert/ct_known_logs.h" |
| |
| #include <algorithm> |
| |
| #include "base/logging.h" |
| #include "base/macros.h" |
| #include "crypto/sha2.h" |
| #include "net/cert/ct_known_logs_static.h" |
| |
| #if !defined(OS_NACL) |
| #include "net/cert/ct_log_verifier.h" |
| #endif |
| |
| namespace net { |
| |
| namespace ct { |
| |
| namespace { |
| |
| int log_ids_compare(const char* log_id, const char* lookup_id) { |
| return strncmp(log_id, lookup_id, crypto::kSHA256Length) < 0; |
| } |
| |
| } // namespace |
| |
| #if !defined(OS_NACL) |
| std::vector<scoped_refptr<const CTLogVerifier>> |
| CreateLogVerifiersForKnownLogs() { |
| std::vector<scoped_refptr<const CTLogVerifier>> verifiers; |
| for (size_t i = 0; i < arraysize(kCTLogList); ++i) { |
| const CTLogInfo& log(kCTLogList[i]); |
| base::StringPiece key(log.log_key, log.log_key_length); |
| |
| verifiers.push_back(CTLogVerifier::Create(key, log.log_name, log.log_url)); |
| } |
| |
| return verifiers; |
| } |
| #endif |
| |
| bool IsLogOperatedByGoogle(base::StringPiece log_id) { |
| // No callers should provide a log_id that's not of the expected length |
| // (log IDs are SHA-256 hashes of the key and are always 32 bytes). |
| // Without this DCHECK (i.e. in production) this function would always |
| // return false. |
| DCHECK_EQ(log_id.size(), arraysize(kGoogleLogIDs[0]) - 1); |
| |
| auto p = std::lower_bound(kGoogleLogIDs, kGoogleLogIDs + kNumGoogleLogs, |
| log_id.data(), &log_ids_compare); |
| if ((p == kGoogleLogIDs + kNumGoogleLogs) || |
| log_id != base::StringPiece(*p, crypto::kSHA256Length)) { |
| return false; |
| } |
| |
| return true; |
| } |
| |
| } // namespace ct |
| |
| } // namespace net |
| |