Update the CT Known Logs implementation to C++11
While adding some new code, some low-hanging cleanups
were noted. The comparison function was using the wrong
signature (int v bool), named not according to the style guide, and some preconditions could have been strengthened. Embrace the C++11 and lambda-fy it +
simplify it.
BUG=none
[email protected]
[email protected]
Review URL: https://codereview.chromium.org/1885563005
Cr-Commit-Position: refs/heads/master@{#387512}
diff --git a/chrome/browser/component_updater/sth_set_component_installer.cc b/chrome/browser/component_updater/sth_set_component_installer.cc
index d26c8784..6c63be4 100644
--- a/chrome/browser/component_updater/sth_set_component_installer.cc
+++ b/chrome/browser/component_updater/sth_set_component_installer.cc
@@ -19,7 +19,6 @@
#include "components/safe_json/safe_json_parser.h"
#include "content/public/browser/browser_thread.h"
#include "crypto/sha2.h"
-#include "net/cert/ct_known_logs_static.h"
#include "net/cert/ct_log_response_parser.h"
#include "net/cert/signed_tree_head.h"
#include "net/cert/sth_distributor.h"
diff --git a/chrome/browser/io_thread.cc b/chrome/browser/io_thread.cc
index cd55393e..33d6ba4 100644
--- a/chrome/browser/io_thread.cc
+++ b/chrome/browser/io_thread.cc
@@ -67,7 +67,6 @@
#include "net/cert/cert_verifier.h"
#include "net/cert/cert_verify_proc.h"
#include "net/cert/ct_known_logs.h"
-#include "net/cert/ct_known_logs_static.h"
#include "net/cert/ct_log_verifier.h"
#include "net/cert/ct_policy_enforcer.h"
#include "net/cert/ct_verifier.h"
diff --git a/ios/chrome/browser/ios_chrome_io_thread.mm b/ios/chrome/browser/ios_chrome_io_thread.mm
index 862fc42..763c028 100644
--- a/ios/chrome/browser/ios_chrome_io_thread.mm
+++ b/ios/chrome/browser/ios_chrome_io_thread.mm
@@ -49,7 +49,6 @@
#include "net/cert/cert_verifier.h"
#include "net/cert/cert_verify_proc.h"
#include "net/cert/ct_known_logs.h"
-#include "net/cert/ct_known_logs_static.h"
#include "net/cert/ct_log_verifier.h"
#include "net/cert/ct_policy_enforcer.h"
#include "net/cert/ct_verifier.h"
diff --git a/net/cert/ct_known_logs.cc b/net/cert/ct_known_logs.cc
index eddeb55..03c51c9 100644
--- a/net/cert/ct_known_logs.cc
+++ b/net/cert/ct_known_logs.cc
@@ -4,12 +4,15 @@
#include "net/cert/ct_known_logs.h"
+#include <stddef.h>
+#include <string.h>
+
#include <algorithm>
+#include <iterator>
#include "base/logging.h"
#include "base/macros.h"
#include "crypto/sha2.h"
-#include "net/cert/ct_known_logs_static.h"
#if !defined(OS_NACL)
#include "net/cert/ct_log_verifier.h"
@@ -21,9 +24,7 @@
namespace {
-int log_ids_compare(const char* log_id, const char* lookup_id) {
- return strncmp(log_id, lookup_id, crypto::kSHA256Length) < 0;
-}
+#include "net/cert/ct_known_logs_static-inc.h"
} // namespace
@@ -31,10 +32,8 @@
std::vector<scoped_refptr<const CTLogVerifier>>
CreateLogVerifiersForKnownLogs() {
std::vector<scoped_refptr<const CTLogVerifier>> verifiers;
- for (size_t i = 0; i < arraysize(kCTLogList); ++i) {
- const CTLogInfo& log(kCTLogList[i]);
+ for (const auto& log : kCTLogList) {
base::StringPiece key(log.log_key, log.log_key_length);
-
verifiers.push_back(CTLogVerifier::Create(key, log.log_name, log.log_url));
// Make sure no null logs enter verifiers. Parsing of all known logs should
// succeed.
@@ -46,20 +45,12 @@
#endif
bool IsLogOperatedByGoogle(base::StringPiece log_id) {
- // No callers should provide a log_id that's not of the expected length
- // (log IDs are SHA-256 hashes of the key and are always 32 bytes).
- // Without this DCHECK (i.e. in production) this function would always
- // return false.
- DCHECK_EQ(log_id.size(), arraysize(kGoogleLogIDs[0]) - 1);
+ CHECK_EQ(log_id.size(), crypto::kSHA256Length);
- auto p = std::lower_bound(kGoogleLogIDs, kGoogleLogIDs + kNumGoogleLogs,
- log_id.data(), &log_ids_compare);
- if ((p == kGoogleLogIDs + kNumGoogleLogs) ||
- log_id != base::StringPiece(*p, crypto::kSHA256Length)) {
- return false;
- }
-
- return true;
+ return std::binary_search(std::begin(kGoogleLogIDs), std::end(kGoogleLogIDs),
+ log_id.data(), [](const char* a, const char* b) {
+ return memcmp(a, b, crypto::kSHA256Length) < 0;
+ });
}
} // namespace ct
diff --git a/net/cert/ct_known_logs_static.h b/net/cert/ct_known_logs_static-inc.h
similarity index 85%
rename from net/cert/ct_known_logs_static.h
rename to net/cert/ct_known_logs_static-inc.h
index 8452ece..f3c5592 100644
--- a/net/cert/ct_known_logs_static.h
+++ b/net/cert/ct_known_logs_static-inc.h
@@ -2,12 +2,6 @@
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
-// This file is generated by print_log_list.py
-#ifndef NET_CERT_CT_KNOWN_LOGS_STATIC_H_
-#define NET_CERT_CT_KNOWN_LOGS_STATIC_H_
-
-#include <stddef.h>
-
struct CTLogInfo {
const char* const log_key;
const size_t log_key_length;
@@ -22,63 +16,49 @@
"\x0c\xe8\x41\x46\xe8\x81\x01\x1b\x15\xe1\x4b\xf1\x1b\x62\xdd\x36\x0a"
"\x08\x18\xba\xed\x0b\x35\x84\xd0\x9e\x40\x3c\x2d\x9e\x9b\x82\x65\xbd"
"\x1f\x04\x10\x41\x4c\xa0",
- 91,
- "Google 'Pilot' log",
- "https://ct.googleapis.com/pilot/"},
+ 91, "Google 'Pilot' log", "https://ct.googleapis.com/pilot/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xd7\xf4\xcc\x69\xb2\xe4\x0e"
"\x90\xa3\x8a\xea\x5a\x70\x09\x4f\xef\x13\x62\xd0\x8d\x49\x60\xff\x1b"
"\x40\x50\x07\x0c\x6d\x71\x86\xda\x25\x49\x8d\x65\xe1\x08\x0d\x47\x34"
"\x6b\xbd\x27\xbc\x96\x21\x3e\x34\xf5\x87\x76\x31\xb1\x7f\x1d\xc9\x85"
"\x3b\x0d\xf7\x1f\x3f\xe9",
- 91,
- "Google 'Aviator' log",
- "https://ct.googleapis.com/aviator/"},
+ 91, "Google 'Aviator' log", "https://ct.googleapis.com/aviator/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x02\x46\xc5\xbe\x1b\xbb\x82"
"\x40\x16\xe8\xc1\xd2\xac\x19\x69\x13\x59\xf8\xf8\x70\x85\x46\x40\xb9"
"\x38\xb0\x23\x82\xa8\x64\x4c\x7f\xbf\xbb\x34\x9f\x4a\x5f\x28\x8a\xcf"
"\x19\xc4\x00\xf6\x36\x06\x93\x65\xed\x4c\xf5\xa9\x21\x62\x5a\xd8\x91"
"\xeb\x38\x24\x40\xac\xe8",
- 91,
- "DigiCert Log Server",
- "https://ct1.digicert-ct.com/log/"},
+ 91, "DigiCert Log Server", "https://ct1.digicert-ct.com/log/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x20\x5b\x18\xc8\x3c\xc1\x8b"
"\xb3\x31\x08\x00\xbf\xa0\x90\x57\x2b\xb7\x47\x8c\x6f\xb5\x68\xb0\x8e"
"\x90\x78\xe9\xa0\x73\xea\x4f\x28\x21\x2e\x9c\xc0\xf4\x16\x1b\xaa\xf9"
"\xd5\xd7\xa9\x80\xc3\x4e\x2f\x52\x3c\x98\x01\x25\x46\x24\x25\x28\x23"
"\x77\x2d\x05\xc2\x40\x7a",
- 91,
- "Google 'Rocketeer' log",
- "https://ct.googleapis.com/rocketeer/"},
+ 91, "Google 'Rocketeer' log", "https://ct.googleapis.com/rocketeer/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x0b\x23\xcb\x85\x62\x98\x61"
"\x48\x04\x73\xeb\x54\x5d\xf3\xd0\x07\x8c\x2d\x19\x2d\x8c\x36\xf5\xeb"
"\x8f\x01\x42\x0a\x7c\x98\x26\x27\xc1\xb5\xdd\x92\x93\xb0\xae\xf8\x9b"
"\x3d\x0c\xd8\x4c\x4e\x1d\xf9\x15\xfb\x47\x68\x7b\xba\x66\xb7\x25\x9c"
"\xd0\x4a\xc2\x66\xdb\x48",
- 91,
- "Certly.IO log",
- "https://log.certly.io/"},
+ 91, "Certly.IO log", "https://log.certly.io/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x27\x64\x39\x0c\x2d\xdc\x50"
"\x18\xf8\x21\x00\xa2\x0e\xed\x2c\xea\x3e\x75\xba\x9f\x93\x64\x09\x00"
"\x11\xc4\x11\x17\xab\x5c\xcf\x0f\x74\xac\xb5\x97\x90\x93\x00\x5b\xb8"
"\xeb\xf7\x27\x3d\xd9\xb2\x0a\x81\x5f\x2f\x0d\x75\x38\x94\x37\x99\x1e"
"\xf6\x07\x76\xe0\xee\xbe",
- 91,
- "Izenpe log",
- "https://ct.izenpe.com/"},
+ 91, "Izenpe log", "https://ct.izenpe.com/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\x96\xea\xac\x1c\x46\x0c\x1b"
"\x55\xdc\x0d\xfc\xb5\x94\x27\x46\x57\x42\x70\x3a\x69\x18\xe2\xbf\x3b"
"\xc4\xdb\xab\xa0\xf4\xb6\x6c\xc0\x53\x3f\x4d\x42\x10\x33\xf0\x58\x97"
"\x8f\x6b\xbe\x72\xf4\x2a\xec\x1c\x42\xaa\x03\x2f\x1a\x7e\x28\x35\x76"
"\x99\x08\x3d\x21\x14\x86",
- 91,
- "Symantec log",
- "https://ct.ws.symantec.com/"},
+ 91, "Symantec log", "https://ct.ws.symantec.com/"},
{"\x30\x82\x01\x22\x30\x0d\x06\x09\x2a\x86\x48\x86\xf7\x0d\x01\x01\x01"
"\x05\x00\x03\x82\x01\x0f\x00\x30\x82\x01\x0a\x02\x82\x01\x01\x00\xa2"
"\x5a\x48\x1f\x17\x52\x95\x35\xcb\xa3\x5b\x3a\x1f\x53\x82\x76\x94\xa3"
@@ -97,20 +77,14 @@
"\x05\xbf\x5f\xae\x94\x97\xdb\x5f\x64\xd4\xee\x16\x8b\xa3\x84\x6c\x71"
"\x2b\xf1\xab\x7f\x5d\x0d\x32\xee\x04\xe2\x90\xec\x41\x9f\xfb\x39\xc1"
"\x02\x03\x01\x00\x01",
- 294,
- "Venafi log",
- "https://ctlog.api.venafi.com/"},
+ 294, "Venafi log", "https://ctlog.api.venafi.com/"},
{"\x30\x59\x30\x13\x06\x07\x2a\x86\x48\xce\x3d\x02\x01\x06\x08\x2a\x86"
"\x48\xce\x3d\x03\x01\x07\x03\x42\x00\x04\xea\x95\x9e\x02\xff\xee\xf1"
"\x33\x6d\x4b\x87\xbc\xcd\xfd\x19\x17\x62\xff\x94\xd3\xd0\x59\x07\x3f"
"\x02\x2d\x1c\x90\xfe\xc8\x47\x30\x3b\xf1\xdd\x0d\xb8\x11\x0c\x5d\x1d"
"\x86\xdd\xab\xd3\x2b\x46\x66\xfb\x6e\x65\xb7\x3b\xfd\x59\x68\xac\xdf"
"\xa6\xf8\xce\xd2\x18\x4d",
- 91,
- "Symantec 'Vega' log",
- "https://vega.ws.symantec.com/"}};
-
-const size_t kNumKnownCTLogs = 9;
+ 91, "Symantec 'Vega' log", "https://vega.ws.symantec.com/"}};
// The list is sorted.
const char kGoogleLogIDs[][33] = {
@@ -120,7 +94,3 @@
"\x35\x98\x04\xf9\x1b\xdf\xb8\xe3\x77\xcd\x0e\xc8\x0d\xdc\x10",
"\xee\x4b\xbd\xb7\x75\xce\x60\xba\xe1\x42\x69\x1f\xab\xe1\x9e\x66\xa3"
"\x0f\x7e\x5f\xb0\x72\xd8\x83\x00\xc4\x7b\x89\x7a\xa8\xfd\xcb"};
-
-const size_t kNumGoogleLogs = 3;
-
-#endif // NET_CERT_CT_KNOWN_LOGS_STATIC_H_
diff --git a/net/net.gypi b/net/net.gypi
index d4b6d14..9cbcd905 100644
--- a/net/net.gypi
+++ b/net/net.gypi
@@ -85,7 +85,7 @@
'cert/crl_set.h',
'cert/ct_known_logs.cc',
'cert/ct_known_logs.h',
- 'cert/ct_known_logs_static.h',
+ 'cert/ct_known_logs_static-inc.h',
'cert/ct_policy_enforcer.cc',
'cert/ct_policy_enforcer.h',
'cert/ct_policy_status.h',
