1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/quic/crypto/common_cert_set.h"
7 #include "base/basictypes.h"
8 #include "base/logging.h"
9 #include "base/memory/singleton.h"
10 #include "net/quic/quic_utils.h"
12 using base::StringPiece;
16 namespace common_cert_set_0 {
17 #include "net/quic/crypto/common_cert_set_0.c"
20 namespace common_cert_set_1 {
21 #include "net/quic/crypto/common_cert_set_1.c"
27 // num_certs contains the number of certificates in this set.
29 // certs is an array of |num_certs| pointers to the DER encoded certificates.
30 const unsigned char* const* certs;
31 // lens is an array of |num_certs| integers describing the length, in bytes,
32 // of each certificate.
34 // hash contains the 64-bit, FNV-1a hash of this set.
38 const CertSet kSets[] = {
40 common_cert_set_0::kNumCerts,
41 common_cert_set_0::kCerts,
42 common_cert_set_0::kLens,
43 common_cert_set_0::kHash,
46 common_cert_set_1::kNumCerts,
47 common_cert_set_1::kCerts,
48 common_cert_set_1::kLens,
49 common_cert_set_1::kHash,
53 const uint64 kSetHashes[] = {
54 common_cert_set_0::kHash,
55 common_cert_set_1::kHash,
58 // Compare returns a value less than, equal to or greater than zero if |a| is
59 // lexicographically less than, equal to or greater than |b|, respectively.
60 int Compare(StringPiece a, const unsigned char* b, size_t b_len) {
61 size_t len = a.size();
65 int n = memcmp(a.data(), b, len);
70 if (a.size() < b_len) {
72 } else if (a.size() > b_len) {
78 // CommonCertSetsQUIC implements the CommonCertSets interface using the default
80 class CommonCertSetsQUIC : public CommonCertSets {
82 // CommonCertSets interface.
83 StringPiece GetCommonHashes() const override {
84 return StringPiece(reinterpret_cast<const char*>(kSetHashes),
85 sizeof(uint64) * arraysize(kSetHashes));
88 StringPiece GetCert(uint64 hash, uint32 index) const override {
89 for (size_t i = 0; i < arraysize(kSets); i++) {
90 if (kSets[i].hash == hash) {
91 if (index < kSets[i].num_certs) {
93 reinterpret_cast<const char*>(kSets[i].certs[index]),
94 kSets[i].lens[index]);
100 return StringPiece();
103 bool MatchCert(StringPiece cert,
104 StringPiece common_set_hashes,
106 uint32* out_index) const override {
107 if (common_set_hashes.size() % sizeof(uint64) != 0) {
111 for (size_t i = 0; i < common_set_hashes.size() / sizeof(uint64); i++) {
113 memcpy(&hash, common_set_hashes.data() + i * sizeof(uint64),
116 for (size_t j = 0; j < arraysize(kSets); j++) {
117 if (kSets[j].hash != hash) {
121 if (kSets[j].num_certs == 0) {
125 // Binary search for a matching certificate.
127 size_t max = kSets[j].num_certs - 1;
129 size_t mid = min + ((max - min) / 2);
130 int n = Compare(cert, kSets[j].certs[mid], kSets[j].lens[mid]);
150 static CommonCertSetsQUIC* GetInstance() {
151 return Singleton<CommonCertSetsQUIC>::get();
155 CommonCertSetsQUIC() {}
156 virtual ~CommonCertSetsQUIC() {}
158 friend struct DefaultSingletonTraits<CommonCertSetsQUIC>;
159 DISALLOW_COPY_AND_ASSIGN(CommonCertSetsQUIC);
162 } // anonymous namespace
164 CommonCertSets::~CommonCertSets() {}
167 const CommonCertSets* CommonCertSets::GetInstanceQUIC() {
168 return CommonCertSetsQUIC::GetInstance();