net/tools/transport_security_state_generator/transport_security_state_entry.cc - cobalt - Git at Google

 // Copyright (c) 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/tools/transport_security_state_generator/transport_security_state_entry.h"
 #include "net/tools/huffman_trie/trie/trie_bit_buffer.h"

 namespace net {

 namespace transport_security_state {

 namespace {

 // Returns true if the entry only configures HSTS with includeSubdomains.
 // Such entries, when written, can be represented more compactly, and thus
 // reduce the overall size of the trie.
 bool IsSimpleEntry(const TransportSecurityStateEntry* entry) {
   return entry->force_https && entry->include_subdomains &&
          entry->pinset.empty() && !entry->expect_ct;
 }

 }  // namespace

 TransportSecurityStateEntry::TransportSecurityStateEntry() = default;
 TransportSecurityStateEntry::~TransportSecurityStateEntry() = default;

 TransportSecurityStateTrieEntry::TransportSecurityStateTrieEntry(
     const NameIDMap& expect_ct_report_uri_map,
     const NameIDMap& pinsets_map,
     TransportSecurityStateEntry* entry)
     : expect_ct_report_uri_map_(expect_ct_report_uri_map),
       pinsets_map_(pinsets_map),
       entry_(entry) {}

 TransportSecurityStateTrieEntry::~TransportSecurityStateTrieEntry() {}

 std::string TransportSecurityStateTrieEntry::name() const {
   return entry_->hostname;
 }

 bool TransportSecurityStateTrieEntry::WriteEntry(
     huffman_trie::TrieBitBuffer* writer) const {
   if (IsSimpleEntry(entry_)) {
     writer->WriteBit(1);
     return true;
   } else {
     writer->WriteBit(0);
   }

   uint8_t include_subdomains = 0;
   if (entry_->include_subdomains) {
     include_subdomains = 1;
   }
   writer->WriteBit(include_subdomains);

   uint8_t force_https = 0;
   if (entry_->force_https) {
     force_https = 1;
   }
   writer->WriteBit(force_https);

   if (entry_->pinset.size()) {
     writer->WriteBit(1);

     auto pin_id_it = pinsets_map_.find(entry_->pinset);
     if (pin_id_it == pinsets_map_.cend()) {
       return false;
     }

     const uint8_t& pin_id = pin_id_it->second;
     if (pin_id > 15) {
       return false;
     }

     writer->WriteBits(pin_id, 4);

     if (!entry_->include_subdomains) {
       uint8_t include_subdomains_for_pinning = 0;
       if (entry_->hpkp_include_subdomains) {
         include_subdomains_for_pinning = 1;
       }
       writer->WriteBit(include_subdomains_for_pinning);
     }
   } else {
     writer->WriteBit(0);
   }

   if (entry_->expect_ct) {
     writer->WriteBit(1);
     auto expect_ct_report_uri_it =
         expect_ct_report_uri_map_.find(entry_->expect_ct_report_uri);
     if (expect_ct_report_uri_it == expect_ct_report_uri_map_.cend()) {
       return false;
     }

     const uint8_t& expect_ct_report_id = expect_ct_report_uri_it->second;
     if (expect_ct_report_id > 15) {
       return false;
     }

     writer->WriteBits(expect_ct_report_id, 4);
   } else {
     writer->WriteBit(0);
   }

   return true;
 }

 }  // namespace transport_security_state

 }  // namespace net
	// Copyright (c) 2016 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/tools/transport_security_state_generator/transport_security_state_entry.h"
	#include "net/tools/huffman_trie/trie/trie_bit_buffer.h"

	namespace net {

	namespace transport_security_state {

	namespace {

	// Returns true if the entry only configures HSTS with includeSubdomains.
	// Such entries, when written, can be represented more compactly, and thus
	// reduce the overall size of the trie.
	bool IsSimpleEntry(const TransportSecurityStateEntry* entry) {
	return entry->force_https && entry->include_subdomains &&
	entry->pinset.empty() && !entry->expect_ct;
	}

	} // namespace

	TransportSecurityStateEntry::TransportSecurityStateEntry() = default;
	TransportSecurityStateEntry::~TransportSecurityStateEntry() = default;

	TransportSecurityStateTrieEntry::TransportSecurityStateTrieEntry(
	const NameIDMap& expect_ct_report_uri_map,
	const NameIDMap& pinsets_map,
	TransportSecurityStateEntry* entry)
	: expect_ct_report_uri_map_(expect_ct_report_uri_map),
	pinsets_map_(pinsets_map),
	entry_(entry) {}

	TransportSecurityStateTrieEntry::~TransportSecurityStateTrieEntry() {}

	std::string TransportSecurityStateTrieEntry::name() const {
	return entry_->hostname;
	}

	bool TransportSecurityStateTrieEntry::WriteEntry(
	huffman_trie::TrieBitBuffer* writer) const {
	if (IsSimpleEntry(entry_)) {
	writer->WriteBit(1);
	return true;
	} else {
	writer->WriteBit(0);
	}

	uint8_t include_subdomains = 0;
	if (entry_->include_subdomains) {
	include_subdomains = 1;
	}
	writer->WriteBit(include_subdomains);

	uint8_t force_https = 0;
	if (entry_->force_https) {
	force_https = 1;
	}
	writer->WriteBit(force_https);

	if (entry_->pinset.size()) {
	writer->WriteBit(1);

	auto pin_id_it = pinsets_map_.find(entry_->pinset);
	if (pin_id_it == pinsets_map_.cend()) {
	return false;
	}

	const uint8_t& pin_id = pin_id_it->second;
	if (pin_id > 15) {
	return false;
	}

	writer->WriteBits(pin_id, 4);

	if (!entry_->include_subdomains) {
	uint8_t include_subdomains_for_pinning = 0;
	if (entry_->hpkp_include_subdomains) {
	include_subdomains_for_pinning = 1;
	}
	writer->WriteBit(include_subdomains_for_pinning);
	}
	} else {
	writer->WriteBit(0);
	}

	if (entry_->expect_ct) {
	writer->WriteBit(1);
	auto expect_ct_report_uri_it =
	expect_ct_report_uri_map_.find(entry_->expect_ct_report_uri);
	if (expect_ct_report_uri_it == expect_ct_report_uri_map_.cend()) {
	return false;
	}

	const uint8_t& expect_ct_report_id = expect_ct_report_uri_it->second;
	if (expect_ct_report_id > 15) {
	return false;
	}

	writer->WriteBits(expect_ct_report_id, 4);
	} else {
	writer->WriteBit(0);
	}

	return true;
	}

	} // namespace transport_security_state

	} // namespace net