security/manager/boot/src/StaticHPKPins.h@b8a032363ba2
security/manager/boot/src/StaticHPKPins.h
Thu, 22 Jan 2015 13:21:57 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Thu, 22 Jan 2015 13:21:57 +0100
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
- permissions
- -rw-r--r--
Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6
1 /* This Source Code Form is subject to the terms of the Mozilla Public
2 * License, v. 2.0. If a copy of the MPL was not distributed with this
3 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
5 /*****************************************************************************/
6 /* This is an automatically generated file. If you're not */
7 /* PublicKeyPinningService.cpp, you shouldn't be #including it. */
8 /*****************************************************************************/
9 #include <stdint.h>
10 /* AddTrust External Root */
11 static const char kAddTrust_External_RootFingerprint[] =
12 "lCppFqbkrlJ3EcVFAkeip0+44VaoJUymbnOaEUk7tEU=";
14 /* AddTrust Low-Value Services Root */
15 static const char kAddTrust_Low_Value_Services_RootFingerprint[] =
16 "BStocQfshOhzA4JFLsKidFF0XXSFpX1vRk4Np6G2ryo=";
18 /* AddTrust Public Services Root */
19 static const char kAddTrust_Public_Services_RootFingerprint[] =
20 "OGHXtpYfzbISBFb/b8LrdwSxp0G0vZM6g3b14ZFcppg=";
22 /* AddTrust Qualified Certificates Root */
23 static const char kAddTrust_Qualified_Certificates_RootFingerprint[] =
24 "xzr8Lrp3DQy8HuQfJStS6Kk9ErctzOwDHY2DnL+Bink=";
26 /* AffirmTrust Commercial */
27 static const char kAffirmTrust_CommercialFingerprint[] =
28 "bEZLmlsjOl6HTadlwm8EUBDS3c/0V5TwtMfkqvpQFJU=";
30 /* AffirmTrust Networking */
31 static const char kAffirmTrust_NetworkingFingerprint[] =
32 "lAcq0/WPcPkwmOWl9sBMlscQvYSdgxhJGa6Q64kK5AA=";
34 /* AffirmTrust Premium */
35 static const char kAffirmTrust_PremiumFingerprint[] =
36 "x/Q7TPW3FWgpT4IrU3YmBfbd0Vyt7Oc56eLDy6YenWc=";
38 /* AffirmTrust Premium ECC */
39 static const char kAffirmTrust_Premium_ECCFingerprint[] =
40 "MhmwkRT/SVo+tusAwu/qs0ACrl8KVsdnnqCHo/oDfk8=";
42 /* America Online Root Certification Authority 1 */
43 static const char kAmerica_Online_Root_Certification_Authority_1Fingerprint[] =
44 "I4SdCUkj1EpIgbY6sYXpvhWqyO8sMETZNLx/JuLSzWk=";
46 /* America Online Root Certification Authority 2 */
47 static const char kAmerica_Online_Root_Certification_Authority_2Fingerprint[] =
48 "/PfamDYD6IhiAw2WE32OEwMbrftNVsH9TKzDOfa9uyo=";
50 /* Baltimore CyberTrust Root */
51 static const char kBaltimore_CyberTrust_RootFingerprint[] =
52 "Y9mvm0exBk1JoQ57f9Vm28jKo5lFm/woKcVxrYxu80o=";
54 /* COMODO Certification Authority */
55 static const char kCOMODO_Certification_AuthorityFingerprint[] =
56 "AG1751Vd2CAmRCxPGieoDomhmJy4ezREjtIZTBgZbV4=";
58 /* COMODO ECC Certification Authority */
59 static const char kCOMODO_ECC_Certification_AuthorityFingerprint[] =
60 "58qRu/uxh4gFezqAcERupSkRYBlBAvfcw7mEjGPLnNU=";
62 /* Comodo AAA Services root */
63 static const char kComodo_AAA_Services_rootFingerprint[] =
64 "vRU+17BDT2iGsXvOi76E7TQMcTLXAqj0+jGPdW7L1vM=";
66 /* Comodo Secure Services root */
67 static const char kComodo_Secure_Services_rootFingerprint[] =
68 "RpHL/ehKa2BS3b4VK7DCFq4lqG5XR4E9vA8UfzOFcL4=";
70 /* Comodo Trusted Services root */
71 static const char kComodo_Trusted_Services_rootFingerprint[] =
72 "4tiR77c4ZpEF1TDeXtcuKyrD9KZweLU0mz/ayklvXrg=";
74 /* Cybertrust Global Root */
75 static const char kCybertrust_Global_RootFingerprint[] =
76 "foeCwVDOOVL4AuY2AjpdPpW7XWjjPoWtsroXgSXOvxU=";
78 /* DigiCert Assured ID Root CA */
79 static const char kDigiCert_Assured_ID_Root_CAFingerprint[] =
80 "I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o=";
82 /* DigiCert ECC Secure Server CA */
83 static const char kDigiCert_ECC_Secure_Server_CAFingerprint[] =
84 "PZXN3lRAy+8tBKk2Ox6F7jIlnzr2Yzmwqc3JnyfXoCw=";
86 /* DigiCert Global Root CA */
87 static const char kDigiCert_Global_Root_CAFingerprint[] =
88 "r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
90 /* DigiCert High Assurance EV Root CA */
91 static const char kDigiCert_High_Assurance_EV_Root_CAFingerprint[] =
92 "WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=";
94 /* End Entity Test Cert */
95 static const char kEnd_Entity_Test_CertFingerprint[] =
96 "pVVgLk2kFI2WWRPwDMIX6YmzFhEW4DXQV/U5gP+feGA=";
98 /* Entrust Root Certification Authority */
99 static const char kEntrust_Root_Certification_AuthorityFingerprint[] =
100 "bb+uANN7nNc/j7R95lkXrwDg3d9C286sIMF8AnXuIJU=";
102 /* Entrust.net Premium 2048 Secure Server CA */
103 static const char kEntrust_net_Premium_2048_Secure_Server_CAFingerprint[] =
104 "HqPF5D7WbC2imDpCpKebHpBnhs6fG1hiFBmgBGOofTg=";
106 /* Equifax Secure CA */
107 static const char kEquifax_Secure_CAFingerprint[] =
108 "/1aAzXOlcD2gSBegdf1GJQanNQbEuBoVg+9UlHjSZHY=";
110 /* Equifax Secure Global eBusiness CA */
111 static const char kEquifax_Secure_Global_eBusiness_CAFingerprint[] =
112 "pvH5v4oKndwID7SbHvw9GhwsMtwOE2pbAMlzFvKj3BE=";
114 /* Equifax Secure eBusiness CA 1 */
115 static const char kEquifax_Secure_eBusiness_CA_1Fingerprint[] =
116 "JsGNxu6m9jL2drzrodjCtINS8pwtX82oeOCdy4Mt1uU=";
118 /* GOOGLE_PIN_AlphaSSL_G2 */
119 static const char kGOOGLE_PIN_AlphaSSL_G2Fingerprint[] =
120 "yxgiWGK++SFB9ySwt3M3qpn5HO0ZLFY5D+h+G/vcT/c=";
122 /* GOOGLE_PIN_CryptoCat1 */
123 static const char kGOOGLE_PIN_CryptoCat1Fingerprint[] =
124 "vKaqtTLWmVuXPVJE+0OqN5sRc4VCcSQHI/W3XTDVR24=";
126 /* GOOGLE_PIN_EntrustRootEC1 */
127 static const char kGOOGLE_PIN_EntrustRootEC1Fingerprint[] =
128 "/qK31kX7pz11PB7Jp4cMQOH3sMVh6Se5hb9xGGbjbyI=";
130 /* GOOGLE_PIN_Entrust_G2 */
131 static const char kGOOGLE_PIN_Entrust_G2Fingerprint[] =
132 "du6FkDdMcVQ3u8prumAo6t3i3G27uMP2EOhR8R0at/U=";
134 /* GOOGLE_PIN_Entrust_SSL */
135 static const char kGOOGLE_PIN_Entrust_SSLFingerprint[] =
136 "nsxRNo6G40YPZsKV5JQt1TCA8nseQQr/LRqp1Oa8fnw=";
138 /* GOOGLE_PIN_GoDaddySecure */
139 static const char kGOOGLE_PIN_GoDaddySecureFingerprint[] =
140 "MrZLZnJ6IGPkBm87lYywqu5Xal7O/ZUzmbuIdHMdlYc=";
142 /* GOOGLE_PIN_Libertylavabitcom */
143 static const char kGOOGLE_PIN_LibertylavabitcomFingerprint[] =
144 "WnKzsDXgqPtS1KvtImrhQPqcxfpmfssuI2cSJt4LMks=";
146 /* GOOGLE_PIN_RapidSSL */
147 static const char kGOOGLE_PIN_RapidSSLFingerprint[] =
148 "lT09gPUeQfbYrlxRtpsHrjDblj9Rpz+u7ajfCrg4qDM=";
150 /* GOOGLE_PIN_Tor2web */
151 static const char kGOOGLE_PIN_Tor2webFingerprint[] =
152 "99ogQzjMuUTBkG1ZP7FME0K4kvBEti8Buzu4nZjRItM=";
154 /* GTE CyberTrust Global Root */
155 static const char kGTE_CyberTrust_Global_RootFingerprint[] =
156 "EGn6R6CqT4z3ERscrqNl7q7RC//zJmDe9uBhS/rnCHU=";
158 /* GeoTrust Global CA */
159 static const char kGeoTrust_Global_CAFingerprint[] =
160 "h6801m+z8v3zbgkRHpq6L29Esgfzhj89C1SyUCOQmqU=";
162 /* GeoTrust Global CA 2 */
163 static const char kGeoTrust_Global_CA_2Fingerprint[] =
164 "F3VaXClfPS1y5vAxofB/QAxYi55YKyLxfq4xoVkNEYU=";
166 /* GeoTrust Primary Certification Authority */
167 static const char kGeoTrust_Primary_Certification_AuthorityFingerprint[] =
168 "SQVGZiOrQXi+kqxcvWWE96HhfydlLVqFr4lQTqI5qqo=";
170 /* GeoTrust Primary Certification Authority - G2 */
171 static const char kGeoTrust_Primary_Certification_Authority___G2Fingerprint[] =
172 "vPtEqrmtAhAVcGtBIep2HIHJ6IlnWQ9vlK50TciLePs=";
174 /* GeoTrust Primary Certification Authority - G3 */
175 static const char kGeoTrust_Primary_Certification_Authority___G3Fingerprint[] =
176 "q5hJUnat8eyv8o81xTBIeB5cFxjaucjmelBPT2pRMo8=";
178 /* GeoTrust Universal CA */
179 static const char kGeoTrust_Universal_CAFingerprint[] =
180 "lpkiXF3lLlbN0y3y6W0c/qWqPKC7Us2JM8I7XCdEOCA=";
182 /* GeoTrust Universal CA 2 */
183 static const char kGeoTrust_Universal_CA_2Fingerprint[] =
184 "fKoDRlEkWQxgHlZ+UhSOlSwM/+iQAFMP4NlbbVDqrkE=";
186 /* GlobalSign Root CA */
187 static const char kGlobalSign_Root_CAFingerprint[] =
188 "K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q=";
190 /* GlobalSign Root CA - R2 */
191 static const char kGlobalSign_Root_CA___R2Fingerprint[] =
192 "iie1VXtL7HzAMF+/PVPR9xzT80kQxdZeJ+zduCB3uj0=";
194 /* GlobalSign Root CA - R3 */
195 static const char kGlobalSign_Root_CA___R3Fingerprint[] =
196 "cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A=";
198 /* Go Daddy Class 2 CA */
199 static const char kGo_Daddy_Class_2_CAFingerprint[] =
200 "VjLZe/p3W/PJnd6lL8JVNBCGQBZynFLdZSTIqcO0SJ8=";
202 /* Go Daddy Root Certificate Authority - G2 */
203 static const char kGo_Daddy_Root_Certificate_Authority___G2Fingerprint[] =
204 "Ko8tivDrEjiY90yGasP6ZpBU4jwXvHqVvQI0GS3GNdA=";
206 /* GoogleBackup2048 */
207 static const char kGoogleBackup2048Fingerprint[] =
208 "vq7OyjSnqOco9nyMCDGdy77eijM=";
210 /* GoogleG2 */
211 static const char kGoogleG2Fingerprint[] =
212 "Q9rWMO5T+KmAym79hfRqo3mQ4Oo=";
214 /* Network Solutions Certificate Authority */
215 static const char kNetwork_Solutions_Certificate_AuthorityFingerprint[] =
216 "MtGA7THJNVieydu7ciEjuIO1/C3BD5/KOpXXfhv8tTQ=";
218 /* Starfield Class 2 CA */
219 static const char kStarfield_Class_2_CAFingerprint[] =
220 "FfFKxFycfaIz00eRZOgTf+Ne4POK6FgYPwhBDqgqxLQ=";
222 /* Starfield Root Certificate Authority - G2 */
223 static const char kStarfield_Root_Certificate_Authority___G2Fingerprint[] =
224 "gI1os/q0iEpflxrOfRBVDXqVoWN3Tz7Dav/7IT++THQ=";
226 /* Starfield Services Root Certificate Authority - G2 */
227 static const char kStarfield_Services_Root_Certificate_Authority___G2Fingerprint[] =
228 "KwccWaCgrnaw6tsrrSO61FgLacNgG2MMLq8GE6+oP5I=";
230 /* StartCom Certification Authority */
231 static const char kStartCom_Certification_AuthorityFingerprint[] =
232 "5C8kvU039KouVrl52D0eZSGf4Onjo4Khs8tmyTlV3nU=";
234 /* StartCom Certification Authority G2 */
235 static const char kStartCom_Certification_Authority_G2Fingerprint[] =
236 "FSg5faISiQqDCwuVpZlozvI0dzd531GBzxD6ZHU0u2U=";
238 /* TC TrustCenter Class 2 CA II */
239 static const char kTC_TrustCenter_Class_2_CA_IIFingerprint[] =
240 "rPZeHWLLWKK6/W/6tA+4hpnEc5fPXLSD1C1pytNM1Is=";
242 /* TC TrustCenter Class 3 CA II */
243 static const char kTC_TrustCenter_Class_3_CA_IIFingerprint[] =
244 "k5KuIUmSSt435kXbof9L3dzaKykbYJdmnSr6XHo3Jhk=";
246 /* TC TrustCenter Universal CA I */
247 static const char kTC_TrustCenter_Universal_CA_IFingerprint[] =
248 "st71NirT+s0EvSkEekOET3ZwNOpIkvgOVr7mkCQ+JQI=";
250 /* TC TrustCenter Universal CA III */
251 static const char kTC_TrustCenter_Universal_CA_IIIFingerprint[] =
252 "q1zbM1Y5c1bW5pGXPCW4YYtl12qQSG6nqKXBd2f0Zzo=";
254 /* TestSPKI */
255 static const char kTestSPKIFingerprint[] =
256 "AAAAAAAAAAAAAAAAAAAAAAAAAAA=";
258 /* Thawte Premium Server CA */
259 static const char kThawte_Premium_Server_CAFingerprint[] =
260 "9TwiBZgX3Zb0AGUWOdL4V+IQcKWavtkHlADZ9pVQaQA=";
262 /* Thawte Server CA */
263 static const char kThawte_Server_CAFingerprint[] =
264 "nG9qEjy6pO402+zu4kyX1ziHjLQj88InOQNCT10fbdU=";
266 /* Tor1 */
267 static const char kTor1Fingerprint[] =
268 "juNxSTv9UANmpC9kF5GKpmWNx3Y=";
270 /* Tor2 */
271 static const char kTor2Fingerprint[] =
272 "lia43lPolzSPVIq34Dw57uYcLD8=";
274 /* Tor3 */
275 static const char kTor3Fingerprint[] =
276 "rzEyQIKOh77j87n5bjWUNguXF8Y=";
278 /* Twitter1 */
279 static const char kTwitter1Fingerprint[] =
280 "Vv7zwhR9TtOIN/29MFI4cgHld40=";
282 /* UTN DATACorp SGC Root CA */
283 static const char kUTN_DATACorp_SGC_Root_CAFingerprint[] =
284 "QAL80xHQczFWfnG82XHkYEjI3OjRZZcRdTs9qiommvo=";
286 /* UTN USERFirst Email Root CA */
287 static const char kUTN_USERFirst_Email_Root_CAFingerprint[] =
288 "Laj56jRU0hFGRko/nQKNxMf7tXscUsc8KwVyovWZotM=";
290 /* UTN USERFirst Hardware Root CA */
291 static const char kUTN_USERFirst_Hardware_Root_CAFingerprint[] =
292 "TUDnr0MEoJ3of7+YliBMBVFB4/gJsv5zO7IxD9+YoWI=";
294 /* UTN USERFirst Object Root CA */
295 static const char kUTN_USERFirst_Object_Root_CAFingerprint[] =
296 "D+FMJksXu28NZT56cOs2Pb9UvhWAOe3a5cJXEd9IwQM=";
298 /* VeriSign Class 3 Public Primary Certification Authority - G4 */
299 static const char kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint[] =
300 "UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4=";
302 /* VeriSign Class 3 Public Primary Certification Authority - G5 */
303 static const char kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint[] =
304 "JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg=";
306 /* VeriSign Universal Root Certification Authority */
307 static const char kVeriSign_Universal_Root_Certification_AuthorityFingerprint[] =
308 "lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI=";
310 /* Verisign Class 1 Public Primary Certification Authority */
311 static const char kVerisign_Class_1_Public_Primary_Certification_AuthorityFingerprint[] =
312 "LclHC+Y+9KzxvYKGCUArt7h72ZY4pkOTTohoLRvowwg=";
314 /* Verisign Class 1 Public Primary Certification Authority - G3 */
315 static const char kVerisign_Class_1_Public_Primary_Certification_Authority___G3Fingerprint[] =
316 "IgduWu9Eu5pBaii30cRDItcFn2D+/6XK9sW+hEeJEwM=";
318 /* Verisign Class 2 Public Primary Certification Authority - G2 */
319 static const char kVerisign_Class_2_Public_Primary_Certification_Authority___G2Fingerprint[] =
320 "2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8=";
322 /* Verisign Class 2 Public Primary Certification Authority - G3 */
323 static const char kVerisign_Class_2_Public_Primary_Certification_Authority___G3Fingerprint[] =
324 "cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM=";
326 /* Verisign Class 3 Public Primary Certification Authority */
327 static const char kVerisign_Class_3_Public_Primary_Certification_AuthorityFingerprint[] =
328 "sRJBQqWhpaKIGcc1NA7/jJ4vgWj+47oYfyU7waOS1+I=";
330 /* Verisign Class 3 Public Primary Certification Authority - G2 */
331 static const char kVerisign_Class_3_Public_Primary_Certification_Authority___G2Fingerprint[] =
332 "AjyBzOjnxk+pQtPBUEhwfTXZu1uH9PVExb8bxWQ68vo=";
334 /* Verisign Class 3 Public Primary Certification Authority - G3 */
335 static const char kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint[] =
336 "SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4=";
338 /* Verisign Class 4 Public Primary Certification Authority - G3 */
339 static const char kVerisign_Class_4_Public_Primary_Certification_Authority___G3Fingerprint[] =
340 "VnuCEf0g09KD7gzXzgZyy52ZvFtIeljJ1U7Gf3fUqPU=";
342 /* XRamp Global CA Root */
343 static const char kXRamp_Global_CA_RootFingerprint[] =
344 "BRz5+pXkDpuD7a7aaWH2Fox4ecRmAXJHnN1RqwPOpis=";
346 /* thawte Primary Root CA */
347 static const char kthawte_Primary_Root_CAFingerprint[] =
348 "HXXQgxueCIU5TTLHob/bPbwcKOKw6DkfsTWYHbxbqTY=";
350 /* thawte Primary Root CA - G2 */
351 static const char kthawte_Primary_Root_CA___G2Fingerprint[] =
352 "Z9xPMvoQ59AaeaBzqgyeAhLsL/w9d54Kp/nA8OHCyJM=";
354 /* thawte Primary Root CA - G3 */
355 static const char kthawte_Primary_Root_CA___G3Fingerprint[] =
356 "GQbGEk27Q4V40A4GbVBUxsN/D6YCjAVUXgmU7drshik=";
358 /* Pinsets are each an ordered list by the actual value of the fingerprint */
359 struct StaticFingerprints {
360 const size_t size;
361 const char* const* data;
362 };
364 struct StaticPinset {
365 const StaticFingerprints* sha1;
366 const StaticFingerprints* sha256;
367 };
369 /* PreloadedHPKPins.json pinsets */
370 static const char* kPinset_facebook_sha256_Data[] = {
371 kDigiCert_ECC_Secure_Server_CAFingerprint,
372 kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint,
373 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
374 };
375 static const StaticFingerprints kPinset_facebook_sha256 = {
376 sizeof(kPinset_facebook_sha256_Data) / sizeof(const char*),
377 kPinset_facebook_sha256_Data
378 };
380 static const StaticPinset kPinset_facebook = {
381 nullptr,
382 &kPinset_facebook_sha256
383 };
385 static const char* kPinset_google_root_pems_sha256_Data[] = {
386 kEquifax_Secure_CAFingerprint,
387 kAmerica_Online_Root_Certification_Authority_2Fingerprint,
388 kComodo_Trusted_Services_rootFingerprint,
389 kCOMODO_ECC_Certification_AuthorityFingerprint,
390 kStartCom_Certification_AuthorityFingerprint,
391 kStartCom_Certification_AuthorityFingerprint,
392 kThawte_Premium_Server_CAFingerprint,
393 kCOMODO_Certification_AuthorityFingerprint,
394 kVerisign_Class_3_Public_Primary_Certification_Authority___G2Fingerprint,
395 kXRamp_Global_CA_RootFingerprint,
396 kAddTrust_Low_Value_Services_RootFingerprint,
397 kGeoTrust_Global_CA_2Fingerprint,
398 kStartCom_Certification_Authority_G2Fingerprint,
399 kStarfield_Class_2_CAFingerprint,
400 kthawte_Primary_Root_CA___G3Fingerprint,
401 kthawte_Primary_Root_CAFingerprint,
402 kEntrust_net_Premium_2048_Secure_Server_CAFingerprint,
403 kDigiCert_Assured_ID_Root_CAFingerprint,
404 kAmerica_Online_Root_Certification_Authority_1Fingerprint,
405 kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint,
406 kEquifax_Secure_eBusiness_CA_1Fingerprint,
407 kGlobalSign_Root_CAFingerprint,
408 kGo_Daddy_Root_Certificate_Authority___G2Fingerprint,
409 kStarfield_Services_Root_Certificate_Authority___G2Fingerprint,
410 kAffirmTrust_Premium_ECCFingerprint,
411 kNetwork_Solutions_Certificate_AuthorityFingerprint,
412 kAddTrust_Public_Services_RootFingerprint,
413 kUTN_DATACorp_SGC_Root_CAFingerprint,
414 kComodo_Secure_Services_rootFingerprint,
415 kGeoTrust_Primary_Certification_AuthorityFingerprint,
416 kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint,
417 kUTN_USERFirst_Hardware_Root_CAFingerprint,
418 kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint,
419 kGo_Daddy_Class_2_CAFingerprint,
420 kVerisign_Class_4_Public_Primary_Certification_Authority___G3Fingerprint,
421 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
422 kBaltimore_CyberTrust_RootFingerprint,
423 kthawte_Primary_Root_CA___G2Fingerprint,
424 kAffirmTrust_CommercialFingerprint,
425 kEntrust_Root_Certification_AuthorityFingerprint,
426 kGlobalSign_Root_CA___R3Fingerprint,
427 kGeoTrust_Universal_CA_2Fingerprint,
428 kCybertrust_Global_RootFingerprint,
429 kStarfield_Root_Certificate_Authority___G2Fingerprint,
430 kGeoTrust_Global_CAFingerprint,
431 kGlobalSign_Root_CA___R2Fingerprint,
432 kTC_TrustCenter_Class_3_CA_IIFingerprint,
433 kAffirmTrust_NetworkingFingerprint,
434 kAddTrust_External_RootFingerprint,
435 kVeriSign_Universal_Root_Certification_AuthorityFingerprint,
436 kGeoTrust_Universal_CAFingerprint,
437 kThawte_Server_CAFingerprint,
438 kEquifax_Secure_Global_eBusiness_CAFingerprint,
439 kTC_TrustCenter_Universal_CA_IIIFingerprint,
440 kGeoTrust_Primary_Certification_Authority___G3Fingerprint,
441 kDigiCert_Global_Root_CAFingerprint,
442 kTC_TrustCenter_Class_2_CA_IIFingerprint,
443 kVerisign_Class_3_Public_Primary_Certification_AuthorityFingerprint,
444 kVerisign_Class_3_Public_Primary_Certification_AuthorityFingerprint,
445 kTC_TrustCenter_Universal_CA_IFingerprint,
446 kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
447 kComodo_AAA_Services_rootFingerprint,
448 kAffirmTrust_PremiumFingerprint,
449 kAddTrust_Qualified_Certificates_RootFingerprint,
450 };
451 static const StaticFingerprints kPinset_google_root_pems_sha256 = {
452 sizeof(kPinset_google_root_pems_sha256_Data) / sizeof(const char*),
453 kPinset_google_root_pems_sha256_Data
454 };
456 static const StaticPinset kPinset_google_root_pems = {
457 nullptr,
458 &kPinset_google_root_pems_sha256
459 };
461 static const char* kPinset_mozilla_sha256_Data[] = {
462 kGeoTrust_Global_CA_2Fingerprint,
463 kthawte_Primary_Root_CA___G3Fingerprint,
464 kthawte_Primary_Root_CAFingerprint,
465 kDigiCert_Assured_ID_Root_CAFingerprint,
466 kVerisign_Class_1_Public_Primary_Certification_Authority___G3Fingerprint,
467 kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint,
468 kGeoTrust_Primary_Certification_AuthorityFingerprint,
469 kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint,
470 kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint,
471 kVerisign_Class_4_Public_Primary_Certification_Authority___G3Fingerprint,
472 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
473 kBaltimore_CyberTrust_RootFingerprint,
474 kthawte_Primary_Root_CA___G2Fingerprint,
475 kVerisign_Class_2_Public_Primary_Certification_Authority___G3Fingerprint,
476 kGeoTrust_Universal_CA_2Fingerprint,
477 kGeoTrust_Global_CAFingerprint,
478 kVeriSign_Universal_Root_Certification_AuthorityFingerprint,
479 kGeoTrust_Universal_CAFingerprint,
480 kGeoTrust_Primary_Certification_Authority___G3Fingerprint,
481 kDigiCert_Global_Root_CAFingerprint,
482 kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
483 };
484 static const StaticFingerprints kPinset_mozilla_sha256 = {
485 sizeof(kPinset_mozilla_sha256_Data) / sizeof(const char*),
486 kPinset_mozilla_sha256_Data
487 };
489 static const StaticPinset kPinset_mozilla = {
490 nullptr,
491 &kPinset_mozilla_sha256
492 };
494 static const char* kPinset_mozilla_services_sha256_Data[] = {
495 kDigiCert_Global_Root_CAFingerprint,
496 };
497 static const StaticFingerprints kPinset_mozilla_services_sha256 = {
498 sizeof(kPinset_mozilla_services_sha256_Data) / sizeof(const char*),
499 kPinset_mozilla_services_sha256_Data
500 };
502 static const StaticPinset kPinset_mozilla_services = {
503 nullptr,
504 &kPinset_mozilla_services_sha256
505 };
507 static const char* kPinset_mozilla_test_sha256_Data[] = {
508 kEnd_Entity_Test_CertFingerprint,
509 };
510 static const StaticFingerprints kPinset_mozilla_test_sha256 = {
511 sizeof(kPinset_mozilla_test_sha256_Data) / sizeof(const char*),
512 kPinset_mozilla_test_sha256_Data
513 };
515 static const StaticPinset kPinset_mozilla_test = {
516 nullptr,
517 &kPinset_mozilla_test_sha256
518 };
520 /* Chrome static pinsets */
521 static const char* kPinset_test_sha1_Data[] = {
522 kTestSPKIFingerprint,
523 };
524 static const StaticFingerprints kPinset_test_sha1 = {
525 sizeof(kPinset_test_sha1_Data) / sizeof(const char*),
526 kPinset_test_sha1_Data
527 };
529 static const StaticPinset kPinset_test = {
530 &kPinset_test_sha1,
531 nullptr
532 };
534 static const char* kPinset_google_sha1_Data[] = {
535 kGoogleG2Fingerprint,
536 kGoogleBackup2048Fingerprint,
537 };
538 static const StaticFingerprints kPinset_google_sha1 = {
539 sizeof(kPinset_google_sha1_Data) / sizeof(const char*),
540 kPinset_google_sha1_Data
541 };
543 static const StaticPinset kPinset_google = {
544 &kPinset_google_sha1,
545 nullptr
546 };
548 static const char* kPinset_tor_sha1_Data[] = {
549 kTor1Fingerprint,
550 kTor2Fingerprint,
551 kTor3Fingerprint,
552 };
553 static const StaticFingerprints kPinset_tor_sha1 = {
554 sizeof(kPinset_tor_sha1_Data) / sizeof(const char*),
555 kPinset_tor_sha1_Data
556 };
558 static const char* kPinset_tor_sha256_Data[] = {
559 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
560 kGOOGLE_PIN_RapidSSLFingerprint,
561 };
562 static const StaticFingerprints kPinset_tor_sha256 = {
563 sizeof(kPinset_tor_sha256_Data) / sizeof(const char*),
564 kPinset_tor_sha256_Data
565 };
567 static const StaticPinset kPinset_tor = {
568 &kPinset_tor_sha1,
569 &kPinset_tor_sha256
570 };
572 static const char* kPinset_twitterCom_sha1_Data[] = {
573 kTwitter1Fingerprint,
574 };
575 static const StaticFingerprints kPinset_twitterCom_sha1 = {
576 sizeof(kPinset_twitterCom_sha1_Data) / sizeof(const char*),
577 kPinset_twitterCom_sha1_Data
578 };
580 static const char* kPinset_twitterCom_sha256_Data[] = {
581 kVerisign_Class_2_Public_Primary_Certification_Authority___G2Fingerprint,
582 kVerisign_Class_3_Public_Primary_Certification_Authority___G2Fingerprint,
583 kGeoTrust_Global_CA_2Fingerprint,
584 kDigiCert_Assured_ID_Root_CAFingerprint,
585 kVerisign_Class_1_Public_Primary_Certification_Authority___G3Fingerprint,
586 kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint,
587 kVerisign_Class_1_Public_Primary_Certification_AuthorityFingerprint,
588 kGeoTrust_Primary_Certification_AuthorityFingerprint,
589 kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint,
590 kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint,
591 kVerisign_Class_4_Public_Primary_Certification_Authority___G3Fingerprint,
592 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
593 kVerisign_Class_2_Public_Primary_Certification_Authority___G3Fingerprint,
594 kGeoTrust_Universal_CA_2Fingerprint,
595 kGeoTrust_Global_CAFingerprint,
596 kVeriSign_Universal_Root_Certification_AuthorityFingerprint,
597 kGeoTrust_Universal_CAFingerprint,
598 kGeoTrust_Primary_Certification_Authority___G3Fingerprint,
599 kDigiCert_Global_Root_CAFingerprint,
600 kVerisign_Class_3_Public_Primary_Certification_AuthorityFingerprint,
601 kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
602 };
603 static const StaticFingerprints kPinset_twitterCom_sha256 = {
604 sizeof(kPinset_twitterCom_sha256_Data) / sizeof(const char*),
605 kPinset_twitterCom_sha256_Data
606 };
608 static const StaticPinset kPinset_twitterCom = {
609 &kPinset_twitterCom_sha1,
610 &kPinset_twitterCom_sha256
611 };
613 static const char* kPinset_twitterCDN_sha1_Data[] = {
614 kTwitter1Fingerprint,
615 };
616 static const StaticFingerprints kPinset_twitterCDN_sha1 = {
617 sizeof(kPinset_twitterCDN_sha1_Data) / sizeof(const char*),
618 kPinset_twitterCDN_sha1_Data
619 };
621 static const char* kPinset_twitterCDN_sha256_Data[] = {
622 kVerisign_Class_2_Public_Primary_Certification_Authority___G2Fingerprint,
623 kComodo_Trusted_Services_rootFingerprint,
624 kCOMODO_Certification_AuthorityFingerprint,
625 kVerisign_Class_3_Public_Primary_Certification_Authority___G2Fingerprint,
626 kAddTrust_Low_Value_Services_RootFingerprint,
627 kUTN_USERFirst_Object_Root_CAFingerprint,
628 kGTE_CyberTrust_Global_RootFingerprint,
629 kGeoTrust_Global_CA_2Fingerprint,
630 kEntrust_net_Premium_2048_Secure_Server_CAFingerprint,
631 kDigiCert_Assured_ID_Root_CAFingerprint,
632 kVerisign_Class_1_Public_Primary_Certification_Authority___G3Fingerprint,
633 kVeriSign_Class_3_Public_Primary_Certification_Authority___G5Fingerprint,
634 kGlobalSign_Root_CAFingerprint,
635 kUTN_USERFirst_Email_Root_CAFingerprint,
636 kVerisign_Class_1_Public_Primary_Certification_AuthorityFingerprint,
637 kAddTrust_Public_Services_RootFingerprint,
638 kUTN_DATACorp_SGC_Root_CAFingerprint,
639 kComodo_Secure_Services_rootFingerprint,
640 kGeoTrust_Primary_Certification_AuthorityFingerprint,
641 kVerisign_Class_3_Public_Primary_Certification_Authority___G3Fingerprint,
642 kUTN_USERFirst_Hardware_Root_CAFingerprint,
643 kVeriSign_Class_3_Public_Primary_Certification_Authority___G4Fingerprint,
644 kVerisign_Class_4_Public_Primary_Certification_Authority___G3Fingerprint,
645 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
646 kBaltimore_CyberTrust_RootFingerprint,
647 kEntrust_Root_Certification_AuthorityFingerprint,
648 kVerisign_Class_2_Public_Primary_Certification_Authority___G3Fingerprint,
649 kGlobalSign_Root_CA___R3Fingerprint,
650 kGOOGLE_PIN_Entrust_G2Fingerprint,
651 kGeoTrust_Universal_CA_2Fingerprint,
652 kGeoTrust_Global_CAFingerprint,
653 kGlobalSign_Root_CA___R2Fingerprint,
654 kAddTrust_External_RootFingerprint,
655 kVeriSign_Universal_Root_Certification_AuthorityFingerprint,
656 kGeoTrust_Universal_CAFingerprint,
657 kGOOGLE_PIN_Entrust_SSLFingerprint,
658 kGeoTrust_Primary_Certification_Authority___G3Fingerprint,
659 kDigiCert_Global_Root_CAFingerprint,
660 kVerisign_Class_3_Public_Primary_Certification_AuthorityFingerprint,
661 kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
662 kComodo_AAA_Services_rootFingerprint,
663 kAddTrust_Qualified_Certificates_RootFingerprint,
664 };
665 static const StaticFingerprints kPinset_twitterCDN_sha256 = {
666 sizeof(kPinset_twitterCDN_sha256_Data) / sizeof(const char*),
667 kPinset_twitterCDN_sha256_Data
668 };
670 static const StaticPinset kPinset_twitterCDN = {
671 &kPinset_twitterCDN_sha1,
672 &kPinset_twitterCDN_sha256
673 };
675 static const char* kPinset_tor2web_sha256_Data[] = {
676 kGOOGLE_PIN_Tor2webFingerprint,
677 kGOOGLE_PIN_AlphaSSL_G2Fingerprint,
678 };
679 static const StaticFingerprints kPinset_tor2web_sha256 = {
680 sizeof(kPinset_tor2web_sha256_Data) / sizeof(const char*),
681 kPinset_tor2web_sha256_Data
682 };
684 static const StaticPinset kPinset_tor2web = {
685 nullptr,
686 &kPinset_tor2web_sha256
687 };
689 static const char* kPinset_cryptoCat_sha256_Data[] = {
690 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
691 kGOOGLE_PIN_CryptoCat1Fingerprint,
692 };
693 static const StaticFingerprints kPinset_cryptoCat_sha256 = {
694 sizeof(kPinset_cryptoCat_sha256_Data) / sizeof(const char*),
695 kPinset_cryptoCat_sha256_Data
696 };
698 static const StaticPinset kPinset_cryptoCat = {
699 nullptr,
700 &kPinset_cryptoCat_sha256
701 };
703 static const char* kPinset_lavabit_sha256_Data[] = {
704 kGOOGLE_PIN_LibertylavabitcomFingerprint,
705 };
706 static const StaticFingerprints kPinset_lavabit_sha256 = {
707 sizeof(kPinset_lavabit_sha256_Data) / sizeof(const char*),
708 kPinset_lavabit_sha256_Data
709 };
711 static const StaticPinset kPinset_lavabit = {
712 nullptr,
713 &kPinset_lavabit_sha256
714 };
716 static const char* kPinset_dropbox_sha256_Data[] = {
717 kGOOGLE_PIN_EntrustRootEC1Fingerprint,
718 kThawte_Premium_Server_CAFingerprint,
719 kthawte_Primary_Root_CA___G3Fingerprint,
720 kthawte_Primary_Root_CAFingerprint,
721 kEntrust_net_Premium_2048_Secure_Server_CAFingerprint,
722 kDigiCert_Assured_ID_Root_CAFingerprint,
723 kGo_Daddy_Root_Certificate_Authority___G2Fingerprint,
724 kGOOGLE_PIN_GoDaddySecureFingerprint,
725 kGeoTrust_Primary_Certification_AuthorityFingerprint,
726 kGo_Daddy_Class_2_CAFingerprint,
727 kDigiCert_High_Assurance_EV_Root_CAFingerprint,
728 kthawte_Primary_Root_CA___G2Fingerprint,
729 kEntrust_Root_Certification_AuthorityFingerprint,
730 kGOOGLE_PIN_Entrust_G2Fingerprint,
731 kGeoTrust_Global_CAFingerprint,
732 kGeoTrust_Primary_Certification_Authority___G3Fingerprint,
733 kDigiCert_Global_Root_CAFingerprint,
734 kGeoTrust_Primary_Certification_Authority___G2Fingerprint,
735 };
736 static const StaticFingerprints kPinset_dropbox_sha256 = {
737 sizeof(kPinset_dropbox_sha256_Data) / sizeof(const char*),
738 kPinset_dropbox_sha256_Data
739 };
741 static const StaticPinset kPinset_dropbox = {
742 nullptr,
743 &kPinset_dropbox_sha256
744 };
746 /* Domainlist */
747 struct TransportSecurityPreload {
748 const char* mHost;
749 const bool mIncludeSubdomains;
750 const bool mTestMode;
751 const bool mIsMoz;
752 const int32_t mId;
753 const StaticPinset *pinset;
754 };
756 /* Sort hostnames for binary search. */
757 static const TransportSecurityPreload kPublicKeyPinningPreloadList[] = {
758 { "2mdn.net", true, false, false, -1, &kPinset_google_root_pems },
759 { "accounts.firefox.com", true, false, false, 4, &kPinset_mozilla_services },
760 { "accounts.google.com", true, false, false, -1, &kPinset_google_root_pems },
761 { "addons.mozilla.net", true, false, true, 2, &kPinset_mozilla },
762 { "addons.mozilla.org", true, false, true, 1, &kPinset_mozilla },
763 { "admin.google.com", true, false, false, -1, &kPinset_google_root_pems },
764 { "android.com", true, false, false, -1, &kPinset_google_root_pems },
765 { "api.accounts.firefox.com", true, false, false, 5, &kPinset_mozilla_services },
766 { "api.twitter.com", true, false, false, -1, &kPinset_twitterCDN },
767 { "apis.google.com", true, false, false, -1, &kPinset_google_root_pems },
768 { "appengine.google.com", true, false, false, -1, &kPinset_google_root_pems },
769 { "appspot.com", true, false, false, -1, &kPinset_google_root_pems },
770 { "aus4.mozilla.org", true, true, true, 3, &kPinset_mozilla },
771 { "blog.torproject.org", true, false, false, -1, &kPinset_tor },
772 { "business.twitter.com", true, false, false, -1, &kPinset_twitterCom },
773 { "cdn.mozilla.net", true, false, true, -1, &kPinset_mozilla },
774 { "cdn.mozilla.org", true, false, true, -1, &kPinset_mozilla },
775 { "chart.apis.google.com", true, false, false, -1, &kPinset_google_root_pems },
776 { "check.torproject.org", true, false, false, -1, &kPinset_tor },
777 { "checkout.google.com", true, false, false, -1, &kPinset_google_root_pems },
778 { "chrome-devtools-frontend.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
779 { "chrome.google.com", true, false, false, -1, &kPinset_google_root_pems },
780 { "chromiumcodereview.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
781 { "cloud.google.com", true, false, false, -1, &kPinset_google_root_pems },
782 { "code.google.com", true, false, false, -1, &kPinset_google_root_pems },
783 { "codereview.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
784 { "codereview.chromium.org", true, false, false, -1, &kPinset_google_root_pems },
785 { "crypto.cat", false, true, false, -1, &kPinset_cryptoCat },
786 { "dev.twitter.com", true, false, false, -1, &kPinset_twitterCom },
787 { "dist.torproject.org", true, false, false, -1, &kPinset_tor },
788 { "dl.google.com", true, false, false, -1, &kPinset_google_root_pems },
789 { "docs.google.com", true, false, false, -1, &kPinset_google_root_pems },
790 { "domains.google.com", true, false, false, -1, &kPinset_google_root_pems },
791 { "doubleclick.net", true, false, false, -1, &kPinset_google_root_pems },
792 { "drive.google.com", true, false, false, -1, &kPinset_google_root_pems },
793 { "dropbox.com", false, false, false, -1, &kPinset_dropbox },
794 { "encrypted.google.com", true, false, false, -1, &kPinset_google_root_pems },
795 { "exclude-subdomains.pinning.example.com", false, false, false, 0, &kPinset_mozilla_test },
796 { "facebook.com", true, true, false, -1, &kPinset_facebook },
797 { "g.co", true, false, false, -1, &kPinset_google_root_pems },
798 { "glass.google.com", true, false, false, -1, &kPinset_google_root_pems },
799 { "gmail.com", false, false, false, -1, &kPinset_google_root_pems },
800 { "goo.gl", true, false, false, -1, &kPinset_google_root_pems },
801 { "google-analytics.com", true, false, false, -1, &kPinset_google_root_pems },
802 { "google.ac", true, false, false, -1, &kPinset_google_root_pems },
803 { "google.ad", true, false, false, -1, &kPinset_google_root_pems },
804 { "google.ae", true, false, false, -1, &kPinset_google_root_pems },
805 { "google.af", true, false, false, -1, &kPinset_google_root_pems },
806 { "google.ag", true, false, false, -1, &kPinset_google_root_pems },
807 { "google.am", true, false, false, -1, &kPinset_google_root_pems },
808 { "google.as", true, false, false, -1, &kPinset_google_root_pems },
809 { "google.at", true, false, false, -1, &kPinset_google_root_pems },
810 { "google.az", true, false, false, -1, &kPinset_google_root_pems },
811 { "google.ba", true, false, false, -1, &kPinset_google_root_pems },
812 { "google.be", true, false, false, -1, &kPinset_google_root_pems },
813 { "google.bf", true, false, false, -1, &kPinset_google_root_pems },
814 { "google.bg", true, false, false, -1, &kPinset_google_root_pems },
815 { "google.bi", true, false, false, -1, &kPinset_google_root_pems },
816 { "google.bj", true, false, false, -1, &kPinset_google_root_pems },
817 { "google.bs", true, false, false, -1, &kPinset_google_root_pems },
818 { "google.by", true, false, false, -1, &kPinset_google_root_pems },
819 { "google.ca", true, false, false, -1, &kPinset_google_root_pems },
820 { "google.cat", true, false, false, -1, &kPinset_google_root_pems },
821 { "google.cc", true, false, false, -1, &kPinset_google_root_pems },
822 { "google.cd", true, false, false, -1, &kPinset_google_root_pems },
823 { "google.cf", true, false, false, -1, &kPinset_google_root_pems },
824 { "google.cg", true, false, false, -1, &kPinset_google_root_pems },
825 { "google.ch", true, false, false, -1, &kPinset_google_root_pems },
826 { "google.ci", true, false, false, -1, &kPinset_google_root_pems },
827 { "google.cl", true, false, false, -1, &kPinset_google_root_pems },
828 { "google.cm", true, false, false, -1, &kPinset_google_root_pems },
829 { "google.cn", true, false, false, -1, &kPinset_google_root_pems },
830 { "google.co.ao", true, false, false, -1, &kPinset_google_root_pems },
831 { "google.co.bw", true, false, false, -1, &kPinset_google_root_pems },
832 { "google.co.ck", true, false, false, -1, &kPinset_google_root_pems },
833 { "google.co.cr", true, false, false, -1, &kPinset_google_root_pems },
834 { "google.co.hu", true, false, false, -1, &kPinset_google_root_pems },
835 { "google.co.id", true, false, false, -1, &kPinset_google_root_pems },
836 { "google.co.il", true, false, false, -1, &kPinset_google_root_pems },
837 { "google.co.im", true, false, false, -1, &kPinset_google_root_pems },
838 { "google.co.in", true, false, false, -1, &kPinset_google_root_pems },
839 { "google.co.je", true, false, false, -1, &kPinset_google_root_pems },
840 { "google.co.jp", true, false, false, -1, &kPinset_google_root_pems },
841 { "google.co.ke", true, false, false, -1, &kPinset_google_root_pems },
842 { "google.co.kr", true, false, false, -1, &kPinset_google_root_pems },
843 { "google.co.ls", true, false, false, -1, &kPinset_google_root_pems },
844 { "google.co.ma", true, false, false, -1, &kPinset_google_root_pems },
845 { "google.co.mz", true, false, false, -1, &kPinset_google_root_pems },
846 { "google.co.nz", true, false, false, -1, &kPinset_google_root_pems },
847 { "google.co.th", true, false, false, -1, &kPinset_google_root_pems },
848 { "google.co.tz", true, false, false, -1, &kPinset_google_root_pems },
849 { "google.co.ug", true, false, false, -1, &kPinset_google_root_pems },
850 { "google.co.uk", true, false, false, -1, &kPinset_google_root_pems },
851 { "google.co.uz", true, false, false, -1, &kPinset_google_root_pems },
852 { "google.co.ve", true, false, false, -1, &kPinset_google_root_pems },
853 { "google.co.vi", true, false, false, -1, &kPinset_google_root_pems },
854 { "google.co.za", true, false, false, -1, &kPinset_google_root_pems },
855 { "google.co.zm", true, false, false, -1, &kPinset_google_root_pems },
856 { "google.co.zw", true, false, false, -1, &kPinset_google_root_pems },
857 { "google.com", true, false, false, -1, &kPinset_google_root_pems },
858 { "google.com.af", true, false, false, -1, &kPinset_google_root_pems },
859 { "google.com.ag", true, false, false, -1, &kPinset_google_root_pems },
860 { "google.com.ai", true, false, false, -1, &kPinset_google_root_pems },
861 { "google.com.ar", true, false, false, -1, &kPinset_google_root_pems },
862 { "google.com.au", true, false, false, -1, &kPinset_google_root_pems },
863 { "google.com.bd", true, false, false, -1, &kPinset_google_root_pems },
864 { "google.com.bh", true, false, false, -1, &kPinset_google_root_pems },
865 { "google.com.bn", true, false, false, -1, &kPinset_google_root_pems },
866 { "google.com.bo", true, false, false, -1, &kPinset_google_root_pems },
867 { "google.com.br", true, false, false, -1, &kPinset_google_root_pems },
868 { "google.com.by", true, false, false, -1, &kPinset_google_root_pems },
869 { "google.com.bz", true, false, false, -1, &kPinset_google_root_pems },
870 { "google.com.cn", true, false, false, -1, &kPinset_google_root_pems },
871 { "google.com.co", true, false, false, -1, &kPinset_google_root_pems },
872 { "google.com.cu", true, false, false, -1, &kPinset_google_root_pems },
873 { "google.com.cy", true, false, false, -1, &kPinset_google_root_pems },
874 { "google.com.do", true, false, false, -1, &kPinset_google_root_pems },
875 { "google.com.ec", true, false, false, -1, &kPinset_google_root_pems },
876 { "google.com.eg", true, false, false, -1, &kPinset_google_root_pems },
877 { "google.com.et", true, false, false, -1, &kPinset_google_root_pems },
878 { "google.com.fj", true, false, false, -1, &kPinset_google_root_pems },
879 { "google.com.ge", true, false, false, -1, &kPinset_google_root_pems },
880 { "google.com.gh", true, false, false, -1, &kPinset_google_root_pems },
881 { "google.com.gi", true, false, false, -1, &kPinset_google_root_pems },
882 { "google.com.gr", true, false, false, -1, &kPinset_google_root_pems },
883 { "google.com.gt", true, false, false, -1, &kPinset_google_root_pems },
884 { "google.com.hk", true, false, false, -1, &kPinset_google_root_pems },
885 { "google.com.iq", true, false, false, -1, &kPinset_google_root_pems },
886 { "google.com.jm", true, false, false, -1, &kPinset_google_root_pems },
887 { "google.com.jo", true, false, false, -1, &kPinset_google_root_pems },
888 { "google.com.kh", true, false, false, -1, &kPinset_google_root_pems },
889 { "google.com.kw", true, false, false, -1, &kPinset_google_root_pems },
890 { "google.com.lb", true, false, false, -1, &kPinset_google_root_pems },
891 { "google.com.ly", true, false, false, -1, &kPinset_google_root_pems },
892 { "google.com.mt", true, false, false, -1, &kPinset_google_root_pems },
893 { "google.com.mx", true, false, false, -1, &kPinset_google_root_pems },
894 { "google.com.my", true, false, false, -1, &kPinset_google_root_pems },
895 { "google.com.na", true, false, false, -1, &kPinset_google_root_pems },
896 { "google.com.nf", true, false, false, -1, &kPinset_google_root_pems },
897 { "google.com.ng", true, false, false, -1, &kPinset_google_root_pems },
898 { "google.com.ni", true, false, false, -1, &kPinset_google_root_pems },
899 { "google.com.np", true, false, false, -1, &kPinset_google_root_pems },
900 { "google.com.nr", true, false, false, -1, &kPinset_google_root_pems },
901 { "google.com.om", true, false, false, -1, &kPinset_google_root_pems },
902 { "google.com.pa", true, false, false, -1, &kPinset_google_root_pems },
903 { "google.com.pe", true, false, false, -1, &kPinset_google_root_pems },
904 { "google.com.ph", true, false, false, -1, &kPinset_google_root_pems },
905 { "google.com.pk", true, false, false, -1, &kPinset_google_root_pems },
906 { "google.com.pl", true, false, false, -1, &kPinset_google_root_pems },
907 { "google.com.pr", true, false, false, -1, &kPinset_google_root_pems },
908 { "google.com.py", true, false, false, -1, &kPinset_google_root_pems },
909 { "google.com.qa", true, false, false, -1, &kPinset_google_root_pems },
910 { "google.com.ru", true, false, false, -1, &kPinset_google_root_pems },
911 { "google.com.sa", true, false, false, -1, &kPinset_google_root_pems },
912 { "google.com.sb", true, false, false, -1, &kPinset_google_root_pems },
913 { "google.com.sg", true, false, false, -1, &kPinset_google_root_pems },
914 { "google.com.sl", true, false, false, -1, &kPinset_google_root_pems },
915 { "google.com.sv", true, false, false, -1, &kPinset_google_root_pems },
916 { "google.com.tj", true, false, false, -1, &kPinset_google_root_pems },
917 { "google.com.tn", true, false, false, -1, &kPinset_google_root_pems },
918 { "google.com.tr", true, false, false, -1, &kPinset_google_root_pems },
919 { "google.com.tw", true, false, false, -1, &kPinset_google_root_pems },
920 { "google.com.ua", true, false, false, -1, &kPinset_google_root_pems },
921 { "google.com.uy", true, false, false, -1, &kPinset_google_root_pems },
922 { "google.com.vc", true, false, false, -1, &kPinset_google_root_pems },
923 { "google.com.ve", true, false, false, -1, &kPinset_google_root_pems },
924 { "google.com.vn", true, false, false, -1, &kPinset_google_root_pems },
925 { "google.cv", true, false, false, -1, &kPinset_google_root_pems },
926 { "google.cz", true, false, false, -1, &kPinset_google_root_pems },
927 { "google.de", true, false, false, -1, &kPinset_google_root_pems },
928 { "google.dj", true, false, false, -1, &kPinset_google_root_pems },
929 { "google.dk", true, false, false, -1, &kPinset_google_root_pems },
930 { "google.dm", true, false, false, -1, &kPinset_google_root_pems },
931 { "google.dz", true, false, false, -1, &kPinset_google_root_pems },
932 { "google.ee", true, false, false, -1, &kPinset_google_root_pems },
933 { "google.es", true, false, false, -1, &kPinset_google_root_pems },
934 { "google.fi", true, false, false, -1, &kPinset_google_root_pems },
935 { "google.fm", true, false, false, -1, &kPinset_google_root_pems },
936 { "google.fr", true, false, false, -1, &kPinset_google_root_pems },
937 { "google.ga", true, false, false, -1, &kPinset_google_root_pems },
938 { "google.ge", true, false, false, -1, &kPinset_google_root_pems },
939 { "google.gg", true, false, false, -1, &kPinset_google_root_pems },
940 { "google.gl", true, false, false, -1, &kPinset_google_root_pems },
941 { "google.gm", true, false, false, -1, &kPinset_google_root_pems },
942 { "google.gp", true, false, false, -1, &kPinset_google_root_pems },
943 { "google.gr", true, false, false, -1, &kPinset_google_root_pems },
944 { "google.gy", true, false, false, -1, &kPinset_google_root_pems },
945 { "google.hk", true, false, false, -1, &kPinset_google_root_pems },
946 { "google.hn", true, false, false, -1, &kPinset_google_root_pems },
947 { "google.hr", true, false, false, -1, &kPinset_google_root_pems },
948 { "google.ht", true, false, false, -1, &kPinset_google_root_pems },
949 { "google.hu", true, false, false, -1, &kPinset_google_root_pems },
950 { "google.ie", true, false, false, -1, &kPinset_google_root_pems },
951 { "google.im", true, false, false, -1, &kPinset_google_root_pems },
952 { "google.info", true, false, false, -1, &kPinset_google_root_pems },
953 { "google.iq", true, false, false, -1, &kPinset_google_root_pems },
954 { "google.is", true, false, false, -1, &kPinset_google_root_pems },
955 { "google.it", true, false, false, -1, &kPinset_google_root_pems },
956 { "google.it.ao", true, false, false, -1, &kPinset_google_root_pems },
957 { "google.je", true, false, false, -1, &kPinset_google_root_pems },
958 { "google.jo", true, false, false, -1, &kPinset_google_root_pems },
959 { "google.jobs", true, false, false, -1, &kPinset_google_root_pems },
960 { "google.jp", true, false, false, -1, &kPinset_google_root_pems },
961 { "google.kg", true, false, false, -1, &kPinset_google_root_pems },
962 { "google.ki", true, false, false, -1, &kPinset_google_root_pems },
963 { "google.kz", true, false, false, -1, &kPinset_google_root_pems },
964 { "google.la", true, false, false, -1, &kPinset_google_root_pems },
965 { "google.li", true, false, false, -1, &kPinset_google_root_pems },
966 { "google.lk", true, false, false, -1, &kPinset_google_root_pems },
967 { "google.lt", true, false, false, -1, &kPinset_google_root_pems },
968 { "google.lu", true, false, false, -1, &kPinset_google_root_pems },
969 { "google.lv", true, false, false, -1, &kPinset_google_root_pems },
970 { "google.md", true, false, false, -1, &kPinset_google_root_pems },
971 { "google.me", true, false, false, -1, &kPinset_google_root_pems },
972 { "google.mg", true, false, false, -1, &kPinset_google_root_pems },
973 { "google.mk", true, false, false, -1, &kPinset_google_root_pems },
974 { "google.ml", true, false, false, -1, &kPinset_google_root_pems },
975 { "google.mn", true, false, false, -1, &kPinset_google_root_pems },
976 { "google.ms", true, false, false, -1, &kPinset_google_root_pems },
977 { "google.mu", true, false, false, -1, &kPinset_google_root_pems },
978 { "google.mv", true, false, false, -1, &kPinset_google_root_pems },
979 { "google.mw", true, false, false, -1, &kPinset_google_root_pems },
980 { "google.ne", true, false, false, -1, &kPinset_google_root_pems },
981 { "google.ne.jp", true, false, false, -1, &kPinset_google_root_pems },
982 { "google.net", true, false, false, -1, &kPinset_google_root_pems },
983 { "google.nl", true, false, false, -1, &kPinset_google_root_pems },
984 { "google.no", true, false, false, -1, &kPinset_google_root_pems },
985 { "google.nr", true, false, false, -1, &kPinset_google_root_pems },
986 { "google.nu", true, false, false, -1, &kPinset_google_root_pems },
987 { "google.off.ai", true, false, false, -1, &kPinset_google_root_pems },
988 { "google.pk", true, false, false, -1, &kPinset_google_root_pems },
989 { "google.pl", true, false, false, -1, &kPinset_google_root_pems },
990 { "google.pn", true, false, false, -1, &kPinset_google_root_pems },
991 { "google.ps", true, false, false, -1, &kPinset_google_root_pems },
992 { "google.pt", true, false, false, -1, &kPinset_google_root_pems },
993 { "google.ro", true, false, false, -1, &kPinset_google_root_pems },
994 { "google.rs", true, false, false, -1, &kPinset_google_root_pems },
995 { "google.ru", true, false, false, -1, &kPinset_google_root_pems },
996 { "google.rw", true, false, false, -1, &kPinset_google_root_pems },
997 { "google.sc", true, false, false, -1, &kPinset_google_root_pems },
998 { "google.se", true, false, false, -1, &kPinset_google_root_pems },
999 { "google.sh", true, false, false, -1, &kPinset_google_root_pems },
1000 { "google.si", true, false, false, -1, &kPinset_google_root_pems },
1001 { "google.sk", true, false, false, -1, &kPinset_google_root_pems },
1002 { "google.sm", true, false, false, -1, &kPinset_google_root_pems },
1003 { "google.sn", true, false, false, -1, &kPinset_google_root_pems },
1004 { "google.so", true, false, false, -1, &kPinset_google_root_pems },
1005 { "google.st", true, false, false, -1, &kPinset_google_root_pems },
1006 { "google.td", true, false, false, -1, &kPinset_google_root_pems },
1007 { "google.tg", true, false, false, -1, &kPinset_google_root_pems },
1008 { "google.tk", true, false, false, -1, &kPinset_google_root_pems },
1009 { "google.tl", true, false, false, -1, &kPinset_google_root_pems },
1010 { "google.tm", true, false, false, -1, &kPinset_google_root_pems },
1011 { "google.tn", true, false, false, -1, &kPinset_google_root_pems },
1012 { "google.to", true, false, false, -1, &kPinset_google_root_pems },
1013 { "google.tt", true, false, false, -1, &kPinset_google_root_pems },
1014 { "google.us", true, false, false, -1, &kPinset_google_root_pems },
1015 { "google.uz", true, false, false, -1, &kPinset_google_root_pems },
1016 { "google.vg", true, false, false, -1, &kPinset_google_root_pems },
1017 { "google.vu", true, false, false, -1, &kPinset_google_root_pems },
1018 { "google.ws", true, false, false, -1, &kPinset_google_root_pems },
1019 { "googleadservices.com", true, false, false, -1, &kPinset_google_root_pems },
1020 { "googleapis.com", true, false, false, -1, &kPinset_google_root_pems },
1021 { "googlecode.com", true, false, false, -1, &kPinset_google_root_pems },
1022 { "googlecommerce.com", true, false, false, -1, &kPinset_google_root_pems },
1023 { "googlegroups.com", true, false, false, -1, &kPinset_google_root_pems },
1024 { "googlemail.com", false, false, false, -1, &kPinset_google_root_pems },
1025 { "googleplex.com", true, false, false, -1, &kPinset_google_root_pems },
1026 { "googlesyndication.com", true, false, false, -1, &kPinset_google_root_pems },
1027 { "googletagmanager.com", true, false, false, -1, &kPinset_google_root_pems },
1028 { "googletagservices.com", true, false, false, -1, &kPinset_google_root_pems },
1029 { "googleusercontent.com", true, false, false, -1, &kPinset_google_root_pems },
1030 { "goto.google.com", true, false, false, -1, &kPinset_google_root_pems },
1031 { "groups.google.com", true, false, false, -1, &kPinset_google_root_pems },
1032 { "gstatic.com", true, false, false, -1, &kPinset_google_root_pems },
1033 { "history.google.com", true, false, false, -1, &kPinset_google_root_pems },
1034 { "hostedtalkgadget.google.com", true, false, false, -1, &kPinset_google_root_pems },
1035 { "include-subdomains.pinning.example.com", true, false, false, -1, &kPinset_mozilla_test },
1036 { "liberty.lavabit.com", true, true, false, -1, &kPinset_lavabit },
1037 { "login.corp.google.com", true, false, false, -1, &kPinset_google_root_pems },
1038 { "mail.google.com", true, false, false, -1, &kPinset_google_root_pems },
1039 { "market.android.com", true, false, false, -1, &kPinset_google_root_pems },
1040 { "media.mozilla.com", true, false, true, -1, &kPinset_mozilla },
1041 { "mobile.twitter.com", true, false, false, -1, &kPinset_twitterCom },
1042 { "oauth.twitter.com", true, false, false, -1, &kPinset_twitterCom },
1043 { "pinningtest.appspot.com", true, false, false, -1, &kPinset_test },
1044 { "platform.twitter.com", true, false, false, -1, &kPinset_twitterCDN },
1045 { "play.google.com", false, false, false, -1, &kPinset_google_root_pems },
1046 { "plus.google.com", true, false, false, -1, &kPinset_google_root_pems },
1047 { "plus.sandbox.google.com", true, false, false, -1, &kPinset_google_root_pems },
1048 { "profiles.google.com", true, false, false, -1, &kPinset_google_root_pems },
1049 { "script.google.com", true, false, false, -1, &kPinset_google_root_pems },
1050 { "security.google.com", true, false, false, -1, &kPinset_google_root_pems },
1051 { "services.mozilla.com", true, true, false, -1, &kPinset_mozilla_services },
1052 { "sites.google.com", true, false, false, -1, &kPinset_google_root_pems },
1053 { "spreadsheets.google.com", true, false, false, -1, &kPinset_google_root_pems },
1054 { "ssl.google-analytics.com", true, false, false, -1, &kPinset_google_root_pems },
1055 { "talk.google.com", true, false, false, -1, &kPinset_google_root_pems },
1056 { "talkgadget.google.com", true, false, false, -1, &kPinset_google_root_pems },
1057 { "test-mode.pinning.example.com", true, true, false, -1, &kPinset_mozilla_test },
1058 { "tor2web.org", true, true, false, -1, &kPinset_tor2web },
1059 { "torproject.org", false, false, false, -1, &kPinset_tor },
1060 { "translate.googleapis.com", true, false, false, -1, &kPinset_google_root_pems },
1061 { "twimg.com", true, false, false, -1, &kPinset_twitterCDN },
1062 { "twitter.com", true, false, false, -1, &kPinset_twitterCDN },
1063 { "urchin.com", true, false, false, -1, &kPinset_google_root_pems },
1064 { "w-spotlight.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1065 { "wallet.google.com", true, false, false, -1, &kPinset_google_root_pems },
1066 { "webfilings-eu-mirror.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1067 { "webfilings-eu.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1068 { "webfilings-mirror-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1069 { "webfilings.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1070 { "wf-bigsky-master.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1071 { "wf-demo-eu.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1072 { "wf-demo-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1073 { "wf-dogfood-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1074 { "wf-pentest.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1075 { "wf-staging-hr.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1076 { "wf-training-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1077 { "wf-training-master.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1078 { "wf-trial-hrd.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1079 { "www.dropbox.com", true, false, false, -1, &kPinset_dropbox },
1080 { "www.gmail.com", false, false, false, -1, &kPinset_google_root_pems },
1081 { "www.googlemail.com", false, false, false, -1, &kPinset_google_root_pems },
1082 { "www.torproject.org", true, false, false, -1, &kPinset_tor },
1083 { "www.twitter.com", true, false, false, -1, &kPinset_twitterCom },
1084 { "xbrlsuccess.appspot.com", true, false, false, -1, &kPinset_google_root_pems },
1085 { "youtu.be", true, false, false, -1, &kPinset_google_root_pems },
1086 { "youtube-nocookie.com", true, false, false, -1, &kPinset_google_root_pems },
1087 { "youtube.com", true, false, false, -1, &kPinset_google_root_pems },
1088 { "ytimg.com", true, false, false, -1, &kPinset_google_root_pems },
1089 };
1091 // Pinning Preload List Length = 331;
1093 static const int32_t kUnknownId = -1;
1095 static const PRTime kPreloadPKPinsExpirationTime = INT64_C(1419674828470000);
