| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // TransportSecurityState maintains an in memory database containing the | 5 // TransportSecurityState maintains an in memory database containing the |
| 6 // list of hosts that currently have transport security enabled. This | 6 // list of hosts that currently have transport security enabled. This |
| 7 // singleton object deals with writing that data out to disk as needed and | 7 // singleton object deals with writing that data out to disk as needed and |
| 8 // loading it at startup. | 8 // loading it at startup. |
| 9 | 9 |
| 10 // At startup we need to load the transport security state from the | 10 // At startup we need to load the transport security state from the |
| (...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 78 // legacy key synonym "bad_preloaded_spki_hashes" | 78 // legacy key synonym "bad_preloaded_spki_hashes" |
| 79 // "dynamic_spki_hashes": list of strings | 79 // "dynamic_spki_hashes": list of strings |
| 80 // | 80 // |
| 81 // The JSON dictionary keys are strings containing | 81 // The JSON dictionary keys are strings containing |
| 82 // Base64(SHA256(net::TransportSecurityState::CanonicalizeHost(domain))). | 82 // Base64(SHA256(net::TransportSecurityState::CanonicalizeHost(domain))). |
| 83 // The reason for hashing them is so that the stored state does not | 83 // The reason for hashing them is so that the stored state does not |
| 84 // trivially reveal a user's browsing history to an attacker reading the | 84 // trivially reveal a user's browsing history to an attacker reading the |
| 85 // serialized state on disk. | 85 // serialized state on disk. |
| 86 virtual bool SerializeData(std::string* data) OVERRIDE; | 86 virtual bool SerializeData(std::string* data) OVERRIDE; |
| 87 | 87 |
| 88 // Parses an array of JSON-encoded TransportSecurityState::DomainState | |
| 89 // entries. For use in loading entries defined on the command line | |
| 90 // (switches::kHstsHosts). | |
| 91 bool DeserializeFromCommandLine(const std::string& serialized); | |
| 92 | |
| 93 // Clears any existing non-static entries, and then re-populates | 88 // Clears any existing non-static entries, and then re-populates |
| 94 // |transport_security_state_|. | 89 // |transport_security_state_|. |
| 95 // | 90 // |
| 96 // Sets |*dirty| to true if the new state differs from the persisted | 91 // Sets |*dirty| to true if the new state differs from the persisted |
| 97 // state; false otherwise. | 92 // state; false otherwise. |
| 98 bool LoadEntries(const std::string& serialized, bool* dirty); | 93 bool LoadEntries(const std::string& serialized, bool* dirty); |
| 99 | 94 |
| 100 private: | 95 private: |
| 101 class Loader; | 96 class Loader; |
| 102 | 97 |
| (...skipping 18 matching lines...) Expand all Loading... |
| 121 | 116 |
| 122 // Whether or not we're in read-only mode. | 117 // Whether or not we're in read-only mode. |
| 123 const bool readonly_; | 118 const bool readonly_; |
| 124 | 119 |
| 125 base::WeakPtrFactory<TransportSecurityPersister> weak_ptr_factory_; | 120 base::WeakPtrFactory<TransportSecurityPersister> weak_ptr_factory_; |
| 126 | 121 |
| 127 DISALLOW_COPY_AND_ASSIGN(TransportSecurityPersister); | 122 DISALLOW_COPY_AND_ASSIGN(TransportSecurityPersister); |
| 128 }; | 123 }; |
| 129 | 124 |
| 130 #endif // CHROME_BROWSER_NET_TRANSPORT_SECURITY_PERSISTER_H_ | 125 #endif // CHROME_BROWSER_NET_TRANSPORT_SECURITY_PERSISTER_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12974003:
Improve TransportSecurityState data storage. (Closed)
Base URL: https://src.chromium.org/chrome/trunk/src/