components/cronet/android/cronet_url_request_context_adapter.cc - Issue 1407263010: [Cronet] Public key pinning for Java API

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: components/cronet/android/cronet_url_request_context_adapter.cc

Issue 1407263010: [Cronet] Public key pinning for Java API (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Shutdown CronetEngine between HPKP tests Created 5 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« components/cronet/android/api/src/org/chromium/net/CronetEngine.java ('K') | « components/cronet/android/api/src/org/chromium/net/CronetUtil.java ('k') | components/cronet/android/test/javatests/src/org/chromium/net/CronetUtilTest.java » ('j') | components/cronet/android/test/mock_cert_verifier.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: components/cronet/android/cronet_url_request_context_adapter.cc

diff --git a/components/cronet/android/cronet_url_request_context_adapter.cc b/components/cronet/android/cronet_url_request_context_adapter.cc

index 67dad4ef35028a612edf1ac88c01348962dbf16f..4b8a3f94d9a78a9c10616d00c8393f177435b6fb 100644

--- a/components/cronet/android/cronet_url_request_context_adapter.cc

+++ b/components/cronet/android/cronet_url_request_context_adapter.cc

@@ -10,6 +10,7 @@

#include "base/android/jni_array.h"

#include "base/android/jni_string.h"

#include "base/bind.h"

+#include "base/files/file_path.h"

#include "base/files/file_util.h"

#include "base/files/scoped_file.h"

#include "base/logging.h"

@@ -315,6 +316,11 @@ void CronetURLRequestContextAdapter::InitializeOnNetworkThread(

http_server_properties_manager.Pass());

}

+ // Explicitly disable the persister for Cronet to avoid persistence of dynamic

+ // HPKP. This is a safety measure ensuring that nobody enables the persistence

+ // of HPKP by specifying transport_security_persister_path in the future.

+ context_builder.set_transport_security_persister_path(base::FilePath());

context_ = context_builder.Build().Pass();

default_load_flags_ = net::LOAD_DO_NOT_SAVE_COOKIES |

@@ -375,6 +381,27 @@ void CronetURLRequestContextAdapter::InitializeOnNetworkThread(

}

+ // Iterate through HPKP configuration for every host.

+ for (const auto& hpkp : config->hpkp_list) {

+ // Convert the vector of hash strings from the config to

+ // a vector of HashValue objects.

+ net::HashValueVector hash_value_vector;

+ for (const auto& hash : hpkp->pin_hashes) {

+ auto hash_value = net::HashValue(net::HASH_VALUE_SHA256);

+ bool good_hash = hash_value.FromString(*hash);

+ if (good_hash) {

+ hash_value_vector.push_back(hash_value);

+ } else {

+ LOG(WARNING) << "Unable to add hash value " << *hash;

+ }

+ // Add the host pinning.

+ context_->transport_security_state()->AddHPKP(

+ hpkp->host, hpkp->expiration_date, hpkp->include_subdomains,

+ hash_value_vector, GURL::EmptyGURL());

+ }

JNIEnv* env = base::android::AttachCurrentThread();

jcronet_url_request_context_.Reset(env, jcronet_url_request_context.obj());

Java_CronetUrlRequestContext_initNetworkThread(