Certificate Transparency: New component for obtaining fresh STHs.

chrome/browser/component_updater/sth_set_component_installer.h

+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_COMPONENT_UPDATER_STH_SET_COMPONENT_INSTALLER_H_
+#define CHROME_BROWSER_COMPONENT_UPDATER_STH_SET_COMPONENT_INSTALLER_H_
+
+#include <stdint.h>
+
+#include <string>
+#include <vector>
+
+#include "base/gtest_prod_util.h"
+#include "base/memory/scoped_ptr.h"
+#include "components/component_updater/default_component_installer.h"
+
+namespace base {
+class FilePath;
+class Value;
+}  // namespace base
+
+namespace net {
+namespace ct {
+class STHObserver;
+}  // namespace ct
+}  // namespace net
+
+namespace component_updater {
+
+class ComponentUpdateService;
+
+// Component for receiving Signed Tree Heads updates for Certificate
+// Transparency logs recognized in Chrome.
+// The STHs are in JSON format.
+// To identify the log each STH belongs to, the name of the file is
+// hex-encoded Log ID of the log that produced this STH.
+//
+// Instead, notifications of each of the new STHs are sent to the

[waffles, 2016/04/07 13:30:49]

Instead of what? (Maybe just eliminate "instead".)

[Eran Messeri, 2016/04/07 16:37:59]

Done.

+// net::ct::STHObserver, so that it can take appropriate steps, including
+// possible persistence.
+class STHSetComponentInstallerTraits : public ComponentInstallerTraits {
+ public:
+  // The |sth_distributor| will be notified each time a new STH is observed.
+  explicit STHSetComponentInstallerTraits(
+      scoped_ptr<net::ct::STHObserver> sth_observer);
+  ~STHSetComponentInstallerTraits() override;
+
+ private:
+  friend class STHSetComponentInstallerTest;
+  FRIEND_TEST_ALL_PREFIXES(STHSetComponentInstallerTest, CanLoadAllSTHs);
+  FRIEND_TEST_ALL_PREFIXES(STHSetComponentInstallerTest,
+                           DoesNotLoadInvalidJSON);
+  FRIEND_TEST_ALL_PREFIXES(STHSetComponentInstallerTest,
+                           DoesNotLoadValidJSONFromFileNotHexEncoded);
+
+  // The following methods override ComponentInstallerTraits.
+  bool CanAutoUpdate() const override;
+  bool RequiresNetworkEncryption() const override;
+  bool OnCustomInstall(const base::DictionaryValue& manifest,
+                       const base::FilePath& install_dir) override;
+  bool VerifyInstallation(const base::DictionaryValue& manifest,
+                          const base::FilePath& install_dir) const override;
+  void ComponentReady(const base::Version& version,
+                      const base::FilePath& install_dir,
+                      scoped_ptr<base::DictionaryValue> manifest) override;
+  base::FilePath GetBaseDirectory() const override;
+  void GetHash(std::vector<uint8_t>* hash) const override;
+  std::string GetName() const override;
+
+  static base::FilePath GetInstalledPath(const base::FilePath& base);
+
+  // Reads and parses the on-disk json.
+  void LoadSTHsFromDisk(const base::FilePath& sths_file_path,
+                        const base::Version& version);
+
+  // Handle successful parsing of JSON by distributing the new STH.
+  void OnJsonParseSuccess(std::string log_id,

[Sorin Jianu, 2016/04/07 15:49:48]

maybe pass be reference to const instead of by value?

[Eran Messeri, 2016/04/07 16:37:59]

Done.

+                          scoped_ptr<base::Value> parsed_json);
+
+  // STH parsing failed - do nothing.
+  void OnJsonParseError(std::string log_id, const std::string& error);

[Sorin Jianu, 2016/04/07 15:49:49]

same

[Eran Messeri, 2016/04/07 16:37:59]

Done.

+
+  scoped_ptr<net::ct::STHObserver> sth_observer_;
+
+  DISALLOW_COPY_AND_ASSIGN(STHSetComponentInstallerTraits);
+};
+
+void RegisterSTHSetComponent(ComponentUpdateService* cus,
+                             const base::FilePath& user_data_dir);
+
+}  // namespace component_updater
+
+#endif  // CHROME_BROWSER_COMPONENT_UPDATER_STH_SET_COMPONENT_INSTALLER_H_