-
Notifications
You must be signed in to change notification settings - Fork 6.7k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Control key pinning enforcement using a feature flag
Adds a feature flag that will be used to control static pinning enforcement. Flag is enabled by default on all platforms that currently enforce KP, and disabled by default on Android (where KP is currently not enforced). This also removes the BUILDFLAG check that disables KP on Android. This flag will be used to control the launch of KP enforcement on and can also serve as a killswitch for pinning. This CL also adds a timestamp in transport_security_static.pins, which is now used for freshness calculations (since BUILD_DATE cannot be reliably used on Android). Change-Id: Ib7564990ae153b775e5cc722d022cc420e022740 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3587708 Reviewed-by: David Benjamin <davidben@chromium.org> Auto-Submit: Carlos IL <carlosil@chromium.org> Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org> Reviewed-by: Kunihiko Sakamoto <ksakamoto@chromium.org> Commit-Queue: Carlos IL <carlosil@chromium.org> Reviewed-by: Clark DuVall <cduvall@chromium.org> Cr-Commit-Position: refs/heads/main@{#1002453}
- Loading branch information
1 parent
4256ab5
commit f12eac9
Showing
24 changed files
with
376 additions
and
27 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.