Initial support for HSTS certificate locking. This isn't a finished work, but

net/base/transport_security_state.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_BASE_TRANSPORT_SECURITY_STATE_H_
 #define NET_BASE_TRANSPORT_SECURITY_STATE_H_
 #pragma once
 
 #include <map>
 #include <string>
+#include <vector>
 
 #include "base/basictypes.h"
 #include "base/gtest_prod_util.h"
 #include "base/memory/ref_counted.h"
 #include "base/time.h"
 
 namespace net {
 
+class X509Certificate;
+
 // TransportSecurityState
 //
 // Tracks which hosts have enabled *-Transport-Security. This object manages
 // the in-memory store. A separate object must register itself with this object
 // in order to persist the state to disk.
 class TransportSecurityState :
     public base::RefCountedThreadSafe<TransportSecurityState> {
  public:
   TransportSecurityState();
 
@@ skipping 18 matching lines @@
     DomainState()
         : mode(MODE_STRICT),
           created(base::Time::Now()),
           include_subdomains(false),
           preloaded(false) { }
 
     Mode mode;
     base::Time created;  // when this host entry was first created
     base::Time expiry;  // the absolute time (UTC) when this record expires
     bool include_subdomains;  // subdomains included?
+    std::vector<std::string> cert_locks;  // optional: fingerprint locking

[abarth-chromium, 2011/04/04 22:49:36]

People seem to like the name "pinning" better than locking.

 
     // The follow members are not valid when stored in |enabled_hosts_|.
     bool preloaded;  // is this a preloaded entry?
     std::string domain;  // the domain which matched
   };
 
   // Enable TransportSecurity for |host|.
   void EnableHost(const std::string& host, const DomainState& state);
 
   // Delete any entry for |host|. If |host| doesn't have an exact entry then no
   // action is taken. Returns true iff an entry was deleted.
   bool DeleteHost(const std::string& host);
 
   // Returns true if |host| has TransportSecurity enabled. If that case,
   // *result is filled out.
   bool IsEnabledForHost(DomainState* result, const std::string& host);
 
+  // Returns true if our (optional) stronger certificate authority checks
+  // will accept this signature chain for this domain.
+  bool IsAcceptableCertificate(const std::string& host, X509Certificate* cert);
+
   // Deletes all records created since a given time.
   void DeleteSince(const base::Time& time);
 
   // Returns |true| if |value| parses as a valid *-Transport-Security
   // header value.  The values of max-age and and includeSubDomains are
   // returned in |max_age| and |include_subdomains|, respectively.  The out
   // parameters are not modified if the function returns |false|.
   static bool ParseHeader(const std::string& value,
                           int* max_age,
                           bool* include_subdomains);
@@ skipping 37 matching lines @@
 
   // Our delegate who gets notified when we are dirtied, or NULL.
   Delegate* delegate_;
 
   DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
 };
 
 }  // namespace net
 
 #endif  // NET_BASE_TRANSPORT_SECURITY_STATE_H_