Separate http_security_headers from transport_security_state

net/http/http_security_headers.h

Index: net/http/http_security_headers.h
===================================================================
--- net/http/http_security_headers.h	(revision 0)
+++ net/http/http_security_headers.h	(revision 0)
@@ -0,0 +1,57 @@
+// Copyright (c) 2012 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_HTTP_HTTP_SECURITY_HEADERS_H_
+#define NET_HTTP_HTTP_SECURITY_HEADERS_H_
+
+#include <string>
+
+#include "base/basictypes.h"
+#include "base/gtest_prod_util.h"
+#include "base/time.h"
+#include "base/values.h"
+#include "net/base/hash_value.h"
+#include "net/base/net_export.h"
+
+namespace net {
+
+const int64 kMaxHSTSAgeSecs = 86400 * 365;  // 1 year
+
+// Parses |value| as a Strict-Transport-Security header value. If successful,
+// returns true and sets |*expiry| and |*include_subdomains|.
+// Otherwise returns false and leaves the output parameters unchanged.
+// Interprets the max-age directive relative to |now|.
+//
+// value is the right-hand side of:
+//
+// "Strict-Transport-Security" ":"
+//     [ directive ]  *( ";" [ directive ] )
+bool NET_EXPORT_PRIVATE ParseHSTSHeader(const base::Time& now,
+                                        const std::string& value,
+                                        base::Time* expiry,         // OUT

[Ryan Sleevi, 2012/11/13 19:02:32]

drop the "// OUT"

[unsafe, 2012/11/13 23:20:18]

Done.

+                                        bool* include_subdomains);  // OUT
+
+// Parses |value| as a Public-Key-Pins header value. If successful,
+// returns true and populates the expiry and hashes values.
+// Otherwise returns false and leaves the output parameters unchanged.
+// Interprets the max-age directive relative to |now|.
+// Checks that the header's public key pins overlaps with the SSL chain
+// as specified in chain_hashes.

[Ryan Sleevi, 2012/11/13 19:02:32]

nit: Could you expand on this comment more.

In particular, what does "check" mean in this case

// In order for a Public-Key-Pins header to be valid, at least one pin must be
present in |chain_hashes|. 

(or something like that)


Additionally, it would be good to clarify that |value| is the normalized header
value (eg: coalesced). This is important, as 

Public-Key-Pins: max-age=1234;
Public-Key-Pins: pin-sha1=foo;
Public-Key-Pins: pin-sha256=bar

Is a valid sequence of headers, and is equivalent to

Public-Key-Pins: max-age=1234; pin-sha1=foo; pin-sha256=bar

[palmer, 2012/11/13 19:35:04]

Well, we might decide against allowing coalescing, as we did for HSTS. I am not
sure if I care either way, but consistency with HSTS seems like a good way to
decide.

[unsafe, 2012/11/13 23:20:18]

Expanded the comment more.  Did not say anything about coalescing, as I think
that was resolved against doing it?

+//
+// value is the right-hand side of:
+//
+// "Public-Key-Pins" ":"
+//     "max-age" "=" delta-seconds ";"
+//     "pin-" algo "=" base64 [ ";" ... ]
+bool NET_EXPORT_PRIVATE ParseHPKPHeader(const base::Time& now,
+                                        const std::string& value,
+                                        const HashValueVector& chain_hashes,
+                                        base::Time* expiry,         // OUT
+                                        HashValueVector* hashes);   // OUT
+
+}  // namespace net
+
+
+#endif  // NET_HTTP_HTTP_SECURITY_HEADERS_H_
+