net/http/http_security_headers.cc - Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister

Side by Side Diff: net/http/http_security_headers.cc

Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: rebase Created 5 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "base/base64.h"	5 #include "base/base64.h"

6 #include "base/basictypes.h"	6 #include "base/basictypes.h"

7 #include "base/strings/string_number_conversions.h"	7 #include "base/strings/string_number_conversions.h"

8 #include "base/strings/string_tokenizer.h"	8 #include "base/strings/string_tokenizer.h"

9 #include "base/strings/string_util.h"	9 #include "base/strings/string_util.h"

10 #include "net/http/http_security_headers.h"	10 #include "net/http/http_security_headers.h"

(...skipping 74 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
85 if (pins.size() < 2)	85 if (pins.size() < 2)

86 return false;	86 return false;

87	87

88 if (from_cert_chain.empty())	88 if (from_cert_chain.empty())

89 return false;	89 return false;

90	90

91 return IsBackupPinPresent(pins, from_cert_chain) &&	91 return IsBackupPinPresent(pins, from_cert_chain) &&

92 HashesIntersect(pins, from_cert_chain);	92 HashesIntersect(pins, from_cert_chain);

93 }	93 }

94	94

95 std::string Strip(const std::string& source) {

96 if (source.empty())

97 return source;

98

99 std::string::const_iterator start = source.begin();

100 std::string::const_iterator end = source.end();

101 HttpUtil::TrimLWS(&start, &end);

102 return std::string(start, end);

103 }

104

105 typedef std::pair<std::string, std::string> StringPair;

106

107 StringPair Split(const std::string& source, char delimiter) {

108 StringPair pair;

109 size_t point = source.find(delimiter);

110

111 pair.first = source.substr(0, point);

112 if (std::string::npos != point)

113 pair.second = source.substr(point + 1);

114

115 return pair;

116 }

117

118 bool ParseAndAppendPin(const std::string& value,	95 bool ParseAndAppendPin(const std::string& value,

119 HashValueTag tag,	96 HashValueTag tag,

120 HashValueVector* hashes) {	97 HashValueVector* hashes) {

121 // Pins are always quoted.	98 // Pins are always quoted.

122 if (value.empty() \|\| !HttpUtil::IsQuote(value[0]))	99 if (value.empty() \|\| !HttpUtil::IsQuote(value[0]))

123 return false;	100 return false;

124	101

125 std::string unquoted = HttpUtil::Unquote(value);	102 std::string unquoted = HttpUtil::Unquote(value);

126 if (unquoted.empty())	103 if (unquoted.empty())

127 return false;	104 return false;

(...skipping 138 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
266 case START:	243 case START:

267 case AFTER_MAX_AGE_LABEL:	244 case AFTER_MAX_AGE_LABEL:

268 case AFTER_MAX_AGE_EQUALS:	245 case AFTER_MAX_AGE_EQUALS:

269 return false;	246 return false;

270 default:	247 default:

271 NOTREACHED();	248 NOTREACHED();

272 return false;	249 return false;

273 }	250 }

274 }	251 }

275	252

276 // "Public-Key-Pins" ":"	253 // "Public-Key-Pins[-Report-Only]" ":"

277 // "max-age" "=" delta-seconds ";"	254 // "max-age" "=" delta-seconds ";"

278 // "pin-" algo "=" base64 [ ";" ... ]	255 // "pin-" algo "=" base64 [ ";" ... ]

	256 // [ ";" "includeSubdomains" ]

	257 // [ ";" "report-uri" "=" uri-reference ]

279 bool ParseHPKPHeader(const std::string& value,	258 bool ParseHPKPHeader(const std::string& value,

280 const HashValueVector& chain_hashes,	259 const HashValueVector& chain_hashes,

281 base::TimeDelta* max_age,	260 base::TimeDelta* max_age,

282 bool* include_subdomains,	261 bool* include_subdomains,

283 HashValueVector* hashes) {	262 HashValueVector* hashes,

	263 std::string* report_uri) {

284 bool parsed_max_age = false;	264 bool parsed_max_age = false;

285 bool include_subdomains_candidate = false;	265 bool include_subdomains_candidate = false;

286 uint32 max_age_candidate = 0;	266 uint32 max_age_candidate = 0;

287 HashValueVector pins;	267 HashValueVector pins;

288	268

289 std::string source = value;	269 HttpUtil::NameValuePairsIterator name_value_pairs(

	270 value.begin(), value.end(), ';',

	271 HttpUtil::NameValuePairsIterator::VALUES_OPTIONAL);

290	272

291 while (!source.empty()) {	273 while (name_value_pairs.GetNext()) {

292 StringPair semicolon = Split(source, ';');	274 if (base::LowerCaseEqualsASCII(name_value_pairs.name(), "max-age")) {

293 semicolon.first = Strip(semicolon.first);	275 if (name_value_pairs.value().empty() \|\|

294 semicolon.second = Strip(semicolon.second);	276 !MaxAgeToInt(name_value_pairs.value_begin(),

295 StringPair equals = Split(semicolon.first, '=');	277 name_value_pairs.value_end(), &max_age_candidate)) {

296 equals.first = Strip(equals.first);

297 equals.second = Strip(equals.second);

298

299 if (base::LowerCaseEqualsASCII(equals.first, "max-age")) {

300 if (equals.second.empty() \|\|

301 !MaxAgeToInt(equals.second.begin(), equals.second.end(),

302 &max_age_candidate)) {

303 return false;	278 return false;

304 }	279 }

305 parsed_max_age = true;	280 parsed_max_age = true;

306 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha1")) {	281 } else if (base::LowerCaseEqualsASCII(name_value_pairs.name(),

307 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA1, &pins))	282 "pin-sha1")) {

	283 if (!ParseAndAppendPin(name_value_pairs.raw_value(), HASH_VALUE_SHA1,

	284 &pins)) {

308 return false;	285 return false;

309 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha256")) {	286 }

310 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA256, &pins))	287 } else if (base::LowerCaseEqualsASCII(name_value_pairs.name(),

	288 "pin-sha256")) {

	289 if (!ParseAndAppendPin(name_value_pairs.raw_value(), HASH_VALUE_SHA256,

	290 &pins)) {

311 return false;	291 return false;

312 } else if (base::LowerCaseEqualsASCII(equals.first, "includesubdomains")) {	292 }

	293 } else if (base::LowerCaseEqualsASCII(name_value_pairs.name(),

	294 "includesubdomains")) {

313 include_subdomains_candidate = true;	295 include_subdomains_candidate = true;

	296 } else if (base::LowerCaseEqualsASCII(name_value_pairs.name(),

	297 "report-uri")) {

	298 // report-uris are always quoted.

	299 if (name_value_pairs.raw_value().empty() \|\|

	300 !HttpUtil::IsQuote(name_value_pairs.raw_value()[0]) \|\|
	davidben 2015/07/15 22:21:06 Maybe expose value_is_quoted() out of NameValuePai Maybe expose value_is_quoted() out of NameValuePairsIterator. Then this can just be. if (!name_value_pairs.value_is_quoted()) return false; report_uri = name_value_pairs.value(); if (report_uri->empty()) return false; [] Hrm. I bet we should be using base::StringPiece now. Not for this CL though. "Oh, by the way, while you're here, how about you refactor the universe?" is not actually reasonable. :-) estark 2015/07/16 00:07:01 Done. Show quoted text On 2015/07/15 22:21:06, David Benjamin wrote: > Maybe expose value_is_quoted() out of NameValuePairsIterator. Then this can just > be. > > if (!name_value_pairs.value_is_quoted()) > return false; > report_uri = name_value_pairs.value(); > if (report_uri->empty()) > return false; > > > [] Hrm. I bet we should be using base::StringPiece now. Not for this CL though. > "Oh, by the way, while you're here, how about you refactor the universe?" is not > actually reasonable. :-) Done.
	301 name_value_pairs.raw_value()[0] !=

	302 *name_value_pairs.raw_value().rbegin()) {

	303 return false;

	304 }

	305

	306 *report_uri = HttpUtil::Unquote(name_value_pairs.value());
	davidben 2015/07/15 22:21:06 Bug? I think this should be Unquote(raw_value) or Bug? I think this should be Unquote(raw_value) or just value. estark 2015/07/16 00:07:00 Done. Show quoted text On 2015/07/15 22:21:06, David Benjamin wrote: > Bug? I think this should be Unquote(raw_value) or just value. Done.
	307 if (report_uri->empty())

	308 return false;

314 } else {	309 } else {

315 // Silently ignore unknown directives for forward compatibility.	310 // Silently ignore unknown directives for forward compatibility.

316 }	311 }

	312 }

317	313

318 source = semicolon.second;	314 if (!name_value_pairs.valid())

319 }	315 return false;

320	316

321 if (!parsed_max_age)	317 if (!parsed_max_age)

322 return false;	318 return false;

323	319

324 if (!IsPinListValid(pins, chain_hashes))	320 if (!IsPinListValid(pins, chain_hashes))

325 return false;	321 return false;

326	322

327 *max_age = base::TimeDelta::FromSeconds(max_age_candidate);	323 *max_age = base::TimeDelta::FromSeconds(max_age_candidate);

328 *include_subdomains = include_subdomains_candidate;	324 *include_subdomains = include_subdomains_candidate;

329 hashes->swap(pins);	325 hashes->swap(pins);

330	326

331 return true;	327 return true;

332 }	328 }

333	329

334 } // namespace net	330 } // namespace net

OLD	NEW

« no previous file with comments | « net/http/http_security_headers.h ('k') | net/http/http_security_headers_unittest.cc » ('j') | net/http/http_util.cc » ('J')