net/http/http_security_headers.cc - Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister

Side by Side Diff: net/http/http_security_headers.cc

Issue 1211363005: Parse HPKP report-uri and persist in TransportSecurityPersister (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: minor cleanup Created 5 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "base/base64.h"	5 #include "base/base64.h"

6 #include "base/basictypes.h"	6 #include "base/basictypes.h"

7 #include "base/strings/string_number_conversions.h"	7 #include "base/strings/string_number_conversions.h"

8 #include "base/strings/string_tokenizer.h"	8 #include "base/strings/string_tokenizer.h"

9 #include "base/strings/string_util.h"	9 #include "base/strings/string_util.h"

10 #include "net/http/http_security_headers.h"	10 #include "net/http/http_security_headers.h"

(...skipping 255 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
266 case START:	266 case START:

267 case AFTER_MAX_AGE_LABEL:	267 case AFTER_MAX_AGE_LABEL:

268 case AFTER_MAX_AGE_EQUALS:	268 case AFTER_MAX_AGE_EQUALS:

269 return false;	269 return false;

270 default:	270 default:

271 NOTREACHED();	271 NOTREACHED();

272 return false;	272 return false;

273 }	273 }

274 }	274 }

275	275

276 // "Public-Key-Pins" ":"	276 // "Public-Key-Pins[-Report-Only]" ":"

277 // "max-age" "=" delta-seconds ";"	277 // "max-age" "=" delta-seconds ";"

278 // "pin-" algo "=" base64 [ ";" ... ]	278 // "pin-" algo "=" base64 [ ";" ... ]

	279 // [ ";" "includeSubdomains" ]

	280 // [ ";" "report-uri" "=" uri-reference ]

279 bool ParseHPKPHeader(const std::string& value,	281 bool ParseHPKPHeader(const std::string& value,

280 const HashValueVector& chain_hashes,	282 const HashValueVector& chain_hashes,

281 base::TimeDelta* max_age,	283 base::TimeDelta* max_age,

282 bool* include_subdomains,	284 bool* include_subdomains,

283 HashValueVector* hashes) {	285 HashValueVector* hashes,

	286 std::string* report_uri) {

284 bool parsed_max_age = false;	287 bool parsed_max_age = false;

285 bool include_subdomains_candidate = false;	288 bool include_subdomains_candidate = false;

286 uint32 max_age_candidate = 0;	289 uint32 max_age_candidate = 0;

287 HashValueVector pins;	290 HashValueVector pins;

288	291

289 std::string source = value;	292 std::string source = value;

290	293

291 while (!source.empty()) {	294 while (!source.empty()) {

292 StringPair semicolon = Split(source, ';');	295 StringPair semicolon = Split(source, ';');

293 semicolon.first = Strip(semicolon.first);	296 semicolon.first = Strip(semicolon.first);

(...skipping 10 matching lines...) Expand all Loading...
304 }	307 }

305 parsed_max_age = true;	308 parsed_max_age = true;

306 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha1")) {	309 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha1")) {

307 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA1, &pins))	310 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA1, &pins))

308 return false;	311 return false;

309 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha256")) {	312 } else if (base::LowerCaseEqualsASCII(equals.first, "pin-sha256")) {

310 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA256, &pins))	313 if (!ParseAndAppendPin(equals.second, HASH_VALUE_SHA256, &pins))

311 return false;	314 return false;

312 } else if (base::LowerCaseEqualsASCII(equals.first, "includesubdomains")) {	315 } else if (base::LowerCaseEqualsASCII(equals.first, "includesubdomains")) {

313 include_subdomains_candidate = true;	316 include_subdomains_candidate = true;

	317 } else if (base::LowerCaseEqualsASCII(equals.first, "report-uri")) {

	318 // report-uris are always quoted.

	319 if (!HttpUtil::IsQuote(equals.second[0]))
	Ryan Sleevi 2015/06/26 19:41:52 SECURITY BUG: equals.second.empty() may be true, i SECURITY BUG: equals.second.empty() may be true, in which case, [0] is an invalid access. (See line 300) estark 2015/06/26 22:42:11 Done. Show quoted text On 2015/06/26 19:41:52, Ryan Sleevi (slow through 7-15 wrote: > SECURITY BUG: equals.second.empty() may be true, in which case, [0] is an > invalid access. > > (See line 300) Done.
	320 return false;

	321

	322 // TODO(estark): Handle relative URLs here.

	323 *report_uri = HttpUtil::Unquote(equals.second);

	324 if (report_uri->empty())

	325 return false;

314 } else {	326 } else {

315 // Silently ignore unknown directives for forward compatibility.	327 // Silently ignore unknown directives for forward compatibility.

316 }	328 }

317	329

318 source = semicolon.second;	330 source = semicolon.second;

319 }	331 }

320	332

321 if (!parsed_max_age)	333 if (!parsed_max_age)

322 return false;	334 return false;

323	335

324 if (!IsPinListValid(pins, chain_hashes))	336 if (!IsPinListValid(pins, chain_hashes))

325 return false;	337 return false;

326	338

327 *max_age = base::TimeDelta::FromSeconds(max_age_candidate);	339 *max_age = base::TimeDelta::FromSeconds(max_age_candidate);

328 *include_subdomains = include_subdomains_candidate;	340 *include_subdomains = include_subdomains_candidate;

329 hashes->swap(pins);	341 hashes->swap(pins);

330	342

331 return true;	343 return true;

332 }	344 }

333	345

334 } // namespace net	346 } // namespace net

OLD	NEW

« no previous file with comments | « net/http/http_security_headers.h ('k') | net/http/http_security_headers_unittest.cc » ('j') | net/http/http_security_headers_unittest.cc » ('J')