OLD | NEW |
---|---|
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
11 #include <vector> | 11 #include <vector> |
12 | 12 |
13 #include "base/basictypes.h" | 13 #include "base/basictypes.h" |
Ryan Sleevi
2015/06/26 20:08:58
This should probably be <stdint.h> (noticed when y
estark
2015/07/09 21:45:26
Done.
| |
14 #include "base/gtest_prod_util.h" | 14 #include "base/gtest_prod_util.h" |
15 #include "base/threading/non_thread_safe.h" | 15 #include "base/threading/non_thread_safe.h" |
16 #include "base/time/time.h" | 16 #include "base/time/time.h" |
17 #include "net/base/net_export.h" | 17 #include "net/base/net_export.h" |
18 #include "net/cert/x509_cert_types.h" | 18 #include "net/cert/x509_cert_types.h" |
19 #include "net/cert/x509_certificate.h" | 19 #include "net/cert/x509_certificate.h" |
20 | 20 |
21 namespace net { | 21 namespace net { |
22 | 22 |
23 class SSLInfo; | 23 class SSLInfo; |
(...skipping 14 matching lines...) Expand all Loading... | |
38 class NET_EXPORT Delegate { | 38 class NET_EXPORT Delegate { |
39 public: | 39 public: |
40 // This function may not block and may be called with internal locks held. | 40 // This function may not block and may be called with internal locks held. |
41 // Thus it must not reenter the TransportSecurityState object. | 41 // Thus it must not reenter the TransportSecurityState object. |
42 virtual void StateIsDirty(TransportSecurityState* state) = 0; | 42 virtual void StateIsDirty(TransportSecurityState* state) = 0; |
43 | 43 |
44 protected: | 44 protected: |
45 virtual ~Delegate() {} | 45 virtual ~Delegate() {} |
46 }; | 46 }; |
47 | 47 |
48 TransportSecurityState(); | |
49 ~TransportSecurityState(); | |
50 | |
51 // A DomainState describes the transport security state (required upgrade | 48 // A DomainState describes the transport security state (required upgrade |
52 // to HTTPS, and/or any public key pins). | 49 // to HTTPS, and/or any public key pins). |
53 // | 50 // |
54 // TODO(davidben): STSState and PKPState are queried and processed | 51 // TODO(davidben): STSState and PKPState are queried and processed |
55 // independently (with the exception of ShouldSSLErrorsBeFatal triggering on | 52 // independently (with the exception of ShouldSSLErrorsBeFatal triggering on |
56 // both and on-disk storage). DomainState should be split into the | 53 // both and on-disk storage). DomainState should be split into the |
57 // two. https://crbug.com/470295. | 54 // two. https://crbug.com/470295. |
58 class NET_EXPORT DomainState { | 55 class NET_EXPORT DomainState { |
59 public: | 56 public: |
60 enum UpgradeMode { | 57 enum UpgradeMode { |
(...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
163 bool HasNext() const { return iterator_ != end_; } | 160 bool HasNext() const { return iterator_ != end_; } |
164 void Advance() { ++iterator_; } | 161 void Advance() { ++iterator_; } |
165 const std::string& hostname() const { return iterator_->first; } | 162 const std::string& hostname() const { return iterator_->first; } |
166 const DomainState& domain_state() const { return iterator_->second; } | 163 const DomainState& domain_state() const { return iterator_->second; } |
167 | 164 |
168 private: | 165 private: |
169 std::map<std::string, DomainState>::const_iterator iterator_; | 166 std::map<std::string, DomainState>::const_iterator iterator_; |
170 std::map<std::string, DomainState>::const_iterator end_; | 167 std::map<std::string, DomainState>::const_iterator end_; |
171 }; | 168 }; |
172 | 169 |
170 class NET_EXPORT Reporter { | |
171 public: | |
172 virtual ~Reporter() {} | |
Ryan Sleevi
2015/06/26 20:08:58
Is ownership of the reporter transferred?
If not,
estark
2015/07/09 21:45:26
Done.
| |
173 | |
174 // Returns true if a violation report should be sent for the host in | |
175 // the given |pkp_state|, and returns the report destination URI in | |
176 // |report_uri|. Returns false if a report should not be sent. | |
177 virtual bool GetHPKPReportUri(const DomainState::PKPState& pkp_state, | |
178 GURL* report_uri) = 0; | |
Ryan Sleevi
2015/06/26 20:08:58
It's unclear why this is a property of the Reporte
Ryan Sleevi
2015/06/26 20:17:15
Bah, bad spec language. I can't tell if I'm lying
estark
2015/07/09 21:45:26
I read Section 2.1 #2 as meaning that there should
estark
2015/07/09 21:45:26
Yes, that's the reason. Done.
| |
179 | |
180 // Builds a serialized HPKP violation report in | |
181 // |serialized_report|. Returns true on success and false on | |
182 // failure. | |
183 virtual bool BuildHPKPReport( | |
184 const std::string& hostname, | |
185 uint16_t port, | |
186 const base::Time& expiry, | |
187 bool include_subdomains, | |
188 const std::string& effective_hostname, | |
Ryan Sleevi
2015/06/26 20:08:58
Should provide a bit of documentation about these
estark
2015/07/09 21:45:26
Done.
| |
189 const scoped_refptr<X509Certificate>& served_certificate_chain, | |
190 const scoped_refptr<X509Certificate>& validated_certificate_chain, | |
Ryan Sleevi
2015/06/26 20:08:58
You should be able to pass these just as naked X50
estark
2015/07/09 21:45:26
Done.
| |
191 const HashValueVector& spki_hashes, | |
192 std::string* serialized_report) = 0; | |
193 | |
194 // Sends the given serialized |report| to |report_uri|. | |
195 virtual void SendHPKPReport(const GURL& report_uri, | |
196 const std::string& report) = 0; | |
197 }; | |
198 | |
199 TransportSecurityState(); | |
200 ~TransportSecurityState(); | |
201 | |
173 // These functions search for static and dynamic DomainStates, and invoke the | 202 // These functions search for static and dynamic DomainStates, and invoke the |
174 // functions of the same name on them. These functions are the primary public | 203 // functions of the same name on them. These functions are the primary public |
175 // interface; direct access to DomainStates is best left to tests. | 204 // interface; direct access to DomainStates is best left to tests. |
176 bool ShouldSSLErrorsBeFatal(const std::string& host); | 205 bool ShouldSSLErrorsBeFatal(const std::string& host); |
177 bool ShouldUpgradeToSSL(const std::string& host); | 206 bool ShouldUpgradeToSSL(const std::string& host); |
178 bool CheckPublicKeyPins(const std::string& host, | 207 bool CheckPublicKeyPins(const std::string& host, |
179 bool is_issued_by_known_root, | 208 bool is_issued_by_known_root, |
180 const HashValueVector& hashes, | 209 const HashValueVector& hashes, |
181 std::string* failure_log); | 210 std::string* failure_log); |
182 bool HasPublicKeyPins(const std::string& host); | 211 bool HasPublicKeyPins(const std::string& host); |
183 | 212 |
184 // Assign a |Delegate| for persisting the transport security state. If | 213 // Assign a |Delegate| for persisting the transport security state. If |
185 // |NULL|, state will not be persisted. The caller retains | 214 // |NULL|, state will not be persisted. The caller retains |
186 // ownership of |delegate|. | 215 // ownership of |delegate|. |
187 // Note: This is only used for serializing/deserializing the | 216 // Note: This is only used for serializing/deserializing the |
188 // TransportSecurityState. | 217 // TransportSecurityState. |
189 void SetDelegate(Delegate* delegate); | 218 void SetDelegate(Delegate* delegate); |
190 | 219 |
220 void SetReporter(Reporter* reporter); | |
221 | |
191 // Clears all dynamic data (e.g. HSTS and HPKP data). | 222 // Clears all dynamic data (e.g. HSTS and HPKP data). |
192 // | 223 // |
193 // Does NOT persist changes using the Delegate, as this function is only | 224 // Does NOT persist changes using the Delegate, as this function is only |
194 // used to clear any dynamic data prior to re-loading it from a file. | 225 // used to clear any dynamic data prior to re-loading it from a file. |
195 // Note: This is only used for serializing/deserializing the | 226 // Note: This is only used for serializing/deserializing the |
196 // TransportSecurityState. | 227 // TransportSecurityState. |
197 void ClearDynamicData(); | 228 void ClearDynamicData(); |
198 | 229 |
199 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|. | 230 // Inserts |state| into |enabled_hosts_| under the key |hashed_host|. |
200 // |hashed_host| is already in the internal representation. | 231 // |hashed_host| is already in the internal representation. |
(...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
324 // The new state for |host| is persisted using the Delegate (if any). | 355 // The new state for |host| is persisted using the Delegate (if any). |
325 void EnableHost(const std::string& host, const DomainState& state); | 356 void EnableHost(const std::string& host, const DomainState& state); |
326 | 357 |
327 // The set of hosts that have enabled TransportSecurity. |sts.domain| and | 358 // The set of hosts that have enabled TransportSecurity. |sts.domain| and |
328 // |pkp.domain| will always be empty for a DomainState in this map; the domain | 359 // |pkp.domain| will always be empty for a DomainState in this map; the domain |
329 // comes from the map key instead. | 360 // comes from the map key instead. |
330 DomainStateMap enabled_hosts_; | 361 DomainStateMap enabled_hosts_; |
331 | 362 |
332 Delegate* delegate_; | 363 Delegate* delegate_; |
333 | 364 |
365 Reporter* reporter_; | |
366 | |
334 // True if static pins should be used. | 367 // True if static pins should be used. |
335 bool enable_static_pins_; | 368 bool enable_static_pins_; |
336 | 369 |
337 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 370 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
338 }; | 371 }; |
339 | 372 |
340 } // namespace net | 373 } // namespace net |
341 | 374 |
342 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 375 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |