| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/http/transport_security_state.h" | 5 #include "net/http/transport_security_state.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 357 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 368 uint32_t domain_id; | 368 uint32_t domain_id; |
| 369 // hostname_offset contains the number of bytes from the start of the given | 369 // hostname_offset contains the number of bytes from the start of the given |
| 370 // hostname where the name of the matching entry starts. | 370 // hostname where the name of the matching entry starts. |
| 371 size_t hostname_offset; | 371 size_t hostname_offset; |
| 372 bool sts_include_subdomains; | 372 bool sts_include_subdomains; |
| 373 bool pkp_include_subdomains; | 373 bool pkp_include_subdomains; |
| 374 bool force_https; | 374 bool force_https; |
| 375 bool has_pins; | 375 bool has_pins; |
| 376 bool expect_ct; | 376 bool expect_ct; |
| 377 uint32_t expect_ct_report_uri_id; | 377 uint32_t expect_ct_report_uri_id; |
| 378 bool expect_staple; |
| 379 bool expect_staple_include_subdomains; |
| 380 uint32_t expect_staple_report_uri_id; |
| 378 }; | 381 }; |
| 379 | 382 |
| 380 // DecodeHSTSPreloadRaw resolves |hostname| in the preloaded data. It returns | 383 // DecodeHSTSPreloadRaw resolves |hostname| in the preloaded data. It returns |
| 381 // false on internal error and true otherwise. After a successful return, | 384 // false on internal error and true otherwise. After a successful return, |
| 382 // |*out_found| is true iff a relevant entry has been found. If so, |*out| | 385 // |*out_found| is true iff a relevant entry has been found. If so, |*out| |
| 383 // contains the details. | 386 // contains the details. |
| 384 // | 387 // |
| 385 // Don't call this function, call DecodeHSTSPreload, below. | 388 // Don't call this function, call DecodeHSTSPreload, below. |
| 386 // | 389 // |
| 387 // Although this code should be robust, it never processes attacker-controlled | 390 // Although this code should be robust, it never processes attacker-controlled |
| (...skipping 115 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 503 } | 506 } |
| 504 | 507 |
| 505 if (!reader.Next(&tmp.expect_ct)) | 508 if (!reader.Next(&tmp.expect_ct)) |
| 506 return false; | 509 return false; |
| 507 | 510 |
| 508 if (tmp.expect_ct) { | 511 if (tmp.expect_ct) { |
| 509 if (!reader.Read(4, &tmp.expect_ct_report_uri_id)) | 512 if (!reader.Read(4, &tmp.expect_ct_report_uri_id)) |
| 510 return false; | 513 return false; |
| 511 } | 514 } |
| 512 | 515 |
| 516 if (!reader.Next(&tmp.expect_staple)) |
| 517 return false; |
| 518 tmp.expect_staple_include_subdomains = false; |
| 519 if (tmp.expect_staple) { |
| 520 if (!reader.Next(&tmp.expect_staple_include_subdomains)) |
| 521 return false; |
| 522 if (!reader.Read(4, &tmp.expect_staple_report_uri_id)) |
| 523 return false; |
| 524 } |
| 525 |
| 513 tmp.hostname_offset = hostname_offset; | 526 tmp.hostname_offset = hostname_offset; |
| 514 | 527 |
| 515 if (hostname_offset == 0 || hostname[hostname_offset - 1] == '.') { | 528 if (hostname_offset == 0 || hostname[hostname_offset - 1] == '.') { |
| 516 *out_found = tmp.sts_include_subdomains || tmp.pkp_include_subdomains; | 529 *out_found = tmp.sts_include_subdomains || |
| 530 tmp.pkp_include_subdomains || |
| 531 tmp.expect_staple_include_subdomains; |
| 517 *out = tmp; | 532 *out = tmp; |
| 518 | 533 |
| 519 if (hostname_offset > 0) { | 534 if (hostname_offset > 0) { |
| 520 out->force_https &= tmp.sts_include_subdomains; | 535 out->force_https &= tmp.sts_include_subdomains; |
| 521 } else { | 536 } else { |
| 522 *out_found = true; | 537 *out_found = true; |
| 523 return true; | 538 return true; |
| 524 } | 539 } |
| 525 } | 540 } |
| 526 | 541 |
| (...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 697 if (report_sender_) | 712 if (report_sender_) |
| 698 report_sender_->SetErrorCallback(base::Bind(RecordUMAForHPKPReportFailure)); | 713 report_sender_->SetErrorCallback(base::Bind(RecordUMAForHPKPReportFailure)); |
| 699 } | 714 } |
| 700 | 715 |
| 701 void TransportSecurityState::SetExpectCTReporter( | 716 void TransportSecurityState::SetExpectCTReporter( |
| 702 ExpectCTReporter* expect_ct_reporter) { | 717 ExpectCTReporter* expect_ct_reporter) { |
| 703 DCHECK(CalledOnValidThread()); | 718 DCHECK(CalledOnValidThread()); |
| 704 expect_ct_reporter_ = expect_ct_reporter; | 719 expect_ct_reporter_ = expect_ct_reporter; |
| 705 } | 720 } |
| 706 | 721 |
| 722 void TransportSecurityState::SetExpectStapleReporter( |
| 723 ExpectStapleReporter* expect_staple_reporter) { |
| 724 DCHECK(CalledOnValidThread()); |
| 725 expect_staple_reporter_ = expect_staple_reporter; |
| 726 } |
| 727 |
| 707 void TransportSecurityState::AddHSTSInternal( | 728 void TransportSecurityState::AddHSTSInternal( |
| 708 const std::string& host, | 729 const std::string& host, |
| 709 TransportSecurityState::STSState::UpgradeMode upgrade_mode, | 730 TransportSecurityState::STSState::UpgradeMode upgrade_mode, |
| 710 const base::Time& expiry, | 731 const base::Time& expiry, |
| 711 bool include_subdomains) { | 732 bool include_subdomains) { |
| 712 DCHECK(CalledOnValidThread()); | 733 DCHECK(CalledOnValidThread()); |
| 713 | 734 |
| 714 STSState sts_state; | 735 STSState sts_state; |
| 715 sts_state.last_observed = base::Time::Now(); | 736 sts_state.last_observed = base::Time::Now(); |
| 716 sts_state.include_subdomains = include_subdomains; | 737 sts_state.include_subdomains = include_subdomains; |
| (...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 849 | 870 |
| 850 if (!enable_static_expect_ct_ || !result.expect_ct) | 871 if (!enable_static_expect_ct_ || !result.expect_ct) |
| 851 return false; | 872 return false; |
| 852 | 873 |
| 853 expect_ct_state->domain = host.substr(result.hostname_offset); | 874 expect_ct_state->domain = host.substr(result.hostname_offset); |
| 854 expect_ct_state->report_uri = | 875 expect_ct_state->report_uri = |
| 855 GURL(kExpectCTReportURIs[result.expect_ct_report_uri_id]); | 876 GURL(kExpectCTReportURIs[result.expect_ct_report_uri_id]); |
| 856 return true; | 877 return true; |
| 857 } | 878 } |
| 858 | 879 |
| 880 bool TransportSecurityState::GetStaticExpectStapleState( |
| 881 const std::string& host, |
| 882 ExpectStapleState* expect_staple_state) const { |
| 883 DCHECK(CalledOnValidThread()); |
| 884 |
| 885 if (!IsBuildTimely()) |
| 886 return false; |
| 887 |
| 888 PreloadResult result; |
| 889 if (!DecodeHSTSPreload(host, &result)) |
| 890 return false; |
| 891 |
| 892 if (!enable_static_expect_staple_ || !result.expect_staple) |
| 893 return false; |
| 894 |
| 895 expect_staple_state->domain = host.substr(result.hostname_offset); |
| 896 expect_staple_state->include_subdomains = |
| 897 result.expect_staple_include_subdomains; |
| 898 expect_staple_state->report_uri = |
| 899 GURL(kExpectStapleReportURIs[result.expect_staple_report_uri_id]); |
| 900 return true; |
| 901 } |
| 902 |
| 859 bool TransportSecurityState::DeleteDynamicDataForHost(const std::string& host) { | 903 bool TransportSecurityState::DeleteDynamicDataForHost(const std::string& host) { |
| 860 DCHECK(CalledOnValidThread()); | 904 DCHECK(CalledOnValidThread()); |
| 861 | 905 |
| 862 const std::string canonicalized_host = CanonicalizeHost(host); | 906 const std::string canonicalized_host = CanonicalizeHost(host); |
| 863 if (canonicalized_host.empty()) | 907 if (canonicalized_host.empty()) |
| 864 return false; | 908 return false; |
| 865 | 909 |
| 866 const std::string hashed_host = HashHost(canonicalized_host); | 910 const std::string hashed_host = HashHost(canonicalized_host); |
| 867 bool deleted = false; | 911 bool deleted = false; |
| 868 STSStateMap::iterator sts_interator = enabled_sts_hosts_.find(hashed_host); | 912 STSStateMap::iterator sts_interator = enabled_sts_hosts_.find(hashed_host); |
| (...skipping 183 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1052 } | 1096 } |
| 1053 | 1097 |
| 1054 ExpectCTState state; | 1098 ExpectCTState state; |
| 1055 if (!GetStaticExpectCTState(host_port_pair.host(), &state)) | 1099 if (!GetStaticExpectCTState(host_port_pair.host(), &state)) |
| 1056 return; | 1100 return; |
| 1057 | 1101 |
| 1058 expect_ct_reporter_->OnExpectCTFailed(host_port_pair, state.report_uri, | 1102 expect_ct_reporter_->OnExpectCTFailed(host_port_pair, state.report_uri, |
| 1059 ssl_info); | 1103 ssl_info); |
| 1060 } | 1104 } |
| 1061 | 1105 |
| 1106 void TransportSecurityState::CheckExpectStaple( |
| 1107 const HostPortPair& host_port_pair, |
| 1108 const SSLInfo& ssl_info) { |
| 1109 DCHECK(CalledOnValidThread()); |
| 1110 if (!expect_staple_reporter_) |
| 1111 return; |
| 1112 if (!IsBuildTimely()) |
| 1113 return; |
| 1114 // TODO: actually check OCSP info |
| 1115 ExpectStapleState state; |
| 1116 if (!GetStaticExpectStapleState(host_port_pair.host(), &state)) |
| 1117 return; |
| 1118 expect_staple_reporter_->OnExpectStapleFailed(host_port_pair, |
| 1119 state.report_uri, ssl_info); |
| 1120 } |
| 1121 |
| 1062 // static | 1122 // static |
| 1063 void TransportSecurityState::ReportUMAOnPinFailure(const std::string& host) { | 1123 void TransportSecurityState::ReportUMAOnPinFailure(const std::string& host) { |
| 1064 PreloadResult result; | 1124 PreloadResult result; |
| 1065 if (!DecodeHSTSPreload(host, &result) || | 1125 if (!DecodeHSTSPreload(host, &result) || |
| 1066 !result.has_pins) { | 1126 !result.has_pins) { |
| 1067 return; | 1127 return; |
| 1068 } | 1128 } |
| 1069 | 1129 |
| 1070 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); | 1130 DCHECK(result.domain_id != DOMAIN_NOT_PINNED); |
| 1071 | 1131 |
| (...skipping 231 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1303 | 1363 |
| 1304 TransportSecurityState::PKPState::PKPState(const PKPState& other) = default; | 1364 TransportSecurityState::PKPState::PKPState(const PKPState& other) = default; |
| 1305 | 1365 |
| 1306 TransportSecurityState::PKPState::~PKPState() { | 1366 TransportSecurityState::PKPState::~PKPState() { |
| 1307 } | 1367 } |
| 1308 | 1368 |
| 1309 TransportSecurityState::ExpectCTState::ExpectCTState() {} | 1369 TransportSecurityState::ExpectCTState::ExpectCTState() {} |
| 1310 | 1370 |
| 1311 TransportSecurityState::ExpectCTState::~ExpectCTState() {} | 1371 TransportSecurityState::ExpectCTState::~ExpectCTState() {} |
| 1312 | 1372 |
| 1373 TransportSecurityState::ExpectStapleState::ExpectStapleState() |
| 1374 : include_subdomains(false) {} |
| 1375 |
| 1376 TransportSecurityState::ExpectStapleState::~ExpectStapleState() {} |
| 1377 |
| 1313 bool TransportSecurityState::PKPState::CheckPublicKeyPins( | 1378 bool TransportSecurityState::PKPState::CheckPublicKeyPins( |
| 1314 const HashValueVector& hashes, | 1379 const HashValueVector& hashes, |
| 1315 std::string* failure_log) const { | 1380 std::string* failure_log) const { |
| 1316 // Validate that hashes is not empty. By the time this code is called (in | 1381 // Validate that hashes is not empty. By the time this code is called (in |
| 1317 // production), that should never happen, but it's good to be defensive. | 1382 // production), that should never happen, but it's good to be defensive. |
| 1318 // And, hashes *can* be empty in some test scenarios. | 1383 // And, hashes *can* be empty in some test scenarios. |
| 1319 if (hashes.empty()) { | 1384 if (hashes.empty()) { |
| 1320 failure_log->append( | 1385 failure_log->append( |
| 1321 "Rejecting empty public key chain for public-key-pinned domains: " + | 1386 "Rejecting empty public key chain for public-key-pinned domains: " + |
| 1322 domain); | 1387 domain); |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1356 TransportSecurityState::PKPStateIterator::PKPStateIterator( | 1421 TransportSecurityState::PKPStateIterator::PKPStateIterator( |
| 1357 const TransportSecurityState& state) | 1422 const TransportSecurityState& state) |
| 1358 : iterator_(state.enabled_pkp_hosts_.begin()), | 1423 : iterator_(state.enabled_pkp_hosts_.begin()), |
| 1359 end_(state.enabled_pkp_hosts_.end()) { | 1424 end_(state.enabled_pkp_hosts_.end()) { |
| 1360 } | 1425 } |
| 1361 | 1426 |
| 1362 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { | 1427 TransportSecurityState::PKPStateIterator::~PKPStateIterator() { |
| 1363 } | 1428 } |
| 1364 | 1429 |
| 1365 } // namespace | 1430 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2040513003:
Implement Expect-Staple (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master