OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
7 | 7 |
8 #include <stdint.h> | 8 #include <stdint.h> |
9 | 9 |
10 #include <map> | 10 #include <map> |
(...skipping 180 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
191 ExpectCTState(); | 191 ExpectCTState(); |
192 ~ExpectCTState(); | 192 ~ExpectCTState(); |
193 | 193 |
194 // The domain which matched during a search for this DomainState entry. | 194 // The domain which matched during a search for this DomainState entry. |
195 std::string domain; | 195 std::string domain; |
196 // The URI to which reports should be sent if valid CT info is not | 196 // The URI to which reports should be sent if valid CT info is not |
197 // provided. | 197 // provided. |
198 GURL report_uri; | 198 GURL report_uri; |
199 }; | 199 }; |
200 | 200 |
| 201 // An ExpectStapleState describes a site that expects valid OCSP information |
| 202 // to be stapled to its certificate on every connection. |
| 203 class NET_EXPORT ExpectStapleState { |
| 204 public: |
| 205 ExpectStapleState(); |
| 206 ~ExpectStapleState(); |
| 207 |
| 208 // The domain which matched during a search for this Expect-Staple entry |
| 209 std::string domain; |
| 210 |
| 211 // The URI reports are sent to if a valid OCSP response is not stapled |
| 212 GURL report_uri; |
| 213 |
| 214 // True if subdomains are subject to this policy |
| 215 bool include_subdomains; |
| 216 }; |
| 217 |
201 // An interface for asynchronously sending HPKP violation reports. | 218 // An interface for asynchronously sending HPKP violation reports. |
202 class NET_EXPORT ReportSender { | 219 class NET_EXPORT ReportSender { |
203 public: | 220 public: |
204 // Sends the given serialized |report| to |report_uri|. | 221 // Sends the given serialized |report| to |report_uri|. |
205 virtual void Send(const GURL& report_uri, const std::string& report) = 0; | 222 virtual void Send(const GURL& report_uri, const std::string& report) = 0; |
206 | 223 |
207 // Sets a callback to be called when report sending fails. | 224 // Sets a callback to be called when report sending fails. |
208 virtual void SetErrorCallback( | 225 virtual void SetErrorCallback( |
209 const base::Callback<void(const GURL&, int)>& error_callback) = 0; | 226 const base::Callback<void(const GURL&, int)>& error_callback) = 0; |
210 | 227 |
(...skipping 10 matching lines...) Expand all Loading... |
221 // reports about Expect CT policy violations sent to |report_uri|, | 238 // reports about Expect CT policy violations sent to |report_uri|, |
222 // and such a violation has occurred. | 239 // and such a violation has occurred. |
223 virtual void OnExpectCTFailed(const net::HostPortPair& host_port_pair, | 240 virtual void OnExpectCTFailed(const net::HostPortPair& host_port_pair, |
224 const GURL& report_uri, | 241 const GURL& report_uri, |
225 const net::SSLInfo& ssl_info) = 0; | 242 const net::SSLInfo& ssl_info) = 0; |
226 | 243 |
227 protected: | 244 protected: |
228 virtual ~ExpectCTReporter() {} | 245 virtual ~ExpectCTReporter() {} |
229 }; | 246 }; |
230 | 247 |
| 248 // An interface for building and asynchronously sending reports when a site |
| 249 // expects to have sent a valid OCSP staple during a TLS handshake, but it |
| 250 // wasn't supplied. |
| 251 class NET_EXPORT ExpectStapleReporter { |
| 252 public: |
| 253 virtual void OnExpectStapleFailed(const net::HostPortPair& host_port_pair, |
| 254 const GURL& report_uri, |
| 255 const net::SSLInfo& ssl_info) = 0; |
| 256 |
| 257 protected: |
| 258 virtual ~ExpectStapleReporter() {} |
| 259 }; |
| 260 |
231 // Indicates whether or not a public key pin check should send a | 261 // Indicates whether or not a public key pin check should send a |
232 // report if a violation is detected. | 262 // report if a violation is detected. |
233 enum PublicKeyPinReportStatus { ENABLE_PIN_REPORTS, DISABLE_PIN_REPORTS }; | 263 enum PublicKeyPinReportStatus { ENABLE_PIN_REPORTS, DISABLE_PIN_REPORTS }; |
234 | 264 |
235 TransportSecurityState(); | 265 TransportSecurityState(); |
236 ~TransportSecurityState(); | 266 ~TransportSecurityState(); |
237 | 267 |
238 // These functions search for static and dynamic STS and PKP states, and | 268 // These functions search for static and dynamic STS and PKP states, and |
239 // invoke the functions of the same name on them. These functions are the | 269 // invoke the functions of the same name on them. These functions are the |
240 // primary public interface; direct access to STS and PKP states is best | 270 // primary public interface; direct access to STS and PKP states is best |
(...skipping 13 matching lines...) Expand all Loading... |
254 // |NULL|, state will not be persisted. The caller retains | 284 // |NULL|, state will not be persisted. The caller retains |
255 // ownership of |delegate|. | 285 // ownership of |delegate|. |
256 // Note: This is only used for serializing/deserializing the | 286 // Note: This is only used for serializing/deserializing the |
257 // TransportSecurityState. | 287 // TransportSecurityState. |
258 void SetDelegate(Delegate* delegate); | 288 void SetDelegate(Delegate* delegate); |
259 | 289 |
260 void SetReportSender(ReportSender* report_sender); | 290 void SetReportSender(ReportSender* report_sender); |
261 | 291 |
262 void SetExpectCTReporter(ExpectCTReporter* expect_ct_reporter); | 292 void SetExpectCTReporter(ExpectCTReporter* expect_ct_reporter); |
263 | 293 |
| 294 void SetExpectStapleReporter(ExpectStapleReporter* expect_staple_reporter); |
| 295 |
264 // Clears all dynamic data (e.g. HSTS and HPKP data). | 296 // Clears all dynamic data (e.g. HSTS and HPKP data). |
265 // | 297 // |
266 // Does NOT persist changes using the Delegate, as this function is only | 298 // Does NOT persist changes using the Delegate, as this function is only |
267 // used to clear any dynamic data prior to re-loading it from a file. | 299 // used to clear any dynamic data prior to re-loading it from a file. |
268 // Note: This is only used for serializing/deserializing the | 300 // Note: This is only used for serializing/deserializing the |
269 // TransportSecurityState. | 301 // TransportSecurityState. |
270 void ClearDynamicData(); | 302 void ClearDynamicData(); |
271 | 303 |
272 // Inserts |state| into |enabled_sts_hosts_| under the key |hashed_host|. | 304 // Inserts |state| into |enabled_sts_hosts_| under the key |hashed_host|. |
273 // |hashed_host| is already in the internal representation. | 305 // |hashed_host| is already in the internal representation. |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
360 // 1. The header value is "preload", indicating that the site wants to | 392 // 1. The header value is "preload", indicating that the site wants to |
361 // be opted in to Expect CT. | 393 // be opted in to Expect CT. |
362 // 2. The given host is present on the Expect CT preload list with a | 394 // 2. The given host is present on the Expect CT preload list with a |
363 // valid report-uri, and the build is timely (i.e. preload list is fresh). | 395 // valid report-uri, and the build is timely (i.e. preload list is fresh). |
364 // 3. |ssl_info| indicates that the connection violated the Expect CT policy. | 396 // 3. |ssl_info| indicates that the connection violated the Expect CT policy. |
365 // 4. An Expect CT reporter has been provided with SetExpectCTReporter(). | 397 // 4. An Expect CT reporter has been provided with SetExpectCTReporter(). |
366 void ProcessExpectCTHeader(const std::string& value, | 398 void ProcessExpectCTHeader(const std::string& value, |
367 const HostPortPair& host_port_pair, | 399 const HostPortPair& host_port_pair, |
368 const SSLInfo& ssl_info); | 400 const SSLInfo& ssl_info); |
369 | 401 |
| 402 // TODO |
| 403 void CheckExpectStaple(const HostPortPair& host_port_pair, |
| 404 const SSLInfo& ssl_info); |
| 405 |
370 private: | 406 private: |
371 friend class TransportSecurityStateTest; | 407 friend class TransportSecurityStateTest; |
372 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); | 408 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); |
373 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); | 409 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); |
374 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); | 410 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); |
375 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader); | 411 FRIEND_TEST_ALL_PREFIXES(URLRequestTestHTTP, ExpectCTHeader); |
376 | 412 |
377 typedef std::map<std::string, STSState> STSStateMap; | 413 typedef std::map<std::string, STSState> STSStateMap; |
378 typedef std::map<std::string, PKPState> PKPStateMap; | 414 typedef std::map<std::string, PKPState> PKPStateMap; |
379 | 415 |
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
440 const X509Certificate* served_certificate_chain, | 476 const X509Certificate* served_certificate_chain, |
441 const X509Certificate* validated_certificate_chain, | 477 const X509Certificate* validated_certificate_chain, |
442 const TransportSecurityState::PublicKeyPinReportStatus report_status, | 478 const TransportSecurityState::PublicKeyPinReportStatus report_status, |
443 std::string* failure_log); | 479 std::string* failure_log); |
444 | 480 |
445 // Returns true and updates |*expect_ct_result| iff there is a static | 481 // Returns true and updates |*expect_ct_result| iff there is a static |
446 // (built-in) state for |host| with expect_ct=true. | 482 // (built-in) state for |host| with expect_ct=true. |
447 bool GetStaticExpectCTState(const std::string& host, | 483 bool GetStaticExpectCTState(const std::string& host, |
448 ExpectCTState* expect_ct_result) const; | 484 ExpectCTState* expect_ct_result) const; |
449 | 485 |
| 486 // Returns true and updates |*expect_staple_result| iff there is a static |
| 487 // (built-in) state for |host| with expect_staple=true, or if |host| is a |
| 488 // subdomain of another domain with expect_staple=true and |
| 489 // include_subdomains_for_expect_staple=true. |
| 490 bool GetStaticExpectStapleState( |
| 491 const std::string& host, |
| 492 ExpectStapleState* expect_staple_result) const; |
| 493 |
450 // The sets of hosts that have enabled TransportSecurity. |domain| will always | 494 // The sets of hosts that have enabled TransportSecurity. |domain| will always |
451 // be empty for a STSState or PKPState in these maps; the domain | 495 // be empty for a STSState or PKPState in these maps; the domain |
452 // comes from the map keys instead. In addition, |upgrade_mode| in the | 496 // comes from the map keys instead. In addition, |upgrade_mode| in the |
453 // STSState is never MODE_DEFAULT and |HasPublicKeyPins| in the PKPState | 497 // STSState is never MODE_DEFAULT and |HasPublicKeyPins| in the PKPState |
454 // always returns true. | 498 // always returns true. |
455 STSStateMap enabled_sts_hosts_; | 499 STSStateMap enabled_sts_hosts_; |
456 PKPStateMap enabled_pkp_hosts_; | 500 PKPStateMap enabled_pkp_hosts_; |
457 | 501 |
458 Delegate* delegate_; | 502 Delegate* delegate_; |
459 | 503 |
460 ReportSender* report_sender_; | 504 ReportSender* report_sender_; |
461 | 505 |
462 // True if static pins should be used. | 506 // True if static pins should be used. |
463 bool enable_static_pins_; | 507 bool enable_static_pins_; |
464 | 508 |
465 // True if static expect-CT state should be used. | 509 // True if static expect-CT state should be used. |
466 bool enable_static_expect_ct_; | 510 bool enable_static_expect_ct_; |
467 | 511 |
468 ExpectCTReporter* expect_ct_reporter_; | 512 ExpectCTReporter* expect_ct_reporter_; |
469 | 513 |
| 514 // True if static expect-staple state should be used. |
| 515 bool enable_static_expect_staple_; |
| 516 |
| 517 ExpectStapleReporter* expect_staple_reporter_; |
| 518 |
470 // Keeps track of reports that have been sent recently for | 519 // Keeps track of reports that have been sent recently for |
471 // rate-limiting. | 520 // rate-limiting. |
472 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>> | 521 ExpiringCache<std::string, bool, base::TimeTicks, std::less<base::TimeTicks>> |
473 sent_reports_cache_; | 522 sent_reports_cache_; |
474 | 523 |
475 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 524 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
476 }; | 525 }; |
477 | 526 |
478 } // namespace net | 527 } // namespace net |
479 | 528 |
480 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 529 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |