Enable public key pinning of local trust anchors

components/cronet/android/api/src/org/chromium/net/CronetEngine.java

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 package org.chromium.net;
 
 import android.annotation.SuppressLint;
 import android.content.Context;
 import android.net.http.HttpResponseCache;
 import android.support.annotation.IntDef;
@@ skipping 84 matching lines @@
                 mExpirationDate = expirationDate;
             }
         }
 
         private static final Pattern INVALID_PKP_HOST_NAME = Pattern.compile("^[0-9\\.]*$");
 
         // Private fields are simply storage of configuration for the resulting CronetEngine.
         // See setters below for verbose descriptions.
         private final Context mContext;
         private final List<QuicHint> mQuicHints = new LinkedList<QuicHint>();
-        private final List<Pkp> mPkps = new LinkedList<Pkp>();
+        private final List<Pkp> mPkps = new LinkedList<>();
+        private boolean mPublicKeyPinningBypassForLocalTrustAnchorsEnabled;
         private String mUserAgent;
         private String mStoragePath;
         private boolean mLegacyModeEnabled;
         private LibraryLoader mLibraryLoader;
         private String mLibraryName;
         private boolean mQuicEnabled;
         private boolean mHttp2Enabled;
         private boolean mSdchEnabled;
         private String mDataReductionProxyKey;
         private String mDataReductionProxyPrimaryProxy;
@@ skipping 12 matching lines @@
          */
         public Builder(Context context) {
             mContext = context;
             setLibraryName("cronet");
             enableLegacyMode(false);
             enableQUIC(false);
             enableHTTP2(true);
             enableSDCH(false);
             enableHttpCache(HTTP_CACHE_DISABLED, 0);
             enableNetworkQualityEstimator(false);
+            enablePublicKeyPinningBypassForLocalTrustAnchors(true);
         }
 
         /**
          * Constructs a User-Agent string including application name and version,
          * system build version, model and id, and Cronet version.
          *
          * @return User-Agent string.
          */
         public String getDefaultUserAgent() {
             return UserAgent.from(mContext);
@@ skipping 389 matching lines @@
 
         /**
          * Returns list of public key pins.
          * @return list of public key pins.
          */
         List<Pkp> publicKeyPins() {
             return mPkps;
         }
 
         /**
+         * Enables or disables public key pinning bypass for local trust anchors. Disabling the
+         * bypass for local trust anchors is highly discouraged since it may prohibit the app
+         * from communicating with the pinned hosts. E.g., a user may want to send all traffic
+         * through an SSL enabled proxy by changing the device proxy settings and adding the
+         * proxy certificate to the list of local trust anchor. Disabling the bypass will most
+         * likly prevent the app from sending any traffic to the pinned hosts. For more
+         * information see 'How does key pinning interact with local proxies and filters?' at
+         * https://www.chromium.org/Home/chromium-security/security-faq
+         *
+         * @param value {@code true} to enable the bypass, {@code false} to disable.
+         * @return the builder to facilitate chaining.
+         */
+        public Builder enablePublicKeyPinningBypassForLocalTrustAnchors(boolean value) {
+            mPublicKeyPinningBypassForLocalTrustAnchorsEnabled = value;
+            return this;
+        }
+
+        boolean publicKeyPinningBypassForLocalTrustAnchorsEnabled() {
+            return mPublicKeyPinningBypassForLocalTrustAnchorsEnabled;
+        }
+
+        /**
          * Checks whether a given string represents a valid host name for PKP and converts it
          * to ASCII Compatible Encoding representation according to RFC 1122, RFC 1123 and
          * RFC 3490. This method is more restrictive than required by RFC 7469. Thus, a host
          * that contains digits and the dot character only is considered invalid.
          *
          * Note: Currently Cronet doesn't have native implementation of host name validation that
          *       can be used. There is code that parses a provided URL but doesn't ensure its
          *       correctness. The implementation relies on {@code getaddrinfo} function.
          *
          * @param hostName host name to check and convert.
@@ skipping 590 matching lines @@
      * @hide as it's a prototype.
      */
     public interface RequestFinishedListener {
         /**
          * Invoked with request info.
          * @param requestInfo {@link UrlRequestInfo} for finished request.
          */
         void onRequestFinished(UrlRequestInfo requestInfo);
     }
 }