Centralize the logic for checking public key pins

net/http/transport_security_state.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/transport_security_state.h"
 
 #if defined(USE_OPENSSL)
 #include <openssl/ecdsa.h>
 #include <openssl/ssl.h>
 #else  // !defined(USE_OPENSSL)
@@ skipping 66 matching lines @@
              HashValueVector* out) {
   HashValue hash(HASH_VALUE_SHA1);
   memcpy(hash.data(), sha1_hash, hash.size());
   out->push_back(hash);
   return true;
 }
 
 }  // namespace
 
 TransportSecurityState::TransportSecurityState()
-  : delegate_(NULL) {
+    : delegate_(NULL), enable_static_pins_(true) {
+// Static pinning is only enabled for official builds to make sure that
+// others don't end up with pins that cannot be easily updated.
+#if !defined(OFFICIAL_BUILD) || defined(OS_ANDROID) || defined(OS_IOS)
+  enable_static_pins_ = false;
+#endif
   DCHECK(CalledOnValidThread());
 }
 
 TransportSecurityState::Iterator::Iterator(const TransportSecurityState& state)
     : iterator_(state.enabled_hosts_.begin()),
       end_(state.enabled_hosts_.end()) {
 }
 
 TransportSecurityState::Iterator::~Iterator() {}
 
@@ skipping 13 matching lines @@
 
   DomainState static_state;
   if (GetStaticDomainState(host, sni_enabled, &static_state) &&
       static_state.ShouldUpgradeToSSL()) {
       return true;
   }
 
   return false;
 }
 
-bool TransportSecurityState::CheckPublicKeyPins(const std::string& host,
-                                                bool sni_enabled,
-                                                const HashValueVector& hashes,
-                                                std::string* failure_log) {
-  DomainState dynamic_state;
-  if (GetDynamicDomainState(host, &dynamic_state))
-    return dynamic_state.CheckPublicKeyPins(hashes, failure_log);
-
-  DomainState static_state;
-  if (GetStaticDomainState(host, sni_enabled, &static_state) &&
-      static_state.CheckPublicKeyPins(hashes, failure_log)) {
-      return true;
+bool TransportSecurityState::CheckPublicKeyPins(
+    const std::string& host,
+    bool sni_available,
+    bool is_issued_by_known_root,
+    const HashValueVector& public_key_hashes,
+    std::string* pinning_failure_log) {
+  // Perform pin validation if, and only if, all these conditions obtain:

[wtc, 2014/08/08 15:36:59]

I think this comment block should be moved or copied to the header because it is
no longer necessary to call IsBuildTimely() and HasPublicKeyPins() before
calling this function.

[Ryan Hamilton, 2014/08/08 16:21:42]

I had a comment very similar to this on the VerifyPinning method that I added,
but sleevi requested that I remove it because it was too descriptive of the
implementation. I'm totally open to adding this back if you two agree. (Perhaps
in a follow up CL so we can get this landed).

+  //
+  // * the server's certificate chain chains up to a known root (i.e. not a
+  //   user-installed trust anchor); and
+  // * the build is recent (very old builds should fail open so that users
+  //   have some chance to recover).

[wtc, 2014/08/08 15:36:59]

You should document the third condition: HasPublicKeyPins() returns true.

[Ryan Hamilton, 2014/08/08 16:21:42]

Done.

+  //
+  if (!is_issued_by_known_root || !IsBuildTimely() ||
+      !HasPublicKeyPins(host, sni_available)) {
+    return true;
   }
 
-  return false;
+  bool pins_are_valid = CheckPublicKeyPinsImpl(
+      host, sni_available, public_key_hashes, pinning_failure_log);
+  if (!pins_are_valid) {
+    LOG(ERROR) << *pinning_failure_log;
+    ReportUMAOnPinFailure(host);
+  }
+
+  UMA_HISTOGRAM_BOOLEAN("Net.PublicKeyPinSuccess", pins_are_valid);
+  return pins_are_valid;
 }
 
 bool TransportSecurityState::HasPublicKeyPins(const std::string& host,
                                               bool sni_enabled) {
   DomainState dynamic_state;
   if (GetDynamicDomainState(host, &dynamic_state))
     return dynamic_state.HasPublicKeyPins();
 
   DomainState static_state;
   if (GetStaticDomainState(host, sni_enabled, &static_state)) {
@@ skipping 396 matching lines @@
 
 struct HSTSPreload {
   uint8 length;
   bool include_subdomains;
   char dns_name[38];
   bool https_required;
   PublicKeyPins pins;
   SecondLevelDomainName second_level_domain_name;
 };
 
-static bool HasPreload(const struct HSTSPreload* entries, size_t num_entries,
-                       const std::string& canonicalized_host, size_t i,
-                       TransportSecurityState::DomainState* out, bool* ret) {
+static bool HasPreload(const struct HSTSPreload* entries,
+                       size_t num_entries,
+                       const std::string& canonicalized_host,
+                       size_t i,
+                       bool enable_static_pins,
+                       TransportSecurityState::DomainState* out,
+                       bool* ret) {
   for (size_t j = 0; j < num_entries; j++) {
     if (entries[j].length == canonicalized_host.size() - i &&
         memcmp(entries[j].dns_name, &canonicalized_host[i],
                entries[j].length) == 0) {
       if (!entries[j].include_subdomains && i != 0) {
         *ret = false;
       } else {
         out->sts.include_subdomains = entries[j].include_subdomains;
         out->sts.last_observed = base::GetBuildTime();
-        out->pkp.include_subdomains = entries[j].include_subdomains;
-        out->pkp.last_observed = base::GetBuildTime();
         *ret = true;
         out->sts.upgrade_mode =
             TransportSecurityState::DomainState::MODE_FORCE_HTTPS;
         if (!entries[j].https_required)
           out->sts.upgrade_mode =
               TransportSecurityState::DomainState::MODE_DEFAULT;
-        if (entries[j].pins.required_hashes) {
-          const char* const* sha1_hash = entries[j].pins.required_hashes;
-          while (*sha1_hash) {
-            AddHash(*sha1_hash, &out->pkp.spki_hashes);
-            sha1_hash++;
+
+        if (enable_static_pins) {
+          out->pkp.include_subdomains = entries[j].include_subdomains;
+          out->pkp.last_observed = base::GetBuildTime();
+          if (entries[j].pins.required_hashes) {
+            const char* const* sha1_hash = entries[j].pins.required_hashes;
+            while (*sha1_hash) {
+              AddHash(*sha1_hash, &out->pkp.spki_hashes);
+              sha1_hash++;
+            }
           }
-        }
-        if (entries[j].pins.excluded_hashes) {
-          const char* const* sha1_hash = entries[j].pins.excluded_hashes;
-          while (*sha1_hash) {
-            AddHash(*sha1_hash, &out->pkp.bad_spki_hashes);
-            sha1_hash++;
+          if (entries[j].pins.excluded_hashes) {
+            const char* const* sha1_hash = entries[j].pins.excluded_hashes;
+            while (*sha1_hash) {
+              AddHash(*sha1_hash, &out->pkp.bad_spki_hashes);
+              sha1_hash++;
+            }
           }
         }
       }
       return true;
     }
   }
   return false;
 }
 
 #include "net/http/transport_security_state_static.h"
@@ skipping 162 matching lines @@
                             entry->second_level_domain_name, DOMAIN_NUM_EVENTS);
 }
 
 // static
 bool TransportSecurityState::IsBuildTimely() {
   const base::Time build_time = base::GetBuildTime();
   // We consider built-in information to be timely for 10 weeks.
   return (base::Time::Now() - build_time).InDays() < 70 /* 10 weeks */;
 }
 
+bool TransportSecurityState::CheckPublicKeyPinsImpl(
+    const std::string& host,
+    bool sni_enabled,
+    const HashValueVector& hashes,
+    std::string* failure_log) {
+  DomainState dynamic_state;
+  if (GetDynamicDomainState(host, &dynamic_state))
+    return dynamic_state.CheckPublicKeyPins(hashes, failure_log);
+
+  DomainState static_state;
+  if (GetStaticDomainState(host, sni_enabled, &static_state))
+    return static_state.CheckPublicKeyPins(hashes, failure_log);
+
+  // HasPublicKeyPins should have returned true in order for this method
+  // to have been called, so if we fall through to here, it's an error.
+  return false;
+}
+
 bool TransportSecurityState::GetStaticDomainState(const std::string& host,
                                                   bool sni_enabled,
                                                   DomainState* out) const {
   DCHECK(CalledOnValidThread());
 
   const std::string canonicalized_host = CanonicalizeHost(host);
 
   out->sts.upgrade_mode = DomainState::MODE_FORCE_HTTPS;
   out->sts.include_subdomains = false;
   out->pkp.include_subdomains = false;
 
   const bool is_build_timely = IsBuildTimely();
 
   for (size_t i = 0; canonicalized_host[i]; i += canonicalized_host[i] + 1) {
     std::string host_sub_chunk(&canonicalized_host[i],
                                canonicalized_host.size() - i);
     out->domain = DNSDomainToString(host_sub_chunk);
     bool ret;
-    if (is_build_timely &&
-        HasPreload(kPreloadedSTS, kNumPreloadedSTS, canonicalized_host, i, out,
-                   &ret)) {
+    if (is_build_timely && HasPreload(kPreloadedSTS,
+                                      kNumPreloadedSTS,
+                                      canonicalized_host,
+                                      i,
+                                      enable_static_pins_,
+                                      out,
+                                      &ret)) {
       return ret;
     }
-    if (sni_enabled &&
-        is_build_timely &&
-        HasPreload(kPreloadedSNISTS, kNumPreloadedSNISTS, canonicalized_host, i,
-                   out, &ret)) {
+    if (sni_enabled && is_build_timely && HasPreload(kPreloadedSNISTS,
+                                                     kNumPreloadedSNISTS,
+                                                     canonicalized_host,
+                                                     i,
+                                                     enable_static_pins_,
+                                                     out,
+                                                     &ret)) {
       return ret;
     }
   }
 
   return false;
 }
 
 bool TransportSecurityState::GetDynamicDomainState(const std::string& host,
                                                    DomainState* result) {
   DCHECK(CalledOnValidThread());
@@ skipping 98 matching lines @@
   return pkp.spki_hashes.size() > 0 || pkp.bad_spki_hashes.size() > 0;
 }
 
 TransportSecurityState::DomainState::PKPState::PKPState() {
 }
 
 TransportSecurityState::DomainState::PKPState::~PKPState() {
 }
 
 }  // namespace