Centralize the logic for checking public key pins

net/http/transport_security_state.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_
 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_
 
 #include <map>
 #include <string>
 #include <utility>
@@ skipping 145 matching lines @@
     std::map<std::string, DomainState>::const_iterator end_;
   };
 
   // These functions search for static and dynamic DomainStates, and invoke the
   // functions of the same name on them. These functions are the primary public
   // interface; direct access to DomainStates is best left to tests.
   bool ShouldSSLErrorsBeFatal(const std::string& host, bool sni_enabled);
   bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled);
   bool CheckPublicKeyPins(const std::string& host,
                           bool sni_enabled,
+                          bool is_issued_by_known_root,
                           const HashValueVector& hashes,
                           std::string* failure_log);
   bool HasPublicKeyPins(const std::string& host, bool sni_enabled);
 
   // Assign a |Delegate| for persisting the transport security state. If
   // |NULL|, state will not be persisted. The caller retains
   // ownership of |delegate|.
   // Note: This is only used for serializing/deserializing the
   // TransportSecurityState.
   void SetDelegate(Delegate* delegate);
@@ skipping 84 matching lines @@
   // SNI-using hosts as well as the rest of the pins.
   //
   // If |host| matches both an exact entry and is a subdomain of another
   // entry, the exact match determines the return value.
   static bool IsGooglePinnedProperty(const std::string& host,
                                      bool sni_enabled);
 
   // The maximum number of seconds for which we'll cache an HSTS request.
   static const long int kMaxHSTSAgeSecs;
 
+ private:
+  friend class TransportSecurityStateTest;
+  FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest,
+                           UpdateDynamicPKPOnly);
+  FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest,
+                           UpdateDynamicPKPMaxAge0);
+  FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest,
+                           DISABLED_UpdateDynamicPKPMaxAge0);
+  FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest,
+                           NoClobberPins);
+
+  typedef std::map<std::string, DomainState> DomainStateMap;
+
   // Send an UMA report on pin validation failure, if the host is in a
   // statically-defined list of domains.
   //
   // TODO(palmer): This doesn't really belong here, and should be moved into
   // the exactly one call site. This requires unifying |struct HSTSPreload|
   // (an implementation detail of this class) with a more generic
   // representation of first-class DomainStates, and exposing the preloads
   // to the caller with |GetStaticDomainState|.
   static void ReportUMAOnPinFailure(const std::string& host);
 
   // IsBuildTimely returns true if the current build is new enough ensure that
   // built in security information (i.e. HSTS preloading and pinning
   // information) is timely.
   static bool IsBuildTimely();

[wtc, 2014/08/07 23:39:12]

In the .cc file, these two methods are defined after CheckPublicKeyPinsImpl.
Here they are declared before CheckPublicKeyPinsImpl.

[Ryan Hamilton, 2014/08/08 00:54:00]

Done.

 
- private:
-  friend class TransportSecurityStateTest;
-  FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest,
-                           UpdateDynamicPKPOnly);
-
-  typedef std::map<std::string, DomainState> DomainStateMap;
+  // Helper method for actually checking pins.
+  bool CheckPublicKeyPinsImpl(const std::string& host,
+                              bool sni_enabled,
+                              const HashValueVector& hashes,
+                              std::string* failure_log);
 
   // If a Delegate is present, notify it that the internal state has
   // changed.
   void DirtyNotify();
 
   // Enable TransportSecurity for |host|. |state| supercedes any previous
   // state for the |host|, including static entries.
   //
   // The new state for |host| is persisted using the Delegate (if any).
   void EnableHost(const std::string& host, const DomainState& state);
 
   // Converts |hostname| from dotted form ("www.google.com") to the form
   // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns
   // the result.
   static std::string CanonicalizeHost(const std::string& hostname);
 
   // The set of hosts that have enabled TransportSecurity.
   DomainStateMap enabled_hosts_;
 
   Delegate* delegate_;
 
+  // True if static pins should be used.
+  bool enable_static_pinning_;

[wtc, 2014/08/07 23:39:12]

Ryan asked you to rename this member "enable_static_pins_".

[Ryan Hamilton, 2014/08/08 00:54:00]

Done. Thanks, I missed that.

+
   DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
 };
 
 }  // namespace net
 
 #endif  // NET_HTTP_TRANSPORT_SECURITY_STATE_H_