Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(428)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/http/transport_security_state.h

Issue 433123003: Centralize the logic for checking public key pins (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: fewer friends Created 6 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/http/http_security_headers_unittest.cc ('k') | net/http/transport_security_state.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_
7 7
8 #include <map> 8 #include <map>
9 #include <string> 9 #include <string>
10 #include <utility> 10 #include <utility>
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after
156 std::map<std::string, DomainState>::const_iterator end_; 156 std::map<std::string, DomainState>::const_iterator end_;
157 }; 157 };
158 158
159 // These functions search for static and dynamic DomainStates, and invoke the 159 // These functions search for static and dynamic DomainStates, and invoke the
160 // functions of the same name on them. These functions are the primary public 160 // functions of the same name on them. These functions are the primary public
161 // interface; direct access to DomainStates is best left to tests. 161 // interface; direct access to DomainStates is best left to tests.
162 bool ShouldSSLErrorsBeFatal(const std::string& host, bool sni_enabled); 162 bool ShouldSSLErrorsBeFatal(const std::string& host, bool sni_enabled);
163 bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled); 163 bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled);
164 bool CheckPublicKeyPins(const std::string& host, 164 bool CheckPublicKeyPins(const std::string& host,
165 bool sni_enabled, 165 bool sni_enabled,
166 bool is_issued_by_known_root,
166 const HashValueVector& hashes, 167 const HashValueVector& hashes,
167 std::string* failure_log); 168 std::string* failure_log);
168 bool HasPublicKeyPins(const std::string& host, bool sni_enabled); 169 bool HasPublicKeyPins(const std::string& host, bool sni_enabled);
169 170
170 // Assign a |Delegate| for persisting the transport security state. If 171 // Assign a |Delegate| for persisting the transport security state. If
171 // |NULL|, state will not be persisted. The caller retains 172 // |NULL|, state will not be persisted. The caller retains
172 // ownership of |delegate|. 173 // ownership of |delegate|.
173 // Note: This is only used for serializing/deserializing the 174 // Note: This is only used for serializing/deserializing the
174 // TransportSecurityState. 175 // TransportSecurityState.
175 void SetDelegate(Delegate* delegate); 176 void SetDelegate(Delegate* delegate);
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after
260 // SNI-using hosts as well as the rest of the pins. 261 // SNI-using hosts as well as the rest of the pins.
261 // 262 //
262 // If |host| matches both an exact entry and is a subdomain of another 263 // If |host| matches both an exact entry and is a subdomain of another
263 // entry, the exact match determines the return value. 264 // entry, the exact match determines the return value.
264 static bool IsGooglePinnedProperty(const std::string& host, 265 static bool IsGooglePinnedProperty(const std::string& host,
265 bool sni_enabled); 266 bool sni_enabled);
266 267
267 // The maximum number of seconds for which we'll cache an HSTS request. 268 // The maximum number of seconds for which we'll cache an HSTS request.
268 static const long int kMaxHSTSAgeSecs; 269 static const long int kMaxHSTSAgeSecs;
269 270
271 private:
272 friend class TransportSecurityStateTest;
273 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly);
274 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0);
275 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins);
276
277 typedef std::map<std::string, DomainState> DomainStateMap;
278
270 // Send an UMA report on pin validation failure, if the host is in a 279 // Send an UMA report on pin validation failure, if the host is in a
271 // statically-defined list of domains. 280 // statically-defined list of domains.
272 // 281 //
273 // TODO(palmer): This doesn't really belong here, and should be moved into 282 // TODO(palmer): This doesn't really belong here, and should be moved into
274 // the exactly one call site. This requires unifying |struct HSTSPreload| 283 // the exactly one call site. This requires unifying |struct HSTSPreload|
275 // (an implementation detail of this class) with a more generic 284 // (an implementation detail of this class) with a more generic
276 // representation of first-class DomainStates, and exposing the preloads 285 // representation of first-class DomainStates, and exposing the preloads
277 // to the caller with |GetStaticDomainState|. 286 // to the caller with |GetStaticDomainState|.
278 static void ReportUMAOnPinFailure(const std::string& host); 287 static void ReportUMAOnPinFailure(const std::string& host);
279 288
280 // IsBuildTimely returns true if the current build is new enough ensure that 289 // IsBuildTimely returns true if the current build is new enough ensure that
281 // built in security information (i.e. HSTS preloading and pinning 290 // built in security information (i.e. HSTS preloading and pinning
282 // information) is timely. 291 // information) is timely.
283 static bool IsBuildTimely(); 292 static bool IsBuildTimely();
284 293
285 private: 294 // Helper method for actually checking pins.
286 friend class TransportSecurityStateTest; 295 bool CheckPublicKeyPinsImpl(const std::string& host,
287 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, 296 bool sni_enabled,
288 UpdateDynamicPKPOnly); 297 const HashValueVector& hashes,
289 298 std::string* failure_log);
290 typedef std::map<std::string, DomainState> DomainStateMap;
291 299
292 // If a Delegate is present, notify it that the internal state has 300 // If a Delegate is present, notify it that the internal state has
293 // changed. 301 // changed.
294 void DirtyNotify(); 302 void DirtyNotify();
295 303
296 // Enable TransportSecurity for |host|. |state| supercedes any previous 304 // Enable TransportSecurity for |host|. |state| supercedes any previous
297 // state for the |host|, including static entries. 305 // state for the |host|, including static entries.
298 // 306 //
299 // The new state for |host| is persisted using the Delegate (if any). 307 // The new state for |host| is persisted using the Delegate (if any).
300 void EnableHost(const std::string& host, const DomainState& state); 308 void EnableHost(const std::string& host, const DomainState& state);
301 309
302 // Converts |hostname| from dotted form ("www.google.com") to the form 310 // Converts |hostname| from dotted form ("www.google.com") to the form
303 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns 311 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns
304 // the result. 312 // the result.
305 static std::string CanonicalizeHost(const std::string& hostname); 313 static std::string CanonicalizeHost(const std::string& hostname);
306 314
307 // The set of hosts that have enabled TransportSecurity. 315 // The set of hosts that have enabled TransportSecurity.
308 DomainStateMap enabled_hosts_; 316 DomainStateMap enabled_hosts_;
309 317
310 Delegate* delegate_; 318 Delegate* delegate_;
311 319
320 // True if static pins should be used.
321 bool enable_static_pins_;
322
312 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); 323 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState);
313 }; 324 };
314 325
315 } // namespace net 326 } // namespace net
316 327
317 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ 328 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_
OLDNEW
« no previous file with comments | « net/http/http_security_headers_unittest.cc ('k') | net/http/transport_security_state.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698