OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 5 #ifndef NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 6 #define NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <string> | 9 #include <string> |
10 #include <utility> | 10 #include <utility> |
(...skipping 145 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
156 std::map<std::string, DomainState>::const_iterator end_; | 156 std::map<std::string, DomainState>::const_iterator end_; |
157 }; | 157 }; |
158 | 158 |
159 // These functions search for static and dynamic DomainStates, and invoke the | 159 // These functions search for static and dynamic DomainStates, and invoke the |
160 // functions of the same name on them. These functions are the primary public | 160 // functions of the same name on them. These functions are the primary public |
161 // interface; direct access to DomainStates is best left to tests. | 161 // interface; direct access to DomainStates is best left to tests. |
162 bool ShouldSSLErrorsBeFatal(const std::string& host, bool sni_enabled); | 162 bool ShouldSSLErrorsBeFatal(const std::string& host, bool sni_enabled); |
163 bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled); | 163 bool ShouldUpgradeToSSL(const std::string& host, bool sni_enabled); |
164 bool CheckPublicKeyPins(const std::string& host, | 164 bool CheckPublicKeyPins(const std::string& host, |
165 bool sni_enabled, | 165 bool sni_enabled, |
| 166 bool is_issued_by_known_root, |
166 const HashValueVector& hashes, | 167 const HashValueVector& hashes, |
167 std::string* failure_log); | 168 std::string* failure_log); |
168 bool HasPublicKeyPins(const std::string& host, bool sni_enabled); | 169 bool HasPublicKeyPins(const std::string& host, bool sni_enabled); |
169 | 170 |
170 // Assign a |Delegate| for persisting the transport security state. If | 171 // Assign a |Delegate| for persisting the transport security state. If |
171 // |NULL|, state will not be persisted. The caller retains | 172 // |NULL|, state will not be persisted. The caller retains |
172 // ownership of |delegate|. | 173 // ownership of |delegate|. |
173 // Note: This is only used for serializing/deserializing the | 174 // Note: This is only used for serializing/deserializing the |
174 // TransportSecurityState. | 175 // TransportSecurityState. |
175 void SetDelegate(Delegate* delegate); | 176 void SetDelegate(Delegate* delegate); |
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
260 // SNI-using hosts as well as the rest of the pins. | 261 // SNI-using hosts as well as the rest of the pins. |
261 // | 262 // |
262 // If |host| matches both an exact entry and is a subdomain of another | 263 // If |host| matches both an exact entry and is a subdomain of another |
263 // entry, the exact match determines the return value. | 264 // entry, the exact match determines the return value. |
264 static bool IsGooglePinnedProperty(const std::string& host, | 265 static bool IsGooglePinnedProperty(const std::string& host, |
265 bool sni_enabled); | 266 bool sni_enabled); |
266 | 267 |
267 // The maximum number of seconds for which we'll cache an HSTS request. | 268 // The maximum number of seconds for which we'll cache an HSTS request. |
268 static const long int kMaxHSTSAgeSecs; | 269 static const long int kMaxHSTSAgeSecs; |
269 | 270 |
| 271 private: |
| 272 friend class TransportSecurityStateTest; |
| 273 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPOnly); |
| 274 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, UpdateDynamicPKPMaxAge0); |
| 275 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, NoClobberPins); |
| 276 |
| 277 typedef std::map<std::string, DomainState> DomainStateMap; |
| 278 |
270 // Send an UMA report on pin validation failure, if the host is in a | 279 // Send an UMA report on pin validation failure, if the host is in a |
271 // statically-defined list of domains. | 280 // statically-defined list of domains. |
272 // | 281 // |
273 // TODO(palmer): This doesn't really belong here, and should be moved into | 282 // TODO(palmer): This doesn't really belong here, and should be moved into |
274 // the exactly one call site. This requires unifying |struct HSTSPreload| | 283 // the exactly one call site. This requires unifying |struct HSTSPreload| |
275 // (an implementation detail of this class) with a more generic | 284 // (an implementation detail of this class) with a more generic |
276 // representation of first-class DomainStates, and exposing the preloads | 285 // representation of first-class DomainStates, and exposing the preloads |
277 // to the caller with |GetStaticDomainState|. | 286 // to the caller with |GetStaticDomainState|. |
278 static void ReportUMAOnPinFailure(const std::string& host); | 287 static void ReportUMAOnPinFailure(const std::string& host); |
279 | 288 |
280 // IsBuildTimely returns true if the current build is new enough ensure that | 289 // IsBuildTimely returns true if the current build is new enough ensure that |
281 // built in security information (i.e. HSTS preloading and pinning | 290 // built in security information (i.e. HSTS preloading and pinning |
282 // information) is timely. | 291 // information) is timely. |
283 static bool IsBuildTimely(); | 292 static bool IsBuildTimely(); |
284 | 293 |
285 private: | 294 // Helper method for actually checking pins. |
286 friend class TransportSecurityStateTest; | 295 bool CheckPublicKeyPinsImpl(const std::string& host, |
287 FRIEND_TEST_ALL_PREFIXES(HttpSecurityHeadersTest, | 296 bool sni_enabled, |
288 UpdateDynamicPKPOnly); | 297 const HashValueVector& hashes, |
289 | 298 std::string* failure_log); |
290 typedef std::map<std::string, DomainState> DomainStateMap; | |
291 | 299 |
292 // If a Delegate is present, notify it that the internal state has | 300 // If a Delegate is present, notify it that the internal state has |
293 // changed. | 301 // changed. |
294 void DirtyNotify(); | 302 void DirtyNotify(); |
295 | 303 |
296 // Enable TransportSecurity for |host|. |state| supercedes any previous | 304 // Enable TransportSecurity for |host|. |state| supercedes any previous |
297 // state for the |host|, including static entries. | 305 // state for the |host|, including static entries. |
298 // | 306 // |
299 // The new state for |host| is persisted using the Delegate (if any). | 307 // The new state for |host| is persisted using the Delegate (if any). |
300 void EnableHost(const std::string& host, const DomainState& state); | 308 void EnableHost(const std::string& host, const DomainState& state); |
301 | 309 |
302 // Converts |hostname| from dotted form ("www.google.com") to the form | 310 // Converts |hostname| from dotted form ("www.google.com") to the form |
303 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns | 311 // used in DNS: "\x03www\x06google\x03com", lowercases that, and returns |
304 // the result. | 312 // the result. |
305 static std::string CanonicalizeHost(const std::string& hostname); | 313 static std::string CanonicalizeHost(const std::string& hostname); |
306 | 314 |
307 // The set of hosts that have enabled TransportSecurity. | 315 // The set of hosts that have enabled TransportSecurity. |
308 DomainStateMap enabled_hosts_; | 316 DomainStateMap enabled_hosts_; |
309 | 317 |
310 Delegate* delegate_; | 318 Delegate* delegate_; |
311 | 319 |
| 320 // True if static pins should be used. |
| 321 bool enable_static_pins_; |
| 322 |
312 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); | 323 DISALLOW_COPY_AND_ASSIGN(TransportSecurityState); |
313 }; | 324 }; |
314 | 325 |
315 } // namespace net | 326 } // namespace net |
316 | 327 |
317 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ | 328 #endif // NET_HTTP_TRANSPORT_SECURITY_STATE_H_ |
OLD | NEW |