Line data Source code
1 : /* This Source Code Form is subject to the terms of the Mozilla Public
2 : * License, v. 2.0. If a copy of the MPL was not distributed with this
3 : * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
4 :
5 : #ifndef __nsSiteSecurityService_h__
6 : #define __nsSiteSecurityService_h__
7 :
8 : #include "mozilla/BasePrincipal.h"
9 : #include "mozilla/DataStorage.h"
10 : #include "mozilla/RefPtr.h"
11 : #include "nsCOMPtr.h"
12 : #include "nsIObserver.h"
13 : #include "nsISiteSecurityService.h"
14 : #include "nsString.h"
15 : #include "nsTArray.h"
16 : #include "pkix/pkixtypes.h"
17 : #include "prtime.h"
18 :
19 : class nsIURI;
20 : class nsISSLStatus;
21 :
22 : using mozilla::OriginAttributes;
23 :
24 : // {16955eee-6c48-4152-9309-c42a465138a1}
25 : #define NS_SITE_SECURITY_SERVICE_CID \
26 : {0x16955eee, 0x6c48, 0x4152, \
27 : {0x93, 0x09, 0xc4, 0x2a, 0x46, 0x51, 0x38, 0xa1} }
28 :
29 : /**
30 : * SecurityPropertyState: A utility enum for representing the different states
31 : * a security property can be in.
32 : * SecurityPropertySet and SecurityPropertyUnset correspond to indicating
33 : * a site has or does not have the security property in question, respectively.
34 : * SecurityPropertyKnockout indicates a value on a preloaded list is being
35 : * overridden, and the associated site does not have the security property
36 : * in question.
37 : */
38 : enum SecurityPropertyState {
39 : SecurityPropertyUnset = nsISiteSecurityState::SECURITY_PROPERTY_UNSET,
40 : SecurityPropertySet = nsISiteSecurityState::SECURITY_PROPERTY_SET,
41 : SecurityPropertyKnockout = nsISiteSecurityState::SECURITY_PROPERTY_KNOCKOUT,
42 : SecurityPropertyNegative = nsISiteSecurityState::SECURITY_PROPERTY_NEGATIVE,
43 : };
44 :
45 : enum SecurityPropertySource {
46 : SourceUnknown = nsISiteSecurityService::SOURCE_UNKNOWN,
47 : SourcePreload = nsISiteSecurityService::SOURCE_PRELOAD_LIST,
48 : SourceOrganic = nsISiteSecurityService::SOURCE_ORGANIC_REQUEST,
49 : SourceHSTSPriming = nsISiteSecurityService::SOURCE_HSTS_PRIMING,
50 : };
51 :
52 : /**
53 : * SiteHPKPState: A utility class that encodes/decodes a string describing
54 : * the public key pins of a site.
55 : * HPKP state consists of:
56 : * - Hostname (nsCString)
57 : * - Origin attributes (OriginAttributes)
58 : * - Expiry time (PRTime (aka int64_t) in milliseconds)
59 : * - A state flag (SecurityPropertyState, default SecurityPropertyUnset)
60 : * - An include subdomains flag (bool, default false)
61 : * - An array of sha-256 hashed base 64 encoded fingerprints of required keys
62 : */
63 : class SiteHPKPState : public nsISiteHPKPState
64 : {
65 : public:
66 : NS_DECL_ISUPPORTS
67 : NS_DECL_NSISITEHPKPSTATE
68 : NS_DECL_NSISITESECURITYSTATE
69 :
70 : SiteHPKPState();
71 : SiteHPKPState(const nsCString& aHost,
72 : const OriginAttributes& aOriginAttributes,
73 : const nsCString& aStateString);
74 : SiteHPKPState(const nsCString& aHost,
75 : const OriginAttributes& aOriginAttributes,
76 : PRTime aExpireTime, SecurityPropertyState aState,
77 : bool aIncludeSubdomains, nsTArray<nsCString>& SHA256keys);
78 :
79 : nsCString mHostname;
80 : OriginAttributes mOriginAttributes;
81 : PRTime mExpireTime;
82 : SecurityPropertyState mState;
83 : bool mIncludeSubdomains;
84 : nsTArray<nsCString> mSHA256keys;
85 :
86 0 : bool IsExpired(mozilla::pkix::Time aTime)
87 : {
88 0 : if (aTime > mozilla::pkix::TimeFromEpochInSeconds(mExpireTime /
89 0 : PR_MSEC_PER_SEC)) {
90 0 : return true;
91 : }
92 0 : return false;
93 : }
94 :
95 : void ToString(nsCString& aString);
96 :
97 : protected:
98 0 : virtual ~SiteHPKPState() {};
99 : };
100 :
101 : /**
102 : * SiteHSTSState: A utility class that encodes/decodes a string describing
103 : * the security state of a site. Currently only handles HSTS.
104 : * HSTS state consists of:
105 : * - Hostname (nsCString)
106 : * - Origin attributes (OriginAttributes)
107 : * - Expiry time (PRTime (aka int64_t) in milliseconds)
108 : * - A state flag (SecurityPropertyState, default SecurityPropertyUnset)
109 : * - An include subdomains flag (bool, default false)
110 : */
111 : class SiteHSTSState : public nsISiteHSTSState
112 : {
113 : public:
114 : NS_DECL_ISUPPORTS
115 : NS_DECL_NSISITEHSTSSTATE
116 : NS_DECL_NSISITESECURITYSTATE
117 :
118 : SiteHSTSState(const nsCString& aHost,
119 : const OriginAttributes& aOriginAttributes,
120 : const nsCString& aStateString);
121 : SiteHSTSState(const nsCString& aHost,
122 : const OriginAttributes& aOriginAttributes,
123 : PRTime aHSTSExpireTime, SecurityPropertyState aHSTSState,
124 : bool aHSTSIncludeSubdomains,
125 : SecurityPropertySource aSource);
126 :
127 : nsCString mHostname;
128 : OriginAttributes mOriginAttributes;
129 : PRTime mHSTSExpireTime;
130 : SecurityPropertyState mHSTSState;
131 : bool mHSTSIncludeSubdomains;
132 : SecurityPropertySource mHSTSSource;
133 :
134 0 : bool IsExpired(uint32_t aType)
135 : {
136 : // If mHSTSExpireTime is 0, this entry never expires (this is the case for
137 : // knockout entries).
138 0 : if (mHSTSExpireTime == 0) {
139 0 : return false;
140 : }
141 :
142 0 : PRTime now = PR_Now() / PR_USEC_PER_MSEC;
143 0 : if (now > mHSTSExpireTime) {
144 0 : return true;
145 : }
146 :
147 0 : return false;
148 : }
149 :
150 : void ToString(nsCString &aString);
151 :
152 : protected:
153 48 : virtual ~SiteHSTSState() {}
154 : };
155 :
156 : struct nsSTSPreload;
157 :
158 : class nsSiteSecurityService : public nsISiteSecurityService
159 : , public nsIObserver
160 : {
161 : public:
162 : NS_DECL_THREADSAFE_ISUPPORTS
163 : NS_DECL_NSIOBSERVER
164 : NS_DECL_NSISITESECURITYSERVICE
165 :
166 : nsSiteSecurityService();
167 : nsresult Init();
168 :
169 : protected:
170 : virtual ~nsSiteSecurityService();
171 :
172 : private:
173 : nsresult GetHost(nsIURI *aURI, nsACString &aResult);
174 : nsresult SetHSTSState(uint32_t aType, const char* aHost, int64_t maxage,
175 : bool includeSubdomains, uint32_t flags,
176 : SecurityPropertyState aHSTSState,
177 : SecurityPropertySource aSource,
178 : const OriginAttributes& aOriginAttributes);
179 : nsresult ProcessHeaderInternal(uint32_t aType, nsIURI* aSourceURI,
180 : const nsCString& aHeader,
181 : nsISSLStatus* aSSLStatus,
182 : uint32_t aFlags,
183 : SecurityPropertySource aSource,
184 : const OriginAttributes& aOriginAttributes,
185 : uint64_t* aMaxAge, bool* aIncludeSubdomains,
186 : uint32_t* aFailureResult);
187 : nsresult ProcessSTSHeader(nsIURI* aSourceURI, const nsCString& aHeader,
188 : uint32_t flags,
189 : SecurityPropertySource aSource,
190 : const OriginAttributes& aOriginAttributes,
191 : uint64_t* aMaxAge, bool* aIncludeSubdomains,
192 : uint32_t* aFailureResult);
193 : nsresult ProcessPKPHeader(nsIURI* aSourceURI, const nsCString& aHeader,
194 : nsISSLStatus* aSSLStatus, uint32_t flags,
195 : const OriginAttributes& aOriginAttributes,
196 : uint64_t* aMaxAge, bool* aIncludeSubdomains,
197 : uint32_t* aFailureResult);
198 : nsresult SetHPKPState(const char* aHost, SiteHPKPState& entry, uint32_t flags,
199 : bool aIsPreload,
200 : const OriginAttributes& aOriginAttributes);
201 : nsresult RemoveStateInternal(uint32_t aType, nsIURI* aURI, uint32_t aFlags,
202 : const OriginAttributes& aOriginAttributes);
203 : nsresult RemoveStateInternal(uint32_t aType, const nsAutoCString& aHost,
204 : uint32_t aFlags, bool aIsPreload,
205 : const OriginAttributes& aOriginAttributes);
206 : bool HostHasHSTSEntry(const nsAutoCString& aHost,
207 : bool aRequireIncludeSubdomains, uint32_t aFlags,
208 : const OriginAttributes& aOriginAttributes,
209 : bool* aResult, bool* aCached,
210 : SecurityPropertySource* aSource);
211 : const nsSTSPreload *GetPreloadListEntry(const char *aHost);
212 : nsresult IsSecureHost(uint32_t aType, const nsACString& aHost,
213 : uint32_t aFlags,
214 : const OriginAttributes& aOriginAttributes,
215 : bool* aCached, SecurityPropertySource* aSource,
216 : bool* aResult);
217 :
218 : uint64_t mMaxMaxAge;
219 : bool mUsePreloadList;
220 : int64_t mPreloadListTimeOffset;
221 : bool mProcessPKPHeadersFromNonBuiltInRoots;
222 : RefPtr<mozilla::DataStorage> mSiteStateStorage;
223 : RefPtr<mozilla::DataStorage> mPreloadStateStorage;
224 : };
225 :
226 : #endif // __nsSiteSecurityService_h__
|
