Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1784)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/net/certificate_error_reporter.h

Issue 1083493003: Encrypt certificate reports before uploading to HTTP URLs (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: remove unnecessary nullptr assignment Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/net/cert_logger.proto ('k') | chrome/browser/net/certificate_error_reporter.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/net/certificate_error_reporter.h
diff --git a/chrome/browser/net/certificate_error_reporter.h b/chrome/browser/net/certificate_error_reporter.h
index 3c20ec1c607abe8bd12edc60e4caa39973808ab6..88130c5feb0fd30508ef4a852dc0bf3a865c4312 100644
--- a/chrome/browser/net/certificate_error_reporter.h
+++ b/chrome/browser/net/certificate_error_reporter.h
@@ -21,6 +21,7 @@ class SSLInfo;
namespace chrome_browser_net {
class CertLoggerRequest;
+class EncryptedCertLoggerRequest;
// Provides functionality for sending reports about invalid SSL
// certificate chains to a report collection server.
@@ -48,6 +49,13 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
const GURL& upload_url,
CookiesPreference cookies_preference);
+ // Allows tests to use a server public key with known private key.
+ CertificateErrorReporter(net::URLRequestContext* request_context,
+ const GURL& upload_url,
+ CookiesPreference cookies_preference,
+ const uint8 server_public_key[32],
+ const uint32 server_public_key_version);
+
~CertificateErrorReporter() override;
// Construct, serialize, and send a certificate report to the report
@@ -66,6 +74,18 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
void OnResponseStarted(net::URLRequest* request) override;
void OnReadCompleted(net::URLRequest* request, int bytes_read) override;
+ // On some platforms (but not all), CertificateErrorReporter can use
+ // an HTTP endpoint to send encrypted extended reporting reports. On
+ // unsupported platforms, callers must send extended reporting reports
+ // over SSL.
felt 2015/04/24 19:33:57 nit: seems like this comment ought to be over Send
estark 2015/04/24 20:10:05 Done.
+ static bool IsHttpUploadUrlSupported();
+
+ // Used by tests.
+ static bool DecryptCertificateErrorReport(
+ const uint8 server_private_key[32],
+ const EncryptedCertLoggerRequest& encrypted_report,
+ CertLoggerRequest* decrypted_report);
+
private:
// Create a URLRequest with which to send a certificate report to the
// server.
@@ -76,6 +96,8 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
// collection server.
void SendCertLoggerRequest(const CertLoggerRequest& request);
+ void SendSerializedRequest(const std::string& serialized_request);
+
// Populate the CertLoggerRequest for a report.
static void BuildReport(const std::string& hostname,
const net::SSLInfo& ssl_info,
@@ -92,6 +114,9 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
CookiesPreference cookies_preference_;
+ const uint8* server_public_key_;
+ const uint32 server_public_key_version_;
+
DISALLOW_COPY_AND_ASSIGN(CertificateErrorReporter);
};
« no previous file with comments | « chrome/browser/net/cert_logger.proto ('k') | chrome/browser/net/certificate_error_reporter.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698