Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(6268)

Unified Diff: chrome/browser/net/certificate_error_reporter.h

Issue 1083493003: Encrypt certificate reports before uploading to HTTP URLs (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: rebase Created 5 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/net/certificate_error_reporter.h
diff --git a/chrome/browser/net/certificate_error_reporter.h b/chrome/browser/net/certificate_error_reporter.h
index 3c20ec1c607abe8bd12edc60e4caa39973808ab6..751a077f22eb0798db66db369bc89b648d8b92ec 100644
--- a/chrome/browser/net/certificate_error_reporter.h
+++ b/chrome/browser/net/certificate_error_reporter.h
@@ -21,6 +21,18 @@ class SSLInfo;
namespace chrome_browser_net {
class CertLoggerRequest;
+class EncryptedCertLoggerRequest;
+
+// These functions are used by tests.
+bool Seal(const std::string& aead_key,
agl 2015/04/16 17:26:29 Make these static functions in CertificateErrorRep
+ const std::string& nonce,
+ const std::string& plaintext,
+ std::string* const ciphertext);
+
+bool DecryptCertificateErrorReport(
+ const uint8 server_private_key[32],
+ const EncryptedCertLoggerRequest& encrypted_report,
+ CertLoggerRequest* decrypted_report);
// Provides functionality for sending reports about invalid SSL
// certificate chains to a report collection server.
@@ -48,6 +60,13 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
const GURL& upload_url,
CookiesPreference cookies_preference);
+ // Allows tests to use a server public key with known private key.
+ CertificateErrorReporter(net::URLRequestContext* request_context,
+ const GURL& upload_url,
+ CookiesPreference cookies_preference,
+ const uint8 server_public_key[32],
+ const uint32 server_public_key_version);
+
~CertificateErrorReporter() override;
// Construct, serialize, and send a certificate report to the report
@@ -76,6 +95,8 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
// collection server.
void SendCertLoggerRequest(const CertLoggerRequest& request);
+ void SendSerializedRequest(const std::string& serialized_request);
+
// Populate the CertLoggerRequest for a report.
static void BuildReport(const std::string& hostname,
const net::SSLInfo& ssl_info,
@@ -92,6 +113,9 @@ class CertificateErrorReporter : public net::URLRequest::Delegate {
CookiesPreference cookies_preference_;
+ const uint8* server_public_key_;
+ const uint32 server_public_key_version_;
+
DISALLOW_COPY_AND_ASSIGN(CertificateErrorReporter);
};

Powered by Google App Engine
This is Rietveld 408576698