| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/cert_policy_enforcer.h" | 5 #include "net/cert/cert_policy_enforcer.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/build_time.h" | 10 #include "base/build_time.h" |
| (...skipping 167 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 178 // Whether the build is not older than 10 weeks. The value is meaningful only | 178 // Whether the build is not older than 10 weeks. The value is meaningful only |
| 179 // if |ct_presence_required| is true. | 179 // if |ct_presence_required| is true. |
| 180 bool build_timely; | 180 bool build_timely; |
| 181 // Compliance status - meaningful only if |ct_presence_required| and | 181 // Compliance status - meaningful only if |ct_presence_required| and |
| 182 // |build_timely| are true. | 182 // |build_timely| are true. |
| 183 CTComplianceStatus status; | 183 CTComplianceStatus status; |
| 184 // EV whitelist version. | 184 // EV whitelist version. |
| 185 base::Version whitelist_version; | 185 base::Version whitelist_version; |
| 186 }; | 186 }; |
| 187 | 187 |
| 188 base::Value* NetLogComplianceCheckResultCallback( | 188 scoped_ptr<base::Value> NetLogComplianceCheckResultCallback( |
| 189 X509Certificate* cert, | 189 X509Certificate* cert, |
| 190 ComplianceDetails* details, | 190 ComplianceDetails* details, |
| 191 NetLogCaptureMode capture_mode) { | 191 NetLogCaptureMode capture_mode) { |
| 192 base::DictionaryValue* dict = new base::DictionaryValue(); | 192 scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue()); |
| 193 dict->Set("certificate", NetLogX509CertificateCallback(cert, capture_mode)); | 193 dict->Set("certificate", NetLogX509CertificateCallback(cert, capture_mode)); |
| 194 dict->SetBoolean("policy_enforcement_required", | 194 dict->SetBoolean("policy_enforcement_required", |
| 195 details->ct_presence_required); | 195 details->ct_presence_required); |
| 196 if (details->ct_presence_required) { | 196 if (details->ct_presence_required) { |
| 197 dict->SetBoolean("build_timely", details->build_timely); | 197 dict->SetBoolean("build_timely", details->build_timely); |
| 198 if (details->build_timely) { | 198 if (details->build_timely) { |
| 199 dict->SetString("ct_compliance_status", | 199 dict->SetString("ct_compliance_status", |
| 200 ComplianceStatusToString(details->status)); | 200 ComplianceStatusToString(details->status)); |
| 201 if (details->whitelist_version.IsValid()) | 201 if (details->whitelist_version.IsValid()) |
| 202 dict->SetString("ev_whitelist_version", | 202 dict->SetString("ev_whitelist_version", |
| 203 details->whitelist_version.GetString()); | 203 details->whitelist_version.GetString()); |
| 204 } | 204 } |
| 205 } | 205 } |
| 206 return dict; | 206 return dict.Pass(); |
| 207 } | 207 } |
| 208 | 208 |
| 209 bool IsCertificateInWhitelist(const X509Certificate& cert, | 209 bool IsCertificateInWhitelist(const X509Certificate& cert, |
| 210 const ct::EVCertsWhitelist* ev_whitelist) { | 210 const ct::EVCertsWhitelist* ev_whitelist) { |
| 211 bool cert_in_ev_whitelist = false; | 211 bool cert_in_ev_whitelist = false; |
| 212 if (ev_whitelist && ev_whitelist->IsValid()) { | 212 if (ev_whitelist && ev_whitelist->IsValid()) { |
| 213 const SHA256HashValue fingerprint( | 213 const SHA256HashValue fingerprint( |
| 214 X509Certificate::CalculateFingerprint256(cert.os_cert_handle())); | 214 X509Certificate::CalculateFingerprint256(cert.os_cert_handle())); |
| 215 | 215 |
| 216 std::string truncated_fp = | 216 std::string truncated_fp = |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 254 bool CertPolicyEnforcer::DoesConformToCTEVPolicy( | 254 bool CertPolicyEnforcer::DoesConformToCTEVPolicy( |
| 255 X509Certificate* cert, | 255 X509Certificate* cert, |
| 256 const ct::EVCertsWhitelist* ev_whitelist, | 256 const ct::EVCertsWhitelist* ev_whitelist, |
| 257 const ct::CTVerifyResult& ct_result, | 257 const ct::CTVerifyResult& ct_result, |
| 258 const BoundNetLog& net_log) { | 258 const BoundNetLog& net_log) { |
| 259 ComplianceDetails details; | 259 ComplianceDetails details; |
| 260 | 260 |
| 261 CheckCTEVPolicyCompliance(cert, ev_whitelist, ct_result, &details); | 261 CheckCTEVPolicyCompliance(cert, ev_whitelist, ct_result, &details); |
| 262 | 262 |
| 263 NetLog::ParametersCallback net_log_callback = | 263 NetLog::ParametersCallback net_log_callback = |
| 264 base::Bind(&NetLogComplianceCheckResultCallback, base::Unretained(cert), | 264 base::Bind(NetLogComplianceCheckResultCallback, base::Unretained(cert), |
| 265 base::Unretained(&details)); | 265 base::Unretained(&details)); |
| 266 | 266 |
| 267 net_log.AddEvent(NetLog::TYPE_EV_CERT_CT_COMPLIANCE_CHECKED, | 267 net_log.AddEvent(NetLog::TYPE_EV_CERT_CT_COMPLIANCE_CHECKED, |
| 268 net_log_callback); | 268 net_log_callback); |
| 269 | 269 |
| 270 if (!details.ct_presence_required) | 270 if (!details.ct_presence_required) |
| 271 return true; | 271 return true; |
| 272 | 272 |
| 273 if (!details.build_timely) | 273 if (!details.build_timely) |
| 274 return false; | 274 return false; |
| 275 | 275 |
| 276 LogCTComplianceStatusToUMA(details.status, ev_whitelist); | 276 LogCTComplianceStatusToUMA(details.status, ev_whitelist); |
| 277 | 277 |
| 278 if (details.status == CT_IN_WHITELIST || details.status == CT_ENOUGH_SCTS) | 278 if (details.status == CT_IN_WHITELIST || details.status == CT_ENOUGH_SCTS) |
| 279 return true; | 279 return true; |
| 280 | 280 |
| 281 return false; | 281 return false; |
| 282 } | 282 } |
| 283 | 283 |
| 284 } // namespace net | 284 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1135373002:
Updated NetLog::ParametersCallback & all related calbacks returning value as scoped_ptr<base::Value…
Base URL: https://chromium.googlesource.com/chromium/src.git@master