content/common/ssl_status_serialization.cc - Issue 1244863003: Attach a SecurityStyle to each request in ResourceLoader

Side by Side Diff: content/common/ssl_status_serialization.cc

Issue 1244863003: Attach a SecurityStyle to each request in ResourceLoader (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: fix GetSecurityStyle() and add unit test Created 5 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "content/common/ssl_status_serialization.h"	5 #include "content/common/ssl_status_serialization.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/pickle.h"	8 #include "base/pickle.h"

9	9

	10 namespace {

	11

	12 // Checks that an integer \|security_style\| is a valid SecurityStyle enum

	13 // value. Returns true if valid, false otherwise.

	14 bool CheckSecurityStyle(int security_style) {

	15 switch (security_style) {

	16 case content::SECURITY_STYLE_UNKNOWN:

	17 case content::SECURITY_STYLE_UNAUTHENTICATED:

	18 case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:

	19 case content::SECURITY_STYLE_WARNING:

	20 case content::SECURITY_STYLE_AUTHENTICATED:

	21 return true;

	22 }

	23 return false;

	24 }

	25

	26 } // namespace

	27

10 namespace content {	28 namespace content {

11	29

12 std::string SerializeSecurityInfo(	30 std::string SerializeSecurityInfo(const SSLStatus& ssl_status) {

13 int cert_id,

14 net::CertStatus cert_status,

15 int security_bits,

16 int ssl_connection_status,

17 const SignedCertificateTimestampIDStatusList&

18 signed_certificate_timestamp_ids) {

19 base::Pickle pickle;	31 base::Pickle pickle;

20 pickle.WriteInt(cert_id);	32 pickle.WriteInt(ssl_status.security_style);

21 pickle.WriteUInt32(cert_status);	33 pickle.WriteInt(ssl_status.cert_id);

22 pickle.WriteInt(security_bits);	34 pickle.WriteUInt32(ssl_status.cert_status);

23 pickle.WriteInt(ssl_connection_status);	35 pickle.WriteInt(ssl_status.security_bits);

24 pickle.WriteInt(signed_certificate_timestamp_ids.size());	36 pickle.WriteInt(ssl_status.connection_status);

	37 pickle.WriteInt(ssl_status.signed_certificate_timestamp_ids.size());

25 for (SignedCertificateTimestampIDStatusList::const_iterator iter =	38 for (SignedCertificateTimestampIDStatusList::const_iterator iter =

26 signed_certificate_timestamp_ids.begin();	39 ssl_status.signed_certificate_timestamp_ids.begin();

27 iter != signed_certificate_timestamp_ids.end(); ++iter) {	40 iter != ssl_status.signed_certificate_timestamp_ids.end(); ++iter) {

28 pickle.WriteInt(iter->id);	41 pickle.WriteInt(iter->id);

29 pickle.WriteUInt16(iter->status);	42 pickle.WriteUInt16(iter->status);

30 }	43 }

31 return std::string(static_cast<const char*>(pickle.data()), pickle.size());	44 return std::string(static_cast<const char*>(pickle.data()), pickle.size());

32 }	45 }

33	46

34 bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {	47 bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {

35 *ssl_status = SSLStatus();	48 *ssl_status = SSLStatus();

36	49

37 if (state.empty()) {	50 if (state.empty()) {

38 // No SSL used.	51 // No SSL used.

39 return true;	52 return true;

40 }	53 }

41	54

42 base::Pickle pickle(state.data(), static_cast<int>(state.size()));	55 base::Pickle pickle(state.data(), static_cast<int>(state.size()));

43 base::PickleIterator iter(pickle);	56 base::PickleIterator iter(pickle);

	57 int security_style;

44 int num_scts_to_read;	58 int num_scts_to_read;

45 if (!iter.ReadInt(&ssl_status->cert_id) \|\|	59 if (!iter.ReadInt(&security_style) \|\| !iter.ReadInt(&ssl_status->cert_id) \|\|

46 !iter.ReadUInt32(&ssl_status->cert_status) \|\|	60 !iter.ReadUInt32(&ssl_status->cert_status) \|\|

47 !iter.ReadInt(&ssl_status->security_bits) \|\|	61 !iter.ReadInt(&ssl_status->security_bits) \|\|

48 !iter.ReadInt(&ssl_status->connection_status) \|\|	62 !iter.ReadInt(&ssl_status->connection_status) \|\|

49 !iter.ReadInt(&num_scts_to_read)) {	63 !iter.ReadInt(&num_scts_to_read)) {

50 *ssl_status = SSLStatus();	64 *ssl_status = SSLStatus();

51 return false;	65 return false;

52 }	66 }

53	67

	68 if (!CheckSecurityStyle(security_style)) {

	69 *ssl_status = SSLStatus();

	70 return false;

	71 }

	72

	73 ssl_status->security_style = static_cast<SecurityStyle>(security_style);
	palmer 2015/07/27 22:25:45 Is it necessary to validate this cast/conversion? Is it necessary to validate this cast/conversion? estark 2015/07/27 22:49:38 That's what I meant to do with CheckSecurityStyle( Show quoted text On 2015/07/27 22:25:45, palmer wrote: > Is it necessary to validate this cast/conversion? That's what I meant to do with CheckSecurityStyle() on line 68 -- or do you mean something else? palmer 2015/07/27 22:57:20 Nope, I'm just a goat. In fact I even saw it; it j Show quoted text > That's what I meant to do with CheckSecurityStyle() on line 68 -- or do you mean > something else? Nope, I'm just a goat. In fact I even saw it; it just left my mind between reading like 68 and 73. :\| estark 2015/07/27 22:57:58 goat af! Show quoted text On 2015/07/27 22:57:20, palmer wrote: > > That's what I meant to do with CheckSecurityStyle() on line 68 -- or do you > mean > > something else? > > Nope, I'm just a goat. In fact I even saw it; it just left my mind between > reading like 68 and 73. :\| goat af!
	74

54 // Sanity check \|security_bits\|: the only allowed negative value is -1.	75 // Sanity check \|security_bits\|: the only allowed negative value is -1.

55 if (ssl_status->security_bits < -1) {	76 if (ssl_status->security_bits < -1) {

56 *ssl_status = SSLStatus();	77 *ssl_status = SSLStatus();

57 return false;	78 return false;

58 }	79 }

59	80

60 for (; num_scts_to_read > 0; --num_scts_to_read) {	81 for (; num_scts_to_read > 0; --num_scts_to_read) {

61 int id;	82 int id;

62 uint16 status;	83 uint16 status;

63 if (!iter.ReadInt(&id) \|\| !iter.ReadUInt16(&status)) {	84 if (!iter.ReadInt(&id) \|\| !iter.ReadUInt16(&status)) {

64 *ssl_status = SSLStatus();	85 *ssl_status = SSLStatus();

65 return false;	86 return false;

66 }	87 }

67	88

68 ssl_status->signed_certificate_timestamp_ids.push_back(	89 ssl_status->signed_certificate_timestamp_ids.push_back(

69 SignedCertificateTimestampIDAndStatus(	90 SignedCertificateTimestampIDAndStatus(

70 id, static_cast<net::ct::SCTVerifyStatus>(status)));	91 id, static_cast<net::ct::SCTVerifyStatus>(status)));

71 }	92 }

72	93

73 return true;	94 return true;

74 }	95 }

75	96

76 } // namespace content	97 } // namespace content

OLD	NEW

« chrome/browser/ui/browser_browsertest.cc ('K') | « content/common/ssl_status_serialization.h ('k') | content/common/ssl_status_serialization_unittest.cc » ('j') | no next file with comments »