Chromium Code Reviews
|
|
Chromium Code Reviews
Issue
1758823002:
Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. (Closed)
|
Created:
4 years, 9 months ago by Eran Messeri Modified:
4 years, 9 months ago CC:
chromium-reviews, certificate-transparency-chrome_googlegroups.com, cbentzel+watch_chromium.org, Eran Messeri Base URL:
https://chromium.googlesource.com/chromium/src.git@master Target Ref:
refs/pending/heads/master Project:
chromium Visibility:
Public. |
DescriptionCertificate Transparency: Ensure timestamps over 32 bit are handled correctly.
Test + code to ensure that timestamps in STHs are handled correctly when
bigger than 32 bit.
While I'm at it, change the operator<< overloading for STHs to DebugString.
BUG=
Committed: https://crrev.com/989441be7a61fba9338e74302b7f45ac30226cc7
Cr-Commit-Position: refs/heads/master@{#379276}
Patch Set 1 #
Total comments: 12
Patch Set 2 : Addressing review comments #
Messages
Total messages: 19 (7 generated)
Description was changed from ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= ========== to ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= ==========
eranm@chromium.org changed reviewers: + davidben@chromium.org, rsleevi@chromium.org
lgtm https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser_unittest.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser_unittest.cc:103: 100, 1L << 34, GetSampleSTHSHA256RootHash(), 1L -> INT64_C(1) ? https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.cc File net/cert/signed_tree_head.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.c... net/cert/signed_tree_head.cc:7: #include <string.h> Nit: I think this wants newline here? At least, the example in the style guide does it. Meh.
robpercival@chromium.org changed reviewers: + robpercival@chromium.org
https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.h File net/cert/signed_tree_head.h (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.h... net/cert/signed_tree_head.h:52: NET_EXPORT std::string DebugString(const SignedTreeHead& sth); GTest won't find this. GTest requires that either operator<< be defined or the function be called "PrintTo".
https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser.cc:148: signed_tree_head->timestamp = base::Time::FromJsTime(parsed_sth.timestamp); Are you sure this is correct? Js loses precision https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser_unittest.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser_unittest.cc:103: 100, 1L << 34, GetSampleSTHSHA256RootHash(), On 2016/03/02 17:30:39, davidben wrote: > 1L -> INT64_C(1) ? Yes, this is needed
https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser.cc:148: signed_tree_head->timestamp = base::Time::FromJsTime(parsed_sth.timestamp); On 2016/03/02 19:03:22, Ryan Sleevi wrote: > Are you sure this is correct? Js loses precision What do you mean? FromJsTime and JsonSignedTreeHead both take double. FromJsTime uses TimeDelta::FromMillisecondsD which also takes a double.
https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser.cc:148: signed_tree_head->timestamp = base::Time::FromJsTime(parsed_sth.timestamp); On 2016/03/02 19:11:46, davidben wrote: > On 2016/03/02 19:03:22, Ryan Sleevi wrote: > > Are you sure this is correct? Js loses precision > > What do you mean? FromJsTime and JsonSignedTreeHead both take double. FromJsTime > uses TimeDelta::FromMillisecondsD which also takes a double. I just meant that a 64-bit timestamp will be capped at 2^53-1 if round-tripping through the double
https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser.cc:148: signed_tree_head->timestamp = base::Time::FromJsTime(parsed_sth.timestamp); On 2016/03/02 19:16:53, Ryan Sleevi wrote: > On 2016/03/02 19:11:46, davidben wrote: > > On 2016/03/02 19:03:22, Ryan Sleevi wrote: > > > Are you sure this is correct? Js loses precision > > > > What do you mean? FromJsTime and JsonSignedTreeHead both take double. > FromJsTime > > uses TimeDelta::FromMillisecondsD which also takes a double. > > I just meant that a 64-bit timestamp will be capped at 2^53-1 if round-tripping > through the double Ah. (Well, it won't be capped but it'll lose precision beyond that point.) That's true, but this isn't a 64-bit timestamp to begin with. JsonSignedTreeHead is *already* a double. And JSONValueConverter doesn't have a RegisterUint64Field, only RegisterIntField and RegisterDoubleField. This seems fine.
Addressed all comments, submitting as I don't see any issue still open after that. If there's anything I'll address in a follow-up change. https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser.cc:148: signed_tree_head->timestamp = base::Time::FromJsTime(parsed_sth.timestamp); On 2016/03/02 19:21:04, davidben wrote: > On 2016/03/02 19:16:53, Ryan Sleevi wrote: > > On 2016/03/02 19:11:46, davidben wrote: > > > On 2016/03/02 19:03:22, Ryan Sleevi wrote: > > > > Are you sure this is correct? Js loses precision > > > > > > What do you mean? FromJsTime and JsonSignedTreeHead both take double. > > FromJsTime > > > uses TimeDelta::FromMillisecondsD which also takes a double. > > > > I just meant that a 64-bit timestamp will be capped at 2^53-1 if > round-tripping > > through the double > > Ah. (Well, it won't be capped but it'll lose precision beyond that point.) > That's true, but this isn't a 64-bit timestamp to begin with. JsonSignedTreeHead > is *already* a double. And JSONValueConverter doesn't have a > RegisterUint64Field, only RegisterIntField and RegisterDoubleField. This seems > fine. What davidben said - I couldn't find a more accurate method and given that this precision will carry us beyond the 26th century, I'm not too worried. https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... File net/cert/ct_log_response_parser_unittest.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/ct_log_response_pa... net/cert/ct_log_response_parser_unittest.cc:103: 100, 1L << 34, GetSampleSTHSHA256RootHash(), On 2016/03/02 19:03:22, Ryan Sleevi - OOO until 3-10 wrote: > On 2016/03/02 17:30:39, davidben wrote: > > 1L -> INT64_C(1) ? > > Yes, this is needed Done. https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.cc File net/cert/signed_tree_head.cc (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.c... net/cert/signed_tree_head.cc:7: #include <string.h> On 2016/03/02 17:30:39, davidben wrote: > Nit: I think this wants newline here? At least, the example in the style guide > does it. Meh. Done. https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.h File net/cert/signed_tree_head.h (right): https://codereview.chromium.org/1758823002/diff/1/net/cert/signed_tree_head.h... net/cert/signed_tree_head.h:52: NET_EXPORT std::string DebugString(const SignedTreeHead& sth); On 2016/03/02 17:34:03, Rob Percival wrote: > GTest won't find this. GTest requires that either operator<< be defined or the > function be called "PrintTo". Done.
The CQ bit was checked by eranm@chromium.org
The patchset sent to the CQ was uploaded after l-g-t-m from davidben@chromium.org Link to the patchset: https://codereview.chromium.org/1758823002/#ps20001 (title: "Addressing review comments")
CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1758823002/20001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1758823002/20001
Message was sent while issue was closed.
Description was changed from ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= ========== to ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= ==========
Message was sent while issue was closed.
Committed patchset #2 (id:20001)
Message was sent while issue was closed.
Description was changed from ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= ========== to ========== Certificate Transparency: Ensure timestamps over 32 bit are handled correctly. Test + code to ensure that timestamps in STHs are handled correctly when bigger than 32 bit. While I'm at it, change the operator<< overloading for STHs to DebugString. BUG= Committed: https://crrev.com/989441be7a61fba9338e74302b7f45ac30226cc7 Cr-Commit-Position: refs/heads/master@{#379276} ==========
Message was sent while issue was closed.
Patchset 2 (id:??) landed as https://crrev.com/989441be7a61fba9338e74302b7f45ac30226cc7 Cr-Commit-Position: refs/heads/master@{#379276}
Message was sent while issue was closed.
A revert of this CL (patchset #2 id:20001) has been created in https://codereview.chromium.org/1760413003/ by treib@chromium.org. The reason for reverting is: Broke sizes due to introducing new static initializers: https://build.chromium.org/p/chromium/builders/Linux%20x64/builds/16434/steps... It seems that you need to include ostream instead of iostream, see crbug.com/94794. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
