Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/cert/ct_signed_certificate_timestamp_log_param.h" | 5 #include "net/cert/ct_signed_certificate_timestamp_log_param.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <memory> | 8 #include <memory> |
| 9 #include <string> | 9 #include <string> |
| 10 #include <utility> | 10 #include <utility> |
| 11 | 11 |
| 12 #include "base/base64.h" | 12 #include "base/base64.h" |
| 13 #include "base/strings/string_number_conversions.h" | 13 #include "base/strings/string_number_conversions.h" |
| 14 #include "base/strings/stringprintf.h" | 14 #include "base/strings/stringprintf.h" |
| 15 #include "base/values.h" | 15 #include "base/values.h" |
| 16 #include "net/cert/ct_sct_to_string.h" | |
| 16 #include "net/cert/ct_verify_result.h" | 17 #include "net/cert/ct_verify_result.h" |
| 17 #include "net/cert/signed_certificate_timestamp.h" | 18 #include "net/cert/signed_certificate_timestamp.h" |
| 18 | 19 |
| 19 namespace net { | 20 namespace net { |
| 20 | 21 |
| 21 namespace { | 22 namespace { |
| 22 | 23 |
| 23 // Converts a numeric |origin| to text describing the SCT's origin | |
| 24 const char* OriginToString(ct::SignedCertificateTimestamp::Origin origin) { | |
| 25 switch (origin) { | |
| 26 case ct::SignedCertificateTimestamp::SCT_EMBEDDED: | |
| 27 return "embedded_in_certificate"; | |
| 28 case ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION: | |
| 29 return "tls_extension"; | |
| 30 case ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE: | |
| 31 return "ocsp"; | |
| 32 case ct::SignedCertificateTimestamp::SCT_ORIGIN_MAX: | |
| 33 break; | |
| 34 } | |
| 35 | |
| 36 return "unknown"; | |
| 37 } | |
| 38 | |
| 39 // Converts a numeric |hash_algorithm| to its textual representation | |
| 40 const char* HashAlgorithmToString( | |
| 41 ct::DigitallySigned::HashAlgorithm hash_algorithm) { | |
| 42 switch (hash_algorithm) { | |
| 43 case ct::DigitallySigned::HASH_ALGO_NONE: | |
| 44 return "NONE"; | |
| 45 case ct::DigitallySigned::HASH_ALGO_MD5: | |
| 46 return "MD5"; | |
| 47 case ct::DigitallySigned::HASH_ALGO_SHA1: | |
| 48 return "SHA1"; | |
| 49 case ct::DigitallySigned::HASH_ALGO_SHA224: | |
| 50 return "SHA224"; | |
| 51 case ct::DigitallySigned::HASH_ALGO_SHA256: | |
| 52 return "SHA256"; | |
| 53 case ct::DigitallySigned::HASH_ALGO_SHA384: | |
| 54 return "SHA384"; | |
| 55 case ct::DigitallySigned::HASH_ALGO_SHA512: | |
| 56 return "SHA512"; | |
| 57 } | |
| 58 | |
| 59 return "unknown"; | |
| 60 } | |
| 61 | |
| 62 // Converts a numeric |signature_algorithm| to its textual representation | |
| 63 const char* SignatureAlgorithmToString( | |
| 64 ct::DigitallySigned::SignatureAlgorithm signature_algorithm) { | |
| 65 switch (signature_algorithm) { | |
| 66 case ct::DigitallySigned::SIG_ALGO_ANONYMOUS: | |
| 67 return "ANONYMOUS"; | |
| 68 case ct::DigitallySigned::SIG_ALGO_RSA: | |
| 69 return "RSA"; | |
| 70 case ct::DigitallySigned::SIG_ALGO_DSA: | |
| 71 return "DSA"; | |
| 72 case ct::DigitallySigned::SIG_ALGO_ECDSA: | |
| 73 return "ECDSA"; | |
| 74 } | |
| 75 | |
| 76 return "unknown"; | |
| 77 } | |
| 78 | |
| 79 // Base64 encode the given |value| string and put it in |dict| with the | 24 // Base64 encode the given |value| string and put it in |dict| with the |
| 80 // description |key|. | 25 // description |key|. |
| 81 void SetBinaryData( | 26 void SetBinaryData( |
| 82 const char* key, | 27 const char* key, |
| 83 const std::string& value, | 28 const std::string& value, |
| 84 base::DictionaryValue* dict) { | 29 base::DictionaryValue* dict) { |
| 85 std::string b64_value; | 30 std::string b64_value; |
| 86 base::Base64Encode(value, &b64_value); | 31 base::Base64Encode(value, &b64_value); |
| 87 | 32 |
| 88 dict->SetString(key, b64_value); | 33 dict->SetString(key, b64_value); |
| 89 } | 34 } |
| 90 | 35 |
| 91 // Returns a dictionary where each key is a field of the SCT and its value | 36 // Returns a dictionary where each key is a field of the SCT and its value |
| 92 // is this field's value in the SCT. This dictionary is meant to be used for | 37 // is this field's value in the SCT. This dictionary is meant to be used for |
| 93 // outputting a de-serialized SCT to the NetLog. | 38 // outputting a de-serialized SCT to the NetLog. |
| 94 std::unique_ptr<base::DictionaryValue> SCTToDictionary( | 39 std::unique_ptr<base::DictionaryValue> SCTToDictionary( |
| 95 const ct::SignedCertificateTimestamp& sct) { | 40 const ct::SignedCertificateTimestamp& sct) { |
| 96 std::unique_ptr<base::DictionaryValue> out(new base::DictionaryValue()); | 41 std::unique_ptr<base::DictionaryValue> out(new base::DictionaryValue()); |
| 97 | 42 |
| 98 out->SetString("origin", OriginToString(sct.origin)); | 43 // Transform capital letters to lowercase, and replace spaces with underscores |
| 44 // to conform with SIGNED_CERTIFICATE_TIMESTAMPS_CHECKED in | |
| 45 // net/log/net_log_event_type_list.h. | |
| 46 std::string origin = OriginToString(sct.origin); | |
| 47 std::transform(origin.begin(), origin.end(), origin.begin(), ::tolower); | |
| 48 std::replace(origin.begin(), origin.end(), ' ', '_'); | |
| 49 out->SetString("origin", origin); | |
|
davidben
2016/06/14 15:47:37
I suppose this is fine, but you also may as well j
dwaxweiler
2016/06/14 16:57:02
At least one check of the tests in net/cert/multi_
davidben
2016/06/14 18:39:26
*shrug* I have a minor preference for updating the
| |
| 50 | |
| 99 out->SetInteger("version", sct.version); | 51 out->SetInteger("version", sct.version); |
| 100 | 52 |
| 101 SetBinaryData("log_id", sct.log_id, out.get()); | 53 SetBinaryData("log_id", sct.log_id, out.get()); |
| 102 base::TimeDelta time_since_unix_epoch = | 54 base::TimeDelta time_since_unix_epoch = |
| 103 sct.timestamp - base::Time::UnixEpoch(); | 55 sct.timestamp - base::Time::UnixEpoch(); |
| 104 out->SetString("timestamp", | 56 out->SetString("timestamp", |
| 105 base::Int64ToString(time_since_unix_epoch.InMilliseconds())); | 57 base::Int64ToString(time_since_unix_epoch.InMilliseconds())); |
| 106 SetBinaryData("extensions", sct.extensions, out.get()); | 58 SetBinaryData("extensions", sct.extensions, out.get()); |
| 107 | 59 |
| 108 out->SetString("hash_algorithm", | 60 out->SetString("hash_algorithm", |
| (...skipping 44 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 153 | 105 |
| 154 SetBinaryData("embedded_scts", *embedded_scts, dict.get()); | 106 SetBinaryData("embedded_scts", *embedded_scts, dict.get()); |
| 155 SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp, dict.get()); | 107 SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp, dict.get()); |
| 156 SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension, | 108 SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension, |
| 157 dict.get()); | 109 dict.get()); |
| 158 | 110 |
| 159 return std::move(dict); | 111 return std::move(dict); |
| 160 } | 112 } |
| 161 | 113 |
| 162 } // namespace net | 114 } // namespace net |
| OLD | NEW |