Addition of Certificate Transparency details to Security panel of DevTools

content/common/ssl_status_serialization.cc

Index: content/common/ssl_status_serialization.cc
diff --git a/content/common/ssl_status_serialization.cc b/content/common/ssl_status_serialization.cc
index 5f1b92415236aa62a5a33533ed3db4e9803f54fa..05bf0871b408606b99ea7a2e6ded62f6dcc6fb07 100644
--- a/content/common/ssl_status_serialization.cc
+++ b/content/common/ssl_status_serialization.cc
@@ -5,6 +5,7 @@
 #include "content/common/ssl_status_serialization.h"
 
 #include <stdint.h>
+#include <string>
 
 #include "base/logging.h"
 #include "base/pickle.h"
@@ -43,6 +44,14 @@ std::string SerializeSecurityInfo(const SSLStatus& ssl_status) {
        iter != ssl_status.signed_certificate_timestamp_ids.end(); ++iter) {
     pickle.WriteInt(iter->id);
     pickle.WriteUInt16(iter->status);
+    pickle.WriteUInt16(iter->version);

[Eran Messeri, 2016/03/09 21:04:35]

If that's saved to disk (I think it is, not entirely sure) then you would have
to deal with de-serialization in clients that don't have these fields (but I
don't think you need to because the SCT ID should be all you need).

+    pickle.WriteString(iter->logId);
+    pickle.WriteInt64(iter->timestamp);
+    pickle.WriteUInt16(iter->signature.hash_algorithm);
+    pickle.WriteUInt16(iter->signature.signature_algorithm);
+    pickle.WriteString(iter->signature.signature_data);
+    pickle.WriteUInt16(iter->origin);
+    pickle.WriteString(iter->logDescription);
   }
   return std::string(static_cast<const char*>(pickle.data()), pickle.size());
 }
@@ -91,14 +100,44 @@ bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {
   for (; num_scts_to_read > 0; --num_scts_to_read) {
     int id;
     uint16_t status;
-    if (!iter.ReadInt(&id) || !iter.ReadUInt16(&status)) {
+    uint16_t version;
+    std::string logId;
+    int64_t timestamp;
+    uint16_t hashAlgorithm;
+    uint16_t signatureAlgorithm;
+    std::string signatureData;
+    uint16_t origin;
+    std::string logDescription;
+    if (!iter.ReadInt(&id)
+      || !iter.ReadUInt16(&status)
+      || !iter.ReadUInt16(&version)
+      || !iter.ReadString(&logId)
+      || !iter.ReadInt64(&timestamp)
+      || !iter.ReadUInt16(&hashAlgorithm)
+      || !iter.ReadUInt16(&signatureAlgorithm)
+      || !iter.ReadString(&signatureData)
+      || !iter.ReadUInt16(&origin)
+      || !iter.ReadString(&logDescription)) {
       *ssl_status = SSLStatus();
       return false;
     }
 
+    net::ct::DigitallySigned signature(
+      static_cast<net::ct::DigitallySigned::HashAlgorithm>(hashAlgorithm),
+      static_cast<net::ct::DigitallySigned::SignatureAlgorithm>(
+        signatureAlgorithm),
+      signatureData);
+
     ssl_status->signed_certificate_timestamp_ids.push_back(
         SignedCertificateTimestampIDAndStatus(
-            id, static_cast<net::ct::SCTVerifyStatus>(status)));
+            id,
+            static_cast<net::ct::SCTVerifyStatus>(status),
+            static_cast<net::ct::SignedCertificateTimestamp::Version>(version),
+            logId,
+            timestamp,
+            signature,
+            static_cast<net::ct::SignedCertificateTimestamp::Origin>(origin),
+            logDescription));
   }
 
   return true;