OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/ssl_error_info.h" | 5 #include "chrome/browser/ssl/ssl_error_info.h" |
6 | 6 |
7 #include "base/i18n/time_formatting.h" | 7 #include "base/i18n/time_formatting.h" |
8 #include "base/strings/string_number_conversions.h" | 8 #include "base/strings/string_number_conversions.h" |
9 #include "base/strings/utf_string_conversions.h" | 9 #include "base/strings/utf_string_conversions.h" |
10 #include "chrome/grit/chromium_strings.h" | 10 #include "chrome/grit/chromium_strings.h" |
(...skipping 127 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
138 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); | 138 IDS_CERT_ERROR_WEAK_KEY_DETAILS, UTF8ToUTF16(request_url.host())); |
139 short_description = l10n_util::GetStringUTF16( | 139 short_description = l10n_util::GetStringUTF16( |
140 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); | 140 IDS_CERT_ERROR_WEAK_KEY_DESCRIPTION); |
141 case CERT_NAME_CONSTRAINT_VIOLATION: | 141 case CERT_NAME_CONSTRAINT_VIOLATION: |
142 details = l10n_util::GetStringFUTF16( | 142 details = l10n_util::GetStringFUTF16( |
143 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, | 143 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DETAILS, |
144 UTF8ToUTF16(request_url.host())); | 144 UTF8ToUTF16(request_url.host())); |
145 short_description = l10n_util::GetStringUTF16( | 145 short_description = l10n_util::GetStringUTF16( |
146 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); | 146 IDS_CERT_ERROR_NAME_CONSTRAINT_VIOLATION_DESCRIPTION); |
147 break; | 147 break; |
| 148 case CERT_TOO_LONG_VALIDITY: |
| 149 title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_TOO_LONG_VALIDITY_TITLE); |
| 150 details = l10n_util::GetStringFUTF16( |
| 151 IDS_CERT_ERROR_TOO_LONG_VALIDITY_DETAILS, |
| 152 UTF8ToUTF16(request_url.host())); |
| 153 short_description = l10n_util::GetStringUTF16( |
| 154 IDS_CERT_ERROR_TOO_LONG_VALIDITY_DESCRIPTION); |
| 155 extra_info.push_back( |
| 156 l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); |
| 157 extra_info.push_back( |
| 158 l10n_util::GetStringUTF16( |
| 159 IDS_CERT_ERROR_TOO_LONG_VALIDITY_EXTRA_INFO_2)); |
| 160 break; |
148 case CERT_PINNED_KEY_MISSING: | 161 case CERT_PINNED_KEY_MISSING: |
149 details = l10n_util::GetStringUTF16( | 162 details = l10n_util::GetStringUTF16( |
150 IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); | 163 IDS_ERRORPAGES_SUMMARY_PINNING_FAILURE); |
151 short_description = l10n_util::GetStringUTF16( | 164 short_description = l10n_util::GetStringUTF16( |
152 IDS_ERRORPAGES_DETAILS_PINNING_FAILURE); | 165 IDS_ERRORPAGES_DETAILS_PINNING_FAILURE); |
153 break; | 166 break; |
154 case UNKNOWN: | 167 case UNKNOWN: |
155 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); | 168 details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); |
156 short_description = | 169 short_description = |
157 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); | 170 l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); |
(...skipping 26 matching lines...) Expand all Loading... |
184 case net::ERR_CERT_REVOKED: | 197 case net::ERR_CERT_REVOKED: |
185 return CERT_REVOKED; | 198 return CERT_REVOKED; |
186 case net::ERR_CERT_INVALID: | 199 case net::ERR_CERT_INVALID: |
187 return CERT_INVALID; | 200 return CERT_INVALID; |
188 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: | 201 case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: |
189 return CERT_WEAK_SIGNATURE_ALGORITHM; | 202 return CERT_WEAK_SIGNATURE_ALGORITHM; |
190 case net::ERR_CERT_WEAK_KEY: | 203 case net::ERR_CERT_WEAK_KEY: |
191 return CERT_WEAK_KEY; | 204 return CERT_WEAK_KEY; |
192 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: | 205 case net::ERR_CERT_NAME_CONSTRAINT_VIOLATION: |
193 return CERT_NAME_CONSTRAINT_VIOLATION; | 206 return CERT_NAME_CONSTRAINT_VIOLATION; |
| 207 case net::ERR_CERT_TOO_LONG_VALIDITY: |
| 208 return CERT_TOO_LONG_VALIDITY; |
194 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: | 209 case net::ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: |
195 return CERT_WEAK_KEY_DH; | 210 return CERT_WEAK_KEY_DH; |
196 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: | 211 case net::ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: |
197 return CERT_PINNED_KEY_MISSING; | 212 return CERT_PINNED_KEY_MISSING; |
198 default: | 213 default: |
199 NOTREACHED(); | 214 NOTREACHED(); |
200 return UNKNOWN; | 215 return UNKNOWN; |
201 } | 216 } |
202 } | 217 } |
203 | 218 |
204 // static | 219 // static |
205 int SSLErrorInfo::GetErrorsForCertStatus(int cert_id, | 220 int SSLErrorInfo::GetErrorsForCertStatus(int cert_id, |
206 net::CertStatus cert_status, | 221 net::CertStatus cert_status, |
207 const GURL& url, | 222 const GURL& url, |
208 std::vector<SSLErrorInfo>* errors) { | 223 std::vector<SSLErrorInfo>* errors) { |
209 const net::CertStatus kErrorFlags[] = { | 224 const net::CertStatus kErrorFlags[] = { |
210 net::CERT_STATUS_COMMON_NAME_INVALID, | 225 net::CERT_STATUS_COMMON_NAME_INVALID, |
211 net::CERT_STATUS_DATE_INVALID, | 226 net::CERT_STATUS_DATE_INVALID, |
212 net::CERT_STATUS_AUTHORITY_INVALID, | 227 net::CERT_STATUS_AUTHORITY_INVALID, |
213 net::CERT_STATUS_NO_REVOCATION_MECHANISM, | 228 net::CERT_STATUS_NO_REVOCATION_MECHANISM, |
214 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, | 229 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, |
215 net::CERT_STATUS_REVOKED, | 230 net::CERT_STATUS_REVOKED, |
216 net::CERT_STATUS_INVALID, | 231 net::CERT_STATUS_INVALID, |
217 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, | 232 net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM, |
218 net::CERT_STATUS_WEAK_KEY, | 233 net::CERT_STATUS_WEAK_KEY, |
219 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, | 234 net::CERT_STATUS_NAME_CONSTRAINT_VIOLATION, |
| 235 net::CERT_STATUS_TOO_LONG_VALIDITY, |
220 }; | 236 }; |
221 | 237 |
222 const ErrorType kErrorTypes[] = { | 238 const ErrorType kErrorTypes[] = { |
223 CERT_COMMON_NAME_INVALID, | 239 CERT_COMMON_NAME_INVALID, |
224 CERT_DATE_INVALID, | 240 CERT_DATE_INVALID, |
225 CERT_AUTHORITY_INVALID, | 241 CERT_AUTHORITY_INVALID, |
226 CERT_NO_REVOCATION_MECHANISM, | 242 CERT_NO_REVOCATION_MECHANISM, |
227 CERT_UNABLE_TO_CHECK_REVOCATION, | 243 CERT_UNABLE_TO_CHECK_REVOCATION, |
228 CERT_REVOKED, | 244 CERT_REVOKED, |
229 CERT_INVALID, | 245 CERT_INVALID, |
230 CERT_WEAK_SIGNATURE_ALGORITHM, | 246 CERT_WEAK_SIGNATURE_ALGORITHM, |
231 CERT_WEAK_KEY, | 247 CERT_WEAK_KEY, |
232 CERT_NAME_CONSTRAINT_VIOLATION, | 248 CERT_NAME_CONSTRAINT_VIOLATION, |
| 249 CERT_TOO_LONG_VALIDITY, |
233 }; | 250 }; |
234 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); | 251 DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); |
235 | 252 |
236 scoped_refptr<net::X509Certificate> cert = NULL; | 253 scoped_refptr<net::X509Certificate> cert = NULL; |
237 int count = 0; | 254 int count = 0; |
238 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { | 255 for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { |
239 if (cert_status & kErrorFlags[i]) { | 256 if (cert_status & kErrorFlags[i]) { |
240 count++; | 257 count++; |
241 if (!cert.get()) { | 258 if (!cert.get()) { |
242 bool r = content::CertStore::GetInstance()->RetrieveCert( | 259 bool r = content::CertStore::GetInstance()->RetrieveCert( |
243 cert_id, &cert); | 260 cert_id, &cert); |
244 DCHECK(r); | 261 DCHECK(r); |
245 } | 262 } |
246 if (errors) | 263 if (errors) { |
247 errors->push_back( | 264 errors->push_back( |
248 SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); | 265 SSLErrorInfo::CreateError(kErrorTypes[i], cert.get(), url)); |
| 266 } |
249 } | 267 } |
250 } | 268 } |
251 return count; | 269 return count; |
252 } | 270 } |
OLD | NEW |