Extend the webRequest.onCompleted event details object with TLS/SSL information

extensions/browser/api/web_request/web_request_event_details.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/browser/api/web_request/web_request_event_details.h"
 
 #include "base/callback.h"
 #include "base/strings/string_number_conversions.h"
 #include "content/public/browser/browser_thread.h"
 #include "content/public/browser/render_frame_host.h"
 #include "content/public/browser/resource_request_info.h"
 #include "content/public/common/child_process_host.h"
 #include "extensions/browser/api/web_request/upload_data_presenter.h"
 #include "extensions/browser/api/web_request/web_request_api_constants.h"
 #include "extensions/browser/api/web_request/web_request_api_helpers.h"
 #include "ipc/ipc_message.h"
 #include "net/base/auth.h"
 #include "net/base/upload_data_stream.h"
 #include "net/http/http_request_headers.h"
 #include "net/http/http_response_headers.h"
+#include "net/ssl/ssl_cipher_suite_names.h"
+#include "net/ssl/ssl_connection_status_flags.h"
 #include "net/url_request/url_request.h"
+#include "third_party/boringssl/src/include/openssl/ssl.h"
 
 using extension_web_request_api_helpers::ExtraInfoSpec;
 
 namespace helpers = extension_web_request_api_helpers;
 namespace keys = extension_web_request_api_constants;
 
 namespace extensions {
 
 WebRequestEventDetails::WebRequestEventDetails(const net::URLRequest* request,
                                                int extra_info_spec)
@@ skipping 197 matching lines @@
     : extra_info_spec_(0), render_process_id_(0), render_frame_id_(0) {}
 
 void WebRequestEventDetails::OnDeterminedFrameData(
     std::unique_ptr<WebRequestEventDetails> self,
     const DeterminedFrameDataCallback& callback,
     const ExtensionApiFrameIdMap::FrameData& frame_data) {
   SetFrameData(frame_data);
   callback.Run(std::move(self));
 }
 
+void WebRequestEventDetails::SetSSLInfo(const net::URLRequest* request) {
+  const net::SSLInfo ssl_info = request->ssl_info();
+  base::DictionaryValue* info_dict = new base::DictionaryValue();
+
+  const char* ssl_version;
+  net::SSLVersionToString(&ssl_version, net::SSLConnectionStatusToVersion(
+                                            ssl_info.connection_status));
+  if (strncmp(ssl_version, "?", 1) == 0)
+    ssl_version = "UNKNOWN";
+  info_dict->SetString(keys::kSSLVersionKey, ssl_version);
+
+  const SSL_CIPHER* cipher = SSL_get_cipher_by_value(
+      net::SSLConnectionStatusToCipherSuite(ssl_info.connection_status));
+  char* cipher_name = SSL_CIPHER_get_rfc_name(cipher);
+  if (cipher_name) {
+    std::string rfc_name = std::string(cipher_name);
+    OPENSSL_free(cipher_name);
+    info_dict->SetString(keys::kCipherSuiteKey, rfc_name);
+  }
+
+  base::DictionaryValue* built_dict = new base::DictionaryValue();
+  built_dict->SetBoolean(keys::kCertificateIssuedByKnownRootKey,
+                         ssl_info.is_issued_by_known_root);
+  built_dict->Set(keys::kChainKey,
+                  helpers::ExtractCertificateChain(ssl_info.cert));
+
+  base::ListValue* errors =
+      helpers::ParseCertificateStatusErrors(ssl_info.cert_status);
+  built_dict->SetBoolean(keys::kCertificateValidKey,
+                         ssl_info.is_valid() && errors->GetSize() == 0);
+  if (errors->GetSize() != 0)
+    built_dict->Set(keys::kErrorsKey, errors);
+
+  built_dict->SetBoolean(keys::kEVCertificateKey,
+                         (ssl_info.cert_status & net::CERT_STATUS_IS_EV));
+
+  info_dict->Set(keys::kBuiltChainKey, built_dict);
+  info_dict->Set(keys::kSentChainKey,
+                 helpers::ExtractCertificateChain(ssl_info.unverified_cert));
+
+  dict_.Set(keys::kSSLInfoKey, info_dict);
+}
+
 }  // namespace extensions