| Index: extensions/common/api/web_request.json
|
| diff --git a/extensions/common/api/web_request.json b/extensions/common/api/web_request.json
|
| index 4e314eb6c07e49ffad370b43061cae3b4f3b8505..65f461a8220c5b847814c867b7e153c3242fc217 100644
|
| --- a/extensions/common/api/web_request.json
|
| +++ b/extensions/common/api/web_request.json
|
| @@ -150,6 +150,259 @@
|
| }
|
| },
|
| "description": "Contains data uploaded in a URL request."
|
| + },
|
| + {
|
| + "id": "SSLVersions",
|
| + "type": "string",
|
| + "enum": ["UNKNOWN", "SSL 2.0", "SSL 3.0", "TLS 1.0", "TLS 1.1", "TLS 1.2", "QUIC"]
|
| + },
|
| + {
|
| + "id": "CipherNames",
|
| + "type": "string",
|
| + "enum": ["UNKNOWN", "NULL", "RC4_40", "RC4_128", "RC2_CBC_40", "IDEA_CBC", "DES40_CBC", "DES_CBC", "3DES_EDE_CBC", "AES_128_CBC", "AES_256_CBC", "CAMELLIA_128_CBC", "CAMELLIA_256_CBC", "SEED_CBC", "AES_128_GCM", "AES_256_GCM", "CAMELLIA_128_GCM", "CAMELLIA_256_GCM", "CHACHA20_POLY1305"]
|
| + },
|
| + {
|
| + "id": "KeyExchangeNames",
|
| + "type": "string",
|
| + "enum": ["UNKNOWN", "NULL", "RSA", "RSA_EXPORT", "DH_DSS_EXPORT", "DH_DSS", "DH_RSA_EXPORT", "DH_RSA", "DHE_DSS_EXPORT", "DHE_DSS", "DHE_RSA_EXPORT", "DHE_RSA", "DH_anon_EXPORT", "DH_anon", "ECDH_ECDSA", "ECDHE_ECDSA", "ECDH_RSA", "ECDHE_RSA", "ECDH_anon"]
|
| + },
|
| + {
|
| + "id": "MACNames",
|
| + "type": "string",
|
| + "enum": ["UNKNOWN", "NULL", "HMAC-MD5", "HMAC-SHA1", "HMAC-SHA256", "HMAC-SHA384"]
|
| + },
|
| + {
|
| + "id": "ValidationErrors",
|
| + "type": "string",
|
| + "enum": ["ERR_CERT_REVOKED", "ERR_CERT_INVALID", "ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN", "ERR_CERT_AUTHORITY_INVALID", "ERR_CERT_COMMON_NAME_INVALID", "ERR_CERT_NAME_CONSTRAINT_VIOLATION", "ERR_CERT_WEAK_SIGNATURE_ALGORITHM", "ERR_CERT_WEAK_KEY", "ERR_CERT_DATE_INVALID", "ERR_CERT_VALIDITY_TOO_LONG", "ERR_CERT_UNABLE_TO_CHECK_REVOCATION", "ERR_CERT_NO_REVOCATION_MECHANISM"]
|
| + },
|
| + {
|
| + "id": "DistinguishedName",
|
| + "type": "object",
|
| + "properties": {
|
| + "commonName": {
|
| + "type": "string",
|
| + "optional": true,
|
| + "description": "Subject Common Name."
|
| + },
|
| + "localityName": {
|
| + "type": "string",
|
| + "optional": true,
|
| + "description": "Subject Locality Name."
|
| + },
|
| + "stateOrProvinceName": {
|
| + "type": "string",
|
| + "optional": true,
|
| + "description": "Subject State or Province Name."
|
| + },
|
| + "countryName": {
|
| + "type": "string",
|
| + "optional": true,
|
| + "description": "Subject Country Name."
|
| + },
|
| + "streetAddresses": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Subject Street Addresses."
|
| + },
|
| + "organizationNames": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Subject Organization Names."
|
| + },
|
| + "organizationUnitNames": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Subject Organization Unit."
|
| + },
|
| + "domainComponents": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Additional domain components."
|
| + }
|
| + }
|
| + },
|
| + {
|
| + "id": "Certificate",
|
| + "type": "object",
|
| + "properties": {
|
| + "raw": {
|
| + "type": "binary",
|
| + "optional": true,
|
| + "description": "ArrayBuffer containing the DER encoded certificate."
|
| + },
|
| + "serialNumber": {
|
| + "type": "string",
|
| + "description": "The serial number of the certificate."
|
| + },
|
| + "subject": {
|
| + "$ref": "DistinguishedName",
|
| + "description": "The subject of the certificate"
|
| + },
|
| + "issuer": {
|
| + "$ref": "DistinguishedName",
|
| + "optional": true,
|
| + "description": "The issuer subject of the certificate"
|
| + },
|
| + "expired": {
|
| + "type": "boolean",
|
| + "description": "True if the certificate is expired."
|
| + },
|
| + "notBefore": {
|
| + "type": "number",
|
| + "description": "notBefore time of the certificate"
|
| + },
|
| + "notAfter": {
|
| + "type": "number",
|
| + "description": "notAfter time of the certificate"
|
| + },
|
| + "DNSNames": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Array of DNS names contained in the certificate."
|
| + },
|
| + "IPAddresses": {
|
| + "type": "array",
|
| + "items": { "type": "string" },
|
| + "optional": true,
|
| + "description": "Array of IP Addresses contained in the certificate."
|
| + }
|
| + }
|
| + },
|
| + {
|
| + "id": "ConnectionInfo",
|
| + "type": "object",
|
| + "properties": {
|
| + "cipherSuiteStrength": {
|
| + "type": "integer",
|
| + "description": "Strength, in bits, of the cipher suite used."
|
| + },
|
| + "clientCertificateSent": {
|
| + "type": "boolean",
|
| + "description": "True if a client certificate was sent to the server."
|
| + },
|
| + "channelIDSent": {
|
| + "type": "boolean",
|
| + "description": "True if a channel ID was sent to the server."
|
| + },
|
| + "tokenBindingNegotiated": {
|
| + "type": "boolean",
|
| + "description": "True if Token Binding was negotiated with the server and verion and key params were agreed on."
|
| + },
|
| + "cipherName": {
|
| + "$ref": "CipherNames",
|
| + "description" :"Name of cipher used"
|
| + },
|
| + "keyExchangeName": {
|
| + "$ref": "KeyExchangeNames",
|
| + "description" :"Name of key exchange technique used."
|
| + },
|
| + "macName": {
|
| + "$ref": "MACNames",
|
| + "optional": true,
|
| + "description" :"Name of MAC used."
|
| + },
|
| + "aeadSuite": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if the cipher suite is AEAD."
|
| + },
|
| + "deflateCompression": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if deflate compression was used."
|
| + },
|
| + "sslVersion": {
|
| + "$ref": "SSLVersions",
|
| + "description": "The version of TLS used"
|
| + },
|
| + "versionFallback": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if TLS fallback occurred."
|
| + },
|
| + "noRenegotiationExtension": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if the no renegotiation extension was sent."
|
| + }
|
| + }
|
| + },
|
| + {
|
| + "id": "SSLInfo",
|
| + "type": "object",
|
| + "properties": {
|
| + "connectionInfo": {
|
| + "$ref": "ConnectionInfo",
|
| + "description": "Information about the ciphers and protocols used to establish the underlying connection."
|
| + },
|
| + "sentChain": {
|
| + "type": "array",
|
| + "optional": true,
|
| + "description": "Array of Certificates that was sent by the server.",
|
| + "items": {
|
| + "$ref": "Certificate"
|
| + }
|
| + },
|
| + "builtChain": {
|
| + "type": "object",
|
| + "optional": true,
|
| + "description": "An object containing information about the certificate chain that was built from the sent certificates.",
|
| + "properties": {
|
| + "valid": {
|
| + "type": "boolean",
|
| + "description": "True if built chain is valid."
|
| + },
|
| + "issuedByKnownRoot": {
|
| + "type": "boolean",
|
| + "description": "True if the leaf certificate issued by known root."
|
| + },
|
| + "extendedValidation": {
|
| + "type": "boolean",
|
| + "description": "True if the leaf certificate is EV."
|
| + },
|
| + "revocationCheckingEnabled": {
|
| + "type": "boolean",
|
| + "description": "True if reovcation checking for certificates in the chain is enabled."
|
| + },
|
| + "errors": {
|
| + "type": "array",
|
| + "description": "List of validation errors.",
|
| + "optional": true,
|
| + "items": {
|
| + "$ref": "ValidationErrors"
|
| + }
|
| + },
|
| + "nonUniqueName": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if a certificate in the chain contains non unique names."
|
| + },
|
| + "sha1SignaturePresent": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if a certificate in the chain uses a SHA1 signature."
|
| + },
|
| + "ctComplianceFailed": {
|
| + "type": "boolean",
|
| + "optional": true,
|
| + "description": "True if a certificate in the chain fails CT compliance checks."
|
| + },
|
| + "chain": {
|
| + "type": "array",
|
| + "description": "Array of Certificates built from the sent chain.",
|
| + "items": {
|
| + "$ref": "Certificate"
|
| + }
|
| + }
|
| + }
|
| + }
|
| + }
|
| }
|
| ],
|
| "functions": [
|
| @@ -525,7 +778,8 @@
|
| "fromCache": {"type": "boolean", "description": "Indicates if this response was fetched from disk cache."},
|
| "statusCode": {"type": "integer", "description": "Standard HTTP status code returned by the server."},
|
| "responseHeaders": {"$ref": "HttpHeaders", "optional": true, "description": "The HTTP response headers that were received along with this response."},
|
| - "statusLine": {"type": "string", "description": "HTTP status line of the response or the 'HTTP/0.9 200 OK' string for HTTP/0.9 responses (i.e., responses that lack a status line) or an empty string if there are no headers."}
|
| + "statusLine": {"type": "string", "description": "HTTP status line of the response or the 'HTTP/0.9 200 OK' string for HTTP/0.9 responses (i.e., responses that lack a status line) or an empty string if there are no headers."},
|
| + "sslInfo": {"$ref": "SSLInfo", "optional": true, "description": "Optional information about the underlying SSL/TLS transport, if one was used."}
|
| }
|
| }
|
| ],
|
|
|
Chromium Code Reviews
Issue 2156763003:
Extend the webRequest.onCompleted event details object with TLS/SSL information
Base URL: https://chromium.googlesource.com/chromium/src.git@master