extensions/browser/api/web_request/web_request_event_details.cc - Issue 2156763003: Extend the webRequest.onCompleted event details object with TLS/SSL information

Unified Diff: extensions/browser/api/web_request/web_request_event_details.cc

Issue 2156763003: Extend the webRequest.onCompleted event details object with TLS/SSL information Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Use BoringSSL's SSL_CIPHER_get_rfc_name Created 4 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« extensions/browser/api/web_request/web_request_event_details.h ('K') | « extensions/browser/api/web_request/web_request_event_details.h ('k') | extensions/common/api/web_request.json » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: extensions/browser/api/web_request/web_request_event_details.cc

diff --git a/extensions/browser/api/web_request/web_request_event_details.cc b/extensions/browser/api/web_request/web_request_event_details.cc

index d7a3e10c82713c857339ceb6b1323cfbc1f87b62..d1dc657965f6c9381fce191e1f602eb8b5f72e86 100644

--- a/extensions/browser/api/web_request/web_request_event_details.cc

+++ b/extensions/browser/api/web_request/web_request_event_details.cc

@@ -18,7 +18,10 @@

#include "net/base/upload_data_stream.h"

#include "net/http/http_request_headers.h"

#include "net/http/http_response_headers.h"

+#include "net/ssl/ssl_cipher_suite_names.h"

+#include "net/ssl/ssl_connection_status_flags.h"

#include "net/url_request/url_request.h"

+#include "third_party/boringssl/src/include/openssl/ssl.h"

using extension_web_request_api_helpers::ExtraInfoSpec;

@@ -236,4 +239,47 @@ void WebRequestEventDetails::OnDeterminedFrameData(

callback.Run(std::move(self));

}

+void WebRequestEventDetails::SetSSLInfo(const net::URLRequest* request) {

+ const net::SSLInfo ssl_info = request->ssl_info();

+ base::DictionaryValue* info_dict = new base::DictionaryValue();

+ const char* ssl_version;

+ net::SSLVersionToString(&ssl_version, net::SSLConnectionStatusToVersion(

+ ssl_info.connection_status));

+ if (strncmp(ssl_version, "?", 1) == 0)

+ ssl_version = "UNKNOWN";

+ info_dict->SetString(keys::kSSLVersionKey, ssl_version);

+ const SSL_CIPHER* cipher = SSL_get_cipher_by_value(

+ net::SSLConnectionStatusToCipherSuite(ssl_info.connection_status));

+ char* cipher_name = SSL_CIPHER_get_rfc_name(cipher);

+ if (cipher_name) {

+ std::string rfc_name = std::string(cipher_name);

+ OPENSSL_free(cipher_name);

+ info_dict->SetString(keys::kCipherSuiteKey, rfc_name);

+ }

+ base::DictionaryValue* built_dict = new base::DictionaryValue();

+ built_dict->SetBoolean(keys::kCertificateIssuedByKnownRootKey,

+ ssl_info.is_issued_by_known_root);

+ built_dict->Set(keys::kChainKey,

+ helpers::ExtractCertificateChain(ssl_info.cert));

+ base::ListValue* errors =

+ helpers::ParseCertificateStatusErrors(ssl_info.cert_status);

+ built_dict->SetBoolean(keys::kCertificateValidKey,

+ ssl_info.is_valid() && errors->GetSize() == 0);

+ if (errors->GetSize() != 0)

+ built_dict->Set(keys::kErrorsKey, errors);

+ built_dict->SetBoolean(keys::kEVCertificateKey,

+ (ssl_info.cert_status & net::CERT_STATUS_IS_EV));

+ info_dict->Set(keys::kBuiltChainKey, built_dict);

+ info_dict->Set(keys::kSentChainKey,

+ helpers::ExtractCertificateChain(ssl_info.unverified_cert));

+ dict_.Set(keys::kSSLInfoKey, info_dict);

} // namespace extensions