| Index: content/common/ssl_status_serialization.cc
|
| diff --git a/content/common/ssl_status_serialization.cc b/content/common/ssl_status_serialization.cc
|
| index 96349da3d39a9737eb1cae5def436a74f589a593..a105e7ea450fcd953edec497eeb1a87b32eb00c7 100644
|
| --- a/content/common/ssl_status_serialization.cc
|
| +++ b/content/common/ssl_status_serialization.cc
|
| @@ -26,6 +26,23 @@ bool CheckSecurityStyle(int security_style) {
|
| return false;
|
| }
|
|
|
| +// Checks that an integer |sct_status| is a valid net::ct::SCTVerifyStatus enum
|
| +// value. Returns true if valid, false otherwise.
|
| +bool CheckSCTStatus(uint32_t sct_status) {
|
| + switch (sct_status) {
|
| + case net::ct::SCT_STATUS_LOG_UNKNOWN:
|
| + case net::ct::SCT_STATUS_INVALID:
|
| + case net::ct::SCT_STATUS_OK:
|
| + case net::ct::SCT_STATUS_MAX:
|
| + return true;
|
| + case net::ct::SCT_STATUS_NONE:
|
| + // SCT_STATUS_NONE should never happen, so it isn't valid to
|
| + // receive a status of NONE in a serialized SSLStatus.
|
| + return false;
|
| + }
|
| + return false;
|
| +}
|
| +
|
| } // namespace
|
|
|
| namespace content {
|
| @@ -38,9 +55,10 @@ std::string SerializeSecurityInfo(const SSLStatus& ssl_status) {
|
| pickle.WriteInt(ssl_status.security_bits);
|
| pickle.WriteInt(ssl_status.key_exchange_info);
|
| pickle.WriteInt(ssl_status.connection_status);
|
| - pickle.WriteUInt32(ssl_status.num_unknown_scts);
|
| - pickle.WriteUInt32(ssl_status.num_invalid_scts);
|
| - pickle.WriteUInt32(ssl_status.num_valid_scts);
|
| + pickle.WriteUInt32(ssl_status.sct_statuses.size());
|
| + for (const auto& sct_status : ssl_status.sct_statuses) {
|
| + pickle.WriteUInt32(sct_status);
|
| + }
|
| pickle.WriteBool(ssl_status.pkp_bypassed);
|
| return std::string(static_cast<const char*>(pickle.data()), pickle.size());
|
| }
|
| @@ -60,11 +78,27 @@ bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {
|
| !iter.ReadUInt32(&ssl_status->cert_status) ||
|
| !iter.ReadInt(&ssl_status->security_bits) ||
|
| !iter.ReadInt(&ssl_status->key_exchange_info) ||
|
| - !iter.ReadInt(&ssl_status->connection_status) ||
|
| - !iter.ReadUInt32(&ssl_status->num_unknown_scts) ||
|
| - !iter.ReadUInt32(&ssl_status->num_invalid_scts) ||
|
| - !iter.ReadUInt32(&ssl_status->num_valid_scts) ||
|
| - !iter.ReadBool(&ssl_status->pkp_bypassed)) {
|
| + !iter.ReadInt(&ssl_status->connection_status)) {
|
| + *ssl_status = SSLStatus();
|
| + return false;
|
| + }
|
| +
|
| + uint32_t num_sct_statuses;
|
| + if (!iter.ReadUInt32(&num_sct_statuses)) {
|
| + return false;
|
| + }
|
| +
|
| + for (uint32_t i = 0; i < num_sct_statuses; i++) {
|
| + uint32_t sct_status;
|
| + if (!iter.ReadUInt32(&sct_status) || !CheckSCTStatus(sct_status)) {
|
| + *ssl_status = SSLStatus();
|
| + return false;
|
| + }
|
| + ssl_status->sct_statuses.push_back(
|
| + static_cast<net::ct::SCTVerifyStatus>(sct_status));
|
| + }
|
| +
|
| + if (!iter.ReadBool(&ssl_status->pkp_bypassed)) {
|
| *ssl_status = SSLStatus();
|
| return false;
|
| }
|
|
|
Chromium Code Reviews
Issue 2206093004:
Change SSLStatus to carry a vector of SCT statuses instead of counters (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master