Replace key_exchange_info with key_exchange_group.

net/http/http_response_info.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_response_info.h"
 
+#include <openssl/ssl.h>
+
 #include "base/logging.h"
 #include "base/pickle.h"
 #include "base/time/time.h"
 #include "net/base/auth.h"
 #include "net/base/io_buffer.h"
 #include "net/base/net_errors.h"
 #include "net/cert/sct_status_flags.h"
 #include "net/cert/signed_certificate_timestamp.h"
 #include "net/cert/x509_certificate.h"
 #include "net/http/http_response_headers.h"
 #include "net/ssl/ssl_cert_request_info.h"
+#include "net/ssl/ssl_connection_status_flags.h"
 
 using base::Time;
 
 namespace net {
 
 namespace {
 
 X509Certificate::PickleType GetPickleTypeForVersion(int version) {
   switch (version) {
     case 1:
       return X509Certificate::PICKLETYPE_SINGLE_CERTIFICATE;
     case 2:
       return X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V2;
     case 3:
     default:
       return X509Certificate::PICKLETYPE_CERTIFICATE_CHAIN_V3;
   }
 }
 
+bool KeyExchangeGroupIsValid(int ssl_connection_status) {
+  // TLS 1.3 and later always treat the field correctly.
+  if (SSLConnectionStatusToVersion(ssl_connection_status) >=
+      SSL_CONNECTION_VERSION_TLS1_3) {
+    return true;
+  }
+
+  // Prior to TLS 1.3, only ECDHE ciphers have groups.
+  const SSL_CIPHER* cipher = SSL_get_cipher_by_value(
+      SSLConnectionStatusToCipherSuite(ssl_connection_status));
+  return cipher && SSL_CIPHER_is_ECDHE(cipher);
+}
+
 }  // namespace
 
 // These values can be bit-wise combined to form the flags field of the
 // serialized HttpResponseInfo.
 enum {
   // The version of the response info used when persisting response info.
   RESPONSE_INFO_VERSION = 3,
 
   // The minimum version supported for deserializing response info.
   RESPONSE_INFO_MINIMUM_VERSION = 1,
@@ skipping 40 matching lines @@
   RESPONSE_INFO_HAS_CONNECTION_INFO = 1 << 18,
 
   // This bit is set if the request has http authentication.
   RESPONSE_INFO_USE_HTTP_AUTHENTICATION = 1 << 19,
 
   // This bit is set if ssl_info has SCTs.
   RESPONSE_INFO_HAS_SIGNED_CERTIFICATE_TIMESTAMPS = 1 << 20,
 
   RESPONSE_INFO_UNUSED_SINCE_PREFETCH = 1 << 21,
 
-  // This bit is set if the response has a key-exchange-info field at the end.
-  RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO = 1 << 22,
+  // This bit is set if the response has a key exchange group.
+  RESPONSE_INFO_HAS_KEY_EXCHANGE_GROUP = 1 << 22,
 
   // This bit is set if ssl_info recorded that PKP was bypassed due to a local
   // trust anchor.
   RESPONSE_INFO_PKP_BYPASSED = 1 << 23,
 
   // TODO(darin): Add other bits to indicate alternate request methods.
   // For now, we don't support storing those.
 };
 
 HttpResponseInfo::HttpResponseInfo()
@@ skipping 170 matching lines @@
     int value;
     if (!iter.ReadInt(&value))
       return false;
 
     if (value > static_cast<int>(CONNECTION_INFO_UNKNOWN) &&
         value < static_cast<int>(NUM_OF_CONNECTION_INFOS)) {
       connection_info = static_cast<ConnectionInfo>(value);
     }
   }
 
-  // Read key_exchange_info
-  if (flags & RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO) {
-    int key_exchange_info;
-    if (!iter.ReadInt(&key_exchange_info))
+  // Read key_exchange_group
+  if (flags & RESPONSE_INFO_HAS_KEY_EXCHANGE_GROUP) {
+    int key_exchange_group;
+    if (!iter.ReadInt(&key_exchange_group))
       return false;
-    ssl_info.key_exchange_info = key_exchange_info;
+
+    // Historically, the key_exchange_group field was key_exchange_info which
+    // conflated a number of different values based on the cipher suite, so some
+    // values must be discarded. See https://crbug.com/639421.
+    if (KeyExchangeGroupIsValid(ssl_info.connection_status))
+      ssl_info.key_exchange_group = key_exchange_group;
   }
 
   was_fetched_via_spdy = (flags & RESPONSE_INFO_WAS_SPDY) != 0;
 
   was_npn_negotiated = (flags & RESPONSE_INFO_WAS_NPN) != 0;
 
   was_fetched_via_proxy = (flags & RESPONSE_INFO_WAS_PROXY) != 0;
 
   *response_truncated = (flags & RESPONSE_INFO_TRUNCATED) != 0;
 
   did_use_http_auth = (flags & RESPONSE_INFO_USE_HTTP_AUTHENTICATION) != 0;
 
   unused_since_prefetch = (flags & RESPONSE_INFO_UNUSED_SINCE_PREFETCH) != 0;
 
   ssl_info.pkp_bypassed = (flags & RESPONSE_INFO_PKP_BYPASSED) != 0;
 
   return true;
 }
 
 void HttpResponseInfo::Persist(base::Pickle* pickle,
                                bool skip_transient_headers,
                                bool response_truncated) const {
   int flags = RESPONSE_INFO_VERSION;
   if (ssl_info.is_valid()) {
     flags |= RESPONSE_INFO_HAS_CERT;
     flags |= RESPONSE_INFO_HAS_CERT_STATUS;
     if (ssl_info.security_bits != -1)
       flags |= RESPONSE_INFO_HAS_SECURITY_BITS;
-    if (ssl_info.key_exchange_info != 0)
-      flags |= RESPONSE_INFO_HAS_KEY_EXCHANGE_INFO;
+    if (ssl_info.key_exchange_group != 0)
+      flags |= RESPONSE_INFO_HAS_KEY_EXCHANGE_GROUP;
     if (ssl_info.connection_status != 0)
       flags |= RESPONSE_INFO_HAS_SSL_CONNECTION_STATUS;
   }
   if (vary_data.is_valid())
     flags |= RESPONSE_INFO_HAS_VARY_DATA;
   if (response_truncated)
     flags |= RESPONSE_INFO_TRUNCATED;
   if (was_fetched_via_spdy)
     flags |= RESPONSE_INFO_WAS_SPDY;
   if (was_npn_negotiated) {
@@ skipping 54 matching lines @@
 
   pickle->WriteString(socket_address.host());
   pickle->WriteUInt16(socket_address.port());
 
   if (was_npn_negotiated)
     pickle->WriteString(npn_negotiated_protocol);
 
   if (connection_info != CONNECTION_INFO_UNKNOWN)
     pickle->WriteInt(static_cast<int>(connection_info));
 
-  if (ssl_info.is_valid() && ssl_info.key_exchange_info != 0)
-    pickle->WriteInt(ssl_info.key_exchange_info);
+  if (ssl_info.is_valid() && ssl_info.key_exchange_group != 0)
+    pickle->WriteInt(ssl_info.key_exchange_group);
 }
 
 HttpResponseInfo::ConnectionInfo HttpResponseInfo::ConnectionInfoFromNextProto(
     NextProto next_proto) {
   switch (next_proto) {
     case kProtoHTTP2:
       return CONNECTION_INFO_HTTP2;
     case kProtoQUIC1SPDY3:
       return CONNECTION_INFO_QUIC1_SPDY3;
 
@@ skipping 34 matching lines @@
     case CONNECTION_INFO_HTTP1_0:
       return "http/1.0";
     case NUM_OF_CONNECTION_INFOS:
       break;
   }
   NOTREACHED();
   return "";
 }
 
 }  // namespace net