Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1936)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/website_settings/website_settings.cc

Issue 2483093002: Remove Certificate Transparency information from WebsiteSettings (Closed)
Patch Set: fix windows compile error Created 4 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ui/website_settings/website_settings.h ('k') | chrome/browser/ui/website_settings/website_settings_ui.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/website_settings/website_settings.cc
diff --git a/chrome/browser/ui/website_settings/website_settings.cc b/chrome/browser/ui/website_settings/website_settings.cc
index f880bcb0e2d72dc160bb14025b4b059afd2b6531..e52a3b9175a021ab97d092aaf8e1dc8d2732dbd3 100644
--- a/chrome/browser/ui/website_settings/website_settings.cc
+++ b/chrome/browser/ui/website_settings/website_settings.cc
@@ -193,60 +193,6 @@ void GetSiteIdentityByMaliciousContentStatus(
}
}
-// Returns true if any of the given statuses match |status|.
-bool CertificateTransparencyStatusMatchAny(
- const std::vector<net::ct::SCTVerifyStatus>& sct_verify_statuses,
- net::ct::SCTVerifyStatus status) {
- for (const auto& verify_status : sct_verify_statuses) {
- if (verify_status == status)
- return true;
- }
- return false;
-}
-
-int GetSiteIdentityDetailsMessageByCTInfo(
- const std::vector<net::ct::SCTVerifyStatus>& sct_verify_statuses,
- bool is_ev) {
- // No SCTs - no CT information.
- if (sct_verify_statuses.empty())
- return (is_ev ? IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_NO_CT
- : IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_NO_CT);
-
- // Any valid SCT.
- if (CertificateTransparencyStatusMatchAny(sct_verify_statuses,
- net::ct::SCT_STATUS_OK))
- return (is_ev ? IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_VERIFIED
- : IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_VERIFIED);
-
- // Any invalid SCT.
- if (CertificateTransparencyStatusMatchAny(
- sct_verify_statuses, net::ct::SCT_STATUS_INVALID_TIMESTAMP) ||
- CertificateTransparencyStatusMatchAny(
- sct_verify_statuses, net::ct::SCT_STATUS_INVALID_SIGNATURE))
- return (is_ev ? IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_INVALID
- : IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_INVALID);
-
- // All SCTs are from unknown logs.
- return (is_ev ? IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_CT_UNVERIFIED
- : IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_CT_UNVERIFIED);
-}
-
-// This function will return SITE_IDENTITY_STATUS_CERT or
-// SITE_IDENTITY_STATUS_EV_CERT depending on |is_ev| unless all SCTs
-// failed verification, in which case it will return
-// SITE_IDENTITY_STATUS_ERROR.
-WebsiteSettings::SiteIdentityStatus GetSiteIdentityStatusByCTInfo(
- const std::vector<net::ct::SCTVerifyStatus>& sct_verify_statuses,
- bool is_ev) {
- if (sct_verify_statuses.empty() ||
- CertificateTransparencyStatusMatchAny(sct_verify_statuses,
- net::ct::SCT_STATUS_OK))
- return is_ev ? WebsiteSettings::SITE_IDENTITY_STATUS_EV_CERT
- : WebsiteSettings::SITE_IDENTITY_STATUS_CERT;
-
- return WebsiteSettings::SITE_IDENTITY_STATUS_CT_ERROR;
-}
-
base::string16 GetSimpleSiteName(const GURL& url) {
return url_formatter::FormatUrlForSecurityDisplay(
url, url_formatter::SchemeDisplay::OMIT_HTTP_AND_HTTPS);
@@ -472,6 +418,7 @@ void WebsiteSettings::Init(
// Identity section.
certificate_ = security_info.certificate;
+ bool is_ev = !!(security_info.cert_status & net::CERT_STATUS_IS_EV);
lgarron 2016/11/14 23:30:57 Nit: Keep this inside the `else`, since it's only
estark 2016/11/15 00:56:24 Done.
if (security_info.malicious_content_status !=
security_state::SecurityStateModel::MALICIOUS_CONTENT_STATUS_NONE) {
// The site has been flagged by Safe Browsing as dangerous.
@@ -497,9 +444,7 @@ void WebsiteSettings::Init(
}
site_identity_details_.assign(l10n_util::GetStringFUTF16(
- GetSiteIdentityDetailsMessageByCTInfo(
- security_info.sct_verify_statuses, false /* not EV */),
- issuer_name));
+ IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_VERIFIED, issuer_name));
site_identity_details_ += ASCIIToUTF16("\n\n");
if (security_info.cert_status &
@@ -514,10 +459,10 @@ void WebsiteSettings::Init(
NOTREACHED() << "Need to specify string for this warning";
}
} else {
- if (security_info.cert_status & net::CERT_STATUS_IS_EV) {
+ // No major or minor errors.
+ if (is_ev) {
// EV HTTPS page.
- site_identity_status_ = GetSiteIdentityStatusByCTInfo(
- security_info.sct_verify_statuses, true);
+ site_identity_status_ = SITE_IDENTITY_STATUS_EV_CERT;
DCHECK(!certificate_->subject().organization_names.empty());
organization_name_ =
UTF8ToUTF16(certificate_->subject().organization_names[0]);
@@ -540,15 +485,12 @@ void WebsiteSettings::Init(
}
DCHECK(!certificate_->subject().organization_names.empty());
site_identity_details_.assign(l10n_util::GetStringFUTF16(
- GetSiteIdentityDetailsMessageByCTInfo(
- security_info.sct_verify_statuses, true /* is EV */),
+ IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_EV_VERIFIED,
UTF8ToUTF16(certificate_->subject().organization_names[0]),
- locality,
- UTF8ToUTF16(certificate_->issuer().GetDisplayName())));
+ locality, UTF8ToUTF16(certificate_->issuer().GetDisplayName())));
} else {
// Non-EV OK HTTPS page.
- site_identity_status_ = GetSiteIdentityStatusByCTInfo(
- security_info.sct_verify_statuses, false);
+ site_identity_status_ = SITE_IDENTITY_STATUS_CERT;
base::string16 issuer_name(
UTF8ToUTF16(certificate_->issuer().GetDisplayName()));
if (issuer_name.empty()) {
@@ -557,9 +499,7 @@ void WebsiteSettings::Init(
}
site_identity_details_.assign(l10n_util::GetStringFUTF16(
- GetSiteIdentityDetailsMessageByCTInfo(
- security_info.sct_verify_statuses, false /* not EV */),
- issuer_name));
+ IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_VERIFIED, issuer_name));
}
switch (security_info.sha1_deprecation_status) {
case SecurityStateModel::DEPRECATED_SHA1_MINOR:
@@ -749,7 +689,6 @@ void WebsiteSettings::Init(
site_connection_status_ ==
SITE_CONNECTION_STATUS_INSECURE_ACTIVE_SUBRESOURCE ||
site_identity_status_ == SITE_IDENTITY_STATUS_ERROR ||
- site_identity_status_ == SITE_IDENTITY_STATUS_CT_ERROR ||
site_identity_status_ == SITE_IDENTITY_STATUS_CERT_REVOCATION_UNKNOWN ||
site_identity_status_ == SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT ||
site_identity_status_ ==
« no previous file with comments | « chrome/browser/ui/website_settings/website_settings.h ('k') | chrome/browser/ui/website_settings/website_settings_ui.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698