CT: Adding preliminary Certificate Transparency support to Chromium.

chrome/browser/ui/website_settings/website_settings.h

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
 #define CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_
 
 #include "base/memory/scoped_ptr.h"
 #include "base/strings/string16.h"
 #include "base/time/time.h"
@@ skipping 48 matching lines @@
     SITE_IDENTITY_STATUS_NO_CERT,
     // An error occured while verifying the site identity.
     SITE_IDENTITY_STATUS_ERROR,
     // The site is a trusted internal chrome page.
     SITE_IDENTITY_STATUS_INTERNAL_PAGE,
     // The profile has accessed data using an administrator-provided
     // certificate, so the site might be able to intercept data.
     SITE_IDENTITY_STATUS_ADMIN_PROVIDED_CERT,
   };
 
+  // Validation status of a website's certificate via Certificate Transparency.
+  enum CertTransparencyStatus {
+    // No status about the website's certificate is available.
+    CERT_TRANSPARENCY_STATUS_UNKNOWN = 0,
+    // One or more SCTs present, none verified.
+    CERT_TRANSPARENCY_STATUS_HAS_SCT,
+    // One or more valid SCTs were presented for the server's certificate.
+    CERT_TRANSPARENCY_STATUS_HAS_VALID_SCT,
+    // XXX(rsleevi): Do we also plan to track "Presented SCTs, but none valid?"
+    // or "Presented SCTs, but not by any trusted logs" (etc).
+  };
+
   // Creates a WebsiteSettings for the passed |url| using the given |ssl| status
   // object to determine the status of the site's connection. The
   // |WebsiteSettings| takes ownership of the |ui|.
+  // XXX(rsleevi): Pass through the SCT store.
   WebsiteSettings(WebsiteSettingsUI* ui,
                   Profile* profile,
                   TabSpecificContentSettings* tab_specific_content_settings,
                   InfoBarService* infobar_service,
                   const GURL& url,
                   const content::SSLStatus& ssl,
                   content::CertStore* cert_store);
   virtual ~WebsiteSettings();
 
   // This method is called when ever a permission setting is changed.
@@ skipping 24 matching lines @@
   }
 
   string16 site_identity_details() const {
     return site_identity_details_;
   }
 
   string16 organization_name() const {
     return organization_name_;
   }
 
+  string16 cert_transparency_details() const {
+    return cert_transparency_details_;
+  }
+
   // SiteDataObserver implementation.
   virtual void OnSiteDataAccessed() OVERRIDE;
 
  private:
   // Initializes the |WebsiteSettings|.
   void Init(Profile* profile,
             const GURL& url,
             const content::SSLStatus& ssl);
 
   // Sets (presents) the information about the site's permissions in the |ui_|.
@@ skipping 31 matching lines @@
   // Status of the website's identity verification check.
   SiteIdentityStatus site_identity_status_;
 
   // For secure connection |cert_id_| is set to the ID of the server
   // certificate. For non secure connections |cert_id_| is 0.
   int cert_id_;
 
   // Status of the connection to the website.
   SiteConnectionStatus site_connection_status_;
 
+  CertTransparencyStatus cert_transparency_status_;
+
   // TODO(markusheintz): Move the creation of all the string16 typed UI
   // strings below to the corresponding UI code, in order to prevent
   // unnecessary UTF-8 string conversions.
 
   // Details about the website's identity. If the website's identity has been
   // verified then |site_identity_details_| contains who verified the identity.
   // This string will be displayed in the UI.
   string16 site_identity_details_;
 
   // Details about the connection to the website. In case of an encrypted
   // connection |site_connection_details_| contains encryption details, like
   // encryption strength and ssl protocol version. This string will be
   // displayed in the UI.
   string16 site_connection_details_;
 
   // For websites that provided an EV certificate |orgainization_name_|
   // contains the organization name of the certificate. In all other cases
   // |organization_name| is an empty string. This string will be displayed in
   // the UI.
   string16 organization_name_;
 
+  // For websites that were successfully checked using Certificate
+  // Transparency, contains a description about the validation status and which
+  // logs were used. This string will be displayed in the UI.
+  string16 cert_transparency_details_;
+
   // The |CertStore| provides all X509Certificates.
   content::CertStore* cert_store_;
 
   // The |HostContentSettingsMap| is the service that provides and manages
   // content settings (aka. site permissions).
   HostContentSettingsMap* content_settings_;
 
   // Used to request the number of page visits.
   CancelableRequestConsumer visit_count_request_consumer_;
 
   DISALLOW_COPY_AND_ASSIGN(WebsiteSettings);
 };
 
 #endif  // CHROME_BROWSER_UI_WEBSITE_SETTINGS_WEBSITE_SETTINGS_H_