Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(2798)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/website_settings/website_settings.cc

Issue 27026002: CT: Adding preliminary Certificate Transparency support to Chromium. Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Distinguish between SCTs from unknown logs and unverified ones Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ui/website_settings/website_settings.h ('k') | chrome/browser/ui/website_settings/website_settings_ui.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/website_settings/website_settings.cc
diff --git a/chrome/browser/ui/website_settings/website_settings.cc b/chrome/browser/ui/website_settings/website_settings.cc
index ab82b18234b9c24adb85eecbda88d356a898fd18..224ded9d20e22e9a18497c4e3c1e8ee889ad93e0 100644
--- a/chrome/browser/ui/website_settings/website_settings.cc
+++ b/chrome/browser/ui/website_settings/website_settings.cc
@@ -89,6 +89,7 @@ WebsiteSettings::WebsiteSettings(
site_identity_status_(SITE_IDENTITY_STATUS_UNKNOWN),
cert_id_(0),
site_connection_status_(SITE_CONNECTION_STATUS_UNKNOWN),
+ cert_transparency_status_(CERT_TRANSPARENCY_STATUS_UNKNOWN),
cert_store_(cert_store),
content_settings_(profile->GetHostContentSettingsMap()) {
Init(profile, url, ssl);
@@ -362,6 +363,33 @@ void WebsiteSettings::Init(Profile* profile,
}
}
+
+ // Certificate Transparency: Priority for indicators:
+ // 1. Has valid SCT from known log.
+ // 2. Has SCT which could not be verified from a known log.
+ // 3. Has SCT(s) from unknown logs
+ // 4. No CT information
+ if (ssl.cert_id) {
+ if (ssl.cert_status & net::CERT_STATUS_HAS_VALID_SCT) {
+ cert_transparency_status_ = CERT_TRANSPARENCY_STATUS_HAS_VALID_SCT;
+ cert_transparency_details_.assign(l10n_util::GetStringUTF16(
+ IDS_PAGE_INFO_SECURITY_TAB_CT_VERIFIED));
+ } else if (ssl.cert_status & net::CERT_STATUS_HAS_SCT_FROM_KNOWN_LOG) {
+ cert_transparency_status_ = CERT_TRANSPARENCY_STATUS_HAS_SCT;
+ cert_transparency_details_.assign(l10n_util::GetStringUTF16(
+ IDS_PAGE_INFO_SECURITY_TAB_CT_NOT_VERIFIED));
+ } else if (ssl.cert_status & net::CERT_STATUS_HAS_ANY_SCT) {
+ cert_transparency_status_ = CERT_TRANSPARENCY_STATUS_HAS_SCT;
+ cert_transparency_details_.assign(l10n_util::GetStringUTF16(
+ IDS_PAGE_INFO_SECURITY_TAB_CT_HAS_SCT));
+ } else {
+ // No CT information
+ cert_transparency_status_ = CERT_TRANSPARENCY_STATUS_UNKNOWN;
+ cert_transparency_details_.assign(l10n_util::GetStringUTF16(
+ IDS_PAGE_INFO_SECURITY_TAB_CT_NO_SCT));
+ }
+ }
+
// Site Connection
// We consider anything less than 80 bits encryption to be weak encryption.
// TODO(wtc): Bug 1198735: report mixed/unsafe content for unencrypted and
@@ -592,6 +620,10 @@ void WebsiteSettings::PresentSiteIdentity() {
info.identity_status_description =
UTF16ToUTF8(site_identity_details_);
info.cert_id = cert_id_;
+
+ info.cert_transparency_status = cert_transparency_status_;
+ info.cert_transparency_description = UTF16ToUTF8(cert_transparency_details_);
+
ui_->SetIdentityInfo(info);
}
« no previous file with comments | « chrome/browser/ui/website_settings/website_settings.h ('k') | chrome/browser/ui/website_settings/website_settings_ui.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698