OLD | NEW |
1 // Copyright 2016 The Chromium Authors. All rights reserved. | 1 // Copyright 2016 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h" | 5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/base64.h" | 9 #include "base/base64.h" |
10 #include "base/command_line.h" | 10 #include "base/command_line.h" |
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
143 ChromeExpectCTReporter::ChromeExpectCTReporter( | 143 ChromeExpectCTReporter::ChromeExpectCTReporter( |
144 net::URLRequestContext* request_context) | 144 net::URLRequestContext* request_context) |
145 : report_sender_( | 145 : report_sender_( |
146 new net::ReportSender(request_context, kTrafficAnnotation)) {} | 146 new net::ReportSender(request_context, kTrafficAnnotation)) {} |
147 | 147 |
148 ChromeExpectCTReporter::~ChromeExpectCTReporter() {} | 148 ChromeExpectCTReporter::~ChromeExpectCTReporter() {} |
149 | 149 |
150 void ChromeExpectCTReporter::OnExpectCTFailed( | 150 void ChromeExpectCTReporter::OnExpectCTFailed( |
151 const net::HostPortPair& host_port_pair, | 151 const net::HostPortPair& host_port_pair, |
152 const GURL& report_uri, | 152 const GURL& report_uri, |
| 153 base::Time expiration, |
153 const net::X509Certificate* validated_certificate_chain, | 154 const net::X509Certificate* validated_certificate_chain, |
154 const net::X509Certificate* served_certificate_chain, | 155 const net::X509Certificate* served_certificate_chain, |
155 const net::SignedCertificateTimestampAndStatusList& | 156 const net::SignedCertificateTimestampAndStatusList& |
156 signed_certificate_timestamps) { | 157 signed_certificate_timestamps) { |
157 if (report_uri.is_empty()) | 158 if (report_uri.is_empty()) |
158 return; | 159 return; |
159 | 160 |
160 if (!base::FeatureList::IsEnabled(features::kExpectCTReporting)) | 161 if (!base::FeatureList::IsEnabled(features::kExpectCTReporting)) |
161 return; | 162 return; |
162 | 163 |
163 // TODO(estark): De-duplicate reports so that the same report isn't | |
164 // sent too often in some period of time. | |
165 | |
166 base::DictionaryValue report; | 164 base::DictionaryValue report; |
167 report.SetString("hostname", host_port_pair.host()); | 165 report.SetString("hostname", host_port_pair.host()); |
168 report.SetInteger("port", host_port_pair.port()); | 166 report.SetInteger("port", host_port_pair.port()); |
169 report.SetString("date-time", TimeToISO8601(base::Time::Now())); | 167 report.SetString("date-time", TimeToISO8601(base::Time::Now())); |
| 168 report.SetString("effective-expiration-date", TimeToISO8601(expiration)); |
170 report.Set("served-certificate-chain", | 169 report.Set("served-certificate-chain", |
171 GetPEMEncodedChainAsList(served_certificate_chain)); | 170 GetPEMEncodedChainAsList(served_certificate_chain)); |
172 report.Set("validated-certificate-chain", | 171 report.Set("validated-certificate-chain", |
173 GetPEMEncodedChainAsList(validated_certificate_chain)); | 172 GetPEMEncodedChainAsList(validated_certificate_chain)); |
174 | 173 |
175 std::unique_ptr<base::ListValue> unknown_scts(new base::ListValue()); | 174 std::unique_ptr<base::ListValue> unknown_scts(new base::ListValue()); |
176 std::unique_ptr<base::ListValue> invalid_scts(new base::ListValue()); | 175 std::unique_ptr<base::ListValue> invalid_scts(new base::ListValue()); |
177 std::unique_ptr<base::ListValue> valid_scts(new base::ListValue()); | 176 std::unique_ptr<base::ListValue> valid_scts(new base::ListValue()); |
178 | 177 |
179 for (const auto& sct_and_status : signed_certificate_timestamps) { | 178 for (const auto& sct_and_status : signed_certificate_timestamps) { |
(...skipping 22 matching lines...) Expand all Loading... |
202 LOG(ERROR) << "Failed to serialize Expect CT report"; | 201 LOG(ERROR) << "Failed to serialize Expect CT report"; |
203 return; | 202 return; |
204 } | 203 } |
205 | 204 |
206 UMA_HISTOGRAM_BOOLEAN("SSL.ExpectCTReportSendingAttempt", true); | 205 UMA_HISTOGRAM_BOOLEAN("SSL.ExpectCTReportSendingAttempt", true); |
207 | 206 |
208 report_sender_->Send(report_uri, "application/json; charset=utf-8", | 207 report_sender_->Send(report_uri, "application/json; charset=utf-8", |
209 serialized_report, base::Callback<void()>(), | 208 serialized_report, base::Callback<void()>(), |
210 base::Bind(RecordUMAOnFailure)); | 209 base::Bind(RecordUMAOnFailure)); |
211 } | 210 } |
OLD | NEW |