Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(103)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/chrome_expect_ct_reporter.cc

Issue 2944953002: Add effective-expiration-date to Expect-CT reports (Closed)
Patch Set: meacer comments Created 3 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/chrome_expect_ct_reporter.h ('k') | chrome/browser/ssl/chrome_expect_ct_reporter_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2016 The Chromium Authors. All rights reserved. 1 // Copyright 2016 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h" 5 #include "chrome/browser/ssl/chrome_expect_ct_reporter.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/base64.h" 9 #include "base/base64.h"
10 #include "base/command_line.h" 10 #include "base/command_line.h"
(...skipping 132 matching lines...) Expand 10 before | Expand all | Expand 10 after
143 ChromeExpectCTReporter::ChromeExpectCTReporter( 143 ChromeExpectCTReporter::ChromeExpectCTReporter(
144 net::URLRequestContext* request_context) 144 net::URLRequestContext* request_context)
145 : report_sender_( 145 : report_sender_(
146 new net::ReportSender(request_context, kTrafficAnnotation)) {} 146 new net::ReportSender(request_context, kTrafficAnnotation)) {}
147 147
148 ChromeExpectCTReporter::~ChromeExpectCTReporter() {} 148 ChromeExpectCTReporter::~ChromeExpectCTReporter() {}
149 149
150 void ChromeExpectCTReporter::OnExpectCTFailed( 150 void ChromeExpectCTReporter::OnExpectCTFailed(
151 const net::HostPortPair& host_port_pair, 151 const net::HostPortPair& host_port_pair,
152 const GURL& report_uri, 152 const GURL& report_uri,
153 base::Time expiration,
153 const net::X509Certificate* validated_certificate_chain, 154 const net::X509Certificate* validated_certificate_chain,
154 const net::X509Certificate* served_certificate_chain, 155 const net::X509Certificate* served_certificate_chain,
155 const net::SignedCertificateTimestampAndStatusList& 156 const net::SignedCertificateTimestampAndStatusList&
156 signed_certificate_timestamps) { 157 signed_certificate_timestamps) {
157 if (report_uri.is_empty()) 158 if (report_uri.is_empty())
158 return; 159 return;
159 160
160 if (!base::FeatureList::IsEnabled(features::kExpectCTReporting)) 161 if (!base::FeatureList::IsEnabled(features::kExpectCTReporting))
161 return; 162 return;
162 163
163 // TODO(estark): De-duplicate reports so that the same report isn't
164 // sent too often in some period of time.
165
166 base::DictionaryValue report; 164 base::DictionaryValue report;
167 report.SetString("hostname", host_port_pair.host()); 165 report.SetString("hostname", host_port_pair.host());
168 report.SetInteger("port", host_port_pair.port()); 166 report.SetInteger("port", host_port_pair.port());
169 report.SetString("date-time", TimeToISO8601(base::Time::Now())); 167 report.SetString("date-time", TimeToISO8601(base::Time::Now()));
168 report.SetString("effective-expiration-date", TimeToISO8601(expiration));
170 report.Set("served-certificate-chain", 169 report.Set("served-certificate-chain",
171 GetPEMEncodedChainAsList(served_certificate_chain)); 170 GetPEMEncodedChainAsList(served_certificate_chain));
172 report.Set("validated-certificate-chain", 171 report.Set("validated-certificate-chain",
173 GetPEMEncodedChainAsList(validated_certificate_chain)); 172 GetPEMEncodedChainAsList(validated_certificate_chain));
174 173
175 std::unique_ptr<base::ListValue> unknown_scts(new base::ListValue()); 174 std::unique_ptr<base::ListValue> unknown_scts(new base::ListValue());
176 std::unique_ptr<base::ListValue> invalid_scts(new base::ListValue()); 175 std::unique_ptr<base::ListValue> invalid_scts(new base::ListValue());
177 std::unique_ptr<base::ListValue> valid_scts(new base::ListValue()); 176 std::unique_ptr<base::ListValue> valid_scts(new base::ListValue());
178 177
179 for (const auto& sct_and_status : signed_certificate_timestamps) { 178 for (const auto& sct_and_status : signed_certificate_timestamps) {
(...skipping 22 matching lines...) Expand all
202 LOG(ERROR) << "Failed to serialize Expect CT report"; 201 LOG(ERROR) << "Failed to serialize Expect CT report";
203 return; 202 return;
204 } 203 }
205 204
206 UMA_HISTOGRAM_BOOLEAN("SSL.ExpectCTReportSendingAttempt", true); 205 UMA_HISTOGRAM_BOOLEAN("SSL.ExpectCTReportSendingAttempt", true);
207 206
208 report_sender_->Send(report_uri, "application/json; charset=utf-8", 207 report_sender_->Send(report_uri, "application/json; charset=utf-8",
209 serialized_report, base::Callback<void()>(), 208 serialized_report, base::Callback<void()>(),
210 base::Bind(RecordUMAOnFailure)); 209 base::Bind(RecordUMAOnFailure));
211 } 210 }
OLDNEW
« no previous file with comments | « chrome/browser/ssl/chrome_expect_ct_reporter.h ('k') | chrome/browser/ssl/chrome_expect_ct_reporter_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698