Calculate severity score for date_invalid error

chrome/browser/ssl/ssl_error_classification.cc

+// Copyright (c) 2012 The Chromium Authors. All rights reserved.

[palmer, 2014/07/10 21:40:04]

2014

[radhikabhar, 2014/07/11 04:16:15]

Done.

+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/ssl_error_classification.h"
+
+#include "base/build_time.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/histogram.h"
+#include "base/time/time.h"
+#include "chrome/browser/browser_process.h"
+#include "components/network_time/network_time_tracker.h"
+#include "net/cert/x509_certificate.h"
+
+using base::Time;
+using base::TimeTicks;
+using base::TimeDelta;
+
+namespace {
+
+// Events for UMA. Do not reorder or change!
+enum SSLInterstitialCause {
+  CLOCK_PAST,
+  CLOCK_FUTURE,
+  UNUSED_INTERSTITIAL_CAUSE_ENTRY,
+};
+
+void RecordSSLInterstitialCause(bool overridable, SSLInterstitialCause event) {
+  if (overridable) {
+    UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.overridable", event,
+                              UNUSED_INTERSTITIAL_CAUSE_ENTRY);
+  } else {
+    UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.nonoverridable", event,
+                              UNUSED_INTERSTITIAL_CAUSE_ENTRY);
+  }
+}
+
+} // namespace
+
+SSLErrorClassification::SSLErrorClassification(
+    base::Time current_time,
+    net::X509Certificate* cert)
+  : current_time_(current_time),
+    cert_(cert) { }
+
+SSLErrorClassification::~SSLErrorClassification() { }
+
+float SSLErrorClassification::InvalidDateSeverityScore() {
+  // Client side characterisitics. Check whether the user clock is wrong and

[palmer, 2014/07/10 21:40:05]

nit: "...whether or not the system's clock is wrong and whether or not it has
encountered this error before."

[palmer, 2014/07/10 21:40:05]

Typo: "Client-side characteristics."

[radhikabhar, 2014/07/11 04:16:14]

Done.

[radhikabhar, 2014/07/11 04:16:14]

Done.

+  // whether he has encountered this error before or not.
+  float severity_date_score = 0.0;
+  if (IsUserClockInThePast(current_time_)  ||
+      IsUserClockInTheFuture(current_time_)) {
+    severity_date_score = 0.5 * 0.75 * 0.1;

[palmer, 2014/07/10 21:40:04]

Perhaps explain these magic numbers by declaring them as static const variables
with meaningful names.

static const float kWrongClockBadness = 0.1;
static const float kCorrectClockBadness = 1.0;
// et c. ...

[radhikabhar, 2014/07/11 04:16:14]

Done.

+  } else {
+    severity_date_score = 0.5 * 0.75 * 1;
+  }
+  // TODO(radhikabhar): Check website settings.
+
+  // Server Side characterisitics. Check whether the certificate has expired or

[palmer, 2014/07/10 21:40:05]

Typo: "Server-side characteristics."

[radhikabhar, 2014/07/11 04:16:15]

Done.

+  // is not yet valid. If the certificate has expired then factor the time which
+  // has passed since expiry.
+  if (cert_->HasExpired()) {
+    severity_date_score += 0.5 * 0.3 *
+        CalculateScoreTimePassedSinceExpiry();
+  }
+  if (current_time_ < cert_->valid_start())
+    severity_date_score += 0.5 * 0.2;
+  return severity_date_score;
+}
+
+base::TimeDelta SSLErrorClassification::TimePassedSinceExpiry() {
+  base::TimeDelta delta = current_time_ - cert_->valid_expiry();
+  return delta;
+}
+
+float SSLErrorClassification::CalculateScoreTimePassedSinceExpiry() {
+  base::TimeDelta delta = TimePassedSinceExpiry();
+  int64 time_passed = delta.InDays();
+  const int kHighThreshold = 7;

[palmer, 2014/07/10 21:40:04]

These are going to get promoted to int64 when you do the comparison; it "feels"
cleaner to me to declare them as the same type that you are going to compare
them to. Not a big deal though.

[radhikabhar, 2014/07/11 04:16:15]

Done.

+  const int kLowThreshold = 4;
+  if (time_passed >= kHighThreshold)
+    return 0.4;

[palmer, 2014/07/10 21:40:05]

More magic numbers to name. :)

[radhikabhar, 2014/07/11 04:16:15]

Done.

+  else if (time_passed >= kLowThreshold)
+    return 0.3;
+  else
+    return 0.2;
+}
+
+bool SSLErrorClassification::IsUserClockInThePast(base::Time time_now) {
+  base::Time build_time = base::GetBuildTime();
+  if (time_now < build_time)
+    return true;
+  return false;
+}
+
+bool SSLErrorClassification::IsUserClockInTheFuture(base::Time time_now) {
+  base::Time build_time = base::GetBuildTime();
+  if (time_now > build_time + base::TimeDelta::FromDays(365))
+    return true;
+  return false;
+}
+
+void SSLErrorClassification::RecordUMAStatistics(bool overridable) {
+  if (IsUserClockInThePast(current_time_))
+    RecordSSLInterstitialCause(overridable, CLOCK_PAST);
+  if (IsUserClockInTheFuture(current_time_))
+    RecordSSLInterstitialCause(overridable, CLOCK_FUTURE);
+}
+