| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/ssl/ssl_error_classification.h" |
| 6 |
| 7 #include "base/build_time.h" |
| 8 #include "base/metrics/field_trial.h" |
| 9 #include "base/metrics/histogram.h" |
| 10 #include "base/time/time.h" |
| 11 #include "chrome/browser/browser_process.h" |
| 12 #include "components/network_time/network_time_tracker.h" |
| 13 #include "net/cert/x509_certificate.h" |
| 14 |
| 15 using base::Time; |
| 16 using base::TimeTicks; |
| 17 using base::TimeDelta; |
| 18 |
| 19 namespace { |
| 20 |
| 21 // Events for UMA. Do not reorder or change! |
| 22 enum SSLInterstitialCause { |
| 23 CLOCK_PAST, |
| 24 CLOCK_FUTURE, |
| 25 UNUSED_INTERSTITIAL_CAUSE_ENTRY, |
| 26 }; |
| 27 |
| 28 void RecordSSLInterstitialCause(bool overridable, SSLInterstitialCause event) { |
| 29 if (overridable) { |
| 30 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.overridable", event, |
| 31 UNUSED_INTERSTITIAL_CAUSE_ENTRY); |
| 32 } else { |
| 33 UMA_HISTOGRAM_ENUMERATION("interstitial.ssl.cause.nonoverridable", event, |
| 34 UNUSED_INTERSTITIAL_CAUSE_ENTRY); |
| 35 } |
| 36 } |
| 37 |
| 38 } // namespace |
| 39 |
| 40 SSLErrorClassification::SSLErrorClassification( |
| 41 base::Time current_time, |
| 42 const net::X509Certificate& cert) |
| 43 : current_time_(current_time), |
| 44 cert_(cert) { } |
| 45 |
| 46 SSLErrorClassification::~SSLErrorClassification() { } |
| 47 |
| 48 float SSLErrorClassification::InvalidDateSeverityScore() const { |
| 49 // Client-side characterisitics. Check whether the system's clock is wrong or |
| 50 // not and whether the user has encountered this error before or not. |
| 51 float severity_date_score = 0.0f; |
| 52 |
| 53 static const float kClientWeight = 0.5f; |
| 54 static const float kSystemClockWeight = 0.75f; |
| 55 static const float kSystemClockWrongWeight = 0.1f; |
| 56 static const float kSystemClockRightWeight = 1.0f; |
| 57 |
| 58 static const float kServerWeight = 0.5f; |
| 59 static const float kCertificateExpiredWeight = 0.3f; |
| 60 static const float kNotYetValidWeight = 0.2f; |
| 61 |
| 62 if (IsUserClockInThePast(current_time_) || |
| 63 IsUserClockInTheFuture(current_time_)) { |
| 64 severity_date_score = kClientWeight * kSystemClockWeight * |
| 65 kSystemClockWrongWeight; |
| 66 } else { |
| 67 severity_date_score = kClientWeight * kSystemClockWeight * |
| 68 kSystemClockRightWeight; |
| 69 } |
| 70 // TODO(radhikabhar): (crbug.com/393262) Check website settings. |
| 71 |
| 72 // Server-side characteristics. Check whether the certificate has expired or |
| 73 // is not yet valid. If the certificate has expired then factor the time which |
| 74 // has passed since expiry. |
| 75 if (cert_.HasExpired()) { |
| 76 severity_date_score += kServerWeight * kCertificateExpiredWeight * |
| 77 CalculateScoreTimePassedSinceExpiry(); |
| 78 } |
| 79 if (current_time_ < cert_.valid_start()) |
| 80 severity_date_score += kServerWeight * kNotYetValidWeight; |
| 81 return severity_date_score; |
| 82 } |
| 83 |
| 84 base::TimeDelta SSLErrorClassification::TimePassedSinceExpiry() const { |
| 85 base::TimeDelta delta = current_time_ - cert_.valid_expiry(); |
| 86 return delta; |
| 87 } |
| 88 |
| 89 float SSLErrorClassification::CalculateScoreTimePassedSinceExpiry() const { |
| 90 base::TimeDelta delta = TimePassedSinceExpiry(); |
| 91 int64 time_passed = delta.InDays(); |
| 92 const int64 kHighThreshold = 7; |
| 93 const int64 kLowThreshold = 4; |
| 94 static const float kHighThresholdWeight = 0.4f; |
| 95 static const float kMediumThresholdWeight = 0.3f; |
| 96 static const float kLowThresholdWeight = 0.2f; |
| 97 if (time_passed >= kHighThreshold) |
| 98 return kHighThresholdWeight; |
| 99 else if (time_passed >= kLowThreshold) |
| 100 return kMediumThresholdWeight; |
| 101 else |
| 102 return kLowThresholdWeight; |
| 103 } |
| 104 |
| 105 bool SSLErrorClassification::IsUserClockInThePast(base::Time time_now) { |
| 106 base::Time build_time = base::GetBuildTime(); |
| 107 if (time_now < build_time - base::TimeDelta::FromDays(2)) |
| 108 return true; |
| 109 return false; |
| 110 } |
| 111 |
| 112 bool SSLErrorClassification::IsUserClockInTheFuture(base::Time time_now) { |
| 113 base::Time build_time = base::GetBuildTime(); |
| 114 if (time_now > build_time + base::TimeDelta::FromDays(365)) |
| 115 return true; |
| 116 return false; |
| 117 } |
| 118 |
| 119 void SSLErrorClassification::RecordUMAStatistics(bool overridable) { |
| 120 if (IsUserClockInThePast(base::Time::NowFromSystemTime())) |
| 121 RecordSSLInterstitialCause(overridable, CLOCK_PAST); |
| 122 if (IsUserClockInTheFuture(base::Time::NowFromSystemTime())) |
| 123 RecordSSLInterstitialCause(overridable, CLOCK_FUTURE); |
| 124 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 376663002:
Calculate severity score for date_invalid error (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master