content/common/ssl_status_serialization.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "content/common/ssl_status_serialization.h"
   6
   7 #include "base/logging.h"
   8 #include "base/pickle.h"
   9
  10 namespace {
  11
  12 // Checks that an integer |security_style| is a valid SecurityStyle enum
  13 // value. Returns true if valid, false otherwise.
  14 bool CheckSecurityStyle(int security_style) {
  15   switch (security_style) {
  16     case content::SECURITY_STYLE_UNKNOWN:
  17     case content::SECURITY_STYLE_UNAUTHENTICATED:
  18     case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
  19     case content::SECURITY_STYLE_WARNING:
  20     case content::SECURITY_STYLE_AUTHENTICATED:
  21       return true;
  22   }
  23   return false;
  24 }
  25
  26 }  // namespace
  27
  28 namespace content {
  29
  30 std::string SerializeSecurityInfo(const SSLStatus& ssl_status) {
  31   base::Pickle pickle;
  32   pickle.WriteInt(ssl_status.security_style);
  33   pickle.WriteInt(ssl_status.cert_id);
  34   pickle.WriteUInt32(ssl_status.cert_status);
  35   pickle.WriteInt(ssl_status.security_bits);
  36   pickle.WriteInt(ssl_status.connection_status);
  37   pickle.WriteInt(ssl_status.signed_certificate_timestamp_ids.size());
  38   for (SignedCertificateTimestampIDStatusList::const_iterator iter =
  39            ssl_status.signed_certificate_timestamp_ids.begin();
  40        iter != ssl_status.signed_certificate_timestamp_ids.end(); ++iter) {
  41     pickle.WriteInt(iter->id);
  42     pickle.WriteUInt16(iter->status);
  43   }
  44   return std::string(static_cast<const char*>(pickle.data()), pickle.size());
  45 }
  46
  47 bool DeserializeSecurityInfo(const std::string& state, SSLStatus* ssl_status) {
  48   *ssl_status = SSLStatus();
  49
  50   if (state.empty()) {
  51     // No SSL used.
  52     return true;
  53   }
  54
  55   base::Pickle pickle(state.data(), static_cast<int>(state.size()));
  56   base::PickleIterator iter(pickle);
  57   int security_style;
  58   int num_scts_to_read;
  59   if (!iter.ReadInt(&security_style) || !iter.ReadInt(&ssl_status->cert_id) ||
  60       !iter.ReadUInt32(&ssl_status->cert_status) ||
  61       !iter.ReadInt(&ssl_status->security_bits) ||
  62       !iter.ReadInt(&ssl_status->connection_status) ||
  63       !iter.ReadInt(&num_scts_to_read)) {
  64     *ssl_status = SSLStatus();
  65     return false;
  66   }
  67
  68   if (!CheckSecurityStyle(security_style)) {
  69     *ssl_status = SSLStatus();
  70     return false;
  71   }
  72
  73   ssl_status->security_style = static_cast<SecurityStyle>(security_style);
  74
  75   // Sanity check |security_bits|: the only allowed negative value is -1.
  76   if (ssl_status->security_bits < -1) {
  77     *ssl_status = SSLStatus();
  78     return false;
  79   }
  80
  81   for (; num_scts_to_read > 0; --num_scts_to_read) {
  82     int id;
  83     uint16 status;
  84     if (!iter.ReadInt(&id) || !iter.ReadUInt16(&status)) {
  85       *ssl_status = SSLStatus();
  86       return false;
  87     }
  88
  89     ssl_status->signed_certificate_timestamp_ids.push_back(
  90         SignedCertificateTimestampIDAndStatus(
  91             id, static_cast<net::ct::SCTVerifyStatus>(status)));
  92   }
  93
  94   return true;
  95 }
  96
  97 }  // namespace content