File: policy_auditor.cc

package info (click to toggle)
chromium 135.0.7049.95-1~deb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 5,959,392 kB
  • sloc: cpp: 34,198,526; ansic: 7,100,035; javascript: 3,985,800; python: 1,395,489; asm: 896,754; xml: 722,891; pascal: 180,504; sh: 94,909; perl: 88,388; objc: 79,739; sql: 53,020; cs: 41,358; fortran: 24,137; makefile: 22,501; php: 13,699; tcl: 10,142; yacc: 8,822; ruby: 7,350; lisp: 3,096; lex: 1,327; ada: 727; jsp: 228; awk: 197; sed: 36
file content (66 lines) | stat: -rw-r--r-- 2,476 bytes parent folder | download | duplicates (6) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
 
// Copyright 2016 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include "content/public/browser/navigation_entry.h"
#include "content/public/browser/render_process_host.h"
#include "content/public/browser/ssl_status.h"
#include "content/public/browser/web_contents.h"
#include "net/cert/cert_status_flags.h"

// Must come after all headers that specialize FromJniType() / ToJniType().
#include "chrome/android/chrome_jni_headers/PolicyAuditor_jni.h"

using base::android::JavaParamRef;

int JNI_PolicyAuditor_GetCertificateFailure(
    JNIEnv* env,
    const JavaParamRef<jobject>& java_web_contents) {
  // This function is similar to
  // LocationBarModelImpl::GetSecurityLevelForWebContents, but has a custom
  // mapping for policy auditing.
  // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.policy
  // GENERATED_JAVA_PREFIX_TO_STRIP: CERTIFICATE_FAIL_
  enum CertificateFailure {
    NONE = 0,
    CERTIFICATE_FAIL_UNSPECIFIED = 1,
    CERTIFICATE_FAIL_UNTRUSTED = 2,
    CERTIFICATE_FAIL_REVOKED = 3,
    CERTIFICATE_FAIL_NOT_YET_VALID = 4,
    CERTIFICATE_FAIL_EXPIRED = 5,
    CERTIFICATE_FAIL_UNABLE_TO_CHECK_REVOCATION_STATUS = 6,
  };

  content::WebContents* web_contents =
      content::WebContents::FromJavaWebContents(java_web_contents);
  content::NavigationEntry* entry =
      web_contents->GetController().GetVisibleEntry();
  if (!entry)
    return NONE;

  const content::SSLStatus& ssl = entry->GetSSL();
  if (ssl.certificate && entry->GetURL().SchemeIsCryptographic()) {
    if (net::IsCertStatusError(ssl.cert_status)) {
      if (ssl.cert_status & net::CERT_STATUS_AUTHORITY_INVALID) {
        return CERTIFICATE_FAIL_UNTRUSTED;
      }
      if (ssl.cert_status & net::CERT_STATUS_REVOKED) {
        return CERTIFICATE_FAIL_REVOKED;
      }
      // No mapping for CERTIFICATE_FAIL_NOT_YET_VALID.
      if (ssl.cert_status & net::CERT_STATUS_DATE_INVALID) {
        return CERTIFICATE_FAIL_EXPIRED;
      }
      if (ssl.cert_status & net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) {
        return CERTIFICATE_FAIL_UNABLE_TO_CHECK_REVOCATION_STATUS;
      }
      return CERTIFICATE_FAIL_UNSPECIFIED;
    }
    if (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT ||
        ssl.content_status &
            content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS) {
      return CERTIFICATE_FAIL_UNSPECIFIED;
    }
  }
  return NONE;
}