Add SCT info to SSL error debugging strings.

This will display the SCT list similar to how it's displayed in the DevTools Security Panel. Screenshot: https://drive.google.com/file/d/1kXpVmXspx1vzoPKjHaGDpn5rfEEc-C8a/view?usp=sharing Bug: 845297 Change-Id: I8f028ecb5a8b0c1ff2b247c932c38bdacd9a55bc Reviewed-on: https://chromium-review.googlesource.com/1169769 Commit-Queue: Livvie Lin <livvielin@chromium.org> Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Mustafa Emre Acer <meacer@chromium.org> Cr-Commit-Position: refs/heads/master@{#582022}

Add SCT info to SSL error debugging strings.
This will display the SCT list similar to how it's displayed in the DevTools Security Panel. Screenshot: https://drive.google.com/file/d/1kXpVmXspx1vzoPKjHaGDpn5rfEEc-C8a/view?usp=sharing Bug: 845297 Change-Id: I8f028ecb5a8b0c1ff2b247c932c38bdacd9a55bc Reviewed-on: https://chromium-review.googlesource.com/1169769 Commit-Queue: Livvie Lin <livvielin@chromium.org> Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Mustafa Emre Acer <meacer@chromium.org> Cr-Commit-Position: refs/heads/master@{#582022}
c9e48f6d · Livvie Lin · Commit Bot · bc9d28b3 · c9e48f6d · c9e48f6d
Commit c9e48f6d authored Aug 10, 2018 by Livvie Lin Committed by Commit Bot Aug 10, 2018
3 changed files
--- a/components/security_interstitials/DEPS
+++ b/components/security_interstitials/DEPS
@@ -9,6 +9,7 @@ include_rules = [
  "+components/grit/components_resources.h",
  "+components/url_formatter",
  "+net/base",
+  "+net/cert",
  "+net/ssl",
  "+ui/base"
 ]
--- a/components/security_interstitials/core/browser/resources/ssl.js
+++ b/components/security_interstitials/core/browser/resources/ssl.js
@@ -14,6 +14,10 @@ function setupSSLDebuggingInfo() {
  appendDebuggingField('Current date', loadTimeData.getString('currentDate'));
  appendDebuggingField('PEM encoded chain', loadTimeData.getString('pem'),
                       true);
+  var ctInfo = loadTimeData.getString('ct');
+  if (ctInfo) {
+    appendDebuggingField('Certificate Transparency', ctInfo);
+  }

  $('error-code').addEventListener('click', toggleDebuggingInfo);
 }
--- a/components/security_interstitials/core/common_string_util.cc
+++ b/components/security_interstitials/core/common_string_util.cc
@@ -10,6 +10,7 @@
 #include "components/strings/grit/components_strings.h"
 #include "components/url_formatter/url_formatter.h"
 #include "net/base/net_errors.h"
+#include "net/cert/ct_sct_to_string.h"
 #include "ui/base/l10n/l10n_util.h"

 namespace security_interstitials {
@@ -48,6 +49,15 @@ void PopulateSSLDebuggingStrings(const net::SSLInfo ssl_info,
      base::TimeFormatShortDate(ssl_info.cert->valid_expiry()));
  load_time_data->SetString("currentDate",
                            base::TimeFormatShortDate(time_triggered));
+  std::vector<std::string> sct_list;
+  for (const auto& sct_status : ssl_info.signed_certificate_timestamps) {
+    std::string sct_info = "\n\nSCT " + sct_status.sct->log_description + " (" +
+                           net::ct::OriginToString(sct_status.sct->origin) +
+                           ", " + net::ct::StatusToString(sct_status.status) +
+                           ")";
+    sct_list.push_back(sct_info);
+  }
+  load_time_data->SetString("ct", base::StrCat(sct_list));
  std::vector<std::string> encoded_chain;
  ssl_info.cert->GetPEMEncodedChain(&encoded_chain);
  load_time_data->SetString("pem", base::StrCat(encoded_chain));