1c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/browser/ssl/ssl_error_info.h" 6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 7c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "base/utf_string_conversions.h" 8c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "chrome/common/time_format.h" 9dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen#include "content/browser/cert_store.h" 10c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "googleurl/src/gurl.h" 11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "grit/chromium_strings.h" 12c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "grit/generated_resources.h" 13c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "net/base/cert_status_flags.h" 14c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "net/base/net_errors.h" 15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#include "net/base/ssl_info.h" 1672a454cd3513ac24fbdd0e0cb9ad70b86a99b801Kristian Monsen#include "ui/base/l10n/l10n_util.h" 17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 183f50c38dc070f4bb515c1b64450dae14f316474eKristian MonsenSSLErrorInfo::SSLErrorInfo(const string16& title, 193f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen const string16& details, 203f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen const string16& short_description, 213f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen const std::vector<string16>& extra_info) 22c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch : title_(title), 23c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch details_(details), 24c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description_(short_description), 25c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_information_(extra_info) { 26c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// static 29c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochSSLErrorInfo SSLErrorInfo::CreateError(ErrorType error_type, 30c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::X509Certificate* cert, 31c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const GURL& request_url) { 323f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen string16 title, details, short_description; 333f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen std::vector<string16> extra_info; 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch switch (error_type) { 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_COMMON_NAME_INVALID: { 363f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = 373f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_COMMON_NAME_INVALID_TITLE); 38c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // If the certificate contains multiple DNS names, we choose the most 39c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // representative one -- either the DNS name that's also in the subject 40c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // field, or the first one. If this heuristic turns out to be 41c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // inadequate, we can consider choosing the DNS name that is the 42c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // "closest match" to the host name in the request URL, or listing all 43c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // the DNS names with an HTML <ul>. 44c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::vector<std::string> dns_names; 45c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch cert->GetDNSNames(&dns_names); 46c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(!dns_names.empty()); 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch size_t i = 0; 48c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch for (; i < dns_names.size(); ++i) { 49c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (dns_names[i] == cert->subject().common_name) 50c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 51c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 52c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (i == dns_names.size()) 53c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch i = 0; 54c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch details = 553f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringFUTF16(IDS_CERT_ERROR_COMMON_NAME_INVALID_DETAILS, 563f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()), 573f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(dns_names[i]), 583f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 593f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 603f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_COMMON_NAME_INVALID_DESCRIPTION); 61c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 623f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 63c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 643f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringFUTF16( 65c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_COMMON_NAME_INVALID_EXTRA_INFO_2, 663f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(cert->subject().common_name), 673f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()))); 68c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 69c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 70c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_DATE_INVALID: 71c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 723f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 73c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (cert->HasExpired()) { 743f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXPIRED_TITLE); 753f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_EXPIRED_DETAILS, 763f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()), 773f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 78c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 793f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXPIRED_DESCRIPTION); 803f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen extra_info.push_back(l10n_util::GetStringUTF16( 813f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_EXPIRED_DETAILS_EXTRA_INFO_2)); 82c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } else { 83c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Then it must be not yet valid. We don't check that it is not yet 84c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // valid as there is still a very unlikely chance that the cert might 85c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // have become valid since the error occurred. 863f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_NOT_YET_VALID_TITLE); 873f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16( 883f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_NOT_YET_VALID_DETAILS, 893f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()), 903f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 91c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 923f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_NOT_YET_VALID_DESCRIPTION); 93c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 943f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16( 95c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_NOT_YET_VALID_DETAILS_EXTRA_INFO_2)); 96c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 97c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 98c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_AUTHORITY_INVALID: 993f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_AUTHORITY_INVALID_TITLE); 1003f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16( 1013f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_AUTHORITY_INVALID_DETAILS, 1023f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 1033f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 1043f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_AUTHORITY_INVALID_DESCRIPTION); 105c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1063f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 1073f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen extra_info.push_back(l10n_util::GetStringFUTF16( 1083f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_AUTHORITY_INVALID_EXTRA_INFO_2, 1093f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()), 1103f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()))); 1113f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen extra_info.push_back(l10n_util::GetStringUTF16( 1123f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_AUTHORITY_INVALID_EXTRA_INFO_3)); 113c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 114c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_CONTAINS_ERRORS: 1153f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_TITLE); 1163f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16( 1173f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_CONTAINS_ERRORS_DETAILS, 1183f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 119c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 1203f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_CONTAINS_ERRORS_DESCRIPTION); 121c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1223f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringFUTF16(IDS_CERT_ERROR_EXTRA_INFO_1, 1233f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host()))); 1243f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen extra_info.push_back(l10n_util::GetStringUTF16( 1253f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_CONTAINS_ERRORS_EXTRA_INFO_2)); 126c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 127c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_NO_REVOCATION_MECHANISM: 1283f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16( 1293f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_TITLE); 1303f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringUTF16( 1313f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DETAILS); 1323f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 133c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_NO_REVOCATION_MECHANISM_DESCRIPTION); 134c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 135c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_UNABLE_TO_CHECK_REVOCATION: 1363f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16( 1373f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_TITLE); 1383f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringUTF16( 139c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DETAILS); 1403f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 141c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_UNABLE_TO_CHECK_REVOCATION_DESCRIPTION); 142c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 143c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_REVOKED: 1443f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_TITLE); 1453f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16(IDS_CERT_ERROR_REVOKED_CERT_DETAILS, 1463f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 147c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 1483f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_DESCRIPTION); 149c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1503f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 151c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1523f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_REVOKED_CERT_EXTRA_INFO_2)); 153c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 154c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_INVALID: 1553f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_TITLE); 156dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen details = l10n_util::GetStringFUTF16( 157dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen IDS_CERT_ERROR_INVALID_CERT_DETAILS, 158dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen UTF8ToUTF16(request_url.host())); 159c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 1603f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_INVALID_CERT_DESCRIPTION); 161dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen extra_info.push_back( 162dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 163dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen extra_info.push_back(l10n_util::GetStringUTF16( 164dc0f95d653279beabeb9817299e2902918ba123eKristian Monsen IDS_CERT_ERROR_INVALID_CERT_EXTRA_INFO_2)); 165c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 166c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case CERT_WEAK_SIGNATURE_ALGORITHM: 1673f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16( 1683f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_TITLE); 1693f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringFUTF16( 170c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DETAILS, 1713f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen UTF8ToUTF16(request_url.host())); 1723f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 173c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_DESCRIPTION); 174c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1753f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_EXTRA_INFO_1)); 176c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch extra_info.push_back( 1773f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16( 178c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch IDS_CERT_ERROR_WEAK_SIGNATURE_ALGORITHM_EXTRA_INFO_2)); 179c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 1803345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick case CERT_NOT_IN_DNS: 1813f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_NOT_IN_DNS_TITLE); 1823f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_NOT_IN_DNS_DETAILS); 1833f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen short_description = l10n_util::GetStringUTF16( 1843345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick IDS_CERT_ERROR_NOT_IN_DNS_DESCRIPTION); 1853345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick extra_info.push_back( 1863f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_NOT_IN_DNS_EXTRA_INFO)); 1873345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick break; 188c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case UNKNOWN: 1893f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen title = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_TITLE); 1903f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen details = l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DETAILS); 191c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch short_description = 1923f50c38dc070f4bb515c1b64450dae14f316474eKristian Monsen l10n_util::GetStringUTF16(IDS_CERT_ERROR_UNKNOWN_ERROR_DESCRIPTION); 193c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch break; 194c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch default: 195c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NOTREACHED(); 196c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 197c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return SSLErrorInfo(title, details, short_description, extra_info); 198c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 199c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 200c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochSSLErrorInfo::~SSLErrorInfo() { 201c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 202c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 203c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// static 204c407dc5cd9bdc5668497f21b26b09d988ab439deBen MurdochSSLErrorInfo::ErrorType SSLErrorInfo::NetErrorToErrorType(int net_error) { 205c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch switch (net_error) { 206c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_COMMON_NAME_INVALID: 207c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_COMMON_NAME_INVALID; 208c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_DATE_INVALID: 209c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_DATE_INVALID; 210c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_AUTHORITY_INVALID: 211c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_AUTHORITY_INVALID; 212c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_CONTAINS_ERRORS: 213c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_CONTAINS_ERRORS; 214c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_NO_REVOCATION_MECHANISM: 215c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_NO_REVOCATION_MECHANISM; 216c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_UNABLE_TO_CHECK_REVOCATION: 217c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_UNABLE_TO_CHECK_REVOCATION; 218c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_REVOKED: 219c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_REVOKED; 220c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_INVALID: 221c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_INVALID; 222c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch case net::ERR_CERT_WEAK_SIGNATURE_ALGORITHM: 223c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return CERT_WEAK_SIGNATURE_ALGORITHM; 2243345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick case net::ERR_CERT_NOT_IN_DNS: 2253345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick return CERT_NOT_IN_DNS; 226c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch default: 227c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch NOTREACHED(); 228c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return UNKNOWN; 229c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 230c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 231c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 232c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// static 233c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochint SSLErrorInfo::GetErrorsForCertStatus(int cert_id, 234c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int cert_status, 235c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const GURL& url, 236c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch std::vector<SSLErrorInfo>* errors) { 237c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const int kErrorFlags[] = { 238c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_COMMON_NAME_INVALID, 239c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_DATE_INVALID, 240c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_AUTHORITY_INVALID, 241c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_NO_REVOCATION_MECHANISM, 242c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION, 243c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_REVOKED, 244c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_INVALID, 245c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch net::CERT_STATUS_WEAK_SIGNATURE_ALGORITHM 246c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch }; 247c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 248c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch const ErrorType kErrorTypes[] = { 249c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_COMMON_NAME_INVALID, 250c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_DATE_INVALID, 251c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_AUTHORITY_INVALID, 252c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_NO_REVOCATION_MECHANISM, 253c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_UNABLE_TO_CHECK_REVOCATION, 254c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_REVOKED, 255c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_INVALID, 256c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch CERT_WEAK_SIGNATURE_ALGORITHM 257c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch }; 258c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(arraysize(kErrorFlags) == arraysize(kErrorTypes)); 259c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 260c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch scoped_refptr<net::X509Certificate> cert = NULL; 261c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int count = 0; 262c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch for (size_t i = 0; i < arraysize(kErrorFlags); ++i) { 263c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (cert_status & kErrorFlags[i]) { 264c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch count++; 265c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (!cert.get()) { 26621d179b334e59e9a3bfcaed4c4430bef1bc5759dKristian Monsen bool r = CertStore::GetInstance()->RetrieveCert(cert_id, &cert); 267c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch DCHECK(r); 268c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 269c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch if (errors) 270c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch errors->push_back(SSLErrorInfo::CreateError(kErrorTypes[i], cert, url)); 271c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 272c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch } 273c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return count; 274c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 275