Measure how often the users are encountering MD5

certificates. R=jar BUG=6102 Review URL: http://codereview.chromium.org/17471 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@7882 0039d316-1c4b-4281-b951-d872f2087c98
author: wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2009-01-12 19:08:36 +0000
committer: wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98> 2009-01-12 19:08:36 +0000
commit: 5d0153c51cd317bc38673fb70c5d59314aff7b69 (patch)
tree: e6f028c1c727c2c74ca23932a7ce0ca2b5c61d76 /net/base
parent: 70aa77609a881545064e3df7ffa580d933c4f76f (diff)
download: chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.zip
chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.tar.gz
chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.tar.bz2
4 files changed, 113 insertions, 0 deletions
diff --git a/net/base/connection_type_histograms.cc b/net/base/connection_type_histograms.cc
new file mode 100644
index 0000000..e01ee8c
--- /dev/null
+++ b/net/base/connection_type_histograms.cc
@@ -0,0 +1,38 @@
+// Copyright (c) 2008 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "net/base/connection_type_histograms.h"
+
+#include "base/histogram.h"
+
+namespace net {
+
+// We're using a histogram as a group of counters.  We're only interested in
+// the values of the counters.  Ignore the shape, average, and standard
+// deviation of the histograms because they are meaningless.
+//
+// We use two groups of counters.  In the first group (counter1), each counter
+// is a boolean (0 or 1) that indicates whether the user has seen a connection
+// of that type during that session.  In the second group (counter2), each
+// counter is the number of connections of that type the user has seen during
+// that session.
+void UpdateConnectionTypeHistograms(ConnectionType type) {
+  static bool had_connection_type[NUM_OF_CONNECTION_TYPES];
+  static LinearHistogram counter1(L"Net.HadConnectionType",
+                                  1, NUM_OF_CONNECTION_TYPES - 1,
+                                  NUM_OF_CONNECTION_TYPES);
+  static LinearHistogram counter2(L"Net.ConnectionTypeCount",
+                                  1, NUM_OF_CONNECTION_TYPES - 1,
+                                  NUM_OF_CONNECTION_TYPES);
+
+  if (type >= 0 && type < NUM_OF_CONNECTION_TYPES) {
+    if (!had_connection_type[type]) {
+      had_connection_type[type] = true;
+      counter1.Add(type);
+    }
+  }
+  counter2.Add(type);
+}
+
+}  // namespace net
diff --git a/net/base/connection_type_histograms.h b/net/base/connection_type_histograms.h
new file mode 100644
index 0000000..8d25664
--- /dev/null
+++ b/net/base/connection_type_histograms.h
@@ -0,0 +1,33 @@
+// Copyright (c) 2008 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_BASE_CONNECTION_TYPE_HISTOGRAMS_H_
+#define NET_BASE_CONNECTION_TYPE_HISTOGRAMS_H_
+
+// The UpdateConnectionTypeHistograms function collects statistics related
+// to the number of MD5 certificates that our users are encountering.  The
+// information will help us decide when it is fine for browsers to stop
+// supporting MD5 certificates, in light of the recent MD5 certificate
+// collision attack (see "MD5 considered harmful today: Creating a rogue CA
+// certificate" at http://www.win.tue.nl/hashclash/rogue-ca/).
+
+namespace net {
+
+enum ConnectionType {
+  CONNECTION_ANY = 0,      // Any connection, SSL or not
+  CONNECTION_SSL = 1,      // An SSL connection
+  CONNECTION_SSL_MD5 = 2,  // An SSL connection with an MD5 certificate in
+                           // the certificate chain (excluding root)
+  CONNECTION_SSL_MD2 = 3,  // An SSL connection with an MD2 certificate in
+                           // the certificate chain (excluding root)
+  CONNECTION_SSL_MD4 = 4,  // An SSL connection with an MD4 certificate in
+                           // the certificate chain (excluding root)
+  NUM_OF_CONNECTION_TYPES
+};
+
+void UpdateConnectionTypeHistograms(ConnectionType type);
+
+}  // namespace net
+
+#endif  // NET_BASE_CONNECTION_TYPE_HISTOGRAMS_H_
diff --git a/net/base/ssl_client_socket_win.cc b/net/base/ssl_client_socket_win.cc
index 8bd812b..d39c958 100644
--- a/net/base/ssl_client_socket_win.cc
+++ b/net/base/ssl_client_socket_win.cc
@@ -9,6 +9,7 @@
 #include "base/lock.h"
 #include "base/singleton.h"
 #include "base/string_util.h"
+#include "net/base/connection_type_histograms.h"
 #include "net/base/net_errors.h"
 #include "net/base/scoped_cert_chain_context.h"
 #include "net/base/ssl_info.h"
@@ -1021,6 +1022,44 @@ int SSLClientSocketWin::DidCompleteHandshake() {
   return VerifyServerCert();
 }
 
+// static
+void SSLClientSocketWin::LogConnectionTypeMetrics(
+    PCCERT_CHAIN_CONTEXT chain_context) {
+  UpdateConnectionTypeHistograms(CONNECTION_SSL);
+
+  PCERT_SIMPLE_CHAIN first_chain = chain_context->rgpChain[0];
+  int num_elements = first_chain->cElement;
+  PCERT_CHAIN_ELEMENT* element = first_chain->rgpElement;
+  bool has_md5 = false;
+  bool has_md2 = false;
+  bool has_md4 = false;
+
+  // Each chain starts with the end entity certificate and ends with the root
+  // CA certificate.  Do not inspect the signature algorithm of the root CA
+  // certificate because the signature on the trust anchor is not important.
+  for (int i = 0; i < num_elements - 1; ++i) {
+    PCCERT_CONTEXT cert = element[i]->pCertContext;
+    const char* algorithm = cert->pCertInfo->SignatureAlgorithm.pszObjId;
+    if (strcmp(algorithm, szOID_RSA_MD5RSA) == 0) {
+      // md5WithRSAEncryption: 1.2.840.113549.1.1.4
+      has_md5 = true;
+    } else if (strcmp(algorithm, szOID_RSA_MD2RSA) == 0) {
+      // md2WithRSAEncryption: 1.2.840.113549.1.1.2
+      has_md2 = true;
+    } else if (strcmp(algorithm, szOID_RSA_MD4RSA) == 0) {
+      // md4WithRSAEncryption: 1.2.840.113549.1.1.3
+      has_md4 = true;
+    }
+  }
+
+  if (has_md5)
+    UpdateConnectionTypeHistograms(CONNECTION_SSL_MD5);
+  if (has_md2)
+    UpdateConnectionTypeHistograms(CONNECTION_SSL_MD2);
+  if (has_md4)
+    UpdateConnectionTypeHistograms(CONNECTION_SSL_MD4);
+}
+
 // Set server_cert_status_ and return OK or a network error.
 int SSLClientSocketWin::VerifyServerCert() {
   DCHECK(server_cert_);
@@ -1058,6 +1097,8 @@ int SSLClientSocketWin::VerifyServerCert() {
   }
   ScopedCertChainContext scoped_chain_context(chain_context);
 
+  LogConnectionTypeMetrics(chain_context);
+
   server_cert_status_ |= MapCertChainErrorStatusToCertStatus(
       chain_context->TrustStatus.dwErrorStatus);
 
diff --git a/net/base/ssl_client_socket_win.h b/net/base/ssl_client_socket_win.h
index da657f5..58a035e 100644
--- a/net/base/ssl_client_socket_win.h
+++ b/net/base/ssl_client_socket_win.h
@@ -63,6 +63,7 @@ class SSLClientSocketWin : public SSLClientSocket {
   int DoPayloadWriteComplete(int result);
 
   int DidCompleteHandshake();
+  static void LogConnectionTypeMetrics(PCCERT_CHAIN_CONTEXT chain_context);
   int VerifyServerCert();
 
   CompletionCallbackImpl<SSLClientSocketWin> io_callback_;
author	wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2009-01-12 19:08:36 +0000
committer	wtc@google.com <wtc@google.com@0039d316-1c4b-4281-b951-d872f2087c98>	2009-01-12 19:08:36 +0000
commit	5d0153c51cd317bc38673fb70c5d59314aff7b69 (patch)
tree	e6f028c1c727c2c74ca23932a7ce0ca2b5c61d76 /net/base
parent	70aa77609a881545064e3df7ffa580d933c4f76f (diff)
download	chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.zip chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.tar.gz chromium_src-5d0153c51cd317bc38673fb70c5d59314aff7b69.tar.bz2