From 37feeb8e5ffafa60b5da731ad94e57a485b0f53a Mon Sep 17 00:00:00 2001
From: Samuel Attard <sattard@slack-corp.com>
Date: Mon, 27 Jan 2020 10:48:29 -0800
Subject: [PATCH] feat: expose the chromium validated certificate in the
 certificate verify proc (#21890)

---
 docs/api/session.md                          | 1 +
 shell/browser/net/cert_verifier_client.cc    | 1 +
 shell/browser/net/cert_verifier_client.h     | 1 +
 shell/common/gin_converters/net_converter.cc | 1 +
 4 files changed, 4 insertions(+)

diff --git a/docs/api/session.md b/docs/api/session.md
index b8e4815695f2..d0334ccc4549 100644
--- a/docs/api/session.md
+++ b/docs/api/session.md
@@ -272,6 +272,7 @@ the original network configuration.
   * `request` Object
     * `hostname` String
     * `certificate` [Certificate](structures/certificate.md)
+    * `validatedCertificate` [Certificate](structures/certificate.md)
     * `verificationResult` String - Verification result from chromium.
     * `errorCode` Integer - Error code.
   * `callback` Function
diff --git a/shell/browser/net/cert_verifier_client.cc b/shell/browser/net/cert_verifier_client.cc
index 78a7fcef0d2a..cb1bb2f617a1 100644
--- a/shell/browser/net/cert_verifier_client.cc
+++ b/shell/browser/net/cert_verifier_client.cc
@@ -32,6 +32,7 @@ void CertVerifierClient::Verify(
   params.default_result = net::ErrorToString(default_error);
   params.error_code = default_error;
   params.certificate = certificate;
+  params.validated_certificate = default_result.verified_cert;
   cert_verify_proc_.Run(
       params,
       base::AdaptCallbackForRepeating(base::BindOnce(
diff --git a/shell/browser/net/cert_verifier_client.h b/shell/browser/net/cert_verifier_client.h
index 2a67f42531a0..42e6f651ee39 100644
--- a/shell/browser/net/cert_verifier_client.h
+++ b/shell/browser/net/cert_verifier_client.h
@@ -17,6 +17,7 @@ struct VerifyRequestParams {
   std::string default_result;
   int error_code;
   scoped_refptr<net::X509Certificate> certificate;
+  scoped_refptr<net::X509Certificate> validated_certificate;
 
   VerifyRequestParams();
   VerifyRequestParams(const VerifyRequestParams&);
diff --git a/shell/common/gin_converters/net_converter.cc b/shell/common/gin_converters/net_converter.cc
index 6a974f1c85e5..ff276fc03979 100644
--- a/shell/common/gin_converters/net_converter.cc
+++ b/shell/common/gin_converters/net_converter.cc
@@ -364,6 +364,7 @@ v8::Local<v8::Value> Converter<electron::VerifyRequestParams>::ToV8(
   gin::Dictionary dict = gin::Dictionary::CreateEmpty(isolate);
   dict.Set("hostname", val.hostname);
   dict.Set("certificate", val.certificate);
+  dict.Set("validatedCertificate", val.validated_certificate);
   dict.Set("verificationResult", val.default_result);
   dict.Set("errorCode", val.error_code);
   return ConvertToV8(isolate, dict);