OLD | NEW |
1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/page_info_model.h" | 5 #include "chrome/browser/page_info_model.h" |
6 | 6 |
7 #include <string> | 7 #include <string> |
8 | 8 |
9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
10 #include "base/i18n/time_formatting.h" | 10 #include "base/i18n/time_formatting.h" |
(...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
48 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 48 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
49 empty_subject_name = true; | 49 empty_subject_name = true; |
50 } | 50 } |
51 | 51 |
52 // Some of what IsCertStatusError classifies as errors we want to show as | 52 // Some of what IsCertStatusError classifies as errors we want to show as |
53 // warnings instead. | 53 // warnings instead. |
54 static const int cert_warnings = | 54 static const int cert_warnings = |
55 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | | 55 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | |
56 net::CERT_STATUS_NO_REVOCATION_MECHANISM; | 56 net::CERT_STATUS_NO_REVOCATION_MECHANISM; |
57 int status_with_warnings_removed = ssl.cert_status() & ~cert_warnings; | 57 int status_with_warnings_removed = ssl.cert_status() & ~cert_warnings; |
| 58 bool show_secure_identity_msg = false; |
58 | 59 |
59 if (ssl.cert_id() && | 60 if (ssl.cert_id() && |
60 CertStore::GetInstance()->RetrieveCert(ssl.cert_id(), &cert) && | 61 CertStore::GetInstance()->RetrieveCert(ssl.cert_id(), &cert) && |
61 !net::IsCertStatusError(status_with_warnings_removed)) { | 62 !net::IsCertStatusError(status_with_warnings_removed)) { |
| 63 show_secure_identity_msg = true; |
62 // No error found so far, check cert_status warnings. | 64 // No error found so far, check cert_status warnings. |
63 int cert_status = ssl.cert_status(); | 65 int cert_status = ssl.cert_status(); |
64 if (cert_status & cert_warnings) { | 66 if (cert_status & cert_warnings) { |
65 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 67 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); |
66 if (issuer_name.empty()) { | 68 if (issuer_name.empty()) { |
67 issuer_name.assign(l10n_util::GetStringUTF16( | 69 issuer_name.assign(l10n_util::GetStringUTF16( |
68 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 70 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
69 } | 71 } |
70 description.assign(l10n_util::GetStringFUTF16( | 72 description.assign(l10n_util::GetStringFUTF16( |
71 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | 73 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); |
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
126 else | 128 else |
127 headline.assign(subject_name); | 129 headline.assign(subject_name); |
128 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 130 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); |
129 if (issuer_name.empty()) { | 131 if (issuer_name.empty()) { |
130 issuer_name.assign(l10n_util::GetStringUTF16( | 132 issuer_name.assign(l10n_util::GetStringUTF16( |
131 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 133 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
132 } | 134 } |
133 description.assign(l10n_util::GetStringFUTF16( | 135 description.assign(l10n_util::GetStringFUTF16( |
134 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | 136 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); |
135 } | 137 } |
136 } else { | 138 if (!ssl.tls_username().empty()) { |
137 // HTTP or HTTPS with errors (not warnings). | 139 description += ASCIIToUTF16("\n\n"); |
| 140 description += l10n_util::GetStringUTF16( |
| 141 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_PLUS_SHARED_SECRET); |
| 142 } |
| 143 } else if (ssl.tls_username().empty() || |
| 144 (!ssl.tls_username().empty() && ssl.cert_id())) { |
| 145 // HTTP, HTTPS, or HTTPSV with errors (not warnings). |
138 description.assign(l10n_util::GetStringUTF16( | 146 description.assign(l10n_util::GetStringUTF16( |
| 147 ssl.cert_id() && !ssl.tls_username().empty() ? |
| 148 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_BAD_CERT_OK_SHARED_SECRET : |
139 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); | 149 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); |
140 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? | 150 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? |
141 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; | 151 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; |
142 | 152 |
143 const string16 bullet = UTF8ToUTF16("\n • "); | 153 const string16 bullet = UTF8ToUTF16("\n • "); |
144 std::vector<SSLErrorInfo> errors; | 154 std::vector<SSLErrorInfo> errors; |
145 SSLErrorInfo::GetErrorsForCertStatus(ssl.cert_id(), ssl.cert_status(), | 155 SSLErrorInfo::GetErrorsForCertStatus(ssl.cert_id(), ssl.cert_status(), |
146 url, &errors); | 156 url, &errors); |
147 for (size_t i = 0; i < errors.size(); ++i) { | 157 for (size_t i = 0; i < errors.size(); ++i) { |
148 description += bullet; | 158 description += bullet; |
149 description += errors[i].short_description(); | 159 description += errors[i].short_description(); |
150 } | 160 } |
151 | 161 |
152 if (ssl.cert_status() & net::CERT_STATUS_NON_UNIQUE_NAME) { | 162 if (ssl.cert_status() & net::CERT_STATUS_NON_UNIQUE_NAME) { |
153 description += ASCIIToUTF16("\n\n"); | 163 description += ASCIIToUTF16("\n\n"); |
154 description += l10n_util::GetStringUTF16( | 164 description += l10n_util::GetStringUTF16( |
155 IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); | 165 IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); |
156 } | 166 } |
| 167 } else if (!ssl.tls_username().empty()) { |
| 168 // HTTPS with TLS-SRP (with no certificate) |
| 169 if (!description.empty()) |
| 170 description += ASCIIToUTF16("\n\n"); |
| 171 description += l10n_util::GetStringUTF16( |
| 172 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_SHARED_SECRET); |
157 } | 173 } |
| 174 |
| 175 if (!ssl.tls_username().empty()) { |
| 176 description += ASCIIToUTF16("\n\n"); |
| 177 description += l10n_util::GetStringFUTF16( |
| 178 IDS_PAGE_INFO_TLS_USER_IDENTITY, subject_name, ssl.tls_username()); |
| 179 } |
| 180 |
158 sections_.push_back(SectionInfo( | 181 sections_.push_back(SectionInfo( |
159 icon_id, | 182 icon_id, |
160 headline, | 183 headline, |
161 description, | 184 description, |
162 SECTION_INFO_IDENTITY)); | 185 SECTION_INFO_IDENTITY)); |
163 | 186 |
164 // Connection section. | 187 // Connection section. |
165 // We consider anything less than 80 bits encryption to be weak encryption. | 188 // We consider anything less than 80 bits encryption to be weak encryption. |
166 // TODO(wtc): Bug 1198735: report mixed/unsafe content for unencrypted and | 189 // TODO(wtc): Bug 1198735: report mixed/unsafe content for unencrypted and |
167 // weakly encrypted connections. | 190 // weakly encrypted connections. |
168 icon_id = ICON_STATE_OK; | 191 icon_id = ICON_STATE_OK; |
169 headline.clear(); | 192 headline.clear(); |
170 description.clear(); | 193 description.clear(); |
171 if (!ssl.cert_id()) { | 194 if (!ssl.cert_id() && ssl.tls_username().empty()) { |
172 // Not HTTPS. | 195 // Not HTTPS. |
173 DCHECK_EQ(ssl.security_style(), SECURITY_STYLE_UNAUTHENTICATED); | 196 DCHECK_EQ(ssl.security_style(), SECURITY_STYLE_UNAUTHENTICATED); |
174 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? | 197 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? |
175 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; | 198 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; |
176 description.assign(l10n_util::GetStringFUTF16( | 199 description.assign(l10n_util::GetStringFUTF16( |
177 IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, | 200 IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, |
178 subject_name)); | 201 subject_name)); |
179 } else if (ssl.security_bits() < 0) { | 202 } else if (ssl.security_bits() < 0) { |
180 // Security strength is unknown. Say nothing. | 203 // Security strength is unknown. Say nothing. |
181 icon_id = ICON_STATE_ERROR; | 204 icon_id = ICON_STATE_ERROR; |
(...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
359 gfx::NativeImage PageInfoModel::GetBitmapNamed(int resource_id) { | 382 gfx::NativeImage PageInfoModel::GetBitmapNamed(int resource_id) { |
360 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); | 383 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); |
361 gfx::NativeImage image = rb.GetNativeImageNamed(resource_id); | 384 gfx::NativeImage image = rb.GetNativeImageNamed(resource_id); |
362 #if defined(OS_MACOSX) | 385 #if defined(OS_MACOSX) |
363 // Unlike other platforms, the Mac ResourceBundle does not keep a shared image | 386 // Unlike other platforms, the Mac ResourceBundle does not keep a shared image |
364 // cache. These are released in the dtor. | 387 // cache. These are released in the dtor. |
365 base::mac::NSObjectRetain(image); | 388 base::mac::NSObjectRetain(image); |
366 #endif | 389 #endif |
367 return image; | 390 return image; |
368 } | 391 } |
OLD | NEW |