Chromium Code Reviews Chromium Code Reviews
Issue 1123943002:
Move SecurityLevel into a class of its own (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/ssl/connection_security_helper.cc |
| diff --git a/chrome/browser/ssl/connection_security_helper.cc b/chrome/browser/ssl/connection_security_helper.cc |
| new file mode 100644 |
| index 0000000000000000000000000000000000000000..080b85b28705d3f1e9ba359dea11e00ee8eeb2ac |
| --- /dev/null |
| +++ b/chrome/browser/ssl/connection_security_helper.cc |
| @@ -0,0 +1,130 @@ |
| +// Copyright 2015 The Chromium Authors. All rights reserved. |
| +// Use of this source code is governed by a BSD-style license that can be |
| +// found in the LICENSE file. |
| + |
| +#include "chrome/browser/ssl/connection_security_helper.h" |
| + |
| +#include "base/command_line.h" |
| +#include "base/metrics/field_trial.h" |
| +#include "base/prefs/pref_service.h" |
| +#include "chrome/browser/profiles/profile.h" |
| +#include "chrome/browser/ssl/ssl_error_info.h" |
| +#include "chrome/common/chrome_constants.h" |
| +#include "chrome/common/chrome_switches.h" |
| +#include "chrome/common/pref_names.h" |
| +#include "content/public/browser/cert_store.h" |
| +#include "content/public/browser/navigation_controller.h" |
| +#include "content/public/browser/navigation_entry.h" |
| +#include "content/public/browser/web_contents.h" |
| +#include "content/public/common/ssl_status.h" |
| +#include "net/base/net_util.h" |
| +#include "net/cert/cert_status_flags.h" |
| +#include "net/cert/x509_certificate.h" |
| +#include "net/ssl/ssl_connection_status_flags.h" |
| +#include "url/url_constants.h" |
| + |
| +#if defined(OS_CHROMEOS) |
| +#include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| +#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| +#endif |
| + |
| +namespace { |
| + |
| +ConnectionSecurityHelper::SecurityLevel |
| +GetSecurityLevelForNonSecureFieldTrial() { |
| + std::string choice = |
|
Peter Kasting
2015/05/09 04:34:56
Nit: There are two ways to write this function in
estark
2015/05/11 01:59:25
I think #2 doesn't quite match the behavior of the
Peter Kasting
2015/05/11 19:15:46
You're right, good catch.
estark
2015/05/11 19:20:09
ok, I reverted it back to leave it as it was origi
|
| + base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII( |
| + switches::kMarkNonSecureAs); |
| + if (choice == switches::kMarkNonSecureAsNeutral) |
| + return ConnectionSecurityHelper::NONE; |
| + if (choice == switches::kMarkNonSecureAsDubious) |
| + return ConnectionSecurityHelper::SECURITY_WARNING; |
| + if (choice == switches::kMarkNonSecureAsNonSecure) |
| + return ConnectionSecurityHelper::SECURITY_ERROR; |
| + |
| + std::string group = base::FieldTrialList::FindFullName("MarkNonSecureAs"); |
| + if (group == switches::kMarkNonSecureAsNeutral) |
| + return ConnectionSecurityHelper::NONE; |
| + if (group == switches::kMarkNonSecureAsDubious) |
| + return ConnectionSecurityHelper::SECURITY_WARNING; |
| + if (group == switches::kMarkNonSecureAsNonSecure) |
| + return ConnectionSecurityHelper::SECURITY_ERROR; |
| + |
| + return ConnectionSecurityHelper::NONE; |
| +} |
| + |
| +} // namespace |
| + |
| +ConnectionSecurityHelper::SecurityLevel |
| +ConnectionSecurityHelper::GetSecurityLevelForWebContents( |
| + content::WebContents* web_contents) { |
| + if (!web_contents) |
| + return NONE; |
| + |
| + content::NavigationEntry* entry = |
| + web_contents->GetController().GetVisibleEntry(); |
| + if (!entry) |
| + return NONE; |
| + |
| + const content::SSLStatus& ssl = entry->GetSSL(); |
| + switch (ssl.security_style) { |
| + case content::SECURITY_STYLE_UNKNOWN: |
| + return NONE; |
| + |
| + case content::SECURITY_STYLE_UNAUTHENTICATED: { |
| + const GURL& url = entry->GetURL(); |
| + if (url.SchemeIs(url::kHttpScheme) || url.SchemeIs(url::kFtpScheme)) |
| + return GetSecurityLevelForNonSecureFieldTrial(); |
| + return NONE; |
| + } |
| + |
| + case content::SECURITY_STYLE_AUTHENTICATION_BROKEN: |
| + return SECURITY_ERROR; |
| + |
| + case content::SECURITY_STYLE_AUTHENTICATED: { |
| +#if defined(OS_CHROMEOS) |
| + policy::PolicyCertService* service = |
| + policy::PolicyCertServiceFactory::GetForProfile( |
| + Profile::FromBrowserContext(web_contents->GetBrowserContext())); |
| + if (service && service->UsedPolicyCertificates()) |
| + return SECURITY_POLICY_WARNING; |
| +#endif |
| + if (ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT) |
| + return SECURITY_WARNING; |
| + scoped_refptr<net::X509Certificate> cert; |
| + if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) && |
| + (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT)) { |
| + // The internal representation of the dates for UI treatment of SHA-1. |
| + // See http://crbug.com/401365 for details. |
| + static const int64_t kJanuary2017 = INT64_C(13127702400000000); |
| + // kJanuary2016 needs to be kept in sync with |
| + // ToolbarModelAndroid::IsDeprecatedSHA1Present(). |
| + static const int64_t kJanuary2016 = INT64_C(13096080000000000); |
| + if (cert->valid_expiry() >= |
| + base::Time::FromInternalValue(kJanuary2017)) { |
| + return SECURITY_ERROR; |
| + } |
| + if (cert->valid_expiry() >= |
| + base::Time::FromInternalValue(kJanuary2016)) { |
| + return SECURITY_WARNING; |
| + } |
| + } |
| + if (net::IsCertStatusError(ssl.cert_status)) { |
| + DCHECK(net::IsCertStatusMinorError(ssl.cert_status)); |
| + return SECURITY_WARNING; |
| + } |
| + if (net::SSLConnectionStatusToVersion(ssl.connection_status) == |
| + net::SSL_CONNECTION_VERSION_SSL3) { |
| + // SSLv3 will be removed in the future. |
| + return SECURITY_WARNING; |
| + } |
| + if ((ssl.cert_status & net::CERT_STATUS_IS_EV) && cert) |
| + return EV_SECURE; |
| + return SECURE; |
| + } |
| + |
| + default: |
| + NOTREACHED(); |
| + return NONE; |
| + } |
| +} |
