Expand SecurityStyleChanged interfaces to include explanations

chrome/browser/ssl/connection_security.h

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
 #define CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
 
 #include "base/macros.h"
 #include "content/public/common/security_style.h"
+#include "net/cert/cert_status_flags.h"
 
 namespace content {
 class WebContents;
 }  // namespace content
 
 // This namespace contains functions responsible for computing the
 // connection security status of a page.
 namespace connection_security {
 
 // TODO(wtc): unify this enum with SecurityStyle.  We
@@ skipping 22 matching lines @@
   SECURITY_WARNING,
 
   // HTTPS, but the certificate verification chain is anchored on a
   // certificate that was installed by the system administrator
   SECURITY_POLICY_WARNING,
 
   // Attempted HTTPS and failed, page not authenticated
   SECURITY_ERROR,
 };
 
+// Describes how the SHA1 deprecation policy applies to an HTTPS
+// connection.
+enum SHA1DeprecationStatus {
+  // No SHA1 deprecation policy applies.
+  NO_DEPRECATED_SHA1,
+  // The connection used a certificate with a SHA1 signature in the
+  // chain, and policy says that the connection should be treated as
+  // broken HTTPS.
+  DEPRECATED_SHA1_BROKEN,
+  // The connection used a certificate with a SHA1 signature in the
+  // chain, and policy says that the connection should be treated with a
+  // warning.
+  DEPRECATED_SHA1_WARNING

[Peter Kasting, 2015/06/16 06:29:11]

Nit: Trailing comma, for consistency with the existing enum in this file (and, I
think, the majority of Chrome code) (multiple places)

[estark, 2015/06/16 15:32:34]

Done.

+};
+
+// Describes the type of mixed content (if any) that a site
+// displayed/ran.
+enum MixedContentStatus {
+  NO_MIXED_CONTENT,
+  // The site displayed nonsecure resources (passive mixed content).
+  DISPLAYED_MIXED_CONTENT,
+  // The site ran nonsecure resources (active mixed content).
+  RAN_MIXED_CONTENT
+};
+
+// Contains information about a page's security status, including a
+// |SecurityStyle| and the information that was used to decide which

[Peter Kasting, 2015/06/16 06:29:11]

Nit: No || on type names (just variable names) (2 places)

[estark, 2015/06/16 15:32:34]

Done.

+// |SecurityStyle| to assign.
+struct SecurityInfo {
+  content::SecurityStyle security_style;
+  SHA1DeprecationStatus sha1_deprecation_status;
+  MixedContentStatus mixed_content_status;
+  net::CertStatus cert_status;
+};
+
 // Returns a security level describing the overall security state of
 // the given |WebContents|.
 SecurityLevel GetSecurityLevelForWebContents(
     const content::WebContents* web_contents);
 
-// Returns the content::SecurityStyle for the given |web_contents|.
+// Populates |security_info| with information describing the given
+// |web_contents|, including a content::SecurityStyle value and security
+// properties that caused that value to be chosen.
+//
 // Note: This is a lossy operation. Not all of the policies
 // that can be expressed by a SecurityLevel (a //chrome concept) can
 // be expressed by a content::SecurityStyle.
 // In general, code in //chrome should prefer to use
 // GetSecurityLevelForWebContents() to determine security policy, and
 // only use this function when policy needs to be supplied back to
 // layers in //content.
-content::SecurityStyle GetSecurityStyleForWebContents(
-    const content::WebContents* web_contents);
+void GetSecurityInfoForWebContents(const content::WebContents* web_contents,
+                                   SecurityInfo* security_info);
 
 }  // namespace connection_security
 
 #endif  // CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_