Index: chrome/browser/ui/android/toolbar/toolbar_model_android.cc |
diff --git a/chrome/browser/ui/android/toolbar/toolbar_model_android.cc b/chrome/browser/ui/android/toolbar/toolbar_model_android.cc |
index 9c7241cabb40915f8811334d58136a28618901ff..293eaf81719832cc26341d33bd78dcf43466ebd7 100644 |
--- a/chrome/browser/ui/android/toolbar/toolbar_model_android.cc |
+++ b/chrome/browser/ui/android/toolbar/toolbar_model_android.cc |
@@ -71,3 +71,38 @@ |
ToolbarModelAndroid* toolbar_model = new ToolbarModelAndroid(env, delegate); |
return reinterpret_cast<intptr_t>(toolbar_model); |
} |
+ |
+// Temporary method to allow us to surface a SHA-1 deprecation string on Android |
+// in M42. This duplicates a subset of the logic from |
+// ToolbarModelImpl::GetSecurityLevelForWebContents() and |
+// WebsiteSettings::Init(), which should really be refactored. |
+// This is at the wrong layer, and needs to be refactored (along with desktop): |
+// https://crbug.com/471390 |
+ |
+// static |
+jboolean IsDeprecatedSHA1Present(JNIEnv* env, |
+ const JavaParamRef<jclass>& jcaller, |
+ const JavaParamRef<jobject>& jweb_contents) { |
+ content::WebContents* web_contents = |
+ content::WebContents::FromJavaWebContents(jweb_contents); |
+ DCHECK(web_contents); |
+ |
+ content::NavigationEntry* entry = |
+ web_contents->GetController().GetVisibleEntry(); |
+ if (!entry) |
+ return false; |
+ |
+ const content::SSLStatus& ssl = entry->GetSSL(); |
+ if (ssl.security_style == content::SECURITY_STYLE_AUTHENTICATED) { |
+ scoped_refptr<net::X509Certificate> cert; |
+ // NOTE: This constant needs to be kept in sync with |
+ // ToolbarModelImpl::GetSecurityLevelForWebContents(). |
+ static const int64_t kJanuary2016 = INT64_C(13096080000000000); |
+ if (content::CertStore::GetInstance()->RetrieveCert(ssl.cert_id, &cert) && |
+ (ssl.cert_status & net::CERT_STATUS_SHA1_SIGNATURE_PRESENT) && |
+ cert->valid_expiry() > base::Time::FromInternalValue(kJanuary2016)) { |
+ return true; |
+ } |
+ } |
+ return false; |
+} |