Componentize SecurityStateModel

chrome/browser/ssl/chrome_security_state_model_delegate.cc

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/ssl/chrome_security_state_model_delegate.h"
+
+#include "base/command_line.h"
+#include "base/metrics/field_trial.h"
+#include "base/metrics/histogram_macros.h"
+#include "chrome/browser/chromeos/policy/policy_cert_service.h"
+#include "chrome/browser/chromeos/policy/policy_cert_service_factory.h"
+#include "chrome/browser/profiles/profile.h"
+#include "chrome/common/chrome_constants.h"
+#include "chrome/common/chrome_switches.h"
+#include "content/public/browser/cert_store.h"
+#include "content/public/browser/navigation_entry.h"
+#include "content/public/common/origin_util.h"
+
+DEFINE_WEB_CONTENTS_USER_DATA_KEY(ChromeSecurityStateModelDelegate);
+
+ChromeSecurityStateModelDelegate::~ChromeSecurityStateModelDelegate() {}
+
+const security_state::SecurityInfo&
+ChromeSecurityStateModelDelegate::GetSecurityInfo() const {
+  return security_state_model_->GetSecurityInfo();
+}
+
+bool ChromeSecurityStateModelDelegate::VisibleSecurityStateChanged() {
+  content::NavigationEntry* entry =
+      web_contents_->GetController().GetVisibleEntry();
+  if (!entry)
+    return true;
+
+  const GURL& new_url = entry->GetURL();
+  const content::SSLStatus& new_ssl = entry->GetSSL();
+  if (new_url == visible_url_ && new_ssl.Equals(visible_ssl_status_))
+    return false;
+  visible_url_ = new_url;
+  visible_ssl_status_ = new_ssl;
+  return true;
+}
+
+bool ChromeSecurityStateModelDelegate::RetrieveCert(
+    scoped_refptr<net::X509Certificate>* cert) {
+  return content::CertStore::GetInstance()->RetrieveCert(
+      visible_ssl_status_.cert_id, cert);
+}
+
+security_state::SecurityLevel
+ChromeSecurityStateModelDelegate::GetInitialSecurityLevel() {
+  content::SecurityStyle security_style = visible_ssl_status_.security_style;
+  switch (security_style) {
+    case content::SECURITY_STYLE_UNKNOWN:
+    case content::SECURITY_STYLE_UNAUTHENTICATED:
+      return security_state::NONE;
+    case content::SECURITY_STYLE_AUTHENTICATION_BROKEN:
+      return security_state::SECURITY_ERROR;
+    case content::SECURITY_STYLE_WARNING:
+      return security_state::SECURITY_WARNING;
+    case content::SECURITY_STYLE_AUTHENTICATED:
+      return security_state::SECURE;
+  }
+  return security_state::NONE;
+}
+
+security_state::SecurityLevel
+ChromeSecurityStateModelDelegate::GetSecurityLevelForNonSecure(
+    const GURL& url) {
+  if (content::IsOriginSecure(url) || !url.IsStandard())
+    return security_state::NONE;
+
+  std::string choice =
+      base::CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
+          switches::kMarkNonSecureAs);
+  std::string group = base::FieldTrialList::FindFullName("MarkNonSecureAs");
+
+  // Do not change this enum. It is used in the histogram.
+  enum MarkNonSecureStatus { NEUTRAL, DUBIOUS, NON_SECURE, LAST_STATUS };
+  const char kEnumeration[] = "MarkNonSecureAs";
+
+  security_state::SecurityLevel level = security_state::NONE;
+  MarkNonSecureStatus status;
+
+  if (choice == switches::kMarkNonSecureAsNeutral) {
+    status = NEUTRAL;
+    level = security_state::NONE;
+  } else if (choice == switches::kMarkNonSecureAsNonSecure) {
+    status = NON_SECURE;
+    level = security_state::SECURITY_ERROR;
+  } else if (group == switches::kMarkNonSecureAsNeutral) {
+    status = NEUTRAL;
+    level = security_state::NONE;
+  } else if (group == switches::kMarkNonSecureAsNonSecure) {
+    status = NON_SECURE;
+    level = security_state::SECURITY_ERROR;
+  } else {
+    status = NEUTRAL;
+    level = security_state::NONE;
+  }
+
+  UMA_HISTOGRAM_ENUMERATION(kEnumeration, status, LAST_STATUS);
+  return level;
+}
+
+bool ChromeSecurityStateModelDelegate::UsedKnownMITMCertificate() {
+#if defined(OS_CHROMEOS)
+  policy::PolicyCertService* service =
+      policy::PolicyCertServiceFactory::GetForProfile(
+          Profile::FromBrowserContext(web_contents_->GetBrowserContext()));
+  if (service && service->UsedPolicyCertificates())
+    return true;
+#endif
+  return false;
+}
+
+int ChromeSecurityStateModelDelegate::GetCertId() {
+  return visible_ssl_status_.cert_id;
+}
+
+net::CertStatus ChromeSecurityStateModelDelegate::GetCertStatus() {
+  return visible_ssl_status_.cert_status;
+}
+
+int ChromeSecurityStateModelDelegate::GetConnectionStatus() {
+  return visible_ssl_status_.connection_status;
+}
+
+int ChromeSecurityStateModelDelegate::GetSecurityBits() {
+  return visible_ssl_status_.security_bits;
+}
+
+const GURL& ChromeSecurityStateModelDelegate::GetURL() {
+  content::NavigationEntry* entry =
+      web_contents_->GetController().GetVisibleEntry();
+  if (!entry)
+    return empty_url_;
+  return entry->GetURL();
+}
+
+bool ChromeSecurityStateModelDelegate::RanMixedContent() {
+  if (visible_ssl_status_.content_status &
+      content::SSLStatus::RAN_INSECURE_CONTENT) {
+    return true;
+  }
+  return false;
+}
+
+bool ChromeSecurityStateModelDelegate::DisplayedMixedContent() {
+  if (visible_ssl_status_.content_status &
+      content::SSLStatus::DISPLAYED_INSECURE_CONTENT) {
+    return true;
+  }
+  return false;
+}
+
+void ChromeSecurityStateModelDelegate::GetSCTVerifyStatuses(
+    std::vector<net::ct::SCTVerifyStatus>* sct_verify_statuses) {
+  for (const auto& sct : visible_ssl_status_.signed_certificate_timestamp_ids) {
+    sct_verify_statuses->push_back(sct.status);
+  }
+}
+
+ChromeSecurityStateModelDelegate::ChromeSecurityStateModelDelegate(
+    content::WebContents* web_contents)
+    : web_contents_(web_contents),
+      security_state_model_(new security_state::SecurityStateModel()) {
+  security_state_model_->SetDelegate(this);
+}