Componentize SecurityStateModel

components/security_state/security_state_model.h

+// Copyright 2015 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_
+#define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_
+
+#include "base/macros.h"
+#include "net/cert/cert_status_flags.h"
+#include "net/cert/sct_status_flags.h"
+#include "net/cert/x509_certificate.h"
+
+namespace security_state {
+
+class SecurityStateModelDelegate;
+
+// SecurityStateModel provides high-level security information about a
+// page or request. The SecurityStateModel takes as input a basic set of
+// information about the SSL properties of the page or request, and
+// produces as ouptut a SecurityInfo object describing the security
+// state with policies such as crypto deprecations, mixed content,
+// etc. applied.
+//
+// SecurityInfo is the main data structure computed
+// by a SecurityStateModel. SecurityInfo contains a SecurityLevel (which
+// is a single value describing the overall security state) along with
+// information that a consumer might want to display in UI to explain or
+// elaborate on the SecurityLevel.
+
+// Describes the overall security state of the page.
+//
+// If you reorder, add, or delete values from this enum, you must also
+// update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel.
+//
+// A Java counterpart will be generated for this enum.
+// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.components.security_state
+// GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel
+enum SecurityLevel {
+  // HTTP/no URL/HTTPS but with insecure passive content on the page
+  NONE,
+
+  // HTTPS with valid EV cert
+  EV_SECURE,
+
+  // HTTPS (non-EV) with valid cert
+  SECURE,
+
+  // HTTPS, but unable to check certificate revocation status or with
+  // errors
+  SECURITY_WARNING,
+
+  // HTTPS, but the certificate verification chain is anchored on a
+  // certificate that was installed by the system administrator
+  SECURITY_POLICY_WARNING,
+
+  // Attempted HTTPS and failed, page not authenticated, or HTTPS with
+  // insecure active content on the page
+  SECURITY_ERROR,
+};
+
+// Describes how the SHA1 deprecation policy applies to an HTTPS
+// connection.
+enum SHA1DeprecationStatus {
+  // No SHA1 deprecation policy applies.
+  NO_DEPRECATED_SHA1,
+  // The connection used a certificate with a SHA1 signature in the
+  // chain, and policy says that the connection should be treated with a
+  // warning.
+  DEPRECATED_SHA1_MINOR,
+  // The connection used a certificate with a SHA1 signature in the
+  // chain, and policy says that the connection should be treated as
+  // broken HTTPS.
+  DEPRECATED_SHA1_MAJOR,
+};
+
+// Describes the type of mixed content (if any) that a site
+// displayed/ran.
+enum MixedContentStatus {
+  NO_MIXED_CONTENT,
+  // The site displayed insecure resources (passive mixed content).
+  DISPLAYED_MIXED_CONTENT,
+  // The site ran insecure code (active mixed content).
+  RAN_MIXED_CONTENT,
+  // The site both ran and displayed insecure resources.
+  RAN_AND_DISPLAYED_MIXED_CONTENT,
+};
+
+// Describes the security status of a page or request. This is the
+// main data structure provided by SecurityStateModel.
+struct SecurityInfo {
+  SecurityInfo();
+  ~SecurityInfo();
+  SecurityLevel security_level;
+  SHA1DeprecationStatus sha1_deprecation_status;
+  MixedContentStatus mixed_content_status;
+  // The verification statuses of the signed certificate timestamps
+  // for the connection.
+  std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses;
+  bool scheme_is_cryptographic;
+  net::CertStatus cert_status;
+  int cert_id;
+  // The security strength, in bits, of the SSL cipher suite. In late
+  // 2015, 128 is considered the minimum.
+  // 0 means the connection is not encrypted.
+  // -1 means the security strength is unknown.
+  int security_bits;
+  // Information about the SSL connection, such as protocol and
+  // ciphersuite. See ssl_connection_flags.h in net.
+  int connection_status;
+  // True if the protocol version and ciphersuite for the connection
+  // are considered secure.
+  bool is_secure_protocol_and_ciphersuite;
+};
+
+class SecurityStateModel {
+ public:
+  SecurityStateModel();
+  virtual ~SecurityStateModel();
+
+  void SetDelegate(SecurityStateModelDelegate* delegate);
+
+  // These security levels describe the treatment given to pages that
+  // display and run mixed content. They are used to coordinate the
+  // treatment of mixed content with other security UI elements.
+  static const SecurityLevel kDisplayedInsecureContentLevel;
+  static const SecurityLevel kRanInsecureContentLevel;
+
+  // Returns a SecurityInfo describing the current page or
+  // request. Results are cached so that computation is only done when
+  // relevant state has changed.
+  const SecurityInfo& GetSecurityInfo() const;
+
+ private:
+  SecurityStateModelDelegate* delegate_;
+
+  // Caches the SecurityInfo for the page or request. Marked mutable so
+  // that the const accessor GetSecurityInfo() can update the cached
+  // value.
+  mutable SecurityInfo security_info_;
+
+  DISALLOW_COPY_AND_ASSIGN(SecurityStateModel);
+};
+
+}  // namespace security_state
+
+#endif  // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_