Expose TLS settings in the Security panel overview, and call out individual obsolete settings.

net/ssl/ssl_cipher_suite_names.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/ssl/ssl_cipher_suite_names.h"
 
 #if defined(USE_OPENSSL)
 #include <openssl/ssl.h>
 #endif
 #include <stdlib.h>
@@ skipping 344 matching lines @@
   if (cipher_string.size() == 6 &&
       base::StartsWith(cipher_string, "0x",
                        base::CompareCase::INSENSITIVE_ASCII) &&
       base::HexStringToInt(cipher_string, &value)) {
     *cipher_suite = static_cast<uint16_t>(value);
     return true;
   }
   return false;
 }
 
-bool IsSecureTLSCipherSuite(uint16_t cipher_suite) {
+int ObsoleteSSLStatus(int connection_status) {

[lgarron, 2016/04/09 03:22:50]

I think that this is the right level of abstraction (a single function call to
get all 3 mask bits, including protocol).

I would move this function to another file like net/ssl/obsolete_ssl_stats.{h,
cc}, but that requires exposing GetCipherProperties() in
ssl_cipher_suite_names.h. The values in the switch statements would also become
even-more-magic numbers, given that the cipher suite listing is in
ssl_cipher_suite_names.cc

Do you have a preference?

[lgarron, 2016/04/12 02:25:08]

ping

[davidben, 2016/04/19 17:47:01]

I'm a little sad about this connection_status thing, but I don't have a clear
alternate suggestion if you insist on including the protocol.

If not, the protocol check is redundant. Though I suppose we will be happier if
you're TLS 1.2 with an insecure cipher suite than TLS 1.1 since we can get a
tiny bit closer to ridding ourselves of SHA-1.

   int key_exchange, cipher, mac;
-  if (!GetCipherProperties(cipher_suite, &key_exchange, &cipher, &mac))
-    return false;
+  int obsolete_ssl = OBSOLETE_SSL_NONE;
+
+  int ssl_version = SSLConnectionStatusToVersion(connection_status);
+  if (ssl_version < SSL_CONNECTION_VERSION_TLS1_2) {
+    obsolete_ssl |= OBSOLETE_SSL_MASK_PROTOCOL;
+  }
+
+  uint16_t cipher_suite = SSLConnectionStatusToCipherSuite(connection_status);
+  if (!GetCipherProperties(cipher_suite, &key_exchange, &cipher, &mac)) {
+    // Cannot determine/unknown cipher suite. Err on the side of caution.
+    obsolete_ssl |= OBSOLETE_SSL_MASK_KEY_EXCHANGE;
+    obsolete_ssl |= OBSOLETE_SSL_MASK_CIPHER_SUITE;
+    return obsolete_ssl;
+  }
 
   // Only allow ECDHE key exchanges.
   switch (key_exchange) {
     case 14:  // ECDHE_ECDSA
     case 16:  // ECDHE_RSA
       break;
     default:
-      return false;
+      obsolete_ssl |= OBSOLETE_SSL_MASK_KEY_EXCHANGE;
   }
 
   switch (cipher) {
     case 13:  // AES_128_GCM
     case 14:  // AES_256_GCM
     case 17:  // CHACHA20_POLY1305
       break;
     default:
-      return false;
+      obsolete_ssl |= OBSOLETE_SSL_MASK_CIPHER_SUITE;
   }
 
   // Only AEADs allowed.
   if (mac != kAEADMACValue)
-    return false;
+    obsolete_ssl |= OBSOLETE_SSL_MASK_CIPHER_SUITE;
 
-  return true;
+  return obsolete_ssl;
 }
 
 bool IsTLSCipherSuiteAllowedByHTTP2(uint16_t cipher_suite) {
   int key_exchange, cipher, mac;
   if (!GetCipherProperties(cipher_suite, &key_exchange, &cipher, &mac))
     return false;
 
   // Only allow forward secure key exchanges.
   switch (key_exchange) {
     case 10:  // DHE_RSA
@@ skipping 32 matching lines @@
     default:
       return nullptr;
   }
   return SSL_get_curve_name(key_exchange_info);
 #else
   return nullptr;
 #endif
 }
 
 }  // namespace net