OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 5 #ifndef COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 6 #define COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
7 | 7 |
8 #include "base/macros.h" | 8 #include "base/macros.h" |
9 #include "net/cert/cert_status_flags.h" | 9 #include "net/cert/cert_status_flags.h" |
10 #include "net/cert/sct_status_flags.h" | 10 #include "net/cert/sct_status_flags.h" |
(...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
100 // 2015, 128 is considered the minimum. | 100 // 2015, 128 is considered the minimum. |
101 // 0 means the connection is not encrypted. | 101 // 0 means the connection is not encrypted. |
102 // -1 means the security strength is unknown. | 102 // -1 means the security strength is unknown. |
103 int security_bits; | 103 int security_bits; |
104 // Information about the SSL connection, such as protocol and | 104 // Information about the SSL connection, such as protocol and |
105 // ciphersuite. See ssl_connection_flags.h in net. | 105 // ciphersuite. See ssl_connection_flags.h in net. |
106 int connection_status; | 106 int connection_status; |
107 // True if the protocol version and ciphersuite for the connection | 107 // True if the protocol version and ciphersuite for the connection |
108 // are considered secure. | 108 // are considered secure. |
109 bool is_secure_protocol_and_ciphersuite; | 109 bool is_secure_protocol_and_ciphersuite; |
| 110 |
| 111 // True if pinning was bypassed due to a local trust anchor. |
| 112 bool pkp_bypassed; |
110 }; | 113 }; |
111 | 114 |
112 // Contains the security state relevant to computing the SecurityInfo | 115 // Contains the security state relevant to computing the SecurityInfo |
113 // for a page. This is the input to GetSecurityInfo() provided by the | 116 // for a page. This is the input to GetSecurityInfo() provided by the |
114 // model's client. | 117 // model's client. |
115 struct VisibleSecurityState { | 118 struct VisibleSecurityState { |
116 VisibleSecurityState(); | 119 VisibleSecurityState(); |
117 ~VisibleSecurityState(); | 120 ~VisibleSecurityState(); |
118 bool operator==(const VisibleSecurityState& other) const; | 121 bool operator==(const VisibleSecurityState& other) const; |
119 bool initialized; | 122 bool initialized; |
120 GURL url; | 123 GURL url; |
121 // The baseline SecurityLevel describing the page or request before | 124 // The baseline SecurityLevel describing the page or request before |
122 // any SecurityStateModel policies have been applied. | 125 // any SecurityStateModel policies have been applied. |
123 SecurityLevel initial_security_level; | 126 SecurityLevel initial_security_level; |
124 // The following fields contain information about the connection | 127 // The following fields contain information about the connection |
125 // used to load the page or request. | 128 // used to load the page or request. |
126 int cert_id; | 129 int cert_id; |
127 net::CertStatus cert_status; | 130 net::CertStatus cert_status; |
128 int connection_status; | 131 int connection_status; |
129 int security_bits; | 132 int security_bits; |
130 // The verification statuses of the Signed Certificate | 133 // The verification statuses of the Signed Certificate |
131 // Timestamps (if any) that the server provided. | 134 // Timestamps (if any) that the server provided. |
132 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; | 135 std::vector<net::ct::SCTVerifyStatus> sct_verify_statuses; |
133 // True if the page displayed passive mixed content. | 136 // True if the page displayed passive mixed content. |
134 bool displayed_mixed_content; | 137 bool displayed_mixed_content; |
135 // True if the page ran active mixed content. | 138 // True if the page ran active mixed content. |
136 bool ran_mixed_content; | 139 bool ran_mixed_content; |
| 140 // True if PKP was bypassed due to a local trust anchor. |
| 141 bool pkp_bypassed; |
137 }; | 142 }; |
138 | 143 |
139 // These security levels describe the treatment given to pages that | 144 // These security levels describe the treatment given to pages that |
140 // display and run mixed content. They are used to coordinate the | 145 // display and run mixed content. They are used to coordinate the |
141 // treatment of mixed content with other security UI elements. | 146 // treatment of mixed content with other security UI elements. |
142 static const SecurityLevel kDisplayedInsecureContentLevel; | 147 static const SecurityLevel kDisplayedInsecureContentLevel; |
143 static const SecurityLevel kRanInsecureContentLevel; | 148 static const SecurityLevel kRanInsecureContentLevel; |
144 | 149 |
145 SecurityStateModel(); | 150 SecurityStateModel(); |
146 virtual ~SecurityStateModel(); | 151 virtual ~SecurityStateModel(); |
(...skipping 13 matching lines...) Expand all Loading... |
160 mutable VisibleSecurityState visible_security_state_; | 165 mutable VisibleSecurityState visible_security_state_; |
161 | 166 |
162 SecurityStateModelClient* client_; | 167 SecurityStateModelClient* client_; |
163 | 168 |
164 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); | 169 DISALLOW_COPY_AND_ASSIGN(SecurityStateModel); |
165 }; | 170 }; |
166 | 171 |
167 } // namespace security_state | 172 } // namespace security_state |
168 | 173 |
169 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ | 174 #endif // COMPONENTS_SECURITY_STATE_SECURITY_STATE_MODEL_H_ |
OLD | NEW |