| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/security_state/security_state_model.h" | 5 #include "components/security_state/security_state_model.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "components/security_state/security_state_model_client.h" | 9 #include "components/security_state/security_state_model_client.h" |
| 10 #include "net/cert/x509_certificate.h" | 10 #include "net/cert/x509_certificate.h" |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 const char kUrl[] = "https://foo.test"; | 21 const char kUrl[] = "https://foo.test"; |
| 22 | 22 |
| 23 class TestSecurityStateModelClient : public SecurityStateModelClient { | 23 class TestSecurityStateModelClient : public SecurityStateModelClient { |
| 24 public: | 24 public: |
| 25 TestSecurityStateModelClient() | 25 TestSecurityStateModelClient() |
| 26 : initial_security_level_(SecurityStateModel::SECURE), | 26 : initial_security_level_(SecurityStateModel::SECURE), |
| 27 connection_status_(net::SSL_CONNECTION_VERSION_TLS1_2 | 27 connection_status_(net::SSL_CONNECTION_VERSION_TLS1_2 |
| 28 << net::SSL_CONNECTION_VERSION_SHIFT), | 28 << net::SSL_CONNECTION_VERSION_SHIFT), |
| 29 cert_status_(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT), | 29 cert_status_(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT), |
| 30 displayed_mixed_content_(false), | 30 displayed_mixed_content_(false), |
| 31 ran_mixed_content_(false) { | 31 ran_mixed_content_(false), |
| 32 displayed_content_with_cert_errors_(false), |
| 33 ran_content_with_cert_errors_(false) { |
| 32 cert_ = | 34 cert_ = |
| 33 net::ImportCertFromFile(net::GetTestCertsDirectory(), "sha1_2016.pem"); | 35 net::ImportCertFromFile(net::GetTestCertsDirectory(), "sha1_2016.pem"); |
| 34 } | 36 } |
| 35 ~TestSecurityStateModelClient() override {} | 37 ~TestSecurityStateModelClient() override {} |
| 36 | 38 |
| 37 void set_connection_status(int connection_status) { | 39 void set_connection_status(int connection_status) { |
| 38 connection_status_ = connection_status; | 40 connection_status_ = connection_status; |
| 39 } | 41 } |
| 40 void SetCipherSuite(uint16_t ciphersuite) { | 42 void SetCipherSuite(uint16_t ciphersuite) { |
| 41 net::SSLConnectionStatusSetCipherSuite(ciphersuite, &connection_status_); | 43 net::SSLConnectionStatusSetCipherSuite(ciphersuite, &connection_status_); |
| 42 } | 44 } |
| 43 void AddCertStatus(net::CertStatus cert_status) { | 45 void AddCertStatus(net::CertStatus cert_status) { |
| 44 cert_status_ |= cert_status; | 46 cert_status_ |= cert_status; |
| 45 } | 47 } |
| 46 void SetDisplayedMixedContent(bool displayed_mixed_content) { | 48 void SetDisplayedMixedContent(bool displayed_mixed_content) { |
| 47 displayed_mixed_content_ = displayed_mixed_content; | 49 displayed_mixed_content_ = displayed_mixed_content; |
| 48 } | 50 } |
| 49 void SetRanMixedContent(bool ran_mixed_content) { | 51 void SetRanMixedContent(bool ran_mixed_content) { |
| 50 ran_mixed_content_ = ran_mixed_content; | 52 ran_mixed_content_ = ran_mixed_content; |
| 51 } | 53 } |
| 54 void SetDisplayedContentWithCertErrors( |
| 55 bool displayed_content_with_cert_errors) { |
| 56 displayed_content_with_cert_errors_ = displayed_content_with_cert_errors; |
| 57 } |
| 58 void SetRanContentWithCertErrors(bool ran_content_with_cert_errors) { |
| 59 ran_content_with_cert_errors_ = ran_content_with_cert_errors; |
| 60 } |
| 52 void set_initial_security_level( | 61 void set_initial_security_level( |
| 53 SecurityStateModel::SecurityLevel security_level) { | 62 SecurityStateModel::SecurityLevel security_level) { |
| 54 initial_security_level_ = security_level; | 63 initial_security_level_ = security_level; |
| 55 } | 64 } |
| 56 | 65 |
| 57 // SecurityStateModelClient: | 66 // SecurityStateModelClient: |
| 58 void GetVisibleSecurityState( | 67 void GetVisibleSecurityState( |
| 59 SecurityStateModel::VisibleSecurityState* state) override { | 68 SecurityStateModel::VisibleSecurityState* state) override { |
| 60 state->initialized = true; | 69 state->initialized = true; |
| 61 state->url = GURL(kUrl); | 70 state->url = GURL(kUrl); |
| 62 state->initial_security_level = initial_security_level_; | 71 state->initial_security_level = initial_security_level_; |
| 63 state->cert_id = 1; | 72 state->cert_id = 1; |
| 64 state->cert_status = cert_status_; | 73 state->cert_status = cert_status_; |
| 65 state->connection_status = connection_status_; | 74 state->connection_status = connection_status_; |
| 66 state->security_bits = 256; | 75 state->security_bits = 256; |
| 67 state->displayed_mixed_content = displayed_mixed_content_; | 76 state->displayed_mixed_content = displayed_mixed_content_; |
| 68 state->ran_mixed_content = ran_mixed_content_; | 77 state->ran_mixed_content = ran_mixed_content_; |
| 78 state->displayed_content_with_cert_errors = |
| 79 displayed_content_with_cert_errors_; |
| 80 state->ran_content_with_cert_errors = ran_content_with_cert_errors_; |
| 69 } | 81 } |
| 70 | 82 |
| 71 bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override { | 83 bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override { |
| 72 *cert = cert_; | 84 *cert = cert_; |
| 73 return true; | 85 return true; |
| 74 } | 86 } |
| 75 | 87 |
| 76 bool UsedPolicyInstalledCertificate() override { return false; } | 88 bool UsedPolicyInstalledCertificate() override { return false; } |
| 77 | 89 |
| 78 // Always returns true because all unit tests in this file test | 90 // Always returns true because all unit tests in this file test |
| 79 // scenarios in which the origin is secure. | 91 // scenarios in which the origin is secure. |
| 80 bool IsOriginSecure(const GURL& url) override { return true; } | 92 bool IsOriginSecure(const GURL& url) override { return true; } |
| 81 | 93 |
| 82 private: | 94 private: |
| 83 SecurityStateModel::SecurityLevel initial_security_level_; | 95 SecurityStateModel::SecurityLevel initial_security_level_; |
| 84 scoped_refptr<net::X509Certificate> cert_; | 96 scoped_refptr<net::X509Certificate> cert_; |
| 85 int connection_status_; | 97 int connection_status_; |
| 86 net::CertStatus cert_status_; | 98 net::CertStatus cert_status_; |
| 87 bool displayed_mixed_content_; | 99 bool displayed_mixed_content_; |
| 88 bool ran_mixed_content_; | 100 bool ran_mixed_content_; |
| 101 bool displayed_content_with_cert_errors_; |
| 102 bool ran_content_with_cert_errors_; |
| 89 }; | 103 }; |
| 90 | 104 |
| 91 // Tests that SHA1-signed certificates expiring in 2016 downgrade the | 105 // Tests that SHA1-signed certificates expiring in 2016 downgrade the |
| 92 // security state of the page. | 106 // security state of the page. |
| 93 TEST(SecurityStateModelTest, SHA1Warning) { | 107 TEST(SecurityStateModelTest, SHA1Warning) { |
| 94 TestSecurityStateModelClient client; | 108 TestSecurityStateModelClient client; |
| 95 SecurityStateModel model; | 109 SecurityStateModel model; |
| 96 model.SetClient(&client); | 110 model.SetClient(&client); |
| 97 const SecurityStateModel::SecurityInfo& security_info = | 111 const SecurityStateModel::SecurityInfo& security_info = |
| 98 model.GetSecurityInfo(); | 112 model.GetSecurityInfo(); |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 186 << net::SSL_CONNECTION_VERSION_SHIFT); | 200 << net::SSL_CONNECTION_VERSION_SHIFT); |
| 187 client.SetCipherSuite(ciphersuite); | 201 client.SetCipherSuite(ciphersuite); |
| 188 const SecurityStateModel::SecurityInfo& security_info = | 202 const SecurityStateModel::SecurityInfo& security_info = |
| 189 model.GetSecurityInfo(); | 203 model.GetSecurityInfo(); |
| 190 EXPECT_FALSE(security_info.is_secure_protocol_and_ciphersuite); | 204 EXPECT_FALSE(security_info.is_secure_protocol_and_ciphersuite); |
| 191 } | 205 } |
| 192 | 206 |
| 193 } // namespace | 207 } // namespace |
| 194 | 208 |
| 195 } // namespace security_state | 209 } // namespace security_state |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2224023003:
Teach SecurityStateModel about subresources with cert errors (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master