Chromium Code Reviews Chromium Code Reviews
Issue 2272603003:
Route key_exchange_group over to DevTools. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" | 5 #include "chrome/browser/ssl/chrome_security_state_model_client.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | |
| 8 | |
| 7 #include <vector> | 9 #include <vector> |
| 8 | 10 |
| 9 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 10 #include "base/metrics/field_trial.h" | 12 #include "base/metrics/field_trial.h" |
| 11 #include "base/metrics/histogram_macros.h" | 13 #include "base/metrics/histogram_macros.h" |
| 12 #include "base/strings/string16.h" | 14 #include "base/strings/string16.h" |
| 13 #include "base/strings/utf_string_conversions.h" | 15 #include "base/strings/utf_string_conversions.h" |
| 14 #include "build/build_config.h" | 16 #include "build/build_config.h" |
| 15 #include "chrome/browser/chromeos/policy/policy_cert_service.h" | 17 #include "chrome/browser/chromeos/policy/policy_cert_service.h" |
| 16 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" | 18 #include "chrome/browser/chromeos/policy/policy_cert_service_factory.h" |
| (...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 105 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); | 107 net::SSLConnectionStatusToCipherSuite(security_info.connection_status); |
| 106 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, | 108 net::SSLCipherSuiteToStrings(&key_exchange, &cipher, &mac, &is_aead, |
| 107 cipher_suite); | 109 cipher_suite); |
| 108 base::string16 protocol_name = base::ASCIIToUTF16(protocol); | 110 base::string16 protocol_name = base::ASCIIToUTF16(protocol); |
| 109 base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange); | 111 base::string16 key_exchange_name = base::ASCIIToUTF16(key_exchange); |
| 110 const base::string16 cipher_name = | 112 const base::string16 cipher_name = |
| 111 (mac == NULL) ? base::ASCIIToUTF16(cipher) | 113 (mac == NULL) ? base::ASCIIToUTF16(cipher) |
| 112 : l10n_util::GetStringFUTF16(IDS_CIPHER_WITH_MAC, | 114 : l10n_util::GetStringFUTF16(IDS_CIPHER_WITH_MAC, |
| 113 base::ASCIIToUTF16(cipher), | 115 base::ASCIIToUTF16(cipher), |
| 114 base::ASCIIToUTF16(mac)); | 116 base::ASCIIToUTF16(mac)); |
| 117 | |
| 118 // Include the key exchange group (previously known as curve) if specified. | |
| 119 // | |
| 120 // TODO(davidben): When TLS 1.3's new negotiation is implemented, omit the | |
| 121 // "key exchange" if empty and only display the group, which is the true key | |
| 122 // exchange. See https://crbug.com/639495. | |
| 123 if (security_info.key_exchange_group != 0) { | |
|
estark
2016/08/30 23:23:56
How do you feel about adding a test to exercise th
davidben
2016/09/02 21:48:05
Done. lgarron, since Emily's OOO, could you look o
lgarron
2016/09/02 22:45:33
LGTM.
| |
| 124 key_exchange_name = l10n_util::GetStringFUTF16( | |
| 125 IDS_SSL_KEY_EXCHANGE_WITH_GROUP, key_exchange_name, | |
| 126 base::ASCIIToUTF16( | |
| 127 SSL_get_curve_name(security_info.key_exchange_group))); | |
| 128 } | |
| 129 | |
| 115 if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) { | 130 if (security_info.obsolete_ssl_status == net::OBSOLETE_SSL_NONE) { |
| 116 security_style_explanations->secure_explanations.push_back( | 131 security_style_explanations->secure_explanations.push_back( |
| 117 content::SecurityStyleExplanation( | 132 content::SecurityStyleExplanation( |
| 118 l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), | 133 l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), |
| 119 l10n_util::GetStringFUTF8(IDS_STRONG_SSL_DESCRIPTION, protocol_name, | 134 l10n_util::GetStringFUTF8(IDS_STRONG_SSL_DESCRIPTION, protocol_name, |
| 120 key_exchange_name, cipher_name))); | 135 key_exchange_name, cipher_name))); |
| 121 return; | 136 return; |
| 122 } | 137 } |
| 123 | 138 |
| 124 std::vector<base::string16> description_replacements; | 139 std::vector<base::string16> description_replacements; |
| (...skipping 174 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 299 } | 314 } |
| 300 | 315 |
| 301 state->connection_info_initialized = true; | 316 state->connection_info_initialized = true; |
| 302 state->url = entry->GetURL(); | 317 state->url = entry->GetURL(); |
| 303 const content::SSLStatus& ssl = entry->GetSSL(); | 318 const content::SSLStatus& ssl = entry->GetSSL(); |
| 304 state->initial_security_level = | 319 state->initial_security_level = |
| 305 GetSecurityLevelForSecurityStyle(ssl.security_style); | 320 GetSecurityLevelForSecurityStyle(ssl.security_style); |
| 306 state->cert_id = ssl.cert_id; | 321 state->cert_id = ssl.cert_id; |
| 307 state->cert_status = ssl.cert_status; | 322 state->cert_status = ssl.cert_status; |
| 308 state->connection_status = ssl.connection_status; | 323 state->connection_status = ssl.connection_status; |
| 324 state->key_exchange_group = ssl.key_exchange_group; | |
| 309 state->security_bits = ssl.security_bits; | 325 state->security_bits = ssl.security_bits; |
| 310 state->pkp_bypassed = ssl.pkp_bypassed; | 326 state->pkp_bypassed = ssl.pkp_bypassed; |
| 311 state->sct_verify_statuses.clear(); | 327 state->sct_verify_statuses.clear(); |
| 312 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), | 328 state->sct_verify_statuses.insert(state->sct_verify_statuses.begin(), |
| 313 ssl.sct_statuses.begin(), | 329 ssl.sct_statuses.begin(), |
| 314 ssl.sct_statuses.end()); | 330 ssl.sct_statuses.end()); |
| 315 state->displayed_mixed_content = | 331 state->displayed_mixed_content = |
| 316 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); | 332 !!(ssl.content_status & content::SSLStatus::DISPLAYED_INSECURE_CONTENT); |
| 317 state->ran_mixed_content = | 333 state->ran_mixed_content = |
| 318 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); | 334 !!(ssl.content_status & content::SSLStatus::RAN_INSECURE_CONTENT); |
| 319 state->displayed_content_with_cert_errors = | 335 state->displayed_content_with_cert_errors = |
| 320 !!(ssl.content_status & | 336 !!(ssl.content_status & |
| 321 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); | 337 content::SSLStatus::DISPLAYED_CONTENT_WITH_CERT_ERRORS); |
| 322 state->ran_content_with_cert_errors = | 338 state->ran_content_with_cert_errors = |
| 323 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); | 339 !!(ssl.content_status & content::SSLStatus::RAN_CONTENT_WITH_CERT_ERRORS); |
| 324 } | 340 } |
| OLD | NEW |
