| OLD | NEW |
|---|
| 1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "components/security_state/security_state_model.h" | 5 #include "components/security_state/security_state_model.h" |
| 6 | 6 |
| 7 #include <stdint.h> | 7 #include <stdint.h> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "components/security_state/security_state_model_client.h" | 10 #include "components/security_state/security_state_model_client.h" |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 | 21 |
| 22 namespace { | 22 namespace { |
| 23 | 23 |
| 24 const char kHttpsUrl[] = "https://foo.test"; | 24 const char kHttpsUrl[] = "https://foo.test"; |
| 25 const char kHttpUrl[] = "http://foo.test"; | 25 const char kHttpUrl[] = "http://foo.test"; |
| 26 | 26 |
| 27 class TestSecurityStateModelClient : public SecurityStateModelClient { | 27 class TestSecurityStateModelClient : public SecurityStateModelClient { |
| 28 public: | 28 public: |
| 29 TestSecurityStateModelClient() | 29 TestSecurityStateModelClient() |
| 30 : url_(kHttpsUrl), | 30 : url_(kHttpsUrl), |
| 31 initial_security_level_(SecurityStateModel::SECURE), | |
| 32 connection_status_(net::SSL_CONNECTION_VERSION_TLS1_2 | 31 connection_status_(net::SSL_CONNECTION_VERSION_TLS1_2 |
| 33 << net::SSL_CONNECTION_VERSION_SHIFT), | 32 << net::SSL_CONNECTION_VERSION_SHIFT), |
| 34 cert_status_(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT), | 33 cert_status_(net::CERT_STATUS_SHA1_SIGNATURE_PRESENT), |
| 35 displayed_mixed_content_(false), | 34 displayed_mixed_content_(false), |
| 36 ran_mixed_content_(false), | 35 ran_mixed_content_(false), |
| 37 fails_malware_check_(false), | 36 fails_malware_check_(false), |
| 38 displayed_password_field_on_http_(false), | 37 displayed_password_field_on_http_(false), |
| 39 displayed_credit_card_field_on_http_(false) { | 38 displayed_credit_card_field_on_http_(false) { |
| 40 cert_ = | 39 cert_ = |
| 41 net::ImportCertFromFile(net::GetTestCertsDirectory(), "sha1_2016.pem"); | 40 net::ImportCertFromFile(net::GetTestCertsDirectory(), "sha1_2016.pem"); |
| (...skipping 11 matching lines...) Expand all Loading... |
| 53 } | 52 } |
| 54 void SetDisplayedMixedContent(bool displayed_mixed_content) { | 53 void SetDisplayedMixedContent(bool displayed_mixed_content) { |
| 55 displayed_mixed_content_ = displayed_mixed_content; | 54 displayed_mixed_content_ = displayed_mixed_content; |
| 56 } | 55 } |
| 57 void SetRanMixedContent(bool ran_mixed_content) { | 56 void SetRanMixedContent(bool ran_mixed_content) { |
| 58 ran_mixed_content_ = ran_mixed_content; | 57 ran_mixed_content_ = ran_mixed_content; |
| 59 } | 58 } |
| 60 void set_fails_malware_check(bool fails_malware_check) { | 59 void set_fails_malware_check(bool fails_malware_check) { |
| 61 fails_malware_check_ = fails_malware_check; | 60 fails_malware_check_ = fails_malware_check; |
| 62 } | 61 } |
| 63 void set_initial_security_level( | |
| 64 SecurityStateModel::SecurityLevel security_level) { | |
| 65 initial_security_level_ = security_level; | |
| 66 } | |
| 67 void set_displayed_password_field_on_http( | 62 void set_displayed_password_field_on_http( |
| 68 bool displayed_password_field_on_http) { | 63 bool displayed_password_field_on_http) { |
| 69 displayed_password_field_on_http_ = displayed_password_field_on_http; | 64 displayed_password_field_on_http_ = displayed_password_field_on_http; |
| 70 } | 65 } |
| 71 void set_displayed_credit_card_field_on_http( | 66 void set_displayed_credit_card_field_on_http( |
| 72 bool displayed_credit_card_field_on_http) { | 67 bool displayed_credit_card_field_on_http) { |
| 73 displayed_credit_card_field_on_http_ = displayed_credit_card_field_on_http; | 68 displayed_credit_card_field_on_http_ = displayed_credit_card_field_on_http; |
| 74 } | 69 } |
| 75 | 70 |
| 76 void UseHttpUrl() { url_ = GURL(kHttpUrl); } | 71 void UseHttpUrl() { url_ = GURL(kHttpUrl); } |
| 77 | 72 |
| 78 // SecurityStateModelClient: | 73 // SecurityStateModelClient: |
| 79 void GetVisibleSecurityState( | 74 void GetVisibleSecurityState( |
| 80 SecurityStateModel::VisibleSecurityState* state) override { | 75 SecurityStateModel::VisibleSecurityState* state) override { |
| 81 state->connection_info_initialized = true; | 76 state->connection_info_initialized = true; |
| 82 state->url = url_; | 77 state->url = url_; |
| 83 state->initial_security_level = initial_security_level_; | 78 state->certificate = cert_; |
| 84 state->cert_status = cert_status_; | 79 state->cert_status = cert_status_; |
| 85 state->connection_status = connection_status_; | 80 state->connection_status = connection_status_; |
| 86 state->security_bits = 256; | 81 state->security_bits = 256; |
| 87 state->displayed_mixed_content = displayed_mixed_content_; | 82 state->displayed_mixed_content = displayed_mixed_content_; |
| 88 state->ran_mixed_content = ran_mixed_content_; | 83 state->ran_mixed_content = ran_mixed_content_; |
| 89 state->fails_malware_check = fails_malware_check_; | 84 state->fails_malware_check = fails_malware_check_; |
| 90 state->displayed_password_field_on_http = displayed_password_field_on_http_; | 85 state->displayed_password_field_on_http = displayed_password_field_on_http_; |
| 91 state->displayed_credit_card_field_on_http = | 86 state->displayed_credit_card_field_on_http = |
| 92 displayed_credit_card_field_on_http_; | 87 displayed_credit_card_field_on_http_; |
| 93 } | 88 } |
| 94 | 89 |
| 95 bool RetrieveCert(scoped_refptr<net::X509Certificate>* cert) override { | |
| 96 *cert = cert_; | |
| 97 return true; | |
| 98 } | |
| 99 | |
| 100 bool UsedPolicyInstalledCertificate() override { return false; } | 90 bool UsedPolicyInstalledCertificate() override { return false; } |
| 101 | 91 |
| 102 bool IsOriginSecure(const GURL& url) override { | 92 bool IsOriginSecure(const GURL& url) override { |
| 103 return url_ == GURL(kHttpsUrl); | 93 return url_ == GURL(kHttpsUrl); |
| 104 } | 94 } |
| 105 | 95 |
| 106 private: | 96 private: |
| 107 GURL url_; | 97 GURL url_; |
| 108 SecurityStateModel::SecurityLevel initial_security_level_; | |
| 109 scoped_refptr<net::X509Certificate> cert_; | 98 scoped_refptr<net::X509Certificate> cert_; |
| 110 int connection_status_; | 99 int connection_status_; |
| 111 net::CertStatus cert_status_; | 100 net::CertStatus cert_status_; |
| 112 bool displayed_mixed_content_; | 101 bool displayed_mixed_content_; |
| 113 bool ran_mixed_content_; | 102 bool ran_mixed_content_; |
| 114 bool fails_malware_check_; | 103 bool fails_malware_check_; |
| 115 bool displayed_password_field_on_http_; | 104 bool displayed_password_field_on_http_; |
| 116 bool displayed_credit_card_field_on_http_; | 105 bool displayed_credit_card_field_on_http_; |
| 117 }; | 106 }; |
| 118 | 107 |
| (...skipping 18 matching lines...) Expand all Loading... |
| 137 model.SetClient(&client); | 126 model.SetClient(&client); |
| 138 client.SetDisplayedMixedContent(true); | 127 client.SetDisplayedMixedContent(true); |
| 139 SecurityStateModel::SecurityInfo security_info1; | 128 SecurityStateModel::SecurityInfo security_info1; |
| 140 model.GetSecurityInfo(&security_info1); | 129 model.GetSecurityInfo(&security_info1); |
| 141 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, | 130 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, |
| 142 security_info1.sha1_deprecation_status); | 131 security_info1.sha1_deprecation_status); |
| 143 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, | 132 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_DISPLAYED, |
| 144 security_info1.mixed_content_status); | 133 security_info1.mixed_content_status); |
| 145 EXPECT_EQ(SecurityStateModel::NONE, security_info1.security_level); | 134 EXPECT_EQ(SecurityStateModel::NONE, security_info1.security_level); |
| 146 | 135 |
| 147 client.set_initial_security_level(SecurityStateModel::DANGEROUS); | |
| 148 client.SetDisplayedMixedContent(false); | 136 client.SetDisplayedMixedContent(false); |
| 149 client.SetRanMixedContent(true); | 137 client.SetRanMixedContent(true); |
| 150 SecurityStateModel::SecurityInfo security_info2; | 138 SecurityStateModel::SecurityInfo security_info2; |
| 151 model.GetSecurityInfo(&security_info2); | 139 model.GetSecurityInfo(&security_info2); |
| 152 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, | 140 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, |
| 153 security_info2.sha1_deprecation_status); | 141 security_info2.sha1_deprecation_status); |
| 154 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, | 142 EXPECT_EQ(SecurityStateModel::CONTENT_STATUS_RAN, |
| 155 security_info2.mixed_content_status); | 143 security_info2.mixed_content_status); |
| 156 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info2.security_level); | 144 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info2.security_level); |
| 157 } | 145 } |
| 158 | 146 |
| 159 // Tests that SHA1 warnings don't interfere with the handling of major | 147 // Tests that SHA1 warnings don't interfere with the handling of major |
| 160 // cert errors. | 148 // cert errors. |
| 161 TEST(SecurityStateModelTest, SHA1WarningBrokenHTTPS) { | 149 TEST(SecurityStateModelTest, SHA1WarningBrokenHTTPS) { |
| 162 TestSecurityStateModelClient client; | 150 TestSecurityStateModelClient client; |
| 163 SecurityStateModel model; | 151 SecurityStateModel model; |
| 164 model.SetClient(&client); | 152 model.SetClient(&client); |
| 165 client.set_initial_security_level(SecurityStateModel::DANGEROUS); | |
| 166 client.AddCertStatus(net::CERT_STATUS_DATE_INVALID); | 153 client.AddCertStatus(net::CERT_STATUS_DATE_INVALID); |
| 167 SecurityStateModel::SecurityInfo security_info; | 154 SecurityStateModel::SecurityInfo security_info; |
| 168 model.GetSecurityInfo(&security_info); | 155 model.GetSecurityInfo(&security_info); |
| 169 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, | 156 EXPECT_EQ(SecurityStateModel::DEPRECATED_SHA1_MINOR, |
| 170 security_info.sha1_deprecation_status); | 157 security_info.sha1_deprecation_status); |
| 171 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); | 158 EXPECT_EQ(SecurityStateModel::DANGEROUS, security_info.security_level); |
| 172 } | 159 } |
| 173 | 160 |
| 174 // Tests that |security_info.is_secure_protocol_and_ciphersuite| is | 161 // Tests that |security_info.is_secure_protocol_and_ciphersuite| is |
| 175 // computed correctly. | 162 // computed correctly. |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 251 } | 238 } |
| 252 | 239 |
| 253 // Tests that password fields cause the security level to be downgraded | 240 // Tests that password fields cause the security level to be downgraded |
| 254 // to HTTP_SHOW_WARNING when the command-line switch is set. | 241 // to HTTP_SHOW_WARNING when the command-line switch is set. |
| 255 TEST(SecurityStateModelTest, PasswordFieldWarning) { | 242 TEST(SecurityStateModelTest, PasswordFieldWarning) { |
| 256 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( | 243 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( |
| 257 switches::kMarkHttpAs, | 244 switches::kMarkHttpAs, |
| 258 switches::kMarkHttpWithPasswordsOrCcWithChip); | 245 switches::kMarkHttpWithPasswordsOrCcWithChip); |
| 259 TestSecurityStateModelClient client; | 246 TestSecurityStateModelClient client; |
| 260 client.UseHttpUrl(); | 247 client.UseHttpUrl(); |
| 261 client.set_initial_security_level(SecurityStateModel::NONE); | |
| 262 SecurityStateModel model; | 248 SecurityStateModel model; |
| 263 model.SetClient(&client); | 249 model.SetClient(&client); |
| 264 client.set_displayed_password_field_on_http(true); | 250 client.set_displayed_password_field_on_http(true); |
| 265 SecurityStateModel::SecurityInfo security_info; | 251 SecurityStateModel::SecurityInfo security_info; |
| 266 model.GetSecurityInfo(&security_info); | 252 model.GetSecurityInfo(&security_info); |
| 267 EXPECT_EQ(SecurityStateModel::HTTP_SHOW_WARNING, | 253 EXPECT_EQ(SecurityStateModel::HTTP_SHOW_WARNING, |
| 268 security_info.security_level); | 254 security_info.security_level); |
| 269 } | 255 } |
| 270 | 256 |
| 271 // Tests that credit card fields cause the security level to be downgraded | 257 // Tests that credit card fields cause the security level to be downgraded |
| 272 // to HTTP_SHOW_WARNING when the command-line switch is set. | 258 // to HTTP_SHOW_WARNING when the command-line switch is set. |
| 273 TEST(SecurityStateModelTest, CreditCardFieldWarning) { | 259 TEST(SecurityStateModelTest, CreditCardFieldWarning) { |
| 274 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( | 260 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII( |
| 275 switches::kMarkHttpAs, | 261 switches::kMarkHttpAs, |
| 276 switches::kMarkHttpWithPasswordsOrCcWithChip); | 262 switches::kMarkHttpWithPasswordsOrCcWithChip); |
| 277 TestSecurityStateModelClient client; | 263 TestSecurityStateModelClient client; |
| 278 client.UseHttpUrl(); | 264 client.UseHttpUrl(); |
| 279 client.set_initial_security_level(SecurityStateModel::NONE); | |
| 280 SecurityStateModel model; | 265 SecurityStateModel model; |
| 281 model.SetClient(&client); | 266 model.SetClient(&client); |
| 282 client.set_displayed_credit_card_field_on_http(true); | 267 client.set_displayed_credit_card_field_on_http(true); |
| 283 SecurityStateModel::SecurityInfo security_info; | 268 SecurityStateModel::SecurityInfo security_info; |
| 284 model.GetSecurityInfo(&security_info); | 269 model.GetSecurityInfo(&security_info); |
| 285 EXPECT_EQ(SecurityStateModel::HTTP_SHOW_WARNING, | 270 EXPECT_EQ(SecurityStateModel::HTTP_SHOW_WARNING, |
| 286 security_info.security_level); | 271 security_info.security_level); |
| 287 } | 272 } |
| 288 | 273 |
| 289 // Tests that neither password nor credit fields cause the security | 274 // Tests that neither password nor credit fields cause the security |
| 290 // level to be downgraded to HTTP_SHOW_WARNING when the command-line switch | 275 // level to be downgraded to HTTP_SHOW_WARNING when the command-line switch |
| 291 // is NOT set. | 276 // is NOT set. |
| 292 TEST(SecurityStateModelTest, HttpWarningNotSetWithoutSwitch) { | 277 TEST(SecurityStateModelTest, HttpWarningNotSetWithoutSwitch) { |
| 293 TestSecurityStateModelClient client; | 278 TestSecurityStateModelClient client; |
| 294 client.UseHttpUrl(); | 279 client.UseHttpUrl(); |
| 295 client.set_initial_security_level(SecurityStateModel::NONE); | |
| 296 SecurityStateModel model; | 280 SecurityStateModel model; |
| 297 model.SetClient(&client); | 281 model.SetClient(&client); |
| 298 client.set_displayed_password_field_on_http(true); | 282 client.set_displayed_password_field_on_http(true); |
| 299 client.set_displayed_credit_card_field_on_http(true); | 283 client.set_displayed_credit_card_field_on_http(true); |
| 300 SecurityStateModel::SecurityInfo security_info; | 284 SecurityStateModel::SecurityInfo security_info; |
| 301 model.GetSecurityInfo(&security_info); | 285 model.GetSecurityInfo(&security_info); |
| 302 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); | 286 EXPECT_EQ(SecurityStateModel::NONE, security_info.security_level); |
| 303 } | 287 } |
| 304 | 288 |
| 305 } // namespace | 289 } // namespace |
| 306 | 290 |
| 307 } // namespace security_state | 291 } // namespace security_state |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2400673003:
Remove SSLStatus::security_style member and content::SecurityStyle (Closed)
