OLD | NEW |
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/ssl/security_state_tab_helper.h" | 5 #include "chrome/browser/ssl/security_state_tab_helper.h" |
6 | 6 |
7 #include "base/command_line.h" | 7 #include "base/command_line.h" |
8 #include "base/files/file_path.h" | 8 #include "base/files/file_path.h" |
9 #include "base/macros.h" | 9 #include "base/macros.h" |
10 #include "base/strings/string_split.h" | 10 #include "base/strings/string_split.h" |
(...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
61 #include "third_party/boringssl/src/include/openssl/ssl.h" | 61 #include "third_party/boringssl/src/include/openssl/ssl.h" |
62 #include "ui/base/l10n/l10n_util.h" | 62 #include "ui/base/l10n/l10n_util.h" |
63 | 63 |
64 namespace { | 64 namespace { |
65 | 65 |
66 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE }; | 66 enum CertificateStatus { VALID_CERTIFICATE, INVALID_CERTIFICATE }; |
67 | 67 |
68 const base::FilePath::CharType kDocRoot[] = | 68 const base::FilePath::CharType kDocRoot[] = |
69 FILE_PATH_LITERAL("chrome/test/data"); | 69 FILE_PATH_LITERAL("chrome/test/data"); |
70 | 70 |
| 71 const std::string kTestCertificateIssuerName = "Test Root CA"; |
| 72 |
71 // Inject a script into every frame in the page. Used by tests that check for | 73 // Inject a script into every frame in the page. Used by tests that check for |
72 // visible password fields to wait for notifications about these | 74 // visible password fields to wait for notifications about these |
73 // fields. Notifications about visible password fields are queued at the end of | 75 // fields. Notifications about visible password fields are queued at the end of |
74 // the event loop, so waiting for a dummy script to run ensures that these | 76 // the event loop, so waiting for a dummy script to run ensures that these |
75 // notifications have been sent. | 77 // notifications have been sent. |
76 void InjectScript(content::WebContents* contents) { | 78 void InjectScript(content::WebContents* contents) { |
77 // Any frame in the page might have a password field, so inject scripts into | 79 // Any frame in the page might have a password field, so inject scripts into |
78 // all of them to ensure that notifications from all of them have been sent. | 80 // all of them to ensure that notifications from all of them have been sent. |
79 for (auto* frame : contents->GetAllFrames()) { | 81 for (auto* frame : contents->GetAllFrames()) { |
80 bool js_result = false; | 82 bool js_result = false; |
(...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
159 // Checks that the given |secure_explanations| contains an appropriate | 161 // Checks that the given |secure_explanations| contains an appropriate |
160 // explanation if the certificate status is valid. | 162 // explanation if the certificate status is valid. |
161 void CheckSecureExplanations( | 163 void CheckSecureExplanations( |
162 const std::vector<content::SecurityStyleExplanation>& secure_explanations, | 164 const std::vector<content::SecurityStyleExplanation>& secure_explanations, |
163 CertificateStatus cert_status, | 165 CertificateStatus cert_status, |
164 Browser* browser, | 166 Browser* browser, |
165 net::X509Certificate* expected_cert) { | 167 net::X509Certificate* expected_cert) { |
166 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, | 168 ASSERT_EQ(cert_status == VALID_CERTIFICATE ? 2u : 1u, |
167 secure_explanations.size()); | 169 secure_explanations.size()); |
168 if (cert_status == VALID_CERTIFICATE) { | 170 if (cert_status == VALID_CERTIFICATE) { |
| 171 ASSERT_EQ(kTestCertificateIssuerName, |
| 172 expected_cert->issuer().GetDisplayName()); |
169 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE), | 173 EXPECT_EQ(l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE), |
170 secure_explanations[0].summary); | 174 secure_explanations[0].summary); |
171 EXPECT_EQ( | 175 EXPECT_EQ(l10n_util::GetStringFUTF8( |
172 l10n_util::GetStringUTF8(IDS_VALID_SERVER_CERTIFICATE_DESCRIPTION), | 176 IDS_VALID_SERVER_CERTIFICATE_DESCRIPTION, |
173 secure_explanations[0].description); | 177 base::UTF8ToUTF16(kTestCertificateIssuerName)), |
| 178 secure_explanations[0].description); |
174 net::X509Certificate* cert = browser->tab_strip_model() | 179 net::X509Certificate* cert = browser->tab_strip_model() |
175 ->GetActiveWebContents() | 180 ->GetActiveWebContents() |
176 ->GetController() | 181 ->GetController() |
177 .GetActiveEntry() | 182 .GetActiveEntry() |
178 ->GetSSL() | 183 ->GetSSL() |
179 .certificate.get(); | 184 .certificate.get(); |
180 EXPECT_TRUE(cert->Equals(expected_cert)); | 185 EXPECT_TRUE(cert->Equals(expected_cert)); |
181 EXPECT_TRUE(secure_explanations[0].has_certificate); | 186 EXPECT_TRUE(secure_explanations[0].has_certificate); |
182 } | 187 } |
183 | 188 |
(...skipping 1929 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2113 // the TLS settings are obsolete. | 2118 // the TLS settings are obsolete. |
2114 for (const auto& explanation : | 2119 for (const auto& explanation : |
2115 observer.latest_explanations().secure_explanations) { | 2120 observer.latest_explanations().secure_explanations) { |
2116 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), | 2121 EXPECT_NE(l10n_util::GetStringUTF8(IDS_STRONG_SSL_SUMMARY), |
2117 explanation.summary); | 2122 explanation.summary); |
2118 } | 2123 } |
2119 | 2124 |
2120 // Populate description string replacement with values corresponding | 2125 // Populate description string replacement with values corresponding |
2121 // to test constants. | 2126 // to test constants. |
2122 std::vector<base::string16> description_replacements; | 2127 std::vector<base::string16> description_replacements; |
| 2128 description_replacements.push_back(base::ASCIIToUTF16("TLS 1.1")); |
2123 description_replacements.push_back( | 2129 description_replacements.push_back( |
2124 l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE_PROTOCOL)); | 2130 l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE_PROTOCOL)); |
2125 description_replacements.push_back(base::ASCIIToUTF16("TLS 1.1")); | 2131 description_replacements.push_back(base::ASCIIToUTF16("ECDHE_RSA")); |
2126 description_replacements.push_back( | 2132 description_replacements.push_back( |
2127 l10n_util::GetStringUTF16(IDS_SSL_A_STRONG_KEY_EXCHANGE)); | 2133 l10n_util::GetStringUTF16(IDS_SSL_A_STRONG_KEY_EXCHANGE)); |
2128 description_replacements.push_back(base::ASCIIToUTF16("ECDHE_RSA")); | 2134 description_replacements.push_back( |
| 2135 base::ASCIIToUTF16("AES_128_CBC with HMAC-SHA1")); |
2129 description_replacements.push_back( | 2136 description_replacements.push_back( |
2130 l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE_CIPHER)); | 2137 l10n_util::GetStringUTF16(IDS_SSL_AN_OBSOLETE_CIPHER)); |
2131 description_replacements.push_back( | |
2132 base::ASCIIToUTF16("AES_128_CBC with HMAC-SHA1")); | |
2133 base::string16 obsolete_description = l10n_util::GetStringFUTF16( | 2138 base::string16 obsolete_description = l10n_util::GetStringFUTF16( |
2134 IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements, nullptr); | 2139 IDS_OBSOLETE_SSL_DESCRIPTION, description_replacements, nullptr); |
2135 | 2140 |
2136 EXPECT_EQ( | 2141 EXPECT_EQ( |
2137 obsolete_description, | 2142 obsolete_description, |
2138 base::ASCIIToUTF16( | 2143 base::ASCIIToUTF16( |
2139 observer.latest_explanations().info_explanations[0].description)); | 2144 observer.latest_explanations().info_explanations[0].description)); |
2140 } | 2145 } |
2141 | 2146 |
2142 } // namespace | 2147 } // namespace |
OLD | NEW |