Index: components/security_state/content/content_utils_unittest.cc |
diff --git a/components/security_state/content/content_utils_unittest.cc b/components/security_state/content/content_utils_unittest.cc |
index 090a835494dff613144b1fb5c45a5f67025f7bd3..2fbf436bbe47ca500aa5f543808eda229455e057 100644 |
--- a/components/security_state/content/content_utils_unittest.cc |
+++ b/components/security_state/content/content_utils_unittest.cc |
@@ -164,7 +164,7 @@ bool FindSecurityStyleExplanation( |
return false; |
} |
-// Test that connection explanations are formated as expected. Note the strings |
+// Test that connection explanations are formatted as expected. Note the strings |
// are not translated and so will be the same in any locale. |
TEST(SecurityStateContentUtilsTest, ConnectionExplanation) { |
// Test a modern configuration with a key exchange group. |
@@ -185,9 +185,9 @@ TEST(SecurityStateContentUtilsTest, ConnectionExplanation) { |
ASSERT_TRUE(FindSecurityStyleExplanation( |
explanations.secure_explanations, "Secure connection", &explanation)); |
EXPECT_EQ( |
- "The connection to this site is encrypted and authenticated using a " |
- "strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA with " |
- "X25519), and a strong cipher (CHACHA20_POLY1305).", |
+ "The connection to this site is encrypted and authenticated using TLS " |
+ "1.2 (a strong protocol), ECDHE_RSA with X25519 (a strong key " |
+ "exchange), and CHACHA20_POLY1305 (a strong cipher).", |
explanation.description); |
} |
@@ -201,9 +201,9 @@ TEST(SecurityStateContentUtilsTest, ConnectionExplanation) { |
ASSERT_TRUE(FindSecurityStyleExplanation( |
explanations.secure_explanations, "Secure connection", &explanation)); |
EXPECT_EQ( |
- "The connection to this site is encrypted and authenticated using a " |
- "strong protocol (TLS 1.2), a strong key exchange (ECDHE_RSA), and a " |
- "strong cipher (CHACHA20_POLY1305).", |
+ "The connection to this site is encrypted and authenticated using TLS " |
+ "1.2 (a strong protocol), ECDHE_RSA (a strong key exchange), and " |
+ "CHACHA20_POLY1305 (a strong cipher).", |
explanation.description); |
} |
@@ -220,9 +220,38 @@ TEST(SecurityStateContentUtilsTest, ConnectionExplanation) { |
ASSERT_TRUE(FindSecurityStyleExplanation( |
explanations.secure_explanations, "Secure connection", &explanation)); |
EXPECT_EQ( |
- "The connection to this site is encrypted and authenticated using a " |
- "strong protocol (TLS 1.3), a strong key exchange (X25519), and a " |
- "strong cipher (AES_128_GCM).", |
+ "The connection to this site is encrypted and authenticated using TLS " |
+ "1.3 (a strong protocol), X25519 (a strong key exchange), and " |
+ "AES_128_GCM (a strong cipher).", |
+ explanation.description); |
+ } |
+} |
+ |
+// Test that obsolete connection explanations are formatted as expected. |
+TEST(SecurityStateContentUtilsTest, ObsoleteConnectionExplanation) { |
+ security_state::SecurityInfo security_info; |
+ security_info.cert_status = net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION; |
+ security_info.scheme_is_cryptographic = true; |
+ net::SSLConnectionStatusSetCipherSuite( |
+ 0xc013 /* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA */, |
+ &security_info.connection_status); |
+ net::SSLConnectionStatusSetVersion(net::SSL_CONNECTION_VERSION_TLS1_2, |
+ &security_info.connection_status); |
+ security_info.key_exchange_group = 29; // X25519 |
+ security_info.obsolete_ssl_status = |
+ net::ObsoleteSSLMask::OBSOLETE_SSL_MASK_CIPHER; |
+ |
+ { |
+ content::SecurityStyleExplanations explanations; |
+ GetSecurityStyle(security_info, &explanations); |
+ content::SecurityStyleExplanation explanation; |
+ ASSERT_TRUE(FindSecurityStyleExplanation(explanations.info_explanations, |
+ "Obsolete connection settings", |
+ &explanation)); |
+ EXPECT_EQ( |
+ "The connection to this site uses TLS 1.2 (a strong protocol), " |
+ "ECDHE_RSA with X25519 (a strong key exchange), and AES_128_CBC with " |
+ "HMAC-SHA1 (an obsolete cipher).", |
explanation.description); |
} |
} |