| OLD | NEW |
|---|
| 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2010 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/page_info_model.h" | 5 #include "chrome/browser/page_info_model.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/i18n/time_formatting.h" | 10 #include "base/i18n/time_formatting.h" |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 48 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 48 l10n_util::GetStringUTF16(IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
| 49 empty_subject_name = true; | 49 empty_subject_name = true; |
| 50 } | 50 } |
| 51 | 51 |
| 52 // Some of what IsCertStatusError classifies as errors we want to show as | 52 // Some of what IsCertStatusError classifies as errors we want to show as |
| 53 // warnings instead. | 53 // warnings instead. |
| 54 static const int cert_warnings = | 54 static const int cert_warnings = |
| 55 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | | 55 net::CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | |
| 56 net::CERT_STATUS_NO_REVOCATION_MECHANISM; | 56 net::CERT_STATUS_NO_REVOCATION_MECHANISM; |
| 57 int status_with_warnings_removed = ssl.cert_status() & ~cert_warnings; | 57 int status_with_warnings_removed = ssl.cert_status() & ~cert_warnings; |
| 58 bool show_secure_identity_msg = false; |
| 58 | 59 |
| 59 if (ssl.cert_id() && | 60 if (ssl.cert_id() && |
| 60 CertStore::GetInstance()->RetrieveCert(ssl.cert_id(), &cert) && | 61 CertStore::GetInstance()->RetrieveCert(ssl.cert_id(), &cert) && |
| 61 !net::IsCertStatusError(status_with_warnings_removed)) { | 62 !net::IsCertStatusError(status_with_warnings_removed)) { |
| 63 show_secure_identity_msg = true; |
| 62 // No error found so far, check cert_status warnings. | 64 // No error found so far, check cert_status warnings. |
| 63 int cert_status = ssl.cert_status(); | 65 int cert_status = ssl.cert_status(); |
| 64 if (cert_status & cert_warnings) { | 66 if (cert_status & cert_warnings) { |
| 65 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 67 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); |
| 66 if (issuer_name.empty()) { | 68 if (issuer_name.empty()) { |
| 67 issuer_name.assign(l10n_util::GetStringUTF16( | 69 issuer_name.assign(l10n_util::GetStringUTF16( |
| 68 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 70 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
| 69 } | 71 } |
| 70 description.assign(l10n_util::GetStringFUTF16( | 72 description.assign(l10n_util::GetStringFUTF16( |
| 71 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | 73 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 126 else | 128 else |
| 127 headline.assign(subject_name); | 129 headline.assign(subject_name); |
| 128 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); | 130 string16 issuer_name(UTF8ToUTF16(cert->issuer().GetDisplayName())); |
| 129 if (issuer_name.empty()) { | 131 if (issuer_name.empty()) { |
| 130 issuer_name.assign(l10n_util::GetStringUTF16( | 132 issuer_name.assign(l10n_util::GetStringUTF16( |
| 131 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); | 133 IDS_PAGE_INFO_SECURITY_TAB_UNKNOWN_PARTY)); |
| 132 } | 134 } |
| 133 description.assign(l10n_util::GetStringFUTF16( | 135 description.assign(l10n_util::GetStringFUTF16( |
| 134 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); | 136 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY, issuer_name)); |
| 135 } | 137 } |
| 136 } else { | 138 if (!ssl.tls_username().empty()) { |
| 139 description += ASCIIToUTF16("\n\n"); |
| 140 description += l10n_util::GetStringUTF16( |
| 141 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_PLUS_SHARED_SECRET); |
| 142 } |
| 143 } else if (ssl.tls_username().empty() || |
| 144 (!ssl.tls_username().empty() && ssl.cert_id())) { |
| 137 // HTTP or HTTPS with errors (not warnings). | 145 // HTTP or HTTPS with errors (not warnings). |
| 138 description.assign(l10n_util::GetStringUTF16( | 146 description.assign(l10n_util::GetStringUTF16( |
| 147 ssl.cert_id() && !ssl.tls_username().empty() ? |
| 148 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_BAD_CERT_OK_SHARED_SECRET : |
| 139 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); | 149 IDS_PAGE_INFO_SECURITY_TAB_INSECURE_IDENTITY)); |
| 140 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? | 150 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? |
| 141 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; | 151 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; |
| 142 | 152 |
| 143 const string16 bullet = UTF8ToUTF16("\n • "); | 153 const string16 bullet = UTF8ToUTF16("\n • "); |
| 144 std::vector<SSLErrorInfo> errors; | 154 std::vector<SSLErrorInfo> errors; |
| 145 SSLErrorInfo::GetErrorsForCertStatus(ssl.cert_id(), ssl.cert_status(), | 155 SSLErrorInfo::GetErrorsForCertStatus(ssl.cert_id(), ssl.cert_status(), |
| 146 url, &errors); | 156 url, &errors); |
| 147 for (size_t i = 0; i < errors.size(); ++i) { | 157 for (size_t i = 0; i < errors.size(); ++i) { |
| 148 description += bullet; | 158 description += bullet; |
| 149 description += errors[i].short_description(); | 159 description += errors[i].short_description(); |
| 150 } | 160 } |
| 151 | 161 |
| 152 if (ssl.cert_status() & net::CERT_STATUS_NON_UNIQUE_NAME) { | 162 if (ssl.cert_status() & net::CERT_STATUS_NON_UNIQUE_NAME) { |
| 153 description += ASCIIToUTF16("\n\n"); | 163 description += ASCIIToUTF16("\n\n"); |
| 154 description += l10n_util::GetStringUTF16( | 164 description += l10n_util::GetStringUTF16( |
| 155 IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); | 165 IDS_PAGE_INFO_SECURITY_TAB_NON_UNIQUE_NAME); |
| 156 } | 166 } |
| 167 } else if (!ssl.tls_username().empty()) { |
| 168 // HTTPS with TLS-SRP (with no certificate) |
| 169 if (!description.empty()) |
| 170 description += ASCIIToUTF16("\n\n"); |
| 171 description += l10n_util::GetStringUTF16( |
| 172 IDS_PAGE_INFO_SECURITY_TAB_SECURE_IDENTITY_SHARED_SECRET); |
| 157 } | 173 } |
| 174 |
| 175 if (!ssl.tls_username().empty()) { |
| 176 description += ASCIIToUTF16("\n\n"); |
| 177 description += l10n_util::GetStringFUTF16( |
| 178 IDS_PAGE_INFO_TLS_USER_IDENTITY, subject_name, ssl.tls_username()); |
| 179 } |
| 180 |
| 158 sections_.push_back(SectionInfo( | 181 sections_.push_back(SectionInfo( |
| 159 icon_id, | 182 icon_id, |
| 160 headline, | 183 headline, |
| 161 description, | 184 description, |
| 162 SECTION_INFO_IDENTITY)); | 185 SECTION_INFO_IDENTITY)); |
| 163 | 186 |
| 164 // Connection section. | 187 // Connection section. |
| 165 // We consider anything less than 80 bits encryption to be weak encryption. | 188 // We consider anything less than 80 bits encryption to be weak encryption. |
| 166 // TODO(wtc): Bug 1198735: report mixed/unsafe content for unencrypted and | 189 // TODO(wtc): Bug 1198735: report mixed/unsafe content for unencrypted and |
| 167 // weakly encrypted connections. | 190 // weakly encrypted connections. |
| 168 icon_id = ICON_STATE_OK; | 191 icon_id = ICON_STATE_OK; |
| 169 headline.clear(); | 192 headline.clear(); |
| 170 description.clear(); | 193 description.clear(); |
| 171 if (!ssl.cert_id()) { | 194 if (!ssl.cert_id() && ssl.tls_username().empty()) { |
| 172 // Not HTTPS. | 195 // Not HTTPS. |
| 173 DCHECK_EQ(ssl.security_style(), SECURITY_STYLE_UNAUTHENTICATED); | 196 DCHECK_EQ(ssl.security_style(), SECURITY_STYLE_UNAUTHENTICATED); |
| 174 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? | 197 icon_id = ssl.security_style() == SECURITY_STYLE_UNAUTHENTICATED ? |
| 175 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; | 198 ICON_STATE_WARNING_MAJOR : ICON_STATE_ERROR; |
| 176 description.assign(l10n_util::GetStringFUTF16( | 199 description.assign(l10n_util::GetStringFUTF16( |
| 177 IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, | 200 IDS_PAGE_INFO_SECURITY_TAB_NOT_ENCRYPTED_CONNECTION_TEXT, |
| 178 subject_name)); | 201 subject_name)); |
| 179 } else if (ssl.security_bits() < 0) { | 202 } else if (ssl.security_bits() < 0) { |
| 180 // Security strength is unknown. Say nothing. | 203 // Security strength is unknown. Say nothing. |
| 181 icon_id = ICON_STATE_ERROR; | 204 icon_id = ICON_STATE_ERROR; |
| (...skipping 177 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 359 gfx::NativeImage PageInfoModel::GetBitmapNamed(int resource_id) { | 382 gfx::NativeImage PageInfoModel::GetBitmapNamed(int resource_id) { |
| 360 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); | 383 ResourceBundle& rb = ResourceBundle::GetSharedInstance(); |
| 361 gfx::NativeImage image = rb.GetNativeImageNamed(resource_id); | 384 gfx::NativeImage image = rb.GetNativeImageNamed(resource_id); |
| 362 #if defined(OS_MACOSX) | 385 #if defined(OS_MACOSX) |
| 363 // Unlike other platforms, the Mac ResourceBundle does not keep a shared image | 386 // Unlike other platforms, the Mac ResourceBundle does not keep a shared image |
| 364 // cache. These are released in the dtor. | 387 // cache. These are released in the dtor. |
| 365 base::mac::NSObjectRetain(image); | 388 base::mac::NSObjectRetain(image); |
| 366 #endif | 389 #endif |
| 367 return image; | 390 return image; |
| 368 } | 391 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6804032:
Add TLS-SRP (RFC 5054) support
Base URL: http://git.chromium.org/git/chromium.git@trunk