1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
6 #define CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_
8 #include "base/macros.h"
9 #include "content/public/common/security_style.h"
10 #include "net/cert/cert_status_flags.h"
14 } // namespace content
16 // This namespace contains functions responsible for computing the
17 // connection security status of a page.
18 namespace connection_security
{
20 // These security styles describe the treatment given to pages that
21 // display and run mixed content. They are used to coordinate the
22 // treatment of mixed content with other security UI elements.
23 const content::SecurityStyle kDisplayedInsecureContentStyle
=
24 content::SECURITY_STYLE_UNAUTHENTICATED
;
25 const content::SecurityStyle kRanInsecureContentStyle
=
26 content::SECURITY_STYLE_AUTHENTICATION_BROKEN
;
28 // TODO(wtc): unify this enum with SecurityStyle. We
29 // don't need two sets of security UI levels. SECURITY_STYLE_AUTHENTICATED
30 // needs to be refined into three levels: warning, standard, and EV.
31 // See crbug.com/425728
33 // If you reorder, add, or delete values from this enum, you must also
34 // update the UI icons in ToolbarModelImpl::GetIconForSecurityLevel.
36 // A Java counterpart will be generated for this enum.
37 // GENERATED_JAVA_ENUM_PACKAGE: org.chromium.chrome.browser.ssl
38 // GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel
43 // HTTPS with valid EV cert
49 // HTTPS, but unable to check certificate revocation status or with insecure
50 // content on the page
53 // HTTPS, but the certificate verification chain is anchored on a
54 // certificate that was installed by the system administrator
55 SECURITY_POLICY_WARNING
,
57 // Attempted HTTPS and failed, page not authenticated
61 // Describes how the SHA1 deprecation policy applies to an HTTPS
63 enum SHA1DeprecationStatus
{
64 // No SHA1 deprecation policy applies.
66 // The connection used a certificate with a SHA1 signature in the
67 // chain, and policy says that the connection should be treated as
69 DEPRECATED_SHA1_BROKEN
,
70 // The connection used a certificate with a SHA1 signature in the
71 // chain, and policy says that the connection should be treated with a
73 DEPRECATED_SHA1_WARNING
,
76 // Describes the type of mixed content (if any) that a site
78 enum MixedContentStatus
{
80 // The site displayed nonsecure resources (passive mixed content).
81 DISPLAYED_MIXED_CONTENT
,
82 // The site ran nonsecure resources (active mixed content).
84 // The site both ran and displayed nonsecure resources.
85 RAN_AND_DISPLAYED_MIXED_CONTENT
,
88 // Contains information about a page's security status, including a
89 // SecurityStyle and the information that was used to decide which
90 // SecurityStyle to assign.
92 content::SecurityStyle security_style
;
93 SHA1DeprecationStatus sha1_deprecation_status
;
94 MixedContentStatus mixed_content_status
;
95 net::CertStatus cert_status
;
96 bool scheme_is_cryptographic
;
99 // Returns a security level describing the overall security state of
100 // the given |WebContents|.
101 SecurityLevel
GetSecurityLevelForWebContents(
102 const content::WebContents
* web_contents
);
104 // Populates |security_info| with information describing the given
105 // |web_contents|, including a content::SecurityStyle value and security
106 // properties that caused that value to be chosen.
108 // Note: This is a lossy operation. Not all of the policies
109 // that can be expressed by a SecurityLevel (a //chrome concept) can
110 // be expressed by a content::SecurityStyle.
111 // In general, code in //chrome should prefer to use
112 // GetSecurityLevelForWebContents() to determine security policy, and
113 // only use this function when policy needs to be supplied back to
114 // layers in //content.
115 void GetSecurityInfoForWebContents(const content::WebContents
* web_contents
,
116 SecurityInfo
* security_info
);
118 } // namespace connection_security
120 #endif // CHROME_BROWSER_SSL_CONNECTION_SECURITY_H_