security_state.h | Explore in Territory

// Copyright 2015 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef COMPONENTS_SECURITY_STATE_CORE_SECURITY_STATE_H_
#define COMPONENTS_SECURITY_STATE_CORE_SECURITY_STATE_H_

#include <stdint.h>
#include <memory>
#include <string>

#include "base/feature_list.h"
#include "net/base/url_util.h"
#include "net/cert/cert_status_flags.h"
#include "net/cert/sct_status_flags.h"
#include "net/cert/x509_certificate.h"
#include "url/gurl.h"

// Provides helper methods and data types that are used to determine the
// high-level security information about a page or request.
//
// SecurityLevel is the main result, describing a page's or request's
// security state. It is computed by the platform-independent GetSecurityLevel()
// helper method, which receives platform-specific inputs from its callers in
// the form of a VisibleSecurityState struct.
namespace security_state {

// Describes the overall security state of the page.
//
// These values are persisted to logs. Entries should not be renumbered and
// numeric values should never be reused.
//
// If you change this enum, you may need to update the UI icons in
// LocationBarModelImpl::GetVectorIcon and GetIconForSecurityState.
//
// A Java counterpart will be generated for this enum.
// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.components.security_state
// GENERATED_JAVA_CLASS_NAME_OVERRIDE: ConnectionSecurityLevel
enum SecurityLevel { … };

// The ContentStatus enum is used to describe content on the page that
// has significantly different security properties than the main page
// load. Content can be passive content that is displayed (such as
// images) or active content that is run (such as scripts or iframes).
enum ContentStatus { … };

// Describes whether the page contains malicious resources such as
// malware or phishing attacks.
enum MaliciousContentStatus { … };

// Describes whether the page triggers any safety tips or reputation
// warnings.
//
// These values are persisted to logs. Entries should not be renumbered and
// numeric values should never be reused.
//
// Style note: this differs from other enums in this file to follow new
// histogram enum naming conventions
// (https://chromium.googlesource.com/chromium/src.git/+/HEAD/tools/metrics/histograms/README.md#usage).
enum class SafetyTipStatus { … };

// Information about the last safety tip shown in the UI. This is used in page
// info and security tab (in devtools) to give more information about the safety
// tip.
struct SafetyTipInfo { … };

// Contains the security state relevant to computing the SecurityLevel
// for a page. This is the input to GetSecurityLevel().
struct VisibleSecurityState { … };

// These security levels describe the treatment given to pages that
// display and run mixed content. They are used to coordinate the
// treatment of mixed content with other security UI elements.
constexpr SecurityLevel kDisplayedInsecureContentLevel = …;
constexpr SecurityLevel kDisplayedInsecureContentWarningLevel = …;
constexpr SecurityLevel kRanInsecureContentLevel = …;

// Returns a SecurityLevel to describe the current page.
// |visible_security_state| contains the relevant security state.
// |used_policy_installed_certificate| indicates whether the page or request
// is known to be loaded with a certificate installed by the system admin.
SecurityLevel GetSecurityLevel(
    const VisibleSecurityState& visible_security_state,
    bool used_policy_installed_certificate);

// Returns true if the current page was loaded using a cryptographic protocol
// and its certificate has any major errors.
bool HasMajorCertificateError(
    const VisibleSecurityState& visible_security_state);

// Returns true for a valid |url| with a cryptographic scheme, e.g., HTTPS, WSS.
bool IsSchemeCryptographic(const GURL& url);

// Returns true for a valid |url| with localhost or file:// scheme origin.
bool IsOriginLocalhostOrFile(const GURL& url);

// Returns true if the page has a valid SSL certificate. Only SECURE and
// SECURE_WITH_POLICY_INSTALLED_CERT are considered valid.
bool IsSslCertificateValid(security_state::SecurityLevel security_level);

// Returns the given prefix suffixed with a dot and the current security level.
std::string GetSecurityLevelHistogramName(
    const std::string& prefix, security_state::SecurityLevel level);

// Returns the given prefix suffixed with a dot and the given Safety Tip status.
std::string GetSafetyTipHistogramName(const std::string& prefix,
                                      SafetyTipStatus safety_tip_status);

bool IsSHA1InChain(const VisibleSecurityState& visible_security_state);

}  // namespace security_state

#endif  // COMPONENTS_SECURITY_STATE_CORE_SECURITY_STATE_H_
chromium/components/security_state/core/security_state.h
