ssl_manager.h revision 3345a6884c488ff3a535c2c9acdd33d74b37e311 
1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_SSL_SSL_MANAGER_H_
6#define CHROME_BROWSER_SSL_SSL_MANAGER_H_
7#pragma once
8
9#include <string>
10
11#include "base/basictypes.h"
12#include "base/scoped_ptr.h"
13#include "chrome/browser/ssl/ssl_policy_backend.h"
14#include "chrome/common/notification_observer.h"
15#include "chrome/common/notification_registrar.h"
16#include "googleurl/src/gurl.h"
17#include "net/base/net_errors.h"
18
19class LoadFromMemoryCacheDetails;
20class NavigationController;
21class NavigationEntry;
22class ProvisionalLoadDetails;
23class ResourceDispatcherHost;
24class ResourceRedirectDetails;
25class ResourceRequestDetails;
26class SSLPolicy;
27class URLRequest;
28
29// The SSLManager SSLManager controls the SSL UI elements in a TabContents.  It
30// listens for various events that influence when these elements should or
31// should not be displayed and adjusts them accordingly.
32//
33// There is one SSLManager per tab.
34// The security state (secure/insecure) is stored in the navigation entry.
35// Along with it are stored any SSL error code and the associated cert.
36
37class SSLManager : public NotificationObserver {
38 public:
39  // Entry point for SSLCertificateErrors.  This function begins the process
40  // of resolving a certificate error during an SSL connection.  SSLManager
41  // will adjust the security UI and either call |Cancel| or
42  // |ContinueDespiteLastError| on the URLRequest.
43  //
44  // Called on the IO thread.
45  static void OnSSLCertificateError(ResourceDispatcherHost* resource_dispatcher,
46                                    URLRequest* request,
47                                    int cert_error,
48                                    net::X509Certificate* cert);
49
50  // Called when SSL state for a host or tab changes.  Broadcasts the
51  // SSL_INTERNAL_STATE_CHANGED notification.
52  static void NotifySSLInternalStateChanged();
53
54  // Convenience methods for serializing/deserializing the security info.
55  static std::string SerializeSecurityInfo(int cert_id,
56                                           int cert_status,
57                                           int security_bits,
58                                           int connection_status);
59  static bool DeserializeSecurityInfo(const std::string& state,
60                                      int* cert_id,
61                                      int* cert_status,
62                                      int* security_bits,
63                                      int* connection_status);
64
65  // Returns "<organization_name> [<country>]".
66  static std::wstring GetEVCertName(const net::X509Certificate& cert);
67
68  // Construct an SSLManager for the specified tab.
69  // If |delegate| is NULL, SSLPolicy::GetDefaultPolicy() is used.
70  explicit SSLManager(NavigationController* controller);
71  ~SSLManager();
72
73  SSLPolicy* policy() { return policy_.get(); }
74  SSLPolicyBackend* backend() { return &backend_; }
75
76  // The navigation controller associated with this SSLManager.  The
77  // NavigationController is guaranteed to outlive the SSLManager.
78  NavigationController* controller() { return controller_; }
79
80  // This entry point is called directly (instead of via the notification
81  // service) because we need more precise control of the order in which folks
82  // are notified of this event.
83  void DidCommitProvisionalLoad(const NotificationDetails& details);
84
85  // Insecure content entry point.
86  void DidRunInsecureContent(const std::string& security_origin);
87
88  // Called to determine if there were any processed SSL errors from request.
89  bool ProcessedSSLErrorFromRequest() const;
90
91  // Entry point for navigation.  This function begins the process of updating
92  // the security UI when the main frame navigates to a new URL.
93  //
94  // Called on the UI thread.
95  virtual void Observe(NotificationType type,
96                       const NotificationSource& source,
97                       const NotificationDetails& details);
98
99 private:
100  // Entry points for notifications to which we subscribe. Note that
101  // DidCommitProvisionalLoad uses the abstract NotificationDetails type since
102  // the type we need is in NavigationController which would create a circular
103  // header file dependency.
104  void DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details);
105  void DidStartResourceResponse(ResourceRequestDetails* details);
106  void DidReceiveResourceRedirect(ResourceRedirectDetails* details);
107  void DidChangeSSLInternalState();
108
109  // Update the NavigationEntry with our current state.
110  void UpdateEntry(NavigationEntry* entry);
111
112  // The backend for the SSLPolicy to actuate its decisions.
113  SSLPolicyBackend backend_;
114
115  // The SSLPolicy instance for this manager.
116  scoped_ptr<SSLPolicy> policy_;
117
118  // The NavigationController that owns this SSLManager.  We are responsible
119  // for the security UI of this tab.
120  NavigationController* controller_;
121
122  // Handles registering notifications with the NotificationService.
123  NotificationRegistrar registrar_;
124
125  DISALLOW_COPY_AND_ASSIGN(SSLManager);
126};
127
128#endif  // CHROME_BROWSER_SSL_SSL_MANAGER_H_
129