ssl_manager.h revision 3f50c38dc070f4bb515c1b64450dae14f316474e 
1// Copyright (c) 2010 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef CHROME_BROWSER_SSL_SSL_MANAGER_H_
6#define CHROME_BROWSER_SSL_SSL_MANAGER_H_
7#pragma once
8
9#include <string>
10
11#include "base/basictypes.h"
12#include "base/scoped_ptr.h"
13#include "base/string16.h"
14#include "chrome/browser/ssl/ssl_policy_backend.h"
15#include "chrome/common/notification_observer.h"
16#include "chrome/common/notification_registrar.h"
17#include "googleurl/src/gurl.h"
18#include "net/base/net_errors.h"
19
20class LoadFromMemoryCacheDetails;
21class NavigationController;
22class NavigationEntry;
23class ProvisionalLoadDetails;
24class ResourceDispatcherHost;
25class ResourceRedirectDetails;
26class ResourceRequestDetails;
27class SSLPolicy;
28
29namespace net {
30class URLRequest;
31}  // namespace net
32
33// The SSLManager SSLManager controls the SSL UI elements in a TabContents.  It
34// listens for various events that influence when these elements should or
35// should not be displayed and adjusts them accordingly.
36//
37// There is one SSLManager per tab.
38// The security state (secure/insecure) is stored in the navigation entry.
39// Along with it are stored any SSL error code and the associated cert.
40
41class SSLManager : public NotificationObserver {
42 public:
43  // Entry point for SSLCertificateErrors.  This function begins the process
44  // of resolving a certificate error during an SSL connection.  SSLManager
45  // will adjust the security UI and either call |Cancel| or
46  // |ContinueDespiteLastError| on the net::URLRequest.
47  //
48  // Called on the IO thread.
49  static void OnSSLCertificateError(ResourceDispatcherHost* resource_dispatcher,
50                                    net::URLRequest* request,
51                                    int cert_error,
52                                    net::X509Certificate* cert);
53
54  // Called when SSL state for a host or tab changes.  Broadcasts the
55  // SSL_INTERNAL_STATE_CHANGED notification.
56  static void NotifySSLInternalStateChanged();
57
58  // Convenience methods for serializing/deserializing the security info.
59  static std::string SerializeSecurityInfo(int cert_id,
60                                           int cert_status,
61                                           int security_bits,
62                                           int connection_status);
63  static bool DeserializeSecurityInfo(const std::string& state,
64                                      int* cert_id,
65                                      int* cert_status,
66                                      int* security_bits,
67                                      int* connection_status);
68
69  // Returns "<organization_name> [<country>]".
70  static string16 GetEVCertName(const net::X509Certificate& cert);
71
72  // Construct an SSLManager for the specified tab.
73  // If |delegate| is NULL, SSLPolicy::GetDefaultPolicy() is used.
74  explicit SSLManager(NavigationController* controller);
75  ~SSLManager();
76
77  SSLPolicy* policy() { return policy_.get(); }
78  SSLPolicyBackend* backend() { return &backend_; }
79
80  // The navigation controller associated with this SSLManager.  The
81  // NavigationController is guaranteed to outlive the SSLManager.
82  NavigationController* controller() { return controller_; }
83
84  // This entry point is called directly (instead of via the notification
85  // service) because we need more precise control of the order in which folks
86  // are notified of this event.
87  void DidCommitProvisionalLoad(const NotificationDetails& details);
88
89  // Insecure content entry point.
90  void DidRunInsecureContent(const std::string& security_origin);
91
92  // Called to determine if there were any processed SSL errors from request.
93  bool ProcessedSSLErrorFromRequest() const;
94
95  // Entry point for navigation.  This function begins the process of updating
96  // the security UI when the main frame navigates to a new URL.
97  //
98  // Called on the UI thread.
99  virtual void Observe(NotificationType type,
100                       const NotificationSource& source,
101                       const NotificationDetails& details);
102
103 private:
104  // Entry points for notifications to which we subscribe. Note that
105  // DidCommitProvisionalLoad uses the abstract NotificationDetails type since
106  // the type we need is in NavigationController which would create a circular
107  // header file dependency.
108  void DidLoadFromMemoryCache(LoadFromMemoryCacheDetails* details);
109  void DidStartResourceResponse(ResourceRequestDetails* details);
110  void DidReceiveResourceRedirect(ResourceRedirectDetails* details);
111  void DidChangeSSLInternalState();
112
113  // Update the NavigationEntry with our current state.
114  void UpdateEntry(NavigationEntry* entry);
115
116  // The backend for the SSLPolicy to actuate its decisions.
117  SSLPolicyBackend backend_;
118
119  // The SSLPolicy instance for this manager.
120  scoped_ptr<SSLPolicy> policy_;
121
122  // The NavigationController that owns this SSLManager.  We are responsible
123  // for the security UI of this tab.
124  NavigationController* controller_;
125
126  // Handles registering notifications with the NotificationService.
127  NotificationRegistrar registrar_;
128
129  DISALLOW_COPY_AND_ASSIGN(SSLManager);
130};
131
132#endif  // CHROME_BROWSER_SSL_SSL_MANAGER_H_
133