| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_ | 5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_ |
| 6 #define NET_CERT_CT_VERIFY_RESULT_H_ | 6 #define NET_CERT_CT_VERIFY_RESULT_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "net/cert/ct_policy_enforcer.h" | 10 #include "net/cert/ct_policy_enforcer.h" |
| 11 #include "net/cert/signed_certificate_timestamp.h" | 11 #include "net/cert/signed_certificate_timestamp.h" |
| 12 | 12 |
| 13 namespace net { | 13 namespace net { |
| 14 | 14 |
| 15 namespace ct { | 15 namespace ct { |
| 16 | 16 |
| 17 enum class CertPolicyCompliance; |
| 17 enum class EVPolicyCompliance; | 18 enum class EVPolicyCompliance; |
| 18 | 19 |
| 19 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList; | 20 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList; |
| 20 | 21 |
| 21 // Holds Signed Certificate Timestamps, depending on their verification | 22 // Holds Signed Certificate Timestamps, depending on their verification |
| 22 // results, and information about CT policies that were applied on the | 23 // results, and information about CT policies that were applied on the |
| 23 // connection. | 24 // connection. |
| 24 struct NET_EXPORT CTVerifyResult { | 25 struct NET_EXPORT CTVerifyResult { |
| 25 CTVerifyResult(); | 26 CTVerifyResult(); |
| 26 ~CTVerifyResult(); | 27 ~CTVerifyResult(); |
| 27 | 28 |
| 28 // SCTs from known logs where the signature verified correctly. | 29 // SCTs from known logs where the signature verified correctly. |
| 29 SCTList verified_scts; | 30 SCTList verified_scts; |
| 30 // SCTs from known logs where the signature failed to verify. | 31 // SCTs from known logs where the signature failed to verify. |
| 31 SCTList invalid_scts; | 32 SCTList invalid_scts; |
| 32 // SCTs from unknown logs and as such are unverifiable. | 33 // SCTs from unknown logs and as such are unverifiable. |
| 33 SCTList unknown_logs_scts; | 34 SCTList unknown_logs_scts; |
| 34 | 35 |
| 35 // True if any CT policies were applied on this connection. | 36 // True if any CT policies were applied on this connection. |
| 36 bool ct_policies_applied; | 37 bool ct_policies_applied; |
| 37 // The result of evaluating whether the connection complies with the | 38 // The result of evaluating whether the connection complies with the |
| 39 // CT certificate policy. |
| 40 CertPolicyCompliance cert_policy_compliance; |
| 41 // The result of evaluating whether the connection complies with the |
| 38 // EV CT policy. | 42 // EV CT policy. |
| 39 EVPolicyCompliance ev_policy_compliance; | 43 EVPolicyCompliance ev_policy_compliance; |
| 40 }; | 44 }; |
| 41 | 45 |
| 42 } // namespace ct | 46 } // namespace ct |
| 43 | 47 |
| 44 } // namespace net | 48 } // namespace net |
| 45 | 49 |
| 46 #endif // NET_CERT_CT_VERIFY_RESULT_H_ | 50 #endif // NET_CERT_CT_VERIFY_RESULT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1578993003:
Add Expect CT policy that gets checked on all certs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master