| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/ssl_info.h" | 5 #include "net/ssl/ssl_info.h" |
| 6 | 6 |
| 7 #include "base/pickle.h" | 7 #include "base/pickle.h" |
| 8 #include "net/cert/cert_status_flags.h" | 8 #include "net/cert/cert_status_flags.h" |
| 9 #include "net/cert/ct_policy_status.h" | 9 #include "net/cert/ct_policy_status.h" |
| 10 #include "net/cert/signed_certificate_timestamp.h" | 10 #include "net/cert/signed_certificate_timestamp.h" |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 client_cert_sent = info.client_cert_sent; | 34 client_cert_sent = info.client_cert_sent; |
| 35 channel_id_sent = info.channel_id_sent; | 35 channel_id_sent = info.channel_id_sent; |
| 36 token_binding_negotiated = info.token_binding_negotiated; | 36 token_binding_negotiated = info.token_binding_negotiated; |
| 37 token_binding_key_param = info.token_binding_key_param; | 37 token_binding_key_param = info.token_binding_key_param; |
| 38 handshake_type = info.handshake_type; | 38 handshake_type = info.handshake_type; |
| 39 public_key_hashes = info.public_key_hashes; | 39 public_key_hashes = info.public_key_hashes; |
| 40 pinning_failure_log = info.pinning_failure_log; | 40 pinning_failure_log = info.pinning_failure_log; |
| 41 signed_certificate_timestamps = info.signed_certificate_timestamps; | 41 signed_certificate_timestamps = info.signed_certificate_timestamps; |
| 42 ct_compliance_details_available = info.ct_compliance_details_available; | 42 ct_compliance_details_available = info.ct_compliance_details_available; |
| 43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; | 43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; |
| 44 ct_cert_policy_compliance = info.ct_cert_policy_compliance; |
| 44 | 45 |
| 45 return *this; | 46 return *this; |
| 46 } | 47 } |
| 47 | 48 |
| 48 void SSLInfo::Reset() { | 49 void SSLInfo::Reset() { |
| 49 cert = NULL; | 50 cert = NULL; |
| 50 unverified_cert = NULL; | 51 unverified_cert = NULL; |
| 51 cert_status = 0; | 52 cert_status = 0; |
| 52 security_bits = -1; | 53 security_bits = -1; |
| 53 key_exchange_info = 0; | 54 key_exchange_info = 0; |
| 54 connection_status = 0; | 55 connection_status = 0; |
| 55 is_issued_by_known_root = false; | 56 is_issued_by_known_root = false; |
| 56 client_cert_sent = false; | 57 client_cert_sent = false; |
| 57 channel_id_sent = false; | 58 channel_id_sent = false; |
| 58 token_binding_negotiated = false; | 59 token_binding_negotiated = false; |
| 59 token_binding_key_param = TB_PARAM_ECDSAP256; | 60 token_binding_key_param = TB_PARAM_ECDSAP256; |
| 60 handshake_type = HANDSHAKE_UNKNOWN; | 61 handshake_type = HANDSHAKE_UNKNOWN; |
| 61 public_key_hashes.clear(); | 62 public_key_hashes.clear(); |
| 62 pinning_failure_log.clear(); | 63 pinning_failure_log.clear(); |
| 63 signed_certificate_timestamps.clear(); | 64 signed_certificate_timestamps.clear(); |
| 64 ct_compliance_details_available = false; | 65 ct_compliance_details_available = false; |
| 65 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; | 66 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
| 67 ct_cert_policy_compliance = |
| 68 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS; |
| 66 } | 69 } |
| 67 | 70 |
| 68 void SSLInfo::SetCertError(int error) { | 71 void SSLInfo::SetCertError(int error) { |
| 69 cert_status |= MapNetErrorToCertStatus(error); | 72 cert_status |= MapNetErrorToCertStatus(error); |
| 70 } | 73 } |
| 71 | 74 |
| 72 void SSLInfo::UpdateCertificateTransparencyInfo( | 75 void SSLInfo::UpdateCertificateTransparencyInfo( |
| 73 const ct::CTVerifyResult& ct_verify_result) { | 76 const ct::CTVerifyResult& ct_verify_result) { |
| 74 for (const auto& sct : ct_verify_result.verified_scts) { | 77 for (const auto& sct : ct_verify_result.verified_scts) { |
| 75 signed_certificate_timestamps.push_back( | 78 signed_certificate_timestamps.push_back( |
| 76 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); | 79 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); |
| 77 } | 80 } |
| 78 for (const auto& sct : ct_verify_result.invalid_scts) { | 81 for (const auto& sct : ct_verify_result.invalid_scts) { |
| 79 signed_certificate_timestamps.push_back( | 82 signed_certificate_timestamps.push_back( |
| 80 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); | 83 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); |
| 81 } | 84 } |
| 82 for (const auto& sct : ct_verify_result.unknown_logs_scts) { | 85 for (const auto& sct : ct_verify_result.unknown_logs_scts) { |
| 83 signed_certificate_timestamps.push_back( | 86 signed_certificate_timestamps.push_back( |
| 84 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); | 87 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); |
| 85 } | 88 } |
| 86 | 89 |
| 87 ct_compliance_details_available = ct_verify_result.ct_policies_applied; | 90 ct_compliance_details_available = ct_verify_result.ct_policies_applied; |
| 88 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; | 91 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; |
| 89 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; | 92 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; |
| 90 } | 93 } |
| 91 | 94 |
| 92 } // namespace net | 95 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1579063002:
Implement a skeleton version of Expect CT reports (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master