OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/ssl_info.h" | 5 #include "net/ssl/ssl_info.h" |
6 | 6 |
7 #include "base/pickle.h" | 7 #include "base/pickle.h" |
8 #include "net/cert/cert_status_flags.h" | 8 #include "net/cert/cert_status_flags.h" |
9 #include "net/cert/ct_policy_status.h" | 9 #include "net/cert/ct_policy_status.h" |
10 #include "net/cert/signed_certificate_timestamp.h" | 10 #include "net/cert/signed_certificate_timestamp.h" |
(...skipping 23 matching lines...) Expand all Loading... |
34 client_cert_sent = info.client_cert_sent; | 34 client_cert_sent = info.client_cert_sent; |
35 channel_id_sent = info.channel_id_sent; | 35 channel_id_sent = info.channel_id_sent; |
36 token_binding_negotiated = info.token_binding_negotiated; | 36 token_binding_negotiated = info.token_binding_negotiated; |
37 token_binding_key_param = info.token_binding_key_param; | 37 token_binding_key_param = info.token_binding_key_param; |
38 handshake_type = info.handshake_type; | 38 handshake_type = info.handshake_type; |
39 public_key_hashes = info.public_key_hashes; | 39 public_key_hashes = info.public_key_hashes; |
40 pinning_failure_log = info.pinning_failure_log; | 40 pinning_failure_log = info.pinning_failure_log; |
41 signed_certificate_timestamps = info.signed_certificate_timestamps; | 41 signed_certificate_timestamps = info.signed_certificate_timestamps; |
42 ct_compliance_details_available = info.ct_compliance_details_available; | 42 ct_compliance_details_available = info.ct_compliance_details_available; |
43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; | 43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; |
| 44 ct_cert_policy_compliance = info.ct_cert_policy_compliance; |
44 | 45 |
45 return *this; | 46 return *this; |
46 } | 47 } |
47 | 48 |
48 void SSLInfo::Reset() { | 49 void SSLInfo::Reset() { |
49 cert = NULL; | 50 cert = NULL; |
50 unverified_cert = NULL; | 51 unverified_cert = NULL; |
51 cert_status = 0; | 52 cert_status = 0; |
52 security_bits = -1; | 53 security_bits = -1; |
53 key_exchange_info = 0; | 54 key_exchange_info = 0; |
54 connection_status = 0; | 55 connection_status = 0; |
55 is_issued_by_known_root = false; | 56 is_issued_by_known_root = false; |
56 client_cert_sent = false; | 57 client_cert_sent = false; |
57 channel_id_sent = false; | 58 channel_id_sent = false; |
58 token_binding_negotiated = false; | 59 token_binding_negotiated = false; |
59 token_binding_key_param = TB_PARAM_ECDSAP256; | 60 token_binding_key_param = TB_PARAM_ECDSAP256; |
60 handshake_type = HANDSHAKE_UNKNOWN; | 61 handshake_type = HANDSHAKE_UNKNOWN; |
61 public_key_hashes.clear(); | 62 public_key_hashes.clear(); |
62 pinning_failure_log.clear(); | 63 pinning_failure_log.clear(); |
63 signed_certificate_timestamps.clear(); | 64 signed_certificate_timestamps.clear(); |
64 ct_compliance_details_available = false; | 65 ct_compliance_details_available = false; |
65 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; | 66 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
| 67 ct_cert_policy_compliance = |
| 68 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS; |
66 } | 69 } |
67 | 70 |
68 void SSLInfo::SetCertError(int error) { | 71 void SSLInfo::SetCertError(int error) { |
69 cert_status |= MapNetErrorToCertStatus(error); | 72 cert_status |= MapNetErrorToCertStatus(error); |
70 } | 73 } |
71 | 74 |
72 void SSLInfo::UpdateCertificateTransparencyInfo( | 75 void SSLInfo::UpdateCertificateTransparencyInfo( |
73 const ct::CTVerifyResult& ct_verify_result) { | 76 const ct::CTVerifyResult& ct_verify_result) { |
74 for (const auto& sct : ct_verify_result.verified_scts) { | 77 for (const auto& sct : ct_verify_result.verified_scts) { |
75 signed_certificate_timestamps.push_back( | 78 signed_certificate_timestamps.push_back( |
76 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); | 79 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); |
77 } | 80 } |
78 for (const auto& sct : ct_verify_result.invalid_scts) { | 81 for (const auto& sct : ct_verify_result.invalid_scts) { |
79 signed_certificate_timestamps.push_back( | 82 signed_certificate_timestamps.push_back( |
80 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); | 83 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); |
81 } | 84 } |
82 for (const auto& sct : ct_verify_result.unknown_logs_scts) { | 85 for (const auto& sct : ct_verify_result.unknown_logs_scts) { |
83 signed_certificate_timestamps.push_back( | 86 signed_certificate_timestamps.push_back( |
84 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); | 87 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); |
85 } | 88 } |
86 | 89 |
87 ct_compliance_details_available = ct_verify_result.ct_policies_applied; | 90 ct_compliance_details_available = ct_verify_result.ct_policies_applied; |
88 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; | 91 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; |
89 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; | 92 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; |
90 } | 93 } |
91 | 94 |
92 } // namespace net | 95 } // namespace net |
OLD | NEW |