OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/ssl/ssl_info.h" | 5 #include "net/ssl/ssl_info.h" |
6 | 6 |
7 #include "base/pickle.h" | 7 #include "base/pickle.h" |
8 #include "net/cert/cert_status_flags.h" | 8 #include "net/cert/cert_status_flags.h" |
| 9 #include "net/cert/ct_policy_status.h" |
9 #include "net/cert/signed_certificate_timestamp.h" | 10 #include "net/cert/signed_certificate_timestamp.h" |
10 #include "net/cert/x509_certificate.h" | 11 #include "net/cert/x509_certificate.h" |
11 | 12 |
12 namespace net { | 13 namespace net { |
13 | 14 |
14 SSLInfo::SSLInfo() { | 15 SSLInfo::SSLInfo() { |
15 Reset(); | 16 Reset(); |
16 } | 17 } |
17 | 18 |
18 SSLInfo::SSLInfo(const SSLInfo& info) { | 19 SSLInfo::SSLInfo(const SSLInfo& info) { |
(...skipping 10 matching lines...) Expand all Loading... |
29 security_bits = info.security_bits; | 30 security_bits = info.security_bits; |
30 key_exchange_info = info.key_exchange_info; | 31 key_exchange_info = info.key_exchange_info; |
31 connection_status = info.connection_status; | 32 connection_status = info.connection_status; |
32 is_issued_by_known_root = info.is_issued_by_known_root; | 33 is_issued_by_known_root = info.is_issued_by_known_root; |
33 client_cert_sent = info.client_cert_sent; | 34 client_cert_sent = info.client_cert_sent; |
34 channel_id_sent = info.channel_id_sent; | 35 channel_id_sent = info.channel_id_sent; |
35 token_binding_negotiated = info.token_binding_negotiated; | 36 token_binding_negotiated = info.token_binding_negotiated; |
36 token_binding_key_param = info.token_binding_key_param; | 37 token_binding_key_param = info.token_binding_key_param; |
37 handshake_type = info.handshake_type; | 38 handshake_type = info.handshake_type; |
38 public_key_hashes = info.public_key_hashes; | 39 public_key_hashes = info.public_key_hashes; |
| 40 pinning_failure_log = info.pinning_failure_log; |
39 signed_certificate_timestamps = info.signed_certificate_timestamps; | 41 signed_certificate_timestamps = info.signed_certificate_timestamps; |
40 pinning_failure_log = info.pinning_failure_log; | 42 ct_compliance_details_available = info.ct_compliance_details_available; |
| 43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; |
41 | 44 |
42 return *this; | 45 return *this; |
43 } | 46 } |
44 | 47 |
45 void SSLInfo::Reset() { | 48 void SSLInfo::Reset() { |
46 cert = NULL; | 49 cert = NULL; |
47 unverified_cert = NULL; | 50 unverified_cert = NULL; |
48 cert_status = 0; | 51 cert_status = 0; |
49 security_bits = -1; | 52 security_bits = -1; |
50 key_exchange_info = 0; | 53 key_exchange_info = 0; |
51 connection_status = 0; | 54 connection_status = 0; |
52 is_issued_by_known_root = false; | 55 is_issued_by_known_root = false; |
53 client_cert_sent = false; | 56 client_cert_sent = false; |
54 channel_id_sent = false; | 57 channel_id_sent = false; |
55 token_binding_negotiated = false; | 58 token_binding_negotiated = false; |
56 token_binding_key_param = TB_PARAM_ECDSAP256; | 59 token_binding_key_param = TB_PARAM_ECDSAP256; |
57 handshake_type = HANDSHAKE_UNKNOWN; | 60 handshake_type = HANDSHAKE_UNKNOWN; |
58 public_key_hashes.clear(); | 61 public_key_hashes.clear(); |
| 62 pinning_failure_log.clear(); |
59 signed_certificate_timestamps.clear(); | 63 signed_certificate_timestamps.clear(); |
60 pinning_failure_log.clear(); | 64 ct_compliance_details_available = false; |
| 65 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
61 } | 66 } |
62 | 67 |
63 void SSLInfo::SetCertError(int error) { | 68 void SSLInfo::SetCertError(int error) { |
64 cert_status |= MapNetErrorToCertStatus(error); | 69 cert_status |= MapNetErrorToCertStatus(error); |
65 } | 70 } |
66 | 71 |
67 void SSLInfo::UpdateSignedCertificateTimestamps( | 72 void SSLInfo::UpdateCertificateTransparencyInfo( |
68 const ct::CTVerifyResult& ct_verify_result) { | 73 const ct::CTVerifyResult& ct_verify_result) { |
69 for (const auto& sct : ct_verify_result.verified_scts) { | 74 for (const auto& sct : ct_verify_result.verified_scts) { |
70 signed_certificate_timestamps.push_back( | 75 signed_certificate_timestamps.push_back( |
71 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); | 76 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); |
72 } | 77 } |
73 for (const auto& sct : ct_verify_result.invalid_scts) { | 78 for (const auto& sct : ct_verify_result.invalid_scts) { |
74 signed_certificate_timestamps.push_back( | 79 signed_certificate_timestamps.push_back( |
75 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); | 80 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); |
76 } | 81 } |
77 for (const auto& sct : ct_verify_result.unknown_logs_scts) { | 82 for (const auto& sct : ct_verify_result.unknown_logs_scts) { |
78 signed_certificate_timestamps.push_back( | 83 signed_certificate_timestamps.push_back( |
79 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); | 84 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); |
80 } | 85 } |
| 86 |
| 87 ct_compliance_details_available = ct_verify_result.ct_policies_applied; |
| 88 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; |
81 } | 89 } |
82 | 90 |
83 } // namespace net | 91 } // namespace net |
OLD | NEW |