| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/ssl_info.h" | 5 #include "net/ssl/ssl_info.h" |
| 6 | 6 |
| 7 #include "base/pickle.h" | 7 #include "base/pickle.h" |
| 8 #include "net/cert/cert_status_flags.h" | 8 #include "net/cert/cert_status_flags.h" |
| 9 #include "net/cert/ct_policy_status.h" |
| 9 #include "net/cert/signed_certificate_timestamp.h" | 10 #include "net/cert/signed_certificate_timestamp.h" |
| 10 #include "net/cert/x509_certificate.h" | 11 #include "net/cert/x509_certificate.h" |
| 11 | 12 |
| 12 namespace net { | 13 namespace net { |
| 13 | 14 |
| 14 SSLInfo::SSLInfo() { | 15 SSLInfo::SSLInfo() { |
| 15 Reset(); | 16 Reset(); |
| 16 } | 17 } |
| 17 | 18 |
| 18 SSLInfo::SSLInfo(const SSLInfo& info) { | 19 SSLInfo::SSLInfo(const SSLInfo& info) { |
| (...skipping 10 matching lines...) Expand all Loading... |
| 29 security_bits = info.security_bits; | 30 security_bits = info.security_bits; |
| 30 key_exchange_info = info.key_exchange_info; | 31 key_exchange_info = info.key_exchange_info; |
| 31 connection_status = info.connection_status; | 32 connection_status = info.connection_status; |
| 32 is_issued_by_known_root = info.is_issued_by_known_root; | 33 is_issued_by_known_root = info.is_issued_by_known_root; |
| 33 client_cert_sent = info.client_cert_sent; | 34 client_cert_sent = info.client_cert_sent; |
| 34 channel_id_sent = info.channel_id_sent; | 35 channel_id_sent = info.channel_id_sent; |
| 35 token_binding_negotiated = info.token_binding_negotiated; | 36 token_binding_negotiated = info.token_binding_negotiated; |
| 36 token_binding_key_param = info.token_binding_key_param; | 37 token_binding_key_param = info.token_binding_key_param; |
| 37 handshake_type = info.handshake_type; | 38 handshake_type = info.handshake_type; |
| 38 public_key_hashes = info.public_key_hashes; | 39 public_key_hashes = info.public_key_hashes; |
| 40 pinning_failure_log = info.pinning_failure_log; |
| 39 signed_certificate_timestamps = info.signed_certificate_timestamps; | 41 signed_certificate_timestamps = info.signed_certificate_timestamps; |
| 40 pinning_failure_log = info.pinning_failure_log; | 42 ct_compliance_details_available = info.ct_compliance_details_available; |
| 43 ct_ev_policy_compliance = info.ct_ev_policy_compliance; |
| 41 | 44 |
| 42 return *this; | 45 return *this; |
| 43 } | 46 } |
| 44 | 47 |
| 45 void SSLInfo::Reset() { | 48 void SSLInfo::Reset() { |
| 46 cert = NULL; | 49 cert = NULL; |
| 47 unverified_cert = NULL; | 50 unverified_cert = NULL; |
| 48 cert_status = 0; | 51 cert_status = 0; |
| 49 security_bits = -1; | 52 security_bits = -1; |
| 50 key_exchange_info = 0; | 53 key_exchange_info = 0; |
| 51 connection_status = 0; | 54 connection_status = 0; |
| 52 is_issued_by_known_root = false; | 55 is_issued_by_known_root = false; |
| 53 client_cert_sent = false; | 56 client_cert_sent = false; |
| 54 channel_id_sent = false; | 57 channel_id_sent = false; |
| 55 token_binding_negotiated = false; | 58 token_binding_negotiated = false; |
| 56 token_binding_key_param = TB_PARAM_ECDSAP256; | 59 token_binding_key_param = TB_PARAM_ECDSAP256; |
| 57 handshake_type = HANDSHAKE_UNKNOWN; | 60 handshake_type = HANDSHAKE_UNKNOWN; |
| 58 public_key_hashes.clear(); | 61 public_key_hashes.clear(); |
| 62 pinning_failure_log.clear(); |
| 59 signed_certificate_timestamps.clear(); | 63 signed_certificate_timestamps.clear(); |
| 60 pinning_failure_log.clear(); | 64 ct_compliance_details_available = false; |
| 65 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
| 61 } | 66 } |
| 62 | 67 |
| 63 void SSLInfo::SetCertError(int error) { | 68 void SSLInfo::SetCertError(int error) { |
| 64 cert_status |= MapNetErrorToCertStatus(error); | 69 cert_status |= MapNetErrorToCertStatus(error); |
| 65 } | 70 } |
| 66 | 71 |
| 67 void SSLInfo::UpdateSignedCertificateTimestamps( | 72 void SSLInfo::UpdateCertificateTransparencyInfo( |
| 68 const ct::CTVerifyResult& ct_verify_result) { | 73 const ct::CTVerifyResult& ct_verify_result) { |
| 69 for (const auto& sct : ct_verify_result.verified_scts) { | 74 for (const auto& sct : ct_verify_result.verified_scts) { |
| 70 signed_certificate_timestamps.push_back( | 75 signed_certificate_timestamps.push_back( |
| 71 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); | 76 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); |
| 72 } | 77 } |
| 73 for (const auto& sct : ct_verify_result.invalid_scts) { | 78 for (const auto& sct : ct_verify_result.invalid_scts) { |
| 74 signed_certificate_timestamps.push_back( | 79 signed_certificate_timestamps.push_back( |
| 75 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); | 80 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); |
| 76 } | 81 } |
| 77 for (const auto& sct : ct_verify_result.unknown_logs_scts) { | 82 for (const auto& sct : ct_verify_result.unknown_logs_scts) { |
| 78 signed_certificate_timestamps.push_back( | 83 signed_certificate_timestamps.push_back( |
| 79 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); | 84 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); |
| 80 } | 85 } |
| 86 |
| 87 ct_compliance_details_available = ct_verify_result.ct_policies_applied; |
| 88 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; |
| 81 } | 89 } |
| 82 | 90 |
| 83 } // namespace net | 91 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1652603002:
Add information to SSLInfo about CT EV policy compliance (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master