Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(90)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/ct_verify_result.h

Issue 1652603002: Add information to SSLInfo about CT EV policy compliance (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: SSLClientSOcket nss fix Created 4 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/ct_policy_enforcer_unittest.cc ('K') | « net/cert/ct_policy_enforcer_unittest.cc ('k') | net/cert/ct_verify_result.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_ 5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_
6 #define NET_CERT_CT_VERIFY_RESULT_H_ 6 #define NET_CERT_CT_VERIFY_RESULT_H_
7 7
8 #include <vector> 8 #include <vector>
9 9
10 #include "net/cert/ct_policy_enforcer.h"
10 #include "net/cert/signed_certificate_timestamp.h" 11 #include "net/cert/signed_certificate_timestamp.h"
11 12
12 namespace net { 13 namespace net {
13 14
14 namespace ct { 15 namespace ct {
15 16
16 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList; 17 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList;
17 18
18 // Holds Signed Certificate Timestamps, depending on their verification results. 19 // Holds Signed Certificate Timestamps, depending on their verification
19 // More information could be tracked here about SCTs, but for the current UI 20 // results, and information about CT policies that were applied on the
20 // this categorization is enough. 21 // connection.
21 struct NET_EXPORT CTVerifyResult { 22 struct NET_EXPORT CTVerifyResult {
22 CTVerifyResult(); 23 CTVerifyResult();
23 ~CTVerifyResult(); 24 ~CTVerifyResult();
24 25
25 // SCTs from known logs where the signature verified correctly. 26 // SCTs from known logs where the signature verified correctly.
26 SCTList verified_scts; 27 SCTList verified_scts;
27 // SCTs from known logs where the signature failed to verify. 28 // SCTs from known logs where the signature failed to verify.
28 SCTList invalid_scts; 29 SCTList invalid_scts;
29 // SCTs from unknown logs and as such are unverifiable. 30 // SCTs from unknown logs and as such are unverifiable.
30 SCTList unknown_logs_scts; 31 SCTList unknown_logs_scts;
32
33 // True if any CT policies were applied on this connection.
34 bool ct_policies_applied;
35 // The result of evaluating whether the connection complies with the
36 // EV CT policy.
37 CTPolicyEnforcer::EVPolicyCompliance ev_policy_compliance;
Eran Messeri 2016/02/10 17:41:09 Wouldn't it make sense to have the EVPolicyComplia
Ryan Sleevi 2016/02/10 17:57:06 That would seem to defeat the goal of making CTPol
estark 2016/02/11 01:54:21 Done. (separate header)
31 }; 38 };
32 39
33 } // namespace ct 40 } // namespace ct
34 41
35 } // namespace net 42 } // namespace net
36 43
37 #endif // NET_CERT_CT_VERIFY_RESULT_H_ 44 #endif // NET_CERT_CT_VERIFY_RESULT_H_
OLDNEW
« net/cert/ct_policy_enforcer_unittest.cc ('K') | « net/cert/ct_policy_enforcer_unittest.cc ('k') | net/cert/ct_verify_result.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698