| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/ssl/ssl_info.h" | 5 #include "net/ssl/ssl_info.h" |
| 6 | 6 |
| 7 #include "base/pickle.h" | 7 #include "base/pickle.h" |
| 8 #include "net/cert/cert_status_flags.h" | 8 #include "net/cert/cert_status_flags.h" |
| 9 #include "net/cert/ct_policy_status.h" | 9 #include "net/cert/ct_policy_status.h" |
| 10 #include "net/cert/signed_certificate_timestamp.h" | 10 #include "net/cert/signed_certificate_timestamp.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 channel_id_sent = info.channel_id_sent; | 36 channel_id_sent = info.channel_id_sent; |
| 37 token_binding_negotiated = info.token_binding_negotiated; | 37 token_binding_negotiated = info.token_binding_negotiated; |
| 38 token_binding_key_param = info.token_binding_key_param; | 38 token_binding_key_param = info.token_binding_key_param; |
| 39 handshake_type = info.handshake_type; | 39 handshake_type = info.handshake_type; |
| 40 public_key_hashes = info.public_key_hashes; | 40 public_key_hashes = info.public_key_hashes; |
| 41 pinning_failure_log = info.pinning_failure_log; | 41 pinning_failure_log = info.pinning_failure_log; |
| 42 signed_certificate_timestamps = info.signed_certificate_timestamps; | 42 signed_certificate_timestamps = info.signed_certificate_timestamps; |
| 43 ct_compliance_details_available = info.ct_compliance_details_available; | 43 ct_compliance_details_available = info.ct_compliance_details_available; |
| 44 ct_ev_policy_compliance = info.ct_ev_policy_compliance; | 44 ct_ev_policy_compliance = info.ct_ev_policy_compliance; |
| 45 ct_cert_policy_compliance = info.ct_cert_policy_compliance; | 45 ct_cert_policy_compliance = info.ct_cert_policy_compliance; |
| 46 | 46 ocsp = info.ocsp; |
| 47 return *this; | 47 return *this; |
| 48 } | 48 } |
| 49 | 49 |
| 50 void SSLInfo::Reset() { | 50 void SSLInfo::Reset() { |
| 51 cert = NULL; | 51 cert = NULL; |
| 52 unverified_cert = NULL; | 52 unverified_cert = NULL; |
| 53 cert_status = 0; | 53 cert_status = 0; |
| 54 security_bits = -1; | 54 security_bits = -1; |
| 55 key_exchange_info = 0; | 55 key_exchange_info = 0; |
| 56 connection_status = 0; | 56 connection_status = 0; |
| 57 is_issued_by_known_root = false; | 57 is_issued_by_known_root = false; |
| 58 pkp_bypassed = false; | 58 pkp_bypassed = false; |
| 59 client_cert_sent = false; | 59 client_cert_sent = false; |
| 60 channel_id_sent = false; | 60 channel_id_sent = false; |
| 61 token_binding_negotiated = false; | 61 token_binding_negotiated = false; |
| 62 token_binding_key_param = TB_PARAM_ECDSAP256; | 62 token_binding_key_param = TB_PARAM_ECDSAP256; |
| 63 handshake_type = HANDSHAKE_UNKNOWN; | 63 handshake_type = HANDSHAKE_UNKNOWN; |
| 64 public_key_hashes.clear(); | 64 public_key_hashes.clear(); |
| 65 pinning_failure_log.clear(); | 65 pinning_failure_log.clear(); |
| 66 signed_certificate_timestamps.clear(); | 66 signed_certificate_timestamps.clear(); |
| 67 ct_compliance_details_available = false; | 67 ct_compliance_details_available = false; |
| 68 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; | 68 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; |
| 69 ct_cert_policy_compliance = | 69 ct_cert_policy_compliance = |
| 70 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS; | 70 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS; |
| 71 ocsp.Reset(); |
| 71 } | 72 } |
| 72 | 73 |
| 73 void SSLInfo::SetCertError(int error) { | 74 void SSLInfo::SetCertError(int error) { |
| 74 cert_status |= MapNetErrorToCertStatus(error); | 75 cert_status |= MapNetErrorToCertStatus(error); |
| 75 } | 76 } |
| 76 | 77 |
| 77 void SSLInfo::UpdateCertificateTransparencyInfo( | 78 void SSLInfo::UpdateCertificateTransparencyInfo( |
| 78 const ct::CTVerifyResult& ct_verify_result) { | 79 const ct::CTVerifyResult& ct_verify_result) { |
| 79 for (const auto& sct : ct_verify_result.verified_scts) { | 80 for (const auto& sct : ct_verify_result.verified_scts) { |
| 80 signed_certificate_timestamps.push_back( | 81 signed_certificate_timestamps.push_back( |
| 81 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); | 82 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); |
| 82 } | 83 } |
| 83 for (const auto& sct : ct_verify_result.invalid_scts) { | 84 for (const auto& sct : ct_verify_result.invalid_scts) { |
| 84 signed_certificate_timestamps.push_back( | 85 signed_certificate_timestamps.push_back( |
| 85 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); | 86 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); |
| 86 } | 87 } |
| 87 for (const auto& sct : ct_verify_result.unknown_logs_scts) { | 88 for (const auto& sct : ct_verify_result.unknown_logs_scts) { |
| 88 signed_certificate_timestamps.push_back( | 89 signed_certificate_timestamps.push_back( |
| 89 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); | 90 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); |
| 90 } | 91 } |
| 91 | 92 |
| 92 ct_compliance_details_available = ct_verify_result.ct_policies_applied; | 93 ct_compliance_details_available = ct_verify_result.ct_policies_applied; |
| 93 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; | 94 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; |
| 94 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; | 95 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; |
| 95 } | 96 } |
| 96 | 97 |
| 97 } // namespace net | 98 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2100303002:
Add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-date-check