Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(8)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_info.cc

Issue 2100303002: Add OCSPVerifyResult for tracking stapled OCSP responses cross-platform. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ocsp-date-check
Patch Set: Remaining nits. Created 4 years, 5 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/ssl_info.h ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/ssl/ssl_info.h" 5 #include "net/ssl/ssl_info.h"
6 6
7 #include "base/pickle.h" 7 #include "base/pickle.h"
8 #include "net/cert/cert_status_flags.h" 8 #include "net/cert/cert_status_flags.h"
9 #include "net/cert/ct_policy_status.h" 9 #include "net/cert/ct_policy_status.h"
10 #include "net/cert/signed_certificate_timestamp.h" 10 #include "net/cert/signed_certificate_timestamp.h"
(...skipping 25 matching lines...) Expand all
36 channel_id_sent = info.channel_id_sent; 36 channel_id_sent = info.channel_id_sent;
37 token_binding_negotiated = info.token_binding_negotiated; 37 token_binding_negotiated = info.token_binding_negotiated;
38 token_binding_key_param = info.token_binding_key_param; 38 token_binding_key_param = info.token_binding_key_param;
39 handshake_type = info.handshake_type; 39 handshake_type = info.handshake_type;
40 public_key_hashes = info.public_key_hashes; 40 public_key_hashes = info.public_key_hashes;
41 pinning_failure_log = info.pinning_failure_log; 41 pinning_failure_log = info.pinning_failure_log;
42 signed_certificate_timestamps = info.signed_certificate_timestamps; 42 signed_certificate_timestamps = info.signed_certificate_timestamps;
43 ct_compliance_details_available = info.ct_compliance_details_available; 43 ct_compliance_details_available = info.ct_compliance_details_available;
44 ct_ev_policy_compliance = info.ct_ev_policy_compliance; 44 ct_ev_policy_compliance = info.ct_ev_policy_compliance;
45 ct_cert_policy_compliance = info.ct_cert_policy_compliance; 45 ct_cert_policy_compliance = info.ct_cert_policy_compliance;
46 46 ocsp_result = info.ocsp_result;
47 return *this; 47 return *this;
48 } 48 }
49 49
50 void SSLInfo::Reset() { 50 void SSLInfo::Reset() {
51 cert = NULL; 51 cert = NULL;
52 unverified_cert = NULL; 52 unverified_cert = NULL;
53 cert_status = 0; 53 cert_status = 0;
54 security_bits = -1; 54 security_bits = -1;
55 key_exchange_info = 0; 55 key_exchange_info = 0;
56 connection_status = 0; 56 connection_status = 0;
57 is_issued_by_known_root = false; 57 is_issued_by_known_root = false;
58 pkp_bypassed = false; 58 pkp_bypassed = false;
59 client_cert_sent = false; 59 client_cert_sent = false;
60 channel_id_sent = false; 60 channel_id_sent = false;
61 token_binding_negotiated = false; 61 token_binding_negotiated = false;
62 token_binding_key_param = TB_PARAM_ECDSAP256; 62 token_binding_key_param = TB_PARAM_ECDSAP256;
63 handshake_type = HANDSHAKE_UNKNOWN; 63 handshake_type = HANDSHAKE_UNKNOWN;
64 public_key_hashes.clear(); 64 public_key_hashes.clear();
65 pinning_failure_log.clear(); 65 pinning_failure_log.clear();
66 signed_certificate_timestamps.clear(); 66 signed_certificate_timestamps.clear();
67 ct_compliance_details_available = false; 67 ct_compliance_details_available = false;
68 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY; 68 ct_ev_policy_compliance = ct::EVPolicyCompliance::EV_POLICY_DOES_NOT_APPLY;
69 ct_cert_policy_compliance = 69 ct_cert_policy_compliance =
70 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS; 70 ct::CertPolicyCompliance::CERT_POLICY_COMPLIES_VIA_SCTS;
71 ocsp_result = OCSPVerifyResult();
71 } 72 }
72 73
73 void SSLInfo::SetCertError(int error) { 74 void SSLInfo::SetCertError(int error) {
74 cert_status |= MapNetErrorToCertStatus(error); 75 cert_status |= MapNetErrorToCertStatus(error);
75 } 76 }
76 77
77 void SSLInfo::UpdateCertificateTransparencyInfo( 78 void SSLInfo::UpdateCertificateTransparencyInfo(
78 const ct::CTVerifyResult& ct_verify_result) { 79 const ct::CTVerifyResult& ct_verify_result) {
79 for (const auto& sct : ct_verify_result.verified_scts) { 80 for (const auto& sct : ct_verify_result.verified_scts) {
80 signed_certificate_timestamps.push_back( 81 signed_certificate_timestamps.push_back(
81 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK)); 82 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_OK));
82 } 83 }
83 for (const auto& sct : ct_verify_result.invalid_scts) { 84 for (const auto& sct : ct_verify_result.invalid_scts) {
84 signed_certificate_timestamps.push_back( 85 signed_certificate_timestamps.push_back(
85 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID)); 86 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_INVALID));
86 } 87 }
87 for (const auto& sct : ct_verify_result.unknown_logs_scts) { 88 for (const auto& sct : ct_verify_result.unknown_logs_scts) {
88 signed_certificate_timestamps.push_back( 89 signed_certificate_timestamps.push_back(
89 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN)); 90 SignedCertificateTimestampAndStatus(sct, ct::SCT_STATUS_LOG_UNKNOWN));
90 } 91 }
91 92
92 ct_compliance_details_available = ct_verify_result.ct_policies_applied; 93 ct_compliance_details_available = ct_verify_result.ct_policies_applied;
93 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance; 94 ct_cert_policy_compliance = ct_verify_result.cert_policy_compliance;
94 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance; 95 ct_ev_policy_compliance = ct_verify_result.ev_policy_compliance;
95 } 96 }
96 97
97 } // namespace net 98 } // namespace net
OLDNEW
« no previous file with comments | « net/ssl/ssl_info.h ('k') | net/test/spawned_test_server/base_test_server.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698