| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_CERT_VERIFY_RESULT_H_ | 5 #ifndef NET_CERT_CERT_VERIFY_RESULT_H_ |
| 6 #define NET_CERT_CERT_VERIFY_RESULT_H_ | 6 #define NET_CERT_CERT_VERIFY_RESULT_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| 11 #include "net/base/net_export.h" | 11 #include "net/base/net_export.h" |
| 12 #include "net/cert/cert_status_flags.h" | 12 #include "net/cert/cert_status_flags.h" |
| 13 #include "net/cert/ocsp_verify_result.h" | 13 #include "net/cert/ocsp_verify_result.h" |
| 14 #include "net/cert/x509_cert_types.h" | 14 #include "net/cert/x509_cert_types.h" |
| 15 | 15 |
| 16 namespace net { | 16 namespace net { |
| 17 | 17 |
| 18 class X509Certificate; | 18 class X509Certificate; |
| 19 | 19 |
| 20 // The result of certificate verification. | 20 // The result of certificate verification. |
| 21 class NET_EXPORT CertVerifyResult { | 21 class NET_EXPORT CertVerifyResult { |
| 22 public: | 22 public: |
| 23 CertVerifyResult(); | 23 CertVerifyResult(); |
| 24 CertVerifyResult(const CertVerifyResult& other); | 24 CertVerifyResult(const CertVerifyResult& other); |
| 25 ~CertVerifyResult(); | 25 ~CertVerifyResult(); |
| 26 | 26 |
| 27 void Reset(); | 27 void Reset(); |
| 28 | 28 |
| 29 // Comparing CertVerifyResult with a nullptr |verified_cert| is invalid. | |
| 30 bool operator==(const CertVerifyResult& other) const; | 29 bool operator==(const CertVerifyResult& other) const; |
| 31 | 30 |
| 32 // The certificate chain that was constructed during verification. | 31 // The certificate chain that was constructed during verification. |
| 33 // | 32 // |
| 34 // Note: Although |verified_cert| will match the originally supplied | 33 // Note: Although |verified_cert| will match the originally supplied |
| 35 // certificate to be validated, the results of GetIntermediateCertificates() | 34 // certificate to be validated, the results of GetIntermediateCertificates() |
| 36 // may be substantially different, both in order and in content, then the | 35 // may be substantially different, both in order and in content, then the |
| 37 // originally supplied intermediates. | 36 // originally supplied intermediates. |
| 38 // | 37 // |
| 39 // In the event of validation failures, this may contain the originally | 38 // In the event of validation failures, this may contain the originally |
| 40 // supplied certificate chain or a partially constructed path, depending on | 39 // supplied certificate chain or a partially constructed path, depending on |
| 41 // the implementation. | 40 // the implementation. |
| 42 // | 41 // |
| 43 // In the event of validation success, the trust anchor will be | 42 // In the event of validation success, the trust anchor will be |
| 44 // |verified_cert->GetIntermediateCertificates().back()| if | 43 // |verified_cert->GetIntermediateCertificates().back()| if |
| 45 // there was a certificate chain to the trust anchor, and will | 44 // there was a certificate chain to the trust anchor, and will |
| 46 // be |verified_cert->os_cert_handle()| if the certificate was | 45 // be |verified_cert->os_cert_handle()| if the certificate was |
| 47 // the trust anchor. | 46 // the trust anchor. |
| 48 scoped_refptr<X509Certificate> verified_cert; | 47 scoped_refptr<X509Certificate> verified_cert; |
| 49 | 48 |
| 50 // Bitmask of CERT_STATUS_* from net/cert/cert_status_flags.h. Note that | 49 // Bitmask of CERT_STATUS_* from net/cert/cert_status_flags.h. Note that |
| 51 // these status flags apply to the certificate chain returned in | 50 // these status flags apply to the certificate chain returned in |
| 52 // |verified_cert|, rather than the originally supplied certificate | 51 // |verified_cert|, rather than the originally supplied certificate |
| 53 // chain. | 52 // chain. |
| 54 CertStatus cert_status; | 53 CertStatus cert_status; |
| 55 | 54 |
| 56 // Properties of the certificate chain. | 55 // Hash algorithms used by the certificate chain, excluding the trust |
| 56 // anchor. |
| 57 bool has_md2; | 57 bool has_md2; |
| 58 bool has_md4; | 58 bool has_md4; |
| 59 bool has_md5; | 59 bool has_md5; |
| 60 bool has_sha1; | 60 bool has_sha1; |
| 61 bool has_sha1_leaf; | 61 bool has_sha1_leaf; |
| 62 | 62 |
| 63 // If the certificate was successfully verified then this contains the | 63 // If the certificate was successfully verified then this contains the |
| 64 // hashes, in several hash algorithms, of the SubjectPublicKeyInfos of the | 64 // hashes, in several hash algorithms, of the SubjectPublicKeyInfos of the |
| 65 // chain. | 65 // chain. |
| 66 HashValueVector public_key_hashes; | 66 HashValueVector public_key_hashes; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 79 // name, rather than using the subjectAltName. | 79 // name, rather than using the subjectAltName. |
| 80 bool common_name_fallback_used; | 80 bool common_name_fallback_used; |
| 81 | 81 |
| 82 // Verification of stapled OCSP response, if present. | 82 // Verification of stapled OCSP response, if present. |
| 83 OCSPVerifyResult ocsp_result; | 83 OCSPVerifyResult ocsp_result; |
| 84 }; | 84 }; |
| 85 | 85 |
| 86 } // namespace net | 86 } // namespace net |
| 87 | 87 |
| 88 #endif // NET_CERT_CERT_VERIFY_RESULT_H_ | 88 #endif // NET_CERT_CERT_VERIFY_RESULT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2624283002:
Minor comment updates to CertVerify related code. (Closed)
