| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_CERT_VERIFY_RESULT_H_ | 5 #ifndef NET_CERT_CERT_VERIFY_RESULT_H_ |
| 6 #define NET_CERT_CERT_VERIFY_RESULT_H_ | 6 #define NET_CERT_CERT_VERIFY_RESULT_H_ |
| 7 | 7 |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/memory/ref_counted.h" | 10 #include "base/memory/ref_counted.h" |
| (...skipping 26 matching lines...) Expand all Loading... |
| 37 // running within the sandbox. | 37 // running within the sandbox. |
| 38 scoped_refptr<X509Certificate> verified_cert; | 38 scoped_refptr<X509Certificate> verified_cert; |
| 39 | 39 |
| 40 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h. Note that | 40 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h. Note that |
| 41 // these status flags apply to the certificate chain returned in | 41 // these status flags apply to the certificate chain returned in |
| 42 // |verified_cert|, rather than the originally supplied certificate | 42 // |verified_cert|, rather than the originally supplied certificate |
| 43 // chain. | 43 // chain. |
| 44 CertStatus cert_status; | 44 CertStatus cert_status; |
| 45 | 45 |
| 46 // Properties of the certificate chain. | 46 // Properties of the certificate chain. |
| 47 bool has_md5; | |
| 48 bool has_md2; | 47 bool has_md2; |
| 49 bool has_md4; | 48 bool has_md4; |
| 49 bool has_md5; |
| 50 bool has_sha1; |
| 50 | 51 |
| 51 // If the certificate was successfully verified then this contains the | 52 // If the certificate was successfully verified then this contains the |
| 52 // hashes, in several hash algorithms, of the SubjectPublicKeyInfos of the | 53 // hashes, in several hash algorithms, of the SubjectPublicKeyInfos of the |
| 53 // chain. | 54 // chain. |
| 54 HashValueVector public_key_hashes; | 55 HashValueVector public_key_hashes; |
| 55 | 56 |
| 56 // is_issued_by_known_root is true if we recognise the root CA as a standard | 57 // is_issued_by_known_root is true if we recognise the root CA as a standard |
| 57 // root. If it isn't then it's probably the case that this certificate was | 58 // root. If it isn't then it's probably the case that this certificate was |
| 58 // generated by a MITM proxy whose root has been installed locally. This is | 59 // generated by a MITM proxy whose root has been installed locally. This is |
| 59 // meaningless if the certificate was not trusted. | 60 // meaningless if the certificate was not trusted. |
| 60 bool is_issued_by_known_root; | 61 bool is_issued_by_known_root; |
| 61 | 62 |
| 62 // is_issued_by_additional_trust_anchor is true if the root CA used for this | 63 // is_issued_by_additional_trust_anchor is true if the root CA used for this |
| 63 // verification came from the list of additional trust anchors. | 64 // verification came from the list of additional trust anchors. |
| 64 bool is_issued_by_additional_trust_anchor; | 65 bool is_issued_by_additional_trust_anchor; |
| 65 | 66 |
| 66 // True if a fallback to the common name was used when matching the host | 67 // True if a fallback to the common name was used when matching the host |
| 67 // name, rather than using the subjectAltName. | 68 // name, rather than using the subjectAltName. |
| 68 bool common_name_fallback_used; | 69 bool common_name_fallback_used; |
| 69 }; | 70 }; |
| 70 | 71 |
| 71 } // namespace net | 72 } // namespace net |
| 72 | 73 |
| 73 #endif // NET_CERT_CERT_VERIFY_RESULT_H_ | 74 #endif // NET_CERT_CERT_VERIFY_RESULT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 509273002:
Detect SHA-1 when it appears in certificate chains (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@cert_status_extended