Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(351)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_verify_result.h

Issue 6874039: Return the constructed certificate chain in X509Certificate::Verify() (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Rebased to trunk Created 9 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/cert_verify_result.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_CERT_VERIFY_RESULT_H_ 5 #ifndef NET_BASE_CERT_VERIFY_RESULT_H_
6 #define NET_BASE_CERT_VERIFY_RESULT_H_ 6 #define NET_BASE_CERT_VERIFY_RESULT_H_
7 #pragma once 7 #pragma once
8 8
9 #include <vector> 9 #include <vector>
10 10
11 #include "net/base/net_api.h" 11 #include "net/base/net_api.h"
12 #include "base/memory/ref_counted.h"
12 #include "net/base/x509_cert_types.h" 13 #include "net/base/x509_cert_types.h"
13 14
14 namespace net { 15 namespace net {
15 16
16 // The result of certificate verification. Eventually this may contain the 17 class X509Certificate;
17 // certificate chain that was constructed during certificate verification. 18
19 // The result of certificate verification.
18 class NET_API CertVerifyResult { 20 class NET_API CertVerifyResult {
19 public: 21 public:
20 CertVerifyResult(); 22 CertVerifyResult();
21 ~CertVerifyResult(); 23 ~CertVerifyResult();
22 24
23 void Reset(); 25 void Reset();
24 26
25 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h 27 // The certificate and chain that was constructed during verification.
28 // Note that the though the verified certificate will match the originally
29 // supplied certificate, the intermediate certificates stored within may
30 // be substantially different. In the event of a verification failure, this
31 // will contain the chain as supplied by the server. This may be NULL if
32 // running within the sandbox.
33 scoped_refptr<X509Certificate> verified_cert;
34
35 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h. Note that
36 // these status flags apply to the certificate chain returned in
37 // |verified_cert|, rather than the originally supplied certificate
38 // chain.
26 int cert_status; 39 int cert_status;
27 40
28 // Properties of the certificate chain. 41 // Properties of the certificate chain.
29 bool has_md5; 42 bool has_md5;
30 bool has_md2; 43 bool has_md2;
31 bool has_md4; 44 bool has_md4;
32 bool has_md5_ca; 45 bool has_md5_ca;
33 bool has_md2_ca; 46 bool has_md2_ca;
34 47
35 // If the certificate was successfully verified then this contains the SHA1 48 // If the certificate was successfully verified then this contains the SHA1
36 // fingerprints of the SubjectPublicKeyInfos of the chain. The fingerprint 49 // fingerprints of the SubjectPublicKeyInfos of the chain. The fingerprint
37 // from the leaf certificate will be the first element of the vector. 50 // from the leaf certificate will be the first element of the vector.
38 std::vector<SHA1Fingerprint> public_key_hashes; 51 std::vector<SHA1Fingerprint> public_key_hashes;
39 52
40 // is_issued_by_known_root is true if we recognise the root CA as a standard 53 // is_issued_by_known_root is true if we recognise the root CA as a standard
41 // root. If it isn't then it's probably the case that this certificate was 54 // root. If it isn't then it's probably the case that this certificate was
42 // generated by a MITM proxy whose root has been installed locally. This is 55 // generated by a MITM proxy whose root has been installed locally. This is
43 // meaningless if the certificate was not trusted. 56 // meaningless if the certificate was not trusted.
44 bool is_issued_by_known_root; 57 bool is_issued_by_known_root;
45 }; 58 };
46 59
47 } // namespace net 60 } // namespace net
48 61
49 #endif // NET_BASE_CERT_VERIFY_RESULT_H_ 62 #endif // NET_BASE_CERT_VERIFY_RESULT_H_
OLDNEW
« no previous file with comments | « no previous file | net/base/cert_verify_result.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698