Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(53)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_policy_enforcer.cc

Issue 795013003: Certificate Transparency: Remove SSLWatcher's Alpha log. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Created 6 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/cert/cert_policy_enforcer.h ('k') | net/cert/cert_policy_enforcer_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/cert/cert_policy_enforcer.h" 5 #include "net/cert/cert_policy_enforcer.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/build_time.h" 9 #include "base/build_time.h"
10 #include "base/metrics/field_trial.h" 10 #include "base/metrics/field_trial.h"
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
60 CT_COMPLIANCE_MAX, 60 CT_COMPLIANCE_MAX,
61 }; 61 };
62 62
63 void LogCTComplianceStatusToUMA(CTComplianceStatus status) { 63 void LogCTComplianceStatusToUMA(CTComplianceStatus status) {
64 UMA_HISTOGRAM_ENUMERATION("Net.SSL_EVCertificateCTCompliance", status, 64 UMA_HISTOGRAM_ENUMERATION("Net.SSL_EVCertificateCTCompliance", status,
65 CT_COMPLIANCE_MAX); 65 CT_COMPLIANCE_MAX);
66 } 66 }
67 67
68 } // namespace 68 } // namespace
69 69
70 CertPolicyEnforcer::CertPolicyEnforcer(size_t num_ct_logs, 70 CertPolicyEnforcer::CertPolicyEnforcer(bool require_ct_for_ev)
71 bool require_ct_for_ev) 71 : require_ct_for_ev_(require_ct_for_ev) {
72 : num_ct_logs_(num_ct_logs), require_ct_for_ev_(require_ct_for_ev) {
73 } 72 }
74 73
75 CertPolicyEnforcer::~CertPolicyEnforcer() { 74 CertPolicyEnforcer::~CertPolicyEnforcer() {
76 } 75 }
77 76
78 bool CertPolicyEnforcer::DoesConformToCTEVPolicy( 77 bool CertPolicyEnforcer::DoesConformToCTEVPolicy(
79 X509Certificate* cert, 78 X509Certificate* cert,
80 const ct::EVCertsWhitelist* ev_whitelist, 79 const ct::EVCertsWhitelist* ev_whitelist,
81 const ct::CTVerifyResult& ct_result) { 80 const ct::CTVerifyResult& ct_result) {
82 if (!require_ct_for_ev_) 81 if (!require_ct_for_ev_)
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after
150 if (expiry_in_months_approx > 39) { 149 if (expiry_in_months_approx > 39) {
151 num_required_embedded_scts = 5; 150 num_required_embedded_scts = 5;
152 } else if (expiry_in_months_approx > 27) { 151 } else if (expiry_in_months_approx > 27) {
153 num_required_embedded_scts = 4; 152 num_required_embedded_scts = 4;
154 } else if (expiry_in_months_approx >= 15) { 153 } else if (expiry_in_months_approx >= 15) {
155 num_required_embedded_scts = 3; 154 num_required_embedded_scts = 3;
156 } else { 155 } else {
157 num_required_embedded_scts = 2; 156 num_required_embedded_scts = 2;
158 } 157 }
159 158
160 size_t min_acceptable_logs = std::max(num_ct_logs_, static_cast<size_t>(2u)); 159 return num_embedded_scts >= num_required_embedded_scts;
161 return num_embedded_scts >=
162 std::min(num_required_embedded_scts, min_acceptable_logs);
163 } 160 }
164 161
165 } // namespace net 162 } // namespace net
OLDNEW
« no previous file with comments | « net/cert/cert_policy_enforcer.h ('k') | net/cert/cert_policy_enforcer_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698