| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived | 5 // This file includes code SSLClientSocketNSS::DoVerifyCertComplete() derived |
| 6 // from AuthCertificateCallback() in | 6 // from AuthCertificateCallback() in |
| 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. | 7 // mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp. |
| 8 | 8 |
| 9 /* ***** BEGIN LICENSE BLOCK ***** | 9 /* ***** BEGIN LICENSE BLOCK ***** |
| 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 | 10 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 |
| (...skipping 3497 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3508 if (!cert_transparency_verifier_) | 3508 if (!cert_transparency_verifier_) |
| 3509 return; | 3509 return; |
| 3510 | 3510 |
| 3511 // Note that this is a completely synchronous operation: The CT Log Verifier | 3511 // Note that this is a completely synchronous operation: The CT Log Verifier |
| 3512 // gets all the data it needs for SCT verification and does not do any | 3512 // gets all the data it needs for SCT verification and does not do any |
| 3513 // external communication. | 3513 // external communication. |
| 3514 int result = cert_transparency_verifier_->Verify( | 3514 int result = cert_transparency_verifier_->Verify( |
| 3515 server_cert_verify_result_.verified_cert, | 3515 server_cert_verify_result_.verified_cert, |
| 3516 std::string(), // SCT list from OCSP response | 3516 std::string(), // SCT list from OCSP response |
| 3517 std::string(), // SCT list from TLS extension | 3517 std::string(), // SCT list from TLS extension |
| 3518 &ct_verify_result_); | 3518 &ct_verify_result_, |
| 3519 net_log_); |
| 3519 | 3520 |
| 3520 VLOG(1) << "CT Verification complete: result " << result | 3521 VLOG(1) << "CT Verification complete: result " << result |
| 3521 << " Invalid scts: " << ct_verify_result_.invalid_scts.size() | 3522 << " Invalid scts: " << ct_verify_result_.invalid_scts.size() |
| 3522 << " Verified scts: " << ct_verify_result_.verified_scts.size() | 3523 << " Verified scts: " << ct_verify_result_.verified_scts.size() |
| 3523 << " scts from unknown logs: " | 3524 << " scts from unknown logs: " |
| 3524 << ct_verify_result_.unknown_logs_scts.size(); | 3525 << ct_verify_result_.unknown_logs_scts.size(); |
| 3525 } | 3526 } |
| 3526 | 3527 |
| 3527 void SSLClientSocketNSS::LogConnectionTypeMetrics() const { | 3528 void SSLClientSocketNSS::LogConnectionTypeMetrics() const { |
| 3528 UpdateConnectionTypeHistograms(CONNECTION_SSL); | 3529 UpdateConnectionTypeHistograms(CONNECTION_SSL); |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3580 SignedCertificateTimestampAndStatus(*iter, | 3581 SignedCertificateTimestampAndStatus(*iter, |
| 3581 ct::SCT_STATUS_LOG_UNKNOWN)); | 3582 ct::SCT_STATUS_LOG_UNKNOWN)); |
| 3582 } | 3583 } |
| 3583 } | 3584 } |
| 3584 | 3585 |
| 3585 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { | 3586 ServerBoundCertService* SSLClientSocketNSS::GetServerBoundCertService() const { |
| 3586 return server_bound_cert_service_; | 3587 return server_bound_cert_service_; |
| 3587 } | 3588 } |
| 3588 | 3589 |
| 3589 } // namespace net | 3590 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 86503002:
Certificate Transparency: Logging SCTs to the NetLog. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src