| OLD | NEW |
|---|
| (Empty) |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #ifndef NET_CERT_CERT_VERIFY_RESULT_H_ | |
| 6 #define NET_CERT_CERT_VERIFY_RESULT_H_ | |
| 7 | |
| 8 #include <vector> | |
| 9 | |
| 10 #include "base/memory/ref_counted.h" | |
| 11 #include "net/base/net_export.h" | |
| 12 #include "net/cert/cert_status_flags.h" | |
| 13 #include "net/cert/x509_cert_types.h" | |
| 14 | |
| 15 namespace net { | |
| 16 | |
| 17 class X509Certificate; | |
| 18 | |
| 19 // The result of certificate verification. | |
| 20 class NET_EXPORT CertVerifyResult { | |
| 21 public: | |
| 22 CertVerifyResult(); | |
| 23 ~CertVerifyResult(); | |
| 24 | |
| 25 void Reset(); | |
| 26 | |
| 27 // Copies from |other| to |this|. | |
| 28 void CopyFrom(const CertVerifyResult& other) { | |
| 29 *this = other; | |
| 30 } | |
| 31 | |
| 32 // The certificate and chain that was constructed during verification. | |
| 33 // Note that the though the verified certificate will match the originally | |
| 34 // supplied certificate, the intermediate certificates stored within may | |
| 35 // be substantially different. In the event of a verification failure, this | |
| 36 // will contain the chain as supplied by the server. This may be NULL if | |
| 37 // running within the sandbox. | |
| 38 scoped_refptr<X509Certificate> verified_cert; | |
| 39 | |
| 40 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h. Note that | |
| 41 // these status flags apply to the certificate chain returned in | |
| 42 // |verified_cert|, rather than the originally supplied certificate | |
| 43 // chain. | |
| 44 CertStatus cert_status; | |
| 45 | |
| 46 // Properties of the certificate chain. | |
| 47 bool has_md2; | |
| 48 bool has_md4; | |
| 49 bool has_md5; | |
| 50 bool has_sha1; | |
| 51 | |
| 52 // If the certificate was successfully verified then this contains the | |
| 53 // hashes, in several hash algorithms, of the SubjectPublicKeyInfos of the | |
| 54 // chain. | |
| 55 HashValueVector public_key_hashes; | |
| 56 | |
| 57 // is_issued_by_known_root is true if we recognise the root CA as a standard | |
| 58 // root. If it isn't then it's probably the case that this certificate was | |
| 59 // generated by a MITM proxy whose root has been installed locally. This is | |
| 60 // meaningless if the certificate was not trusted. | |
| 61 bool is_issued_by_known_root; | |
| 62 | |
| 63 // is_issued_by_additional_trust_anchor is true if the root CA used for this | |
| 64 // verification came from the list of additional trust anchors. | |
| 65 bool is_issued_by_additional_trust_anchor; | |
| 66 | |
| 67 // True if a fallback to the common name was used when matching the host | |
| 68 // name, rather than using the subjectAltName. | |
| 69 bool common_name_fallback_used; | |
| 70 }; | |
| 71 | |
| 72 } // namespace net | |
| 73 | |
| 74 #endif // NET_CERT_CERT_VERIFY_RESULT_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 992733002:
Remove //net (except for Android test stuff) and sdch (Closed)
Base URL: git@github.com:domokit/mojo.git@master