1 // Copyright 2011 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/cert_verify_result.h"
6
7 #include <tuple>
8
9 #include "base/values.h"
10 #include "net/base/net_errors.h"
11 #include "net/cert/ct_policy_status.h"
12 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
13 #include "net/cert/x509_certificate.h"
14 #include "net/cert/x509_certificate_net_log_param.h"
15
16 namespace net {
17
CertVerifyResult()18 CertVerifyResult::CertVerifyResult() {
19 Reset();
20 }
21
CertVerifyResult(const CertVerifyResult & other)22 CertVerifyResult::CertVerifyResult(const CertVerifyResult& other) {
23 *this = other;
24 }
25
26 CertVerifyResult::~CertVerifyResult() = default;
27
Reset()28 void CertVerifyResult::Reset() {
29 verified_cert = nullptr;
30 cert_status = 0;
31 has_sha1 = false;
32 is_issued_by_known_root = false;
33 is_issued_by_additional_trust_anchor = false;
34
35 public_key_hashes.clear();
36 ocsp_result = bssl::OCSPVerifyResult();
37
38 scts.clear();
39 policy_compliance =
40 ct::CTPolicyCompliance::CT_POLICY_COMPLIANCE_DETAILS_NOT_AVAILABLE;
41 }
42
NetLogParams(int net_error) const43 base::Value::Dict CertVerifyResult::NetLogParams(int net_error) const {
44 base::Value::Dict dict;
45 DCHECK_NE(ERR_IO_PENDING, net_error);
46 if (net_error < 0)
47 dict.Set("net_error", net_error);
48 dict.Set("is_issued_by_known_root", is_issued_by_known_root);
49 if (is_issued_by_additional_trust_anchor) {
50 dict.Set("is_issued_by_additional_trust_anchor", true);
51 }
52 dict.Set("cert_status", static_cast<int>(cert_status));
53 // TODO(mattm): This double-wrapping of the certificate list is weird. Remove
54 // this (probably requires updates to netlog-viewer).
55 base::Value::Dict certificate_dict;
56 certificate_dict.Set("certificates",
57 net::NetLogX509CertificateList(verified_cert.get()));
58 dict.Set("verified_cert", std::move(certificate_dict));
59
60 base::Value::List hashes;
61 for (const auto& public_key_hash : public_key_hashes)
62 hashes.Append(public_key_hash.ToString());
63 dict.Set("public_key_hashes", std::move(hashes));
64
65 dict.Set("scts", net::NetLogSignedCertificateTimestampParams(&scts));
66 dict.Set("ct_compliance_status",
67 CTPolicyComplianceToString(policy_compliance));
68
69 return dict;
70 }
71
72 } // namespace net
73