1*6777b538SAndroid Build Coastguard Worker // Copyright 2011 The Chromium Authors
2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be
3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file.
4*6777b538SAndroid Build Coastguard Worker
5*6777b538SAndroid Build Coastguard Worker #include "net/cert/cert_verify_result.h"
6*6777b538SAndroid Build Coastguard Worker
7*6777b538SAndroid Build Coastguard Worker #include <tuple>
8*6777b538SAndroid Build Coastguard Worker
9*6777b538SAndroid Build Coastguard Worker #include "base/values.h"
10*6777b538SAndroid Build Coastguard Worker #include "net/base/net_errors.h"
11*6777b538SAndroid Build Coastguard Worker #include "net/cert/ct_policy_status.h"
12*6777b538SAndroid Build Coastguard Worker #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
13*6777b538SAndroid Build Coastguard Worker #include "net/cert/x509_certificate.h"
14*6777b538SAndroid Build Coastguard Worker #include "net/cert/x509_certificate_net_log_param.h"
15*6777b538SAndroid Build Coastguard Worker
16*6777b538SAndroid Build Coastguard Worker namespace net {
17*6777b538SAndroid Build Coastguard Worker
CertVerifyResult()18*6777b538SAndroid Build Coastguard Worker CertVerifyResult::CertVerifyResult() {
19*6777b538SAndroid Build Coastguard Worker Reset();
20*6777b538SAndroid Build Coastguard Worker }
21*6777b538SAndroid Build Coastguard Worker
CertVerifyResult(const CertVerifyResult & other)22*6777b538SAndroid Build Coastguard Worker CertVerifyResult::CertVerifyResult(const CertVerifyResult& other) {
23*6777b538SAndroid Build Coastguard Worker *this = other;
24*6777b538SAndroid Build Coastguard Worker }
25*6777b538SAndroid Build Coastguard Worker
26*6777b538SAndroid Build Coastguard Worker CertVerifyResult::~CertVerifyResult() = default;
27*6777b538SAndroid Build Coastguard Worker
Reset()28*6777b538SAndroid Build Coastguard Worker void CertVerifyResult::Reset() {
29*6777b538SAndroid Build Coastguard Worker verified_cert = nullptr;
30*6777b538SAndroid Build Coastguard Worker cert_status = 0;
31*6777b538SAndroid Build Coastguard Worker has_sha1 = false;
32*6777b538SAndroid Build Coastguard Worker is_issued_by_known_root = false;
33*6777b538SAndroid Build Coastguard Worker is_issued_by_additional_trust_anchor = false;
34*6777b538SAndroid Build Coastguard Worker
35*6777b538SAndroid Build Coastguard Worker public_key_hashes.clear();
36*6777b538SAndroid Build Coastguard Worker ocsp_result = bssl::OCSPVerifyResult();
37*6777b538SAndroid Build Coastguard Worker
38*6777b538SAndroid Build Coastguard Worker scts.clear();
39*6777b538SAndroid Build Coastguard Worker policy_compliance =
40*6777b538SAndroid Build Coastguard Worker ct::CTPolicyCompliance::CT_POLICY_COMPLIANCE_DETAILS_NOT_AVAILABLE;
41*6777b538SAndroid Build Coastguard Worker }
42*6777b538SAndroid Build Coastguard Worker
NetLogParams(int net_error) const43*6777b538SAndroid Build Coastguard Worker base::Value::Dict CertVerifyResult::NetLogParams(int net_error) const {
44*6777b538SAndroid Build Coastguard Worker base::Value::Dict dict;
45*6777b538SAndroid Build Coastguard Worker DCHECK_NE(ERR_IO_PENDING, net_error);
46*6777b538SAndroid Build Coastguard Worker if (net_error < 0)
47*6777b538SAndroid Build Coastguard Worker dict.Set("net_error", net_error);
48*6777b538SAndroid Build Coastguard Worker dict.Set("is_issued_by_known_root", is_issued_by_known_root);
49*6777b538SAndroid Build Coastguard Worker if (is_issued_by_additional_trust_anchor) {
50*6777b538SAndroid Build Coastguard Worker dict.Set("is_issued_by_additional_trust_anchor", true);
51*6777b538SAndroid Build Coastguard Worker }
52*6777b538SAndroid Build Coastguard Worker dict.Set("cert_status", static_cast<int>(cert_status));
53*6777b538SAndroid Build Coastguard Worker // TODO(mattm): This double-wrapping of the certificate list is weird. Remove
54*6777b538SAndroid Build Coastguard Worker // this (probably requires updates to netlog-viewer).
55*6777b538SAndroid Build Coastguard Worker base::Value::Dict certificate_dict;
56*6777b538SAndroid Build Coastguard Worker certificate_dict.Set("certificates",
57*6777b538SAndroid Build Coastguard Worker net::NetLogX509CertificateList(verified_cert.get()));
58*6777b538SAndroid Build Coastguard Worker dict.Set("verified_cert", std::move(certificate_dict));
59*6777b538SAndroid Build Coastguard Worker
60*6777b538SAndroid Build Coastguard Worker base::Value::List hashes;
61*6777b538SAndroid Build Coastguard Worker for (const auto& public_key_hash : public_key_hashes)
62*6777b538SAndroid Build Coastguard Worker hashes.Append(public_key_hash.ToString());
63*6777b538SAndroid Build Coastguard Worker dict.Set("public_key_hashes", std::move(hashes));
64*6777b538SAndroid Build Coastguard Worker
65*6777b538SAndroid Build Coastguard Worker dict.Set("scts", net::NetLogSignedCertificateTimestampParams(&scts));
66*6777b538SAndroid Build Coastguard Worker dict.Set("ct_compliance_status",
67*6777b538SAndroid Build Coastguard Worker CTPolicyComplianceToString(policy_compliance));
68*6777b538SAndroid Build Coastguard Worker
69*6777b538SAndroid Build Coastguard Worker return dict;
70*6777b538SAndroid Build Coastguard Worker }
71*6777b538SAndroid Build Coastguard Worker
72*6777b538SAndroid Build Coastguard Worker } // namespace net
73