1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #include "net/cert/cert_verify_result.h"
6 
7 #include <tuple>
8 
9 #include "base/values.h"
10 #include "net/base/net_errors.h"
11 #include "net/cert/x509_certificate.h"
12 #include "net/cert/x509_certificate_net_log_param.h"
13 
14 namespace net {
15 
CertVerifyResult()16 CertVerifyResult::CertVerifyResult() {
17   Reset();
18 }
19 
CertVerifyResult(const CertVerifyResult & other)20 CertVerifyResult::CertVerifyResult(const CertVerifyResult& other) {
21   *this = other;
22 }
23 
24 CertVerifyResult::~CertVerifyResult() = default;
25 
operator =(const CertVerifyResult & other)26 CertVerifyResult& CertVerifyResult::operator=(const CertVerifyResult& other) {
27   verified_cert = other.verified_cert;
28   cert_status = other.cert_status;
29   has_md2 = other.has_md2;
30   has_md4 = other.has_md4;
31   has_md5 = other.has_md5;
32   has_sha1 = other.has_sha1;
33   has_sha1_leaf = other.has_sha1_leaf;
34   is_issued_by_known_root = other.is_issued_by_known_root;
35   is_issued_by_additional_trust_anchor =
36       other.is_issued_by_additional_trust_anchor;
37 
38   public_key_hashes = other.public_key_hashes;
39   ocsp_result = other.ocsp_result;
40 
41   ClearAllUserData();
42   CloneDataFrom(other);
43 
44   return *this;
45 }
46 
Reset()47 void CertVerifyResult::Reset() {
48   verified_cert = nullptr;
49   cert_status = 0;
50   has_md2 = false;
51   has_md4 = false;
52   has_md5 = false;
53   has_sha1 = false;
54   has_sha1_leaf = false;
55   is_issued_by_known_root = false;
56   is_issued_by_additional_trust_anchor = false;
57 
58   public_key_hashes.clear();
59   ocsp_result = OCSPVerifyResult();
60 
61   ClearAllUserData();
62 }
63 
NetLogParams(int net_error) const64 base::Value CertVerifyResult::NetLogParams(int net_error) const {
65   base::DictionaryValue results;
66   DCHECK_NE(ERR_IO_PENDING, net_error);
67   if (net_error < 0)
68     results.SetIntKey("net_error", net_error);
69   if (has_md5)
70     results.SetBoolKey("has_md5", true);
71   if (has_md2)
72     results.SetBoolKey("has_md2", true);
73   if (has_md4)
74     results.SetBoolKey("has_md4", true);
75   results.SetBoolKey("is_issued_by_known_root", is_issued_by_known_root);
76   if (is_issued_by_additional_trust_anchor) {
77     results.SetBoolKey("is_issued_by_additional_trust_anchor", true);
78   }
79   results.SetIntKey("cert_status", cert_status);
80   // TODO(mattm): This double-wrapping of the certificate list is weird. Remove
81   // this (probably requires updates to netlog-viewer).
82   base::Value certificate_dict(base::Value::Type::DICTIONARY);
83   certificate_dict.SetKey("certificates",
84                           net::NetLogX509CertificateList(verified_cert.get()));
85   results.SetKey("verified_cert", std::move(certificate_dict));
86 
87   base::Value hashes(base::Value::Type::LIST);
88   for (const auto& public_key_hash : public_key_hashes)
89     hashes.Append(public_key_hash.ToString());
90   results.SetKey("public_key_hashes", std::move(hashes));
91 
92   return std::move(results);
93 }
94 
95 }  // namespace net
96