1// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_BASE_CERT_VERIFY_RESULT_H_ 6#define NET_BASE_CERT_VERIFY_RESULT_H_ 7#pragma once 8 9#include <vector> 10 11#include "net/base/x509_cert_types.h" 12 13namespace net { 14 15// The result of certificate verification. Eventually this may contain the 16// certificate chain that was constructed during certificate verification. 17class CertVerifyResult { 18 public: 19 CertVerifyResult(); 20 ~CertVerifyResult(); 21 22 void Reset(); 23 24 // Bitmask of CERT_STATUS_* from net/base/cert_status_flags.h 25 int cert_status; 26 27 // Properties of the certificate chain. 28 bool has_md5; 29 bool has_md2; 30 bool has_md4; 31 bool has_md5_ca; 32 bool has_md2_ca; 33 34 // If the certificate was successfully verified then this contains the SHA1 35 // fingerprints of the SubjectPublicKeyInfos of the chain. The fingerprint 36 // from the leaf certificate will be the first element of the vector. 37 std::vector<SHA1Fingerprint> public_key_hashes; 38 39 // is_issued_by_known_root is true if we recognise the root CA as a standard 40 // root. If it isn't then it's probably the case that this certificate was 41 // generated by a MITM proxy whose root has been installed locally. This is 42 // meaningless if the certificate was not trusted. 43 bool is_issued_by_known_root; 44}; 45 46} // namespace net 47 48#endif // NET_BASE_CERT_VERIFY_RESULT_H_ 49