Chromium Code Reviews| Index: net/cert/ct_verify_result.h |
| diff --git a/net/cert/ct_verify_result.h b/net/cert/ct_verify_result.h |
| index ca163580d739be120956dad667d286db801e51d5..bd4c9f64545f26ce1ca338ac408b489b378180f3 100644 |
| --- a/net/cert/ct_verify_result.h |
| +++ b/net/cert/ct_verify_result.h |
| @@ -5,8 +5,10 @@ |
| #ifndef NET_CERT_CT_VERIFY_RESULT_H_ |
| #define NET_CERT_CT_VERIFY_RESULT_H_ |
| +#include <utility> |
| #include <vector> |
| +#include "net/cert/sct_status_flags.h" |
| #include "net/cert/ct_policy_enforcer.h" |
| #include "net/cert/signed_certificate_timestamp.h" |
| @@ -18,6 +20,12 @@ enum class CertPolicyCompliance; |
| enum class EVPolicyCompliance; |
| typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList; |
| +// TODO(eranm): Move net/ssl/signed_certificate_timestamp_and_status.h to |
| +// net/cert |
| +// then switch to using that. |
|
Ryan Sleevi
2016/08/03 19:19:40
Why? :)
|
| +typedef std::vector< |
| + std::pair<scoped_refptr<SignedCertificateTimestamp>, SCTVerifyStatus>> |
| + SCTAndStatusList; |
| // Holds Signed Certificate Timestamps, depending on their verification |
| // results, and information about CT policies that were applied on the |
| @@ -29,8 +37,9 @@ struct NET_EXPORT CTVerifyResult { |
| // SCTs from known logs where the signature verified correctly. |
| SCTList verified_scts; |
| - // SCTs from known logs where the signature failed to verify. |
| - SCTList invalid_scts; |
| + // SCTs from known logs where the signature failed to verify or the timestamp |
| + // is invalid. |
| + SCTAndStatusList invalid_scts; |
|
Ryan Sleevi
2016/08/03 19:19:40
From a design standpoint, could you explain more y
|
| // SCTs from unknown logs and as such are unverifiable. |
| SCTList unknown_logs_scts; |