Chromium Code Reviews Chromium Code Reviews
Issue 2277653002:
Bring back SCT_STATUS_INVALID for cached entries (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_CERT_SCT_STATUS_FLAGS_H_ | 5 #ifndef NET_CERT_SCT_STATUS_FLAGS_H_ |
| 6 #define NET_CERT_SCT_STATUS_FLAGS_H_ | 6 #define NET_CERT_SCT_STATUS_FLAGS_H_ |
| 7 | 7 |
| 8 namespace net { | 8 namespace net { |
| 9 | 9 |
| 10 namespace ct { | 10 namespace ct { |
| 11 | 11 |
| 12 // The possible verification statuses for a SignedCertificateTimestamp. | 12 // The possible verification statuses for a SignedCertificateTimestamp. |
| 13 // Note: The numeric values are used within histograms and should not change | 13 // Note: The numeric values are used within histograms and should not change |
| 14 // or be re-assigned. | 14 // or be re-assigned. |
| 15 enum SCTVerifyStatus { | 15 enum SCTVerifyStatus { |
| 16 // Not a real status, this just prevents a default int value from being | 16 // Not a real status, this just prevents a default int value from being |
| 17 // mis-interpreseted as a valid status. | 17 // mis-interpreseted as a valid status. |
| 18 // Also used to count SCTs that cannot be decoded in the histogram. | 18 // Also used to count SCTs that cannot be decoded in the histogram. |
| 19 SCT_STATUS_NONE = 0, | 19 SCT_STATUS_NONE = 0, |
| 20 | 20 |
| 21 // The SCT is from an unknown log, so we cannot verify its signature. | 21 // The SCT is from an unknown log, so we cannot verify its signature. |
| 22 SCT_STATUS_LOG_UNKNOWN = 1, | 22 SCT_STATUS_LOG_UNKNOWN = 1, |
| 23 | 23 |
| 24 // SCTVerifyStatus=2 used to represent SCT_STATUS_INVALID, which has now been | 24 // This value is deprecated and should not be used. It has been split |
| 25 // split into INVALID_SIGNATURE and INVALID_TIMESTAMP to represent the | 25 // into INVALID_SIGNATURE and INVALID_TIMESTAMP to represent the |
| 26 // different reasons an SCT could be invalid. | 26 // different reasons an SCT could be invalid. It is preserved here |
| 27 // because SCTVerifyStatus values are serialized into the disk cache, | |
| 28 // so a previously written value of SCT_STATUS_INVALID could be read | |
| 29 // out of the disk cache. | |
|
Ryan Sleevi
2016/08/24 04:51:13
Layering: net/cert doesn't know about things like
| |
| 30 SCT_STATUS_INVALID = 2, | |
| 27 | 31 |
| 28 // The SCT is from a known log, and the signature is valid. | 32 // The SCT is from a known log, and the signature is valid. |
| 29 SCT_STATUS_OK = 3, | 33 SCT_STATUS_OK = 3, |
| 30 | 34 |
| 31 // The SCT is from a known log, but the signature is invalid. | 35 // The SCT is from a known log, but the signature is invalid. |
| 32 SCT_STATUS_INVALID_SIGNATURE = 4, | 36 SCT_STATUS_INVALID_SIGNATURE = 4, |
| 33 | 37 |
| 34 // The SCT is from a known log, but the timestamp is in the future. | 38 // The SCT is from a known log, but the timestamp is in the future. |
| 35 SCT_STATUS_INVALID_TIMESTAMP = 5, | 39 SCT_STATUS_INVALID_TIMESTAMP = 5, |
| 36 | 40 |
| 37 // Used to bound the enum values. Since this enum is passed over IPC, | 41 // Used to bound the enum values. Since this enum is passed over IPC, |
| 38 // the last value must be a valid one (rather than one past a valid one). | 42 // the last value must be a valid one (rather than one past a valid one). |
| 39 SCT_STATUS_MAX = SCT_STATUS_INVALID_TIMESTAMP, | 43 SCT_STATUS_MAX = SCT_STATUS_INVALID_TIMESTAMP, |
| 40 }; | 44 }; |
| 41 | 45 |
| 42 } // namespace ct | 46 } // namespace ct |
| 43 | 47 |
| 44 } // namespace net | 48 } // namespace net |
| 45 | 49 |
| 46 #endif // NET_CERT_SCT_STATUS_FLAGS_H_ | 50 #endif // NET_CERT_SCT_STATUS_FLAGS_H_ |
| OLD | NEW |
