Certificate Transparency: Threading the CT verifier into the SSL client socket.

net/cert/cert_status_flags.h

Index: net/cert/cert_status_flags.h
diff --git a/net/cert/cert_status_flags.h b/net/cert/cert_status_flags.h
index 630df650fe3f759e1230a30de495f3c977e20804..fc87910d2af7cf459a10c5114b3409ecb7cc38a2 100644
--- a/net/cert/cert_status_flags.h
+++ b/net/cert/cert_status_flags.h
@@ -39,6 +39,20 @@ static const CertStatus CERT_STATUS_PINNED_KEY_MISSING         = 1 << 13;
 static const CertStatus CERT_STATUS_IS_EV                      = 1 << 16;
 static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED       = 1 << 17;
 // bit 18 was CERT_STATUS_IS_DNSSEC.
+// Bits 19 and 20 are for Certificate Transparency.
+// The following states are represented:
+// bit 20 | bit 19 | state
+//      0 |      0 | No SCTs were present
+//      0 |      1 | SCTs from unknown logs were present

[wtc, 2013/11/26 01:47:23]

In this combination, are the SCTs verified? The name "HAS_GOOD_SCT" implies they
are verified. But can we verify SCTs from unknown logs?

Update: after reading the entire CL, I now understand these two bits don't have
independent meanings. Instead, the two bits are used to encode four possible
values (0, 1, 2, 3) as you tabulated here.

This is a little confusing because a reader of this file expects every cert
status bit can be tested independently. It may be better to imitate how this is
done in net/ssl/ssl_connection_status_flags.h. For example, it uses three bits
to encode the SSL/TLS protocol version.

[Eran M. (Google), 2013/11/26 14:45:53]

Done - used the two most-significant bits to store CT state as integer.

+//      1 |      0 | SCTs from known logs present but cannot be unverified

[wtc, 2013/11/26 01:47:23]

1. Is "unverified" a typo?

2. Does this combination imply an error? If so, this violates the comment on
line 38 that these bits are for non-error statuses.

[Eran M. (Google), 2013/11/26 14:45:53]

1. yes.
2. yes - but the CT state was now moved to a state of its own, so the comment
does not apply anymore.

+//      1 |      1 | SCTs from known logs present, verified
+// Bit 19 - indicates presence of SCTs. If set but bit 20 isn't, indicates
+// SCTs from unknown logs. If set and bit 20 is net, indicates presence
+// of validated SCTs.
+static const CertStatus CERT_STATUS_HAS_GOOD_SCT             = 1 << 19;
+// Bit 20 - when set, indicates SCTs from known logs. When not set, indicates
+// SCTs from unknown logs or no SCTs, depending on bit 19.
+static const CertStatus CERT_STATUS_HAS_SCT_FROM_KNOWN_LOG   = 1 << 20;
 
 // Returns true if the specified cert status has an error set.
 static inline bool IsCertStatusError(CertStatus status) {
@@ -58,6 +72,12 @@ NET_EXPORT CertStatus MapNetErrorToCertStatus(int error);
 // to the equivalent network error code.
 NET_EXPORT int MapCertStatusToNetError(CertStatus cert_status);
 
+// Indicates whether there were *any* SCTs.
+NET_EXPORT bool DoesCertHaveSignedCertificateTimestamps(
+    CertStatus cert_status);
+// Indicates whether SCTs from known logs verified OK
+NET_EXPORT bool DoesCertHaveVerifiedSignedCertificateTimestamps(
+    CertStatus cert_status);

[wtc, 2013/11/26 01:47:23]

Add a blank line after this line, and between the two functions.

[Eran M. (Google), 2013/11/26 14:45:53]

Removed these two functions, added a function to extract the CT state.

 }  // namespace net
 
 #endif  // NET_CERT_CERT_STATUS_FLAGS_H_