Chromium Code Reviews Chromium Code Reviews
Issue 76443006:
Certificate Transparency: Threading the CT verifier into the SSL client socket. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: net/base/net_error_list.h |
| diff --git a/net/base/net_error_list.h b/net/base/net_error_list.h |
| index 330d57255b1a7f3501f83548ab99112a267c7033..7ca63321853ba6d79b7a947ecfaad67de0e903cf 100644 |
| --- a/net/base/net_error_list.h |
| +++ b/net/base/net_error_list.h |
| @@ -408,6 +408,20 @@ NET_ERROR(CERT_WEAK_KEY, -211) |
| // The value immediately past the last certificate error code. |
| NET_ERROR(CERT_END, -212) |
| +// Certificate Transparency-related errors. Logically these are certificate |
| +// errors but, for now, are not included in the certificate errors range |
| +// so IsCertificateError will not be affected by CT-related errors. |
| + |
| +// Serialization of the Precertificate LogEntry or X.509 LogEntry failed |
| +// That means that there were no embedded SCTs *and* the DER encoding of the |
| +// certificate could not be created, which is surprising - as CT checks are |
| +// only performed after SCTs have been validated. |
| +NET_ERROR(CT_LOG_ENTRY_CREATION_FAILED, -298) |
| + |
| +// SCT(s) were present but failed to verify - this could indicate an attack |
| +// or corrupted SCTs. |
| +NET_ERROR(NO_SCTS_VERIFIED_OK, -299) |
|
wtc
2013/11/27 16:45:57
If we add these two CT errors as certificate error
Eran M. (Google)
2013/11/27 19:05:48
As we discussed offline, completely reverting thes
|
| + |
| // The URL is invalid. |
| NET_ERROR(INVALID_URL, -300) |
