Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1288)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/cert/cert_status_flags.h

Issue 76443006: Certificate Transparency: Threading the CT verifier into the SSL client socket. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Removing error codes Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/common/chrome_switches.cc ('k') | net/cert/ct_known_logs_data.h » ('j') | net/cert/ct_known_logs_data.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/cert_status_flags.h
diff --git a/net/cert/cert_status_flags.h b/net/cert/cert_status_flags.h
index 630df650fe3f759e1230a30de495f3c977e20804..31e69654bc3e56e01ebe77af862859e491f9043c 100644
--- a/net/cert/cert_status_flags.h
+++ b/net/cert/cert_status_flags.h
@@ -35,11 +35,21 @@ static const CertStatus CERT_STATUS_WEAK_KEY = 1 << 11;
static const CertStatus CERT_STATUS_WEAK_DH_KEY = 1 << 12;
static const CertStatus CERT_STATUS_PINNED_KEY_MISSING = 1 << 13;
-// Bits 16 to 31 are for non-error statuses.
+// Bits 16 to 29 are for non-error statuses.
static const CertStatus CERT_STATUS_IS_EV = 1 << 16;
static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17;
// bit 18 was CERT_STATUS_IS_DNSSEC.
+// Bits 30, 31 are for Certificate Transparency.
+static const int CERTIFICATE_TRANSPARENCY_STATUS_SHIFT = 30;
+static const int CERTIFICATE_TRANSPARENCY_STATUS_MASK = 3;
wtc 2013/11/27 20:00:49 This mask should have the same type as CertStatus
Eran M. (Google) 2013/11/27 23:01:42 Done.
+enum {
+ CERT_TRANSPARENCY_NO_SCTS = 0,
+ CERT_TRANSPARENCY_SCT_FROM_UNKNOWN_LOGS = 1,
+ CERT_TRANSPARENCY_SCT_FAILED_VALIDATION = 2,
+ CERT_TRANSPARENCY_SCT_VALIDATED_OK = 3,
wtc 2013/11/27 20:00:49 Nit: the four values should be documented.
Eran M. (Google) 2013/11/27 23:01:42 Done.
+};
+
// Returns true if the specified cert status has an error set.
static inline bool IsCertStatusError(CertStatus status) {
return (CERT_STATUS_ALL_ERRORS & status) != 0;
@@ -58,6 +68,11 @@ NET_EXPORT CertStatus MapNetErrorToCertStatus(int error);
// to the equivalent network error code.
NET_EXPORT int MapCertStatusToNetError(CertStatus cert_status);
+inline int CertificateTransparencyStateFromCertStatus(CertStatus cert_status) {
wtc 2013/11/27 20:00:49 It may be better to return uint32... Document thi
Eran M. (Google) 2013/11/27 23:01:42 Gave a proper name to the enum, added documentati
+ return (cert_status >> CERTIFICATE_TRANSPARENCY_STATUS_SHIFT) &
+ CERTIFICATE_TRANSPARENCY_STATUS_MASK;
+}
+
} // namespace net
#endif // NET_CERT_CERT_STATUS_FLAGS_H_
« no previous file with comments | « chrome/common/chrome_switches.cc ('k') | net/cert/ct_known_logs_data.h » ('j') | net/cert/ct_known_logs_data.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698