Index: net/cert/cert_status_flags.h |
diff --git a/net/cert/cert_status_flags.h b/net/cert/cert_status_flags.h |
index 630df650fe3f759e1230a30de495f3c977e20804..31e69654bc3e56e01ebe77af862859e491f9043c 100644 |
--- a/net/cert/cert_status_flags.h |
+++ b/net/cert/cert_status_flags.h |
@@ -35,11 +35,21 @@ static const CertStatus CERT_STATUS_WEAK_KEY = 1 << 11; |
static const CertStatus CERT_STATUS_WEAK_DH_KEY = 1 << 12; |
static const CertStatus CERT_STATUS_PINNED_KEY_MISSING = 1 << 13; |
-// Bits 16 to 31 are for non-error statuses. |
+// Bits 16 to 29 are for non-error statuses. |
static const CertStatus CERT_STATUS_IS_EV = 1 << 16; |
static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17; |
// bit 18 was CERT_STATUS_IS_DNSSEC. |
+// Bits 30, 31 are for Certificate Transparency. |
+static const int CERTIFICATE_TRANSPARENCY_STATUS_SHIFT = 30; |
+static const int CERTIFICATE_TRANSPARENCY_STATUS_MASK = 3; |
wtc
2013/11/27 20:00:49
This mask should have the same type as CertStatus
Eran M. (Google)
2013/11/27 23:01:42
Done.
|
+enum { |
+ CERT_TRANSPARENCY_NO_SCTS = 0, |
+ CERT_TRANSPARENCY_SCT_FROM_UNKNOWN_LOGS = 1, |
+ CERT_TRANSPARENCY_SCT_FAILED_VALIDATION = 2, |
+ CERT_TRANSPARENCY_SCT_VALIDATED_OK = 3, |
wtc
2013/11/27 20:00:49
Nit: the four values should be documented.
Eran M. (Google)
2013/11/27 23:01:42
Done.
|
+}; |
+ |
// Returns true if the specified cert status has an error set. |
static inline bool IsCertStatusError(CertStatus status) { |
return (CERT_STATUS_ALL_ERRORS & status) != 0; |
@@ -58,6 +68,11 @@ NET_EXPORT CertStatus MapNetErrorToCertStatus(int error); |
// to the equivalent network error code. |
NET_EXPORT int MapCertStatusToNetError(CertStatus cert_status); |
+inline int CertificateTransparencyStateFromCertStatus(CertStatus cert_status) { |
wtc
2013/11/27 20:00:49
It may be better to return uint32...
Document thi
Eran M. (Google)
2013/11/27 23:01:42
Gave a proper name to the enum, added documentati
|
+ return (cert_status >> CERTIFICATE_TRANSPARENCY_STATUS_SHIFT) & |
+ CERTIFICATE_TRANSPARENCY_STATUS_MASK; |
+} |
+ |
} // namespace net |
#endif // NET_CERT_CERT_STATUS_FLAGS_H_ |