net/cert/ct_verify_result.h - Issue 88643002: SignedCertificateTimestamp storing & serialization code.

Side by Side Diff: net/cert/ct_verify_result.h

Issue 88643002: SignedCertificateTimestamp storing & serialization code. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@erans_patches

Patch Set: remove a spurious content:: Created 7 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_	5 #ifndef NET_CERT_CT_VERIFY_RESULT_H_

6 #define NET_CERT_CT_VERIFY_RESULT_H_	6 #define NET_CERT_CT_VERIFY_RESULT_H_

7	7

8 #include <vector>	8 #include <vector>

9	9

10 #include "net/cert/signed_certificate_timestamp.h"	10 #include "net/cert/signed_certificate_timestamp.h"

11	11

12 namespace net {	12 namespace net {

13	13

14 namespace ct {	14 namespace ct {

15	15

16 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList;	16 typedef std::vector<scoped_refptr<SignedCertificateTimestamp> > SCTList;

17	17

18 // Holds Signed Certificate Timestamps, depending on their verification results.	18 // Holds Signed Certificate Timestamps, depending on their verification results.

19 // More information could be tracked here about SCTs, but for the current UI	19 // More information could be tracked here about SCTs, but for the current UI

20 // this categorization is enough.	20 // this categorization is enough.

21 struct NET_EXPORT CTVerifyResult {	21 struct NET_EXPORT CTVerifyResult {

22 CTVerifyResult();	22 CTVerifyResult();

23 ~CTVerifyResult();	23 ~CTVerifyResult();

24	24

25 // SCTs from known logs where the signature verified correctly.	25 // SCTs from known logs where the signature verified correctly.

26 SCTList verified_scts;	26 SCTList verified_scts;

27 // SCTs from known logs where the signature failed to verify.	27 // SCTs from known logs where the signature failed to verify.

28 SCTList unverified_scts;	28 SCTList invalid_scts;
	wtc 2013/11/28 01:28:02 Nit: Please discuss with Eran to standardize these Nit: Please discuss with Eran to standardize these two member names. It seems that ideally they should look opposite: "verified vs. unverified" or "valid vs. invalid". alcutter 2013/11/28 12:08:19 The problem is that "verified" is the right word f Show quoted text On 2013/11/28 01:28:02, wtc wrote: > > Nit: Please discuss with Eran to standardize these two member names. It seems > that ideally they should look opposite: "verified vs. unverified" or "valid vs. > invalid". The problem is that "verified" is the right word for SCTs which have been found to be valid, but the opposite of that isn't "unverified". Equally, SCTs for which we don't have the public key may well also in fact be valid, but we can't verify them so calling the list of SCTs we were able to check valid_scts feels wrong too. Since it's effectively tri-state logic, trying to name with opposites is always going to end up with one list with an incongruous name. So maybe the right answer is something along the lines of: verified_scts, invalid_scts, unverified_scts ? I'll prepare a follow up patch for that combo so as to not block this on names, I hope that's ok. wtc 2013/11/28 16:15:07 Yes, it's ok to deal with names in a follow-up CL. Show quoted text On 2013/11/28 12:08:19, alcutter wrote: > > I'll prepare a follow up patch for that combo so as to not block this on names, > I hope that's ok. Yes, it's ok to deal with names in a follow-up CL. alcutter 2013/11/28 16:42:18 Ack. Show quoted text On 2013/11/28 16:15:07, wtc wrote: > > On 2013/11/28 12:08:19, alcutter wrote: > > > > I'll prepare a follow up patch for that combo so as to not block this on > names, > > I hope that's ok. > > Yes, it's ok to deal with names in a follow-up CL. Ack.
29 // SCTs from unknown logs.	29 // SCTs from unknown logs.

30 SCTList unknown_logs_scts;	30 SCTList unknown_logs_scts;

31 };	31 };

32	32

33 } // namespace ct	33 } // namespace ct

34	34

35 } // namespace net	35 } // namespace net

36	36

37 #endif // NET_CERT_CT_VERIFY_RESULT_H_	37 #endif // NET_CERT_CT_VERIFY_RESULT_H_

OLD	NEW

« content/browser/loader/resource_loader.h ('K') | « content/renderer/render_view_impl.cc ('k') | net/cert/multi_log_ct_verifier.cc » ('j') | net/cert/sct_status_flags.h » ('J')