1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_CERT_SCT_STATUS_FLAGS_H_
6#define NET_CERT_SCT_STATUS_FLAGS_H_
7
8#include <stdint.h>
9
10#include "net/base/net_export.h"
11
12namespace net {
13
14namespace ct {
15
16// The possible verification statuses for a SignedCertificateTimestamp.
17// Note: The numeric values are used within histograms and should not change
18// or be re-assigned.
19enum SCTVerifyStatus : uint32_t {
20 // Not a real status, this just prevents a default int value from being
21 // mis-interpreseted as a valid status.
22 // Also used to count SCTs that cannot be decoded in the histogram.
23 SCT_STATUS_NONE = 0,
24
25 // The SCT is from an unknown log, so we cannot verify its signature.
26 SCT_STATUS_LOG_UNKNOWN = 1,
27
28 // Obsolete. Kept here to avoid reuse.
29 // SCT_STATUS_INVALID = 2,
30
31 // The SCT is from a known log, and the signature is valid.
32 SCT_STATUS_OK = 3,
33
34 // The SCT is from a known log, but the signature is invalid.
35 SCT_STATUS_INVALID_SIGNATURE = 4,
36
37 // The SCT is from a known log, but the timestamp is in the future.
38 SCT_STATUS_INVALID_TIMESTAMP = 5,
39
40 // Used to bound the enum values. Since this enum is passed over IPC,
41 // the last value must be a valid one (rather than one past a valid one).
42 SCT_STATUS_MAX = SCT_STATUS_INVALID_TIMESTAMP,
43};
44
45// Returns true if |status| denotes a valid value in SCTVerifyStatus, which
46// is all current values in the enum except SCT_STATUS_NONE.
47NET_EXPORT bool IsValidSCTStatus(uint32_t status);
48
49} // namespace ct
50
51} // namespace net
52
53#endif // NET_CERT_SCT_STATUS_FLAGS_H_
54