// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef NET_ANDROID_CERT_VERIFY_RESULT_ANDROID_H_
#define NET_ANDROID_CERT_VERIFY_RESULT_ANDROID_H_

#include <jni.h>

#include <string>
#include <vector>

#include "base/basictypes.h"

namespace net {

namespace android {

// The list of certificate verification results returned from Java side to the
// C++ side.
//
// A Java counterpart will be generated for this enum.
// GENERATED_JAVA_ENUM_PACKAGE: org.chromium.net
enum CertVerifyStatusAndroid {
  // Certificate is trusted.
  CERT_VERIFY_STATUS_ANDROID_OK = 0,
  // Certificate verification could not be conducted.
  CERT_VERIFY_STATUS_ANDROID_FAILED = -1,
  // Certificate is not trusted due to non-trusted root of the certificate
  // chain.
  CERT_VERIFY_STATUS_ANDROID_NO_TRUSTED_ROOT = -2,
  // Certificate is not trusted because it has expired.
  CERT_VERIFY_STATUS_ANDROID_EXPIRED = -3,
  // Certificate is not trusted because it is not valid yet.
  CERT_VERIFY_STATUS_ANDROID_NOT_YET_VALID = -4,
  // Certificate is not trusted because it could not be parsed.
  CERT_VERIFY_STATUS_ANDROID_UNABLE_TO_PARSE = -5,
  // Certificate is not trusted because it has an extendedKeyUsage field, but
  // its value is not correct for a web server.
  CERT_VERIFY_STATUS_ANDROID_INCORRECT_KEY_USAGE = -6,
};

// Extract parameters out of an AndroidCertVerifyResult object.
void ExtractCertVerifyResult(jobject result,
                             CertVerifyStatusAndroid* status,
                             bool* is_issued_by_known_root,
                             std::vector<std::string>* verified_chain);

// Register JNI methods.
bool RegisterCertVerifyResult(JNIEnv* env);

}  // namespace android

}  // namespace net

#endif  // NET_ANDROID_CERT_VERIFY_RESULT_ANDROID_H_