1 // Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_BASE_CERT_STATUS_FLAGS_H_ 6 #define NET_BASE_CERT_STATUS_FLAGS_H_ 7 #pragma once 8 9 namespace net { 10 11 // Status flags, such as errors and extended validation. 12 enum { 13 // Bits 0 to 15 are for errors. 14 CERT_STATUS_ALL_ERRORS = 0xFFFF, 15 CERT_STATUS_COMMON_NAME_INVALID = 1 << 0, 16 CERT_STATUS_DATE_INVALID = 1 << 1, 17 CERT_STATUS_AUTHORITY_INVALID = 1 << 2, 18 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). 19 CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4, 20 CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5, 21 CERT_STATUS_REVOKED = 1 << 6, 22 CERT_STATUS_INVALID = 1 << 7, 23 CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8, 24 CERT_STATUS_NOT_IN_DNS = 1 << 9, 25 CERT_STATUS_NON_UNIQUE_NAME = 1 << 10, 26 27 // Bits 16 to 30 are for non-error statuses. 28 CERT_STATUS_IS_EV = 1 << 16, 29 CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17, 30 CERT_STATUS_IS_DNSSEC = 1 << 18, 31 32 // 1 << 31 (the sign bit) is reserved so that the cert status will never be 33 // negative. 34 }; 35 36 // Returns true if the specified cert status has an error set. 37 static inline bool IsCertStatusError(int status) { 38 return (CERT_STATUS_ALL_ERRORS & status) != 0; 39 } 40 41 // Maps a network error code to the equivalent certificate status flag. If 42 // the error code is not a certificate error, it is mapped to 0. 43 int MapNetErrorToCertStatus(int error); 44 45 // Maps the most serious certificate error in the certificate status flags 46 // to the equivalent network error code. 47 int MapCertStatusToNetError(int cert_status); 48 49 } // namespace net 50 51 #endif // NET_BASE_CERT_STATUS_FLAGS_H_ 52
