Home | History | Annotate | Download | only in base 
      1 // Copyright (c) 2009 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #include "net/base/cert_status_flags.h"
      6 
      7 #include "base/logging.h"
      8 #include "net/base/net_errors.h"
      9 
     10 namespace net {
     11 
     12 int MapNetErrorToCertStatus(int error) {
     13   switch (error) {
     14     case ERR_CERT_COMMON_NAME_INVALID:
     15       return CERT_STATUS_COMMON_NAME_INVALID;
     16     case ERR_CERT_DATE_INVALID:
     17       return CERT_STATUS_DATE_INVALID;
     18     case ERR_CERT_AUTHORITY_INVALID:
     19       return CERT_STATUS_AUTHORITY_INVALID;
     20     case ERR_CERT_NO_REVOCATION_MECHANISM:
     21       return CERT_STATUS_NO_REVOCATION_MECHANISM;
     22     case ERR_CERT_UNABLE_TO_CHECK_REVOCATION:
     23       return CERT_STATUS_UNABLE_TO_CHECK_REVOCATION;
     24     case ERR_CERT_REVOKED:
     25       return CERT_STATUS_REVOKED;
     26     // We added the ERR_CERT_CONTAINS_ERRORS error code when we were using
     27     // WinInet, but we never figured out how it differs from ERR_CERT_INVALID.
     28     // We should not use ERR_CERT_CONTAINS_ERRORS in new code.
     29     case ERR_CERT_CONTAINS_ERRORS:
     30       NOTREACHED();
     31       // Falls through.
     32     case ERR_CERT_INVALID:
     33       return CERT_STATUS_INVALID;
     34     case ERR_CERT_WEAK_SIGNATURE_ALGORITHM:
     35       return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM;
     36     case ERR_CERT_NOT_IN_DNS:
     37       return CERT_STATUS_NOT_IN_DNS;
     38     default:
     39       return 0;
     40   }
     41 }
     42 
     43 int MapCertStatusToNetError(int cert_status) {
     44   // A certificate may have multiple errors.  We report the most
     45   // serious error.
     46 
     47   // Unrecoverable errors
     48   if (cert_status & CERT_STATUS_REVOKED)
     49     return ERR_CERT_REVOKED;
     50   if (cert_status & CERT_STATUS_INVALID)
     51     return ERR_CERT_INVALID;
     52 
     53   // Recoverable errors
     54   if (cert_status & CERT_STATUS_AUTHORITY_INVALID)
     55     return ERR_CERT_AUTHORITY_INVALID;
     56   if (cert_status & CERT_STATUS_COMMON_NAME_INVALID)
     57     return ERR_CERT_COMMON_NAME_INVALID;
     58   if (cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM)
     59     return ERR_CERT_WEAK_SIGNATURE_ALGORITHM;
     60   if (cert_status & CERT_STATUS_DATE_INVALID)
     61     return ERR_CERT_DATE_INVALID;
     62 
     63   // Unknown status.  Give it the benefit of the doubt.
     64   if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION)
     65     return ERR_CERT_UNABLE_TO_CHECK_REVOCATION;
     66   if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM)
     67     return ERR_CERT_NO_REVOCATION_MECHANISM;
     68   if (cert_status & CERT_STATUS_NOT_IN_DNS)
     69     return ERR_CERT_NOT_IN_DNS;
     70 
     71   NOTREACHED();
     72   return ERR_UNEXPECTED;
     73 }
     74 
     75 }  // namespace net
     76