1c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// Copyright (c) 2009 The Chromium Authors. All rights reserved. 2c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// Use of this source code is governed by a BSD-style license that can be 3c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// found in the LICENSE file. 4c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 5c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#include "net/base/cert_status_flags.h" 6c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 7c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#include "base/logging.h" 8c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#include "net/base/net_errors.h" 9c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 10c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scottnamespace net { 11c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 12c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scottint MapNetErrorToCertStatus(int error) { 13c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott switch (error) { 14c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_COMMON_NAME_INVALID: 15c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_COMMON_NAME_INVALID; 16c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_DATE_INVALID: 17c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_DATE_INVALID; 18c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_AUTHORITY_INVALID: 19c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_AUTHORITY_INVALID; 20c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_NO_REVOCATION_MECHANISM: 21c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_NO_REVOCATION_MECHANISM; 22c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_UNABLE_TO_CHECK_REVOCATION: 23c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_UNABLE_TO_CHECK_REVOCATION; 24c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_REVOKED: 25c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_REVOKED; 26c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // We added the ERR_CERT_CONTAINS_ERRORS error code when we were using 27c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // WinInet, but we never figured out how it differs from ERR_CERT_INVALID. 28c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // We should not use ERR_CERT_CONTAINS_ERRORS in new code. 29c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_CONTAINS_ERRORS: 30c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott NOTREACHED(); 31c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Falls through. 32c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_INVALID: 33c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_INVALID; 34c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott case ERR_CERT_WEAK_SIGNATURE_ALGORITHM: 35c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; 36c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott default: 37c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return 0; 38c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott } 39c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott} 40c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 41c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scottint MapCertStatusToNetError(int cert_status) { 42c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // A certificate may have multiple errors. We report the most 43c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // serious error. 44c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 45c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Unrecoverable errors 46c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_REVOKED) 47c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_REVOKED; 48c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_INVALID) 49c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_INVALID; 50c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 51c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Recoverable errors 52c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_AUTHORITY_INVALID) 53c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_AUTHORITY_INVALID; 54c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_COMMON_NAME_INVALID) 55c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_COMMON_NAME_INVALID; 56c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM) 57c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_WEAK_SIGNATURE_ALGORITHM; 58c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_DATE_INVALID) 59c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_DATE_INVALID; 60c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 61c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Unknown status. Give it the benefit of the doubt. 62c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) 63c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_UNABLE_TO_CHECK_REVOCATION; 64c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM) 65c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_CERT_NO_REVOCATION_MECHANISM; 66c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 67c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott NOTREACHED(); 68c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott return ERR_UNEXPECTED; 69c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott} 70c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 71c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott} // namespace net 72