1// Copyright (c) 2006-2008 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_BASE_CERT_STATUS_FLAGS_H_ 6#define NET_BASE_CERT_STATUS_FLAGS_H_ 7#pragma once 8 9namespace net { 10 11// Status flags, such as errors and extended validation. 12enum { 13 // Bits 0 to 15 are for errors. 14 CERT_STATUS_ALL_ERRORS = 0xFFFF, 15 CERT_STATUS_COMMON_NAME_INVALID = 1 << 0, 16 CERT_STATUS_DATE_INVALID = 1 << 1, 17 CERT_STATUS_AUTHORITY_INVALID = 1 << 2, 18 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). 19 CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4, 20 CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5, 21 CERT_STATUS_REVOKED = 1 << 6, 22 CERT_STATUS_INVALID = 1 << 7, 23 CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8, 24 CERT_STATUS_NOT_IN_DNS = 1 << 9, 25 CERT_STATUS_NON_UNIQUE_NAME = 1 << 10, 26 27 // Bits 16 to 30 are for non-error statuses. 28 CERT_STATUS_IS_EV = 1 << 16, 29 CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17, 30 CERT_STATUS_IS_DNSSEC = 1 << 18, 31 32 // 1 << 31 (the sign bit) is reserved so that the cert status will never be 33 // negative. 34}; 35 36// Returns true if the specified cert status has an error set. 37static inline bool IsCertStatusError(int status) { 38 return (CERT_STATUS_ALL_ERRORS & status) != 0; 39} 40 41// Maps a network error code to the equivalent certificate status flag. If 42// the error code is not a certificate error, it is mapped to 0. 43int MapNetErrorToCertStatus(int error); 44 45// Maps the most serious certificate error in the certificate status flags 46// to the equivalent network error code. 47int MapCertStatusToNetError(int cert_status); 48 49} // namespace net 50 51#endif // NET_BASE_CERT_STATUS_FLAGS_H_ 52