Chromium Code Reviews Chromium Code Reviews
Issue 7819009:
For the SSL cert status, convert anonymous enum that gives bit values into a typedefed uint32. Th... (Closed)
Base URL: svn://chrome-svn/chrome/trunk/src/| Index: net/base/cert_status_flags.h |
| =================================================================== |
| --- net/base/cert_status_flags.h (revision 98481) |
| +++ net/base/cert_status_flags.h (working copy) |
| @@ -6,45 +6,48 @@ |
| #define NET_BASE_CERT_STATUS_FLAGS_H_ |
| #pragma once |
| +#include "base/basictypes.h" |
| + |
| namespace net { |
| // Status flags, such as errors and extended validation. |
| -enum { |
| - // Bits 0 to 15 are for errors. |
| - CERT_STATUS_ALL_ERRORS = 0xFFFF, |
| - CERT_STATUS_COMMON_NAME_INVALID = 1 << 0, |
| - CERT_STATUS_DATE_INVALID = 1 << 1, |
| - CERT_STATUS_AUTHORITY_INVALID = 1 << 2, |
| - // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). |
| - CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4, |
| - CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5, |
| - CERT_STATUS_REVOKED = 1 << 6, |
| - CERT_STATUS_INVALID = 1 << 7, |
| - CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8, |
| - CERT_STATUS_NOT_IN_DNS = 1 << 9, |
| - CERT_STATUS_NON_UNIQUE_NAME = 1 << 10, |
| +typedef uint32 CertStatus; |
| +static const CertStatus CERT_STATUS_NO_ERROR = 0; |
| - // Bits 16 to 30 are for non-error statuses. |
| - CERT_STATUS_IS_EV = 1 << 16, |
| - CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17, |
| - CERT_STATUS_IS_DNSSEC = 1 << 18, |
| +// Bits 0 to 15 are for errors. |
| +static const CertStatus CERT_STATUS_ALL_ERRORS = 0xFFFF; |
| +static const CertStatus CERT_STATUS_COMMON_NAME_INVALID = 1 << 0; |
| +static const CertStatus CERT_STATUS_DATE_INVALID = 1 << 1; |
| +static const CertStatus CERT_STATUS_AUTHORITY_INVALID = 1 << 2; |
| +// 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). |
| +static const CertStatus CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4; |
| +static const CertStatus CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5; |
| +static const CertStatus CERT_STATUS_REVOKED = 1 << 6; |
| +static const CertStatus CERT_STATUS_INVALID = 1 << 7; |
| +static const CertStatus CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8; |
| +static const CertStatus CERT_STATUS_NOT_IN_DNS = 1 << 9; |
| +static const CertStatus CERT_STATUS_NON_UNIQUE_NAME = 1 << 10; |
| - // 1 << 31 (the sign bit) is reserved so that the cert status will never be |
| - // negative. |
| -}; |
| +// Bits 16 to 30 are for non-error statuses. |
| +static const CertStatus CERT_STATUS_IS_EV = 1 << 16; |
| +static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17; |
| +static const CertStatus CERT_STATUS_IS_DNSSEC = 1 << 18; |
|
wtc
2011/09/02 22:40:35
Can these remain enumerators? Otherwise people ma
Peter Kasting
2011/09/12 17:28:40
In that case I think it's fine to simply add:
//
Peter Kasting
2011/09/12 17:33:41
I pinged Brett about this and his response was tha
|
| +// Bit 31 is reserved so that values with that bit set can be safely assumed to |
| +// be invalid. |
|
wtc
2011/09/02 22:40:35
Since CertStatus is an unsigned integer, we can us
Peter Kasting
2011/09/12 17:28:40
OK, I can remove that comment. There's one unit t
|
| + |
| // Returns true if the specified cert status has an error set. |
| -static inline bool IsCertStatusError(int status) { |
| +static inline bool IsCertStatusError(CertStatus status) { |
| return (CERT_STATUS_ALL_ERRORS & status) != 0; |
| } |
| // Maps a network error code to the equivalent certificate status flag. If |
| // the error code is not a certificate error, it is mapped to 0. |
| -int MapNetErrorToCertStatus(int error); |
| +CertStatus MapNetErrorToCertStatus(int error); |
| // Maps the most serious certificate error in the certificate status flags |
| // to the equivalent network error code. |
| -int MapCertStatusToNetError(int cert_status); |
| +int MapCertStatusToNetError(CertStatus cert_status); |
| } // namespace net |
