Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(16)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/base/cert_status_flags.h

Issue 8568040: Refuse to accept certificate chains containing any RSA public key smaller (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: '' Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | net/base/cert_status_flags.cc » ('j') | net/base/cert_status_flags.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_BASE_CERT_STATUS_FLAGS_H_ 5 #ifndef NET_BASE_CERT_STATUS_FLAGS_H_
6 #define NET_BASE_CERT_STATUS_FLAGS_H_ 6 #define NET_BASE_CERT_STATUS_FLAGS_H_
7 #pragma once 7 #pragma once
8 8
9 #include "base/basictypes.h" 9 #include "base/basictypes.h"
10 #include "net/base/net_export.h" 10 #include "net/base/net_export.h"
(...skipping 14 matching lines...) Expand all
25 static const CertStatus CERT_STATUS_DATE_INVALID = 1 << 1; 25 static const CertStatus CERT_STATUS_DATE_INVALID = 1 << 1;
26 static const CertStatus CERT_STATUS_AUTHORITY_INVALID = 1 << 2; 26 static const CertStatus CERT_STATUS_AUTHORITY_INVALID = 1 << 2;
27 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). 27 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP).
28 static const CertStatus CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4; 28 static const CertStatus CERT_STATUS_NO_REVOCATION_MECHANISM = 1 << 4;
29 static const CertStatus CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5; 29 static const CertStatus CERT_STATUS_UNABLE_TO_CHECK_REVOCATION = 1 << 5;
30 static const CertStatus CERT_STATUS_REVOKED = 1 << 6; 30 static const CertStatus CERT_STATUS_REVOKED = 1 << 6;
31 static const CertStatus CERT_STATUS_INVALID = 1 << 7; 31 static const CertStatus CERT_STATUS_INVALID = 1 << 7;
32 static const CertStatus CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8; 32 static const CertStatus CERT_STATUS_WEAK_SIGNATURE_ALGORITHM = 1 << 8;
33 static const CertStatus CERT_STATUS_NOT_IN_DNS = 1 << 9; 33 static const CertStatus CERT_STATUS_NOT_IN_DNS = 1 << 9;
34 static const CertStatus CERT_STATUS_NON_UNIQUE_NAME = 1 << 10; 34 static const CertStatus CERT_STATUS_NON_UNIQUE_NAME = 1 << 10;
35 static const CertStatus CERT_STATUS_WEAK_KEY = 1 << 11;
35 36
36 // Bits 16 to 31 are for non-error statuses. 37 // Bits 16 to 31 are for non-error statuses.
37 static const CertStatus CERT_STATUS_IS_EV = 1 << 16; 38 static const CertStatus CERT_STATUS_IS_EV = 1 << 16;
38 static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17; 39 static const CertStatus CERT_STATUS_REV_CHECKING_ENABLED = 1 << 17;
39 static const CertStatus CERT_STATUS_IS_DNSSEC = 1 << 18; 40 static const CertStatus CERT_STATUS_IS_DNSSEC = 1 << 18;
40 41
41 // Returns true if the specified cert status has an error set. 42 // Returns true if the specified cert status has an error set.
42 static inline bool IsCertStatusError(CertStatus status) { 43 static inline bool IsCertStatusError(CertStatus status) {
43 return (CERT_STATUS_ALL_ERRORS & status) != 0; 44 return (CERT_STATUS_ALL_ERRORS & status) != 0;
44 } 45 }
45 46
46 // IsCertStatusMinorError returns true iff |cert_status| indicates a condition 47 // IsCertStatusMinorError returns true iff |cert_status| indicates a condition
47 // that should typically be ignored by automated requests. (i.e. a revocation 48 // that should typically be ignored by automated requests. (i.e. a revocation
48 // check failure.) 49 // check failure.)
49 NET_EXPORT bool IsCertStatusMinorError(CertStatus cert_status); 50 NET_EXPORT bool IsCertStatusMinorError(CertStatus cert_status);
50 51
51 // Maps a network error code to the equivalent certificate status flag. If 52 // Maps a network error code to the equivalent certificate status flag. If
52 // the error code is not a certificate error, it is mapped to 0. 53 // the error code is not a certificate error, it is mapped to 0.
53 CertStatus MapNetErrorToCertStatus(int error); 54 CertStatus MapNetErrorToCertStatus(int error);
54 55
55 // Maps the most serious certificate error in the certificate status flags 56 // Maps the most serious certificate error in the certificate status flags
56 // to the equivalent network error code. 57 // to the equivalent network error code.
57 NET_EXPORT int MapCertStatusToNetError(CertStatus cert_status); 58 NET_EXPORT int MapCertStatusToNetError(CertStatus cert_status);
58 59
59 } // namespace net 60 } // namespace net
60 61
61 #endif // NET_BASE_CERT_STATUS_FLAGS_H_ 62 #endif // NET_BASE_CERT_STATUS_FLAGS_H_
OLDNEW
« no previous file with comments | « no previous file | net/base/cert_status_flags.cc » ('j') | net/base/cert_status_flags.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698