Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(428)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/cert/cert_status_flags_list.h

Issue 20628006: Reject certificates that are valid for too long. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Don't use arithmetic expressions in shell script. Created 6 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « net/cert/cert_status_flags.cc ('k') | net/cert/cert_verify_proc.h » ('j') | net/cert/cert_verify_proc.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2014 The Chromium Authors. All rights reserved. 1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 // This is the list of CertStatus flags and their values. 5 // This is the list of CertStatus flags and their values.
6 // 6 //
7 // Defines the values using a macro CERT_STATUS_FLAG, 7 // Defines the values using a macro CERT_STATUS_FLAG,
8 // so it can be expanded differently in some places 8 // so it can be expanded differently in some places
9 9
10 // The possible status bits for CertStatus. 10 // The possible status bits for CertStatus.
11 // Bits 0 to 15 are for errors. 11 // Bits 0 to 15 are for errors.
12 CERT_STATUS_FLAG(COMMON_NAME_INVALID, 1 << 0) 12 CERT_STATUS_FLAG(COMMON_NAME_INVALID, 1 << 0)
13 CERT_STATUS_FLAG(DATE_INVALID, 1 << 1) 13 CERT_STATUS_FLAG(DATE_INVALID, 1 << 1)
14 CERT_STATUS_FLAG(AUTHORITY_INVALID, 1 << 2) 14 CERT_STATUS_FLAG(AUTHORITY_INVALID, 1 << 2)
15 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP). 15 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP).
16 CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM, 1 << 4) 16 CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM, 1 << 4)
17 CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION, 1 << 5) 17 CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION, 1 << 5)
18 CERT_STATUS_FLAG(REVOKED, 1 << 6) 18 CERT_STATUS_FLAG(REVOKED, 1 << 6)
19 CERT_STATUS_FLAG(INVALID, 1 << 7) 19 CERT_STATUS_FLAG(INVALID, 1 << 7)
20 CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM, 1 << 8) 20 CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM, 1 << 8)
21 // 1 << 9 was used for CERT_STATUS_NOT_IN_DNS 21 // 1 << 9 was used for CERT_STATUS_NOT_IN_DNS
22 CERT_STATUS_FLAG(NON_UNIQUE_NAME, 1 << 10) 22 CERT_STATUS_FLAG(NON_UNIQUE_NAME, 1 << 10)
23 CERT_STATUS_FLAG(WEAK_KEY, 1 << 11) 23 CERT_STATUS_FLAG(WEAK_KEY, 1 << 11)
24 // 1 << 12 was used for CERT_STATUS_WEAK_DH_KEY 24 // 1 << 12 was used for CERT_STATUS_WEAK_DH_KEY
25 CERT_STATUS_FLAG(PINNED_KEY_MISSING, 1 << 13) 25 CERT_STATUS_FLAG(PINNED_KEY_MISSING, 1 << 13)
26 CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION, 1 << 14) 26 CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION, 1 << 14)
27 CERT_STATUS_FLAG(VALIDITY_TOO_LONG, 1 << 15)
27 28
28 // Bits 16 to 31 are for non-error statuses. 29 // Bits 16 to 31 are for non-error statuses.
29 CERT_STATUS_FLAG(IS_EV, 1 << 16) 30 CERT_STATUS_FLAG(IS_EV, 1 << 16)
30 CERT_STATUS_FLAG(REV_CHECKING_ENABLED, 1 << 17) 31 CERT_STATUS_FLAG(REV_CHECKING_ENABLED, 1 << 17)
31 // Bit 18 was CERT_STATUS_IS_DNSSEC 32 // Bit 18 was CERT_STATUS_IS_DNSSEC
32 CERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT, 1 << 19) 33 CERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT, 1 << 19)
OLDNEW
« no previous file with comments | « net/cert/cert_status_flags.cc ('k') | net/cert/cert_verify_proc.h » ('j') | net/cert/cert_verify_proc.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698