OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_status_flags.h" | 5 #include "net/cert/cert_status_flags.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "net/base/net_errors.h" | 8 #include "net/base/net_errors.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
(...skipping 25 matching lines...) Expand all Loading... |
36 // We should not use ERR_CERT_CONTAINS_ERRORS in new code. | 36 // We should not use ERR_CERT_CONTAINS_ERRORS in new code. |
37 case ERR_CERT_CONTAINS_ERRORS: | 37 case ERR_CERT_CONTAINS_ERRORS: |
38 NOTREACHED(); | 38 NOTREACHED(); |
39 // Falls through. | 39 // Falls through. |
40 case ERR_CERT_INVALID: | 40 case ERR_CERT_INVALID: |
41 return CERT_STATUS_INVALID; | 41 return CERT_STATUS_INVALID; |
42 case ERR_CERT_WEAK_SIGNATURE_ALGORITHM: | 42 case ERR_CERT_WEAK_SIGNATURE_ALGORITHM: |
43 return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; | 43 return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; |
44 case ERR_CERT_WEAK_KEY: | 44 case ERR_CERT_WEAK_KEY: |
45 return CERT_STATUS_WEAK_KEY; | 45 return CERT_STATUS_WEAK_KEY; |
| 46 case ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: |
| 47 return CERT_STATUS_PINNED_KEY_MISSING; |
| 48 case ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY: |
| 49 return CERT_STATUS_WEAK_DH_KEY; |
46 default: | 50 default: |
47 return 0; | 51 return 0; |
48 } | 52 } |
49 } | 53 } |
50 | 54 |
51 int MapCertStatusToNetError(CertStatus cert_status) { | 55 int MapCertStatusToNetError(CertStatus cert_status) { |
52 // A certificate may have multiple errors. We report the most | 56 // A certificate may have multiple errors. We report the most |
53 // serious error. | 57 // serious error. |
54 | 58 |
55 // Unrecoverable errors | 59 // Unrecoverable errors |
56 if (cert_status & CERT_STATUS_REVOKED) | 60 if (cert_status & CERT_STATUS_REVOKED) |
57 return ERR_CERT_REVOKED; | 61 return ERR_CERT_REVOKED; |
58 if (cert_status & CERT_STATUS_INVALID) | 62 if (cert_status & CERT_STATUS_INVALID) |
59 return ERR_CERT_INVALID; | 63 return ERR_CERT_INVALID; |
| 64 if (cert_status & CERT_STATUS_PINNED_KEY_MISSING) |
| 65 return ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN; |
| 66 if (cert_status & CERT_STATUS_WEAK_DH_KEY) |
| 67 return ERR_SSL_WEAK_SERVER_EPHEMERAL_DH_KEY; |
60 | 68 |
61 // Recoverable errors | 69 // Recoverable errors |
62 if (cert_status & CERT_STATUS_AUTHORITY_INVALID) | 70 if (cert_status & CERT_STATUS_AUTHORITY_INVALID) |
63 return ERR_CERT_AUTHORITY_INVALID; | 71 return ERR_CERT_AUTHORITY_INVALID; |
64 if (cert_status & CERT_STATUS_COMMON_NAME_INVALID) | 72 if (cert_status & CERT_STATUS_COMMON_NAME_INVALID) |
65 return ERR_CERT_COMMON_NAME_INVALID; | 73 return ERR_CERT_COMMON_NAME_INVALID; |
66 if (cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM) | 74 if (cert_status & CERT_STATUS_WEAK_SIGNATURE_ALGORITHM) |
67 return ERR_CERT_WEAK_SIGNATURE_ALGORITHM; | 75 return ERR_CERT_WEAK_SIGNATURE_ALGORITHM; |
68 if (cert_status & CERT_STATUS_WEAK_KEY) | 76 if (cert_status & CERT_STATUS_WEAK_KEY) |
69 return ERR_CERT_WEAK_KEY; | 77 return ERR_CERT_WEAK_KEY; |
70 if (cert_status & CERT_STATUS_DATE_INVALID) | 78 if (cert_status & CERT_STATUS_DATE_INVALID) |
71 return ERR_CERT_DATE_INVALID; | 79 return ERR_CERT_DATE_INVALID; |
72 | 80 |
73 // Unknown status. Give it the benefit of the doubt. | 81 // Unknown status. Give it the benefit of the doubt. |
74 if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) | 82 if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) |
75 return ERR_CERT_UNABLE_TO_CHECK_REVOCATION; | 83 return ERR_CERT_UNABLE_TO_CHECK_REVOCATION; |
76 if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM) | 84 if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM) |
77 return ERR_CERT_NO_REVOCATION_MECHANISM; | 85 return ERR_CERT_NO_REVOCATION_MECHANISM; |
78 | 86 |
79 NOTREACHED(); | 87 NOTREACHED(); |
80 return ERR_UNEXPECTED; | 88 return ERR_UNEXPECTED; |
81 } | 89 } |
82 | 90 |
83 } // namespace net | 91 } // namespace net |
OLD | NEW |