OLD | NEW |
---|---|
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "net/cert/cert_status_flags.h" | 5 #include "net/cert/cert_status_flags.h" |
6 | 6 |
7 #include "base/logging.h" | 7 #include "base/logging.h" |
8 #include "net/base/net_errors.h" | 8 #include "net/base/net_errors.h" |
9 | 9 |
10 namespace net { | 10 namespace net { |
11 | 11 |
12 bool IsCertStatusMinorError(CertStatus cert_status) { | 12 bool IsCertStatusMinorError(CertStatus cert_status) { |
davidben
2014/09/26 20:09:24
Given all the places that are now checking both, p
| |
13 static const CertStatus kMinorErrors = | 13 static const CertStatus kMinorErrors = |
14 CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | | 14 CERT_STATUS_UNABLE_TO_CHECK_REVOCATION | |
15 CERT_STATUS_NO_REVOCATION_MECHANISM; | 15 CERT_STATUS_NO_REVOCATION_MECHANISM | |
16 CERT_STATUS_DEPRECATED_SIGNATURE_ALGORITHM; | |
16 cert_status &= CERT_STATUS_ALL_ERRORS; | 17 cert_status &= CERT_STATUS_ALL_ERRORS; |
17 return cert_status != 0 && (cert_status & ~kMinorErrors) == 0; | 18 return cert_status != 0 && (cert_status & ~kMinorErrors) == 0; |
18 } | 19 } |
19 | 20 |
20 CertStatus MapNetErrorToCertStatus(int error) { | 21 CertStatus MapNetErrorToCertStatus(int error) { |
21 switch (error) { | 22 switch (error) { |
22 case ERR_CERT_COMMON_NAME_INVALID: | 23 case ERR_CERT_COMMON_NAME_INVALID: |
23 return CERT_STATUS_COMMON_NAME_INVALID; | 24 return CERT_STATUS_COMMON_NAME_INVALID; |
24 case ERR_CERT_DATE_INVALID: | 25 case ERR_CERT_DATE_INVALID: |
25 return CERT_STATUS_DATE_INVALID; | 26 return CERT_STATUS_DATE_INVALID; |
(...skipping 16 matching lines...) Expand all Loading... | |
42 case ERR_CERT_WEAK_SIGNATURE_ALGORITHM: | 43 case ERR_CERT_WEAK_SIGNATURE_ALGORITHM: |
43 return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; | 44 return CERT_STATUS_WEAK_SIGNATURE_ALGORITHM; |
44 case ERR_CERT_NON_UNIQUE_NAME: | 45 case ERR_CERT_NON_UNIQUE_NAME: |
45 return CERT_STATUS_NON_UNIQUE_NAME; | 46 return CERT_STATUS_NON_UNIQUE_NAME; |
46 case ERR_CERT_WEAK_KEY: | 47 case ERR_CERT_WEAK_KEY: |
47 return CERT_STATUS_WEAK_KEY; | 48 return CERT_STATUS_WEAK_KEY; |
48 case ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: | 49 case ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN: |
49 return CERT_STATUS_PINNED_KEY_MISSING; | 50 return CERT_STATUS_PINNED_KEY_MISSING; |
50 case ERR_CERT_NAME_CONSTRAINT_VIOLATION: | 51 case ERR_CERT_NAME_CONSTRAINT_VIOLATION: |
51 return CERT_STATUS_NAME_CONSTRAINT_VIOLATION; | 52 return CERT_STATUS_NAME_CONSTRAINT_VIOLATION; |
53 case ERR_CERT_DEPRECATED_SIGNATURE_ALGORITHM: | |
54 return CERT_STATUS_DEPRECATED_SIGNATURE_ALGORITHM; | |
52 default: | 55 default: |
53 return 0; | 56 return 0; |
54 } | 57 } |
55 } | 58 } |
56 | 59 |
57 int MapCertStatusToNetError(CertStatus cert_status) { | 60 int MapCertStatusToNetError(CertStatus cert_status) { |
58 // A certificate may have multiple errors. We report the most | 61 // A certificate may have multiple errors. We report the most |
59 // serious error. | 62 // serious error. |
60 | 63 |
61 // Unrecoverable errors | 64 // Unrecoverable errors |
(...skipping 18 matching lines...) Expand all Loading... | |
80 if (cert_status & CERT_STATUS_WEAK_KEY) | 83 if (cert_status & CERT_STATUS_WEAK_KEY) |
81 return ERR_CERT_WEAK_KEY; | 84 return ERR_CERT_WEAK_KEY; |
82 if (cert_status & CERT_STATUS_DATE_INVALID) | 85 if (cert_status & CERT_STATUS_DATE_INVALID) |
83 return ERR_CERT_DATE_INVALID; | 86 return ERR_CERT_DATE_INVALID; |
84 | 87 |
85 // Unknown status. Give it the benefit of the doubt. | 88 // Unknown status. Give it the benefit of the doubt. |
86 if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) | 89 if (cert_status & CERT_STATUS_UNABLE_TO_CHECK_REVOCATION) |
87 return ERR_CERT_UNABLE_TO_CHECK_REVOCATION; | 90 return ERR_CERT_UNABLE_TO_CHECK_REVOCATION; |
88 if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM) | 91 if (cert_status & CERT_STATUS_NO_REVOCATION_MECHANISM) |
89 return ERR_CERT_NO_REVOCATION_MECHANISM; | 92 return ERR_CERT_NO_REVOCATION_MECHANISM; |
93 if (cert_status & CERT_STATUS_DEPRECATED_SIGNATURE_ALGORITHM) | |
94 return ERR_CERT_DEPRECATED_SIGNATURE_ALGORITHM; | |
90 | 95 |
91 NOTREACHED(); | 96 NOTREACHED(); |
92 return ERR_UNEXPECTED; | 97 return ERR_UNEXPECTED; |
93 } | 98 } |
94 | 99 |
95 } // namespace net | 100 } // namespace net |
OLD | NEW |