1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 // This is the list of CertStatus flags and their values.
7 // Defines the values using a macro CERT_STATUS_FLAG,
8 // so it can be expanded differently in some places
10 // The possible status bits for CertStatus.
11 // Bits 0 to 15 are for errors.
12 CERT_STATUS_FLAG(COMMON_NAME_INVALID
, 1 << 0)
13 CERT_STATUS_FLAG(DATE_INVALID
, 1 << 1)
14 CERT_STATUS_FLAG(AUTHORITY_INVALID
, 1 << 2)
15 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP).
16 CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM
, 1 << 4)
17 CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION
, 1 << 5)
18 CERT_STATUS_FLAG(REVOKED
, 1 << 6)
19 CERT_STATUS_FLAG(INVALID
, 1 << 7)
20 CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM
, 1 << 8)
21 // 1 << 9 was used for CERT_STATUS_NOT_IN_DNS
22 CERT_STATUS_FLAG(NON_UNIQUE_NAME
, 1 << 10)
23 CERT_STATUS_FLAG(WEAK_KEY
, 1 << 11)
24 // 1 << 12 was used for CERT_STATUS_WEAK_DH_KEY
25 CERT_STATUS_FLAG(PINNED_KEY_MISSING
, 1 << 13)
26 CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION
, 1 << 14)
27 CERT_STATUS_FLAG(VALIDITY_TOO_LONG
, 1 << 15)
29 // Bits 16 to 31 are for non-error statuses.
30 CERT_STATUS_FLAG(IS_EV
, 1 << 16)
31 CERT_STATUS_FLAG(REV_CHECKING_ENABLED
, 1 << 17)
32 // Bit 18 was CERT_STATUS_IS_DNSSEC
33 CERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT
, 1 << 19)
34 CERT_STATUS_FLAG(CT_COMPLIANCE_FAILED
, 1 << 20)