net/cert/cert_status_flags_list.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 // This is the list of CertStatus flags and their values.
   6 //
   7 // Defines the values using a macro CERT_STATUS_FLAG,
   8 // so it can be expanded differently in some places
   9
  10 // The possible status bits for CertStatus.
  11 // Bits 0 to 15 are for errors.
  12 CERT_STATUS_FLAG(COMMON_NAME_INVALID, 1 << 0)
  13 CERT_STATUS_FLAG(DATE_INVALID, 1 << 1)
  14 CERT_STATUS_FLAG(AUTHORITY_INVALID, 1 << 2)
  15 // 1 << 3 is reserved for ERR_CERT_CONTAINS_ERRORS (not useful with WinHTTP).
  16 CERT_STATUS_FLAG(NO_REVOCATION_MECHANISM, 1 << 4)
  17 CERT_STATUS_FLAG(UNABLE_TO_CHECK_REVOCATION, 1 << 5)
  18 CERT_STATUS_FLAG(REVOKED, 1 << 6)
  19 CERT_STATUS_FLAG(INVALID, 1 << 7)
  20 CERT_STATUS_FLAG(WEAK_SIGNATURE_ALGORITHM, 1 << 8)
  21 // 1 << 9 was used for CERT_STATUS_NOT_IN_DNS
  22 CERT_STATUS_FLAG(NON_UNIQUE_NAME, 1 << 10)
  23 CERT_STATUS_FLAG(WEAK_KEY, 1 << 11)
  24 // 1 << 12 was used for CERT_STATUS_WEAK_DH_KEY
  25 CERT_STATUS_FLAG(PINNED_KEY_MISSING, 1 << 13)
  26 CERT_STATUS_FLAG(NAME_CONSTRAINT_VIOLATION, 1 << 14)
  27 CERT_STATUS_FLAG(VALIDITY_TOO_LONG, 1 << 15)
  28
  29 // Bits 16 to 31 are for non-error statuses.
  30 CERT_STATUS_FLAG(IS_EV, 1 << 16)
  31 CERT_STATUS_FLAG(REV_CHECKING_ENABLED, 1 << 17)
  32 // Bit 18 was CERT_STATUS_IS_DNSSEC
  33 CERT_STATUS_FLAG(SHA1_SIGNATURE_PRESENT, 1 << 19)