/* * Path validation result enums * (C) 2013 Jack Lloyd * * Botan is released under the Simplified BSD License (see license.txt) */ #ifndef BOTAN_X509_PATH_RESULT_H_ #define BOTAN_X509_PATH_RESULT_H_ #include namespace Botan { /** * Certificate validation status code * Warning: reflect any changes to this in botan_cert_status_code in ffi.h */ enum class Certificate_Status_Code { OK = 0, VERIFIED = 0, // Revocation status OCSP_RESPONSE_GOOD = 1, OCSP_SIGNATURE_OK = 2, VALID_CRL_CHECKED = 3, OCSP_NO_HTTP = 4, // Warnings FIRST_WARNING_STATUS = 500, CERT_SERIAL_NEGATIVE = 500, DN_TOO_LONG = 501, OSCP_NO_REVOCATION_URL = 502, OSCP_SERVER_NOT_AVAILABLE = 503, // Errors FIRST_ERROR_STATUS = 1000, SIGNATURE_METHOD_TOO_WEAK = 1000, UNTRUSTED_HASH = 1001, NO_REVOCATION_DATA = 1002, NO_MATCHING_CRLDP = 1003, // Time problems CERT_NOT_YET_VALID = 2000, CERT_HAS_EXPIRED = 2001, OCSP_NOT_YET_VALID = 2002, OCSP_HAS_EXPIRED = 2003, CRL_NOT_YET_VALID = 2004, CRL_HAS_EXPIRED = 2005, // Chain generation problems CERT_ISSUER_NOT_FOUND = 3000, CANNOT_ESTABLISH_TRUST = 3001, CERT_CHAIN_LOOP = 3002, CHAIN_LACKS_TRUST_ROOT = 3003, CHAIN_NAME_MISMATCH = 3004, // Validation errors POLICY_ERROR = 4000, INVALID_USAGE = 4001, CERT_CHAIN_TOO_LONG = 4002, CA_CERT_NOT_FOR_CERT_ISSUER = 4003, NAME_CONSTRAINT_ERROR = 4004, // Revocation errors CA_CERT_NOT_FOR_CRL_ISSUER = 4005, OCSP_CERT_NOT_LISTED = 4006, OCSP_BAD_STATUS = 4007, // Other problems CERT_NAME_NOMATCH = 4008, UNKNOWN_CRITICAL_EXTENSION = 4009, DUPLICATE_CERT_EXTENSION = 4010, OCSP_SIGNATURE_ERROR = 4501, OCSP_ISSUER_NOT_FOUND = 4502, OCSP_RESPONSE_MISSING_KEYUSAGE = 4503, OCSP_RESPONSE_INVALID = 4504, EXT_IN_V1_V2_CERT = 4505, DUPLICATE_CERT_POLICY = 4506, // Hard failures CERT_IS_REVOKED = 5000, CRL_BAD_SIGNATURE = 5001, SIGNATURE_ERROR = 5002, CERT_PUBKEY_INVALID = 5003, SIGNATURE_ALGO_UNKNOWN = 5004, SIGNATURE_ALGO_BAD_PARAMS = 5005 }; /** * Convert a status code to a human readable diagnostic message * @param code the certifcate status * @return string literal constant, or nullptr if code unknown */ BOTAN_PUBLIC_API(2,0) const char* to_string(Certificate_Status_Code code); } #endif