/src/botan/src/lib/x509/cert_status.cpp

Source (jump to first uncovered line)
/*
* (C) 2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/cert_status.h>

namespace Botan {

//static
const char* to_string(Certificate_Status_Code code)
   {
   switch(code)
      {
      case Certificate_Status_Code::VERIFIED:
         return "Verified";
      case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
         return "OCSP response accepted as affirming unrevoked status for certificate";
      case Certificate_Status_Code::OCSP_SIGNATURE_OK:
         return "Signature on OCSP response was found valid";
      case Certificate_Status_Code::VALID_CRL_CHECKED:
         return "Valid CRL examined";

      case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
         return "Certificate serial number is negative";
      case Certificate_Status_Code::DN_TOO_LONG:
         return "Distinguished name too long";
      case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
         return "OCSP URL not available";
      case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
         return "OCSP server not available";

      case Certificate_Status_Code::NO_REVOCATION_DATA:
         return "No revocation data";
      case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
         return "Signature method too weak";
      case Certificate_Status_Code::UNTRUSTED_HASH:
         return "Hash function used is considered too weak for security";

      case Certificate_Status_Code::CERT_NOT_YET_VALID:
         return "Certificate is not yet valid";
      case Certificate_Status_Code::CERT_HAS_EXPIRED:
         return "Certificate has expired";
      case Certificate_Status_Code::OCSP_NOT_YET_VALID:
         return "OCSP is not yet valid";
      case Certificate_Status_Code::OCSP_HAS_EXPIRED:
         return "OCSP response has expired";
      case Certificate_Status_Code::OCSP_IS_TOO_OLD:
         return "OCSP response is too old";
      case Certificate_Status_Code::CRL_NOT_YET_VALID:
         return "CRL response is not yet valid";
      case Certificate_Status_Code::CRL_HAS_EXPIRED:
         return "CRL has expired";

      case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
         return "Certificate issuer not found";
      case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
         return "Cannot establish trust";
      case Certificate_Status_Code::CERT_CHAIN_LOOP:
         return "Loop in certificate chain";
      case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
         return "Certificate chain does not end in a CA certificate";
      case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
         return "Certificate issuer does not match subject of issuing cert";

      case Certificate_Status_Code::POLICY_ERROR:
         return "Certificate policy error";
      case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
         return "Certificate contains duplicate policy";
      case Certificate_Status_Code::INVALID_USAGE:
         return "Certificate does not allow the requested usage";
      case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
         return "Certificate chain too long";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
         return "CA certificate not allowed to issue certs";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
         return "CA certificate not allowed to issue CRLs";
      case Certificate_Status_Code::NO_MATCHING_CRLDP:
         return "No CRL with matching distribution point for certificate";
      case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
         return "OCSP cert not listed";
      case Certificate_Status_Code::OCSP_BAD_STATUS:
         return "OCSP bad status";
      case Certificate_Status_Code::CERT_NAME_NOMATCH:
         return "Certificate does not match provided name";
      case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
         return "Certificate does not pass name constraint";
      case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
         return "Unknown critical extension encountered";
      case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
         return "Duplicate certificate extension encountered";
      case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
         return "Encountered extension in certificate with version < 3";
      case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
         return "OCSP signature error";
      case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
         return "Unable to find certificate issusing OCSP response";
      case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
         return "OCSP issuer's keyusage prohibits OCSP";
      case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
         return "OCSP parsing valid";
      case Certificate_Status_Code::OCSP_NO_HTTP:
         return "OCSP requests not available, no HTTP support compiled in";
      case Certificate_Status_Code::CERT_IS_REVOKED:
         return "Certificate is revoked";
      case Certificate_Status_Code::CRL_BAD_SIGNATURE:
         return "CRL bad signature";
      case Certificate_Status_Code::SIGNATURE_ERROR:
         return "Signature error";
      case Certificate_Status_Code::CERT_PUBKEY_INVALID:
         return "Certificate public key invalid";
      case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
         return "Certificate signed with unknown/unavailable algorithm";
      case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
         return "Certificate signature has invalid parameters";

      // intentionally no default so we are warned if new enum values are added
      }

   return nullptr;
   }

}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2016 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include <botan/cert_status.h>
8
9		namespace Botan {
10
11		//static
12		const char* to_string(Certificate_Status_Code code)
13	626	{
14	626	switch(code)
15	626	{
16	0	case Certificate_Status_Code::VERIFIED:
17	0	return "Verified";
18	0	case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
19	0	return "OCSP response accepted as affirming unrevoked status for certificate";
20	0	case Certificate_Status_Code::OCSP_SIGNATURE_OK:
21	0	return "Signature on OCSP response was found valid";
22	0	case Certificate_Status_Code::VALID_CRL_CHECKED:
23	0	return "Valid CRL examined";
24	0
25	0	case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
26	0	return "Certificate serial number is negative";
27	0	case Certificate_Status_Code::DN_TOO_LONG:
28	0	return "Distinguished name too long";
29	0	case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
30	0	return "OCSP URL not available";
31	0	case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
32	0	return "OCSP server not available";
33	0
34	0	case Certificate_Status_Code::NO_REVOCATION_DATA:
35	0	return "No revocation data";
36	0	case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
37	0	return "Signature method too weak";
38	0	case Certificate_Status_Code::UNTRUSTED_HASH:
39	0	return "Hash function used is considered too weak for security";
40	0
41	0	case Certificate_Status_Code::CERT_NOT_YET_VALID:
42	0	return "Certificate is not yet valid";
43	0	case Certificate_Status_Code::CERT_HAS_EXPIRED:
44	0	return "Certificate has expired";
45	0	case Certificate_Status_Code::OCSP_NOT_YET_VALID:
46	0	return "OCSP is not yet valid";
47	0	case Certificate_Status_Code::OCSP_HAS_EXPIRED:
48	0	return "OCSP response has expired";
49	0	case Certificate_Status_Code::OCSP_IS_TOO_OLD:
50	0	return "OCSP response is too old";
51	0	case Certificate_Status_Code::CRL_NOT_YET_VALID:
52	0	return "CRL response is not yet valid";
53	0	case Certificate_Status_Code::CRL_HAS_EXPIRED:
54	0	return "CRL has expired";
55	0
56	537	case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
57	537	return "Certificate issuer not found";
58	13	case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
59	13	return "Cannot establish trust";
60	76	case Certificate_Status_Code::CERT_CHAIN_LOOP:
61	76	return "Loop in certificate chain";
62	0	case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
63	0	return "Certificate chain does not end in a CA certificate";
64	0	case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
65	0	return "Certificate issuer does not match subject of issuing cert";
66	0
67	0	case Certificate_Status_Code::POLICY_ERROR:
68	0	return "Certificate policy error";
69	0	case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
70	0	return "Certificate contains duplicate policy";
71	0	case Certificate_Status_Code::INVALID_USAGE:
72	0	return "Certificate does not allow the requested usage";
73	0	case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
74	0	return "Certificate chain too long";
75	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
76	0	return "CA certificate not allowed to issue certs";
77	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
78	0	return "CA certificate not allowed to issue CRLs";
79	0	case Certificate_Status_Code::NO_MATCHING_CRLDP:
80	0	return "No CRL with matching distribution point for certificate";
81	0	case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
82	0	return "OCSP cert not listed";
83	0	case Certificate_Status_Code::OCSP_BAD_STATUS:
84	0	return "OCSP bad status";
85	0	case Certificate_Status_Code::CERT_NAME_NOMATCH:
86	0	return "Certificate does not match provided name";
87	0	case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
88	0	return "Certificate does not pass name constraint";
89	0	case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
90	0	return "Unknown critical extension encountered";
91	0	case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
92	0	return "Duplicate certificate extension encountered";
93	0	case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
94	0	return "Encountered extension in certificate with version < 3";
95	0	case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
96	0	return "OCSP signature error";
97	0	case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
98	0	return "Unable to find certificate issusing OCSP response";
99	0	case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
100	0	return "OCSP issuer's keyusage prohibits OCSP";
101	0	case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
102	0	return "OCSP parsing valid";
103	0	case Certificate_Status_Code::OCSP_NO_HTTP:
104	0	return "OCSP requests not available, no HTTP support compiled in";
105	0	case Certificate_Status_Code::CERT_IS_REVOKED:
106	0	return "Certificate is revoked";
107	0	case Certificate_Status_Code::CRL_BAD_SIGNATURE:
108	0	return "CRL bad signature";
109	0	case Certificate_Status_Code::SIGNATURE_ERROR:
110	0	return "Signature error";
111	0	case Certificate_Status_Code::CERT_PUBKEY_INVALID:
112	0	return "Certificate public key invalid";
113	0	case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
114	0	return "Certificate signed with unknown/unavailable algorithm";
115	0	case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
116	0	return "Certificate signature has invalid parameters";
117	0
118	0	// intentionally no default so we are warned if new enum values are added
119	0	}
120	0
121	0	return nullptr;
122	0	}
123
124		}

Coverage Report

Created: 2020-05-23 13:54