/src/botan/src/lib/x509/cert_status.cpp

Source (jump to first uncovered line)
/*
* (C) 2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/pkix_enums.h>

namespace Botan {

const char* to_string(Certificate_Status_Code code)
   {
   switch(code)
      {
      case Certificate_Status_Code::VERIFIED:
         return "Verified";
      case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
         return "OCSP response accepted as affirming unrevoked status for certificate";
      case Certificate_Status_Code::OCSP_SIGNATURE_OK:
         return "Signature on OCSP response was found valid";
      case Certificate_Status_Code::VALID_CRL_CHECKED:
         return "Valid CRL examined";

      case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
         return "Certificate serial number is negative";
      case Certificate_Status_Code::DN_TOO_LONG:
         return "Distinguished name too long";
      case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
         return "OCSP URL not available";
      case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
         return "OCSP server not available";

      case Certificate_Status_Code::NO_REVOCATION_DATA:
         return "No revocation data";
      case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
         return "Signature method too weak";
      case Certificate_Status_Code::UNTRUSTED_HASH:
         return "Hash function used is considered too weak for security";

      case Certificate_Status_Code::CERT_NOT_YET_VALID:
         return "Certificate is not yet valid";
      case Certificate_Status_Code::CERT_HAS_EXPIRED:
         return "Certificate has expired";
      case Certificate_Status_Code::OCSP_NOT_YET_VALID:
         return "OCSP is not yet valid";
      case Certificate_Status_Code::OCSP_HAS_EXPIRED:
         return "OCSP response has expired";
      case Certificate_Status_Code::OCSP_IS_TOO_OLD:
         return "OCSP response is too old";
      case Certificate_Status_Code::CRL_NOT_YET_VALID:
         return "CRL response is not yet valid";
      case Certificate_Status_Code::CRL_HAS_EXPIRED:
         return "CRL has expired";

      case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
         return "Certificate issuer not found";
      case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
         return "Cannot establish trust";
      case Certificate_Status_Code::CERT_CHAIN_LOOP:
         return "Loop in certificate chain";
      case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
         return "Certificate chain does not end in a CA certificate";
      case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
         return "Certificate issuer does not match subject of issuing cert";

      case Certificate_Status_Code::POLICY_ERROR:
         return "Certificate policy error";
      case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
         return "Certificate contains duplicate policy";
      case Certificate_Status_Code::INVALID_USAGE:
         return "Certificate does not allow the requested usage";
      case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
         return "Certificate chain too long";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
         return "CA certificate not allowed to issue certs";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
         return "CA certificate not allowed to issue CRLs";
      case Certificate_Status_Code::NO_MATCHING_CRLDP:
         return "No CRL with matching distribution point for certificate";
      case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
         return "OCSP cert not listed";
      case Certificate_Status_Code::OCSP_BAD_STATUS:
         return "OCSP bad status";
      case Certificate_Status_Code::CERT_NAME_NOMATCH:
         return "Certificate does not match provided name";
      case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
         return "Certificate does not pass name constraint";
      case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
         return "Unknown critical extension encountered";
      case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
         return "Duplicate certificate extension encountered";
      case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
         return "Encountered extension in certificate with version that does not allow it";
      case Certificate_Status_Code::V2_IDENTIFIERS_IN_V1_CERT:
         return "Encountered v2 identifiers in v1 certificate";
      case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
         return "OCSP signature error";
      case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
         return "Unable to find certificate issusing OCSP response";
      case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
         return "OCSP issuer's keyusage prohibits OCSP";
      case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
         return "OCSP parsing valid";
      case Certificate_Status_Code::OCSP_NO_HTTP:
         return "OCSP requests not available, no HTTP support compiled in";
      case Certificate_Status_Code::CERT_IS_REVOKED:
         return "Certificate is revoked";
      case Certificate_Status_Code::CRL_BAD_SIGNATURE:
         return "CRL bad signature";
      case Certificate_Status_Code::SIGNATURE_ERROR:
         return "Signature error";
      case Certificate_Status_Code::CERT_PUBKEY_INVALID:
         return "Certificate public key invalid";
      case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
         return "Certificate signed with unknown/unavailable algorithm";
      case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
         return "Certificate signature has invalid parameters";

      // intentionally no default so we are warned if new enum values are added
      }

   return nullptr;
   }

}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2016 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include <botan/pkix_enums.h>
8
9		namespace Botan {
10
11		const char* to_string(Certificate_Status_Code code)
12	0	{
13	0	switch(code)
14	0	{
15	0	case Certificate_Status_Code::VERIFIED:
16	0	return "Verified";
17	0	case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
18	0	return "OCSP response accepted as affirming unrevoked status for certificate";
19	0	case Certificate_Status_Code::OCSP_SIGNATURE_OK:
20	0	return "Signature on OCSP response was found valid";
21	0	case Certificate_Status_Code::VALID_CRL_CHECKED:
22	0	return "Valid CRL examined";
23
24	0	case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
25	0	return "Certificate serial number is negative";
26	0	case Certificate_Status_Code::DN_TOO_LONG:
27	0	return "Distinguished name too long";
28	0	case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
29	0	return "OCSP URL not available";
30	0	case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
31	0	return "OCSP server not available";
32
33	0	case Certificate_Status_Code::NO_REVOCATION_DATA:
34	0	return "No revocation data";
35	0	case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
36	0	return "Signature method too weak";
37	0	case Certificate_Status_Code::UNTRUSTED_HASH:
38	0	return "Hash function used is considered too weak for security";
39
40	0	case Certificate_Status_Code::CERT_NOT_YET_VALID:
41	0	return "Certificate is not yet valid";
42	0	case Certificate_Status_Code::CERT_HAS_EXPIRED:
43	0	return "Certificate has expired";
44	0	case Certificate_Status_Code::OCSP_NOT_YET_VALID:
45	0	return "OCSP is not yet valid";
46	0	case Certificate_Status_Code::OCSP_HAS_EXPIRED:
47	0	return "OCSP response has expired";
48	0	case Certificate_Status_Code::OCSP_IS_TOO_OLD:
49	0	return "OCSP response is too old";
50	0	case Certificate_Status_Code::CRL_NOT_YET_VALID:
51	0	return "CRL response is not yet valid";
52	0	case Certificate_Status_Code::CRL_HAS_EXPIRED:
53	0	return "CRL has expired";
54
55	0	case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
56	0	return "Certificate issuer not found";
57	0	case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
58	0	return "Cannot establish trust";
59	0	case Certificate_Status_Code::CERT_CHAIN_LOOP:
60	0	return "Loop in certificate chain";
61	0	case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
62	0	return "Certificate chain does not end in a CA certificate";
63	0	case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
64	0	return "Certificate issuer does not match subject of issuing cert";
65
66	0	case Certificate_Status_Code::POLICY_ERROR:
67	0	return "Certificate policy error";
68	0	case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
69	0	return "Certificate contains duplicate policy";
70	0	case Certificate_Status_Code::INVALID_USAGE:
71	0	return "Certificate does not allow the requested usage";
72	0	case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
73	0	return "Certificate chain too long";
74	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
75	0	return "CA certificate not allowed to issue certs";
76	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
77	0	return "CA certificate not allowed to issue CRLs";
78	0	case Certificate_Status_Code::NO_MATCHING_CRLDP:
79	0	return "No CRL with matching distribution point for certificate";
80	0	case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
81	0	return "OCSP cert not listed";
82	0	case Certificate_Status_Code::OCSP_BAD_STATUS:
83	0	return "OCSP bad status";
84	0	case Certificate_Status_Code::CERT_NAME_NOMATCH:
85	0	return "Certificate does not match provided name";
86	0	case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
87	0	return "Certificate does not pass name constraint";
88	0	case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
89	0	return "Unknown critical extension encountered";
90	0	case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
91	0	return "Duplicate certificate extension encountered";
92	0	case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
93	0	return "Encountered extension in certificate with version that does not allow it";
94	0	case Certificate_Status_Code::V2_IDENTIFIERS_IN_V1_CERT:
95	0	return "Encountered v2 identifiers in v1 certificate";
96	0	case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
97	0	return "OCSP signature error";
98	0	case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
99	0	return "Unable to find certificate issusing OCSP response";
100	0	case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
101	0	return "OCSP issuer's keyusage prohibits OCSP";
102	0	case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
103	0	return "OCSP parsing valid";
104	0	case Certificate_Status_Code::OCSP_NO_HTTP:
105	0	return "OCSP requests not available, no HTTP support compiled in";
106	0	case Certificate_Status_Code::CERT_IS_REVOKED:
107	0	return "Certificate is revoked";
108	0	case Certificate_Status_Code::CRL_BAD_SIGNATURE:
109	0	return "CRL bad signature";
110	0	case Certificate_Status_Code::SIGNATURE_ERROR:
111	0	return "Signature error";
112	0	case Certificate_Status_Code::CERT_PUBKEY_INVALID:
113	0	return "Certificate public key invalid";
114	0	case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
115	0	return "Certificate signed with unknown/unavailable algorithm";
116	0	case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
117	0	return "Certificate signature has invalid parameters";
118
119		// intentionally no default so we are warned if new enum values are added
120	0	}
121
122	0	return nullptr;
123	0	}
124
125		}

Coverage Report

Created: 2021-06-10 10:30