/src/botan/src/lib/x509/cert_status.cpp

Source (jump to first uncovered line)
/*
* (C) 2016 Jack Lloyd
*
* Botan is released under the Simplified BSD License (see license.txt)
*/

#include <botan/pkix_enums.h>

namespace Botan {

const char* to_string(Certificate_Status_Code code)
   {
   switch(code)
      {
      case Certificate_Status_Code::VERIFIED:
         return "Verified";
      case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
         return "OCSP response accepted as affirming unrevoked status for certificate";
      case Certificate_Status_Code::OCSP_SIGNATURE_OK:
         return "Signature on OCSP response was found valid";
      case Certificate_Status_Code::VALID_CRL_CHECKED:
         return "Valid CRL examined";

      case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
         return "Certificate serial number is negative";
      case Certificate_Status_Code::DN_TOO_LONG:
         return "Distinguished name too long";
      case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
         return "OCSP URL not available";
      case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
         return "OCSP server not available";
      case Certificate_Status_Code::OCSP_ISSUER_NOT_TRUSTED:
         return "OCSP issuer is not trustworthy";

      case Certificate_Status_Code::NO_REVOCATION_DATA:
         return "No revocation data";
      case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
         return "Signature method too weak";
      case Certificate_Status_Code::UNTRUSTED_HASH:
         return "Hash function used is considered too weak for security";

      case Certificate_Status_Code::CERT_NOT_YET_VALID:
         return "Certificate is not yet valid";
      case Certificate_Status_Code::CERT_HAS_EXPIRED:
         return "Certificate has expired";
      case Certificate_Status_Code::OCSP_NOT_YET_VALID:
         return "OCSP is not yet valid";
      case Certificate_Status_Code::OCSP_HAS_EXPIRED:
         return "OCSP response has expired";
      case Certificate_Status_Code::OCSP_IS_TOO_OLD:
         return "OCSP response is too old";
      case Certificate_Status_Code::CRL_NOT_YET_VALID:
         return "CRL response is not yet valid";
      case Certificate_Status_Code::CRL_HAS_EXPIRED:
         return "CRL has expired";

      case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
         return "Certificate issuer not found";
      case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
         return "Cannot establish trust";
      case Certificate_Status_Code::CERT_CHAIN_LOOP:
         return "Loop in certificate chain";
      case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
         return "Certificate chain does not end in a CA certificate";
      case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
         return "Certificate issuer does not match subject of issuing cert";

      case Certificate_Status_Code::POLICY_ERROR:
         return "Certificate policy error";
      case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
         return "Certificate contains duplicate policy";
      case Certificate_Status_Code::INVALID_USAGE:
         return "Certificate does not allow the requested usage";
      case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
         return "Certificate chain too long";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
         return "CA certificate not allowed to issue certs";
      case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
         return "CA certificate not allowed to issue CRLs";
      case Certificate_Status_Code::NO_MATCHING_CRLDP:
         return "No CRL with matching distribution point for certificate";
      case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
         return "OCSP cert not listed";
      case Certificate_Status_Code::OCSP_BAD_STATUS:
         return "OCSP bad status";
      case Certificate_Status_Code::CERT_NAME_NOMATCH:
         return "Certificate does not match provided name";
      case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
         return "Certificate does not pass name constraint";
      case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
         return "Unknown critical extension encountered";
      case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
         return "Duplicate certificate extension encountered";
      case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
         return "Encountered extension in certificate with version that does not allow it";
      case Certificate_Status_Code::V2_IDENTIFIERS_IN_V1_CERT:
         return "Encountered v2 identifiers in v1 certificate";
      case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
         return "OCSP signature error";
      case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
         return "Unable to find certificate issusing OCSP response";
      case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
         return "OCSP issuer's keyusage prohibits OCSP";
      case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
         return "OCSP parsing valid";
      case Certificate_Status_Code::OCSP_NO_HTTP:
         return "OCSP requests not available, no HTTP support compiled in";
      case Certificate_Status_Code::CERT_IS_REVOKED:
         return "Certificate is revoked";
      case Certificate_Status_Code::CRL_BAD_SIGNATURE:
         return "CRL bad signature";
      case Certificate_Status_Code::SIGNATURE_ERROR:
         return "Signature error";
      case Certificate_Status_Code::CERT_PUBKEY_INVALID:
         return "Certificate public key invalid";
      case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
         return "Certificate signed with unknown/unavailable algorithm";
      case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
         return "Certificate signature has invalid parameters";

      // intentionally no default so we are warned if new enum values are added
      }

   return nullptr;
   }

}

Line	Count	Source (jump to first uncovered line)
1		/*
2		* (C) 2016 Jack Lloyd
3		*
4		* Botan is released under the Simplified BSD License (see license.txt)
5		*/
6
7		#include <botan/pkix_enums.h>
8
9		namespace Botan {
10
11		const char* to_string(Certificate_Status_Code code)
12	0	{
13	0	switch(code)
14	0	{
15	0	case Certificate_Status_Code::VERIFIED:
16	0	return "Verified";
17	0	case Certificate_Status_Code::OCSP_RESPONSE_GOOD:
18	0	return "OCSP response accepted as affirming unrevoked status for certificate";
19	0	case Certificate_Status_Code::OCSP_SIGNATURE_OK:
20	0	return "Signature on OCSP response was found valid";
21	0	case Certificate_Status_Code::VALID_CRL_CHECKED:
22	0	return "Valid CRL examined";
23
24	0	case Certificate_Status_Code::CERT_SERIAL_NEGATIVE:
25	0	return "Certificate serial number is negative";
26	0	case Certificate_Status_Code::DN_TOO_LONG:
27	0	return "Distinguished name too long";
28	0	case Certificate_Status_Code::OCSP_NO_REVOCATION_URL:
29	0	return "OCSP URL not available";
30	0	case Certificate_Status_Code::OCSP_SERVER_NOT_AVAILABLE:
31	0	return "OCSP server not available";
32	0	case Certificate_Status_Code::OCSP_ISSUER_NOT_TRUSTED:
33	0	return "OCSP issuer is not trustworthy";
34
35	0	case Certificate_Status_Code::NO_REVOCATION_DATA:
36	0	return "No revocation data";
37	0	case Certificate_Status_Code::SIGNATURE_METHOD_TOO_WEAK:
38	0	return "Signature method too weak";
39	0	case Certificate_Status_Code::UNTRUSTED_HASH:
40	0	return "Hash function used is considered too weak for security";
41
42	0	case Certificate_Status_Code::CERT_NOT_YET_VALID:
43	0	return "Certificate is not yet valid";
44	0	case Certificate_Status_Code::CERT_HAS_EXPIRED:
45	0	return "Certificate has expired";
46	0	case Certificate_Status_Code::OCSP_NOT_YET_VALID:
47	0	return "OCSP is not yet valid";
48	0	case Certificate_Status_Code::OCSP_HAS_EXPIRED:
49	0	return "OCSP response has expired";
50	0	case Certificate_Status_Code::OCSP_IS_TOO_OLD:
51	0	return "OCSP response is too old";
52	0	case Certificate_Status_Code::CRL_NOT_YET_VALID:
53	0	return "CRL response is not yet valid";
54	0	case Certificate_Status_Code::CRL_HAS_EXPIRED:
55	0	return "CRL has expired";
56
57	0	case Certificate_Status_Code::CERT_ISSUER_NOT_FOUND:
58	0	return "Certificate issuer not found";
59	0	case Certificate_Status_Code::CANNOT_ESTABLISH_TRUST:
60	0	return "Cannot establish trust";
61	0	case Certificate_Status_Code::CERT_CHAIN_LOOP:
62	0	return "Loop in certificate chain";
63	0	case Certificate_Status_Code::CHAIN_LACKS_TRUST_ROOT:
64	0	return "Certificate chain does not end in a CA certificate";
65	0	case Certificate_Status_Code::CHAIN_NAME_MISMATCH:
66	0	return "Certificate issuer does not match subject of issuing cert";
67
68	0	case Certificate_Status_Code::POLICY_ERROR:
69	0	return "Certificate policy error";
70	0	case Certificate_Status_Code::DUPLICATE_CERT_POLICY:
71	0	return "Certificate contains duplicate policy";
72	0	case Certificate_Status_Code::INVALID_USAGE:
73	0	return "Certificate does not allow the requested usage";
74	0	case Certificate_Status_Code::CERT_CHAIN_TOO_LONG:
75	0	return "Certificate chain too long";
76	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CERT_ISSUER:
77	0	return "CA certificate not allowed to issue certs";
78	0	case Certificate_Status_Code::CA_CERT_NOT_FOR_CRL_ISSUER:
79	0	return "CA certificate not allowed to issue CRLs";
80	0	case Certificate_Status_Code::NO_MATCHING_CRLDP:
81	0	return "No CRL with matching distribution point for certificate";
82	0	case Certificate_Status_Code::OCSP_CERT_NOT_LISTED:
83	0	return "OCSP cert not listed";
84	0	case Certificate_Status_Code::OCSP_BAD_STATUS:
85	0	return "OCSP bad status";
86	0	case Certificate_Status_Code::CERT_NAME_NOMATCH:
87	0	return "Certificate does not match provided name";
88	0	case Certificate_Status_Code::NAME_CONSTRAINT_ERROR:
89	0	return "Certificate does not pass name constraint";
90	0	case Certificate_Status_Code::UNKNOWN_CRITICAL_EXTENSION:
91	0	return "Unknown critical extension encountered";
92	0	case Certificate_Status_Code::DUPLICATE_CERT_EXTENSION:
93	0	return "Duplicate certificate extension encountered";
94	0	case Certificate_Status_Code::EXT_IN_V1_V2_CERT:
95	0	return "Encountered extension in certificate with version that does not allow it";
96	0	case Certificate_Status_Code::V2_IDENTIFIERS_IN_V1_CERT:
97	0	return "Encountered v2 identifiers in v1 certificate";
98	0	case Certificate_Status_Code::OCSP_SIGNATURE_ERROR:
99	0	return "OCSP signature error";
100	0	case Certificate_Status_Code::OCSP_ISSUER_NOT_FOUND:
101	0	return "Unable to find certificate issusing OCSP response";
102	0	case Certificate_Status_Code::OCSP_RESPONSE_MISSING_KEYUSAGE:
103	0	return "OCSP issuer's keyusage prohibits OCSP";
104	0	case Certificate_Status_Code::OCSP_RESPONSE_INVALID:
105	0	return "OCSP parsing valid";
106	0	case Certificate_Status_Code::OCSP_NO_HTTP:
107	0	return "OCSP requests not available, no HTTP support compiled in";
108	0	case Certificate_Status_Code::CERT_IS_REVOKED:
109	0	return "Certificate is revoked";
110	0	case Certificate_Status_Code::CRL_BAD_SIGNATURE:
111	0	return "CRL bad signature";
112	0	case Certificate_Status_Code::SIGNATURE_ERROR:
113	0	return "Signature error";
114	0	case Certificate_Status_Code::CERT_PUBKEY_INVALID:
115	0	return "Certificate public key invalid";
116	0	case Certificate_Status_Code::SIGNATURE_ALGO_UNKNOWN:
117	0	return "Certificate signed with unknown/unavailable algorithm";
118	0	case Certificate_Status_Code::SIGNATURE_ALGO_BAD_PARAMS:
119	0	return "Certificate signature has invalid parameters";
120
121		// intentionally no default so we are warned if new enum values are added
122	0	}
123
124	0	return nullptr;
125	0	}
126
127		}

Coverage Report

Created: 2023-01-25 06:35