esp-idf/components/openssl/include/internal/x509_vfy.h

// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at

//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

#ifndef _X509_VFY_H_
#define _X509_VFY_H_

#ifdef __cplusplus
 extern "C" {
#endif

#define         X509_V_OK                                       0
#define         X509_V_ERR_UNSPECIFIED                          1
#define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT            2
#define         X509_V_ERR_UNABLE_TO_GET_CRL                    3
#define         X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE     4
#define         X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE      5
#define         X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY   6
#define         X509_V_ERR_CERT_SIGNATURE_FAILURE               7
#define         X509_V_ERR_CRL_SIGNATURE_FAILURE                8
#define         X509_V_ERR_CERT_NOT_YET_VALID                   9
#define         X509_V_ERR_CERT_HAS_EXPIRED                     10
#define         X509_V_ERR_CRL_NOT_YET_VALID                    11
#define         X509_V_ERR_CRL_HAS_EXPIRED                      12
#define         X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD       13
#define         X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD        14
#define         X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD       15
#define         X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD       16
#define         X509_V_ERR_OUT_OF_MEM                           17
#define         X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT          18
#define         X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN            19
#define         X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY    20
#define         X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE      21
#define         X509_V_ERR_CERT_CHAIN_TOO_LONG                  22
#define         X509_V_ERR_CERT_REVOKED                         23
#define         X509_V_ERR_INVALID_CA                           24
#define         X509_V_ERR_PATH_LENGTH_EXCEEDED                 25
#define         X509_V_ERR_INVALID_PURPOSE                      26
#define         X509_V_ERR_CERT_UNTRUSTED                       27
#define         X509_V_ERR_CERT_REJECTED                        28
/* These are 'informational' when looking for issuer cert */
#define         X509_V_ERR_SUBJECT_ISSUER_MISMATCH              29
#define         X509_V_ERR_AKID_SKID_MISMATCH                   30
#define         X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH          31
#define         X509_V_ERR_KEYUSAGE_NO_CERTSIGN                 32
#define         X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER             33
#define         X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION         34
#define         X509_V_ERR_KEYUSAGE_NO_CRL_SIGN                 35
#define         X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION     36
#define         X509_V_ERR_INVALID_NON_CA                       37
#define         X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED           38
#define         X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE        39
#define         X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED       40
#define         X509_V_ERR_INVALID_EXTENSION                    41
#define         X509_V_ERR_INVALID_POLICY_EXTENSION             42
#define         X509_V_ERR_NO_EXPLICIT_POLICY                   43
#define         X509_V_ERR_DIFFERENT_CRL_SCOPE                  44
#define         X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE        45
#define         X509_V_ERR_UNNESTED_RESOURCE                    46
#define         X509_V_ERR_PERMITTED_VIOLATION                  47
#define         X509_V_ERR_EXCLUDED_VIOLATION                   48
#define         X509_V_ERR_SUBTREE_MINMAX                       49
/* The application is not happy */
#define         X509_V_ERR_APPLICATION_VERIFICATION             50
#define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE          51
#define         X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX        52
#define         X509_V_ERR_UNSUPPORTED_NAME_SYNTAX              53
#define         X509_V_ERR_CRL_PATH_VALIDATION_ERROR            54
/* Another issuer check debug option */
#define         X509_V_ERR_PATH_LOOP                            55
/* Suite B mode algorithm violation */
#define         X509_V_ERR_SUITE_B_INVALID_VERSION              56
#define         X509_V_ERR_SUITE_B_INVALID_ALGORITHM            57
#define         X509_V_ERR_SUITE_B_INVALID_CURVE                58
#define         X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM  59
#define         X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED              60
#define         X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256 61
/* Host, email and IP check errors */
#define         X509_V_ERR_HOSTNAME_MISMATCH                    62
#define         X509_V_ERR_EMAIL_MISMATCH                       63
#define         X509_V_ERR_IP_ADDRESS_MISMATCH                  64
/* DANE TLSA errors */
#define         X509_V_ERR_DANE_NO_MATCH                        65
/* security level errors */
#define         X509_V_ERR_EE_KEY_TOO_SMALL                     66
#define         X509_V_ERR_CA_KEY_TOO_SMALL                     67
#define         X509_V_ERR_CA_MD_TOO_WEAK                       68
/* Caller error */
#define         X509_V_ERR_INVALID_CALL                         69
/* Issuer lookup error */
#define         X509_V_ERR_STORE_LOOKUP                         70
/* Certificate transparency */
#define         X509_V_ERR_NO_VALID_SCTS                        71

#define         X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION         72

#ifdef __cplusplus
}
#endif

#endif