1ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved.
2c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// Use of this source code is governed by a BSD-style license that can be
3c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// found in the LICENSE file.
4c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
5c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#ifndef NET_BASE_SSL_INFO_H_
6c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#define NET_BASE_SSL_INFO_H_
73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once
8c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
9ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include <vector>
10ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen
11ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/ref_counted.h"
122557749644f9d25af9721533322db19197c49b49Kristian Monsen#include "net/base/net_export.h"
13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "net/base/x509_cert_types.h"
14c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
15c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scottnamespace net {
16c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
173345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass X509Certificate;
183345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick
19c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// SSL connection info.
20c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// This is really a struct.  All members are public.
212557749644f9d25af9721533322db19197c49b49Kristian Monsenclass NET_EXPORT SSLInfo {
22c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott public:
233345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  SSLInfo();
243345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  SSLInfo(const SSLInfo& info);
253345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  ~SSLInfo();
263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  SSLInfo& operator=(const SSLInfo& info);
27c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
283345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  void Reset();
29c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
30c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  bool is_valid() const { return cert != NULL; }
31c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
32c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // Adds the specified |error| to the cert status.
333345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick  void SetCertError(int error);
34c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
35c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // The SSL certificate.
36c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  scoped_refptr<X509Certificate> cert;
37c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
38c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // Bitmask of status info of |cert|, representing, for example, known errors
39c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // and extended validation (EV) status.
40c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // See cert_status_flags.h for values.
41c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  int cert_status;
42c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
43c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // The security strength, in bits, of the SSL cipher suite.
44c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // 0 means the connection is not encrypted.
45c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  // -1 means the security strength is unknown.
46c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott  int security_bits;
47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch
48c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  // Information about the SSL connection itself. See
49513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch  // ssl_connection_status_flags.h for values. The protocol version,
50513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch  // ciphersuite, and compression in use are encoded within.
51c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch  int connection_status;
52ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen
53ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // If the certificate is valid, then this is true iff it was rooted at a
54ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // standard CA root. (As opposed to a user-installed root.)
55ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  bool is_issued_by_known_root;
56ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen
57ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  // The hashes of the SubjectPublicKeyInfos from each certificate in the chain.
58ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen  std::vector<SHA1Fingerprint> public_key_hashes;
59c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott};
60c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
61c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott}  // namespace net
62c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott
63c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#endif  // NET_BASE_SSL_INFO_H_
64