1ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen// Copyright (c) 2011 The Chromium Authors. All rights reserved. 2c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// Use of this source code is governed by a BSD-style license that can be 3c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// found in the LICENSE file. 4c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 5c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#ifndef NET_BASE_SSL_INFO_H_ 6c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#define NET_BASE_SSL_INFO_H_ 73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once 8c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 9ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include <vector> 10ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 11ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "base/memory/ref_counted.h" 122557749644f9d25af9721533322db19197c49b49Kristian Monsen#include "net/base/net_export.h" 13ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen#include "net/base/x509_cert_types.h" 14c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 15c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scottnamespace net { 16c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 173345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrickclass X509Certificate; 183345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick 19c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// SSL connection info. 20c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott// This is really a struct. All members are public. 212557749644f9d25af9721533322db19197c49b49Kristian Monsenclass NET_EXPORT SSLInfo { 22c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott public: 233345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick SSLInfo(); 243345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick SSLInfo(const SSLInfo& info); 253345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick ~SSLInfo(); 263345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick SSLInfo& operator=(const SSLInfo& info); 27c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 283345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick void Reset(); 29c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 30c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott bool is_valid() const { return cert != NULL; } 31c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 32c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Adds the specified |error| to the cert status. 333345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick void SetCertError(int error); 34c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 35c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // The SSL certificate. 36c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott scoped_refptr<X509Certificate> cert; 37c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 38c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // Bitmask of status info of |cert|, representing, for example, known errors 39c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // and extended validation (EV) status. 40c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // See cert_status_flags.h for values. 41c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott int cert_status; 42c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 43c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // The security strength, in bits, of the SSL cipher suite. 44c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // 0 means the connection is not encrypted. 45c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott // -1 means the security strength is unknown. 46c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott int security_bits; 47c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 48c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // Information about the SSL connection itself. See 49513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch // ssl_connection_status_flags.h for values. The protocol version, 50513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch // ciphersuite, and compression in use are encoded within. 51c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch int connection_status; 52ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 53ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // If the certificate is valid, then this is true iff it was rooted at a 54ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // standard CA root. (As opposed to a user-installed root.) 55ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen bool is_issued_by_known_root; 56ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen 57ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen // The hashes of the SubjectPublicKeyInfos from each certificate in the chain. 58ddb351dbec246cf1fab5ec20d2d5520909041de1Kristian Monsen std::vector<SHA1Fingerprint> public_key_hashes; 59c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott}; 60c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 61c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott} // namespace net 62c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott 63c7f5f8508d98d5952d42ed7648c2a8f30a4da156Patrick Scott#endif // NET_BASE_SSL_INFO_H_ 64