1c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Copyright (c) 2010 The Chromium Authors. All rights reserved. 2c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Use of this source code is governed by a BSD-style license that can be 3c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// found in the LICENSE file. 4c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 5c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#ifndef NET_BASE_SSL_CONNECTION_STATUS_FLAGS_H_ 6c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#define NET_BASE_SSL_CONNECTION_STATUS_FLAGS_H_ 73345a6884c488ff3a535c2c9acdd33d74b37e311Iain Merrick#pragma once 8c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 9c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochnamespace net { 10c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 11c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch// Status flags for SSLInfo::connection_status. 12c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochenum { 13c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The lower 16 bits are reserved for the TLS ciphersuite id. 14c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_CIPHERSUITE_SHIFT = 0, 15c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_CIPHERSUITE_MASK = 0xffff, 16c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 17c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The next two bits are reserved for the compression used. 18c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_COMPRESSION_SHIFT = 16, 19c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_COMPRESSION_MASK = 3, 20c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 21c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // We fell back to SSLv3 for this connection. 22c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_SSL3_FALLBACK = 1 << 18, 23c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 24c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // The server doesn't support the renegotiation_info extension. If this bit 25c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // is not set then either the extension isn't supported, or we don't have any 26c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // knowledge either way. (The latter case will occur when we use an SSL 27c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // library that doesn't report it, like SChannel.) 28c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION = 1 << 19, 29c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 30513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch // The next three bits are reserved for the SSL version. 31513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_SHIFT = 20, 32513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_MASK = 7, 33513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 34c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // 1 << 31 (the sign bit) is reserved so that the SSL connection status will 35c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch // never be negative. 36c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch}; 37c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 38513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch// NOTE: the SSL version enum constants must be between 0 and 39513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch// SSL_CONNECTION_VERSION_MASK, inclusive. 40513209b27ff55e2841eac0e4120199c23acce758Ben Murdochenum { 41513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_UNKNOWN = 0, // Unknown SSL version. 42513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_SSL2 = 1, 43513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_SSL3 = 2, 44513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_TLS1 = 3, 45513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_TLS1_1 = 4, 46513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_TLS1_2 = 5, 47513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_MAX, 48513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch}; 49513209b27ff55e2841eac0e4120199c23acce758Ben MurdochCOMPILE_ASSERT(SSL_CONNECTION_VERSION_MAX - 1 <= SSL_CONNECTION_VERSION_MASK, 50513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_MASK_too_small); 51513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 52c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochinline int SSLConnectionStatusToCipherSuite(int connection_status) { 53c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return (connection_status >> SSL_CONNECTION_CIPHERSUITE_SHIFT) & 54c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_CIPHERSUITE_MASK; 55c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 56c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 57c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdochinline int SSLConnectionStatusToCompression(int connection_status) { 58c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch return (connection_status >> SSL_CONNECTION_COMPRESSION_SHIFT) & 59c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch SSL_CONNECTION_COMPRESSION_MASK; 60c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} 61c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 62513209b27ff55e2841eac0e4120199c23acce758Ben Murdochinline int SSLConnectionStatusToVersion(int connection_status) { 63513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch return (connection_status >> SSL_CONNECTION_VERSION_SHIFT) & 64513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch SSL_CONNECTION_VERSION_MASK; 65513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch} 66513209b27ff55e2841eac0e4120199c23acce758Ben Murdoch 67c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch} // namespace net 68c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch 69c407dc5cd9bdc5668497f21b26b09d988ab439deBen Murdoch#endif // NET_BASE_SSL_CONNECTION_STATUS_FLAGS_H_ 70