ssl_info.h revision 868fa2fe829687343ffae624259930155e16dbd8
15821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Copyright (c) 2012 The Chromium Authors. All rights reserved. 25821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// Use of this source code is governed by a BSD-style license that can be 35821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// found in the LICENSE file. 45821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 52a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#ifndef NET_SSL_SSL_INFO_H_ 62a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#define NET_SSL_SSL_INFO_H_ 75821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 85821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include <vector> 95821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 105821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "base/memory/ref_counted.h" 115821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)#include "net/base/net_export.h" 12c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/cert_status_flags.h" 13c2e0dbddbe15c98d52c4786dac06cb8952a8ae6dTorne (Richard Coles)#include "net/cert/x509_cert_types.h" 145821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 155821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)namespace net { 165821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 175821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class X509Certificate; 185821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 195821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// SSL connection info. 205821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)// This is really a struct. All members are public. 215821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)class NET_EXPORT SSLInfo { 225821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) public: 235821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // HandshakeType enumerates the possible resumption cases after an SSL 245821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // handshake. 255821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) enum HandshakeType { 265821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) HANDSHAKE_UNKNOWN = 0, 275821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) HANDSHAKE_RESUME, // we resumed a previous session. 285821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) HANDSHAKE_FULL, // we negotiated a new session. 295821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) }; 305821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 315821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLInfo(); 325821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLInfo(const SSLInfo& info); 335821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) ~SSLInfo(); 345821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) SSLInfo& operator=(const SSLInfo& info); 355821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 365821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void Reset(); 375821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 38868fa2fe829687343ffae624259930155e16dbd8Torne (Richard Coles) bool is_valid() const { return cert.get() != NULL; } 395821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 405821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Adds the specified |error| to the cert status. 415821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) void SetCertError(int error); 425821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 435821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The SSL certificate. 445821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) scoped_refptr<X509Certificate> cert; 455821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 465821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Bitmask of status info of |cert|, representing, for example, known errors 475821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // and extended validation (EV) status. 485821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // See cert_status_flags.h for values. 495821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) CertStatus cert_status; 505821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 515821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The security strength, in bits, of the SSL cipher suite. 525821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // 0 means the connection is not encrypted. 535821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // -1 means the security strength is unknown. 545821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int security_bits; 555821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 565821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // Information about the SSL connection itself. See 575821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ssl_connection_status_flags.h for values. The protocol version, 585821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // ciphersuite, and compression in use are encoded within. 595821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) int connection_status; 605821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 615821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // If the certificate is valid, then this is true iff it was rooted at a 625821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // standard CA root. (As opposed to a user-installed root.) 635821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool is_issued_by_known_root; 645821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 655821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // True if a client certificate was sent to the server. Note that sending 665821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // a Certificate message with no client certificate in it does not count. 675821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool client_cert_sent; 685821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 695821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // True if a channel ID was sent to the server. 705821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) bool channel_id_sent; 715821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 725821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) HandshakeType handshake_type; 735821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 745821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // The hashes, in several algorithms, of the SubjectPublicKeyInfos from 755821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) // each certificate in the chain. 765821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) HashValueVector public_key_hashes; 775821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)}; 785821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 795821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles)} // namespace net 805821806d5e7f356e8fa4b058a389a808ea183019Torne (Richard Coles) 812a99a7e74a7f215066514fe81d2bfa6639d9edddTorne (Richard Coles)#endif // NET_SSL_SSL_INFO_H_ 82