ssl_info.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd 
1// Copyright (c) 2012 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef NET_SSL_SSL_INFO_H_
6#define NET_SSL_SSL_INFO_H_
7
8#include <vector>
9
10#include "base/memory/ref_counted.h"
11#include "net/base/cert_status_flags.h"
12#include "net/base/net_export.h"
13#include "net/base/x509_cert_types.h"
14
15namespace net {
16
17class X509Certificate;
18
19// SSL connection info.
20// This is really a struct.  All members are public.
21class NET_EXPORT SSLInfo {
22 public:
23  // HandshakeType enumerates the possible resumption cases after an SSL
24  // handshake.
25  enum HandshakeType {
26    HANDSHAKE_UNKNOWN = 0,
27    HANDSHAKE_RESUME,  // we resumed a previous session.
28    HANDSHAKE_FULL,  // we negotiated a new session.
29  };
30
31  SSLInfo();
32  SSLInfo(const SSLInfo& info);
33  ~SSLInfo();
34  SSLInfo& operator=(const SSLInfo& info);
35
36  void Reset();
37
38  bool is_valid() const { return cert != NULL; }
39
40  // Adds the specified |error| to the cert status.
41  void SetCertError(int error);
42
43  // The SSL certificate.
44  scoped_refptr<X509Certificate> cert;
45
46  // Bitmask of status info of |cert|, representing, for example, known errors
47  // and extended validation (EV) status.
48  // See cert_status_flags.h for values.
49  CertStatus cert_status;
50
51  // The security strength, in bits, of the SSL cipher suite.
52  // 0 means the connection is not encrypted.
53  // -1 means the security strength is unknown.
54  int security_bits;
55
56  // Information about the SSL connection itself. See
57  // ssl_connection_status_flags.h for values. The protocol version,
58  // ciphersuite, and compression in use are encoded within.
59  int connection_status;
60
61  // If the certificate is valid, then this is true iff it was rooted at a
62  // standard CA root. (As opposed to a user-installed root.)
63  bool is_issued_by_known_root;
64
65  // True if a client certificate was sent to the server.  Note that sending
66  // a Certificate message with no client certificate in it does not count.
67  bool client_cert_sent;
68
69  // True if a channel ID was sent to the server.
70  bool channel_id_sent;
71
72  HandshakeType handshake_type;
73
74  // The hashes, in several algorithms, of the SubjectPublicKeyInfos from
75  // each certificate in the chain.
76  HashValueVector public_key_hashes;
77};
78
79}  // namespace net
80
81#endif  // NET_SSL_SSL_INFO_H_
82