ssl_info.h revision 2a99a7e74a7f215066514fe81d2bfa6639d9eddd
1// Copyright (c) 2012 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef NET_SSL_SSL_INFO_H_ 6#define NET_SSL_SSL_INFO_H_ 7 8#include <vector> 9 10#include "base/memory/ref_counted.h" 11#include "net/base/cert_status_flags.h" 12#include "net/base/net_export.h" 13#include "net/base/x509_cert_types.h" 14 15namespace net { 16 17class X509Certificate; 18 19// SSL connection info. 20// This is really a struct. All members are public. 21class NET_EXPORT SSLInfo { 22 public: 23 // HandshakeType enumerates the possible resumption cases after an SSL 24 // handshake. 25 enum HandshakeType { 26 HANDSHAKE_UNKNOWN = 0, 27 HANDSHAKE_RESUME, // we resumed a previous session. 28 HANDSHAKE_FULL, // we negotiated a new session. 29 }; 30 31 SSLInfo(); 32 SSLInfo(const SSLInfo& info); 33 ~SSLInfo(); 34 SSLInfo& operator=(const SSLInfo& info); 35 36 void Reset(); 37 38 bool is_valid() const { return cert != NULL; } 39 40 // Adds the specified |error| to the cert status. 41 void SetCertError(int error); 42 43 // The SSL certificate. 44 scoped_refptr<X509Certificate> cert; 45 46 // Bitmask of status info of |cert|, representing, for example, known errors 47 // and extended validation (EV) status. 48 // See cert_status_flags.h for values. 49 CertStatus cert_status; 50 51 // The security strength, in bits, of the SSL cipher suite. 52 // 0 means the connection is not encrypted. 53 // -1 means the security strength is unknown. 54 int security_bits; 55 56 // Information about the SSL connection itself. See 57 // ssl_connection_status_flags.h for values. The protocol version, 58 // ciphersuite, and compression in use are encoded within. 59 int connection_status; 60 61 // If the certificate is valid, then this is true iff it was rooted at a 62 // standard CA root. (As opposed to a user-installed root.) 63 bool is_issued_by_known_root; 64 65 // True if a client certificate was sent to the server. Note that sending 66 // a Certificate message with no client certificate in it does not count. 67 bool client_cert_sent; 68 69 // True if a channel ID was sent to the server. 70 bool channel_id_sent; 71 72 HandshakeType handshake_type; 73 74 // The hashes, in several algorithms, of the SubjectPublicKeyInfos from 75 // each certificate in the chain. 76 HashValueVector public_key_hashes; 77}; 78 79} // namespace net 80 81#endif // NET_SSL_SSL_INFO_H_ 82