Home | History | Annotate | Download | only in ssl 
      1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef NET_SSL_SSL_INFO_H_
      6 #define NET_SSL_SSL_INFO_H_
      7 
      8 #include <vector>
      9 
     10 #include "base/memory/ref_counted.h"
     11 #include "net/base/net_export.h"
     12 #include "net/cert/cert_status_flags.h"
     13 #include "net/cert/x509_cert_types.h"
     14 
     15 namespace net {
     16 
     17 class X509Certificate;
     18 
     19 // SSL connection info.
     20 // This is really a struct.  All members are public.
     21 class NET_EXPORT SSLInfo {
     22  public:
     23   // HandshakeType enumerates the possible resumption cases after an SSL
     24   // handshake.
     25   enum HandshakeType {
     26     HANDSHAKE_UNKNOWN = 0,
     27     HANDSHAKE_RESUME,  // we resumed a previous session.
     28     HANDSHAKE_FULL,  // we negotiated a new session.
     29   };
     30 
     31   SSLInfo();
     32   SSLInfo(const SSLInfo& info);
     33   ~SSLInfo();
     34   SSLInfo& operator=(const SSLInfo& info);
     35 
     36   void Reset();
     37 
     38   bool is_valid() const { return cert.get() != NULL; }
     39 
     40   // Adds the specified |error| to the cert status.
     41   void SetCertError(int error);
     42 
     43   // The SSL certificate.
     44   scoped_refptr<X509Certificate> cert;
     45 
     46   // Bitmask of status info of |cert|, representing, for example, known errors
     47   // and extended validation (EV) status.
     48   // See cert_status_flags.h for values.
     49   CertStatus cert_status;
     50 
     51   // The security strength, in bits, of the SSL cipher suite.
     52   // 0 means the connection is not encrypted.
     53   // -1 means the security strength is unknown.
     54   int security_bits;
     55 
     56   // Information about the SSL connection itself. See
     57   // ssl_connection_status_flags.h for values. The protocol version,
     58   // ciphersuite, and compression in use are encoded within.
     59   int connection_status;
     60 
     61   // If the certificate is valid, then this is true iff it was rooted at a
     62   // standard CA root. (As opposed to a user-installed root.)
     63   bool is_issued_by_known_root;
     64 
     65   // True if a client certificate was sent to the server.  Note that sending
     66   // a Certificate message with no client certificate in it does not count.
     67   bool client_cert_sent;
     68 
     69   // True if a channel ID was sent to the server.
     70   bool channel_id_sent;
     71 
     72   HandshakeType handshake_type;
     73 
     74   // The hashes, in several algorithms, of the SubjectPublicKeyInfos from
     75   // each certificate in the chain.
     76   HashValueVector public_key_hashes;
     77 };
     78 
     79 }  // namespace net
     80 
     81 #endif  // NET_SSL_SSL_INFO_H_
     82