1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef NET_SSL_SSL_INFO_H_ 6 #define NET_SSL_SSL_INFO_H_ 7 8 #include <vector> 9 10 #include "base/memory/ref_counted.h" 11 #include "net/base/net_export.h" 12 #include "net/cert/cert_status_flags.h" 13 #include "net/cert/x509_cert_types.h" 14 15 namespace net { 16 17 class X509Certificate; 18 19 // SSL connection info. 20 // This is really a struct. All members are public. 21 class NET_EXPORT SSLInfo { 22 public: 23 // HandshakeType enumerates the possible resumption cases after an SSL 24 // handshake. 25 enum HandshakeType { 26 HANDSHAKE_UNKNOWN = 0, 27 HANDSHAKE_RESUME, // we resumed a previous session. 28 HANDSHAKE_FULL, // we negotiated a new session. 29 }; 30 31 SSLInfo(); 32 SSLInfo(const SSLInfo& info); 33 ~SSLInfo(); 34 SSLInfo& operator=(const SSLInfo& info); 35 36 void Reset(); 37 38 bool is_valid() const { return cert.get() != NULL; } 39 40 // Adds the specified |error| to the cert status. 41 void SetCertError(int error); 42 43 // The SSL certificate. 44 scoped_refptr<X509Certificate> cert; 45 46 // Bitmask of status info of |cert|, representing, for example, known errors 47 // and extended validation (EV) status. 48 // See cert_status_flags.h for values. 49 CertStatus cert_status; 50 51 // The security strength, in bits, of the SSL cipher suite. 52 // 0 means the connection is not encrypted. 53 // -1 means the security strength is unknown. 54 int security_bits; 55 56 // Information about the SSL connection itself. See 57 // ssl_connection_status_flags.h for values. The protocol version, 58 // ciphersuite, and compression in use are encoded within. 59 int connection_status; 60 61 // If the certificate is valid, then this is true iff it was rooted at a 62 // standard CA root. (As opposed to a user-installed root.) 63 bool is_issued_by_known_root; 64 65 // True if a client certificate was sent to the server. Note that sending 66 // a Certificate message with no client certificate in it does not count. 67 bool client_cert_sent; 68 69 // True if a channel ID was sent to the server. 70 bool channel_id_sent; 71 72 HandshakeType handshake_type; 73 74 // The hashes, in several algorithms, of the SubjectPublicKeyInfos from 75 // each certificate in the chain. 76 HashValueVector public_key_hashes; 77 }; 78 79 } // namespace net 80 81 #endif // NET_SSL_SSL_INFO_H_ 82