net/ssl/ssl_connection_status_flags.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_
   6 #define NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_
   7
   8 #include "base/logging.h"
   9 #include "base/macros.h"
  10
  11 namespace net {
  12
  13 // Status flags for SSLInfo::connection_status.
  14 enum {
  15   // The lower 16 bits are reserved for the TLS ciphersuite id.
  16   SSL_CONNECTION_CIPHERSUITE_MASK = 0xffff,
  17
  18   // The next two bits are reserved for the compression used.
  19   SSL_CONNECTION_COMPRESSION_SHIFT = 16,
  20   SSL_CONNECTION_COMPRESSION_MASK = 3,
  21
  22   // We fell back to an older protocol version for this connection.
  23   SSL_CONNECTION_VERSION_FALLBACK = 1 << 18,
  24
  25   // The server doesn't support the renegotiation_info extension. If this bit
  26   // is not set then either the extension isn't supported, or we don't have any
  27   // knowledge either way. (The latter case will occur when we use an SSL
  28   // library that doesn't report it, like SChannel.)
  29   SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION = 1 << 19,
  30
  31   // The next three bits are reserved for the SSL version.
  32   SSL_CONNECTION_VERSION_SHIFT = 20,
  33   SSL_CONNECTION_VERSION_MASK = 7,
  34
  35   // 1 << 31 (the sign bit) is reserved so that the SSL connection status will
  36   // never be negative.
  37 };
  38
  39 // NOTE: the SSL version enum constants must be between 0 and
  40 // SSL_CONNECTION_VERSION_MASK, inclusive.
  41 enum {
  42   SSL_CONNECTION_VERSION_UNKNOWN = 0,  // Unknown SSL version.
  43   SSL_CONNECTION_VERSION_SSL2 = 1,
  44   SSL_CONNECTION_VERSION_SSL3 = 2,
  45   SSL_CONNECTION_VERSION_TLS1 = 3,
  46   SSL_CONNECTION_VERSION_TLS1_1 = 4,
  47   SSL_CONNECTION_VERSION_TLS1_2 = 5,
  48   // Reserve 6 for TLS 1.3.
  49   SSL_CONNECTION_VERSION_QUIC = 7,
  50   SSL_CONNECTION_VERSION_MAX,
  51 };
  52 static_assert(SSL_CONNECTION_VERSION_MAX - 1 <= SSL_CONNECTION_VERSION_MASK,
  53               "SSL_CONNECTION_VERSION_MASK too small");
  54
  55 inline uint16 SSLConnectionStatusToCipherSuite(int connection_status) {
  56   return static_cast<uint16>(connection_status);
  57 }
  58
  59 inline int SSLConnectionStatusToVersion(int connection_status) {
  60   return (connection_status >> SSL_CONNECTION_VERSION_SHIFT) &
  61          SSL_CONNECTION_VERSION_MASK;
  62 }
  63
  64 inline void SSLConnectionStatusSetCipherSuite(uint16 cipher_suite,
  65                                               int* connection_status) {
  66   // Clear out the old ciphersuite.
  67   *connection_status &= ~SSL_CONNECTION_CIPHERSUITE_MASK;
  68   // Set the new ciphersuite.
  69   *connection_status |= cipher_suite;
  70 }
  71
  72 inline void SSLConnectionStatusSetVersion(int version, int* connection_status) {
  73   DCHECK_GT(version, 0);
  74   DCHECK_LT(version, SSL_CONNECTION_VERSION_MAX);
  75
  76   // Clear out the old version.
  77   *connection_status &=
  78       ~(SSL_CONNECTION_VERSION_MASK << SSL_CONNECTION_VERSION_SHIFT);
  79   // Set the new version.
  80   *connection_status |=
  81       ((version & SSL_CONNECTION_VERSION_MASK) << SSL_CONNECTION_VERSION_SHIFT);
  82 }
  83
  84 }  // namespace net
  85
  86 #endif  // NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_