Updating trunk VERSION from 1014.0 to 1015.0
[chromium-blink-merge.git] / net / base / ssl_info.h
blob54217a63efe8064a6794550ef7f24d0ba9680bb3
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_BASE_SSL_INFO_H_
6 #define NET_BASE_SSL_INFO_H_
7 #pragma once
9 #include <vector>
11 #include "base/memory/ref_counted.h"
12 #include "net/base/cert_status_flags.h"
13 #include "net/base/net_export.h"
14 #include "net/base/x509_cert_types.h"
16 namespace net {
18 class X509Certificate;
20 // SSL connection info.
21 // This is really a struct. All members are public.
22 class NET_EXPORT SSLInfo {
23 public:
24 // HandshakeType enumerates the possible resumption cases after an SSL
25 // handshake.
26 enum HandshakeType {
27 HANDSHAKE_UNKNOWN = 0,
28 HANDSHAKE_RESUME, // we resumed a previous session.
29 HANDSHAKE_FULL, // we negotiated a new session.
32 SSLInfo();
33 SSLInfo(const SSLInfo& info);
34 ~SSLInfo();
35 SSLInfo& operator=(const SSLInfo& info);
37 void Reset();
39 bool is_valid() const { return cert != NULL; }
41 // Adds the specified |error| to the cert status.
42 void SetCertError(int error);
44 // The SSL certificate.
45 scoped_refptr<X509Certificate> cert;
47 // Bitmask of status info of |cert|, representing, for example, known errors
48 // and extended validation (EV) status.
49 // See cert_status_flags.h for values.
50 CertStatus cert_status;
52 // The security strength, in bits, of the SSL cipher suite.
53 // 0 means the connection is not encrypted.
54 // -1 means the security strength is unknown.
55 int security_bits;
57 // Information about the SSL connection itself. See
58 // ssl_connection_status_flags.h for values. The protocol version,
59 // ciphersuite, and compression in use are encoded within.
60 int connection_status;
62 // If the certificate is valid, then this is true iff it was rooted at a
63 // standard CA root. (As opposed to a user-installed root.)
64 bool is_issued_by_known_root;
66 // True if a client certificate was sent to the server. Note that sending
67 // a Certificate message with no client certificate in it does not count.
68 bool client_cert_sent;
70 HandshakeType handshake_type;
72 // The hashes of the SubjectPublicKeyInfos from each certificate in the chain.
73 std::vector<SHA1Fingerprint> public_key_hashes;
76 } // namespace net
78 #endif // NET_BASE_SSL_INFO_H_