net/ssl/ssl_connection_status_flags.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_
   6 #define NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_
   7
   8 #include "base/logging.h"
   9 #include "base/macros.h"
  10
  11 namespace net {
  12
  13 // Status flags for SSLInfo::connection_status.
  14 enum {
  15   // The lower 16 bits are reserved for the TLS ciphersuite id.
  16   SSL_CONNECTION_CIPHERSUITE_SHIFT = 0,
  17   SSL_CONNECTION_CIPHERSUITE_MASK = 0xffff,
  18
  19   // The next two bits are reserved for the compression used.
  20   SSL_CONNECTION_COMPRESSION_SHIFT = 16,
  21   SSL_CONNECTION_COMPRESSION_MASK = 3,
  22
  23   // We fell back to an older protocol version for this connection.
  24   SSL_CONNECTION_VERSION_FALLBACK = 1 << 18,
  25
  26   // The server doesn't support the renegotiation_info extension. If this bit
  27   // is not set then either the extension isn't supported, or we don't have any
  28   // knowledge either way. (The latter case will occur when we use an SSL
  29   // library that doesn't report it, like SChannel.)
  30   SSL_CONNECTION_NO_RENEGOTIATION_EXTENSION = 1 << 19,
  31
  32   // The next three bits are reserved for the SSL version.
  33   SSL_CONNECTION_VERSION_SHIFT = 20,
  34   SSL_CONNECTION_VERSION_MASK = 7,
  35
  36   // 1 << 31 (the sign bit) is reserved so that the SSL connection status will
  37   // never be negative.
  38 };
  39
  40 // NOTE: the SSL version enum constants must be between 0 and
  41 // SSL_CONNECTION_VERSION_MASK, inclusive.
  42 enum {
  43   SSL_CONNECTION_VERSION_UNKNOWN = 0,  // Unknown SSL version.
  44   SSL_CONNECTION_VERSION_SSL2 = 1,
  45   SSL_CONNECTION_VERSION_SSL3 = 2,
  46   SSL_CONNECTION_VERSION_TLS1 = 3,
  47   SSL_CONNECTION_VERSION_TLS1_1 = 4,
  48   SSL_CONNECTION_VERSION_TLS1_2 = 5,
  49   // Reserve 6 for TLS 1.3.
  50   SSL_CONNECTION_VERSION_QUIC = 7,
  51   SSL_CONNECTION_VERSION_MAX,
  52 };
  53 COMPILE_ASSERT(SSL_CONNECTION_VERSION_MAX - 1 <= SSL_CONNECTION_VERSION_MASK,
  54                SSL_CONNECTION_VERSION_MASK_too_small);
  55
  56 inline int SSLConnectionStatusToCipherSuite(int connection_status) {
  57   return (connection_status >> SSL_CONNECTION_CIPHERSUITE_SHIFT) &
  58          SSL_CONNECTION_CIPHERSUITE_MASK;
  59 }
  60
  61 inline int SSLConnectionStatusToVersion(int connection_status) {
  62   return (connection_status >> SSL_CONNECTION_VERSION_SHIFT) &
  63          SSL_CONNECTION_VERSION_MASK;
  64 }
  65
  66 inline void SSLConnectionStatusSetCipherSuite(int cipher_suite,
  67                                               int* connection_status) {
  68   // Clear out the old ciphersuite.
  69   *connection_status &=
  70       ~(SSL_CONNECTION_CIPHERSUITE_MASK << SSL_CONNECTION_CIPHERSUITE_SHIFT);
  71   // Set the new ciphersuite.
  72   *connection_status |= ((cipher_suite & SSL_CONNECTION_CIPHERSUITE_MASK)
  73                          << SSL_CONNECTION_CIPHERSUITE_SHIFT);
  74 }
  75
  76 inline void SSLConnectionStatusSetVersion(int version, int* connection_status) {
  77   DCHECK_GT(version, 0);
  78   DCHECK_LT(version, SSL_CONNECTION_VERSION_MAX);
  79
  80   // Clear out the old version.
  81   *connection_status &=
  82       ~(SSL_CONNECTION_VERSION_MASK << SSL_CONNECTION_VERSION_SHIFT);
  83   // Set the new version.
  84   *connection_status |=
  85       ((version & SSL_CONNECTION_VERSION_MASK) << SSL_CONNECTION_VERSION_SHIFT);
  86 }
  87
  88 }  // namespace net
  89
  90 #endif  // NET_SSL_SSL_CONNECTION_STATUS_FLAGS_H_