Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / net / ssl / ssl_info.h
blobda20817c2e688908c4f83e1541ecd5f3d44ba906
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_SSL_SSL_INFO_H_
6 #define NET_SSL_SSL_INFO_H_
8 #include <vector>
10 #include "base/memory/ref_counted.h"
11 #include "net/base/net_export.h"
12 #include "net/cert/cert_status_flags.h"
13 #include "net/cert/sct_status_flags.h"
14 #include "net/cert/x509_cert_types.h"
15 #include "net/ssl/signed_certificate_timestamp_and_status.h"
17 namespace net {
19 class X509Certificate;
21 // SSL connection info.
22 // This is really a struct. All members are public.
23 class NET_EXPORT SSLInfo {
24 public:
25 // HandshakeType enumerates the possible resumption cases after an SSL
26 // handshake.
27 enum HandshakeType {
28 HANDSHAKE_UNKNOWN = 0,
29 HANDSHAKE_RESUME, // we resumed a previous session.
30 HANDSHAKE_FULL, // we negotiated a new session.
33 SSLInfo();
34 SSLInfo(const SSLInfo& info);
35 ~SSLInfo();
36 SSLInfo& operator=(const SSLInfo& info);
38 void Reset();
40 bool is_valid() const { return cert.get() != NULL; }
42 // Adds the specified |error| to the cert status.
43 void SetCertError(int error);
45 // The SSL certificate.
46 scoped_refptr<X509Certificate> cert;
48 // The SSL certificate as received by the client. Can be different
49 // from |cert|, which is the chain as built by the client during
50 // validation.
51 scoped_refptr<X509Certificate> unverified_cert;
53 // Bitmask of status info of |cert|, representing, for example, known errors
54 // and extended validation (EV) status.
55 // See cert_status_flags.h for values.
56 CertStatus cert_status;
58 // The security strength, in bits, of the SSL cipher suite.
59 // 0 means the connection is not encrypted.
60 // -1 means the security strength is unknown.
61 int security_bits;
63 // Information about the SSL connection itself. See
64 // ssl_connection_status_flags.h for values. The protocol version,
65 // ciphersuite, and compression in use are encoded within.
66 int connection_status;
68 // If the certificate is valid, then this is true iff it was rooted at a
69 // standard CA root. (As opposed to a user-installed root.)
70 bool is_issued_by_known_root;
72 // True if a client certificate was sent to the server. Note that sending
73 // a Certificate message with no client certificate in it does not count.
74 bool client_cert_sent;
76 // True if a channel ID was sent to the server.
77 bool channel_id_sent;
79 HandshakeType handshake_type;
81 // The hashes, in several algorithms, of the SubjectPublicKeyInfos from
82 // each certificate in the chain.
83 HashValueVector public_key_hashes;
85 // pinning_failure_log contains a message produced by
86 // TransportSecurityState::PKPState::CheckPublicKeyPins in the event of a
87 // pinning failure. It is a (somewhat) human-readable string.
88 std::string pinning_failure_log;
90 // List of SignedCertificateTimestamps and their corresponding validation
91 // status.
92 SignedCertificateTimestampAndStatusList signed_certificate_timestamps;
95 } // namespace net
97 #endif // NET_SSL_SSL_INFO_H_