Google Git
Sign in
chromium / chromium / src / 536fd0b69edf4b73f057fe9c79f15beddd239ef8 / . / net / ssl / ssl_cert_request_info.h
blob: fecffb8f31d36b052ea9d3cb6365d89e08a52bab [file] [log] [blame]
[email protected]3b63f8f42011-03-28 01:54:15[diff] [blame]1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame^]5#ifndef NET_SSL_SSL_CERT_REQUEST_INFO_H_
6#define NET_SSL_SSL_CERT_REQUEST_INFO_H_
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]7
8#include <string>
9#include <vector>
10
[email protected]3b63f8f42011-03-28 01:54:15[diff] [blame]11#include "base/memory/ref_counted.h"
[email protected]172da1b2011-08-12 15:52:26[diff] [blame]12#include "net/base/net_export.h"
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame^]13#include "net/ssl/ssl_client_cert_type.h"
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]14
15namespace net {
16
17class X509Certificate;
18
[email protected]515adc22013-01-09 16:01:23[diff] [blame]19// The SSLCertRequestInfo class represents server criteria regarding client
20// certificate required for a secure connection.
21//
22// In TLS 1.1, the CertificateRequest
23// message is defined as:
24// enum {
25// rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
26// rsa_ephemeral_dh_RESERVED(5), dss_ephemeral_dh_RESERVED(6),
27// fortezza_dms_RESERVED(20), (255)
28// } ClientCertificateType;
29//
30// opaque DistinguishedName<1..2^16-1>;
31//
32// struct {
33// ClientCertificateType certificate_types<1..2^8-1>;
34// DistinguishedName certificate_authorities<3..2^16-1>;
35// } CertificateRequest;
[email protected]172da1b2011-08-12 15:52:26[diff] [blame]36class NET_EXPORT SSLCertRequestInfo
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]37 : public base::RefCountedThreadSafe<SSLCertRequestInfo> {
38 public:
[email protected]9349cfb2010-08-31 18:00:53[diff] [blame]39 SSLCertRequestInfo();
40
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]41 void Reset();
42
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]43 // The host and port of the SSL server that requested client authentication.
44 std::string host_and_port;
45
[email protected]102957f2011-09-02 17:10:14[diff] [blame]46 // True if the server that issues this request was the HTTPS proxy used in
47 // the request. False, if the server was the origin server.
48 bool is_proxy;
49
[email protected]515adc22013-01-09 16:01:23[diff] [blame]50 // List of DER-encoded X.509 DistinguishedName of certificate authorities
51 // allowed by the server.
52 std::vector<std::string> cert_authorities;
53
54 std::vector<SSLClientCertType> cert_key_types;
55
56 // Client certificates matching the server criteria. This should be removed
57 // soon as being tracked in http://crbug.com/166642.
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]58 std::vector<scoped_refptr<X509Certificate> > client_certs;
[email protected]5389bc72009-11-05 23:34:24[diff] [blame]59
60 private:
61 friend class base::RefCountedThreadSafe<SSLCertRequestInfo>;
62
[email protected]9349cfb2010-08-31 18:00:53[diff] [blame]63 ~SSLCertRequestInfo();
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]64};
65
66} // namespace net
67
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame^]68#endif // NET_SSL_SSL_CERT_REQUEST_INFO_H_