Google Git
Sign in
chromium / chromium / src / c9a27cb84aaa2512b22806c607cdebd0d0a7422b / . / net / ssl / ssl_cert_request_info.h
blob: 13f91d6913bb283b71f17f026b5d875896813732 [file] [log] [blame]
[email protected]3b63f8f42011-03-28 01:54:15[diff] [blame]1// Copyright (c) 2011 The Chromium Authors. All rights reserved.
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]5#ifndef NET_SSL_SSL_CERT_REQUEST_INFO_H_
6#define NET_SSL_SSL_CERT_REQUEST_INFO_H_
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]7
8#include <string>
9#include <vector>
10
[email protected]3b63f8f42011-03-28 01:54:15[diff] [blame]11#include "base/memory/ref_counted.h"
[email protected]791879c2013-12-17 07:22:41[diff] [blame]12#include "net/base/host_port_pair.h"
[email protected]172da1b2011-08-12 15:52:26[diff] [blame]13#include "net/base/net_export.h"
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]14#include "net/ssl/ssl_client_cert_type.h"
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]15
16namespace net {
17
18class X509Certificate;
19
[email protected]515adc22013-01-09 16:01:23[diff] [blame]20// The SSLCertRequestInfo class represents server criteria regarding client
21// certificate required for a secure connection.
22//
23// In TLS 1.1, the CertificateRequest
24// message is defined as:
25// enum {
26// rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4),
27// rsa_ephemeral_dh_RESERVED(5), dss_ephemeral_dh_RESERVED(6),
28// fortezza_dms_RESERVED(20), (255)
29// } ClientCertificateType;
30//
31// opaque DistinguishedName<1..2^16-1>;
32//
33// struct {
34// ClientCertificateType certificate_types<1..2^8-1>;
35// DistinguishedName certificate_authorities<3..2^16-1>;
36// } CertificateRequest;
[email protected]172da1b2011-08-12 15:52:26[diff] [blame]37class NET_EXPORT SSLCertRequestInfo
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]38 : public base::RefCountedThreadSafe<SSLCertRequestInfo> {
39 public:
[email protected]9349cfb2010-08-31 18:00:53[diff] [blame]40 SSLCertRequestInfo();
41
[email protected]bd0b6772011-01-11 19:59:30[diff] [blame]42 void Reset();
43
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]44 // The host and port of the SSL server that requested client authentication.
[email protected]791879c2013-12-17 07:22:41[diff] [blame]45 HostPortPair host_and_port;
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]46
[email protected]102957f2011-09-02 17:10:14[diff] [blame]47 // True if the server that issues this request was the HTTPS proxy used in
48 // the request. False, if the server was the origin server.
49 bool is_proxy;
50
[email protected]515adc22013-01-09 16:01:23[diff] [blame]51 // List of DER-encoded X.509 DistinguishedName of certificate authorities
52 // allowed by the server.
53 std::vector<std::string> cert_authorities;
54
55 std::vector<SSLClientCertType> cert_key_types;
56
57 // Client certificates matching the server criteria. This should be removed
58 // soon as being tracked in http://crbug.com/166642.
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]59 std::vector<scoped_refptr<X509Certificate> > client_certs;
[email protected]5389bc72009-11-05 23:34:24[diff] [blame]60
61 private:
62 friend class base::RefCountedThreadSafe<SSLCertRequestInfo>;
63
[email protected]9349cfb2010-08-31 18:00:53[diff] [blame]64 ~SSLCertRequestInfo();
[email protected]0b45559b2009-06-12 21:45:11[diff] [blame]65};
66
67} // namespace net
68
[email protected]536fd0b2013-03-14 17:41:57[diff] [blame]69#endif // NET_SSL_SSL_CERT_REQUEST_INFO_H_