Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(217)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/ssl/ssl_cipher_suite_names.h

Issue 992733002: Remove //net (except for Android test stuff) and sdch (Closed) Base URL: git@github.com:domokit/mojo.git@master
Patch Set: Created 5 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/ssl/ssl_cert_request_info.cc ('k') | net/ssl/ssl_cipher_suite_names.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_SSL_SSL_CIPHER_SUITE_NAMES_H_
6 #define NET_SSL_SSL_CIPHER_SUITE_NAMES_H_
7
8 #include <string>
9
10 #include "base/basictypes.h"
11 #include "net/base/net_export.h"
12
13 namespace net {
14
15 // SSLCipherSuiteToStrings returns three strings for a given cipher suite
16 // number, the name of the key exchange algorithm, the name of the cipher and
17 // the name of the MAC. The cipher suite number is the number as sent on the
18 // wire and recorded at
19 // http://www.iana.org/assignments/tls-parameters/tls-parameters.xml
20 // If the cipher suite is unknown, the strings are set to "???".
21 // In the case of an AEAD cipher suite, *mac_str is NULL and *is_aead is true.
22 NET_EXPORT void SSLCipherSuiteToStrings(const char** key_exchange_str,
23 const char** cipher_str,
24 const char** mac_str,
25 bool* is_aead,
26 uint16 cipher_suite);
27
28 // SSLVersionToString returns the name of the SSL protocol version
29 // specified by |ssl_version|, which is defined in
30 // net/ssl/ssl_connection_status_flags.h.
31 // If the version is unknown, |name| is set to "???".
32 NET_EXPORT void SSLVersionToString(const char** name, int ssl_version);
33
34 // Parses a string literal that represents a SSL/TLS cipher suite.
35 //
36 // Supported literal forms:
37 // 0xAABB, where AA is cipher_suite[0] and BB is cipher_suite[1], as
38 // defined in RFC 2246, Section 7.4.1.2. Unrecognized but parsable cipher
39 // suites in this form will not return an error.
40 //
41 // Returns true if the cipher suite was successfully parsed, storing the
42 // result in |cipher_suite|.
43 //
44 // TODO(rsleevi): Support the full strings defined in the IANA TLS parameters
45 // list.
46 NET_EXPORT bool ParseSSLCipherString(const std::string& cipher_string,
47 uint16* cipher_suite);
48
49 // |cipher_suite| is the IANA id for the cipher suite. What a "secure"
50 // cipher suite is arbitrarily determined here. The intent is to indicate what
51 // cipher suites meet modern security standards when backwards compatibility can
52 // be ignored. Notably, HTTP/2 requires/encourages this sort of validation of
53 // cipher suites: https://http2.github.io/http2-spec/#TLSUsage.
54 //
55 // Currently, this function follows these criteria:
56 // 1) Only uses forward secure key exchanges
57 // 2) Only uses AEADs
58 NET_EXPORT bool IsSecureTLSCipherSuite(uint16 cipher_suite);
59
60 } // namespace net
61
62 #endif // NET_SSL_SSL_CIPHER_SUITE_NAMES_H_
OLDNEW
« no previous file with comments | « net/ssl/ssl_cert_request_info.cc ('k') | net/ssl/ssl_cipher_suite_names.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698