Add API for SSL status and certificate retrieval (issue #1924)

include/capi/cef_ssl_info_capi.h

@@ -40,83 +40,13 @@
 
 #include "include/capi/cef_base_capi.h"
 #include "include/capi/cef_values_capi.h"
+#include "include/capi/cef_x509_certificate_capi.h"
 
 #ifdef __cplusplus
 extern "C" {
 #endif
 
 
-///
-// Structure representing the issuer or subject field of an X.509 certificate.
-///
-typedef struct _cef_sslcert_principal_t {
-  ///
-  // Base structure.
-  ///
-  cef_base_t base;
-
-  ///
-  // Returns a name that can be used to represent the issuer.  It tries in this
-  // order: CN, O and OU and returns the first non-NULL one found.
-  ///
-  // The resulting string must be freed by calling cef_string_userfree_free().
-  cef_string_userfree_t (CEF_CALLBACK *get_display_name)(
-      struct _cef_sslcert_principal_t* self);
-
-  ///
-  // Returns the common name.
-  ///
-  // The resulting string must be freed by calling cef_string_userfree_free().
-  cef_string_userfree_t (CEF_CALLBACK *get_common_name)(
-      struct _cef_sslcert_principal_t* self);
-
-  ///
-  // Returns the locality name.
-  ///
-  // The resulting string must be freed by calling cef_string_userfree_free().
-  cef_string_userfree_t (CEF_CALLBACK *get_locality_name)(
-      struct _cef_sslcert_principal_t* self);
-
-  ///
-  // Returns the state or province name.
-  ///
-  // The resulting string must be freed by calling cef_string_userfree_free().
-  cef_string_userfree_t (CEF_CALLBACK *get_state_or_province_name)(
-      struct _cef_sslcert_principal_t* self);
-
-  ///
-  // Returns the country name.
-  ///
-  // The resulting string must be freed by calling cef_string_userfree_free().
-  cef_string_userfree_t (CEF_CALLBACK *get_country_name)(
-      struct _cef_sslcert_principal_t* self);
-
-  ///
-  // Retrieve the list of street addresses.
-  ///
-  void (CEF_CALLBACK *get_street_addresses)(
-      struct _cef_sslcert_principal_t* self, cef_string_list_t addresses);
-
-  ///
-  // Retrieve the list of organization names.
-  ///
-  void (CEF_CALLBACK *get_organization_names)(
-      struct _cef_sslcert_principal_t* self, cef_string_list_t names);
-
-  ///
-  // Retrieve the list of organization unit names.
-  ///
-  void (CEF_CALLBACK *get_organization_unit_names)(
-      struct _cef_sslcert_principal_t* self, cef_string_list_t names);
-
-  ///
-  // Retrieve the list of domain components.
-  ///
-  void (CEF_CALLBACK *get_domain_components)(
-      struct _cef_sslcert_principal_t* self, cef_string_list_t components);
-} cef_sslcert_principal_t;
-
-
 ///
 // Structure representing SSL information.
 ///
@@ -134,85 +64,24 @@ typedef struct _cef_sslinfo_t {
       struct _cef_sslinfo_t* self);
 
   ///
-  // Returns true (1) if the certificate status has any error, major or minor.
+  // Returns the X.509 certificate.
   ///
-  int (CEF_CALLBACK *is_cert_status_error)(struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns true (1) if the certificate status represents only minor errors
-  // (e.g. failure to verify certificate revocation).
-  ///
-  int (CEF_CALLBACK *is_cert_status_minor_error)(struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the subject of the X.509 certificate. For HTTPS server certificates
-  // this represents the web server.  The common name of the subject should
-  // match the host name of the web server.
-  ///
-  struct _cef_sslcert_principal_t* (CEF_CALLBACK *get_subject)(
+  struct _cef_x509certificate_t* (CEF_CALLBACK *get_x509certificate)(
       struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the issuer of the X.509 certificate.
-  ///
-  struct _cef_sslcert_principal_t* (CEF_CALLBACK *get_issuer)(
-      struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the DER encoded serial number for the X.509 certificate. The value
-  // possibly includes a leading 00 byte.
-  ///
-  struct _cef_binary_value_t* (CEF_CALLBACK *get_serial_number)(
-      struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the date before which the X.509 certificate is invalid.
-  // CefTime.GetTimeT() will return 0 if no date was specified.
-  ///
-  cef_time_t (CEF_CALLBACK *get_valid_start)(struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the date after which the X.509 certificate is invalid.
-  // CefTime.GetTimeT() will return 0 if no date was specified.
-  ///
-  cef_time_t (CEF_CALLBACK *get_valid_expiry)(struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the DER encoded data for the X.509 certificate.
-  ///
-  struct _cef_binary_value_t* (CEF_CALLBACK *get_derencoded)(
-      struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the PEM encoded data for the X.509 certificate.
-  ///
-  struct _cef_binary_value_t* (CEF_CALLBACK *get_pemencoded)(
-      struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the number of certificates in the issuer chain. If 0, the
-  // certificate is self-signed.
-  ///
-  size_t (CEF_CALLBACK *get_issuer_chain_size)(struct _cef_sslinfo_t* self);
-
-  ///
-  // Returns the DER encoded data for the certificate issuer chain. If we failed
-  // to encode a certificate in the chain it is still present in the array but
-  // is an NULL string.
-  ///
-  void (CEF_CALLBACK *get_derencoded_issuer_chain)(struct _cef_sslinfo_t* self,
-      size_t* chainCount, struct _cef_binary_value_t** chain);
-
-  ///
-  // Returns the PEM encoded data for the certificate issuer chain. If we failed
-  // to encode a certificate in the chain it is still present in the array but
-  // is an NULL string.
-  ///
-  void (CEF_CALLBACK *get_pemencoded_issuer_chain)(struct _cef_sslinfo_t* self,
-      size_t* chainCount, struct _cef_binary_value_t** chain);
 } cef_sslinfo_t;
 
 
+///
+// Returns true (1) if the certificate status has any error, major or minor.
+///
+CEF_EXPORT int cef_is_cert_status_error(cef_cert_status_t status);
+
+///
+// Returns true (1) if the certificate status represents only minor errors (e.g.
+// failure to verify certificate revocation).
+///
+CEF_EXPORT int cef_is_cert_status_minor_error(cef_cert_status_t status);
+
 #ifdef __cplusplus
 }
 #endif