bcarrella/cef
1
0
Fork 0
mirror of https://bitbucket.org/chromiumembedded/cef synced 2025-06-05 21:39:12 +02:00
Code Issues Packages Projects Releases Wiki Activity

Expose additional SSL certificate information.

Browse Source 
- Provide access to the full certificate issuer chain (issue #1530)
- Add several missing certificate error codes to cef_errorcode_t (issue #1784)
- Provide the full certificate status bitmask (issue #1790)
This commit is contained in:
Marshall Greenblatt
2015-12-18 13:03:03 -05:00
parent 07e845ed31
commit 12f19e3a33
9 changed files with 531 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
include/cef_ssl_info.h
View File

@ -111,6 +111,28 @@ class CefSSLCertPrincipal : public virtual CefBase {
/*--cef(source=library)--*/
class CefSSLInfo : public virtual CefBase {
public:
typedef std::vector<CefRefPtr<CefBinaryValue> > IssuerChainBinaryList;
///
// Returns a bitmask containing any and all problems verifying the server
// certificate.
///
/*--cef(default_retval=CERT_STATUS_NONE)--*/
virtual cef_cert_status_t GetCertStatus() =0;
///
// Returns true if the certificate status has any error, major or minor.
///
/*--cef()--*/
virtual bool IsCertStatusError() =0;
///
// Returns true if the certificate status represents only minor errors
// (e.g. failure to verify certificate revocation).
///
/*--cef()--*/
virtual bool IsCertStatusMinorError() =0;
///
// Returns the subject of the X.509 certificate. For HTTPS server
// certificates this represents the web server. The common name of the
@ -157,6 +179,29 @@ class CefSSLInfo : public virtual CefBase {
///
/*--cef()--*/
virtual CefRefPtr<CefBinaryValue> GetPEMEncoded() =0;
///
// Returns the number of certificates in the issuer chain.
// If 0, the certificate is self-signed.
///
/*--cef()--*/
virtual size_t GetIssuerChainSize() =0;
///
// Returns the DER encoded data for the certificate issuer chain.
// If we failed to encode a certificate in the chain it is still
// present in the array but is an empty string.
///
/*--cef(count_func=chain:GetIssuerChainSize)--*/
virtual void GetDEREncodedIssuerChain(IssuerChainBinaryList& chain) =0;
///
// Returns the PEM encoded data for the certificate issuer chain.
// If we failed to encode a certificate in the chain it is still
// present in the array but is an empty string.
///
/*--cef(count_func=chain:GetIssuerChainSize)--*/
virtual void GetPEMEncodedIssuerChain(IssuerChainBinaryList& chain) =0;
};
#endif // CEF_INCLUDE_CEF_SSL_INFO_H_