| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 // | 4 // |
| 5 // This protobuffer is intended to store reports from Chrome users of | 5 // This protobuffer is intended to store reports from Chrome users of |
| 6 // certificate errors. A report will be sent from Chrome when it gets | 6 // certificate errors. A report will be sent from Chrome when it gets |
| 7 // e.g. a certificate for google.com that chains up to a root CA not expected by | 7 // e.g. a certificate for google.com that chains up to a root CA not expected by |
| 8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or | 8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or |
| 9 // other pinning errors such as a blacklisted cert in the chain, or | 9 // other pinning errors such as a blacklisted cert in the chain, or |
| 10 // (when opted in) other certificate validation errors like an expired | 10 // (when opted in) other certificate validation errors like an expired |
| (...skipping 23 matching lines...) Expand all Loading... |
| 34 // site generating the pinning error. | 34 // site generating the pinning error. |
| 35 required int64 time_usec = 3; | 35 required int64 time_usec = 3; |
| 36 // public_key_hash contains the string forms of the hashes calculated for | 36 // public_key_hash contains the string forms of the hashes calculated for |
| 37 // the chain. (I.e. "sha1/<base64 data>".) | 37 // the chain. (I.e. "sha1/<base64 data>".) |
| 38 repeated string public_key_hash = 4; | 38 repeated string public_key_hash = 4; |
| 39 // pin contains the string forms of the pins that were matched against for | 39 // pin contains the string forms of the pins that were matched against for |
| 40 // this host. | 40 // this host. |
| 41 repeated string pin = 5; | 41 repeated string pin = 5; |
| 42 }; | 42 }; |
| 43 | 43 |
| 44 // A wrapper proto containing an encrypted CertLoggerRequest |
| 45 message EncryptedCertLoggerRequest { |
| 46 // An encrypted, serialized CertLoggerRequest |
| 47 required bytes encrypted_report = 1; |
| 48 // The server public key version that was used to derive the shared secret. |
| 49 required uint32 server_public_key_version = 2; |
| 50 // The client public key that corresponds to the private key that was used |
| 51 // to derive the shared secret. |
| 52 required bytes client_public_key = 3; |
| 53 // The encryption algorithm used to encrypt the report. |
| 54 enum Algorithm { |
| 55 UNKNOWN_ALGORITHM = 0; |
| 56 AEAD_ECDH_AES_128_CTR_HMAC_SHA256 = 1; |
| 57 } |
| 58 optional Algorithm algorithm = 4 |
| 59 [default = AEAD_ECDH_AES_128_CTR_HMAC_SHA256]; |
| 60 }; |
| 61 |
| 44 // The response sent back to the user. | 62 // The response sent back to the user. |
| 45 message CertLoggerResponse { | 63 message CertLoggerResponse { |
| 46 enum ResponseCode { | 64 enum ResponseCode { |
| 47 OK = 1; | 65 OK = 1; |
| 48 MALFORMED_CERT_DATA = 2; | 66 MALFORMED_CERT_DATA = 2; |
| 49 HOST_CERT_DONT_MATCH = 3; | 67 HOST_CERT_DONT_MATCH = 3; |
| 50 ROOT_NOT_RECOGNIZED = 4; | 68 ROOT_NOT_RECOGNIZED = 4; |
| 51 ROOT_NOT_UNEXPECTED = 5; | 69 ROOT_NOT_UNEXPECTED = 5; |
| 52 OTHER_ERROR = 6; | 70 OTHER_ERROR = 6; |
| 53 }; | 71 }; |
| 54 required ResponseCode response = 1; | 72 required ResponseCode response = 1; |
| 55 }; | 73 }; |
| 56 | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1083493003:
Encrypt certificate reports before uploading to HTTP URLs (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master