Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(159)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/ssl/cert_logger.proto

Issue 1117173004: Split cert reporter class into report building/serializing and sending (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: eroman comments Created 5 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/browser/ssl/BUILD.gn ('k') | chrome/browser/ssl/certificate_error_report.h » ('j') | chrome/browser/ssl/certificate_error_report.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright 2015 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 // 4 //
5 // This protobuffer is intended to store reports from Chrome users of 5 // This protobuffer is intended to store reports from Chrome users of
6 // certificate errors. A report will be sent from Chrome when it gets 6 // certificate errors. A report will be sent from Chrome when it gets
7 // e.g. a certificate for google.com that chains up to a root CA not expected by 7 // e.g. a certificate for google.com that chains up to a root CA not expected by
8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or 8 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or
9 // other pinning errors such as a blacklisted cert in the chain, or 9 // other pinning errors such as a blacklisted cert in the chain, or
10 // (when opted in) other certificate validation errors like an expired 10 // (when opted in) other certificate validation errors like an expired
11 // cert. The report from the user will include the hostname being accessed, 11 // cert. The report from the user will include the hostname being accessed,
12 // the full certificate chain (in PEM format), and the 12 // the full certificate chain (in PEM format), and the
13 // timestamp of when the client tried to access the site. A response is 13 // timestamp of when the client tried to access the site. A response is
14 // generated by the frontend and logged, including validation and error checking 14 // generated by the frontend and logged, including validation and error checking
15 // done on the client's input data. 15 // done on the client's input data.
16 16
17
18 syntax = "proto2"; 17 syntax = "proto2";
19 18
20 package chrome_browser_net; 19 package chrome_browser_ssl;
21 20
22 // Chrome requires this. 21 // Chrome requires this.
23 option optimize_for = LITE_RUNTIME; 22 option optimize_for = LITE_RUNTIME;
24 23
25 // Protocol types 24 // Protocol types
26 message CertLoggerRequest { 25 message CertLoggerRequest {
27 // The hostname being accessed (required as the cert could be valid for 26 // The hostname being accessed (required as the cert could be valid for
28 // multiple hosts, e.g. a wildcard or a SubjectAltName. 27 // multiple hosts, e.g. a wildcard or a SubjectAltName.
29 required string hostname = 1; 28 required string hostname = 1;
30 // The certificate chain as a series of PEM-encoded certificates, including 29 // The certificate chain as a series of PEM-encoded certificates, including
(...skipping 21 matching lines...) Expand all
52 ERR_CERT_DATE_INVALID = 9; 51 ERR_CERT_DATE_INVALID = 9;
53 ERR_CERT_VALIDITY_TOO_LONG = 10; 52 ERR_CERT_VALIDITY_TOO_LONG = 10;
54 ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11; 53 ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11;
55 ERR_CERT_NO_REVOCATION_MECHANISM = 12; 54 ERR_CERT_NO_REVOCATION_MECHANISM = 12;
56 ERR_CERT_NON_UNIQUE_NAME = 13; 55 ERR_CERT_NON_UNIQUE_NAME = 13;
57 }; 56 };
58 57
59 // Certificate errors encountered (if any) when validating this 58 // Certificate errors encountered (if any) when validating this
60 // certificate chain. 59 // certificate chain.
61 repeated CertError cert_error = 6; 60 repeated CertError cert_error = 6;
62 }; 61 };
63
64 // A wrapper proto containing an encrypted CertLoggerRequest
65 message EncryptedCertLoggerRequest {
66 // An encrypted, serialized CertLoggerRequest
67 required bytes encrypted_report = 1;
68 // The server public key version that was used to derive the shared secret.
69 required uint32 server_public_key_version = 2;
70 // The client public key that corresponds to the private key that was used
71 // to derive the shared secret.
72 required bytes client_public_key = 3;
73 // The encryption algorithm used to encrypt the report.
74 enum Algorithm {
75 UNKNOWN_ALGORITHM = 0;
76 AEAD_ECDH_AES_128_CTR_HMAC_SHA256 = 1;
77 }
78 optional Algorithm algorithm = 4
79 [default = AEAD_ECDH_AES_128_CTR_HMAC_SHA256];
80 };
81
82 // The response sent back to the user.
83 message CertLoggerResponse {
84 enum ResponseCode {
85 OK = 1;
86 MALFORMED_CERT_DATA = 2;
87 HOST_CERT_DONT_MATCH = 3;
88 ROOT_NOT_RECOGNIZED = 4;
89 ROOT_NOT_UNEXPECTED = 5;
90 OTHER_ERROR = 6;
91 };
92 required ResponseCode response = 1;
93 };
OLDNEW
« no previous file with comments | « chrome/browser/ssl/BUILD.gn ('k') | chrome/browser/ssl/certificate_error_report.h » ('j') | chrome/browser/ssl/certificate_error_report.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698