Index: chrome/browser/net/cert_logger.proto |
diff --git a/chrome/browser/net/cert_logger.proto b/chrome/browser/net/cert_logger.proto |
deleted file mode 100644 |
index 3824c9f28e47b93c6c974ce3963f1f20fd44ba4b..0000000000000000000000000000000000000000 |
--- a/chrome/browser/net/cert_logger.proto |
+++ /dev/null |
@@ -1,93 +0,0 @@ |
-// Copyright (c) 2011 The Chromium Authors. All rights reserved. |
-// Use of this source code is governed by a BSD-style license that can be |
-// found in the LICENSE file. |
-// |
-// This protobuffer is intended to store reports from Chrome users of |
-// certificate errors. A report will be sent from Chrome when it gets |
-// e.g. a certificate for google.com that chains up to a root CA not expected by |
-// Chrome for that origin, such as DigiNotar (compromised in July 2011), or |
-// other pinning errors such as a blacklisted cert in the chain, or |
-// (when opted in) other certificate validation errors like an expired |
-// cert. The report from the user will include the hostname being accessed, |
-// the full certificate chain (in PEM format), and the |
-// timestamp of when the client tried to access the site. A response is |
-// generated by the frontend and logged, including validation and error checking |
-// done on the client's input data. |
- |
- |
-syntax = "proto2"; |
- |
-package chrome_browser_net; |
- |
-// Chrome requires this. |
-option optimize_for = LITE_RUNTIME; |
- |
-// Protocol types |
-message CertLoggerRequest { |
- // The hostname being accessed (required as the cert could be valid for |
- // multiple hosts, e.g. a wildcard or a SubjectAltName. |
- required string hostname = 1; |
- // The certificate chain as a series of PEM-encoded certificates, including |
- // intermediates but not necessarily the root. |
- required string cert_chain = 2; |
- // The time (in usec since the epoch) when the client attempted to access the |
- // site generating the pinning error. |
- required int64 time_usec = 3; |
- // public_key_hash contains the string forms of the hashes calculated for |
- // the chain. (I.e. "sha1/<base64 data>".) |
- repeated string public_key_hash = 4; |
- // pin contains the string forms of the pins that were matched against for |
- // this host. |
- repeated string pin = 5; |
- |
- enum CertError { |
- ERR_CERT_REVOKED = 1; |
- ERR_CERT_INVALID = 2; |
- ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = 3; |
- ERR_CERT_AUTHORITY_INVALID = 4; |
- ERR_CERT_COMMON_NAME_INVALID = 5; |
- ERR_CERT_NAME_CONSTRAINT_VIOLATION = 6; |
- ERR_CERT_WEAK_SIGNATURE_ALGORITHM = 7; |
- ERR_CERT_WEAK_KEY = 8; |
- ERR_CERT_DATE_INVALID = 9; |
- ERR_CERT_VALIDITY_TOO_LONG = 10; |
- ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11; |
- ERR_CERT_NO_REVOCATION_MECHANISM = 12; |
- ERR_CERT_NON_UNIQUE_NAME = 13; |
- }; |
- |
- // Certificate errors encountered (if any) when validating this |
- // certificate chain. |
- repeated CertError cert_error = 6; |
-}; |
- |
-// A wrapper proto containing an encrypted CertLoggerRequest |
-message EncryptedCertLoggerRequest { |
- // An encrypted, serialized CertLoggerRequest |
- required bytes encrypted_report = 1; |
- // The server public key version that was used to derive the shared secret. |
- required uint32 server_public_key_version = 2; |
- // The client public key that corresponds to the private key that was used |
- // to derive the shared secret. |
- required bytes client_public_key = 3; |
- // The encryption algorithm used to encrypt the report. |
- enum Algorithm { |
- UNKNOWN_ALGORITHM = 0; |
- AEAD_ECDH_AES_128_CTR_HMAC_SHA256 = 1; |
- } |
- optional Algorithm algorithm = 4 |
- [default = AEAD_ECDH_AES_128_CTR_HMAC_SHA256]; |
-}; |
- |
-// The response sent back to the user. |
-message CertLoggerResponse { |
- enum ResponseCode { |
- OK = 1; |
- MALFORMED_CERT_DATA = 2; |
- HOST_CERT_DONT_MATCH = 3; |
- ROOT_NOT_RECOGNIZED = 4; |
- ROOT_NOT_UNEXPECTED = 5; |
- OTHER_ERROR = 6; |
- }; |
- required ResponseCode response = 1; |
-}; |