Cert - protobufs to serialize and deserialize CertVerifierCache.

net/cert/proto/cert_verification.proto

Index: net/cert/proto/cert_verification.proto
diff --git a/net/cert/proto/cert_verification.proto b/net/cert/proto/cert_verification.proto
new file mode 100644
index 0000000000000000000000000000000000000000..697ed249db58262aa5d62ccf5fb63eadff15675b
--- /dev/null
+++ b/net/cert/proto/cert_verification.proto
@@ -0,0 +1,73 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+syntax = "proto2";
+
+option optimize_for = LITE_RUNTIME;
+
+package net;
+
+message CertVerificationSHA256HashValue {
+  optional bytes data = 1;
+};
+
+// Protobuf for MultiThreadedCertVerifier::RequestParams. Input parameters of a
+// certificate verification request.

[Ryan Sleevi, 2016/04/29 23:33:21]

BUG: Please don't couple your protobuf like this to some other file. Describe
what this proto is and does, in isolation to all other files.

[ramant (doing other things), 2016/04/30 22:58:12]

Removed references to the  MultiThreadedCertVerifier's data structures from this
file.

Done.

+message CertVerificationRequestParams {
+  required string hostname = 1;
+  required int32 flags = 2;
+  repeated CertVerificationSHA256HashValue hash_values = 3;

[Ryan Sleevi, 2016/04/29 23:33:21]

Surely this isn't correct. The MultiThreadedCertVerifier header says SHA-1 hash
values, but your API suggest it's SHA-256.

[ramant (doing other things), 2016/04/30 22:58:12]

My fault. I have misunderstood the earlier comments about SHA256 to mean that I
should use SHA256. Changed them back to SHA1.

Done.

+  // The time when verification started.
+  required int64 start_time = 4;
+};
+
+// Protobuf for CertVerifyResult. The result of certificate verification.
+message CertVerificationResult {
+  // Each unique certficate gets an unique number.
+  repeated uint32 cert_numbers = 1;
+
+  required uint32 cert_status = 2;
+
+  // Properties of the certificate chain.
+  required bool has_md2 = 3;
+  required bool has_md4 = 4;
+  required bool has_md5 = 5;
+  required bool has_sha1 = 6;
+  required bool has_sha1_leaf = 7;
+
+  repeated string public_key_hashes = 8;
+  required bool is_issued_by_known_root = 9;
+
+  required bool is_issued_by_additional_trust_anchor = 10;
+
+  required bool common_name_fallback_used = 11;
+};
+
+// Protobuf for MultiThreadedCertVerifier::CachedResult.
+message CertVerificationCachedResult {
+  // The return value of CertVerifier::Verify.
+  required int64 error = 1;
+  // The output of CertVerifier::Verify.
+  optional CertVerificationResult result = 2;
+}
+
+// Protobuf for MultiThreadedCertVerifier::CacheValidityPeriod.
+message CertVerificationCacheValidityPeriod {
+  required int64 verification_time = 1;
+  required int64 expiration_time = 2;
+};
+
+// Each cache entry of MultiThreadedCertVerifier's CertVerifierCache.
+message CertVerificationCacheEntry {
+  required CertVerificationRequestParams request_params = 1;
+  optional CertVerificationCachedResult cached_result = 2;
+  optional CertVerificationCacheValidityPeriod cache_validity_period = 3;

[Ryan Sleevi, 2016/04/29 23:33:21]

I don't feel comfortable reviewing protobuf files for proto style, but this mix
of required and optional feels fundamentally wrong. I thought protobufs were
discouraged from having required fields (period). Certainly, the liberal use of
required here defeats the primary purpose of why we're using protobufs to begin
with - to provide some possibility of compatibility/versioning.

[ramant (doing other things), 2016/04/30 22:58:12]

Changed all the fields to optional fields.

+};
+
+message CertVerificationCache {
+  // List of certificates.
+  repeated string certs = 1;
+  // MultiThreadedCertVerifier's CertVerifierCache.
+  repeated CertVerificationCacheEntry cache_entry = 2;
+};