Cert - protobufs to serialize and deserialize CertVerifierCache.

net/extras/cert/proto/cert_verification.proto

Index: net/extras/cert/proto/cert_verification.proto
diff --git a/net/extras/cert/proto/cert_verification.proto b/net/extras/cert/proto/cert_verification.proto
new file mode 100644
index 0000000000000000000000000000000000000000..542173c79933e9a78f81628b0278e78a284c1074
--- /dev/null
+++ b/net/extras/cert/proto/cert_verification.proto
@@ -0,0 +1,79 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+syntax = "proto2";
+
+option optimize_for = LITE_RUNTIME;
+
+package net;
+
+message CertVerificationSHA1HashValue {

[Ryan Sleevi, 2016/05/30 18:37:20]

Unused?

[ramant (doing other things), 2016/06/01 16:29:22]

Done.

+  optional bytes data = 1;
+};
+
+message CertVerificationCertificate {
+  // Each unique certficate gets an unique number.

[Ryan Sleevi, 2016/05/30 18:37:19]

This doesn't seem like a really good comment - and seems to be duplicated (lines
22, 27).

[ramant (doing other things), 2016/06/01 16:29:22]

Took a cut at the comment.

Done.

+  repeated uint32 cert_numbers = 1;
+};
+
+// Protobuf for input parameters of a certificate verification request.
+message CertVerificationRequestParams {
+  // Each unique certficate gets an unique number.
+  optional CertVerificationCertificate certificate = 1;
+  optional string hostname = 2;
+  optional int32 flags = 3;
+  optional string ocsp_response = 4;
+  // Each unique certficate gets an unique number.
+  repeated CertVerificationCertificate additional_trust_anchors = 5;
+};
+
+// Protobuf for the result of certificate verification.
+message CertVerificationResult {
+  optional CertVerificationCertificate verified_cert = 1;
+
+  optional uint32 cert_status = 2;
+
+  // Properties of the certificate chain.
+  optional bool has_md2 = 3;
+  optional bool has_md4 = 4;
+  optional bool has_md5 = 5;
+  optional bool has_sha1 = 6;
+  optional bool has_sha1_leaf = 7;
+
+  repeated string public_key_hashes = 8;
+  optional bool is_issued_by_known_root = 9;
+
+  optional bool is_issued_by_additional_trust_anchor = 10;
+

[Ryan Sleevi, 2016/05/30 18:37:19]

Weird style here for whitespace

[ramant (doing other things), 2016/06/01 16:29:22]

Done.

+  optional bool common_name_fallback_used = 11;
+};
+
+// Protobuf for CertVerificationResult and the error.
+message CertVerificationCachedResult {
+  // The return value of CertVerifier::Verify.
+  optional int64 error = 1;
+  // The output of CertVerifier::Verify.
+  optional CertVerificationResult result = 2;
+}
+
+// Protobuf for certicate cache validity period.
+message CertVerificationCacheValidityPeriod {
+  optional int64 verification_time = 1;
+  optional int64 expiration_time = 2;
+};
+
+// Each cache entry for certificate verification request, verification result
+// and it's validy period.
+message CertVerificationCacheEntry {
+  optional CertVerificationRequestParams request_params = 1;
+  optional CertVerificationCachedResult cached_result = 2;
+  optional CertVerificationCacheValidityPeriod cache_validity_period = 3;
+};
+
+message CertVerificationCache {
+  // List of certificates.
+  repeated string certs = 1;
+  // MultiThreadedCertVerifier's CertVerifierCache.

[Ryan Sleevi, 2016/05/30 18:37:20]

Outdated

[ramant (doing other things), 2016/06/01 16:29:22]

Done.

+  repeated CertVerificationCacheEntry cache_entry = 2;
+};