| OLD | NEW |
|---|
| 1 // Copyright (c) 2016 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2016 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 syntax = "proto2"; | 5 syntax = "proto2"; |
| 6 | 6 |
| 7 package cast_certificate; | 7 package cast_certificate; |
| 8 | 8 |
| 9 option optimize_for = LITE_RUNTIME; | 9 option optimize_for = LITE_RUNTIME; |
| 10 | 10 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 21 SUCCESS = 1; | 21 SUCCESS = 1; |
| 22 // Problem with device certificate or its path. | 22 // Problem with device certificate or its path. |
| 23 PATH_VERIFICATION_FAILED = 2; | 23 PATH_VERIFICATION_FAILED = 2; |
| 24 // Problem with the CRL. | 24 // Problem with the CRL. |
| 25 CRL_VERIFICATION_FAILED = 3; | 25 CRL_VERIFICATION_FAILED = 3; |
| 26 // Device certificate or one of the certificates in its path did not pass the | 26 // Device certificate or one of the certificates in its path did not pass the |
| 27 // revocation check. | 27 // revocation check. |
| 28 REVOCATION_CHECK_FAILED = 4; | 28 REVOCATION_CHECK_FAILED = 4; |
| 29 // No CRL was provided, but revocation check is required, and therefore fails. | 29 // No CRL was provided, but revocation check is required, and therefore fails. |
| 30 REVOCATION_CHECK_FAILED_WITHOUT_CRL = 5; | 30 REVOCATION_CHECK_FAILED_WITHOUT_CRL = 5; |
| 31 // CRL is valid at the time of initial verification, but when device cert |
| 32 // revocation is checked, the CRL signer cert has expired and the CRL is no |
| 33 // longer valid. |
| 34 CRL_EXPIRED_AFTER_INITIAL_VERIFICATION = 6; |
| 31 } | 35 } |
| 32 | 36 |
| 33 message DeviceCertTest { | 37 message DeviceCertTest { |
| 34 // Human-readable description of the test. | 38 // Human-readable description of the test. |
| 35 optional string description = 1; | 39 optional string description = 1; |
| 36 | 40 |
| 37 // Expected result of the certificate verification. | 41 // Expected result of the certificate verification. |
| 38 optional VerificationResult expected_result = 4; | 42 optional VerificationResult expected_result = 4; |
| 39 | 43 |
| 40 // Device certiticate path up to a trusted root. Root is not included. | 44 // Device certiticate path up to a trusted root. Root is not included. |
| 41 repeated bytes der_cert_path = 2; | 45 repeated bytes der_cert_path = 2; |
| 42 | 46 |
| 43 // Serialized cast.CrlBundle proto if revocation check is required. | 47 // Serialized cast.CrlBundle proto if revocation check is required. |
| 44 optional bytes crl_bundle = 3; | 48 optional bytes crl_bundle = 3; |
| 45 | 49 |
| 46 // Time at which to verify the device certificate. | 50 // Time at which to verify the device certificate. |
| 47 optional uint64 cert_verification_time_seconds = 5; | 51 optional uint64 cert_verification_time_seconds = 5; |
| 48 | 52 |
| 49 // Time at which to verify the CRL. It this field is omitted, the CRL is | 53 // Time at which to verify the CRL. It this field is omitted, the CRL is |
| 50 // verified at cert_verification_time_seconds. | 54 // verified at cert_verification_time_seconds. |
| 51 optional uint64 crl_verification_time_seconds = 6; | 55 optional uint64 crl_verification_time_seconds = 6; |
| 52 | 56 |
| 53 // Chooses between test and production trust anchors for device certificates | 57 // Chooses between test and production trust anchors for device certificates |
| 54 // and CRLs. Defaults to using the test trust anchors. | 58 // and CRLs. Defaults to using the test trust anchors. |
| 55 optional bool use_test_trust_anchors = 7 [default = true]; | 59 optional bool use_test_trust_anchors = 7 [default = true]; |
| 56 } | 60 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2303673004:
Hook up Chrome Cast sender to Cast CRL. (Closed)
