| Index: net/cert/signed_certificate_timestamp.h
|
| diff --git a/net/cert/signed_certificate_timestamp.h b/net/cert/signed_certificate_timestamp.h
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..d3879aea8ad4051e239a3d8164bee77d112a61d8
|
| --- /dev/null
|
| +++ b/net/cert/signed_certificate_timestamp.h
|
| @@ -0,0 +1,102 @@
|
| +// Copyright (c) 2013 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
|
| +#define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
|
| +
|
| +#include <string>
|
| +#include <vector>
|
| +
|
| +#include "base/time/time.h"
|
| +#include "net/base/hash_value.h"
|
| +#include "net/base/net_export.h"
|
| +
|
| +namespace net {
|
| +
|
| +// Structures related to Certificate Transparency (RFC6962).
|
| +namespace ct {
|
| +
|
| +// LogEntry struct in RFC 6962, Section 3.1
|
| +struct NET_EXPORT LogEntry {
|
| + // LogEntryType enum in RFC 6962, Section 3.1
|
| + enum Type {
|
| + LOG_ENTRY_TYPE_X509 = 0,
|
| + LOG_ENTRY_TYPE_PRECERT = 1
|
| + };
|
| +
|
| + LogEntry();
|
| + ~LogEntry();
|
| + void Reset();
|
| +
|
| + Type type;
|
| +
|
| + // Set if type == LOG_ENTRY_TYPE_X509
|
| + std::string leaf_certificate;
|
| +
|
| + // Set if type == LOG_ENTRY_TYPE_PRECERT
|
| + SHA256HashValue issuer_key_hash;
|
| + std::string tbs_certificate;
|
| +};
|
| +
|
| +// Helper structure to represent Digitally Signed data, as described in
|
| +// Sections 4.7 and 7.4.1.4.1 of RFC 5246.
|
| +struct NET_EXPORT_PRIVATE DigitallySigned {
|
| + enum HashAlgorithm {
|
| + HASH_ALGO_NONE = 0,
|
| + HASH_ALGO_MD5 = 1,
|
| + HASH_ALGO_SHA1 = 2,
|
| + HASH_ALGO_SHA224 = 3,
|
| + HASH_ALGO_SHA256 = 4,
|
| + HASH_ALGO_SHA384 = 5,
|
| + HASH_ALGO_SHA512 = 6,
|
| + };
|
| +
|
| + enum SignatureAlgorithm {
|
| + SIG_ALGO_ANONYMOUS = 0,
|
| + SIG_ALGO_RSA = 1,
|
| + SIG_ALGO_DSA = 2,
|
| + SIG_ALGO_ECDSA = 3
|
| + };
|
| +
|
| + DigitallySigned();
|
| + ~DigitallySigned();
|
| +
|
| + HashAlgorithm hash_algorithm;
|
| + SignatureAlgorithm signature_algorithm;
|
| + // 'signature' field.
|
| + std::string signature_data;
|
| +};
|
| +
|
| +// SignedCertificateTimestamp struct in RFC 6962, Section 3.2.
|
| +struct NET_EXPORT SignedCertificateTimestamp {
|
| + // Version enum in RFC 6962, Section 3.2.
|
| + enum Version {
|
| + SCT_VERSION_1 = 0,
|
| + };
|
| +
|
| + // Source of the SCT - supplementary, not defined in CT RFC.
|
| + enum Origin {
|
| + SCT_EMBEDDED = 0,
|
| + SCT_FROM_TLS_HANDSHAKE = 1,
|
| + SCT_FROM_OCSP_RESPONSE = 2,
|
| + };
|
| +
|
| + SignedCertificateTimestamp();
|
| + ~SignedCertificateTimestamp();
|
| +
|
| + Version version;
|
| + std::string log_id;
|
| + base::Time timestamp;
|
| + std::string extensions;
|
| + DigitallySigned signature;
|
| + // The origin should not participate in equality checks
|
| + // as the same SCT can be provided from multiple sources.
|
| + Origin origin;
|
| +};
|
| +
|
| +} // namespace ct
|
| +
|
| +} // namespace net
|
| +
|
| +#endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
|
|
|
Chromium Code Reviews
Issue 37633002:
CT: First step towards supporting Certificate Transparency in Chrome. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master