Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(686)

Unified Diff: net/cert/signed_certificate_timestamp.h

Issue 37633002: CT: First step towards supporting Certificate Transparency in Chrome. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Implementing Ryan's suggestion of substr-ing the StringPiece Created 7 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/cert/ct_serialization_unittest.cc ('k') | net/cert/signed_certificate_timestamp.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/cert/signed_certificate_timestamp.h
diff --git a/net/cert/signed_certificate_timestamp.h b/net/cert/signed_certificate_timestamp.h
new file mode 100644
index 0000000000000000000000000000000000000000..d3879aea8ad4051e239a3d8164bee77d112a61d8
--- /dev/null
+++ b/net/cert/signed_certificate_timestamp.h
@@ -0,0 +1,102 @@
+// Copyright (c) 2013 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
+#define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
+
+#include <string>
+#include <vector>
+
+#include "base/time/time.h"
+#include "net/base/hash_value.h"
+#include "net/base/net_export.h"
+
+namespace net {
+
+// Structures related to Certificate Transparency (RFC6962).
+namespace ct {
+
+// LogEntry struct in RFC 6962, Section 3.1
+struct NET_EXPORT LogEntry {
+ // LogEntryType enum in RFC 6962, Section 3.1
+ enum Type {
+ LOG_ENTRY_TYPE_X509 = 0,
+ LOG_ENTRY_TYPE_PRECERT = 1
+ };
+
+ LogEntry();
+ ~LogEntry();
+ void Reset();
+
+ Type type;
+
+ // Set if type == LOG_ENTRY_TYPE_X509
+ std::string leaf_certificate;
+
+ // Set if type == LOG_ENTRY_TYPE_PRECERT
+ SHA256HashValue issuer_key_hash;
+ std::string tbs_certificate;
+};
+
+// Helper structure to represent Digitally Signed data, as described in
+// Sections 4.7 and 7.4.1.4.1 of RFC 5246.
+struct NET_EXPORT_PRIVATE DigitallySigned {
+ enum HashAlgorithm {
+ HASH_ALGO_NONE = 0,
+ HASH_ALGO_MD5 = 1,
+ HASH_ALGO_SHA1 = 2,
+ HASH_ALGO_SHA224 = 3,
+ HASH_ALGO_SHA256 = 4,
+ HASH_ALGO_SHA384 = 5,
+ HASH_ALGO_SHA512 = 6,
+ };
+
+ enum SignatureAlgorithm {
+ SIG_ALGO_ANONYMOUS = 0,
+ SIG_ALGO_RSA = 1,
+ SIG_ALGO_DSA = 2,
+ SIG_ALGO_ECDSA = 3
+ };
+
+ DigitallySigned();
+ ~DigitallySigned();
+
+ HashAlgorithm hash_algorithm;
+ SignatureAlgorithm signature_algorithm;
+ // 'signature' field.
+ std::string signature_data;
+};
+
+// SignedCertificateTimestamp struct in RFC 6962, Section 3.2.
+struct NET_EXPORT SignedCertificateTimestamp {
+ // Version enum in RFC 6962, Section 3.2.
+ enum Version {
+ SCT_VERSION_1 = 0,
+ };
+
+ // Source of the SCT - supplementary, not defined in CT RFC.
+ enum Origin {
+ SCT_EMBEDDED = 0,
+ SCT_FROM_TLS_HANDSHAKE = 1,
+ SCT_FROM_OCSP_RESPONSE = 2,
+ };
+
+ SignedCertificateTimestamp();
+ ~SignedCertificateTimestamp();
+
+ Version version;
+ std::string log_id;
+ base::Time timestamp;
+ std::string extensions;
+ DigitallySigned signature;
+ // The origin should not participate in equality checks
+ // as the same SCT can be provided from multiple sources.
+ Origin origin;
+};
+
+} // namespace ct
+
+} // namespace net
+
+#endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
« no previous file with comments | « net/cert/ct_serialization_unittest.cc ('k') | net/cert/signed_certificate_timestamp.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698