1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
10 #include "base/base64.h"
11 #include "base/strings/string_number_conversions.h"
12 #include "base/strings/stringprintf.h"
13 #include "base/values.h"
14 #include "net/cert/ct_verify_result.h"
15 #include "net/cert/signed_certificate_timestamp.h"
21 // Converts a numeric |origin| to text describing the SCT's origin
22 const char* OriginToString(ct::SignedCertificateTimestamp::Origin origin
) {
24 case ct::SignedCertificateTimestamp::SCT_EMBEDDED
:
25 return "embedded_in_certificate";
26 case ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION
:
27 return "tls_extension";
28 case ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE
:
30 case ct::SignedCertificateTimestamp::SCT_ORIGIN_MAX
:
37 // Converts a numeric |hash_algorithm| to its textual representation
38 const char* HashAlgorithmToString(
39 ct::DigitallySigned::HashAlgorithm hash_algorithm
) {
40 switch (hash_algorithm
) {
41 case ct::DigitallySigned::HASH_ALGO_NONE
:
43 case ct::DigitallySigned::HASH_ALGO_MD5
:
45 case ct::DigitallySigned::HASH_ALGO_SHA1
:
47 case ct::DigitallySigned::HASH_ALGO_SHA224
:
49 case ct::DigitallySigned::HASH_ALGO_SHA256
:
51 case ct::DigitallySigned::HASH_ALGO_SHA384
:
53 case ct::DigitallySigned::HASH_ALGO_SHA512
:
60 // Converts a numeric |signature_algorithm| to its textual representation
61 const char* SignatureAlgorithmToString(
62 ct::DigitallySigned::SignatureAlgorithm signature_algorithm
) {
63 switch (signature_algorithm
) {
64 case ct::DigitallySigned::SIG_ALGO_ANONYMOUS
:
66 case ct::DigitallySigned::SIG_ALGO_RSA
:
68 case ct::DigitallySigned::SIG_ALGO_DSA
:
70 case ct::DigitallySigned::SIG_ALGO_ECDSA
:
77 // Base64 encode the given |value| string and put it in |dict| with the
81 const std::string
& value
,
82 base::DictionaryValue
* dict
) {
83 std::string b64_value
;
84 base::Base64Encode(value
, &b64_value
);
86 dict
->SetString(key
, b64_value
);
89 // Returns a dictionary where each key is a field of the SCT and its value
90 // is this field's value in the SCT. This dictionary is meant to be used for
91 // outputting a de-serialized SCT to the NetLog.
92 base::DictionaryValue
* SCTToDictionary(
93 const ct::SignedCertificateTimestamp
& sct
) {
94 base::DictionaryValue
* out
= new base::DictionaryValue();
96 out
->SetString("origin", OriginToString(sct
.origin
));
97 out
->SetInteger("version", sct
.version
);
99 SetBinaryData("log_id", sct
.log_id
, out
);
100 base::TimeDelta time_since_unix_epoch
=
101 sct
.timestamp
- base::Time::UnixEpoch();
102 out
->SetString("timestamp",
103 base::Int64ToString(time_since_unix_epoch
.InMilliseconds()));
104 SetBinaryData("extensions", sct
.extensions
, out
);
106 out
->SetString("hash_algorithm",
107 HashAlgorithmToString(sct
.signature
.hash_algorithm
));
108 out
->SetString("signature_algorithm",
109 SignatureAlgorithmToString(sct
.signature
.signature_algorithm
));
111 "signature_data", sct
.signature
.signature_data
, out
);
116 // Given a list of SCTs, return a ListValue instance where each item in the
117 // list is a dictionary created by SCTToDictionary.
118 base::ListValue
* SCTListToPrintableValues(
119 const ct::SCTList
& sct_list
) {
120 base::ListValue
* output_scts
= new base::ListValue();
121 for (ct::SCTList::const_iterator it
= sct_list
.begin();
122 it
!= sct_list
.end();
124 output_scts
->Append(SCTToDictionary(*(it
->get())));
131 base::Value
* NetLogSignedCertificateTimestampCallback(
132 const ct::CTVerifyResult
* ct_result
, NetLog::LogLevel log_level
) {
133 base::DictionaryValue
* dict
= new base::DictionaryValue();
135 dict
->Set("verified_scts",
136 SCTListToPrintableValues(ct_result
->verified_scts
));
138 dict
->Set("invalid_scts",
139 SCTListToPrintableValues(ct_result
->invalid_scts
));
141 dict
->Set("unknown_logs_scts",
142 SCTListToPrintableValues(ct_result
->unknown_logs_scts
));
147 base::Value
* NetLogRawSignedCertificateTimestampCallback(
148 const std::string
* embedded_scts
,
149 const std::string
* sct_list_from_ocsp
,
150 const std::string
* sct_list_from_tls_extension
,
151 NetLog::LogLevel log_level
) {
152 base::DictionaryValue
* dict
= new base::DictionaryValue();
154 SetBinaryData("embedded_scts", *embedded_scts
, dict
);
155 SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp
, dict
);
156 SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension
, dict
);