1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
6 #define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
11 #include "base/memory/ref_counted.h"
12 #include "base/time/time.h"
13 #include "net/base/hash_value.h"
14 #include "net/base/net_export.h"
21 // Structures related to Certificate Transparency (RFC6962).
24 // LogEntry struct in RFC 6962, Section 3.1
25 struct NET_EXPORT LogEntry
{
26 // LogEntryType enum in RFC 6962, Section 3.1
28 LOG_ENTRY_TYPE_X509
= 0,
29 LOG_ENTRY_TYPE_PRECERT
= 1
38 // Set if type == LOG_ENTRY_TYPE_X509
39 std::string leaf_certificate
;
41 // Set if type == LOG_ENTRY_TYPE_PRECERT
42 SHA256HashValue issuer_key_hash
;
43 std::string tbs_certificate
;
46 // Helper structure to represent Digitally Signed data, as described in
47 // Sections 4.7 and 7.4.1.4.1 of RFC 5246.
48 struct NET_EXPORT_PRIVATE DigitallySigned
{
59 enum SignatureAlgorithm
{
60 SIG_ALGO_ANONYMOUS
= 0,
69 // Returns true if |other_hash_algorithm| and |other_signature_algorithm|
70 // match this DigitallySigned hash and signature algorithms.
71 bool SignatureParametersMatch(
72 HashAlgorithm other_hash_algorithm
,
73 SignatureAlgorithm other_signature_algorithm
) const;
75 HashAlgorithm hash_algorithm
;
76 SignatureAlgorithm signature_algorithm
;
78 std::string signature_data
;
81 // SignedCertificateTimestamp struct in RFC 6962, Section 3.2.
82 struct NET_EXPORT SignedCertificateTimestamp
83 : public base::RefCountedThreadSafe
<SignedCertificateTimestamp
> {
84 // Predicate functor used in maps when SignedCertificateTimestamp is used as
86 struct NET_EXPORT LessThan
{
87 bool operator()(const scoped_refptr
<SignedCertificateTimestamp
>& lhs
,
88 const scoped_refptr
<SignedCertificateTimestamp
>& rhs
) const;
91 // Version enum in RFC 6962, Section 3.2.
96 // Source of the SCT - supplementary, not defined in CT RFC.
97 // Note: The numeric values are used within histograms and should not change
101 SCT_FROM_TLS_EXTENSION
= 1,
102 SCT_FROM_OCSP_RESPONSE
= 2,
106 SignedCertificateTimestamp();
108 void Persist(Pickle
* pickle
);
109 static scoped_refptr
<SignedCertificateTimestamp
> CreateFromPickle(
110 PickleIterator
* iter
);
114 base::Time timestamp
;
115 std::string extensions
;
116 DigitallySigned signature
;
118 // The log description is not one of the SCT fields, but a user-readable
119 // name defined alongside the log key. It should not participate
120 // in equality checks as the log's description could change while
121 // the SCT would be the same.
122 std::string log_description
;
125 friend class base::RefCountedThreadSafe
<SignedCertificateTimestamp
>;
127 ~SignedCertificateTimestamp();
129 DISALLOW_COPY_AND_ASSIGN(SignedCertificateTimestamp
);
136 #endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_