search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Revert of Update WV test license server config to use portable sdk server. (https...
[chromium-blink-merge.git] / net / cert / signed_certificate_timestamp.h
blob96268e4d0222ce0ec92a7b9dbc2ae00ed2e21634
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
6 #define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_
7
8 #include <string>
9 #include <vector>
10
11 #include "base/memory/ref_counted.h"
12 #include "base/time/time.h"
13 #include "net/base/hash_value.h"
14 #include "net/base/net_export.h"
15
16 class Pickle;
17 class PickleIterator;
18
19 namespace net {
20
21 // Structures related to Certificate Transparency (RFC6962).
22 namespace ct {
23
24 // LogEntry struct in RFC 6962, Section 3.1
25 struct NET_EXPORT LogEntry {
26 // LogEntryType enum in RFC 6962, Section 3.1
27 enum Type {
28 LOG_ENTRY_TYPE_X509 = 0,
29 LOG_ENTRY_TYPE_PRECERT = 1
30 };
31
32 LogEntry();
33 ~LogEntry();
34 void Reset();
35
36 Type type;
37
38 // Set if type == LOG_ENTRY_TYPE_X509
39 std::string leaf_certificate;
40
41 // Set if type == LOG_ENTRY_TYPE_PRECERT
42 SHA256HashValue issuer_key_hash;
43 std::string tbs_certificate;
44 };
45
46 // Helper structure to represent Digitally Signed data, as described in
47 // Sections 4.7 and 7.4.1.4.1 of RFC 5246.
48 struct NET_EXPORT_PRIVATE DigitallySigned {
49 enum HashAlgorithm {
50 HASH_ALGO_NONE = 0,
51 HASH_ALGO_MD5 = 1,
52 HASH_ALGO_SHA1 = 2,
53 HASH_ALGO_SHA224 = 3,
54 HASH_ALGO_SHA256 = 4,
55 HASH_ALGO_SHA384 = 5,
56 HASH_ALGO_SHA512 = 6,
57 };
58
59 enum SignatureAlgorithm {
60 SIG_ALGO_ANONYMOUS = 0,
61 SIG_ALGO_RSA = 1,
62 SIG_ALGO_DSA = 2,
63 SIG_ALGO_ECDSA = 3
64 };
65
66 DigitallySigned();
67 ~DigitallySigned();
68
69 HashAlgorithm hash_algorithm;
70 SignatureAlgorithm signature_algorithm;
71 // 'signature' field.
72 std::string signature_data;
73 };
74
75 // SignedCertificateTimestamp struct in RFC 6962, Section 3.2.
76 struct NET_EXPORT SignedCertificateTimestamp
77 : public base::RefCountedThreadSafe<SignedCertificateTimestamp> {
78 // Predicate functor used in maps when SignedCertificateTimestamp is used as
79 // the key.
80 struct NET_EXPORT LessThan {
81 bool operator()(const scoped_refptr<SignedCertificateTimestamp>& lhs,
82 const scoped_refptr<SignedCertificateTimestamp>& rhs) const;
83 };
84
85 // Version enum in RFC 6962, Section 3.2.
86 enum Version {
87 SCT_VERSION_1 = 0,
88 };
89
90 // Source of the SCT - supplementary, not defined in CT RFC.
91 // Note: The numeric values are used within histograms and should not change
92 // or be re-assigned.
93 enum Origin {
94 SCT_EMBEDDED = 0,
95 SCT_FROM_TLS_EXTENSION = 1,
96 SCT_FROM_OCSP_RESPONSE = 2,
97 SCT_ORIGIN_MAX,
98 };
99
100 SignedCertificateTimestamp();
101
102 void Persist(Pickle* pickle);
103 static scoped_refptr<SignedCertificateTimestamp> CreateFromPickle(
104 PickleIterator* iter);
105
106 Version version;
107 std::string log_id;
108 base::Time timestamp;
109 std::string extensions;
110 DigitallySigned signature;
111 // The origin should not participate in equality checks
112 // as the same SCT can be provided from multiple sources.
113 Origin origin;
114 // The log description is not one of the SCT fields, but a user-readable
115 // name defined alongside the log key. It should not participate
116 // in equality checks as the log's description could change while
117 // the SCT would be the same.
118 std::string log_description;
119
120 private:
121 friend class base::RefCountedThreadSafe<SignedCertificateTimestamp>;
122
123 ~SignedCertificateTimestamp();
124
125 DISALLOW_COPY_AND_ASSIGN(SignedCertificateTimestamp);
126 };
127
128 } // namespace ct
129
130 } // namespace net
131
132 #endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_