diff options
author | Andras Becsi <andras.becsi@digia.com> | 2014-03-18 13:16:26 +0100 |
---|---|---|
committer | Frederik Gladhorn <frederik.gladhorn@digia.com> | 2014-03-20 15:55:39 +0100 |
commit | 3f0f86b0caed75241fa71c95a5d73bc0164348c5 (patch) | |
tree | 92b9fb00f2e9e90b0be2262093876d4f43b6cd13 /chromium/net/cert/signed_certificate_timestamp.h | |
parent | e90d7c4b152c56919d963987e2503f9909a666d2 (diff) | |
download | qtwebengine-chromium-3f0f86b0caed75241fa71c95a5d73bc0164348c5.tar.gz |
Update to new stable branch 1750
This also includes an updated ninja and chromium dependencies
needed on Windows.
Change-Id: Icd597d80ed3fa4425933c9f1334c3c2e31291c42
Reviewed-by: Zoltan Arvai <zarvai@inf.u-szeged.hu>
Reviewed-by: Zeno Albisser <zeno.albisser@digia.com>
Diffstat (limited to 'chromium/net/cert/signed_certificate_timestamp.h')
-rw-r--r-- | chromium/net/cert/signed_certificate_timestamp.h | 129 |
1 files changed, 129 insertions, 0 deletions
diff --git a/chromium/net/cert/signed_certificate_timestamp.h b/chromium/net/cert/signed_certificate_timestamp.h new file mode 100644 index 00000000000..f065a9472a1 --- /dev/null +++ b/chromium/net/cert/signed_certificate_timestamp.h @@ -0,0 +1,129 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_ +#define NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_ + +#include <string> +#include <vector> + +#include "base/memory/ref_counted.h" +#include "base/time/time.h" +#include "net/base/hash_value.h" +#include "net/base/net_export.h" + +class Pickle; +class PickleIterator; + +namespace net { + +// Structures related to Certificate Transparency (RFC6962). +namespace ct { + +// LogEntry struct in RFC 6962, Section 3.1 +struct NET_EXPORT LogEntry { + // LogEntryType enum in RFC 6962, Section 3.1 + enum Type { + LOG_ENTRY_TYPE_X509 = 0, + LOG_ENTRY_TYPE_PRECERT = 1 + }; + + LogEntry(); + ~LogEntry(); + void Reset(); + + Type type; + + // Set if type == LOG_ENTRY_TYPE_X509 + std::string leaf_certificate; + + // Set if type == LOG_ENTRY_TYPE_PRECERT + SHA256HashValue issuer_key_hash; + std::string tbs_certificate; +}; + +// Helper structure to represent Digitally Signed data, as described in +// Sections 4.7 and 7.4.1.4.1 of RFC 5246. +struct NET_EXPORT_PRIVATE DigitallySigned { + enum HashAlgorithm { + HASH_ALGO_NONE = 0, + HASH_ALGO_MD5 = 1, + HASH_ALGO_SHA1 = 2, + HASH_ALGO_SHA224 = 3, + HASH_ALGO_SHA256 = 4, + HASH_ALGO_SHA384 = 5, + HASH_ALGO_SHA512 = 6, + }; + + enum SignatureAlgorithm { + SIG_ALGO_ANONYMOUS = 0, + SIG_ALGO_RSA = 1, + SIG_ALGO_DSA = 2, + SIG_ALGO_ECDSA = 3 + }; + + DigitallySigned(); + ~DigitallySigned(); + + HashAlgorithm hash_algorithm; + SignatureAlgorithm signature_algorithm; + // 'signature' field. + std::string signature_data; +}; + +// SignedCertificateTimestamp struct in RFC 6962, Section 3.2. +struct NET_EXPORT SignedCertificateTimestamp + : public base::RefCountedThreadSafe<SignedCertificateTimestamp> { + // Predicate functor used in maps when SignedCertificateTimestamp is used as + // the key. + struct NET_EXPORT LessThan { + bool operator()(const scoped_refptr<SignedCertificateTimestamp>& lhs, + const scoped_refptr<SignedCertificateTimestamp>& rhs) const; + }; + + // Version enum in RFC 6962, Section 3.2. + enum Version { + SCT_VERSION_1 = 0, + }; + + // Source of the SCT - supplementary, not defined in CT RFC. + enum Origin { + SCT_EMBEDDED = 0, + SCT_FROM_TLS_EXTENSION = 1, + SCT_FROM_OCSP_RESPONSE = 2, + }; + + SignedCertificateTimestamp(); + + void Persist(Pickle* pickle); + static scoped_refptr<SignedCertificateTimestamp> CreateFromPickle( + PickleIterator* iter); + + Version version; + std::string log_id; + base::Time timestamp; + std::string extensions; + DigitallySigned signature; + // The origin should not participate in equality checks + // as the same SCT can be provided from multiple sources. + Origin origin; + // The log description is not one of the SCT fields, but a user-readable + // name defined alongside the log key. It should not participate + // in equality checks as the log's description could change while + // the SCT would be the same. + std::string log_description; + + private: + friend class base::RefCountedThreadSafe<SignedCertificateTimestamp>; + + ~SignedCertificateTimestamp(); + + DISALLOW_COPY_AND_ASSIGN(SignedCertificateTimestamp); +}; + +} // namespace ct + +} // namespace net + +#endif // NET_CERT_SIGNED_CERTIFICATE_TIMESTAMP_H_ |