// Copyright 2013 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "net/cert/ct_serialization.h" #include <string_view> #include "base/logging.h" #include "base/numerics/checked_math.h" #include "crypto/sha2.h" #include "net/cert/merkle_tree_leaf.h" #include "net/cert/signed_certificate_timestamp.h" #include "net/cert/signed_tree_head.h" #include "third_party/boringssl/src/include/openssl/bytestring.h" namespace net::ct { namespace { const size_t kLogIdLength = …; enum SignatureType { … }; // Reads a variable-length SCT list that has been TLS encoded. // The bytes read from |in| are discarded (i.e. |in|'s prefix removed) // |max_list_length| contains the overall length of the encoded list. // |max_item_length| contains the maximum length of a single item. // On success, returns true and updates |*out| with the encoded list. bool ReadSCTList(CBS* in, std::vector<std::string_view>* out) { … } // Checks and converts a hash algorithm. // |in| is the numeric representation of the algorithm. // If the hash algorithm value is in a set of known values, fills in |out| and // returns true. Otherwise, returns false. bool ConvertHashAlgorithm(unsigned in, DigitallySigned::HashAlgorithm* out) { … } // Checks and converts a signing algorithm. // |in| is the numeric representation of the algorithm. // If the signing algorithm value is in a set of known values, fills in |out| // and returns true. Otherwise, returns false. bool ConvertSignatureAlgorithm( unsigned in, DigitallySigned::SignatureAlgorithm* out) { … } // Writes a SignedEntryData of type X.509 cert to |*output|. // |input| is the SignedEntryData containing the certificate. // Returns true if the leaf_certificate in the SignedEntryData does not exceed // kMaxAsn1CertificateLength and so can be written to |output|. bool EncodeAsn1CertSignedEntry(const SignedEntryData& input, CBB* output) { … } // Writes a SignedEntryData of type PreCertificate to |*output|. // |input| is the SignedEntryData containing the TBSCertificate and issuer key // hash. Returns true if the TBSCertificate component in the SignedEntryData // does not exceed kMaxTbsCertificateLength and so can be written to |output|. bool EncodePrecertSignedEntry(const SignedEntryData& input, CBB* output) { … } } // namespace bool EncodeDigitallySigned(const DigitallySigned& input, CBB* output_cbb) { … } bool EncodeDigitallySigned(const DigitallySigned& input, std::string* output) { … } bool DecodeDigitallySigned(CBS* input, DigitallySigned* output) { … } bool DecodeDigitallySigned(std::string_view* input, DigitallySigned* output) { … } static bool EncodeSignedEntry(const SignedEntryData& input, CBB* output) { … } bool EncodeSignedEntry(const SignedEntryData& input, std::string* output) { … } static bool ReadTimeSinceEpoch(CBS* input, base::Time* output) { … } static bool WriteTimeSinceEpoch(const base::Time& timestamp, CBB* output) { … } bool EncodeTreeLeaf(const MerkleTreeLeaf& leaf, std::string* output) { … } bool EncodeV1SCTSignedData(const base::Time& timestamp, const std::string& serialized_log_entry, const std::string& extensions, std::string* output) { … } bool EncodeTreeHeadSignature(const SignedTreeHead& signed_tree_head, std::string* output) { … } bool DecodeSCTList(std::string_view input, std::vector<std::string_view>* output) { … } bool DecodeSignedCertificateTimestamp( std::string_view* input, scoped_refptr<SignedCertificateTimestamp>* output) { … } bool EncodeSignedCertificateTimestamp( const scoped_refptr<ct::SignedCertificateTimestamp>& input, std::string* output) { … } bool EncodeSCTListForTesting(const std::vector<std::string>& scts, std::string* output) { … } } // namespace net::ct
Codebase Browser
chromium