| // Copyright 2015 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| // |
| // This protobuffer is intended to store reports from Chrome users of |
| // certificate errors. A report will be sent from Chrome when it gets |
| // e.g. a certificate for google.com that chains up to a root CA not expected by |
| // Chrome for that origin, such as DigiNotar (compromised in July 2011), or |
| // other pinning errors such as a blacklisted cert in the chain, or |
| // (when opted in) other certificate validation errors like an expired |
| // cert. The report from the user will include the hostname being accessed, |
| // the full certificate chain (in PEM format), and the |
| // timestamp of when the client tried to access the site. A response is |
| // generated by the frontend and logged, including validation and error checking |
| // done on the client's input data. |
| |
| syntax = "proto2"; |
| |
| // Chrome requires this. |
| option optimize_for = LITE_RUNTIME; |
| |
| package certificate_reporting; |
| |
| // Protocol types |
| |
| message CertLoggerInterstitialInfo { |
| // The different reasons that an SSL warning interstitial could be shown to |
| // a user. |
| enum InterstitialReason { |
| UNKNOWN_INTERSTITIAL_REASON = 0; |
| // A standard SSL interstitial. |
| INTERSTITIAL_SSL = 1; |
| // An interstitial alerting the user that they are in a captive portal. |
| INTERSTITIAL_CAPTIVE_PORTAL = 2; |
| // An interstitial telling the user to update their system clock. |
| INTERSTITIAL_CLOCK = 3; |
| // An interstitial telling the user to remove the Superfish software from |
| // their system. |
| INTERSTITIAL_SUPERFISH = 4; |
| // An interstitial telling the user to fix misconfigured MITM software. |
| INTERSTITIAL_MITM_SOFTWARE = 5; |
| } |
| |
| // The type of interstitial that was shown |
| optional InterstitialReason interstitial_reason = 1; |
| // True if the user clicked through to the offending website |
| optional bool user_proceeded = 2; |
| // True if the user was shown an option to click through |
| optional bool overridable = 3; |
| // The time (in usec since the Windows epoch) when the client created the |
| // interstitial. |
| optional int64 interstitial_created_time_usec = 4; |
| } |
| |
| // Contains information about features that are enabled/disabled that |
| // might affect certificate validation. |
| message CertLoggerFeaturesInfo { |
| message NetworkTimeQueryingInfo { |
| // True if the network time querying feature is enabled. |
| optional bool network_time_queries_enabled = 1; |
| |
| // The experimental parameter controlling the behavior of network time |
| // queries (whether they happen on-demand when a certificate date error is |
| // encountered, in the background, or both). |
| enum NetworkTimeFetchBehavior { |
| NETWORK_TIME_FETCHES_UNKNOWN = 0; |
| NETWORK_TIME_FETCHES_BACKGROUND_ONLY = 1; |
| NETWORK_TIME_FETCHES_ON_DEMAND_ONLY = 2; |
| NETWORK_TIME_FETCHES_IN_BACKGROUND_AND_ON_DEMAND = 3; |
| } |
| optional NetworkTimeFetchBehavior network_time_query_behavior = 2; |
| } |
| |
| optional NetworkTimeQueryingInfo network_time_querying_info = 1; |
| |
| // Records whether the Android AIA fetching feature is enabled. |
| // |
| // This is an enum rather than a boolean as a convenience to |
| // distinguish reports where fetching is disabled from reports that |
| // were sent before this field was present. (In other words, if it |
| // were a boolean, a value of false might mean that fetching was |
| // disabled, or it might mean that the browser version was older than |
| // when this field was added.) |
| enum AndroidAIAFetchingStatus { |
| ANDROID_AIA_FETCHING_UNKNOWN = 0; |
| ANDROID_AIA_FETCHING_ENABLED = 1; |
| ANDROID_AIA_FETCHING_DISABLED = 2; |
| } |
| optional AndroidAIAFetchingStatus android_aia_fetching_status = 2; |
| } |
| |
| message CertLoggerRequest { |
| // The hostname being accessed (required as the cert could be valid for |
| // multiple hosts, e.g. a wildcard or a SubjectAltName. |
| required string hostname = 1; |
| // The certificate chain as a series of PEM-encoded certificates, including |
| // intermediates but not necessarily the root. |
| required string cert_chain = 2; |
| // The time (in usec since the epoch) when the client generated the report. |
| required int64 time_usec = 3; |
| // public_key_hash contains the string forms of the hashes calculated for |
| // the chain. (I.e. "sha1/<base64 data>".) |
| repeated string public_key_hash = 4; |
| // pin contains the string forms of the pins that were matched against for |
| // this host. |
| repeated string pin = 5; |
| |
| enum CertError { |
| UNKNOWN_CERT_ERROR = 0; |
| ERR_CERT_REVOKED = 1; |
| ERR_CERT_INVALID = 2; |
| ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = 3; |
| ERR_CERT_AUTHORITY_INVALID = 4; |
| ERR_CERT_COMMON_NAME_INVALID = 5; |
| ERR_CERT_NAME_CONSTRAINT_VIOLATION = 6; |
| ERR_CERT_WEAK_SIGNATURE_ALGORITHM = 7; |
| ERR_CERT_WEAK_KEY = 8; |
| ERR_CERT_DATE_INVALID = 9; |
| ERR_CERT_VALIDITY_TOO_LONG = 10; |
| ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11; |
| ERR_CERT_NO_REVOCATION_MECHANISM = 12; |
| ERR_CERT_NON_UNIQUE_NAME = 13; |
| ERR_CERTIFICATE_TRANSPARENCY_REQUIRED = 14; |
| }; |
| |
| // Certificate errors encountered (if any) when validating this |
| // certificate chain. |
| repeated CertError cert_error = 6; |
| |
| // Information about the interstitial that was shown to the user for |
| // this certificate error. |
| optional CertLoggerInterstitialInfo interstitial_info = 7; |
| |
| // The unverified certificate chain as received by the client, as a |
| // series of PEM-encoded certificates. Can be different than |
| // |cert_chain|, which is the chain the client built during |
| // verification. |
| optional string unverified_cert_chain = 8; |
| |
| // True if the certificate was rooted at a standard CA root ,as opposed to a |
| // user-installed root, but is only meaningful if the underlying certificate |
| // validation library built a trusted chain (i.e. the Chrome net stack set the |
| // error, not the library). |
| optional bool is_issued_by_known_root = 9; |
| |
| // Information about features that were enabled or disabled for the |
| // user that might affect certificate validation. |
| optional CertLoggerFeaturesInfo features_info = 10; |
| |
| // False when the report is attempted to be uploaded for the first time. True |
| // in all other uploads. |
| optional bool is_retry_upload = 11; |
| |
| enum ChromeChannel { |
| CHROME_CHANNEL_NONE = 0; |
| CHROME_CHANNEL_UNKNOWN = 1; |
| CHROME_CHANNEL_DEV = 2; |
| CHROME_CHANNEL_CANARY = 3; |
| CHROME_CHANNEL_BETA = 4; |
| CHROME_CHANNEL_STABLE = 5; |
| }; |
| |
| // The Chrome channel that this error occurred on. |
| optional ChromeChannel chrome_channel = 12; |
| |
| // True if the machine is enterprise managed. Currently only available for |
| // Windows and ChromeOS clients. |
| optional bool is_enterprise_managed = 13; |
| }; |