components/certificate_reporting/cert_logger.proto - chromium/src.git - Git at Google

 // Copyright 2015 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 //
 // This protobuffer is intended to store reports from Chrome users of
 // certificate errors. A report will be sent from Chrome when it gets
 // e.g. a certificate for google.com that chains up to a root CA not expected by
 // Chrome for that origin, such as DigiNotar (compromised in July 2011), or
 // other pinning errors such as a blacklisted cert in the chain, or
 // (when opted in) other certificate validation errors like an expired
 // cert. The report from the user will include the hostname being accessed,
 // the full certificate chain (in PEM format), and the
 // timestamp of when the client tried to access the site. A response is
 // generated by the frontend and logged, including validation and error checking
 // done on the client's input data.

 syntax = "proto2";

 // Chrome requires this.
 option optimize_for = LITE_RUNTIME;

 package certificate_reporting;

 // Protocol types

 message CertLoggerInterstitialInfo {
   // The different reasons that an SSL warning interstitial could be shown to
   // a user.
   enum InterstitialReason {
     UNKNOWN_INTERSTITIAL_REASON = 0;
     // A standard SSL interstitial.
     INTERSTITIAL_SSL = 1;
     // An interstitial alerting the user that they are in a captive portal.
     INTERSTITIAL_CAPTIVE_PORTAL = 2;
     // An interstitial telling the user to update their system clock.
     INTERSTITIAL_CLOCK = 3;
     // An interstitial telling the user to remove the Superfish software from
     // their system.
     INTERSTITIAL_SUPERFISH = 4;
     // An interstitial telling the user to fix misconfigured MITM software.
     INTERSTITIAL_MITM_SOFTWARE = 5;
   }

   // The type of interstitial that was shown
   optional InterstitialReason interstitial_reason = 1;
   // True if the user clicked through to the offending website
   optional bool user_proceeded = 2;
   // True if the user was shown an option to click through
   optional bool overridable = 3;
   // The time (in usec since the Windows epoch) when the client created the
   // interstitial.
   optional int64 interstitial_created_time_usec = 4;
 }

 // Contains information about features that are enabled/disabled that
 // might affect certificate validation.
 message CertLoggerFeaturesInfo {
   message NetworkTimeQueryingInfo {
     // True if the network time querying feature is enabled.
     optional bool network_time_queries_enabled = 1;

     // The experimental parameter controlling the behavior of network time
     // queries (whether they happen on-demand when a certificate date error is
     // encountered, in the background, or both).
     enum NetworkTimeFetchBehavior {
       NETWORK_TIME_FETCHES_UNKNOWN = 0;
       NETWORK_TIME_FETCHES_BACKGROUND_ONLY = 1;
       NETWORK_TIME_FETCHES_ON_DEMAND_ONLY = 2;
       NETWORK_TIME_FETCHES_IN_BACKGROUND_AND_ON_DEMAND = 3;
     }
     optional NetworkTimeFetchBehavior network_time_query_behavior = 2;
   }

   optional NetworkTimeQueryingInfo network_time_querying_info = 1;

   // Records whether the Android AIA fetching feature is enabled.
   //
   // This is an enum rather than a boolean as a convenience to
   // distinguish reports where fetching is disabled from reports that
   // were sent before this field was present. (In other words, if it
   // were a boolean, a value of false might mean that fetching was
   // disabled, or it might mean that the browser version was older than
   // when this field was added.)
   enum AndroidAIAFetchingStatus {
     ANDROID_AIA_FETCHING_UNKNOWN = 0;
     ANDROID_AIA_FETCHING_ENABLED = 1;
     ANDROID_AIA_FETCHING_DISABLED = 2;
   }
   optional AndroidAIAFetchingStatus android_aia_fetching_status = 2;
 }

 message CertLoggerRequest {
   // The hostname being accessed (required as the cert could be valid for
   // multiple hosts, e.g. a wildcard or a SubjectAltName.
   required string hostname = 1;
   // The certificate chain as a series of PEM-encoded certificates, including
   // intermediates but not necessarily the root.
   required string cert_chain = 2;
   // The time (in usec since the epoch) when the client generated the report.
   required int64 time_usec = 3;
   // public_key_hash contains the string forms of the hashes calculated for
   // the chain. (I.e. "sha1/<base64 data>".)
   repeated string public_key_hash = 4;
   // pin contains the string forms of the pins that were matched against for
   // this host.
   repeated string pin = 5;

   enum CertError {
     UNKNOWN_CERT_ERROR = 0;
     ERR_CERT_REVOKED = 1;
     ERR_CERT_INVALID = 2;
     ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = 3;
     ERR_CERT_AUTHORITY_INVALID = 4;
     ERR_CERT_COMMON_NAME_INVALID = 5;
     ERR_CERT_NAME_CONSTRAINT_VIOLATION = 6;
     ERR_CERT_WEAK_SIGNATURE_ALGORITHM = 7;
     ERR_CERT_WEAK_KEY = 8;
     ERR_CERT_DATE_INVALID = 9;
     ERR_CERT_VALIDITY_TOO_LONG = 10;
     ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11;
     ERR_CERT_NO_REVOCATION_MECHANISM = 12;
     ERR_CERT_NON_UNIQUE_NAME = 13;
     ERR_CERTIFICATE_TRANSPARENCY_REQUIRED = 14;
   };

   // Certificate errors encountered (if any) when validating this
   // certificate chain.
   repeated CertError cert_error = 6;

   // Information about the interstitial that was shown to the user for
   // this certificate error.
   optional CertLoggerInterstitialInfo interstitial_info = 7;

   // The unverified certificate chain as received by the client, as a
   // series of PEM-encoded certificates. Can be different than
   // |cert_chain|, which is the chain the client built during
   // verification.
   optional string unverified_cert_chain = 8;

   // True if the certificate was rooted at a standard CA root ,as opposed to a
   // user-installed root, but is only meaningful if the underlying certificate
   // validation library built a trusted chain (i.e. the Chrome net stack set the
   // error, not the library).
   optional bool is_issued_by_known_root = 9;

   // Information about features that were enabled or disabled for the
   // user that might affect certificate validation.
   optional CertLoggerFeaturesInfo features_info = 10;

   // False when the report is attempted to be uploaded for the first time. True
   // in all other uploads.
   optional bool is_retry_upload = 11;

   enum ChromeChannel {
     CHROME_CHANNEL_NONE = 0;
     CHROME_CHANNEL_UNKNOWN = 1;
     CHROME_CHANNEL_DEV = 2;
     CHROME_CHANNEL_CANARY = 3;
     CHROME_CHANNEL_BETA = 4;
     CHROME_CHANNEL_STABLE = 5;
   };

   // The Chrome channel that this error occurred on.
   optional ChromeChannel chrome_channel = 12;

   // True if the machine is enterprise managed. Currently only available for
   // Windows and ChromeOS clients.
   optional bool is_enterprise_managed = 13;
 };
	// Copyright 2015 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.
	//
	// This protobuffer is intended to store reports from Chrome users of
	// certificate errors. A report will be sent from Chrome when it gets
	// e.g. a certificate for google.com that chains up to a root CA not expected by
	// Chrome for that origin, such as DigiNotar (compromised in July 2011), or
	// other pinning errors such as a blacklisted cert in the chain, or
	// (when opted in) other certificate validation errors like an expired
	// cert. The report from the user will include the hostname being accessed,
	// the full certificate chain (in PEM format), and the
	// timestamp of when the client tried to access the site. A response is
	// generated by the frontend and logged, including validation and error checking
	// done on the client's input data.

	syntax = "proto2";

	// Chrome requires this.
	option optimize_for = LITE_RUNTIME;

	package certificate_reporting;

	// Protocol types

	message CertLoggerInterstitialInfo {
	// The different reasons that an SSL warning interstitial could be shown to
	// a user.
	enum InterstitialReason {
	UNKNOWN_INTERSTITIAL_REASON = 0;
	// A standard SSL interstitial.
	INTERSTITIAL_SSL = 1;
	// An interstitial alerting the user that they are in a captive portal.
	INTERSTITIAL_CAPTIVE_PORTAL = 2;
	// An interstitial telling the user to update their system clock.
	INTERSTITIAL_CLOCK = 3;
	// An interstitial telling the user to remove the Superfish software from
	// their system.
	INTERSTITIAL_SUPERFISH = 4;
	// An interstitial telling the user to fix misconfigured MITM software.
	INTERSTITIAL_MITM_SOFTWARE = 5;
	}

	// The type of interstitial that was shown
	optional InterstitialReason interstitial_reason = 1;
	// True if the user clicked through to the offending website
	optional bool user_proceeded = 2;
	// True if the user was shown an option to click through
	optional bool overridable = 3;
	// The time (in usec since the Windows epoch) when the client created the
	// interstitial.
	optional int64 interstitial_created_time_usec = 4;
	}

	// Contains information about features that are enabled/disabled that
	// might affect certificate validation.
	message CertLoggerFeaturesInfo {
	message NetworkTimeQueryingInfo {
	// True if the network time querying feature is enabled.
	optional bool network_time_queries_enabled = 1;

	// The experimental parameter controlling the behavior of network time
	// queries (whether they happen on-demand when a certificate date error is
	// encountered, in the background, or both).
	enum NetworkTimeFetchBehavior {
	NETWORK_TIME_FETCHES_UNKNOWN = 0;
	NETWORK_TIME_FETCHES_BACKGROUND_ONLY = 1;
	NETWORK_TIME_FETCHES_ON_DEMAND_ONLY = 2;
	NETWORK_TIME_FETCHES_IN_BACKGROUND_AND_ON_DEMAND = 3;
	}
	optional NetworkTimeFetchBehavior network_time_query_behavior = 2;
	}

	optional NetworkTimeQueryingInfo network_time_querying_info = 1;

	// Records whether the Android AIA fetching feature is enabled.
	//
	// This is an enum rather than a boolean as a convenience to
	// distinguish reports where fetching is disabled from reports that
	// were sent before this field was present. (In other words, if it
	// were a boolean, a value of false might mean that fetching was
	// disabled, or it might mean that the browser version was older than
	// when this field was added.)
	enum AndroidAIAFetchingStatus {
	ANDROID_AIA_FETCHING_UNKNOWN = 0;
	ANDROID_AIA_FETCHING_ENABLED = 1;
	ANDROID_AIA_FETCHING_DISABLED = 2;
	}
	optional AndroidAIAFetchingStatus android_aia_fetching_status = 2;
	}

	message CertLoggerRequest {
	// The hostname being accessed (required as the cert could be valid for
	// multiple hosts, e.g. a wildcard or a SubjectAltName.
	required string hostname = 1;
	// The certificate chain as a series of PEM-encoded certificates, including
	// intermediates but not necessarily the root.
	required string cert_chain = 2;
	// The time (in usec since the epoch) when the client generated the report.
	required int64 time_usec = 3;
	// public_key_hash contains the string forms of the hashes calculated for
	// the chain. (I.e. "sha1/<base64 data>".)
	repeated string public_key_hash = 4;
	// pin contains the string forms of the pins that were matched against for
	// this host.
	repeated string pin = 5;

	enum CertError {
	UNKNOWN_CERT_ERROR = 0;
	ERR_CERT_REVOKED = 1;
	ERR_CERT_INVALID = 2;
	ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = 3;
	ERR_CERT_AUTHORITY_INVALID = 4;
	ERR_CERT_COMMON_NAME_INVALID = 5;
	ERR_CERT_NAME_CONSTRAINT_VIOLATION = 6;
	ERR_CERT_WEAK_SIGNATURE_ALGORITHM = 7;
	ERR_CERT_WEAK_KEY = 8;
	ERR_CERT_DATE_INVALID = 9;
	ERR_CERT_VALIDITY_TOO_LONG = 10;
	ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11;
	ERR_CERT_NO_REVOCATION_MECHANISM = 12;
	ERR_CERT_NON_UNIQUE_NAME = 13;
	ERR_CERTIFICATE_TRANSPARENCY_REQUIRED = 14;
	};

	// Certificate errors encountered (if any) when validating this
	// certificate chain.
	repeated CertError cert_error = 6;

	// Information about the interstitial that was shown to the user for
	// this certificate error.
	optional CertLoggerInterstitialInfo interstitial_info = 7;

	// The unverified certificate chain as received by the client, as a
	// series of PEM-encoded certificates. Can be different than
	// \|cert_chain\|, which is the chain the client built during
	// verification.
	optional string unverified_cert_chain = 8;

	// True if the certificate was rooted at a standard CA root ,as opposed to a
	// user-installed root, but is only meaningful if the underlying certificate
	// validation library built a trusted chain (i.e. the Chrome net stack set the
	// error, not the library).
	optional bool is_issued_by_known_root = 9;

	// Information about features that were enabled or disabled for the
	// user that might affect certificate validation.
	optional CertLoggerFeaturesInfo features_info = 10;

	// False when the report is attempted to be uploaded for the first time. True
	// in all other uploads.
	optional bool is_retry_upload = 11;

	enum ChromeChannel {
	CHROME_CHANNEL_NONE = 0;
	CHROME_CHANNEL_UNKNOWN = 1;
	CHROME_CHANNEL_DEV = 2;
	CHROME_CHANNEL_CANARY = 3;
	CHROME_CHANNEL_BETA = 4;
	CHROME_CHANNEL_STABLE = 5;
	};

	// The Chrome channel that this error occurred on.
	optional ChromeChannel chrome_channel = 12;

	// True if the machine is enterprise managed. Currently only available for
	// Windows and ChromeOS clients.
	optional bool is_enterprise_managed = 13;
	};