net/cert/ct_signed_certificate_timestamp_log_param.cc - chromium/src - Git at Google

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"

 #include <algorithm>
 #include <string>

 #include "base/base64.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/stringprintf.h"
 #include "base/values.h"
 #include "net/cert/ct_verify_result.h"
 #include "net/cert/signed_certificate_timestamp.h"

 namespace net {

 namespace {

 // Converts a numeric |origin| to text describing the SCT's origin
 const char* OriginToString(ct::SignedCertificateTimestamp::Origin origin) {
   switch (origin) {
     case ct::SignedCertificateTimestamp::SCT_EMBEDDED:
       return "embedded_in_certificate";
     case ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION:
       return "tls_extension";
     case ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE:
       return "ocsp";
     case ct::SignedCertificateTimestamp::SCT_ORIGIN_MAX:
       break;
   }

   return "unknown";
 }

 // Converts a numeric |hash_algorithm| to its textual representation
 const char* HashAlgorithmToString(
     ct::DigitallySigned::HashAlgorithm hash_algorithm) {
   switch (hash_algorithm) {
     case ct::DigitallySigned::HASH_ALGO_NONE:
       return "NONE";
     case ct::DigitallySigned::HASH_ALGO_MD5:
       return "MD5";
     case ct::DigitallySigned::HASH_ALGO_SHA1:
       return "SHA1";
     case ct::DigitallySigned::HASH_ALGO_SHA224:
       return "SHA224";
     case ct::DigitallySigned::HASH_ALGO_SHA256:
       return "SHA256";
     case ct::DigitallySigned::HASH_ALGO_SHA384:
       return "SHA384";
     case ct::DigitallySigned::HASH_ALGO_SHA512:
       return "SHA512";
   }

   return "unknown";
 }

 // Converts a numeric |signature_algorithm| to its textual representation
 const char* SignatureAlgorithmToString(
     ct::DigitallySigned::SignatureAlgorithm signature_algorithm) {
   switch (signature_algorithm) {
     case ct::DigitallySigned::SIG_ALGO_ANONYMOUS:
       return "ANONYMOUS";
     case ct::DigitallySigned::SIG_ALGO_RSA:
       return "RSA";
     case ct::DigitallySigned::SIG_ALGO_DSA:
       return "DSA";
     case ct::DigitallySigned::SIG_ALGO_ECDSA:
       return "ECDSA";
   }

   return "unknown";
 }

 // Base64 encode the given |value| string and put it in |dict| with the
 // description |key|.
 void SetBinaryData(
     const char* key,
     const std::string& value,
     base::DictionaryValue* dict) {
   std::string b64_value;
   base::Base64Encode(value, &b64_value);

   dict->SetString(key, b64_value);
 }

 // Returns a dictionary where each key is a field of the SCT and its value
 // is this field's value in the SCT. This dictionary is meant to be used for
 // outputting a de-serialized SCT to the NetLog.
 base::DictionaryValue* SCTToDictionary(
     const ct::SignedCertificateTimestamp& sct) {
   base::DictionaryValue* out = new base::DictionaryValue();

   out->SetString("origin", OriginToString(sct.origin));
   out->SetInteger("version", sct.version);

   SetBinaryData("log_id", sct.log_id, out);
   base::TimeDelta time_since_unix_epoch =
       sct.timestamp - base::Time::UnixEpoch();
   out->SetString("timestamp",
       base::Int64ToString(time_since_unix_epoch.InMilliseconds()));
   SetBinaryData("extensions", sct.extensions, out);

   out->SetString("hash_algorithm",
                  HashAlgorithmToString(sct.signature.hash_algorithm));
   out->SetString("signature_algorithm",
                  SignatureAlgorithmToString(sct.signature.signature_algorithm));
   SetBinaryData(
       "signature_data", sct.signature.signature_data, out);

   return out;
 }

 // Given a list of SCTs, return a ListValue instance where each item in the
 // list is a dictionary created by SCTToDictionary.
 base::ListValue* SCTListToPrintableValues(
     const ct::SCTList& sct_list) {
   base::ListValue* output_scts = new base::ListValue();
   for (ct::SCTList::const_iterator it = sct_list.begin();
        it != sct_list.end();
        ++it)
     output_scts->Append(SCTToDictionary(*(it->get())));

   return output_scts;
 }

 }  // namespace

 base::Value* NetLogSignedCertificateTimestampCallback(
     const ct::CTVerifyResult* ct_result, NetLog::LogLevel log_level) {
   base::DictionaryValue* dict = new base::DictionaryValue();

   dict->Set("verified_scts",
             SCTListToPrintableValues(ct_result->verified_scts));

   dict->Set("invalid_scts",
             SCTListToPrintableValues(ct_result->invalid_scts));

   dict->Set("unknown_logs_scts",
             SCTListToPrintableValues(ct_result->unknown_logs_scts));

   return dict;
 }

 base::Value* NetLogRawSignedCertificateTimestampCallback(
     const std::string* embedded_scts,
     const std::string* sct_list_from_ocsp,
     const std::string* sct_list_from_tls_extension,
     NetLog::LogLevel log_level) {
   base::DictionaryValue* dict = new base::DictionaryValue();

   SetBinaryData("embedded_scts", *embedded_scts, dict);
   SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp, dict);
   SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension, dict);

   return dict;
 }

 }  // namespace net
	// Copyright 2013 The Chromium Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style license that can be
	// found in the LICENSE file.

	#include "net/cert/ct_signed_certificate_timestamp_log_param.h"

	#include <algorithm>
	#include <string>

	#include "base/base64.h"
	#include "base/strings/string_number_conversions.h"
	#include "base/strings/stringprintf.h"
	#include "base/values.h"
	#include "net/cert/ct_verify_result.h"
	#include "net/cert/signed_certificate_timestamp.h"

	namespace net {

	namespace {

	// Converts a numeric \|origin\| to text describing the SCT's origin
	const char* OriginToString(ct::SignedCertificateTimestamp::Origin origin) {
	switch (origin) {
	case ct::SignedCertificateTimestamp::SCT_EMBEDDED:
	return "embedded_in_certificate";
	case ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION:
	return "tls_extension";
	case ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE:
	return "ocsp";
	case ct::SignedCertificateTimestamp::SCT_ORIGIN_MAX:
	break;
	}

	return "unknown";
	}

	// Converts a numeric \|hash_algorithm\| to its textual representation
	const char* HashAlgorithmToString(
	ct::DigitallySigned::HashAlgorithm hash_algorithm) {
	switch (hash_algorithm) {
	case ct::DigitallySigned::HASH_ALGO_NONE:
	return "NONE";
	case ct::DigitallySigned::HASH_ALGO_MD5:
	return "MD5";
	case ct::DigitallySigned::HASH_ALGO_SHA1:
	return "SHA1";
	case ct::DigitallySigned::HASH_ALGO_SHA224:
	return "SHA224";
	case ct::DigitallySigned::HASH_ALGO_SHA256:
	return "SHA256";
	case ct::DigitallySigned::HASH_ALGO_SHA384:
	return "SHA384";
	case ct::DigitallySigned::HASH_ALGO_SHA512:
	return "SHA512";
	}

	return "unknown";
	}

	// Converts a numeric \|signature_algorithm\| to its textual representation
	const char* SignatureAlgorithmToString(
	ct::DigitallySigned::SignatureAlgorithm signature_algorithm) {
	switch (signature_algorithm) {
	case ct::DigitallySigned::SIG_ALGO_ANONYMOUS:
	return "ANONYMOUS";
	case ct::DigitallySigned::SIG_ALGO_RSA:
	return "RSA";
	case ct::DigitallySigned::SIG_ALGO_DSA:
	return "DSA";
	case ct::DigitallySigned::SIG_ALGO_ECDSA:
	return "ECDSA";
	}

	return "unknown";
	}

	// Base64 encode the given \|value\| string and put it in \|dict\| with the
	// description \|key\|.
	void SetBinaryData(
	const char* key,
	const std::string& value,
	base::DictionaryValue* dict) {
	std::string b64_value;
	base::Base64Encode(value, &b64_value);

	dict->SetString(key, b64_value);
	}

	// Returns a dictionary where each key is a field of the SCT and its value
	// is this field's value in the SCT. This dictionary is meant to be used for
	// outputting a de-serialized SCT to the NetLog.
	base::DictionaryValue* SCTToDictionary(
	const ct::SignedCertificateTimestamp& sct) {
	base::DictionaryValue* out = new base::DictionaryValue();

	out->SetString("origin", OriginToString(sct.origin));
	out->SetInteger("version", sct.version);

	SetBinaryData("log_id", sct.log_id, out);
	base::TimeDelta time_since_unix_epoch =
	sct.timestamp - base::Time::UnixEpoch();
	out->SetString("timestamp",
	base::Int64ToString(time_since_unix_epoch.InMilliseconds()));
	SetBinaryData("extensions", sct.extensions, out);

	out->SetString("hash_algorithm",
	HashAlgorithmToString(sct.signature.hash_algorithm));
	out->SetString("signature_algorithm",
	SignatureAlgorithmToString(sct.signature.signature_algorithm));
	SetBinaryData(
	"signature_data", sct.signature.signature_data, out);

	return out;
	}

	// Given a list of SCTs, return a ListValue instance where each item in the
	// list is a dictionary created by SCTToDictionary.
	base::ListValue* SCTListToPrintableValues(
	const ct::SCTList& sct_list) {
	base::ListValue* output_scts = new base::ListValue();
	for (ct::SCTList::const_iterator it = sct_list.begin();
	it != sct_list.end();
	++it)
	output_scts->Append(SCTToDictionary(*(it->get())));

	return output_scts;
	}

	} // namespace

	base::Value* NetLogSignedCertificateTimestampCallback(
	const ct::CTVerifyResult* ct_result, NetLog::LogLevel log_level) {
	base::DictionaryValue* dict = new base::DictionaryValue();

	dict->Set("verified_scts",
	SCTListToPrintableValues(ct_result->verified_scts));

	dict->Set("invalid_scts",
	SCTListToPrintableValues(ct_result->invalid_scts));

	dict->Set("unknown_logs_scts",
	SCTListToPrintableValues(ct_result->unknown_logs_scts));

	return dict;
	}

	base::Value* NetLogRawSignedCertificateTimestampCallback(
	const std::string* embedded_scts,
	const std::string* sct_list_from_ocsp,
	const std::string* sct_list_from_tls_extension,
	NetLog::LogLevel log_level) {
	base::DictionaryValue* dict = new base::DictionaryValue();

	SetBinaryData("embedded_scts", *embedded_scts, dict);
	SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp, dict);
	SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension, dict);

	return dict;
	}

	} // namespace net