blob: 5dfa3d4219e6544fb4f139da4bb25510f2a4b4db [file] [log] [blame]
// Copyright 2016 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
syntax = "proto2";
option optimize_for = LITE_RUNTIME;
package chrome_browser_ssl;
message CaptivePortalCert {
// Sha256 hash of the certificate's public key. The fingerprint is prefixed
// with "sha256/" and encoded in base64 (same format as
// src/net/http/transport_security_state_static.pins)
// Example: sha256/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
//
// NOTE: Only leaf certs must be added here.
optional string sha256_hash = 1;
}
// The MITMSoftware list is used to match potential MITM software certificates.
// The certificate issuer common name and organization names are matched against
// the |issuer_common_name_pattern| and |issuer_organization_pattern| fields.
message MITMSoftware {
// Human readable name of the MITM software to display on the interstitial.
optional string name = 1;
// Regex pattern that matches the issuer common name on this MITM software's
// certificates. Chrome doesn't use common name field for certificate
// validation anymore, but it's still useful for identifying MITM software.
optional string issuer_common_name_regex = 2;
// Regex pattern that matches the issuer organization on this MITM software's
// certificates.
optional string issuer_organization_regex = 3;
}
message SSLErrorAssistantConfig {
optional uint32 version_id = 1;
repeated CaptivePortalCert captive_portal_cert = 2;
repeated MITMSoftware mitm_software = 3;
}