1 // Copyright 2016 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/merkle_tree_leaf.h"
6
7 #include "crypto/sha2.h"
8 #include "net/cert/ct_objects_extractor.h"
9 #include "net/cert/ct_serialization.h"
10 #include "net/cert/x509_certificate.h"
11
12 namespace net::ct {
13
14 MerkleTreeLeaf::MerkleTreeLeaf() = default;
15
16 MerkleTreeLeaf::MerkleTreeLeaf(const MerkleTreeLeaf& other) = default;
17
18 MerkleTreeLeaf::MerkleTreeLeaf(MerkleTreeLeaf&&) = default;
19
20 MerkleTreeLeaf::~MerkleTreeLeaf() = default;
21
HashMerkleTreeLeaf(const MerkleTreeLeaf & tree_leaf,std::string * out)22 bool HashMerkleTreeLeaf(const MerkleTreeLeaf& tree_leaf, std::string* out) {
23 // Prepend 0 byte as per RFC 6962, section-2.1
24 std::string leaf_in_tls_format("\x00", 1);
25 if (!EncodeTreeLeaf(tree_leaf, &leaf_in_tls_format))
26 return false;
27
28 *out = crypto::SHA256HashString(leaf_in_tls_format);
29 return true;
30 }
31
GetMerkleTreeLeaf(const X509Certificate * cert,const SignedCertificateTimestamp * sct,MerkleTreeLeaf * merkle_tree_leaf)32 bool GetMerkleTreeLeaf(const X509Certificate* cert,
33 const SignedCertificateTimestamp* sct,
34 MerkleTreeLeaf* merkle_tree_leaf) {
35 if (sct->origin == SignedCertificateTimestamp::SCT_EMBEDDED) {
36 if (cert->intermediate_buffers().empty() ||
37 !GetPrecertSignedEntry(cert->cert_buffer(),
38 cert->intermediate_buffers().front().get(),
39 &merkle_tree_leaf->signed_entry)) {
40 return false;
41 }
42 } else {
43 if (!GetX509SignedEntry(cert->cert_buffer(),
44 &merkle_tree_leaf->signed_entry)) {
45 return false;
46 }
47 }
48
49 merkle_tree_leaf->timestamp = sct->timestamp;
50 merkle_tree_leaf->extensions = sct->extensions;
51 return true;
52 }
53
54 } // namespace net::ct
55