1 // Copyright 2013 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
6
7 #include <algorithm>
8 #include <memory>
9 #include <string_view>
10 #include <utility>
11
12 #include "base/base64.h"
13 #include "base/strings/string_number_conversions.h"
14 #include "base/values.h"
15 #include "net/cert/ct_sct_to_string.h"
16 #include "net/cert/signed_certificate_timestamp.h"
17
18 namespace net {
19
20 namespace {
21
22 // Base64 encode the given |value| string and put it in |dict| with the
23 // description |key|.
SetBinaryData(const char * key,std::string_view value,base::Value::Dict & dict)24 void SetBinaryData(const char* key,
25 std::string_view value,
26 base::Value::Dict& dict) {
27 std::string b64_value = base::Base64Encode(value);
28
29 dict.Set(key, b64_value);
30 }
31
32 // Returns a dictionary where each key is a field of the SCT and its value
33 // is this field's value in the SCT. This dictionary is meant to be used for
34 // outputting a de-serialized SCT to the NetLog.
SCTToDictionary(const ct::SignedCertificateTimestamp & sct,ct::SCTVerifyStatus status)35 base::Value SCTToDictionary(const ct::SignedCertificateTimestamp& sct,
36 ct::SCTVerifyStatus status) {
37 base::Value::Dict dict;
38
39 dict.Set("origin", OriginToString(sct.origin));
40 dict.Set("verification_status", StatusToString(status));
41 dict.Set("version", sct.version);
42
43 SetBinaryData("log_id", sct.log_id, dict);
44 base::TimeDelta time_since_unix_epoch =
45 sct.timestamp - base::Time::UnixEpoch();
46 dict.Set("timestamp",
47 base::NumberToString(time_since_unix_epoch.InMilliseconds()));
48 SetBinaryData("extensions", sct.extensions, dict);
49
50 dict.Set("hash_algorithm",
51 HashAlgorithmToString(sct.signature.hash_algorithm));
52 dict.Set("signature_algorithm",
53 SignatureAlgorithmToString(sct.signature.signature_algorithm));
54 SetBinaryData("signature_data", sct.signature.signature_data, dict);
55
56 return base::Value(std::move(dict));
57 }
58
59 // Given a list of SCTs and their statuses, return a list Value where each item
60 // is a dictionary created by SCTToDictionary.
SCTListToPrintableValues(const SignedCertificateTimestampAndStatusList & sct_and_status_list)61 base::Value::List SCTListToPrintableValues(
62 const SignedCertificateTimestampAndStatusList& sct_and_status_list) {
63 base::Value::List output_scts;
64 for (const auto& sct_and_status : sct_and_status_list) {
65 output_scts.Append(
66 SCTToDictionary(*(sct_and_status.sct.get()), sct_and_status.status));
67 }
68
69 return output_scts;
70 }
71
72 } // namespace
73
NetLogSignedCertificateTimestampParams(const SignedCertificateTimestampAndStatusList * scts)74 base::Value::Dict NetLogSignedCertificateTimestampParams(
75 const SignedCertificateTimestampAndStatusList* scts) {
76 base::Value::Dict dict;
77
78 dict.Set("scts", SCTListToPrintableValues(*scts));
79
80 return dict;
81 }
82
NetLogRawSignedCertificateTimestampParams(std::string_view embedded_scts,std::string_view sct_list_from_ocsp,std::string_view sct_list_from_tls_extension)83 base::Value::Dict NetLogRawSignedCertificateTimestampParams(
84 std::string_view embedded_scts,
85 std::string_view sct_list_from_ocsp,
86 std::string_view sct_list_from_tls_extension) {
87 base::Value::Dict dict;
88
89 SetBinaryData("embedded_scts", embedded_scts, dict);
90 SetBinaryData("scts_from_ocsp_response", sct_list_from_ocsp, dict);
91 SetBinaryData("scts_from_tls_extension", sct_list_from_tls_extension, dict);
92
93 return dict;
94 }
95
96 } // namespace net
97