xref: /aosp_15_r20/external/cronet/net/cert/merkle_tree_leaf.h (revision 6777b5387eb2ff775bb5750e3f5d96f37fb7352b) 
1 // Copyright 2016 The Chromium Authors
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_CERT_MERKLE_TREE_LEAF_H_
6 #define NET_CERT_MERKLE_TREE_LEAF_H_
7 
8 #include <memory>
9 #include <string>
10 
11 #include "base/time/time.h"
12 #include "net/base/net_export.h"
13 #include "net/cert/signed_certificate_timestamp.h"
14 
15 namespace net {
16 
17 class X509Certificate;
18 
19 namespace ct {
20 
21 // Represents a MerkleTreeLeaf as defined in RFC6962, section 3.4.
22 // The goal of this struct is to represent the Merkle tree entry such that
23 // all details are easily accessible and a leaf hash can be easily calculated
24 // for the entry.
25 //
26 // As such, it has all the data as the MerkleTreeLeaf defined in the RFC,
27 // but it is not identical to the structure in the RFC for the following
28 // reasons:
29 // * The version is implicit - it is only used for V1 leaves currently.
30 // * the leaf_type is also implicit: There's exactly one leaf type and no
31 // new types are planned.
32 // * The timestamped_entry's |timestamp| and |extensions| fields are directly
33 // accessible.
34 // * The timestamped_entry's entry_type can be deduced from |signed_entry|.type
35 struct NET_EXPORT MerkleTreeLeaf {
36   MerkleTreeLeaf();
37   MerkleTreeLeaf(const MerkleTreeLeaf& other);
38   MerkleTreeLeaf(MerkleTreeLeaf&&);
39   ~MerkleTreeLeaf();
40 
41   // Certificate / Precertificate and indication of entry type.
42   SignedEntryData signed_entry;
43 
44   // Timestamp from the SCT.
45   base::Time timestamp;
46 
47   // Extensions from the SCT.
48   std::string extensions;
49 };
50 
51 // Given a |cert| and an |sct| for that certificate, constructs the
52 // representation of this entry in the Merkle tree by filling in
53 // |merkle_tree_leaf|.
54 // Returns false if it failed to construct the |merkle_tree_leaf|.
55 NET_EXPORT bool GetMerkleTreeLeaf(const X509Certificate* cert,
56                                   const SignedCertificateTimestamp* sct,
57                                   MerkleTreeLeaf* merkle_tree_leaf);
58 
59 // Sets |*out| to the hash of the Merkle |tree_leaf|, as defined in RFC6962,
60 // section 3.4. Returns true if the hash was generated, false if an error
61 // occurred.
62 NET_EXPORT bool HashMerkleTreeLeaf(const MerkleTreeLeaf& tree_leaf,
63                                    std::string* out);
64 
65 }  // namespace ct
66 
67 }  // namespace net
68 
69 #endif  // NET_CERT_MERKLE_TREE_LEAF_H_
70