1*6777b538SAndroid Build Coastguard Worker // Copyright 2016 The Chromium Authors 2*6777b538SAndroid Build Coastguard Worker // Use of this source code is governed by a BSD-style license that can be 3*6777b538SAndroid Build Coastguard Worker // found in the LICENSE file. 4*6777b538SAndroid Build Coastguard Worker 5*6777b538SAndroid Build Coastguard Worker #ifndef NET_CERT_MERKLE_TREE_LEAF_H_ 6*6777b538SAndroid Build Coastguard Worker #define NET_CERT_MERKLE_TREE_LEAF_H_ 7*6777b538SAndroid Build Coastguard Worker 8*6777b538SAndroid Build Coastguard Worker #include <memory> 9*6777b538SAndroid Build Coastguard Worker #include <string> 10*6777b538SAndroid Build Coastguard Worker 11*6777b538SAndroid Build Coastguard Worker #include "base/time/time.h" 12*6777b538SAndroid Build Coastguard Worker #include "net/base/net_export.h" 13*6777b538SAndroid Build Coastguard Worker #include "net/cert/signed_certificate_timestamp.h" 14*6777b538SAndroid Build Coastguard Worker 15*6777b538SAndroid Build Coastguard Worker namespace net { 16*6777b538SAndroid Build Coastguard Worker 17*6777b538SAndroid Build Coastguard Worker class X509Certificate; 18*6777b538SAndroid Build Coastguard Worker 19*6777b538SAndroid Build Coastguard Worker namespace ct { 20*6777b538SAndroid Build Coastguard Worker 21*6777b538SAndroid Build Coastguard Worker // Represents a MerkleTreeLeaf as defined in RFC6962, section 3.4. 22*6777b538SAndroid Build Coastguard Worker // The goal of this struct is to represent the Merkle tree entry such that 23*6777b538SAndroid Build Coastguard Worker // all details are easily accessible and a leaf hash can be easily calculated 24*6777b538SAndroid Build Coastguard Worker // for the entry. 25*6777b538SAndroid Build Coastguard Worker // 26*6777b538SAndroid Build Coastguard Worker // As such, it has all the data as the MerkleTreeLeaf defined in the RFC, 27*6777b538SAndroid Build Coastguard Worker // but it is not identical to the structure in the RFC for the following 28*6777b538SAndroid Build Coastguard Worker // reasons: 29*6777b538SAndroid Build Coastguard Worker // * The version is implicit - it is only used for V1 leaves currently. 30*6777b538SAndroid Build Coastguard Worker // * the leaf_type is also implicit: There's exactly one leaf type and no 31*6777b538SAndroid Build Coastguard Worker // new types are planned. 32*6777b538SAndroid Build Coastguard Worker // * The timestamped_entry's |timestamp| and |extensions| fields are directly 33*6777b538SAndroid Build Coastguard Worker // accessible. 34*6777b538SAndroid Build Coastguard Worker // * The timestamped_entry's entry_type can be deduced from |signed_entry|.type 35*6777b538SAndroid Build Coastguard Worker struct NET_EXPORT MerkleTreeLeaf { 36*6777b538SAndroid Build Coastguard Worker MerkleTreeLeaf(); 37*6777b538SAndroid Build Coastguard Worker MerkleTreeLeaf(const MerkleTreeLeaf& other); 38*6777b538SAndroid Build Coastguard Worker MerkleTreeLeaf(MerkleTreeLeaf&&); 39*6777b538SAndroid Build Coastguard Worker ~MerkleTreeLeaf(); 40*6777b538SAndroid Build Coastguard Worker 41*6777b538SAndroid Build Coastguard Worker // Certificate / Precertificate and indication of entry type. 42*6777b538SAndroid Build Coastguard Worker SignedEntryData signed_entry; 43*6777b538SAndroid Build Coastguard Worker 44*6777b538SAndroid Build Coastguard Worker // Timestamp from the SCT. 45*6777b538SAndroid Build Coastguard Worker base::Time timestamp; 46*6777b538SAndroid Build Coastguard Worker 47*6777b538SAndroid Build Coastguard Worker // Extensions from the SCT. 48*6777b538SAndroid Build Coastguard Worker std::string extensions; 49*6777b538SAndroid Build Coastguard Worker }; 50*6777b538SAndroid Build Coastguard Worker 51*6777b538SAndroid Build Coastguard Worker // Given a |cert| and an |sct| for that certificate, constructs the 52*6777b538SAndroid Build Coastguard Worker // representation of this entry in the Merkle tree by filling in 53*6777b538SAndroid Build Coastguard Worker // |merkle_tree_leaf|. 54*6777b538SAndroid Build Coastguard Worker // Returns false if it failed to construct the |merkle_tree_leaf|. 55*6777b538SAndroid Build Coastguard Worker NET_EXPORT bool GetMerkleTreeLeaf(const X509Certificate* cert, 56*6777b538SAndroid Build Coastguard Worker const SignedCertificateTimestamp* sct, 57*6777b538SAndroid Build Coastguard Worker MerkleTreeLeaf* merkle_tree_leaf); 58*6777b538SAndroid Build Coastguard Worker 59*6777b538SAndroid Build Coastguard Worker // Sets |*out| to the hash of the Merkle |tree_leaf|, as defined in RFC6962, 60*6777b538SAndroid Build Coastguard Worker // section 3.4. Returns true if the hash was generated, false if an error 61*6777b538SAndroid Build Coastguard Worker // occurred. 62*6777b538SAndroid Build Coastguard Worker NET_EXPORT bool HashMerkleTreeLeaf(const MerkleTreeLeaf& tree_leaf, 63*6777b538SAndroid Build Coastguard Worker std::string* out); 64*6777b538SAndroid Build Coastguard Worker 65*6777b538SAndroid Build Coastguard Worker } // namespace ct 66*6777b538SAndroid Build Coastguard Worker 67*6777b538SAndroid Build Coastguard Worker } // namespace net 68*6777b538SAndroid Build Coastguard Worker 69*6777b538SAndroid Build Coastguard Worker #endif // NET_CERT_MERKLE_TREE_LEAF_H_ 70