Evict resources from resource pool after timeout
[chromium-blink-merge.git] / net / cert / ct_signed_certificate_timestamp_log_param.cc
blob01efa0ab7d5c87df31573d7058c57c01d57bc626
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "net/cert/ct_signed_certificate_timestamp_log_param.h"
7 #include <algorithm>
8 #include <string>
10 #include "base/base64.h"
11 #include "base/strings/string_number_conversions.h"
12 #include "base/strings/stringprintf.h"
13 #include "base/values.h"
14 #include "net/cert/ct_verify_result.h"
15 #include "net/cert/signed_certificate_timestamp.h"
17 namespace net {
19 namespace {
21 // Converts a numeric |origin| to text describing the SCT's origin
22 const char* OriginToString(ct::SignedCertificateTimestamp::Origin origin) {
23 switch (origin) {
24 case ct::SignedCertificateTimestamp::SCT_EMBEDDED:
25 return "embedded_in_certificate";
26 case ct::SignedCertificateTimestamp::SCT_FROM_TLS_EXTENSION:
27 return "tls_extension";
28 case ct::SignedCertificateTimestamp::SCT_FROM_OCSP_RESPONSE:
29 return "ocsp";
30 case ct::SignedCertificateTimestamp::SCT_ORIGIN_MAX:
31 break;
34 return "unknown";
37 // Converts a numeric |hash_algorithm| to its textual representation
38 const char* HashAlgorithmToString(
39 ct::DigitallySigned::HashAlgorithm hash_algorithm) {
40 switch (hash_algorithm) {
41 case ct::DigitallySigned::HASH_ALGO_NONE:
42 return "NONE";
43 case ct::DigitallySigned::HASH_ALGO_MD5:
44 return "MD5";
45 case ct::DigitallySigned::HASH_ALGO_SHA1:
46 return "SHA1";
47 case ct::DigitallySigned::HASH_ALGO_SHA224:
48 return "SHA224";
49 case ct::DigitallySigned::HASH_ALGO_SHA256:
50 return "SHA256";
51 case ct::DigitallySigned::HASH_ALGO_SHA384:
52 return "SHA384";
53 case ct::DigitallySigned::HASH_ALGO_SHA512:
54 return "SHA512";
57 return "unknown";
60 // Converts a numeric |signature_algorithm| to its textual representation
61 const char* SignatureAlgorithmToString(
62 ct::DigitallySigned::SignatureAlgorithm signature_algorithm) {
63 switch (signature_algorithm) {
64 case ct::DigitallySigned::SIG_ALGO_ANONYMOUS:
65 return "ANONYMOUS";
66 case ct::DigitallySigned::SIG_ALGO_RSA:
67 return "RSA";
68 case ct::DigitallySigned::SIG_ALGO_DSA:
69 return "DSA";
70 case ct::DigitallySigned::SIG_ALGO_ECDSA:
71 return "ECDSA";
74 return "unknown";
77 // Base64 encode the given |value| string and put it in |dict| with the
78 // description |key|.
79 void SetBinaryData(
80 const char* key,
81 const std::string& value,
82 base::DictionaryValue* dict) {
83 std::string b64_value;
84 base::Base64Encode(value, &b64_value);
86 dict->SetString(key, b64_value);
89 // Returns a dictionary where each key is a field of the SCT and its value
90 // is this field's value in the SCT. This dictionary is meant to be used for
91 // outputting a de-serialized SCT to the NetLog.
92 scoped_ptr<base::DictionaryValue> SCTToDictionary(
93 const ct::SignedCertificateTimestamp& sct) {
94 scoped_ptr<base::DictionaryValue> out(new base::DictionaryValue());
96 out->SetString("origin", OriginToString(sct.origin));
97 out->SetInteger("version", sct.version);
99 SetBinaryData("log_id", sct.log_id, out.get());
100 base::TimeDelta time_since_unix_epoch =
101 sct.timestamp - base::Time::UnixEpoch();
102 out->SetString("timestamp",
103 base::Int64ToString(time_since_unix_epoch.InMilliseconds()));
104 SetBinaryData("extensions", sct.extensions, out.get());
106 out->SetString("hash_algorithm",
107 HashAlgorithmToString(sct.signature.hash_algorithm));
108 out->SetString("signature_algorithm",
109 SignatureAlgorithmToString(sct.signature.signature_algorithm));
110 SetBinaryData("signature_data", sct.signature.signature_data, out.get());
112 return out;
115 // Given a list of SCTs, return a ListValue instance where each item in the
116 // list is a dictionary created by SCTToDictionary.
117 scoped_ptr<base::ListValue> SCTListToPrintableValues(
118 const ct::SCTList& sct_list) {
119 scoped_ptr<base::ListValue> output_scts(new base::ListValue());
120 for (const auto& sct : sct_list)
121 output_scts->Append(SCTToDictionary(*(sct.get())));
123 return output_scts;
126 } // namespace
128 scoped_ptr<base::Value> NetLogSignedCertificateTimestampCallback(
129 const ct::CTVerifyResult* ct_result,
130 NetLogCaptureMode capture_mode) {
131 scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
133 dict->Set("verified_scts",
134 SCTListToPrintableValues(ct_result->verified_scts));
136 dict->Set("invalid_scts",
137 SCTListToPrintableValues(ct_result->invalid_scts));
139 dict->Set("unknown_logs_scts",
140 SCTListToPrintableValues(ct_result->unknown_logs_scts));
142 return dict.Pass();
145 scoped_ptr<base::Value> NetLogRawSignedCertificateTimestampCallback(
146 const std::string* embedded_scts,
147 const std::string* sct_list_from_ocsp,
148 const std::string* sct_list_from_tls_extension,
149 NetLogCaptureMode capture_mode) {
150 scoped_ptr<base::DictionaryValue> dict(new base::DictionaryValue());
152 SetBinaryData("embedded_scts", *embedded_scts, dict.get());
153 SetBinaryData("scts_from_ocsp_response", *sct_list_from_ocsp, dict.get());
154 SetBinaryData("scts_from_tls_extension", *sct_list_from_tls_extension,
155 dict.get());
157 return dict.Pass();
160 } // namespace net