1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164
|
#include "log/logged_entry.h"
#include "proto/cert_serializer.h"
#include "proto/serializer.h"
#include "util/util.h"
using cert_trans::serialization::SerializeResult;
using ct::CertInfo;
using ct::LogEntry;
using ct::PreCert;
using ct::SignedCertificateTimestamp;
using std::string;
using util::RandomString;
namespace cert_trans {
string LoggedEntry::Hash() const {
return Sha256Hasher::Sha256Digest(Serializer::LeafData(entry()));
}
bool LoggedEntry::SerializeForLeaf(string* dst) const {
return Serializer::SerializeSCTMerkleTreeLeaf(sct(), entry(), dst) ==
SerializeResult::OK;
}
bool LoggedEntry::SerializeExtraData(string* dst) const {
switch (entry().type()) {
case ct::X509_ENTRY:
return SerializeX509Chain(entry().x509_entry(), dst) ==
SerializeResult::OK;
case ct::PRECERT_ENTRY:
return SerializePrecertChainEntry(entry().precert_entry(), dst) ==
SerializeResult::OK;
case ct::PRECERT_ENTRY_V2:
// TODO(mhs): V2 implementation needs to be provided.
LOG(FATAL) << "CT V2 not yet implemented";
break;
case ct::X_JSON_ENTRY:
dst->clear();
return true;
case ct::UNKNOWN_ENTRY_TYPE:
// We'll handle this below, along with any unknown unknown types too.
break;
}
LOG(FATAL) << "Unknown entry type " << entry().type();
}
bool LoggedEntry::CopyFromClientLogEntry(const AsyncLogClient::Entry& entry) {
if (entry.leaf.timestamped_entry().entry_type() != ct::X509_ENTRY &&
entry.leaf.timestamped_entry().entry_type() != ct::PRECERT_ENTRY &&
entry.leaf.timestamped_entry().entry_type() != ct::X_JSON_ENTRY) {
LOG(INFO) << "unsupported entry_type: "
<< entry.leaf.timestamped_entry().entry_type();
return false;
}
Clear();
ct::SignedCertificateTimestamp* const sct(mutable_contents()->mutable_sct());
sct->set_version(ct::V1);
sct->set_timestamp(entry.leaf.timestamped_entry().timestamp());
sct->set_extensions(entry.leaf.timestamped_entry().extensions());
// It may look like you should just be able to copy entry.entry over
// contents.entry, but entry.entry is incomplete (when the same
// information is available in entry.leaf, it will be missing from
// entry.entry). So we still need to fill in some missing bits...
LogEntry* const log_entry(mutable_contents()->mutable_entry());
log_entry->CopyFrom(entry.entry);
log_entry->set_type(entry.leaf.timestamped_entry().entry_type());
switch (contents().entry().type()) {
case ct::X509_ENTRY: {
log_entry->mutable_x509_entry()->set_leaf_certificate(
entry.leaf.timestamped_entry().signed_entry().x509());
break;
}
case ct::PRECERT_ENTRY: {
PreCert* const precert(
log_entry->mutable_precert_entry()->mutable_pre_cert());
precert->set_issuer_key_hash(entry.leaf.timestamped_entry()
.signed_entry()
.precert()
.issuer_key_hash());
precert->set_tbs_certificate(entry.leaf.timestamped_entry()
.signed_entry()
.precert()
.tbs_certificate());
break;
}
case ct::X_JSON_ENTRY: {
log_entry->mutable_x_json_entry()->set_json(
entry.leaf.timestamped_entry().signed_entry().json());
break;
}
case ct::PRECERT_ENTRY_V2: {
// TODO(mhs): V2 implementation here + other changes above
LOG(FATAL) << "CT V2 not yet implemented";
break;
}
default:
LOG(FATAL) << "unknown entry type";
}
return true;
}
void LoggedEntry::RandomForTest() {
const char kKeyID[] =
"b69d879e3f2c4402556dcda2f6b2e02ff6b6df4789c53000e14f4b125ae847aa";
mutable_sct()->set_version(ct::V1);
mutable_sct()->mutable_id()->set_key_id(util::BinaryString(kKeyID));
mutable_sct()->set_timestamp(util::TimeInMilliseconds());
mutable_sct()->clear_extensions();
const int random_bits(rand());
ct::LogEntryType type(random_bits & 1 ? ct::X509_ENTRY : ct::PRECERT_ENTRY);
ct::LogEntry* const entry(mutable_entry());
entry->set_type(type);
entry->clear_x509_entry();
entry->clear_precert_entry();
if (type == ct::X509_ENTRY) {
entry->mutable_x509_entry()->set_leaf_certificate(RandomString(512, 1024));
if (random_bits & 2) {
entry->mutable_x509_entry()->add_certificate_chain(
RandomString(512, 1024));
if (random_bits & 4) {
entry->mutable_x509_entry()->add_certificate_chain(
RandomString(512, 1024));
}
}
} else {
entry->mutable_precert_entry()->mutable_pre_cert()->set_issuer_key_hash(
RandomString(32, 32));
entry->mutable_precert_entry()->mutable_pre_cert()->set_tbs_certificate(
RandomString(512, 1024));
entry->mutable_precert_entry()->set_pre_certificate(
RandomString(512, 1024));
if (random_bits & 2) {
entry->mutable_precert_entry()->add_precertificate_chain(
RandomString(512, 1024));
if (random_bits & 4) {
entry->mutable_precert_entry()->add_precertificate_chain(
RandomString(512, 1024));
}
}
}
}
} // namespace cert_trans
|