// Copyright 2015 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
//
// This protobuffer is intended to store reports from Chrome users of
// certificate errors. A report will be sent from Chrome when it gets
// e.g. a certificate for google.com that chains up to a root CA not expected by
// Chrome for that origin, such as DigiNotar (compromised in July 2011), or
// other pinning errors such as a blacklisted cert in the chain, or
// (when opted in) other certificate validation errors like an expired
// cert. The report from the user will include the hostname being accessed,
// the full certificate chain (in PEM format), and the
// timestamp of when the client tried to access the site. A response is
// generated by the frontend and logged, including validation and error checking
// done on the client's input data.

syntax = "proto2";

// Chrome requires this.
option optimize_for = LITE_RUNTIME;

package certificate_reporting;

// Protocol types

message CertLoggerInterstitialInfo {
  // The different reasons that an SSL warning interstitial could be shown to
  // a user.
  enum InterstitialReason {
    UNKNOWN_INTERSTITIAL_REASON = 0;
    // A standard SSL interstitial
    INTERSTITIAL_SSL = 1;
    // An interstitial alerting the user that they are in a captive portal
    INTERSTITIAL_CAPTIVE_PORTAL = 2;
    // An interstitial telling the user to update their system clock
    INTERSTITIAL_CLOCK = 3;
  }

  // The type of interstitial that was shown
  optional InterstitialReason interstitial_reason = 1;
  // True if the user clicked through to the offending website
  optional bool user_proceeded = 2;
  // True if the user was shown an option to click through
  optional bool overridable = 3;
  // The time (in usec since the Windows epoch) when the client created the
  // interstitial.
  optional int64 interstitial_created_time_usec = 4;
}

// Contains information about features that are enabled/disabled that
// might affect certificate validation.
message CertLoggerFeaturesInfo {
  message NetworkTimeQueryingInfo {
    // True if the network time querying feature is enabled.
    optional bool network_time_queries_enabled = 1;

    // The experimental parameter controlling the behavior of network time
    // queries (whether they happen on-demand when a certificate date error is
    // encountered, in the background, or both).
    enum NetworkTimeFetchBehavior {
      NETWORK_TIME_FETCHES_UNKNOWN = 0;
      NETWORK_TIME_FETCHES_BACKGROUND_ONLY = 1;
      NETWORK_TIME_FETCHES_ON_DEMAND_ONLY = 2;
      NETWORK_TIME_FETCHES_IN_BACKGROUND_AND_ON_DEMAND = 3;
    }
    optional NetworkTimeFetchBehavior network_time_query_behavior = 2;
  }

  optional NetworkTimeQueryingInfo network_time_querying_info = 1;
}

message CertLoggerRequest {
  // The hostname being accessed (required as the cert could be valid for
  // multiple hosts, e.g. a wildcard or a SubjectAltName.
  required string hostname = 1;
  // The certificate chain as a series of PEM-encoded certificates, including
  // intermediates but not necessarily the root.
  required string cert_chain = 2;
  // The time (in usec since the epoch) when the client generated the report.
  required int64 time_usec = 3;
  // public_key_hash contains the string forms of the hashes calculated for
  // the chain. (I.e. "sha1/<base64 data>".)
  repeated string public_key_hash = 4;
  // pin contains the string forms of the pins that were matched against for
  // this host.
  repeated string pin = 5;

  enum CertError {
    UNKNOWN_CERT_ERROR = 0;
    ERR_CERT_REVOKED = 1;
    ERR_CERT_INVALID = 2;
    ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN = 3;
    ERR_CERT_AUTHORITY_INVALID = 4;
    ERR_CERT_COMMON_NAME_INVALID = 5;
    ERR_CERT_NAME_CONSTRAINT_VIOLATION = 6;
    ERR_CERT_WEAK_SIGNATURE_ALGORITHM = 7;
    ERR_CERT_WEAK_KEY = 8;
    ERR_CERT_DATE_INVALID = 9;
    ERR_CERT_VALIDITY_TOO_LONG = 10;
    ERR_CERT_UNABLE_TO_CHECK_REVOCATION = 11;
    ERR_CERT_NO_REVOCATION_MECHANISM = 12;
    ERR_CERT_NON_UNIQUE_NAME = 13;
    ERR_CERTIFICATE_TRANSPARENCY_REQUIRED = 14;
  };

  // Certificate errors encountered (if any) when validating this
  // certificate chain.
  repeated CertError cert_error = 6;

  // Information about the interstitial that was shown to the user for
  // this certificate error.
  optional CertLoggerInterstitialInfo interstitial_info = 7;

  // The unverified certificate chain as received by the client, as a
  // series of PEM-encoded certificates. Can be different than
  // |cert_chain|, which is the chain the client built during
  // verification.
  optional string unverified_cert_chain = 8;

  // True if the certificate was rooted at a standard CA root ,as opposed to a
  // user-installed root, but is only meaningful if the underlying certificate
  // validation library built a trusted chain (i.e. the Chrome net stack set the
  // error, not the library).
  optional bool is_issued_by_known_root = 9;

  // Information about features that were enabled or disabled for the
  // user that might affect certificate validation.
  optional CertLoggerFeaturesInfo features_info = 10;
};