mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 22:58:20 +00:00
7e9d48f532
The broxygen-generated files now live in the git repo, have tests that check that they are up-to-date, and a script to re-generate them on-demand.
90 lines
2.9 KiB
ReStructuredText
90 lines
2.9 KiB
ReStructuredText
:tocdepth: 3
|
|
|
|
policy/protocols/ssl/validate-sct.bro
|
|
=====================================
|
|
.. bro:namespace:: SSL
|
|
|
|
Perform validation of Signed Certificate Timestamps, as used
|
|
for Certificate Transparency. See RFC6962 for more details.
|
|
|
|
:Namespace: SSL
|
|
:Imports: :doc:`base/protocols/ssl </scripts/base/protocols/ssl/index>`, :doc:`policy/protocols/ssl/validate-certs.bro </scripts/policy/protocols/ssl/validate-certs.bro>`
|
|
|
|
Summary
|
|
~~~~~~~
|
|
Types
|
|
#####
|
|
============================================ ================================================================
|
|
:bro:type:`SSL::SctInfo`: :bro:type:`record` This record is used to store information about the SCTs that are
|
|
encountered in a SSL connection.
|
|
:bro:type:`SSL::SctSource`: :bro:type:`enum` List of the different sources for Signed Certificate Timestamp
|
|
============================================ ================================================================
|
|
|
|
Redefinitions
|
|
#############
|
|
========================================================================= =
|
|
:bro:type:`SSL::Info`: :bro:type:`record`
|
|
:bro:id:`SSL::ssl_store_valid_chain`: :bro:type:`bool` :bro:attr:`&redef`
|
|
========================================================================= =
|
|
|
|
|
|
Detailed Interface
|
|
~~~~~~~~~~~~~~~~~~
|
|
Types
|
|
#####
|
|
.. bro:type:: SSL::SctInfo
|
|
|
|
:Type: :bro:type:`record`
|
|
|
|
version: :bro:type:`count`
|
|
The version of the encountered SCT (should always be 0 for v1).
|
|
|
|
logid: :bro:type:`string`
|
|
The ID of the log issuing this SCT.
|
|
|
|
timestamp: :bro:type:`count`
|
|
The timestamp at which this SCT was issued measured since the
|
|
epoch (January 1, 1970, 00:00), ignoring leap seconds, in
|
|
milliseconds. Not converted to a Bro timestamp because we need
|
|
the exact value for validation.
|
|
|
|
sig_alg: :bro:type:`count`
|
|
The signature algorithm used for this sct.
|
|
|
|
hash_alg: :bro:type:`count`
|
|
The hash algorithm used for this sct.
|
|
|
|
signature: :bro:type:`string`
|
|
The signature of this SCT.
|
|
|
|
source: :bro:type:`SSL::SctSource`
|
|
Source of this SCT.
|
|
|
|
valid: :bro:type:`bool` :bro:attr:`&optional`
|
|
Validation result of this SCT.
|
|
|
|
This record is used to store information about the SCTs that are
|
|
encountered in a SSL connection.
|
|
|
|
.. bro:type:: SSL::SctSource
|
|
|
|
:Type: :bro:type:`enum`
|
|
|
|
.. bro:enum:: SSL::SCT_X509_EXT SSL::SctSource
|
|
|
|
Signed Certificate Timestamp was encountered in the extension of
|
|
an X.509 certificate.
|
|
|
|
.. bro:enum:: SSL::SCT_TLS_EXT SSL::SctSource
|
|
|
|
Signed Certificate Timestamp was encountered in an TLS session
|
|
extension.
|
|
|
|
.. bro:enum:: SSL::SCT_OCSP_EXT SSL::SctSource
|
|
|
|
Signed Certificate Timestamp was encountered in the extension of
|
|
an stapled OCSP reply.
|
|
|
|
List of the different sources for Signed Certificate Timestamp
|
|
|
|
|