include/plop.hrl


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73

%%% Copyright (c) 2014, NORDUnet A/S.
%%% See LICENSE for licensing information.

%%% Plop data structures. Heavily based on RFC 6962. Some are for
%%% database storage, some for interfacing with consumers and some are
%%% for serialisation.

-define(PLOPVERSION, 0).

-type signature_type() :: certificate_timestamp | tree_hash | test. % uint8
-type entry_type() :: x509 | precert | test.    % uint16
-type leaf_type() :: timestamped_entry | test.  % uint8

%% @doc Merkle Tree Leaf -- what's sent as 'leaf_input' in response to
%% get-entries requests and also the input to the hash function for
%% leaf hashes in the tree. RFC 6962 sect 3.4.
-record(mtl, {
          version = ?PLOPVERSION :: pos_integer(),
          leaf_type = timestamped_entry :: leaf_type(),
          entry :: timestamped_entry()
         }).
-type mtl() :: #mtl{}.

-record(spt, {
          version :: pos_integer(),             % uint8
          logid :: binary(), % SHA-256 over DER encoded public log key
          timestamp :: integer(),               % uint64
          signature :: signature()
         }).
-type spt() :: #spt{}.

%% A plop entry with timestamp. Part of the Merkle Tree Leaf
%% structure.
-record(timestamped_entry, {
          timestamp = now :: now | integer(),
          entry :: plop_entry()
         }).
-type timestamped_entry() :: #timestamped_entry{}.

%% An entry, without the timestamp. This is what we hash over and
%% store in the the database for finding duplicated submissions.
-record(plop_entry, {
          type :: entry_type(),
          data :: binary()
         }).
-type plop_entry() :: #plop_entry{}.

-record(sth, {
          treesize :: integer(),
          timestamp :: integer(),
          roothash :: binary(),
          signature :: signature()
         }).
-type sth() :: #sth{}.

%% RFC 5246 7.4.1.4.1
-type hash_alg_type() :: none | md5 | sha1 | sha224 | sha256 | sha384 |
                         sha512. % uint8
-type signature_alg_type() :: anonymous | rsa | dsa | ecdsa. % uint8
-record(sig_and_hash_alg, {
        hash_alg :: hash_alg_type(),
        signature_alg :: signature_alg_type()
       }).
-type sig_and_hash_alg() :: #sig_and_hash_alg{}.

%% RFC 5246 4.7
-record(signature, {
          algorithm :: sig_and_hash_alg(),
          signature :: binary()
         }).
-type signature() :: #signature{}.

-export_type([timestamped_entry/0, mtl/0, entry_type/0]).