policy/protocols/ssl/validate-sct.bro

SSL

Perform validation of Signed Certificate Timestamps, as used for Certificate Transparency. See RFC6962 for more details.

Namespace:SSL
Imports:base/protocols/ssl, policy/protocols/ssl/validate-certs.bro
Source File:/scripts/policy/protocols/ssl/validate-sct.bro

Summary

Types

SSL::SctInfo: record This record is used to store information about the SCTs that are encountered in a SSL connection.
SSL::SctSource: enum List of the different sources for Signed Certificate Timestamp

Detailed Interface

Types

SSL::SctInfo
Type:

record

version: count

The version of the encountered SCT (should always be 0 for v1).

logid: string

The ID of the log issuing this SCT.

timestamp: count

The timestamp at which this SCT was issued measured since the epoch (January 1, 1970, 00:00), ignoring leap seconds, in milliseconds. Not converted to a Bro timestamp because we need the exact value for validation.

sig_alg: count

The signature algorithm used for this sct.

hash_alg: count

The hash algorithm used for this sct.

signature: string

The signature of this SCT.

source: SSL::SctSource

Source of this SCT.

valid: bool &optional

Validation result of this SCT.

This record is used to store information about the SCTs that are encountered in a SSL connection.

SSL::SctSource
Type:

enum

SSL::SCT_X509_EXT

Signed Certificate Timestamp was encountered in the extension of an X.509 certificate.

SSL::SCT_TLS_EXT

Signed Certificate Timestamp was encountered in an TLS session extension.

SSL::SCT_OCSP_EXT

Signed Certificate Timestamp was encountered in the extension of an stapled OCSP reply.

List of the different sources for Signed Certificate Timestamp


Copyright 2016, The Bro Project. Last updated on December 19, 2018. Created using Sphinx 1.8.2.