Git Product home page Git Product logo

certificate-transparency-java's Introduction

certificate-transparency-java's People

Contributors

alexanderkjall avatar ankishagarwal avatar codingllama avatar eranmes avatar kovrus avatar mhutchinson avatar pphaneuf avatar primetomas avatar samuellb avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

certificate-transparency-java's Issues

Create a simple boolean example based on a certificate

Is there anywhere a java code example that allows to hand over a X509Certificate and get a boolean answer whether it is good or not.

I would assume in my lay-person's understanding that the example would:

  1. search the cert in the logs
    a) validate its log entry (and provide the info when it was added to which log and that the log's Merkle proofs were good)
    b) if invalid, add an explanation why it is not good (which logs it was found, but what was wrong with it)
  2. if not found validate the SCTs
    ...

is there anything like this ?

Basic documentation

I don't know if it is intended to be reused outside of Google.
If so, it would be nice to have the following basic documentation artifacts:

  • README
  • Maven artifact snippet
  • Quick start code example

Thanks

Support for Android.

Are there any plans to create an android specific version of this library or it should be used as it is in android app?
Do you know if there are any plans to support Certificate Transparency in android SDK as it is in iOS?
I'm also worried if the library is mature enough to be used in the production android app since I can see that the version number of this library is 0.1.3.
Would you recommend to use ssl pinning in android app until the Certificate Transparency is officially supported in Android?

remove dependency on protobuf

We don't actually need protobuf for anything that Plain Old Java Objects can't do, and they tend to complicate the build.

This has already been started, but needs to be finished off to get the full benefit.

Installation Fails: mvn install error

On attempting to install this project to my local maven repository, I get the following error
Error: Could not find or load main class org.codehaus.plexus.classworlds.launcher.Launcher

Step to reproduce:

  1. Clone repository
  2. cd into certificate-transparency-java directory
  3. execute mvn install

Iterating over precert_entries from getLogEntries causes Serialization Exception

Example:

HttpLogClient ctClient = new HttpLogClient("https://ct.googleapis.com/logs/argon2019/ct/v1/");
List<ParsedLogEntry> entries = ctClient
              .getLogEntries(0,3);

Iterating over entries will raise exception "org.certificatetransparency.ctlog.serialization.SerializationException: Extra data corrupted" since entries at index positions 0 and 1 are precerts.

Index of of bounds when submitting a pre-certificate issued directly from a root CA

From RFC 6962

Each submitted certificate MUST be accompanied by all additional certificates required to verify the certificate chain up to an accepted root certificate. The root certificate itself MAY be omitted from the chain submitted to the log server.

This means I can submit a pre-certificate issued directly from an accepted root. This MAY be omitted on submission, causing the following code to throw IndexOutOfBounds.

 boolean isPreCertificate = CertificateInfo.isPreCertificate(certificatesChain.get(0));
 if (isPreCertificate && CertificateInfo.isPreCertificateSigningCert(certificatesChain.get(1))) {
      Preconditions.checkArgument(
          certificatesChain.size() >= 3,
          "When signing a PreCertificate with a PreCertificate Signing Cert,"
              + " the issuer certificate must follow.");
 }

Adding support for get-proof-by-hash API

It would be useful to just lookup for inclusion proof by MerkleTreeLeaf Hash.
So I wanted to add the support for get-proof-by-hash API which is currently not available in CT Java client.

This support is currently available in python and Go CT library, want to add that same for Java client.

I have tested this feature locally, works well at the moment. Will raise a PR from my forked repository sooner.

Adding 2 public methods which will accept MerkleTreeLeaf (POJO), MerkleTreeLeaf SHA256 hash respectively.

setup a Travis build

Once #1 is fixed, we should be able to setup a Travis build very easily (it should be a very "standard Java project built with Maven" situation).

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.