Initial commit for Certificate Transparency support

Original authors:
Rob Stradling <rob@comodo.com>
Dr. Stephen Henson <steve@openssl.org>

Reviewed-by: Emilia Kasper <emilia@openssl.org>
Reviewed-by: Rich Salz <rsalz@openssl.org>

8 files changed, 649 insertions, 42 deletions

diff --git a/crypto/ct/Makefile b/crypto/ct/Makefile
new file mode 100644
index 0000000000..ce3a6b1fb2
--- /dev/null
+++ b/crypto/ct/Makefile
@@ -0,0 +1,83 @@
+#
+# OpenSSL/crypto/ct/Makefile
+#
+
+DIR=	ct
+TOP=	../..
+CC=	cc
+INCLUDES= -I.. -I$(TOP) -I../../include
+CFLAG=-g
+MAKEFILE=	Makefile
+AR=		ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= ct_lib.c
+LIBOBJ= ct_lib.o
+
+SRC= $(LIBSRC)
+
+HEADER=	ct_lcl.h
+
+ALL=    $(GENERAL) $(SRC) $(HEADER)
+
+top:
+	(cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all:	lib
+
+lib:	$(LIBOBJ)
+	$(AR) $(LIB) $(LIBOBJ)
+	$(RANLIB) $(LIB) || echo Never mind.
+	@touch lib
+
+files:
+	$(PERL) $(TOP)/util/files.pl Makefile >> $(TOP)/MINFO
+
+tags:
+	ctags $(SRC)
+
+lint:
+	lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+update:  depend
+
+depend:
+	@[ -n "$(MAKEDEPEND)" ] # should be set by upper Makefile...
+	$(MAKEDEPEND) -- $(CFLAG) $(INCLUDES) $(DEPFLAG) -- $(PROGS) $(LIBSRC)
+
+dclean:
+	$(PERL) -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+	mv -f Makefile.new $(MAKEFILE)
+
+clean:
+	rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
+
+ct_lib.o: ../../e_os.h ../../include/openssl/asn1.h ../../include/openssl/bio.h
+ct_lib.o: ../../include/openssl/bn.h ../../include/openssl/buffer.h
+ct_lib.o: ../../include/openssl/comp.h ../../include/openssl/crypto.h
+ct_lib.o: ../../include/openssl/dsa.h ../../include/openssl/dtls1.h
+ct_lib.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
+ct_lib.o: ../../include/openssl/ecdh.h ../../include/openssl/ecdsa.h
+ct_lib.o: ../../include/openssl/err.h ../../include/openssl/evp.h
+ct_lib.o: ../../include/openssl/hmac.h ../../include/openssl/lhash.h
+ct_lib.o: ../../include/openssl/obj_mac.h ../../include/openssl/objects.h
+ct_lib.o: ../../include/openssl/opensslconf.h ../../include/openssl/opensslv.h
+ct_lib.o: ../../include/openssl/ossl_typ.h ../../include/openssl/pem.h
+ct_lib.o: ../../include/openssl/pem2.h ../../include/openssl/pkcs7.h
+ct_lib.o: ../../include/openssl/pqueue.h ../../include/openssl/rsa.h
+ct_lib.o: ../../include/openssl/safestack.h ../../include/openssl/sha.h
+ct_lib.o: ../../include/openssl/srtp.h ../../include/openssl/ssl.h
+ct_lib.o: ../../include/openssl/ssl2.h ../../include/openssl/ssl3.h
+ct_lib.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
+ct_lib.o: ../../include/openssl/tls1.h ../../include/openssl/x509.h
+ct_lib.o: ../../include/openssl/x509_vfy.h ../../ssl/packet_locl.h
+ct_lib.o: ../../ssl/record/record.h ../../ssl/ssl_locl.h
+ct_lib.o: ../include/internal/cryptlib.h ct_lib.c ct_locl.h
diff --git a/crypto/ct/ct_err.c b/crypto/ct/ct_err.c
new file mode 100644
index 0000000000..d2781c5b5f
--- /dev/null
+++ b/crypto/ct/ct_err.c
@@ -0,0 +1,101 @@
+/* crypto/ct/ct_err.c */
+/* ====================================================================
+ * Copyright (c) 1999-2015 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    openssl-core@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+/*
+ * NOTE: this file was auto generated by the mkerr.pl script: any changes
+ * made to it will be overwritten when the script next updates this file,
+ * only reason strings will be preserved.
+ */
+
+#include <stdio.h>
+#include <openssl/err.h>
+#include <openssl/ct_locl.h>
+
+/* BEGIN ERROR CODES */
+#ifndef OPENSSL_NO_ERR
+
+# define ERR_FUNC(func) ERR_PACK(ERR_LIB_CT,func,0)
+# define ERR_REASON(reason) ERR_PACK(ERR_LIB_CT,0,reason)
+
+static ERR_STRING_DATA CT_str_functs[] = {
+    {ERR_FUNC(CT_F_SCT_NEW), "SCT_new"},
+    {ERR_FUNC(CT_F_SCT_SET0_LOG_ID), "SCT_set0_log_id"},
+    {ERR_FUNC(CT_F_SCT_SET_LOG_ENTRY_TYPE), "SCT_set_log_entry_type"},
+    {ERR_FUNC(CT_F_SCT_SET_SIGNATURE_NID), "SCT_set_signature_nid"},
+    {ERR_FUNC(CT_F_SCT_SET_VERSION), "SCT_set_version"},
+    {0, NULL}
+};
+
+static ERR_STRING_DATA CT_str_reasons[] = {
+    {ERR_REASON(CT_R_INVALID_LOG_ID_LENGTH), "invalid log id length"},
+    {ERR_REASON(CT_R_UNRECOGNIZED_SIGNATURE_NID),
+     "unrecognized signature nid"},
+    {ERR_REASON(CT_R_UNSUPPORTED_ENTRY_TYPE), "unsupported entry type"},
+    {ERR_REASON(CT_R_UNSUPPORTED_VERSION), "unsupported version"},
+    {0, NULL}
+};
+
+#endif
+
+void ERR_load_CT_strings(void)
+{
+#ifndef OPENSSL_NO_ERR
+
+    if (ERR_func_error_string(CT_str_functs[0].error) == NULL) {
+        ERR_load_strings(0, CT_str_functs);
+        ERR_load_strings(0, CT_str_reasons);
+    }
+#endif
+}
diff --git a/crypto/ct/ct_lib.c b/crypto/ct/ct_lib.c
new file mode 100644
index 0000000000..7945745da7
--- /dev/null
+++ b/crypto/ct/ct_lib.c
@@ -0,0 +1,208 @@
+/*
+ * Written by Rob Stradling (rob@comodo.com) and Stephen Henson
+ * (steve@openssl.org) for the OpenSSL project 2014.
+ */
+/* ====================================================================
+ * Copyright (c) 2014 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (eay@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (tjh@cryptsoft.com).
+ *
+ */
+
+#ifndef OPENSSL_NO_CT
+
+# include <limits.h>
+# include "internal/cryptlib.h"
+# include "../ssl/ssl_locl.h"
+# include "ct_locl.h"
+
+SCT *SCT_new(void)
+{
+    SCT *sct = OPENSSL_zalloc(sizeof(SCT));
+    if (sct == NULL) {
+        CTerr(CT_F_SCT_NEW, ERR_R_MALLOC_FAILURE);
+        return NULL;
+    }
+    sct->entry_type = UNSET_ENTRY;
+    sct->version = UNSET_VERSION;
+    return sct;
+}
+
+void SCT_free(SCT *sct)
+{
+    if (sct) {
+        OPENSSL_free(sct->log_id);
+        OPENSSL_free(sct->ext);
+        OPENSSL_free(sct->sig);
+        OPENSSL_free(sct->sct);
+        OPENSSL_free(sct);
+    }
+}
+
+int SCT_set_version(SCT *sct, sct_version_t version)
+{
+    if (version != SCT_V1) {
+        CTerr(CT_F_SCT_SET_VERSION, CT_R_UNSUPPORTED_VERSION);
+        return 0;
+    }
+    sct->version = version;
+    return 1;
+}
+
+int SCT_set_log_entry_type(SCT *sct, log_entry_type_t entry_type)
+{
+    if (entry_type != X509_ENTRY && entry_type != PRECERT_ENTRY) {
+        CTerr(CT_F_SCT_SET_LOG_ENTRY_TYPE, CT_R_UNSUPPORTED_ENTRY_TYPE);
+        return 0;
+    }
+    sct->entry_type = entry_type;
+    return 1;
+}
+
+int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len)
+{
+    /* Currently only SHA-256 allowed so length must be SCT_V1_HASHLEN */
+    if (log_id_len != SCT_V1_HASHLEN) {
+        CTerr(CT_F_SCT_SET0_LOG_ID, CT_R_INVALID_LOG_ID_LENGTH);
+        return 0;
+    }
+    OPENSSL_free(sct->log_id);
+    sct->log_id = log_id;
+    sct->log_id_len = log_id_len;
+    return 1;
+}
+
+void SCT_set_timestamp(SCT *sct, uint64_t timestamp)
+{
+    sct->timestamp = timestamp;
+}
+
+int SCT_set_signature_nid(SCT *sct, int nid)
+{
+  switch (nid) {
+    case NID_sha256WithRSAEncryption:
+        sct->hash_alg = TLSEXT_hash_sha256;
+        sct->sig_alg = TLSEXT_signature_rsa;
+        return 1;
+    case NID_ecdsa_with_SHA256:
+        sct->hash_alg = TLSEXT_hash_sha256;
+        sct->sig_alg = TLSEXT_signature_ecdsa;
+        return 1;
+    default:
+        CTerr(CT_F_SCT_SET_SIGNATURE_NID, CT_R_UNRECOGNIZED_SIGNATURE_NID);
+        return 0;
+    }
+}
+
+void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len)
+{
+    OPENSSL_free(sct->ext);
+    sct->ext = ext;
+    sct->ext_len = ext_len;
+}
+
+void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len)
+{
+    OPENSSL_free(sct->sig);
+    sct->sig = sig;
+    sct->sig_len = sig_len;
+}
+
+sct_version_t SCT_get_version(const SCT *sct)
+{
+    return sct->version;
+}
+
+log_entry_type_t SCT_get_log_entry_type(const SCT *sct)
+{
+    return sct->entry_type;
+}
+
+size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id)
+{
+    *log_id = sct->log_id;
+    return sct->log_id_len;
+}
+
+uint64_t SCT_get_timestamp(const SCT *sct)
+{
+    return sct->timestamp;
+}
+
+int SCT_get_signature_nid(const SCT *sct)
+{
+    if (sct->version == SCT_V1) {
+        if (sct->hash_alg == TLSEXT_hash_sha256) {
+            switch (sct->sig_alg) {
+            case TLSEXT_signature_ecdsa:
+                return NID_ecdsa_with_SHA256;
+            case TLSEXT_signature_rsa:
+                return NID_sha256WithRSAEncryption;
+            default:
+                return NID_undef;
+            }
+        }
+    }
+    return NID_undef;
+}
+
+size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext)
+{
+    *ext = sct->ext;
+    return sct->ext_len;
+}
+
+size_t SCT_get0_signature(const SCT *sct, unsigned char **sig)
+{
+    *sig = sct->sig;
+    return sct->sig_len;
+}
+
+#endif
diff --git a/crypto/ct/ct_locl.h b/crypto/ct/ct_locl.h
new file mode 100644
index 0000000000..a6164336d1
--- /dev/null
+++ b/crypto/ct/ct_locl.h
@@ -0,0 +1,242 @@
+/* crypto/ct/ct_locl.h */
+/*
+ * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project
+ * 2015.
+ */
+/* ====================================================================
+ * Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licensing@OpenSSL.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ */
+#ifndef HEADER_CT_LOCL_H
+# define HEADER_CT_LOCL_H
+
+# ifdef __cplusplus
+extern "C" {
+# endif
+
+# ifndef OPENSSL_NO_CT
+
+/* All hashes are currently SHA256 */
+#  define SCT_V1_HASHLEN  32
+/* Minimum RSA key size, from RFC6962 */
+#  define SCT_MIN_RSA_BITS 2048
+
+/*
+ * From RFC6962: opaque SerializedSCT<1..2^16-1>; struct { SerializedSCT
+ * sct_list <1..2^16-1>; } SignedCertificateTimestampList;
+ */
+
+#  define MAX_SCT_SIZE            65535
+#  define MAX_SCT_LIST_SIZE       MAX_SCT_SIZE
+
+typedef enum {
+    UNSET_ENTRY = -1,
+    X509_ENTRY = 0,
+    PRECERT_ENTRY = 1
+} log_entry_type_t;
+
+typedef enum {
+    UNSET_VERSION = -1,
+    SCT_V1 = 0
+} sct_version_t;
+
+typedef struct {
+    sct_version_t version;
+    /* If version is not SCT_V1 this contains the encoded SCT */
+    unsigned char *sct;
+    size_t sct_len;
+    /*
+     * If version is SCT_V1 fields below contain components of the SCT. "logid",
+     * "ext" and "sig" point to buffers allocated with OPENSSL_malloc().
+     */
+    unsigned char *log_id;
+    size_t log_id_len;
+
+    /*
+     * Note, we cannot distinguish between an unset timestamp, and one
+     * that is set to 0.  However since CT didn't exist in 1970, no real
+     * SCT should ever be set as such.
+     */
+    uint64_t timestamp;
+    unsigned char *ext;
+    size_t ext_len;
+    unsigned char hash_alg;
+    unsigned char sig_alg;
+    unsigned char *sig;
+    size_t sig_len;
+    /* Log entry type */
+    log_entry_type_t entry_type;
+} SCT;
+
+DECLARE_STACK_OF(SCT)
+
+/*
+ * Allocate new SCT.
+ * Caller is responsible for calling SCT_free when done.
+ */
+SCT *SCT_new(void);
+
+/*
+ * Free SCT and underlying datastructures.
+ */
+void SCT_free(SCT *sct);
+
+/*
+ * Set the version of an SCT.
+ * Returns 1 on success, 0 if the version is unrecognized.
+ */
+int SCT_set_version(SCT *sct, sct_version_t version);
+
+/*
+ * Set the log entry type of an SCT.
+ * Returns 1 on success.
+ */
+int SCT_set_log_entry_type(SCT *sct, log_entry_type_t entry_type);
+
+/*
+ * Set the log id of an SCT to point directly to the *logid specified.
+ * The SCT takes ownership of the specified pointer.
+ * Returns 1 on success.
+ */
+int SCT_set0_log_id(SCT *sct, unsigned char *log_id, size_t log_id_len);
+
+/*
+ * Set the timestamp of an SCT.
+ */
+void SCT_set_timestamp(SCT *sct, uint64_t timestamp);
+
+/*
+ * Set the signature type of an SCT
+ * Currently NID_sha256WithRSAEncryption or NID_ecdsa_with_SHA256.
+ * Returns 1 on success.
+ */
+int SCT_set_signature_nid(SCT *sct, int nid);
+
+/*
+ * Set the extensions of an SCT to point directly to the *ext specified.
+ * The SCT takes ownership of the specified pointer.
+ */
+void SCT_set0_extensions(SCT *sct, unsigned char *ext, size_t ext_len);
+
+/*
+ * Set the signature of an SCT to point directly to the *sig specified.
+ * The SCT takes ownership of the specified pointer.
+ */
+void SCT_set0_signature(SCT *sct, unsigned char *sig, size_t sig_len);
+
+/*
+ * Returns the version of the SCT.
+ */
+sct_version_t SCT_get_version(const SCT *sct);
+
+/*
+ * Returns the log entry type of the SCT.
+ */
+log_entry_type_t SCT_get_log_entry_type(const SCT *sct);
+
+/*
+ * Set *logid to point to the log id for the SCT. logid must not be NULL.
+ * The SCT retains ownership of this pointer.
+ * Returns length of the data pointed to.
+ */
+size_t SCT_get0_log_id(const SCT *sct, unsigned char **log_id);
+
+/*
+ * Returns the timestamp for the SCT.
+ */
+uint64_t SCT_get_timestamp(const SCT *sct);
+
+/*
+ * Return the nid for the signature used by the SCT.
+ * Currently NID_sha256WithRSAEncryption or NID_ecdsa_with_SHA256 (or NID_undef)
+ */
+int SCT_get_signature_nid(const SCT *sct);
+
+/*
+ * Set *ext to point to the extension data for the SCT. ext must not be NULL.
+ * The SCT retains ownership of this pointer.
+ * Returns length of the data pointed to.
+ */
+size_t SCT_get0_extensions(const SCT *sct, unsigned char **ext);
+
+/*
+ * Set *sig to point to the signature for the SCT. sig must not be NULL.
+ * The SCT retains ownership of this pointer.
+ * Returns length of the data pointed to.
+ */
+size_t SCT_get0_signature(const SCT *sct, unsigned char **sig);
+
+
+# endif
+
+/* BEGIN ERROR CODES */
+/*
+ * The following lines are auto generated by the script mkerr.pl. Any changes
+ * made after this point may be overwritten when the script is next run.
+ */
+void ERR_load_CT_strings(void);
+
+/* Error codes for the CT functions. */
+
+/* Function codes. */
+# define CT_F_SCT_NEW                                     100
+# define CT_F_SCT_SET0_LOG_ID                             101
+# define CT_F_SCT_SET_LOG_ENTRY_TYPE                      102
+# define CT_F_SCT_SET_SIGNATURE_NID                       103
+# define CT_F_SCT_SET_VERSION                             104
+
+/* Reason codes. */
+# define CT_R_INVALID_LOG_ID_LENGTH                       100
+# define CT_R_UNRECOGNIZED_SIGNATURE_NID                  101
+# define CT_R_UNSUPPORTED_ENTRY_TYPE                      102
+# define CT_R_UNSUPPORTED_VERSION                         103
+
+#ifdef  __cplusplus
+}
+#endif
+#endif
diff --git a/crypto/err/openssl.ec b/crypto/err/openssl.ec
index 8a10b80b04..08b0c0ba29 100644
--- a/crypto/err/openssl.ec
+++ b/crypto/err/openssl.ec
@@ -36,6 +36,7 @@ L HMAC		include/openssl/hmac.h		crypto/hmac/hmac_err.c
 L CMS		include/openssl/cms.h		crypto/cms/cms_err.c
 L JPAKE		include/openssl/jpake.h		crypto/jpake/jpake_err.c
 L FIPS		include/openssl/fips.h		crypto/fips_err.h
+L CT		crypto/ct/ct_locl.h		crypto/ct/ct_err.c
 
 # additional header files to be scanned for function names
 L NONE		crypto/x509/x509_vfy.h		NONE
diff --git a/crypto/x509v3/Makefile b/crypto/x509v3/Makefile
index 5460af46f1..87fc083afc 100644
--- a/crypto/x509v3/Makefile
+++ b/crypto/x509v3/Makefile
@@ -523,7 +523,7 @@ v3_purp.o: ../../include/openssl/stack.h ../../include/openssl/symhacks.h
 v3_purp.o: ../../include/openssl/x509.h ../../include/openssl/x509_vfy.h
 v3_purp.o: ../../include/openssl/x509v3.h ../include/internal/cryptlib.h
 v3_purp.o: ../include/internal/x509_int.h v3_purp.c
-v3_scts.o: ../../e_os.h ../../include/openssl/asn1.h
+v3_scts.o: ../../crypto/ct/ct_locl.h ../../e_os.h ../../include/openssl/asn1.h
 v3_scts.o: ../../include/openssl/bio.h ../../include/openssl/buffer.h
 v3_scts.o: ../../include/openssl/conf.h ../../include/openssl/crypto.h
 v3_scts.o: ../../include/openssl/e_os2.h ../../include/openssl/ec.h
diff --git a/crypto/x509v3/v3_lib.c b/crypto/x509v3/v3_lib.c
index 5073575623..8d42147f55 100644
--- a/crypto/x509v3/v3_lib.c
+++ b/crypto/x509v3/v3_lib.c
@@ -152,7 +152,7 @@ static const X509V3_EXT_METHOD *standard_exts[] = {
     &v3_idp,
     &v3_alt[2],
     &v3_freshest_crl,
-#ifndef OPENSSL_NO_SCT
+#ifndef OPENSSL_NO_CT
     &v3_ct_scts[0],
     &v3_ct_scts[1],
 #endif
diff --git a/crypto/x509v3/v3_scts.c b/crypto/x509v3/v3_scts.c
index b1505feb35..6d3665cf01 100644
--- a/crypto/x509v3/v3_scts.c
+++ b/crypto/x509v3/v3_scts.c
@@ -61,8 +61,9 @@
 #include <openssl/asn1.h>
 #include <openssl/x509v3.h>
 #include "ext_dat.h"
+#include "crypto/ct/ct_locl.h"
 
-#ifndef OPENSSL_NO_SCT
+#ifndef OPENSSL_NO_CT
 /* Signature and hash algorithms from RFC 5246 */
 #define TLSEXT_hash_sha256                              4
 
@@ -82,27 +83,6 @@
                          l|=((uint64_t)(*((c)++)))<< 8, \
                          l|=((uint64_t)(*((c)++))))
 
-typedef struct SCT_st {
-    /* The encoded SCT */
-    unsigned char *sct;
-    unsigned short sctlen;
-    /*
-     * Components of the SCT.  "logid", "ext" and "sig" point to addresses
-     * inside "sct".
-     */
-    unsigned char version;
-    unsigned char *logid;
-    unsigned short logidlen;
-    uint64_t timestamp;
-    unsigned char *ext;
-    unsigned short extlen;
-    unsigned char hash_alg;
-    unsigned char sig_alg;
-    unsigned char *sig;
-    unsigned short siglen;
-} SCT;
-
-DECLARE_STACK_OF(SCT)
 
 static void SCT_LIST_free(STACK_OF(SCT) *a);
 static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
@@ -162,14 +142,6 @@ static void timestamp_print(BIO *out, uint64_t timestamp)
     ASN1_GENERALIZEDTIME_free(gen);
 }
 
-static void SCT_free(SCT *sct)
-{
-    if (!sct)
-        return;
-    OPENSSL_free(sct->sct);
-    OPENSSL_free(sct);
-}
-
 static void SCT_LIST_free(STACK_OF(SCT) *a)
 {
     sk_SCT_pop_free(a, SCT_free);
@@ -219,7 +191,7 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
         if (!sct->sct)
             goto err;
         memcpy(sct->sct, p, sctlen);
-        sct->sctlen = sctlen;
+        sct->sct_len = sctlen;
         p += sctlen;
         p2 = sct->sct;
 
@@ -237,8 +209,8 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
                 goto err;
             sctlen -= 43;
 
-            sct->logid = p2;
-            sct->logidlen = 32;
+            sct->log_id = p2;
+            sct->log_id_len = 32;
             p2 += 32;
 
             n2l8(p2, sct->timestamp);
@@ -247,7 +219,7 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
             if (sctlen < fieldlen)
                 goto err;
             sct->ext = p2;
-            sct->extlen = fieldlen;
+            sct->ext_len = fieldlen;
             p2 += fieldlen;
             sctlen -= fieldlen;
 
@@ -267,7 +239,7 @@ static STACK_OF(SCT) *d2i_SCT_LIST(STACK_OF(SCT) **a,
             if (sctlen != fieldlen)
                 goto err;
             sct->sig = p2;
-            sct->siglen = fieldlen;
+            sct->sig_len = fieldlen;
         }
     }
 
@@ -298,25 +270,25 @@ static int i2r_SCT_LIST(X509V3_EXT_METHOD *method, STACK_OF(SCT) *sct_list,
             BIO_printf(out, "v1(0)");
 
             BIO_printf(out, "\n%*sLog ID    : ", indent + 4, "");
-            BIO_hex_string(out, indent + 16, 16, sct->logid, sct->logidlen);
+            BIO_hex_string(out, indent + 16, 16, sct->log_id, sct->log_id_len);
 
             BIO_printf(out, "\n%*sTimestamp : ", indent + 4, "");
             timestamp_print(out, sct->timestamp);
 
             BIO_printf(out, "\n%*sExtensions: ", indent + 4, "");
-            if (sct->extlen == 0)
+            if (sct->ext_len == 0)
                 BIO_printf(out, "none");
             else
-                BIO_hex_string(out, indent + 16, 16, sct->ext, sct->extlen);
+                BIO_hex_string(out, indent + 16, 16, sct->ext, sct->ext_len);
 
             BIO_printf(out, "\n%*sSignature : ", indent + 4, "");
             tls12_signature_print(out, sct->hash_alg, sct->sig_alg);
             BIO_printf(out, "\n%*s            ", indent + 4, "");
-            BIO_hex_string(out, indent + 16, 16, sct->sig, sct->siglen);
+            BIO_hex_string(out, indent + 16, 16, sct->sig, sct->sig_len);
         } else {                /* Unknown version */
 
             BIO_printf(out, "unknown\n%*s", indent + 16, "");
-            BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sctlen);
+            BIO_hex_string(out, indent + 16, 16, sct->sct, sct->sct_len);
         }
 
         if (++i < sk_SCT_num(sct_list))