Chromium Code Reviews Chromium Code Reviews
Issue 3845005:
Add support for restricting the cipher suites that SSLClientSocket(Mac,NSS) use (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2006-2009 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ | 5 #ifndef NET_BASE_SSL_CONFIG_SERVICE_H_ |
| 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ | 6 #define NET_BASE_SSL_CONFIG_SERVICE_H_ |
| 7 #pragma once | 7 #pragma once |
| 8 | 8 |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | |
| 11 #include "base/observer_list.h" | 12 #include "base/observer_list.h" |
| 12 #include "base/ref_counted.h" | 13 #include "base/ref_counted.h" |
| 13 #include "net/base/x509_certificate.h" | 14 #include "net/base/x509_certificate.h" |
| 14 | 15 |
| 15 namespace net { | 16 namespace net { |
| 16 | 17 |
| 17 // A collection of SSL-related configuration settings. | 18 // A collection of SSL-related configuration settings. |
| 18 struct SSLConfig { | 19 struct SSLConfig { |
| 19 // Default to revocation checking. | 20 // Default to revocation checking. |
| 20 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. | 21 // Default to SSL 2.0 off, SSL 3.0 on, and TLS 1.0 on. |
| 21 SSLConfig(); | 22 SSLConfig(); |
| 22 ~SSLConfig(); | 23 ~SSLConfig(); |
| 23 | 24 |
| 24 bool rev_checking_enabled; // True if server certificate revocation | 25 bool rev_checking_enabled; // True if server certificate revocation |
| 25 // checking is enabled. | 26 // checking is enabled. |
| 26 bool ssl2_enabled; // True if SSL 2.0 is enabled. | 27 bool ssl2_enabled; // True if SSL 2.0 is enabled. |
| 27 bool ssl3_enabled; // True if SSL 3.0 is enabled. | 28 bool ssl3_enabled; // True if SSL 3.0 is enabled. |
| 28 bool tls1_enabled; // True if TLS 1.0 is enabled. | 29 bool tls1_enabled; // True if TLS 1.0 is enabled. |
| 29 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. | 30 bool dnssec_enabled; // True if we'll accept DNSSEC chains in certificates. |
| 30 bool snap_start_enabled; // True if we'll try Snap Start handshakes. | 31 bool snap_start_enabled; // True if we'll try Snap Start handshakes. |
| 31 // True if we'll do async checks for certificate provenance using DNS. | 32 // True if we'll do async checks for certificate provenance using DNS. |
| 32 bool dns_cert_provenance_checking_enabled; | 33 bool dns_cert_provenance_checking_enabled; |
| 33 | 34 |
| 35 // Cipher suites which should be explicitly prevented from being used. By | |
| 36 // default, all cipher suites supported by the underlying SSL implementation | |
| 37 // will be enabled, except for: | |
| 38 // - Null encryption cipher suites. | |
| 39 // - Weak cipher suites: < 80 bits of security strength. | |
| 40 // - FORTEZZA cipher suites (obsolete). | |
| 41 // - IDEA cipher suites (RFC 5469 explains why). | |
| 42 // - Anonymous cipher suites. | |
| 43 // | |
| 44 // Though cipher suites are sent in TLS as "uint8 CipherSuite[2]", in | |
| 45 // big-endian form, they should be declared in host byte order, with the | |
| 46 // first uint8 occupying the left-most byte. | |
|
wtc
2010/11/10 00:43:37
Nit: left-most => most significant
| |
| 47 // Ex: To disable TLS_RSA_WITH_RC4_128_MD5, specify 0x0004, while to | |
| 48 // disable TLS_ECDH_ECDSA_WITH_RC4_128_SHA, specify 0xC002. | |
| 49 // | |
| 50 // TODO(rsleevi): Not implemented when using OpenSSL or Schannel. | |
| 51 std::vector<uint16> disabled_cipher_suites; | |
| 52 | |
| 34 // True if we allow this connection to be MITM attacked. This sounds a little | 53 // True if we allow this connection to be MITM attacked. This sounds a little |
| 35 // worse than it is: large networks sometimes MITM attack all SSL connections | 54 // worse than it is: large networks sometimes MITM attack all SSL connections |
| 36 // on egress. We want to know this because we might not have the end-to-end | 55 // on egress. We want to know this because we might not have the end-to-end |
| 37 // connection that we believe that we have based on the hostname. Therefore, | 56 // connection that we believe that we have based on the hostname. Therefore, |
| 38 // certain certificate checks can't be performed and we can't use outside | 57 // certain certificate checks can't be performed and we can't use outside |
| 39 // knowledge about whether the server has the renegotiation extension. | 58 // knowledge about whether the server has the renegotiation extension. |
| 40 bool mitm_proxies_allowed; | 59 bool mitm_proxies_allowed; |
| 41 | 60 |
| 42 bool false_start_enabled; // True if we'll use TLS False Start. | 61 bool false_start_enabled; // True if we'll use TLS False Start. |
| 43 | 62 |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 168 void ProcessConfigUpdate(const SSLConfig& orig_config, | 187 void ProcessConfigUpdate(const SSLConfig& orig_config, |
| 169 const SSLConfig& new_config); | 188 const SSLConfig& new_config); |
| 170 | 189 |
| 171 private: | 190 private: |
| 172 ObserverList<Observer> observer_list_; | 191 ObserverList<Observer> observer_list_; |
| 173 }; | 192 }; |
| 174 | 193 |
| 175 } // namespace net | 194 } // namespace net |
| 176 | 195 |
| 177 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ | 196 #endif // NET_BASE_SSL_CONFIG_SERVICE_H_ |
| OLD | NEW |
