Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(57)

Side by Side Diff: net/socket/ssl_server_socket_nss.cc

Issue 6805019: Move crypto files out of base, to a top level directory. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 9 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "net/socket/ssl_server_socket_nss.h" 5 #include "net/socket/ssl_server_socket_nss.h"
6 6
7 #if defined(OS_WIN) 7 #if defined(OS_WIN)
8 #include <winsock2.h> 8 #include <winsock2.h>
9 #endif 9 #endif
10 10
(...skipping 11 matching lines...) Expand all
22 #include <nss.h> 22 #include <nss.h>
23 #include <pk11pub.h> 23 #include <pk11pub.h>
24 #include <secerr.h> 24 #include <secerr.h>
25 #include <sechash.h> 25 #include <sechash.h>
26 #include <ssl.h> 26 #include <ssl.h>
27 #include <sslerr.h> 27 #include <sslerr.h>
28 #include <sslproto.h> 28 #include <sslproto.h>
29 29
30 #include <limits> 30 #include <limits>
31 31
32 #include "base/crypto/rsa_private_key.h"
33 #include "base/memory/ref_counted.h" 32 #include "base/memory/ref_counted.h"
34 #include "base/nss_util_internal.h" 33 #include "crypto/rsa_private_key.h"
34 #include "crypto/nss_util_internal.h"
35 #include "net/base/io_buffer.h" 35 #include "net/base/io_buffer.h"
36 #include "net/base/net_errors.h" 36 #include "net/base/net_errors.h"
37 #include "net/base/net_log.h" 37 #include "net/base/net_log.h"
38 #include "net/ocsp/nss_ocsp.h" 38 #include "net/ocsp/nss_ocsp.h"
39 #include "net/socket/nss_ssl_util.h" 39 #include "net/socket/nss_ssl_util.h"
40 #include "net/socket/ssl_error_params.h" 40 #include "net/socket/ssl_error_params.h"
41 41
42 static const int kRecvBufferSize = 4096; 42 static const int kRecvBufferSize = 4096;
43 43
44 #define GotoState(s) next_handshake_state_ = s 44 #define GotoState(s) next_handshake_state_ = s
45 45
46 namespace net { 46 namespace net {
47 47
48 SSLServerSocket* CreateSSLServerSocket( 48 SSLServerSocket* CreateSSLServerSocket(
49 Socket* socket, X509Certificate* cert, base::RSAPrivateKey* key, 49 Socket* socket, X509Certificate* cert, crypto::RSAPrivateKey* key,
50 const SSLConfig& ssl_config) { 50 const SSLConfig& ssl_config) {
51 return new SSLServerSocketNSS(socket, cert, key, ssl_config); 51 return new SSLServerSocketNSS(socket, cert, key, ssl_config);
52 } 52 }
53 53
54 SSLServerSocketNSS::SSLServerSocketNSS( 54 SSLServerSocketNSS::SSLServerSocketNSS(
55 Socket* transport_socket, 55 Socket* transport_socket,
56 scoped_refptr<X509Certificate> cert, 56 scoped_refptr<X509Certificate> cert,
57 base::RSAPrivateKey* key, 57 crypto::RSAPrivateKey* key,
58 const SSLConfig& ssl_config) 58 const SSLConfig& ssl_config)
59 : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_( 59 : ALLOW_THIS_IN_INITIALIZER_LIST(buffer_send_callback_(
60 this, &SSLServerSocketNSS::BufferSendComplete)), 60 this, &SSLServerSocketNSS::BufferSendComplete)),
61 ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_( 61 ALLOW_THIS_IN_INITIALIZER_LIST(buffer_recv_callback_(
62 this, &SSLServerSocketNSS::BufferRecvComplete)), 62 this, &SSLServerSocketNSS::BufferRecvComplete)),
63 transport_send_busy_(false), 63 transport_send_busy_(false),
64 transport_recv_busy_(false), 64 transport_recv_busy_(false),
65 user_accept_callback_(NULL), 65 user_accept_callback_(NULL),
66 user_read_callback_(NULL), 66 user_read_callback_(NULL),
67 user_write_callback_(NULL), 67 user_write_callback_(NULL),
68 nss_fd_(NULL), 68 nss_fd_(NULL),
69 nss_bufs_(NULL), 69 nss_bufs_(NULL),
70 transport_socket_(transport_socket), 70 transport_socket_(transport_socket),
71 ssl_config_(ssl_config), 71 ssl_config_(ssl_config),
72 cert_(cert), 72 cert_(cert),
73 next_handshake_state_(STATE_NONE), 73 next_handshake_state_(STATE_NONE),
74 completed_handshake_(false) { 74 completed_handshake_(false) {
75 ssl_config_.false_start_enabled = false; 75 ssl_config_.false_start_enabled = false;
76 ssl_config_.ssl3_enabled = true; 76 ssl_config_.ssl3_enabled = true;
77 ssl_config_.tls1_enabled = true; 77 ssl_config_.tls1_enabled = true;
78 78
79 // TODO(hclam): Need a better way to clone a key. 79 // TODO(hclam): Need a better way to clone a key.
80 std::vector<uint8> key_bytes; 80 std::vector<uint8> key_bytes;
81 CHECK(key->ExportPrivateKey(&key_bytes)); 81 CHECK(key->ExportPrivateKey(&key_bytes));
82 key_.reset(base::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes)); 82 key_.reset(crypto::RSAPrivateKey::CreateFromPrivateKeyInfo(key_bytes));
83 CHECK(key_.get()); 83 CHECK(key_.get());
84 } 84 }
85 85
86 SSLServerSocketNSS::~SSLServerSocketNSS() { 86 SSLServerSocketNSS::~SSLServerSocketNSS() {
87 if (nss_fd_ != NULL) { 87 if (nss_fd_ != NULL) {
88 PR_Close(nss_fd_); 88 PR_Close(nss_fd_);
89 nss_fd_ = NULL; 89 nss_fd_ = NULL;
90 } 90 }
91 } 91 }
92 92
(...skipping 202 matching lines...) Expand 10 before | Expand all | Expand 10 after
295 CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE); 295 CERT_GetDefaultCertDB(), &der_cert, NULL, PR_FALSE, PR_TRUE);
296 296
297 // Get a key of SECKEYPrivateKey* structure. 297 // Get a key of SECKEYPrivateKey* structure.
298 std::vector<uint8> key_vector; 298 std::vector<uint8> key_vector;
299 if (!key_->ExportPrivateKey(&key_vector)) { 299 if (!key_->ExportPrivateKey(&key_vector)) {
300 CERT_DestroyCertificate(cert); 300 CERT_DestroyCertificate(cert);
301 return ERR_UNEXPECTED; 301 return ERR_UNEXPECTED;
302 } 302 }
303 303
304 SECKEYPrivateKeyStr* private_key = NULL; 304 SECKEYPrivateKeyStr* private_key = NULL;
305 PK11SlotInfo *slot = base::GetDefaultNSSKeySlot(); 305 PK11SlotInfo *slot = crypto::GetDefaultNSSKeySlot();
306 if (!slot) { 306 if (!slot) {
307 CERT_DestroyCertificate(cert); 307 CERT_DestroyCertificate(cert);
308 return ERR_UNEXPECTED; 308 return ERR_UNEXPECTED;
309 } 309 }
310 310
311 SECItem der_private_key_info; 311 SECItem der_private_key_info;
312 der_private_key_info.data = 312 der_private_key_info.data =
313 const_cast<unsigned char*>(&key_vector.front()); 313 const_cast<unsigned char*>(&key_vector.front());
314 der_private_key_info.len = key_vector.size(); 314 der_private_key_info.len = key_vector.size();
315 // The server's RSA private key must be imported into NSS with the 315 // The server's RSA private key must be imported into NSS with the
(...skipping 360 matching lines...) Expand 10 before | Expand all | Expand 10 after
676 // We must call EnsureOCSPInit() here, on the IO thread, to get the IO loop 676 // We must call EnsureOCSPInit() here, on the IO thread, to get the IO loop
677 // by MessageLoopForIO::current(). 677 // by MessageLoopForIO::current().
678 // X509Certificate::Verify() runs on a worker thread of CertVerifier. 678 // X509Certificate::Verify() runs on a worker thread of CertVerifier.
679 EnsureOCSPInit(); 679 EnsureOCSPInit();
680 #endif 680 #endif
681 681
682 return OK; 682 return OK;
683 } 683 }
684 684
685 } // namespace net 685 } // namespace net
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698