OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 972 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
983 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); | 983 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
984 } | 984 } |
985 } | 985 } |
986 return net_error; | 986 return net_error; |
987 } | 987 } |
988 | 988 |
989 int SSLClientSocketOpenSSL::DoChannelIDLookup() { | 989 int SSLClientSocketOpenSSL::DoChannelIDLookup() { |
990 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_REQUESTED); | 990 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_REQUESTED); |
991 GotoState(STATE_CHANNEL_ID_LOOKUP_COMPLETE); | 991 GotoState(STATE_CHANNEL_ID_LOOKUP_COMPLETE); |
992 return channel_id_service_->GetOrCreateChannelID( | 992 return channel_id_service_->GetOrCreateChannelID( |
993 host_and_port_.host(), | 993 host_and_port_.host(), &channel_id_key_, |
994 &channel_id_private_key_, | |
995 &channel_id_cert_, | |
996 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, | 994 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, |
997 base::Unretained(this)), | 995 base::Unretained(this)), |
998 &channel_id_request_handle_); | 996 &channel_id_request_handle_); |
999 } | 997 } |
1000 | 998 |
1001 int SSLClientSocketOpenSSL::DoChannelIDLookupComplete(int result) { | 999 int SSLClientSocketOpenSSL::DoChannelIDLookupComplete(int result) { |
1002 if (result < 0) | 1000 if (result < 0) |
1003 return result; | 1001 return result; |
1004 | 1002 |
1005 DCHECK_LT(0u, channel_id_private_key_.size()); | 1003 if (!channel_id_key_) { |
1006 // Decode key. | |
1007 std::vector<uint8> encrypted_private_key_info; | |
1008 std::vector<uint8> subject_public_key_info; | |
1009 encrypted_private_key_info.assign( | |
1010 channel_id_private_key_.data(), | |
1011 channel_id_private_key_.data() + channel_id_private_key_.size()); | |
1012 subject_public_key_info.assign( | |
1013 channel_id_cert_.data(), | |
1014 channel_id_cert_.data() + channel_id_cert_.size()); | |
1015 scoped_ptr<crypto::ECPrivateKey> ec_private_key( | |
1016 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | |
1017 ChannelIDService::kEPKIPassword, | |
1018 encrypted_private_key_info, | |
1019 subject_public_key_info)); | |
1020 if (!ec_private_key) { | |
1021 LOG(ERROR) << "Failed to import Channel ID."; | 1004 LOG(ERROR) << "Failed to import Channel ID."; |
1022 return ERR_CHANNEL_ID_IMPORT_FAILED; | 1005 return ERR_CHANNEL_ID_IMPORT_FAILED; |
1023 } | 1006 } |
1024 | 1007 |
1025 // Hand the key to OpenSSL. Check for error in case OpenSSL rejects the key | 1008 // Hand the key to OpenSSL. Check for error in case OpenSSL rejects the key |
1026 // type. | 1009 // type. |
1027 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 1010 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
1028 int rv = SSL_set1_tls_channel_id(ssl_, ec_private_key->key()); | 1011 int rv = SSL_set1_tls_channel_id(ssl_, channel_id_key_->key()); |
1029 if (!rv) { | 1012 if (!rv) { |
1030 LOG(ERROR) << "Failed to set Channel ID."; | 1013 LOG(ERROR) << "Failed to set Channel ID."; |
1031 int err = SSL_get_error(ssl_, rv); | 1014 int err = SSL_get_error(ssl_, rv); |
1032 return MapOpenSSLError(err, err_tracer); | 1015 return MapOpenSSLError(err, err_tracer); |
1033 } | 1016 } |
1034 | 1017 |
1035 // Return to the handshake. | 1018 // Return to the handshake. |
1036 channel_id_sent_ = true; | 1019 channel_id_sent_ = true; |
1037 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_PROVIDED); | 1020 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_PROVIDED); |
1038 GotoState(STATE_HANDSHAKE); | 1021 GotoState(STATE_HANDSHAKE); |
(...skipping 849 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1888 | 1871 |
1889 return result; | 1872 return result; |
1890 } | 1873 } |
1891 | 1874 |
1892 scoped_refptr<X509Certificate> | 1875 scoped_refptr<X509Certificate> |
1893 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1876 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
1894 return server_cert_; | 1877 return server_cert_; |
1895 } | 1878 } |
1896 | 1879 |
1897 } // namespace net | 1880 } // namespace net |
OLD | NEW |