OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 977 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
988 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); | 988 CreateNetLogOpenSSLErrorCallback(net_error, ssl_error, error_info)); |
989 } | 989 } |
990 } | 990 } |
991 return net_error; | 991 return net_error; |
992 } | 992 } |
993 | 993 |
994 int SSLClientSocketOpenSSL::DoChannelIDLookup() { | 994 int SSLClientSocketOpenSSL::DoChannelIDLookup() { |
995 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_REQUESTED); | 995 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_REQUESTED); |
996 GotoState(STATE_CHANNEL_ID_LOOKUP_COMPLETE); | 996 GotoState(STATE_CHANNEL_ID_LOOKUP_COMPLETE); |
997 return channel_id_service_->GetOrCreateChannelID( | 997 return channel_id_service_->GetOrCreateChannelID( |
998 host_and_port_.host(), | 998 host_and_port_.host(), &channel_id_key_, |
999 &channel_id_private_key_, | |
1000 &channel_id_cert_, | |
1001 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, | 999 base::Bind(&SSLClientSocketOpenSSL::OnHandshakeIOComplete, |
1002 base::Unretained(this)), | 1000 base::Unretained(this)), |
1003 &channel_id_request_handle_); | 1001 &channel_id_request_handle_); |
1004 } | 1002 } |
1005 | 1003 |
1006 int SSLClientSocketOpenSSL::DoChannelIDLookupComplete(int result) { | 1004 int SSLClientSocketOpenSSL::DoChannelIDLookupComplete(int result) { |
1007 if (result < 0) | 1005 if (result < 0) |
1008 return result; | 1006 return result; |
1009 | 1007 |
1010 DCHECK_LT(0u, channel_id_private_key_.size()); | 1008 if (!channel_id_key_) { |
1011 // Decode key. | |
1012 std::vector<uint8> encrypted_private_key_info; | |
1013 std::vector<uint8> subject_public_key_info; | |
1014 encrypted_private_key_info.assign( | |
1015 channel_id_private_key_.data(), | |
1016 channel_id_private_key_.data() + channel_id_private_key_.size()); | |
1017 subject_public_key_info.assign( | |
1018 channel_id_cert_.data(), | |
1019 channel_id_cert_.data() + channel_id_cert_.size()); | |
1020 scoped_ptr<crypto::ECPrivateKey> ec_private_key( | |
1021 crypto::ECPrivateKey::CreateFromEncryptedPrivateKeyInfo( | |
1022 ChannelIDService::kEPKIPassword, | |
1023 encrypted_private_key_info, | |
1024 subject_public_key_info)); | |
1025 if (!ec_private_key) { | |
1026 LOG(ERROR) << "Failed to import Channel ID."; | 1009 LOG(ERROR) << "Failed to import Channel ID."; |
1027 return ERR_CHANNEL_ID_IMPORT_FAILED; | 1010 return ERR_CHANNEL_ID_IMPORT_FAILED; |
1028 } | 1011 } |
1029 | 1012 |
1030 // Hand the key to OpenSSL. Check for error in case OpenSSL rejects the key | 1013 // Hand the key to OpenSSL. Check for error in case OpenSSL rejects the key |
1031 // type. | 1014 // type. |
1032 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); | 1015 crypto::OpenSSLErrStackTracer err_tracer(FROM_HERE); |
1033 int rv = SSL_set1_tls_channel_id(ssl_, ec_private_key->key()); | 1016 int rv = SSL_set1_tls_channel_id(ssl_, channel_id_key_->key()); |
1034 if (!rv) { | 1017 if (!rv) { |
1035 LOG(ERROR) << "Failed to set Channel ID."; | 1018 LOG(ERROR) << "Failed to set Channel ID."; |
1036 int err = SSL_get_error(ssl_, rv); | 1019 int err = SSL_get_error(ssl_, rv); |
1037 return MapOpenSSLError(err, err_tracer); | 1020 return MapOpenSSLError(err, err_tracer); |
1038 } | 1021 } |
1039 | 1022 |
1040 // Return to the handshake. | 1023 // Return to the handshake. |
1041 set_channel_id_sent(true); | 1024 set_channel_id_sent(true); |
1042 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_PROVIDED); | 1025 net_log_.AddEvent(NetLog::TYPE_SSL_CHANNEL_ID_PROVIDED); |
1043 GotoState(STATE_HANDSHAKE); | 1026 GotoState(STATE_HANDSHAKE); |
(...skipping 868 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1912 | 1895 |
1913 return result; | 1896 return result; |
1914 } | 1897 } |
1915 | 1898 |
1916 scoped_refptr<X509Certificate> | 1899 scoped_refptr<X509Certificate> |
1917 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { | 1900 SSLClientSocketOpenSSL::GetUnverifiedServerCertificateChain() const { |
1918 return server_cert_; | 1901 return server_cert_; |
1919 } | 1902 } |
1920 | 1903 |
1921 } // namespace net | 1904 } // namespace net |
OLD | NEW |