Chromium Code Reviews Chromium Code Reviews
Issue 1178193002:
Sign CertificateVerify messages on a background thread. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: net/socket/ssl_client_socket_openssl.h |
| diff --git a/net/socket/ssl_client_socket_openssl.h b/net/socket/ssl_client_socket_openssl.h |
| index fd4220e6eb35145aa0985e0350035f29a87562f7..95ded39d756cd6b67a54b2b7b675da23518c9816 100644 |
| --- a/net/socket/ssl_client_socket_openssl.h |
| +++ b/net/socket/ssl_client_socket_openssl.h |
| @@ -5,7 +5,11 @@ |
| #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| +#include <openssl/base.h> |
| +#include <openssl/ssl.h> |
| + |
| #include <string> |
| +#include <vector> |
| #include "base/compiler_specific.h" |
| #include "base/memory/scoped_ptr.h" |
| @@ -23,24 +27,13 @@ |
| #include "net/ssl/ssl_config_service.h" |
| #include "net/ssl/ssl_failure_state.h" |
| -// Avoid including misc OpenSSL headers, i.e.: |
| -// <openssl/bio.h> |
| -typedef struct bio_st BIO; |
| -// <openssl/evp.h> |
| -typedef struct evp_pkey_st EVP_PKEY; |
| -// <openssl/ssl.h> |
| -typedef struct ssl_st SSL; |
| -// <openssl/x509.h> |
| -typedef struct x509_st X509; |
| -// <openssl/ossl_type.h> |
| -typedef struct x509_store_ctx_st X509_STORE_CTX; |
| - |
| namespace net { |
| class CertVerifier; |
| class CTVerifier; |
| class SSLCertRequestInfo; |
| class SSLInfo; |
| +class SSLPrivateKey; |
| // An SSL client socket implemented with OpenSSL. |
| class SSLClientSocketOpenSSL : public SSLClientSocket { |
| @@ -132,6 +125,11 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
| int DoPayloadRead(); |
| int DoPayloadWrite(); |
| + // Runs both the Read and Write loops in response to an event that either or |
| + // both may have been blocked on. This may occur during a renegotiation, at |
| + // which point both state machines will block on the new handshake. |
|
Ryan Sleevi
2015/06/23 15:27:28
I still find this comment confusing :( It's certai
davidben
2015/06/24 21:43:12
PumpReadWriteEvents SGTM.
What do you think of th
|
| + void RunReadWriteLoops(); |
| + |
| int BufferSend(); |
| int BufferRecv(); |
| void BufferSendComplete(int result); |
| @@ -193,6 +191,23 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
| // Returns true if renegotiations are allowed. |
| bool IsRenegotiationAllowed() const; |
| + // Callbacks for operations with the private key. |
| + int PrivateKeyTypeCallback(); |
| + int PrivateKeySupportsDigestCallback(const EVP_MD* md); |
| + size_t PrivateKeyMaxSignatureLenCallback(); |
| + ssl_private_key_result_t PrivateKeySignCallback(uint8_t* out, |
| + size_t* out_len, |
| + size_t max_out, |
| + const EVP_MD* md, |
| + const uint8_t* in, |
| + size_t in_len); |
| + ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, |
| + size_t* out_len, |
| + size_t max_out); |
| + |
| + void OnPrivateKeySignComplete(Error error, |
| + const std::vector<uint8_t>& signature); |
| + |
| bool transport_send_busy_; |
| bool transport_recv_busy_; |
| @@ -301,6 +316,10 @@ class SSLClientSocketOpenSSL : public SSLClientSocket { |
| ChannelIDService::Request channel_id_request_; |
| SSLFailureState ssl_failure_state_; |
| + scoped_ptr<SSLPrivateKey> private_key_; |
| + int signature_result_; |
| + std::vector<uint8_t> signature_; |
| + |
| TransportSecurityState* transport_security_state_; |
| CertPolicyEnforcer* const policy_enforcer_; |
