Implement Token Binding negotiation TLS extension

net/socket/ssl_client_socket.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/socket/ssl_client_socket.h"
 
 #include "base/metrics/histogram_macros.h"
 #include "base/metrics/sparse_histogram.h"
 #include "base/strings/string_util.h"
 #include "crypto/ec_private_key.h"
@@ skipping 137 matching lines @@
     else if (!supports_ecc)
       supported = CLIENT_NO_ECC;
     else
       supported = CLIENT_ONLY;
   }
   UMA_HISTOGRAM_ENUMERATION("DomainBoundCerts.Support", supported,
                             CHANNEL_ID_USAGE_MAX);
 }
 
 // static
+void SSLClientSocket::RecordTokenBindingSupport(
+    const SSLConfig& ssl_config,
+    ChannelIDService* channel_id_service,

[davidben, 2015/10/15 21:52:08]

Since TB won't touch ChannelIDService from SSLClientSocket, these bits should
probably go. Actually, I think you want the metrics to all be at the HTTP layer
as well, so that ChannelIDService is still available.

[nharper, 2015/10/20 22:52:18]

Gone.

+    bool negotiated_token_binding) {
+  // This enum is used for UMA histograms - do not remove or change any values.
+  enum {
+    DISABLED = 0,
+    CLIENT_ONLY = 1,
+    CLIENT_AND_SERVER = 2,
+    CLIENT_NO_ECC = 3,
+    CLIENT_NO_CHANNEL_ID_SERVICE = 4,
+    TOKEN_BINDING_USAGE_MAX
+  } supported = DISABLED;
+  if (negotiated_token_binding) {
+    supported = CLIENT_AND_SERVER;
+  } else if (IsTokenBindingEnabled(ssl_config, channel_id_service)) {
+    if (!channel_id_service) {
+      supported = CLIENT_NO_CHANNEL_ID_SERVICE;
+    } else if (!crypto::ECPrivateKey::IsSupported()) {

[davidben, 2015/10/15 21:52:08]

Oh! I'll go ahead and unwind that code.
(https://codereview.chromium.org/1408813002/) Assume this method always returns
true. We're done having to deal with system NSS's limitations in almost all
cases.

+      supported = CLIENT_NO_ECC;
+    } else {
+      supported = CLIENT_ONLY;
+    }
+  }
+  UMA_HISTOGRAM_ENUMERATION("TokenBinding.Support", supported,
+                            TOKEN_BINDING_USAGE_MAX);
+}
+
+// static
 bool SSLClientSocket::IsChannelIDEnabled(
     const SSLConfig& ssl_config,
     ChannelIDService* channel_id_service) {
   if (!ssl_config.channel_id_enabled)
     return false;
   if (!channel_id_service) {
     DVLOG(1) << "NULL channel_id_service_, not enabling channel ID.";
     return false;
   }
   if (!crypto::ECPrivateKey::IsSupported()) {
     DVLOG(1) << "Elliptic Curve not supported, not enabling channel ID.";
     return false;
   }
   return true;
 }
 
 // static
+bool SSLClientSocket::IsTokenBindingEnabled(
+    const SSLConfig& ssl_config,
+    ChannelIDService* channel_id_service) {

[davidben, 2015/10/15 21:52:08]

Ditto re ChannelIDService not being involved.

[nharper, 2015/10/20 22:52:18]

This method is now gone.

+  if (ssl_config.token_binding_params.size() != 1 ||
+      ssl_config.token_binding_params[0] != TB_PARAM_ECDSAP256_SHA256) {
+    return false;
+  }
+  return IsChannelIDEnabled(ssl_config, channel_id_service);

[davidben, 2015/10/15 21:52:08]

(This doesn't really make sense anyway since TB may be enabled while
channel_id_enabled is false, but probably this method can just go.)

+}
+
+// static
 bool SSLClientSocket::HasCipherAdequateForHTTP2(
     const std::vector<uint16>& cipher_suites) {
   for (uint16 cipher : cipher_suites) {
     if (IsSecureTLSCipherSuite(cipher))
       return true;
   }
   return false;
 }
 
 // static
@@ skipping 19 matching lines @@
     wire_protos.push_back(proto.size());
     for (const char ch : proto) {
       wire_protos.push_back(static_cast<uint8_t>(ch));
     }
   }
 
   return wire_protos;
 }
 
 }  // namespace net