Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(373)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/socket/ssl_client_socket_openssl.h

Issue 1360633002: Implement Token Binding negotiation TLS extension (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@test-server-flags
Patch Set: Rip out TB key lookup from SSLClientSocketOpenSSL; fold TokenBindingExtension class into SSLClientS… Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/socket/ssl_client_socket.cc ('K') | « net/socket/ssl_client_socket.cc ('k') | net/socket/ssl_client_socket_openssl.cc » ('j') | net/socket/ssl_client_socket_openssl.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_
6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_
7 7
8 #include <openssl/base.h> 8 #include <openssl/base.h>
9 #include <openssl/bytestring.h>
davidben 2015/10/15 21:52:09 Not needed. (Actually base.h will forward-declare
nharper 2015/10/20 22:52:19 Done.
9 #include <openssl/ssl.h> 10 #include <openssl/ssl.h>
10 11
11 #include <string> 12 #include <string>
12 #include <vector> 13 #include <vector>
13 14
14 #include "base/compiler_specific.h" 15 #include "base/compiler_specific.h"
15 #include "base/memory/scoped_ptr.h" 16 #include "base/memory/scoped_ptr.h"
16 #include "base/memory/weak_ptr.h" 17 #include "base/memory/weak_ptr.h"
17 #include "net/base/completion_callback.h" 18 #include "net/base/completion_callback.h"
18 #include "net/base/io_buffer.h" 19 #include "net/base/io_buffer.h"
(...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after
198 const EVP_MD* md, 199 const EVP_MD* md,
199 const uint8_t* in, 200 const uint8_t* in,
200 size_t in_len); 201 size_t in_len);
201 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, 202 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out,
202 size_t* out_len, 203 size_t* out_len,
203 size_t max_out); 204 size_t max_out);
204 205
205 void OnPrivateKeySignComplete(Error error, 206 void OnPrivateKeySignComplete(Error error,
206 const std::vector<uint8_t>& signature); 207 const std::vector<uint8_t>& signature);
207 208
209 // Token Binding Extension callbacks. RegisterTokenBidningExtensionCallbacks
davidben 2015/10/15 21:52:09 Bidning -> Binding
nharper 2015/10/20 22:52:19 Done.
210 // sets the following static methods as the callbacks for the boringssl custom
211 // extension API. The Add and Parse callbacks are wrappers around the instance
212 // methods; The Free callback is a wrapper around OPENSSL_free.
213 static bool RegisterTokenBindingExtensionCallbacks(SSL_CTX* ssl_ctx);
214 static int TokenBindingAddCallback(SSL* ssl,
215 unsigned int extension_value,
216 const uint8_t** out,
217 size_t* out_len,
218 int* out_alert_value,
219 void* add_arg);
220 static void TokenBindingFreeCallback(SSL* ssl,
221 unsigned int extension_value,
222 const uint8_t* out,
223 void* add_arg);
224 static int TokenBindingParseCallback(SSL* ssl,
225 unsigned int extension_value,
226 const uint8_t* contents,
227 size_t contents_len,
228 int* out_alert_value,
229 void* parse_arg);
230
231 int TokenBindingAdd(const uint8_t** out,
232 size_t* out_len,
233 int* out_alert_value);
234 int TokenBindingParse(const uint8_t* contents,
235 size_t contents_len,
236 int* out_alert_value);
237
208 bool transport_send_busy_; 238 bool transport_send_busy_;
209 bool transport_recv_busy_; 239 bool transport_recv_busy_;
210 240
211 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL. 241 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL.
212 // GrowableIOBuffer is used to keep ownership and setting offset. 242 // GrowableIOBuffer is used to keep ownership and setting offset.
213 scoped_refptr<GrowableIOBuffer> send_buffer_; 243 scoped_refptr<GrowableIOBuffer> send_buffer_;
214 scoped_refptr<GrowableIOBuffer> recv_buffer_; 244 scoped_refptr<GrowableIOBuffer> recv_buffer_;
215 245
216 CompletionCallback user_connect_callback_; 246 CompletionCallback user_connect_callback_;
217 CompletionCallback user_read_callback_; 247 CompletionCallback user_read_callback_;
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
269 CertVerifier* const cert_verifier_; 299 CertVerifier* const cert_verifier_;
270 scoped_ptr<CertVerifier::Request> cert_verifier_request_; 300 scoped_ptr<CertVerifier::Request> cert_verifier_request_;
271 base::TimeTicks start_cert_verification_time_; 301 base::TimeTicks start_cert_verification_time_;
272 302
273 // Certificate Transparency: Verifier and result holder. 303 // Certificate Transparency: Verifier and result holder.
274 ct::CTVerifyResult ct_verify_result_; 304 ct::CTVerifyResult ct_verify_result_;
275 CTVerifier* cert_transparency_verifier_; 305 CTVerifier* cert_transparency_verifier_;
276 306
277 // The service for retrieving Channel ID keys. May be NULL. 307 // The service for retrieving Channel ID keys. May be NULL.
278 ChannelIDService* channel_id_service_; 308 ChannelIDService* channel_id_service_;
309 bool tb_was_negotiated_;
310 TokenBindingParam tb_negotiated_param_;
279 311
280 // OpenSSL stuff 312 // OpenSSL stuff
281 SSL* ssl_; 313 SSL* ssl_;
282 BIO* transport_bio_; 314 BIO* transport_bio_;
283 315
284 scoped_ptr<ClientSocketHandle> transport_; 316 scoped_ptr<ClientSocketHandle> transport_;
285 const HostPortPair host_and_port_; 317 const HostPortPair host_and_port_;
286 SSLConfig ssl_config_; 318 SSLConfig ssl_config_;
287 // ssl_session_cache_shard_ is an opaque string that partitions the SSL 319 // ssl_session_cache_shard_ is an opaque string that partitions the SSL
288 // session cache. i.e. sessions created with one value will not attempt to 320 // session cache. i.e. sessions created with one value will not attempt to
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
332 // pinning failure. It is a (somewhat) human-readable string. 364 // pinning failure. It is a (somewhat) human-readable string.
333 std::string pinning_failure_log_; 365 std::string pinning_failure_log_;
334 366
335 BoundNetLog net_log_; 367 BoundNetLog net_log_;
336 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; 368 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_;
337 }; 369 };
338 370
339 } // namespace net 371 } // namespace net
340 372
341 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ 373 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_
OLDNEW
« net/socket/ssl_client_socket.cc ('K') | « net/socket/ssl_client_socket.cc ('k') | net/socket/ssl_client_socket_openssl.cc » ('j') | net/socket/ssl_client_socket_openssl.cc » ('J')

Powered by Google App Engine
This is Rietveld 408576698