| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 5 #ifndef NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 6 #define NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| 7 | 7 |
| 8 #include <openssl/base.h> | 8 #include <openssl/base.h> |
| 9 #include <openssl/ssl.h> | 9 #include <openssl/ssl.h> |
| 10 #include <stdint.h> | 10 #include <stdint.h> |
| (...skipping 192 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 203 const EVP_MD* md, | 203 const EVP_MD* md, |
| 204 const uint8_t* in, | 204 const uint8_t* in, |
| 205 size_t in_len); | 205 size_t in_len); |
| 206 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, | 206 ssl_private_key_result_t PrivateKeySignCompleteCallback(uint8_t* out, |
| 207 size_t* out_len, | 207 size_t* out_len, |
| 208 size_t max_out); | 208 size_t max_out); |
| 209 | 209 |
| 210 void OnPrivateKeySignComplete(Error error, | 210 void OnPrivateKeySignComplete(Error error, |
| 211 const std::vector<uint8_t>& signature); | 211 const std::vector<uint8_t>& signature); |
| 212 | 212 |
| 213 // Token Binding Extension callbacks. The Add and Parse callbacks are wrappers |
| 214 // around the instance methods. |
| 215 static int TokenBindingAddCallback(SSL* ssl, |
| 216 unsigned int extension_value, |
| 217 const uint8_t** out, |
| 218 size_t* out_len, |
| 219 int* out_alert_value, |
| 220 void* add_arg); |
| 221 static void TokenBindingFreeCallback(SSL* ssl, |
| 222 unsigned int extension_value, |
| 223 const uint8_t* out, |
| 224 void* add_arg); |
| 225 static int TokenBindingParseCallback(SSL* ssl, |
| 226 unsigned int extension_value, |
| 227 const uint8_t* contents, |
| 228 size_t contents_len, |
| 229 int* out_alert_value, |
| 230 void* parse_arg); |
| 231 |
| 232 int TokenBindingAdd(const uint8_t** out, |
| 233 size_t* out_len, |
| 234 int* out_alert_value); |
| 235 int TokenBindingParse(const uint8_t* contents, |
| 236 size_t contents_len, |
| 237 int* out_alert_value); |
| 238 |
| 213 bool transport_send_busy_; | 239 bool transport_send_busy_; |
| 214 bool transport_recv_busy_; | 240 bool transport_recv_busy_; |
| 215 | 241 |
| 216 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL. | 242 // Buffers which are shared by BoringSSL and SSLClientSocketOpenSSL. |
| 217 // GrowableIOBuffer is used to keep ownership and setting offset. | 243 // GrowableIOBuffer is used to keep ownership and setting offset. |
| 218 scoped_refptr<GrowableIOBuffer> send_buffer_; | 244 scoped_refptr<GrowableIOBuffer> send_buffer_; |
| 219 scoped_refptr<GrowableIOBuffer> recv_buffer_; | 245 scoped_refptr<GrowableIOBuffer> recv_buffer_; |
| 220 | 246 |
| 221 CompletionCallback user_connect_callback_; | 247 CompletionCallback user_connect_callback_; |
| 222 CompletionCallback user_read_callback_; | 248 CompletionCallback user_read_callback_; |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 274 CertVerifier* const cert_verifier_; | 300 CertVerifier* const cert_verifier_; |
| 275 scoped_ptr<CertVerifier::Request> cert_verifier_request_; | 301 scoped_ptr<CertVerifier::Request> cert_verifier_request_; |
| 276 base::TimeTicks start_cert_verification_time_; | 302 base::TimeTicks start_cert_verification_time_; |
| 277 | 303 |
| 278 // Certificate Transparency: Verifier and result holder. | 304 // Certificate Transparency: Verifier and result holder. |
| 279 ct::CTVerifyResult ct_verify_result_; | 305 ct::CTVerifyResult ct_verify_result_; |
| 280 CTVerifier* cert_transparency_verifier_; | 306 CTVerifier* cert_transparency_verifier_; |
| 281 | 307 |
| 282 // The service for retrieving Channel ID keys. May be NULL. | 308 // The service for retrieving Channel ID keys. May be NULL. |
| 283 ChannelIDService* channel_id_service_; | 309 ChannelIDService* channel_id_service_; |
| 310 bool tb_was_negotiated_; |
| 311 TokenBindingParam tb_negotiated_param_; |
| 284 | 312 |
| 285 // OpenSSL stuff | 313 // OpenSSL stuff |
| 286 SSL* ssl_; | 314 SSL* ssl_; |
| 287 BIO* transport_bio_; | 315 BIO* transport_bio_; |
| 288 | 316 |
| 289 scoped_ptr<ClientSocketHandle> transport_; | 317 scoped_ptr<ClientSocketHandle> transport_; |
| 290 const HostPortPair host_and_port_; | 318 const HostPortPair host_and_port_; |
| 291 SSLConfig ssl_config_; | 319 SSLConfig ssl_config_; |
| 292 // ssl_session_cache_shard_ is an opaque string that partitions the SSL | 320 // ssl_session_cache_shard_ is an opaque string that partitions the SSL |
| 293 // session cache. i.e. sessions created with one value will not attempt to | 321 // session cache. i.e. sessions created with one value will not attempt to |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 337 // pinning failure. It is a (somewhat) human-readable string. | 365 // pinning failure. It is a (somewhat) human-readable string. |
| 338 std::string pinning_failure_log_; | 366 std::string pinning_failure_log_; |
| 339 | 367 |
| 340 BoundNetLog net_log_; | 368 BoundNetLog net_log_; |
| 341 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; | 369 base::WeakPtrFactory<SSLClientSocketOpenSSL> weak_factory_; |
| 342 }; | 370 }; |
| 343 | 371 |
| 344 } // namespace net | 372 } // namespace net |
| 345 | 373 |
| 346 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ | 374 #endif // NET_SOCKET_SSL_CLIENT_SOCKET_OPENSSL_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1360633002:
Implement Token Binding negotiation TLS extension (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@test-server-flags