Plumbing SSLPrivateKey (//net)

net/socket/ssl_client_socket_openssl.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 // OpenSSL binding for SSLClientSocket. The class layout and general principle
 // of operation is derived from SSLClientSocketNSS.
 
 #include "net/socket/ssl_client_socket_openssl.h"
 
 #include <errno.h>
 #include <openssl/bio.h>
 #include <openssl/bytestring.h>
 #include <openssl/err.h>
 #include <openssl/evp.h>
 #include <openssl/mem.h>
 #include <openssl/ssl.h>
 #include <string.h>
 
 #include "base/bind.h"
 #include "base/callback_helpers.h"
 #include "base/lazy_instance.h"
 #include "base/memory/singleton.h"
 #include "base/metrics/histogram_macros.h"
 #include "base/profiler/scoped_tracker.h"
 #include "base/stl_util.h"
 #include "base/strings/string_piece.h"
 #include "base/synchronization/lock.h"
-#include "base/threading/sequenced_worker_pool.h"
 #include "base/threading/thread_local.h"
 #include "base/values.h"
 #include "crypto/ec_private_key.h"
 #include "crypto/openssl_util.h"
 #include "crypto/scoped_openssl_types.h"
 #include "net/base/ip_address_number.h"
 #include "net/base/net_errors.h"
 #include "net/cert/cert_policy_enforcer.h"
 #include "net/cert/cert_verifier.h"
 #include "net/cert/ct_ev_whitelist.h"
@@ skipping 132 matching lines @@
       *hash = SSLPrivateKey::Hash::SHA384;
       return true;
     case NID_sha512:
       *hash = SSLPrivateKey::Hash::SHA512;
       return true;
     default:
       return false;
   }
 }
 
-#if !defined(OS_NACL)
-class PlatformKeyTaskRunner {
- public:
-  PlatformKeyTaskRunner() {
-    // Serialize all the private key operations on a single background
-    // thread to avoid problems with buggy smartcards.
-    worker_pool_ = new base::SequencedWorkerPool(1, "Platform Key Thread");
-    task_runner_ = worker_pool_->GetSequencedTaskRunnerWithShutdownBehavior(
-        worker_pool_->GetSequenceToken(),
-        base::SequencedWorkerPool::CONTINUE_ON_SHUTDOWN);
-  }
-
-  scoped_refptr<base::SequencedTaskRunner> task_runner() {
-    return task_runner_;
-  }
-
- private:
-  scoped_refptr<base::SequencedWorkerPool> worker_pool_;
-  scoped_refptr<base::SequencedTaskRunner> task_runner_;
-
-  DISALLOW_COPY_AND_ASSIGN(PlatformKeyTaskRunner);
-};
-
-base::LazyInstance<PlatformKeyTaskRunner>::Leaky g_platform_key_task_runner =
-    LAZY_INSTANCE_INITIALIZER;
-#endif
-
 class ScopedCBB {
  public:
   ScopedCBB() { CBB_zero(&cbb_); }
   ~ScopedCBB() { CBB_cleanup(&cbb_); }
 
   CBB* get() { return &cbb_; }
 
  private:
   CBB cbb_;
   DISALLOW_COPY_AND_ASSIGN(ScopedCBB);
 };
-
 }  // namespace
 
 class SSLClientSocketOpenSSL::SSLContext {
  public:
   static SSLContext* GetInstance() {
     return base::Singleton<SSLContext>::get();
   }
   SSL_CTX* ssl_ctx() { return ssl_ctx_.get(); }
   SSLClientSessionCacheOpenSSL* session_cache() { return &session_cache_; }
 
@@ skipping 442 matching lines @@
   npn_status_ = kNextProtoUnsupported;
   npn_proto_.clear();
 
   channel_id_sent_ = false;
   tb_was_negotiated_ = false;
   session_pending_ = false;
   certificate_verified_ = false;
   channel_id_request_.Cancel();
   ssl_failure_state_ = SSL_FAILURE_NONE;
 
-  private_key_.reset();
   signature_result_ = kNoPendingResult;
   signature_.clear();
 }
 
 bool SSLClientSocketOpenSSL::IsConnected() const {
   // If the handshake has not yet completed.
   if (!completed_connect_)
     return false;
   // If an asynchronous operation is still pending.
   if (user_read_buf_.get() || user_write_buf_.get())
@@ skipping 409 matching lines @@
       // The server supports channel ID. Stop to look one up before returning to
       // the handshake.
       GotoState(STATE_CHANNEL_ID_LOOKUP);
       return OK;
     }
     if (ssl_error == SSL_ERROR_WANT_X509_LOOKUP &&
         !ssl_config_.send_client_cert) {
       return ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
     }
     if (ssl_error == SSL_ERROR_WANT_PRIVATE_KEY_OPERATION) {
-      DCHECK(private_key_);
+      DCHECK(ssl_config_.client_private_key);
       DCHECK_NE(kNoPendingResult, signature_result_);
       GotoState(STATE_HANDSHAKE);
       return ERR_IO_PENDING;
     }
 
     OpenSSLErrorInfo error_info;
     net_error = MapOpenSSLErrorWithDetails(ssl_error, err_tracer, &error_info);
     if (net_error == ERR_IO_PENDING) {
       // If not done, stay in this state
       GotoState(STATE_HANDSHAKE);
@@ skipping 450 matching lines @@
     // error, so it does not occur. The second and third are distinguished by
     // SSL_ERROR_ZERO_RETURN.
     pending_read_ssl_error_ = SSL_get_error(ssl_, ssl_ret);
     if (pending_read_ssl_error_ == SSL_ERROR_ZERO_RETURN) {
       pending_read_error_ = 0;
     } else if (pending_read_ssl_error_ == SSL_ERROR_WANT_X509_LOOKUP &&
                !ssl_config_.send_client_cert) {
       pending_read_error_ = ERR_SSL_CLIENT_AUTH_CERT_NEEDED;
     } else if (pending_read_ssl_error_ ==
                SSL_ERROR_WANT_PRIVATE_KEY_OPERATION) {
-      DCHECK(private_key_);
+      DCHECK(ssl_config_.client_private_key);
       DCHECK_NE(kNoPendingResult, signature_result_);
       pending_read_error_ = ERR_IO_PENDING;
     } else {
       pending_read_error_ = MapOpenSSLErrorWithDetails(
           pending_read_ssl_error_, err_tracer, &pending_read_error_info_);
     }
 
     // Many servers do not reliably send a close_notify alert when shutting down
     // a connection, and instead terminate the TCP connection. This is reported
     // as ERR_CONNECTION_CLOSED. Because of this, map the unclean shutdown to a
@@ skipping 269 matching lines @@
       OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_CERT_BAD_FORMAT);
       return -1;
     }
 
     if (!SSL_use_certificate(ssl_, leaf_x509.get()) ||
         !SSL_set1_chain(ssl_, chain.get())) {
       LOG(WARNING) << "Failed to set client certificate";
       return -1;
     }
 
-#if defined(OS_NACL)
-      OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY);
-      return -1;
-#else
-    // TODO(davidben): Lift this call up to the embedder so we can actually test
-    // this code. https://crbug.com/394131
-    private_key_ = FetchClientCertPrivateKey(
-        ssl_config_.client_cert.get(),
-        g_platform_key_task_runner.Get().task_runner());
-    if (!private_key_) {
-      // Could not find the private key. Fail the handshake and surface an
-      // appropriate error to the caller.
+    if (!ssl_config_.client_private_key) {
+      // The caller supplied a null private key. Fail the handshake and surface
+      // an appropriate error to the caller.
       LOG(WARNING) << "Client cert found without private key";
       OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_CERT_NO_PRIVATE_KEY);
       return -1;
     }
 
     SSL_set_private_key_method(ssl_, &SSLContext::kPrivateKeyMethod);
 
     std::vector<SSLPrivateKey::Hash> digest_prefs =
-        private_key_->GetDigestPreferences();
+        ssl_config_.client_private_key->GetDigestPreferences();
 
     size_t digests_len = digest_prefs.size();
     std::vector<int> digests;
     for (size_t i = 0; i < digests_len; i++) {
       switch (digest_prefs[i]) {
         case SSLPrivateKey::Hash::SHA1:
           digests.push_back(NID_sha1);
           break;
         case SSLPrivateKey::Hash::SHA256:
           digests.push_back(NID_sha256);
           break;
         case SSLPrivateKey::Hash::SHA384:
           digests.push_back(NID_sha384);
           break;
         case SSLPrivateKey::Hash::SHA512:
           digests.push_back(NID_sha512);
           break;
         case SSLPrivateKey::Hash::MD5_SHA1:
           // MD5-SHA1 is not used in TLS 1.2.
           break;
       }
     }
 
     SSL_set_private_key_digest_prefs(ssl_, vector_as_array(&digests),
                                      digests.size());
-#endif  // !OS_NACL
 
     int cert_count = 1 + sk_X509_num(chain.get());
     net_log_.AddEvent(NetLog::TYPE_SSL_CLIENT_CERT_PROVIDED,
                       NetLog::IntCallback("cert_count", cert_count));
     return 1;
   }
 #endif  // defined(OS_IOS)
 
   // Send no client certificate.
   net_log_.AddEvent(NetLog::TYPE_SSL_CLIENT_CERT_PROVIDED,
@@ skipping 213 matching lines @@
 
   NextProto next_proto = NextProtoFromString(npn_proto_);
   for (NextProto allowed : ssl_config_.renego_allowed_for_protos) {
     if (next_proto == allowed)
       return true;
   }
   return false;
 }
 
 int SSLClientSocketOpenSSL::PrivateKeyTypeCallback() {
-  switch (private_key_->GetType()) {
+  switch (ssl_config_.client_private_key->GetType()) {
     case SSLPrivateKey::Type::RSA:
       return EVP_PKEY_RSA;
     case SSLPrivateKey::Type::ECDSA:
       return EVP_PKEY_EC;
   }
   NOTREACHED();
   return EVP_PKEY_NONE;
 }
 
 size_t SSLClientSocketOpenSSL::PrivateKeyMaxSignatureLenCallback() {
-  return private_key_->GetMaxSignatureLengthInBytes();
+  return ssl_config_.client_private_key->GetMaxSignatureLengthInBytes();
 }
 
 ssl_private_key_result_t SSLClientSocketOpenSSL::PrivateKeySignCallback(
     uint8_t* out,
     size_t* out_len,
     size_t max_out,
     const EVP_MD* md,
     const uint8_t* in,
     size_t in_len) {
   DCHECK_EQ(kNoPendingResult, signature_result_);
   DCHECK(signature_.empty());
-  DCHECK(private_key_);
+  DCHECK(ssl_config_.client_private_key);
 
   net_log_.BeginEvent(NetLog::TYPE_SSL_PRIVATE_KEY_OPERATION);
 
   SSLPrivateKey::Hash hash;
   if (!EVP_MDToPrivateKeyHash(md, &hash)) {
     OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);
     return ssl_private_key_failure;
   }
 
   signature_result_ = ERR_IO_PENDING;
-  private_key_->SignDigest(
+  ssl_config_.client_private_key->SignDigest(
       hash, base::StringPiece(reinterpret_cast<const char*>(in), in_len),
       base::Bind(&SSLClientSocketOpenSSL::OnPrivateKeySignComplete,
                  weak_factory_.GetWeakPtr()));
   return ssl_private_key_retry;
 }
 
 ssl_private_key_result_t SSLClientSocketOpenSSL::PrivateKeySignCompleteCallback(
     uint8_t* out,
     size_t* out_len,
     size_t max_out) {
   DCHECK_NE(kNoPendingResult, signature_result_);
-  DCHECK(private_key_);
+  DCHECK(ssl_config_.client_private_key);
 
   if (signature_result_ == ERR_IO_PENDING)
     return ssl_private_key_retry;
   if (signature_result_ != OK) {
     OpenSSLPutNetError(FROM_HERE, signature_result_);
     return ssl_private_key_failure;
   }
   if (signature_.size() > max_out) {
     OpenSSLPutNetError(FROM_HERE, ERR_SSL_CLIENT_AUTH_SIGNATURE_FAILED);
     return ssl_private_key_failure;
   }
   memcpy(out, vector_as_array(&signature_), signature_.size());
   *out_len = signature_.size();
   signature_.clear();
   return ssl_private_key_success;
 }
 
 void SSLClientSocketOpenSSL::OnPrivateKeySignComplete(
     Error error,
     const std::vector<uint8_t>& signature) {
   DCHECK_EQ(ERR_IO_PENDING, signature_result_);
   DCHECK(signature_.empty());
-  DCHECK(private_key_);
+  DCHECK(ssl_config_.client_private_key);
 
   net_log_.EndEventWithNetErrorCode(NetLog::TYPE_SSL_PRIVATE_KEY_OPERATION,
                                     error);
 
   signature_result_ = error;
   if (signature_result_ == OK)
     signature_ = signature;
 
   if (next_handshake_state_ == STATE_HANDSHAKE) {
     OnHandshakeIOComplete(signature_result_);
@@ skipping 78 matching lines @@
       tb_was_negotiated_ = true;
       return 1;
     }
   }
 
   *out_alert_value = SSL_AD_ILLEGAL_PARAMETER;
   return 0;
 }
 
 }  // namespace net