net/ssl/token_binding_openssl.cc - Issue 1636453004: Update Token Binding code to match latest draft draft-ietf-tokbind-protocol-04

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: net/ssl/token_binding_openssl.cc

Issue 1636453004: Update Token Binding code to match latest draft draft-ietf-tokbind-protocol-04 (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Bump TB version in tlslite Created 4 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/ssl/token_binding_openssl.cc

diff --git a/net/ssl/token_binding_openssl.cc b/net/ssl/token_binding_openssl.cc

index 0cfc3fe94d816cc0dd616a3b20105c2f10ec2969..a9346a0aa1c9c700c2fd02dee6e4f61d95f29db1 100644

--- a/net/ssl/token_binding_openssl.cc

+++ b/net/ssl/token_binding_openssl.cc

@@ -23,11 +23,9 @@ enum TokenBindingType {

TB_TYPE_REFERRED = 1,

};

-bool BuildTokenBindingID(TokenBindingType type,

- crypto::ECPrivateKey* key,

- CBB* out) {

+bool BuildTokenBindingID(crypto::ECPrivateKey* key, CBB* out) {

CBB ec_point;

- if (!CBB_add_u8(out, type) || !CBB_add_u8(out, TB_PARAM_ECDSAP256) ||

+ if (!CBB_add_u8(out, TB_PARAM_ECDSAP256) ||

!CBB_add_u8_length_prefixed(out, &ec_point)) {

return false;

}

@@ -46,6 +44,28 @@ bool BuildTokenBindingID(TokenBindingType type,

return true;

}

+Error BuildTokenBinding(TokenBindingType type,

+ crypto::ECPrivateKey* key,

+ const std::vector<uint8_t>& signed_ekm,

+ std::string* out) {

+ uint8_t* out_data;

+ size_t out_len;

+ CBB token_binding;

+ if (!CBB_init(&token_binding, 0) || !CBB_add_u8(&token_binding, type) ||

+ !BuildTokenBindingID(key, &token_binding) ||

+ !CBB_add_u16(&token_binding, signed_ekm.size()) ||

+ !CBB_add_bytes(&token_binding, signed_ekm.data(), signed_ekm.size()) ||

+ // 0-length extensions

+ !CBB_add_u16(&token_binding, 0) ||

+ !CBB_finish(&token_binding, &out_data, &out_len)) {

+ CBB_cleanup(&token_binding);

+ return ERR_FAILED;

+ }

+ out->assign(reinterpret_cast<char*>(out_data), out_len);

+ OPENSSL_free(out_data);

+ return OK;

} // namespace

Error BuildTokenBindingMessageFromTokenBindings(

@@ -80,22 +100,7 @@ Error BuildTokenBindingMessageFromTokenBindings(

Error BuildProvidedTokenBinding(crypto::ECPrivateKey* key,

const std::vector<uint8_t>& signed_ekm,

std::string* out) {

- uint8_t* out_data;

- size_t out_len;

- CBB token_binding;

- if (!CBB_init(&token_binding, 0) ||

- !BuildTokenBindingID(TB_TYPE_PROVIDED, key, &token_binding) ||

- !CBB_add_u16(&token_binding, signed_ekm.size()) ||

- !CBB_add_bytes(&token_binding, signed_ekm.data(), signed_ekm.size()) ||

- // 0-length extensions

- !CBB_add_u16(&token_binding, 0) ||

- !CBB_finish(&token_binding, &out_data, &out_len)) {

- CBB_cleanup(&token_binding);

- return ERR_FAILED;

- }

- out->assign(reinterpret_cast<char*>(out_data), out_len);

- OPENSSL_free(out_data);

- return OK;

+ return BuildTokenBinding(TB_TYPE_PROVIDED, key, signed_ekm, out);

}

bool ParseTokenBindingMessage(base::StringPiece token_binding_message,

« no previous file with comments | « net/ssl/token_binding.h ('k') | third_party/tlslite/README.chromium » ('j') | no next file with comments »