OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 // OpenSSL binding for SSLClientSocket. The class layout and general principle | 5 // OpenSSL binding for SSLClientSocket. The class layout and general principle |
6 // of operation is derived from SSLClientSocketNSS. | 6 // of operation is derived from SSLClientSocketNSS. |
7 | 7 |
8 #include "net/socket/ssl_client_socket_openssl.h" | 8 #include "net/socket/ssl_client_socket_openssl.h" |
9 | 9 |
10 #include <errno.h> | 10 #include <errno.h> |
(...skipping 13 matching lines...) Expand all Loading... |
24 #include "base/macros.h" | 24 #include "base/macros.h" |
25 #include "base/memory/singleton.h" | 25 #include "base/memory/singleton.h" |
26 #include "base/metrics/histogram_macros.h" | 26 #include "base/metrics/histogram_macros.h" |
27 #include "base/metrics/sparse_histogram.h" | 27 #include "base/metrics/sparse_histogram.h" |
28 #include "base/profiler/scoped_tracker.h" | 28 #include "base/profiler/scoped_tracker.h" |
29 #include "base/strings/string_number_conversions.h" | 29 #include "base/strings/string_number_conversions.h" |
30 #include "base/strings/string_piece.h" | 30 #include "base/strings/string_piece.h" |
31 #include "base/synchronization/lock.h" | 31 #include "base/synchronization/lock.h" |
32 #include "base/threading/thread_local.h" | 32 #include "base/threading/thread_local.h" |
33 #include "base/values.h" | 33 #include "base/values.h" |
| 34 #include "crypto/auto_cbb.h" |
34 #include "crypto/ec_private_key.h" | 35 #include "crypto/ec_private_key.h" |
35 #include "crypto/openssl_util.h" | 36 #include "crypto/openssl_util.h" |
36 #include "crypto/scoped_openssl_types.h" | 37 #include "crypto/scoped_openssl_types.h" |
37 #include "net/base/ip_address_number.h" | 38 #include "net/base/ip_address_number.h" |
38 #include "net/base/net_errors.h" | 39 #include "net/base/net_errors.h" |
39 #include "net/cert/cert_verifier.h" | 40 #include "net/cert/cert_verifier.h" |
40 #include "net/cert/ct_ev_whitelist.h" | 41 #include "net/cert/ct_ev_whitelist.h" |
41 #include "net/cert/ct_policy_enforcer.h" | 42 #include "net/cert/ct_policy_enforcer.h" |
42 #include "net/cert/ct_policy_status.h" | 43 #include "net/cert/ct_policy_status.h" |
43 #include "net/cert/ct_verifier.h" | 44 #include "net/cert/ct_verifier.h" |
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
108 *hash = SSLPrivateKey::Hash::SHA384; | 109 *hash = SSLPrivateKey::Hash::SHA384; |
109 return true; | 110 return true; |
110 case NID_sha512: | 111 case NID_sha512: |
111 *hash = SSLPrivateKey::Hash::SHA512; | 112 *hash = SSLPrivateKey::Hash::SHA512; |
112 return true; | 113 return true; |
113 default: | 114 default: |
114 return false; | 115 return false; |
115 } | 116 } |
116 } | 117 } |
117 | 118 |
118 class ScopedCBB { | |
119 public: | |
120 ScopedCBB() { CBB_zero(&cbb_); } | |
121 ~ScopedCBB() { CBB_cleanup(&cbb_); } | |
122 | |
123 CBB* get() { return &cbb_; } | |
124 | |
125 private: | |
126 CBB cbb_; | |
127 DISALLOW_COPY_AND_ASSIGN(ScopedCBB); | |
128 }; | |
129 | |
130 scoped_ptr<base::Value> NetLogPrivateKeyOperationCallback( | 119 scoped_ptr<base::Value> NetLogPrivateKeyOperationCallback( |
131 SSLPrivateKey::Type type, | 120 SSLPrivateKey::Type type, |
132 SSLPrivateKey::Hash hash, | 121 SSLPrivateKey::Hash hash, |
133 NetLogCaptureMode mode) { | 122 NetLogCaptureMode mode) { |
134 std::string type_str; | 123 std::string type_str; |
135 switch (type) { | 124 switch (type) { |
136 case SSLPrivateKey::Type::RSA: | 125 case SSLPrivateKey::Type::RSA: |
137 type_str = "RSA"; | 126 type_str = "RSA"; |
138 break; | 127 break; |
139 case SSLPrivateKey::Type::ECDSA: | 128 case SSLPrivateKey::Type::ECDSA: |
(...skipping 2110 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2250 // asynchronous private key operation. | 2239 // asynchronous private key operation. |
2251 PumpReadWriteEvents(); | 2240 PumpReadWriteEvents(); |
2252 } | 2241 } |
2253 | 2242 |
2254 int SSLClientSocketOpenSSL::TokenBindingAdd(const uint8_t** out, | 2243 int SSLClientSocketOpenSSL::TokenBindingAdd(const uint8_t** out, |
2255 size_t* out_len, | 2244 size_t* out_len, |
2256 int* out_alert_value) { | 2245 int* out_alert_value) { |
2257 if (ssl_config_.token_binding_params.empty()) { | 2246 if (ssl_config_.token_binding_params.empty()) { |
2258 return 0; | 2247 return 0; |
2259 } | 2248 } |
2260 ScopedCBB output; | 2249 crypto::AutoCBB output; |
2261 CBB parameters_list; | 2250 CBB parameters_list; |
2262 if (!CBB_init(output.get(), 7) || | 2251 if (!CBB_init(output.get(), 7) || |
2263 !CBB_add_u8(output.get(), kTbProtocolVersionMajor) || | 2252 !CBB_add_u8(output.get(), kTbProtocolVersionMajor) || |
2264 !CBB_add_u8(output.get(), kTbProtocolVersionMinor) || | 2253 !CBB_add_u8(output.get(), kTbProtocolVersionMinor) || |
2265 !CBB_add_u8_length_prefixed(output.get(), ¶meters_list)) { | 2254 !CBB_add_u8_length_prefixed(output.get(), ¶meters_list)) { |
2266 *out_alert_value = SSL_AD_INTERNAL_ERROR; | 2255 *out_alert_value = SSL_AD_INTERNAL_ERROR; |
2267 return -1; | 2256 return -1; |
2268 } | 2257 } |
2269 for (size_t i = 0; i < ssl_config_.token_binding_params.size(); ++i) { | 2258 for (size_t i = 0; i < ssl_config_.token_binding_params.size(); ++i) { |
2270 if (!CBB_add_u8(¶meters_list, ssl_config_.token_binding_params[i])) { | 2259 if (!CBB_add_u8(¶meters_list, ssl_config_.token_binding_params[i])) { |
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
2324 tb_was_negotiated_ = true; | 2313 tb_was_negotiated_ = true; |
2325 return 1; | 2314 return 1; |
2326 } | 2315 } |
2327 } | 2316 } |
2328 | 2317 |
2329 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; | 2318 *out_alert_value = SSL_AD_ILLEGAL_PARAMETER; |
2330 return 0; | 2319 return 0; |
2331 } | 2320 } |
2332 | 2321 |
2333 } // namespace net | 2322 } // namespace net |
OLD | NEW |