Issue 2337253004: Update Token Binding code to the latest drafts

Issue 2337253004: Update Token Binding code to the latest drafts (Closed)

Created:
4 years, 3 months ago by nharper

Modified:
4 years, 3 months ago

Reviewers:
Devlin, davidben

CC:
chromium-reviews, chromium-apps-reviews_chromium.org, cbentzel+watch_chromium.org, fuzzing_chromium.org, extensions-reviews_chromium.org

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Update Token Binding code to the latest drafts draft-ietf-tokbind-protocol-10: - The TokenBinding.signature now closes over the token binding type. - Public key serialization is length prefixed to support parsing unknown key types. draft-ietf-tokbind-negotiation-05: - Require Renegotiation Indication draft-ietf-tokbind-https-06: - Sec-Token-Binding header base64 shouldn't include pad characters. - Include-Referred-Token-Binding-ID header's value is case insensitive. This also updates the tls and quic code to indicate support for draft version 10. BUG=467312 Committed: https://crrev.com/78e6d2b3325b16d8b637b9457a775557e1ec7e0e Cr-Commit-Position: refs/heads/master@{#419981}

Patch Set 1 #

Patch Set 2 : Fix compilation error in unit_tests #

Total comments: 12

Patch Set 3 : rebase #

Patch Set 4 : respond to davidben's comments #

Patch Set 5 : Add call to CBS_len() #

Created: 4 years, 3 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+348 lines, -136 lines)			Patch
M	chrome/browser/extensions/api/socket/tls_socket_unittest.cc	View	1	1 chunk	+4 lines, -2 lines	0 comments	Download
M	net/http/http_basic_stream.h	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/http/http_basic_stream.cc	View	1 2	1 chunk	+4 lines, -3 lines	0 comments	Download
M	net/http/http_network_transaction.cc	View	1 2	3 chunks	+7 lines, -6 lines	0 comments	Download
M	net/http/http_network_transaction_unittest.cc	View	1 2	2 chunks	+6 lines, -4 lines	0 comments	Download
M	net/http/http_response_body_drainer_unittest.cc	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/http/http_stream.h	View	1 2	2 chunks	+7 lines, -4 lines	0 comments	Download
M	net/http/http_stream_factory_impl_unittest.cc	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/http/http_stream_parser.h	View	1 2	2 chunks	+4 lines, -2 lines	0 comments	Download
M	net/http/http_stream_parser.cc	View	1 2	1 chunk	+4 lines, -3 lines	0 comments	Download
M	net/http/proxy_connect_redirect_http_stream.h	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/http/proxy_connect_redirect_http_stream.cc	View	1 2	1 chunk	+2 lines, -1 line	0 comments	Download
M	net/quic/chromium/quic_chromium_client_session.h	View	1 2	2 chunks	+6 lines, -3 lines	0 comments	Download
M	net/quic/chromium/quic_chromium_client_session.cc	View	1 2	4 chunks	+5 lines, -4 lines	0 comments	Download
M	net/quic/chromium/quic_http_stream.h	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/quic/chromium/quic_http_stream.cc	View	1 2	1 chunk	+4 lines, -3 lines	0 comments	Download
M	net/quic/chromium/quic_stream_factory.cc	View	1 2	1 chunk	+1 line, -1 line	0 comments	Download
M	net/socket/fuzzed_socket_factory.cc	View		1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/socket/socket_test_util.h	View		2 chunks	+6 lines, -4 lines	0 comments	Download
M	net/socket/socket_test_util.cc	View		2 chunks	+6 lines, -5 lines	0 comments	Download
M	net/socket/ssl_client_socket.h	View	1 2	2 chunks	+7 lines, -4 lines	0 comments	Download
M	net/socket/ssl_client_socket_impl.h	View	1 2	3 chunks	+7 lines, -4 lines	0 comments	Download
M	net/socket/ssl_client_socket_impl.cc	View	1 2 3	5 chunks	+16 lines, -13 lines	0 comments	Download
M	net/spdy/spdy_http_stream.h	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/spdy/spdy_http_stream.cc	View	1 2	1 chunk	+4 lines, -3 lines	0 comments	Download
M	net/spdy/spdy_session.h	View	1 2 3	1 chunk	+6 lines, -4 lines	0 comments	Download
M	net/spdy/spdy_session.cc	View		1 chunk	+4 lines, -3 lines	0 comments	Download
M	net/ssl/token_binding.h	View		2 chunks	+19 lines, -14 lines	0 comments	Download
M	net/ssl/token_binding.cc	View	1 2 3 4	6 chunks	+42 lines, -14 lines	0 comments	Download
M	net/url_request/url_request_http_job_unittest.cc	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/url_request/url_request_job.cc	View	1 2	1 chunk	+1 line, -0 lines	0 comments	Download
M	net/url_request/url_request_unittest.cc	View	1 2	6 chunks	+15 lines, -11 lines	0 comments	Download
M	net/websockets/websocket_basic_handshake_stream.h	View	1 2	1 chunk	+3 lines, -2 lines	0 comments	Download
M	net/websockets/websocket_basic_handshake_stream.cc	View	1 2	1 chunk	+2 lines, -1 line	0 comments	Download
M	third_party/tlslite/README.chromium	View		1 chunk	+3 lines, -0 lines	0 comments	Download
A	third_party/tlslite/patches/renegotiation_indication.patch	View		1 chunk	+86 lines, -0 lines	0 comments	Download
A	third_party/tlslite/patches/token_binding_version.patch	View		1 chunk	+22 lines, -0 lines	0 comments	Download
M	third_party/tlslite/tlslite/constants.py	View		1 chunk	+1 line, -0 lines	0 comments	Download
M	third_party/tlslite/tlslite/messages.py	View		6 chunks	+16 lines, -2 lines	0 comments	Download
M	third_party/tlslite/tlslite/tlsconnection.py	View		2 chunks	+4 lines, -0 lines	0 comments	Download

Messages

Total messages: 26 (13 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

davidben

lgtm with comments https://codereview.chromium.org/2337253004/diff/20001/net/quic/chromium/quic_stream_factory.cc File net/quic/chromium/quic_stream_factory.cc (right): https://codereview.chromium.org/2337253004/diff/20001/net/quic/chromium/quic_stream_factory.cc#newcode811 net/quic/chromium/quic_stream_factory.cc:811: crypto_config_.tb_key_params.push_back(kTB10); Mention the change in the ...

4 years, 3 months ago (2016-09-19 21:24:14 UTC) #8

nharper

ptal https://codereview.chromium.org/2337253004/diff/20001/net/quic/chromium/quic_stream_factory.cc File net/quic/chromium/quic_stream_factory.cc (right): https://codereview.chromium.org/2337253004/diff/20001/net/quic/chromium/quic_stream_factory.cc#newcode811 net/quic/chromium/quic_stream_factory.cc:811: crypto_config_.tb_key_params.push_back(kTB10); On 2016/09/19 21:24:14, davidben wrote: > Mention ...

4 years, 3 months ago (2016-09-19 22:32:23 UTC) #12

davidben

https://codereview.chromium.org/2337253004/diff/20001/net/ssl/token_binding.cc File net/ssl/token_binding.cc (right): https://codereview.chromium.org/2337253004/diff/20001/net/ssl/token_binding.cc#newcode163 net/ssl/token_binding.cc:163: !CBS_get_u8_length_prefixed(&public_key, &ec_point) || On 2016/09/19 22:32:23, nharper wrote: > ...

4 years, 3 months ago (2016-09-19 22:35:40 UTC) #13

nharper

4 years, 3 months ago (2016-09-19 22:45:06 UTC) #14

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2337253004/70041

4 years, 3 months ago (2016-09-20 22:35:09 UTC) #18

commit-bot: I haz the power

Try jobs failed on following builders: linux_android_rel_ng on master.tryserver.chromium.android (JOB_FAILED, https://build.chromium.org/p/tryserver.chromium.android/builders/linux_android_rel_ng/builds/145014)

4 years, 3 months ago (2016-09-21 02:12:12 UTC) #20

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.org/2337253004/70041

4 years, 3 months ago (2016-09-21 04:03:38 UTC) #22

commit-bot: I haz the power

4 years, 3 months ago (2016-09-21 05:45:35 UTC) #26

Message was sent while issue was closed.

Patchset 5 (id:??) landed as
https://crrev.com/78e6d2b3325b16d8b637b9457a775557e1ec7e0e
Cr-Commit-Position: refs/heads/master@{#419981}

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages