| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "net/quic/chromium/quic_chromium_client_session.h" | 5 #include "net/quic/chromium/quic_chromium_client_session.h" |
| 6 | 6 |
| 7 #include <openssl/ssl.h> | 7 #include <openssl/ssl.h> |
| 8 | 8 |
| 9 #include <utility> | 9 #include <utility> |
| 10 | 10 |
| (...skipping 575 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 586 ssl_info->connection_status = ssl_connection_status; | 586 ssl_info->connection_status = ssl_connection_status; |
| 587 ssl_info->client_cert_sent = false; | 587 ssl_info->client_cert_sent = false; |
| 588 ssl_info->channel_id_sent = crypto_stream_->WasChannelIDSent(); | 588 ssl_info->channel_id_sent = crypto_stream_->WasChannelIDSent(); |
| 589 ssl_info->security_bits = security_bits; | 589 ssl_info->security_bits = security_bits; |
| 590 ssl_info->handshake_type = SSLInfo::HANDSHAKE_FULL; | 590 ssl_info->handshake_type = SSLInfo::HANDSHAKE_FULL; |
| 591 ssl_info->pinning_failure_log = pinning_failure_log_; | 591 ssl_info->pinning_failure_log = pinning_failure_log_; |
| 592 | 592 |
| 593 ssl_info->UpdateCertificateTransparencyInfo(*ct_verify_result_); | 593 ssl_info->UpdateCertificateTransparencyInfo(*ct_verify_result_); |
| 594 | 594 |
| 595 if (crypto_stream_->crypto_negotiated_params().token_binding_key_param == | 595 if (crypto_stream_->crypto_negotiated_params().token_binding_key_param == |
| 596 kP256) { | 596 kTB10) { |
| 597 ssl_info->token_binding_negotiated = true; | 597 ssl_info->token_binding_negotiated = true; |
| 598 ssl_info->token_binding_key_param = TB_PARAM_ECDSAP256; | 598 ssl_info->token_binding_key_param = TB_PARAM_ECDSAP256; |
| 599 } | 599 } |
| 600 | 600 |
| 601 return true; | 601 return true; |
| 602 } | 602 } |
| 603 | 603 |
| 604 Error QuicChromiumClientSession::GetTokenBindingSignature( | 604 Error QuicChromiumClientSession::GetTokenBindingSignature( |
| 605 crypto::ECPrivateKey* key, | 605 crypto::ECPrivateKey* key, |
| 606 TokenBindingType tb_type, |
| 606 std::vector<uint8_t>* out) { | 607 std::vector<uint8_t>* out) { |
| 607 // The same key will be used across multiple requests to sign the same value, | 608 // The same key will be used across multiple requests to sign the same value, |
| 608 // so the signature is cached. | 609 // so the signature is cached. |
| 609 std::string raw_public_key; | 610 std::string raw_public_key; |
| 610 if (!key->ExportRawPublicKey(&raw_public_key)) | 611 if (!key->ExportRawPublicKey(&raw_public_key)) |
| 611 return ERR_FAILED; | 612 return ERR_FAILED; |
| 612 TokenBindingSignatureMap::iterator it = | 613 TokenBindingSignatureMap::iterator it = |
| 613 token_binding_signatures_.Get(raw_public_key); | 614 token_binding_signatures_.Get(std::make_pair(tb_type, raw_public_key)); |
| 614 if (it != token_binding_signatures_.end()) { | 615 if (it != token_binding_signatures_.end()) { |
| 615 *out = it->second; | 616 *out = it->second; |
| 616 return OK; | 617 return OK; |
| 617 } | 618 } |
| 618 | 619 |
| 619 std::string key_material; | 620 std::string key_material; |
| 620 if (!crypto_stream_->ExportTokenBindingKeyingMaterial(&key_material)) | 621 if (!crypto_stream_->ExportTokenBindingKeyingMaterial(&key_material)) |
| 621 return ERR_FAILED; | 622 return ERR_FAILED; |
| 622 if (!SignTokenBindingEkm(key_material, key, out)) | 623 if (!CreateTokenBindingSignature(key_material, tb_type, key, out)) |
| 623 return ERR_FAILED; | 624 return ERR_FAILED; |
| 624 token_binding_signatures_.Put(raw_public_key, *out); | 625 token_binding_signatures_.Put(std::make_pair(tb_type, raw_public_key), *out); |
| 625 return OK; | 626 return OK; |
| 626 } | 627 } |
| 627 | 628 |
| 628 int QuicChromiumClientSession::CryptoConnect( | 629 int QuicChromiumClientSession::CryptoConnect( |
| 629 bool require_confirmation, | 630 bool require_confirmation, |
| 630 const CompletionCallback& callback) { | 631 const CompletionCallback& callback) { |
| 631 require_confirmation_ = require_confirmation; | 632 require_confirmation_ = require_confirmation; |
| 632 connect_timing_.connect_start = base::TimeTicks::Now(); | 633 connect_timing_.connect_start = base::TimeTicks::Now(); |
| 633 RecordHandshakeState(STATE_STARTED); | 634 RecordHandshakeState(STATE_STARTED); |
| 634 DCHECK(flow_controller()); | 635 DCHECK(flow_controller()); |
| (...skipping 765 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1400 } | 1401 } |
| 1401 | 1402 |
| 1402 const LoadTimingInfo::ConnectTiming& | 1403 const LoadTimingInfo::ConnectTiming& |
| 1403 QuicChromiumClientSession::GetConnectTiming() { | 1404 QuicChromiumClientSession::GetConnectTiming() { |
| 1404 connect_timing_.ssl_start = connect_timing_.connect_start; | 1405 connect_timing_.ssl_start = connect_timing_.connect_start; |
| 1405 connect_timing_.ssl_end = connect_timing_.connect_end; | 1406 connect_timing_.ssl_end = connect_timing_.connect_end; |
| 1406 return connect_timing_; | 1407 return connect_timing_; |
| 1407 } | 1408 } |
| 1408 | 1409 |
| 1409 } // namespace net | 1410 } // namespace net |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2337253004:
Update Token Binding code to the latest drafts (Closed)
