| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. |
| 4 |
| 5 #ifndef RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| 6 #define RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| 7 |
| 8 #if !defined(RUNTIME_BIN_SECURE_SOCKET_H_) |
| 9 #error Do not include secure_scope_utils.h directly. Use secure_socket.h. |
| 10 #endif |
| 11 |
| 12 #include <openssl/bio.h> |
| 13 #include <openssl/err.h> |
| 14 #include <openssl/pkcs12.h> |
| 15 #include <openssl/ssl.h> |
| 16 #include <openssl/x509.h> |
| 17 |
| 18 |
| 19 namespace dart { |
| 20 namespace bin { |
| 21 |
| 22 class SecureSocketUtils : public AllStatic { |
| 23 public: |
| 24 static void ThrowIOException(int status, |
| 25 const char* exception_type, |
| 26 const char* message, |
| 27 const SSL* ssl); |
| 28 |
| 29 static void CheckStatusSSL(int status, |
| 30 const char* type, |
| 31 const char* message, |
| 32 const SSL* ssl); |
| 33 |
| 34 static void CheckStatus(int status, const char* type, const char* message); |
| 35 |
| 36 static bool NoPEMStartLine() { |
| 37 uint32_t last_error = ERR_peek_last_error(); |
| 38 return (ERR_GET_LIB(last_error) == ERR_LIB_PEM) && |
| 39 (ERR_GET_REASON(last_error) == PEM_R_NO_START_LINE); |
| 40 } |
| 41 |
| 42 private: |
| 43 DISALLOW_ALLOCATION(); |
| 44 DISALLOW_IMPLICIT_CONSTRUCTORS(SecureSocketUtils); |
| 45 }; |
| 46 |
| 47 |
| 48 // Where the argument to the constructor is the handle for an object |
| 49 // implementing List<int>, this class creates a scope in which a memory-backed |
| 50 // BIO is allocated. Leaving the scope cleans up the BIO and the buffer that |
| 51 // was used to create it. |
| 52 // |
| 53 // Do not make Dart_ API calls while in a ScopedMemBIO. |
| 54 // Do not call Dart_PropagateError while in a ScopedMemBIO. |
| 55 class ScopedMemBIO { |
| 56 public: |
| 57 explicit ScopedMemBIO(Dart_Handle object) { |
| 58 if (!Dart_IsTypedData(object) && !Dart_IsList(object)) { |
| 59 Dart_ThrowException( |
| 60 DartUtils::NewDartArgumentError("Argument is not a List<int>")); |
| 61 } |
| 62 |
| 63 uint8_t* bytes = NULL; |
| 64 intptr_t bytes_len = 0; |
| 65 bool is_typed_data = false; |
| 66 if (Dart_IsTypedData(object)) { |
| 67 is_typed_data = true; |
| 68 Dart_TypedData_Type typ; |
| 69 ThrowIfError(Dart_TypedDataAcquireData( |
| 70 object, &typ, reinterpret_cast<void**>(&bytes), &bytes_len)); |
| 71 } else { |
| 72 ASSERT(Dart_IsList(object)); |
| 73 ThrowIfError(Dart_ListLength(object, &bytes_len)); |
| 74 bytes = Dart_ScopeAllocate(bytes_len); |
| 75 ASSERT(bytes != NULL); |
| 76 ThrowIfError(Dart_ListGetAsBytes(object, 0, bytes, bytes_len)); |
| 77 } |
| 78 |
| 79 object_ = object; |
| 80 bytes_ = bytes; |
| 81 bytes_len_ = bytes_len; |
| 82 bio_ = BIO_new_mem_buf(bytes, bytes_len); |
| 83 ASSERT(bio_ != NULL); |
| 84 is_typed_data_ = is_typed_data; |
| 85 } |
| 86 |
| 87 ~ScopedMemBIO() { |
| 88 ASSERT(bio_ != NULL); |
| 89 if (is_typed_data_) { |
| 90 BIO_free(bio_); |
| 91 ThrowIfError(Dart_TypedDataReleaseData(object_)); |
| 92 } else { |
| 93 BIO_free(bio_); |
| 94 } |
| 95 } |
| 96 |
| 97 BIO* bio() { |
| 98 ASSERT(bio_ != NULL); |
| 99 return bio_; |
| 100 } |
| 101 |
| 102 private: |
| 103 Dart_Handle object_; |
| 104 uint8_t* bytes_; |
| 105 intptr_t bytes_len_; |
| 106 BIO* bio_; |
| 107 bool is_typed_data_; |
| 108 |
| 109 DISALLOW_ALLOCATION(); |
| 110 DISALLOW_COPY_AND_ASSIGN(ScopedMemBIO); |
| 111 }; |
| 112 |
| 113 template <typename T, void (*free_func)(T*)> |
| 114 class ScopedSSLType { |
| 115 public: |
| 116 explicit ScopedSSLType(T* obj) : obj_(obj) {} |
| 117 |
| 118 ~ScopedSSLType() { |
| 119 if (obj_ != NULL) { |
| 120 free_func(obj_); |
| 121 } |
| 122 } |
| 123 |
| 124 T* get() { return obj_; } |
| 125 const T* get() const { return obj_; } |
| 126 |
| 127 T* release() { |
| 128 T* result = obj_; |
| 129 obj_ = NULL; |
| 130 return result; |
| 131 } |
| 132 |
| 133 private: |
| 134 T* obj_; |
| 135 |
| 136 DISALLOW_ALLOCATION(); |
| 137 DISALLOW_COPY_AND_ASSIGN(ScopedSSLType); |
| 138 }; |
| 139 |
| 140 template <typename T, typename E, void (*func)(E*)> |
| 141 class ScopedSSLStackType { |
| 142 public: |
| 143 explicit ScopedSSLStackType(T* obj) : obj_(obj) {} |
| 144 |
| 145 ~ScopedSSLStackType() { |
| 146 if (obj_ != NULL) { |
| 147 sk_pop_free(reinterpret_cast<_STACK*>(obj_), |
| 148 reinterpret_cast<void (*)(void*)>(func)); |
| 149 } |
| 150 } |
| 151 |
| 152 T* get() { return obj_; } |
| 153 const T* get() const { return obj_; } |
| 154 |
| 155 T* release() { |
| 156 T* result = obj_; |
| 157 obj_ = NULL; |
| 158 return result; |
| 159 } |
| 160 |
| 161 private: |
| 162 T* obj_; |
| 163 |
| 164 DISALLOW_ALLOCATION(); |
| 165 DISALLOW_COPY_AND_ASSIGN(ScopedSSLStackType); |
| 166 }; |
| 167 |
| 168 |
| 169 typedef ScopedSSLType<PKCS12, PKCS12_free> ScopedPKCS12; |
| 170 typedef ScopedSSLType<X509, X509_free> ScopedX509; |
| 171 typedef ScopedSSLStackType<STACK_OF(X509), X509, X509_free> ScopedX509Stack; |
| 172 |
| 173 } // namespace bin |
| 174 } // namespace dart |
| 175 |
| 176 #endif // RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2903743002:
Porting SecureSocket to use BoringSSL on OSX (Closed)
