runtime/bin/security_context_macos.cc - Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX

Side by Side Diff: runtime/bin/security_context_macos.cc

Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX (Closed)

Patch Set: Additional cleanup Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
(Empty)
	1 // Copyright (c) 2016, the Dart project authors. Please see the AUTHORS file

	2 // for details. All rights reserved. Use of this source code is governed by a

	3 // BSD-style license that can be found in the LICENSE file.

	4

	5 #if !defined(DART_IO_DISABLED) && !defined(DART_IO_SECURE_SOCKET_DISABLED)

	6

	7 #include "platform/globals.h"

	8 #if defined(HOST_OS_MACOS)

	9

	10 #include "bin/security_context.h"

	11

	12 #include <CoreFoundation/CoreFoundation.h>

	13 #include <Security/SecureTransport.h>

	14 #include <Security/Security.h>

	15

	16 #include <openssl/ssl.h>

	17 #include <openssl/x509.h>

	18

	19 #include "bin/secure_socket.h"

	20

	21 namespace dart {

	22 namespace bin {

	23

	24 const intptr_t SSLCertContext::kApproximateSize = sizeof(SSLCertContext);

	25

	26 const char* commandline_root_certs_file = NULL;

	27 const char* commandline_root_certs_cache = NULL;

	28

	29 SecCertificateRef CreateSecCertificateFromX509(X509* cert) {

	30 if (cert == NULL) {

	31 return NULL;

	32 }

	33 unsigned char* deb_cert = NULL;

	34 int length = i2d_X509(cert, &deb_cert);

	35 if (length < 0) {

	36 return 0;

	37 }

	38 ASSERT(deb_cert != NULL);

	39 CFDataRef cert_buf =

	40 CFDataCreateWithBytesNoCopy(NULL, deb_cert, length, kCFAllocatorNull);

	41 SecCertificateRef auth_cert = SecCertificateCreateWithData(NULL, cert_buf);

	42 if (auth_cert == NULL) {

	43 return NULL;

	44 }

	45 return auth_cert;

	46 }

	47

	48

	49 static int CertificateVerificationCallback(X509_STORE_CTX* ctx, void* arg) {

	50 SSLCertContext* context = static_cast<SSLCertContext*>(arg);

	51

	52 // Convert BoringSSL formatted certificates to SecCertificate certificates.

	53 CFMutableArrayRef cert_chain = NULL;

	54 X509* root_cert = NULL;

	55 if (ctx->untrusted != NULL) {

	56 STACK_OF(X509)* user_provided_certs = ctx->untrusted;

	57 int num_certs = sk_X509_num(user_provided_certs);

	58 int current_cert = 0;

	59 cert_chain = CFArrayCreateMutable(NULL, num_certs, NULL);

	60 X509* ca;

	61 while ((ca = sk_X509_shift(user_provided_certs)) != NULL) {

	62 SecCertificateRef cert = CreateSecCertificateFromX509(ca);

	63 if (cert == NULL) {

	64 CFRelease(cert_chain);

	65 return ctx->verify_cb(0, ctx);

	66 }

	67 CFArrayAppendValue(cert_chain, cert);

	68 ++current_cert;

	69

	70 if (current_cert == num_certs) {

	71 root_cert = ca;

	72 }

	73 }

	74 }

	75

	76 // Convert all trusted certificates provided by the user via

	77 // setTrustedCertificatesBytes or the command line into SecCertificates.

	78 CFMutableArrayRef trusted_certs = CFArrayCreateMutable(NULL, 0, NULL);

	79 X509_STORE* store = ctx->ctx;

	80 ASSERT(store != NULL);

	81

	82 if (store->objs != NULL) {

	83 for (uintptr_t i = 0; i < sk_X509_OBJECT_num(store->objs); ++i) {

	84 X509* ca = sk_X509_OBJECT_value(store->objs, i)->data.x509;

	85 SecCertificateRef cert = CreateSecCertificateFromX509(ca);

	86 if (cert == NULL) {

	87 CFRelease(trusted_certs);

	88 return ctx->verify_cb(0, ctx);

	89 }

	90 CFArrayAppendValue(trusted_certs, cert);

	91 }

	92 }

	93

	94 // Generate a generic X509 verification policy.

	95 SecPolicyRef policy = SecPolicyCreateBasicX509();

	96

	97 // Create the trust object with the certificates provided by the user.

	98 SecTrustRef trust = NULL;

	99 OSStatus status = SecTrustCreateWithCertificates(cert_chain, policy, &trust);

	100 if (status != noErr) {

	101 CFRelease(cert_chain);

	102 CFRelease(policy);
	zra 2017/06/02 22:56:24 Maybe a scope class would be useful here so that w Maybe a scope class would be useful here so that we don't forget to release something: // Pseudo-code. No guarantees that this is right. class CFTypeRefScope { public: explicit CFTypeRefScope(CFTypeRef ref) : ref_(ref) {} ~CFTypeRefScope() { CFRelease(ref_); } private: CFTypeRef ref_; DISALLOW_ALLOCATION(); DISALLOC_COPY_AND_ASSIGN(CFTypeRefScope); }; If you are feeling extra fancy, you could template it on the actual CF type... bkonyi 2017/06/05 20:25:52 Done. Show quoted text On 2017/06/02 22:56:24, zra wrote: > Maybe a scope class would be useful here so that we don't forget to release > something: > > // Pseudo-code. No guarantees that this is right. > > class CFTypeRefScope { > public: > explicit CFTypeRefScope(CFTypeRef ref) : ref_(ref) {} > ~CFTypeRefScope() { CFRelease(ref_); } > > private: > CFTypeRef ref_; > > DISALLOW_ALLOCATION(); > DISALLOC_COPY_AND_ASSIGN(CFTypeRefScope); > }; > > If you are feeling extra fancy, you could template it on the actual CF type... Done.
	103 return ctx->verify_cb(0, ctx);

	104 }

	105

	106 // If the user provided any additional CA certificates, add them to the trust

	107 // object.

	108 if (CFArrayGetCount(trusted_certs) > 0) {

	109 status = SecTrustSetAnchorCertificates(trust, trusted_certs);

	110 if (status != noErr) {

	111 CFRelease(cert_chain);

	112 CFRelease(policy);

	113 CFRelease(trust);

	114 return ctx->verify_cb(0, ctx);

	115 }

	116 }

	117

	118 // Specify whether or not to use the built-in CA certificates for

	119 // verification.

	120 status = SecTrustSetAnchorCertificatesOnly(trust, !context->trust_builtin());

	121 if (status != noErr) {

	122 CFRelease(cert_chain);

	123 CFRelease(policy);

	124 CFRelease(trust);

	125 return ctx->verify_cb(0, ctx);

	126 }

	127

	128 // Perform the certificate verification.

	129 SecTrustResultType trust_result;

	130 status = SecTrustEvaluate(trust, &trust_result);

	131 if (status != noErr) {

	132 CFRelease(cert_chain);

	133 CFRelease(policy);

	134 CFRelease(trust);

	135 return ctx->verify_cb(0, ctx);

	136 }

	137

	138 CFRelease(cert_chain);

	139 CFRelease(policy);

	140 CFRelease(trust);

	141

	142 if ((trust_result == kSecTrustResultProceed) \|\|

	143 (trust_result == kSecTrustResultUnspecified)) {

	144 // Successfully verified certificate!

	145 return ctx->verify_cb(1, ctx);

	146 }

	147

	148 // Set current_cert to the root of the certificate chain. This will be passed

	149 // to the callback provided by the user for additional verification steps.

	150 ctx->current_cert = root_cert;

	151 return ctx->verify_cb(0, ctx);

	152 }

	153

	154

	155 void SSLFilter::RegisterCallbacks(SSLCertContext* cert_ctx) {

	156 SSL_CTX* ctx = SSL_get_SSL_CTX(ssl_);

	157 SSL_CTX_set_cert_verify_callback(ctx, CertificateVerificationCallback,

	158 cert_ctx);

	159 }

	160

	161

	162 void SSLCertContext::TrustBuiltinRoots() {

	163 // First, try to use locations specified on the command line.

	164 if (commandline_root_certs_file != NULL) {

	165 LoadRootCertFile(commandline_root_certs_file);

	166 return;

	167 }

	168 if (commandline_root_certs_cache != NULL) {

	169 LoadRootCertCache(commandline_root_certs_cache);

	170 return;

	171 }

	172 set_trust_builtin(true);

	173 }

	174

	175 } // namespace bin

	176 } // namespace dart

	177

	178 #endif // defined(HOST_OS_MACOS)

	179 #endif // !defined(DART_IO_DISABLED) &&

	180 // !defined(DART_IO_SECURE_SOCKET_DISABLED)

OLD	NEW

« runtime/bin/security_context_boringssl.cc ('K') | « runtime/bin/security_context_boringssl.cc ('k') | no next file » | no next file with comments »