Chromium Code Reviews Chromium Code Reviews
Issue 2903743002:
Porting SecureSocket to use BoringSSL on OSX (Closed)
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file | |
| 2 // for details. All rights reserved. Use of this source code is governed by a | |
| 3 // BSD-style license that can be found in the LICENSE file. | |
| 4 | |
| 5 #ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_ | |
| 6 #define RUNTIME_BIN_SECURITY_CONTEXT_H_ | |
| 7 | |
| 8 #include <openssl/ssl.h> | |
| 9 #include <openssl/x509.h> | |
| 10 | |
| 11 #include "bin/lockers.h" | |
| 12 #include "bin/reference_counting.h" | |
| 13 #include "bin/socket.h" | |
| 14 | |
| 15 namespace dart { | |
| 16 namespace bin { | |
| 17 | |
| 18 // Forward declaration | |
| 19 class SSLFilter; | |
| 20 | |
| 21 class SSLCertContext : public ReferenceCounted<SSLCertContext> { | |
| 22 public: | |
| 23 static const intptr_t kApproximateSize; | |
| 24 static const int kSecurityContextNativeFieldIndex = 0; | |
| 25 static const int kX509NativeFieldIndex = 0; | |
| 26 | |
| 27 explicit SSLCertContext(SSL_CTX* context) | |
| 28 : ReferenceCounted(), | |
| 29 context_(context), | |
| 30 alpn_protocol_string_(NULL), | |
| 31 trust_builtin_(false) {} | |
| 32 | |
| 33 ~SSLCertContext() { | |
| 34 SSL_CTX_free(context_); | |
| 35 if (alpn_protocol_string_ != NULL) { | |
| 36 free(alpn_protocol_string_); | |
| 37 } | |
| 38 } | |
| 39 | |
| 40 static SSLCertContext* GetSecurityContext(Dart_NativeArguments args); | |
| 41 static const char* GetPasswordArgument(Dart_NativeArguments args, | |
| 42 intptr_t index); | |
| 43 static void SetAlpnProtocolList(Dart_Handle protocols_handle, | |
| 44 SSL* ssl, | |
| 45 SSLCertContext* context, | |
| 46 bool is_server); | |
| 47 | |
| 48 void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, | |
| 49 const char* password); | |
| 50 | |
| 51 void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, | |
| 52 const char* password); | |
| 53 | |
| 54 int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, | |
| 55 const char* password); | |
| 56 | |
| 57 void TrustBuiltinRoots(); | |
| 58 | |
| 59 SSL_CTX* context() const { return context_; } | |
| 60 | |
| 61 uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; } | |
| 62 | |
| 63 void set_alpn_protocol_string(uint8_t* protocol_string) { | |
| 64 if (alpn_protocol_string_ != NULL) { | |
| 65 free(alpn_protocol_string_); | |
| 66 } | |
| 67 alpn_protocol_string_ = protocol_string; | |
| 68 } | |
| 69 | |
| 70 bool trust_builtin() const { return trust_builtin_; } | |
| 71 | |
| 72 void set_trust_builtin(bool trust_builtin) { trust_builtin_ = trust_builtin; } | |
| 73 | |
| 74 void RegisterCallbacks(SSL* ssl); | |
| 75 | |
| 76 private: | |
| 77 void AddCompiledInCerts(); | |
| 78 void LoadRootCertFile(const char* file); | |
| 79 void LoadRootCertCache(const char* cache); | |
| 80 | |
| 81 SSL_CTX* context_; | |
| 82 uint8_t* alpn_protocol_string_; | |
| 83 | |
| 84 bool trust_builtin_; | |
| 85 | |
| 86 DISALLOW_COPY_AND_ASSIGN(SSLCertContext); | |
| 87 }; | |
| 88 | |
| 89 | |
| 90 class X509Helper : public AllStatic { | |
| 91 public: | |
| 92 static Dart_Handle GetSubject(Dart_NativeArguments args); | |
| 93 static Dart_Handle GetIssuer(Dart_NativeArguments args); | |
| 94 static Dart_Handle GetStartValidity(Dart_NativeArguments args); | |
| 95 static Dart_Handle GetEndValidity(Dart_NativeArguments args); | |
| 96 | |
| 97 private: | |
| 98 DISALLOW_ALLOCATION(); | |
|
zra
2017/06/05 21:06:31
AllStatic already adds these, I believe.
bkonyi
2017/06/06 00:48:35
Done.
| |
| 99 DISALLOW_IMPLICIT_CONSTRUCTORS(X509Helper); | |
| 100 }; | |
| 101 | |
| 102 } // namespace bin | |
| 103 } // namespace dart | |
| 104 | |
| 105 #endif // RUNTIME_BIN_SECURITY_CONTEXT_H_ | |
| OLD | NEW |
