runtime/bin/secure_socket_boringssl.h - Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX

Side by Side Diff: runtime/bin/secure_socket_boringssl.h

Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX (Closed)

Patch Set: Addressed nits, confirmed change works on Windows Created 3 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

OLD	NEW
	(Empty)
1 // Copyright (c) 2012, the Dart project authors. Please see the AUTHORS file

2 // for details. All rights reserved. Use of this source code is governed by a

3 // BSD-style license that can be found in the LICENSE file.

4

5 #ifndef RUNTIME_BIN_SECURE_SOCKET_BORINGSSL_H_

6 #define RUNTIME_BIN_SECURE_SOCKET_BORINGSSL_H_

7

8 #if !defined(RUNTIME_BIN_SECURE_SOCKET_H_)

9 #error Do not include secure_socket_boringssl.h directly. Use secure_socket.h.

10 #endif

11

12 #include <stdio.h>

13 #include <stdlib.h>

14 #include <string.h>

15 #include <sys/types.h>

16

17 #include <openssl/bio.h>

18 #include <openssl/err.h>

19 #include <openssl/ssl.h>

20 #include <openssl/x509.h>

21

22 #include "bin/builtin.h"

23 #include "bin/dartutils.h"

24 #include "bin/reference_counting.h"

25 #include "bin/socket.h"

26 #include "bin/thread.h"

27 #include "bin/utils.h"

28

29 namespace dart {

30 namespace bin {

31

32 /* These are defined in root_certificates.cc. */

33 extern const unsigned char* root_certificates_pem;

34 extern unsigned int root_certificates_pem_length;

35

36 class SSLContext {

37 public:

38 static const intptr_t kApproximateSize;

39

40 explicit SSLContext(SSL_CTX* context)

41 : context_(context), alpn_protocol_string_(NULL) {}

42

43 ~SSLContext() {

44 SSL_CTX_free(context_);

45 if (alpn_protocol_string_ != NULL) {

46 free(alpn_protocol_string_);

47 }

48 }

49

50 SSL_CTX* context() const { return context_; }

51

52 uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; }

53 void set_alpn_protocol_string(uint8_t* protocol_string) {

54 if (alpn_protocol_string_ != NULL) {

55 free(alpn_protocol_string_);

56 }

57 alpn_protocol_string_ = protocol_string;

58 }

59

60 private:

61 SSL_CTX* context_;

62 uint8_t* alpn_protocol_string_;

63

64 DISALLOW_COPY_AND_ASSIGN(SSLContext);

65 };

66

67 /*

68 * SSLFilter encapsulates the SSL(TLS) code in a filter, that communicates

69 * with the containing _SecureFilterImpl Dart object through four shared

70 * ExternalByteArray buffers, for reading and writing plaintext, and

71 * reading and writing encrypted text. The filter handles handshaking

72 * and certificate verification.

73 */

74 class SSLFilter : public ReferenceCounted<SSLFilter> {

75 public:

76 // These enums must agree with those in sdk/lib/io/secure_socket.dart.

77 enum BufferIndex {

78 kReadPlaintext,

79 kWritePlaintext,

80 kReadEncrypted,

81 kWriteEncrypted,

82 kNumBuffers,

83 kFirstEncrypted = kReadEncrypted

84 };

85

86 static const intptr_t kApproximateSize;

87

88 SSLFilter()

89 : callback_error(NULL),

90 ssl_(NULL),

91 socket_side_(NULL),

92 string_start_(NULL),

93 string_length_(NULL),

94 handshake_complete_(NULL),

95 bad_certificate_callback_(NULL),

96 in_handshake_(false),

97 hostname_(NULL) {}

98

99 ~SSLFilter();

100

101 Dart_Handle Init(Dart_Handle dart_this);

102 void Connect(const char* hostname,

103 SSL_CTX* context,

104 bool is_server,

105 bool request_client_certificate,

106 bool require_client_certificate,

107 Dart_Handle protocols_handle);

108 void Destroy();

109 void FreeResources();

110 void Handshake();

111 void GetSelectedProtocol(Dart_NativeArguments args);

112 void Renegotiate(bool use_session_cache,

113 bool request_client_certificate,

114 bool require_client_certificate);

115 void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete);

116 void RegisterBadCertificateCallback(Dart_Handle callback);

117 Dart_Handle bad_certificate_callback() {

118 return Dart_HandleFromPersistent(bad_certificate_callback_);

119 }

120 int ProcessReadPlaintextBuffer(int start, int end);

121 int ProcessWritePlaintextBuffer(int start, int end);

122 int ProcessReadEncryptedBuffer(int start, int end);

123 int ProcessWriteEncryptedBuffer(int start, int end);

124 bool ProcessAllBuffers(int starts[kNumBuffers],

125 int ends[kNumBuffers],

126 bool in_handshake);

127 Dart_Handle PeerCertificate();

128 static void InitializeLibrary();

129 Dart_Handle callback_error;

130

131 static CObject* ProcessFilterRequest(const CObjectArray& request);

132

133 // The index of the external data field in _ssl that points to the SSLFilter.

134 static int filter_ssl_index;

135

136 // TODO(whesse): make private:

137 SSL* ssl_;

138 BIO* socket_side_;

139

140 private:

141 static const intptr_t kInternalBIOSize;

142 static bool library_initialized_;

143 static Mutex* mutex_; // To protect library initialization.

144

145 uint8_t* buffers_[kNumBuffers];

146 int buffer_size_;

147 int encrypted_buffer_size_;

148 Dart_PersistentHandle string_start_;

149 Dart_PersistentHandle string_length_;

150 Dart_PersistentHandle dart_buffer_objects_[kNumBuffers];

151 Dart_PersistentHandle handshake_complete_;

152 Dart_PersistentHandle bad_certificate_callback_;

153 bool in_handshake_;

154 bool is_server_;

155 char* hostname_;

156

157 static bool isBufferEncrypted(int i) {

158 return static_cast<BufferIndex>(i) >= kFirstEncrypted;

159 }

160 Dart_Handle InitializeBuffers(Dart_Handle dart_this);

161 void InitializePlatformData();

162

163 DISALLOW_COPY_AND_ASSIGN(SSLFilter);

164 };

165

166 } // namespace bin

167 } // namespace dart

168

169 #endif // RUNTIME_BIN_SECURE_SOCKET_BORINGSSL_H_

OLD	NEW

« no previous file with comments | « runtime/bin/secure_socket.h ('k') | runtime/bin/secure_socket_boringssl.cc » ('j') | no next file with comments »