| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. |
| 4 |
| 5 #ifndef RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| 6 #define RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| 7 |
| 8 #include <openssl/bio.h> |
| 9 #include <openssl/err.h> |
| 10 #include <openssl/pkcs12.h> |
| 11 #include <openssl/ssl.h> |
| 12 #include <openssl/x509.h> |
| 13 |
| 14 #include "platform/globals.h" |
| 15 |
| 16 #include "bin/dartutils.h" |
| 17 #include "platform/text_buffer.h" |
| 18 |
| 19 namespace dart { |
| 20 namespace bin { |
| 21 |
| 22 const bool SSL_LOG_STATUS = false; |
| 23 const bool SSL_LOG_DATA = false; |
| 24 const bool SSL_LOG_CERTS = false; |
| 25 |
| 26 class SecureSocketUtils : public AllStatic { |
| 27 public: |
| 28 static const int SSL_ERROR_MESSAGE_BUFFER_SIZE = 1000; |
| 29 |
| 30 static void ThrowIOException(int status, |
| 31 const char* exception_type, |
| 32 const char* message, |
| 33 const SSL* ssl); |
| 34 |
| 35 static void CheckStatusSSL(int status, |
| 36 const char* type, |
| 37 const char* message, |
| 38 const SSL* ssl); |
| 39 |
| 40 static void CheckStatus(int status, const char* type, const char* message); |
| 41 |
| 42 static bool NoPEMStartLine() { |
| 43 uint32_t last_error = ERR_peek_last_error(); |
| 44 return (ERR_GET_LIB(last_error) == ERR_LIB_PEM) && |
| 45 (ERR_GET_REASON(last_error) == PEM_R_NO_START_LINE); |
| 46 } |
| 47 |
| 48 static void FetchErrorString(const SSL* ssl, TextBuffer* text_buffer); |
| 49 }; |
| 50 |
| 51 |
| 52 // Where the argument to the constructor is the handle for an object |
| 53 // implementing List<int>, this class creates a scope in which a memory-backed |
| 54 // BIO is allocated. Leaving the scope cleans up the BIO and the buffer that |
| 55 // was used to create it. |
| 56 // |
| 57 // Do not make Dart_ API calls while in a ScopedMemBIO. |
| 58 // Do not call Dart_PropagateError while in a ScopedMemBIO. |
| 59 class ScopedMemBIO { |
| 60 public: |
| 61 explicit ScopedMemBIO(Dart_Handle object) { |
| 62 if (!Dart_IsTypedData(object) && !Dart_IsList(object)) { |
| 63 Dart_ThrowException( |
| 64 DartUtils::NewDartArgumentError("Argument is not a List<int>")); |
| 65 } |
| 66 |
| 67 uint8_t* bytes = NULL; |
| 68 intptr_t bytes_len = 0; |
| 69 bool is_typed_data = false; |
| 70 if (Dart_IsTypedData(object)) { |
| 71 is_typed_data = true; |
| 72 Dart_TypedData_Type typ; |
| 73 ThrowIfError(Dart_TypedDataAcquireData( |
| 74 object, &typ, reinterpret_cast<void**>(&bytes), &bytes_len)); |
| 75 } else { |
| 76 ASSERT(Dart_IsList(object)); |
| 77 ThrowIfError(Dart_ListLength(object, &bytes_len)); |
| 78 bytes = Dart_ScopeAllocate(bytes_len); |
| 79 ASSERT(bytes != NULL); |
| 80 ThrowIfError(Dart_ListGetAsBytes(object, 0, bytes, bytes_len)); |
| 81 } |
| 82 |
| 83 object_ = object; |
| 84 bytes_ = bytes; |
| 85 bytes_len_ = bytes_len; |
| 86 bio_ = BIO_new_mem_buf(bytes, bytes_len); |
| 87 ASSERT(bio_ != NULL); |
| 88 is_typed_data_ = is_typed_data; |
| 89 } |
| 90 |
| 91 ~ScopedMemBIO() { |
| 92 ASSERT(bio_ != NULL); |
| 93 if (is_typed_data_) { |
| 94 BIO_free(bio_); |
| 95 ThrowIfError(Dart_TypedDataReleaseData(object_)); |
| 96 } else { |
| 97 BIO_free(bio_); |
| 98 } |
| 99 } |
| 100 |
| 101 BIO* bio() { |
| 102 ASSERT(bio_ != NULL); |
| 103 return bio_; |
| 104 } |
| 105 |
| 106 private: |
| 107 Dart_Handle object_; |
| 108 uint8_t* bytes_; |
| 109 intptr_t bytes_len_; |
| 110 BIO* bio_; |
| 111 bool is_typed_data_; |
| 112 |
| 113 DISALLOW_ALLOCATION(); |
| 114 DISALLOW_COPY_AND_ASSIGN(ScopedMemBIO); |
| 115 }; |
| 116 |
| 117 template <typename T, void (*free_func)(T*)> |
| 118 class ScopedSSLType { |
| 119 public: |
| 120 explicit ScopedSSLType(T* obj) : obj_(obj) {} |
| 121 |
| 122 ~ScopedSSLType() { |
| 123 if (obj_ != NULL) { |
| 124 free_func(obj_); |
| 125 } |
| 126 } |
| 127 |
| 128 T* get() { return obj_; } |
| 129 const T* get() const { return obj_; } |
| 130 |
| 131 T* release() { |
| 132 T* result = obj_; |
| 133 obj_ = NULL; |
| 134 return result; |
| 135 } |
| 136 |
| 137 private: |
| 138 T* obj_; |
| 139 |
| 140 DISALLOW_ALLOCATION(); |
| 141 DISALLOW_COPY_AND_ASSIGN(ScopedSSLType); |
| 142 }; |
| 143 |
| 144 template <typename T, typename E, void (*func)(E*)> |
| 145 class ScopedSSLStackType { |
| 146 public: |
| 147 explicit ScopedSSLStackType(T* obj) : obj_(obj) {} |
| 148 |
| 149 ~ScopedSSLStackType() { |
| 150 if (obj_ != NULL) { |
| 151 sk_pop_free(reinterpret_cast<_STACK*>(obj_), |
| 152 reinterpret_cast<void (*)(void*)>(func)); |
| 153 } |
| 154 } |
| 155 |
| 156 T* get() { return obj_; } |
| 157 const T* get() const { return obj_; } |
| 158 |
| 159 T* release() { |
| 160 T* result = obj_; |
| 161 obj_ = NULL; |
| 162 return result; |
| 163 } |
| 164 |
| 165 private: |
| 166 T* obj_; |
| 167 |
| 168 DISALLOW_ALLOCATION(); |
| 169 DISALLOW_COPY_AND_ASSIGN(ScopedSSLStackType); |
| 170 }; |
| 171 |
| 172 |
| 173 typedef ScopedSSLType<PKCS12, PKCS12_free> ScopedPKCS12; |
| 174 typedef ScopedSSLType<X509, X509_free> ScopedX509; |
| 175 typedef ScopedSSLStackType<STACK_OF(X509), X509, X509_free> ScopedX509Stack; |
| 176 |
| 177 } // namespace bin |
| 178 } // namespace dart |
| 179 |
| 180 #endif // RUNTIME_BIN_SECURE_SOCKET_UTILS_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2903743002:
Porting SecureSocket to use BoringSSL on OSX (Closed)
