| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
| 2 // for details. All rights reserved. Use of this source code is governed by a |
| 3 // BSD-style license that can be found in the LICENSE file. |
| 4 |
| 5 #ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| 6 #define RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| 7 |
| 8 #include <openssl/ssl.h> |
| 9 #include <openssl/x509.h> |
| 10 |
| 11 #include "bin/lockers.h" |
| 12 #include "bin/reference_counting.h" |
| 13 #include "bin/socket.h" |
| 14 |
| 15 namespace dart { |
| 16 namespace bin { |
| 17 |
| 18 // Forward declaration |
| 19 class SSLFilter; |
| 20 |
| 21 class SSLCertContext : public ReferenceCounted<SSLCertContext> { |
| 22 public: |
| 23 static const intptr_t kApproximateSize; |
| 24 static const int kSecurityContextNativeFieldIndex = 0; |
| 25 static const int kX509NativeFieldIndex = 0; |
| 26 |
| 27 explicit SSLCertContext(SSL_CTX* context) |
| 28 : ReferenceCounted(), |
| 29 context_(context), |
| 30 alpn_protocol_string_(NULL), |
| 31 trust_builtin_(false) {} |
| 32 |
| 33 ~SSLCertContext() { |
| 34 SSL_CTX_free(context_); |
| 35 if (alpn_protocol_string_ != NULL) { |
| 36 free(alpn_protocol_string_); |
| 37 } |
| 38 } |
| 39 |
| 40 static int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx); |
| 41 |
| 42 static SSLCertContext* GetSecurityContext(Dart_NativeArguments args); |
| 43 static const char* GetPasswordArgument(Dart_NativeArguments args, |
| 44 intptr_t index); |
| 45 static void SetAlpnProtocolList(Dart_Handle protocols_handle, |
| 46 SSL* ssl, |
| 47 SSLCertContext* context, |
| 48 bool is_server); |
| 49 |
| 50 void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, |
| 51 const char* password); |
| 52 |
| 53 void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, |
| 54 const char* password); |
| 55 |
| 56 int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, |
| 57 const char* password); |
| 58 |
| 59 void TrustBuiltinRoots(); |
| 60 |
| 61 SSL_CTX* context() const { return context_; } |
| 62 |
| 63 uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; } |
| 64 |
| 65 void set_alpn_protocol_string(uint8_t* protocol_string) { |
| 66 if (alpn_protocol_string_ != NULL) { |
| 67 free(alpn_protocol_string_); |
| 68 } |
| 69 alpn_protocol_string_ = protocol_string; |
| 70 } |
| 71 |
| 72 bool trust_builtin() const { return trust_builtin_; } |
| 73 |
| 74 void set_trust_builtin(bool trust_builtin) { trust_builtin_ = trust_builtin; } |
| 75 |
| 76 void RegisterCallbacks(SSL* ssl); |
| 77 |
| 78 private: |
| 79 void AddCompiledInCerts(); |
| 80 void LoadRootCertFile(const char* file); |
| 81 void LoadRootCertCache(const char* cache); |
| 82 |
| 83 SSL_CTX* context_; |
| 84 uint8_t* alpn_protocol_string_; |
| 85 |
| 86 bool trust_builtin_; |
| 87 |
| 88 DISALLOW_COPY_AND_ASSIGN(SSLCertContext); |
| 89 }; |
| 90 |
| 91 |
| 92 class X509Helper : public AllStatic { |
| 93 public: |
| 94 static Dart_Handle GetSubject(Dart_NativeArguments args); |
| 95 static Dart_Handle GetIssuer(Dart_NativeArguments args); |
| 96 static Dart_Handle GetStartValidity(Dart_NativeArguments args); |
| 97 static Dart_Handle GetEndValidity(Dart_NativeArguments args); |
| 98 static Dart_Handle WrappedX509Certificate(X509* certificate); |
| 99 }; |
| 100 |
| 101 } // namespace bin |
| 102 } // namespace dart |
| 103 |
| 104 #endif // RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2903743002:
Porting SecureSocket to use BoringSSL on OSX (Closed)
