Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(558)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: runtime/bin/secure_socket_boringssl.h

Issue 2903743002: Porting SecureSocket to use BoringSSL on OSX (Closed)
Patch Set: General cleanup Created 3 years, 7 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« runtime/bin/secure_socket.cc ('K') | « runtime/bin/secure_socket.cc ('k') | runtime/bin/secure_socket_boringssl.cc » ('j') | runtime/bin/secure_socket_ios.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: runtime/bin/secure_socket_boringssl.h
diff --git a/runtime/bin/secure_socket_boringssl.h b/runtime/bin/secure_socket_boringssl.h
index e14171d555854675d6d6b53a32115da3300f15cf..08742412be4a622ed6038351ee19cdcab2251a08 100644
--- a/runtime/bin/secure_socket_boringssl.h
+++ b/runtime/bin/secure_socket_boringssl.h
@@ -29,18 +29,17 @@
namespace dart {
namespace bin {
-/* These are defined in root_certificates.cc. */
-extern const unsigned char* root_certificates_pem;
-extern unsigned int root_certificates_pem_length;
-
-class SSLContext {
+class SSLCertContext {
public:
static const intptr_t kApproximateSize;
+ static SSLCertContext* GetSecurityContext(Dart_NativeArguments args);
+ static const char* GetPasswordArgument(Dart_NativeArguments args,
+ intptr_t index);
- explicit SSLContext(SSL_CTX* context)
+ explicit SSLCertContext(SSL_CTX* context)
: context_(context), alpn_protocol_string_(NULL) {}
- ~SSLContext() {
+ ~SSLCertContext() {
SSL_CTX_free(context_);
if (alpn_protocol_string_ != NULL) {
free(alpn_protocol_string_);
@@ -61,106 +60,7 @@ class SSLContext {
SSL_CTX* context_;
uint8_t* alpn_protocol_string_;
- DISALLOW_COPY_AND_ASSIGN(SSLContext);
-};
-
-/*
- * SSLFilter encapsulates the SSL(TLS) code in a filter, that communicates
- * with the containing _SecureFilterImpl Dart object through four shared
- * ExternalByteArray buffers, for reading and writing plaintext, and
- * reading and writing encrypted text. The filter handles handshaking
- * and certificate verification.
- */
-class SSLFilter : public ReferenceCounted<SSLFilter> {
- public:
- // These enums must agree with those in sdk/lib/io/secure_socket.dart.
- enum BufferIndex {
- kReadPlaintext,
- kWritePlaintext,
- kReadEncrypted,
- kWriteEncrypted,
- kNumBuffers,
- kFirstEncrypted = kReadEncrypted
- };
-
- static const intptr_t kApproximateSize;
-
- SSLFilter()
- : callback_error(NULL),
- ssl_(NULL),
- socket_side_(NULL),
- string_start_(NULL),
- string_length_(NULL),
- handshake_complete_(NULL),
- bad_certificate_callback_(NULL),
- in_handshake_(false),
- hostname_(NULL) {}
-
- ~SSLFilter();
-
- Dart_Handle Init(Dart_Handle dart_this);
- void Connect(const char* hostname,
- SSL_CTX* context,
- bool is_server,
- bool request_client_certificate,
- bool require_client_certificate,
- Dart_Handle protocols_handle);
- void Destroy();
- void FreeResources();
- void Handshake();
- void GetSelectedProtocol(Dart_NativeArguments args);
- void Renegotiate(bool use_session_cache,
- bool request_client_certificate,
- bool require_client_certificate);
- void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete);
- void RegisterBadCertificateCallback(Dart_Handle callback);
- Dart_Handle bad_certificate_callback() {
- return Dart_HandleFromPersistent(bad_certificate_callback_);
- }
- int ProcessReadPlaintextBuffer(int start, int end);
- int ProcessWritePlaintextBuffer(int start, int end);
- int ProcessReadEncryptedBuffer(int start, int end);
- int ProcessWriteEncryptedBuffer(int start, int end);
- bool ProcessAllBuffers(int starts[kNumBuffers],
- int ends[kNumBuffers],
- bool in_handshake);
- Dart_Handle PeerCertificate();
- static void InitializeLibrary();
- Dart_Handle callback_error;
-
- static CObject* ProcessFilterRequest(const CObjectArray& request);
-
- // The index of the external data field in _ssl that points to the SSLFilter.
- static int filter_ssl_index;
-
- // TODO(whesse): make private:
- SSL* ssl_;
- BIO* socket_side_;
-
- private:
- static const intptr_t kInternalBIOSize;
- static bool library_initialized_;
- static Mutex* mutex_; // To protect library initialization.
-
- uint8_t* buffers_[kNumBuffers];
- int buffer_size_;
- int encrypted_buffer_size_;
- Dart_PersistentHandle string_start_;
- Dart_PersistentHandle string_length_;
- Dart_PersistentHandle dart_buffer_objects_[kNumBuffers];
- Dart_PersistentHandle handshake_complete_;
- Dart_PersistentHandle bad_certificate_callback_;
- bool in_handshake_;
- bool is_server_;
- char* hostname_;
-
- static bool isBufferEncrypted(int i) {
- return static_cast<BufferIndex>(i) >= kFirstEncrypted;
- }
- Dart_Handle InitializeBuffers(Dart_Handle dart_this);
- void InitializePlatformData();
-
- DISALLOW_COPY_AND_ASSIGN(SSLFilter);
+ DISALLOW_COPY_AND_ASSIGN(SSLCertContext);
};
} // namespace bin
« runtime/bin/secure_socket.cc ('K') | « runtime/bin/secure_socket.cc ('k') | runtime/bin/secure_socket_boringssl.cc » ('j') | runtime/bin/secure_socket_ios.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698