Chromium Code Reviews

Issue 6804032: Add TLS-SRP (RFC 5054) support

Created:
9 years, 8 months ago by sqs
Modified:
6 years, 4 months ago
Reviewers:
agl, wtc, sqs
CC:
chromium-reviews
Visibility:
Public.

Description

Add TLS-SRP (RFC 5054) support to allow mutual authentication and TLS session establishment using passwords. Other discussion at: http://groups.google.com/a/chromium.org/group/chromium-discuss/browse_thread/thread/f4d1fbac7bceebe9# http://trustedhttp.org/wiki/TLS-SRP_in_Chrome Includes additions to Chrome net/ and chrome/ as well as OpenSSL, NSS, and TLS Lite. It updates URLRequest, HTTP transaction, and NSS SSL client socket code in net/ and exposes SetTLSLogin and ContinueWithTLSLogin (etc.) methods in URLRequest. The UI code presents a login dialog when users browse to TLS-SRP-enabled servers and displays the logged-in username in the location bar. It also displays the TLS-SRP security information in the page info display. Adds httpsv scheme that requires TLS-SRP authentication in a TLS connection. BUG= TEST=Linux only for now. net_unittests and base_unittests pass; some unit_tests currently fail. Requires external patches to NSS; see http://trustedhttp.org/wiki/TLS-SRP_in_Chrome for more information.

Patch Set 1 #

Total comments: 3

Patch Set 2 : add over_protocol to auth structs; refactor in url_request_unittest; revert date updates #

Patch Set 3 : use system srp and mpi libs, not local copies #

Total comments: 2

Patch Set 4 : remove "httpsv" scheme, minor NSS/OpenSSL changes #

Unified diffs Side-by-side diffs Stats (+4930 lines, -189 lines)
M chrome/app/generated_resources.grd View 1 chunk +14 lines, -0 lines 0 comments
A chrome/app/theme/omnibox_account.png View 1 2 Binary file 0 comments
M chrome/app/theme/theme_resources.grd View 1 2 1 chunk +1 line, -0 lines 0 comments
M chrome/browser/history/text_database_unittest.cc View 1 2 2 chunks +2 lines, -0 lines 0 comments
M chrome/browser/load_from_memory_cache_details.h View 1 2 3 chunks +4 lines, -1 line 0 comments
M chrome/browser/load_from_memory_cache_details.cc View 1 2 1 chunk +4 lines, -2 lines 0 comments
M chrome/browser/page_info_model.cc View 1 2 3 4 chunks +25 lines, -2 lines 0 comments
M chrome/browser/renderer_host/resource_dispatcher_host.h View 1 2 1 chunk +3 lines, -0 lines 0 comments
M chrome/browser/renderer_host/resource_dispatcher_host.cc View 1 2 3 chunks +27 lines, -2 lines 0 comments
M chrome/browser/renderer_host/resource_request_details.h View 1 2 2 chunks +2 lines, -0 lines 0 comments
M chrome/browser/renderer_host/resource_request_details.cc View 1 2 1 chunk +2 lines, -1 line 0 comments
M chrome/browser/ssl/ssl_manager.h View 1 2 1 chunk +4 lines, -2 lines 0 comments
M chrome/browser/ssl/ssl_manager.cc View 1 2 8 chunks +18 lines, -7 lines 0 comments
M chrome/browser/ssl/ssl_policy.cc View 1 2 3 chunks +8 lines, -7 lines 0 comments
M chrome/browser/ssl/ssl_request_info.h View 1 2 3 chunks +4 lines, -1 line 0 comments
M chrome/browser/ssl/ssl_request_info.cc View 1 2 1 chunk +4 lines, -2 lines 0 comments
M chrome/browser/tab_contents/navigation_entry.h View 1 2 3 chunks +10 lines, -1 line 0 comments
M chrome/browser/tab_contents/provisional_load_details.h View 1 2 2 chunks +3 lines, -0 lines 0 comments
M chrome/browser/tab_contents/provisional_load_details.cc View 1 2 2 chunks +3 lines, -1 line 0 comments
M chrome/browser/tab_contents/render_view_context_menu.cc View 1 2 1 chunk +4 lines, -1 line 0 comments
M chrome/browser/tab_contents/tab_contents.cc View 1 2 1 chunk +4 lines, -2 lines 0 comments
M chrome/browser/ui/gtk/location_bar_view_gtk.h View 1 2 3 chunks +15 lines, -0 lines 0 comments
M chrome/browser/ui/gtk/location_bar_view_gtk.cc View 1 2 10 chunks +138 lines, -0 lines 0 comments
M chrome/browser/ui/login/login_prompt.cc View 1 2 3 4 chunks +19 lines, -3 lines 0 comments
M chrome/browser/ui/toolbar/toolbar_model.h View 1 2 2 chunks +4 lines, -0 lines 0 comments
M chrome/browser/ui/toolbar/toolbar_model.cc View 1 2 3 1 chunk +23 lines, -0 lines 0 comments
M net/base/auth.h View 1 2 4 chunks +13 lines, -0 lines 0 comments
M net/base/auth.cc View 1 2 2 chunks +15 lines, -2 lines 0 comments
M net/base/connection_type_histograms.h View 1 2 3 1 chunk +2 lines, -0 lines 0 comments
M net/base/cookie_monster.cc View 1 2 3 1 chunk +3 lines, -2 lines 0 comments
M net/base/net_error_list.h View 1 2 1 chunk +9 lines, -0 lines 0 comments
M net/base/ssl_config_service.h View 1 2 1 chunk +5 lines, -0 lines 0 comments
M net/base/ssl_config_service.cc View 1 2 3 chunks +6 lines, -2 lines 0 comments
M net/base/ssl_info.h View 1 2 3 chunks +5 lines, -1 line 0 comments
M net/base/ssl_info.cc View 1 2 3 chunks +3 lines, -0 lines 0 comments
A net/base/tls_client_login_cache.h View 1 2 1 chunk +54 lines, -0 lines 0 comments
A net/base/tls_client_login_cache.cc View 1 2 1 chunk +39 lines, -0 lines 0 comments
A net/base/tls_client_login_cache_unittest.cc View 1 2 1 chunk +103 lines, -0 lines 0 comments
A net/data/ssl/certificates/ok.srpv View 1 2 3 1 chunk +1 line, -0 lines 0 comments
A net/data/ssl/certificates/ok.srpv.attr View 1 2 1 chunk +1 line, -0 lines 0 comments
M net/http/http_cache_transaction.h View 1 2 4 chunks +6 lines, -0 lines 0 comments
M net/http/http_cache_transaction.cc View 1 2 7 chunks +60 lines, -1 line 0 comments
M net/http/http_cache_unittest.cc View 1 2 4 chunks +22 lines, -2 lines 0 comments
M net/http/http_network_session.h View 1 2 3 chunks +5 lines, -0 lines 0 comments
M net/http/http_network_transaction.h View 1 2 4 chunks +5 lines, -0 lines 0 comments
M net/http/http_network_transaction.cc View 1 2 3 6 chunks +123 lines, -2 lines 0 comments
M net/http/http_network_transaction_unittest.cc View 1 2 1 chunk +2 lines, -0 lines 0 comments
M net/http/http_proxy_client_socket_pool.cc View 1 2 1 chunk +2 lines, -1 line 0 comments
M net/http/http_response_info.h View 1 2 1 chunk +4 lines, -0 lines 0 comments
M net/http/http_response_info.cc View 1 2 6 chunks +19 lines, -2 lines 0 comments
M net/http/http_stream.h View 1 2 1 chunk +1 line, -0 lines 0 comments
M net/http/http_stream_parser.h View 1 2 1 chunk +1 line, -0 lines 0 comments
M net/http/http_stream_parser.cc View 1 2 3 2 chunks +2 lines, -2 lines 0 comments
M net/http/http_stream_request.h View 1 2 2 chunks +2 lines, -0 lines 0 comments
M net/http/http_stream_request.cc View 1 2 3 2 chunks +13 lines, -0 lines 0 comments
M net/http/http_transaction.h View 1 2 2 chunks +6 lines, -0 lines 0 comments
M net/http/http_transaction_unittest.h View 1 2 3 chunks +6 lines, -0 lines 0 comments
M net/http/http_transaction_unittest.cc View 1 2 7 chunks +19 lines, -5 lines 0 comments
M net/http/stream_factory.h View 1 2 2 chunks +4 lines, -0 lines 0 comments
M net/net.gyp View 1 2 3 chunks +4 lines, -0 lines 0 comments
M net/socket/nss_ssl_util.h View 1 2 2 chunks +4 lines, -0 lines 0 comments
M net/socket/nss_ssl_util.cc View 1 2 3 chunks +15 lines, -2 lines 0 comments
M net/socket/socket_test_util.h View 1 2 1 chunk +3 lines, -1 line 0 comments
M net/socket/ssl_client_socket.h View 1 2 1 chunk +1 line, -0 lines 0 comments
M net/socket/ssl_client_socket_nss.h View 1 2 5 chunks +18 lines, -0 lines 0 comments
M net/socket/ssl_client_socket_nss.cc View 1 2 12 chunks +143 lines, -23 lines 0 comments
A net/socket/ssl_client_socket_tls_srp_unittest.cc View 1 2 3 1 chunk +312 lines, -0 lines 0 comments
M net/socket/ssl_client_socket_unittest.cc View 1 2 1 chunk +50 lines, -0 lines 0 comments
M net/spdy/spdy_stream.h View 1 2 1 chunk +1 line, -0 lines 0 comments
M net/test/openssl_helper.cc View 1 2 3 10 chunks +155 lines, -38 lines 0 comments
M net/test/test_server.h View 1 2 1 chunk +6 lines, -0 lines 0 comments
M net/test/test_server.cc View 1 2 4 chunks +19 lines, -5 lines 0 comments
M net/third_party/nss/README.chromium View 1 2 1 chunk +4 lines, -0 lines 0 comments
A net/third_party/nss/patches/tls-srp.patch View 1 2 1 chunk +1469 lines, -0 lines 0 comments
M net/third_party/nss/ssl.gyp View 1 2 3 1 chunk +5 lines, -0 lines 0 comments
M net/third_party/nss/ssl/ssl.h View 1 2 2 chunks +38 lines, -0 lines 0 comments
M net/third_party/nss/ssl/ssl.def View 1 2 3 1 chunk +4 lines, -0 lines 0 comments
M net/third_party/nss/ssl/ssl3con.c View 1 2 23 chunks +661 lines, -14 lines 0 comments
M net/third_party/nss/ssl/ssl3ecc.c View 1 2 1 chunk +57 lines, -0 lines 0 comments
M net/third_party/nss/ssl/ssl3ext.c View 1 2 4 chunks +63 lines, -0 lines 0 comments
M net/third_party/nss/ssl/ssl3prot.h View 1 2 3 chunks +8 lines, -1 line 0 comments
M net/third_party/nss/ssl/sslauth.c View 1 2 1 chunk +74 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslenum.c View 1 2 3 chunks +9 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslerr.h View 1 2 1 chunk +2 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslimpl.h View 1 2 3 chunks +8 lines, -2 lines 0 comments
M net/third_party/nss/ssl/sslinfo.c View 1 2 3 chunks +35 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslproto.h View 1 2 1 chunk +10 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslsecur.c View 1 2 2 chunks +17 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslsock.c View 1 2 1 chunk +9 lines, -0 lines 0 comments
M net/third_party/nss/ssl/sslt.h View 1 2 3 chunks +6 lines, -1 line 0 comments
M net/tools/testserver/testserver.py View 1 2 10 chunks +56 lines, -10 lines 0 comments
M net/url_request/url_request.h View 1 2 5 chunks +19 lines, -0 lines 0 comments
M net/url_request/url_request.cc View 1 2 4 chunks +33 lines, -1 line 0 comments
M net/url_request/url_request_http_job.h View 1 2 2 chunks +4 lines, -0 lines 0 comments
M net/url_request/url_request_http_job.cc View 1 2 3 6 chunks +48 lines, -0 lines 0 comments
M net/url_request/url_request_job.h View 1 2 1 chunk +3 lines, -0 lines 0 comments
M net/url_request/url_request_job.cc View 1 2 3 1 chunk +9 lines, -0 lines 0 comments
M net/url_request/url_request_test_util.h View 1 2 3 chunks +6 lines, -0 lines 0 comments
M net/url_request/url_request_test_util.cc View 1 2 1 chunk +5 lines, -0 lines 0 comments
M net/url_request/url_request_unittest.cc View 1 2 3 6 chunks +398 lines, -0 lines 0 comments
M third_party/tlslite/README.chromium View 1 2 1 chunk +3 lines, -0 lines 0 comments
A third_party/tlslite/patches/tls-srp-rfc5054.patch View 1 2 1 chunk +193 lines, -0 lines 0 comments
M third_party/tlslite/scripts/tls.py View 1 2 4 chunks +4 lines, -4 lines 0 comments
M third_party/tlslite/tlslite/TLSConnection.py View 1 2 4 chunks +12 lines, -15 lines 0 comments
M third_party/tlslite/tlslite/constants.py View 1 2 3 chunks +16 lines, -11 lines 0 comments
M third_party/tlslite/tlslite/errors.py View 1 2 1 chunk +2 lines, -2 lines 0 comments
M third_party/tlslite/tlslite/messages.py View 1 2 2 chunks +2 lines, -2 lines 0 comments
M webkit/glue/password_form.h View 1 2 1 chunk +1 line, -0 lines 0 comments

Messages

Total messages: 13 (0 generated)
sqs
Thanks for offering to take a look at this. There is also an email thread ...
9 years, 8 months ago (2011-04-06 23:29:17 UTC) #1
PhistucK
I happened to spot these. http://codereview.chromium.org/6804032/diff/1/ppapi/c/dev/ppb_opengles_dev.h File ppapi/c/dev/ppb_opengles_dev.h (right): http://codereview.chromium.org/6804032/diff/1/ppapi/c/dev/ppb_opengles_dev.h#newcode1 ppapi/c/dev/ppb_opengles_dev.h:1: // Copyright (c) 2011 ...
9 years, 8 months ago (2011-04-07 07:08:28 UTC) #2
sqs
On 2011/04/07 07:08:28, PhistucK wrote: > I happened to spot these. > ... > No ...
9 years, 8 months ago (2011-04-07 07:35:15 UTC) #3
agl
First, thank you for the huge amount of work that has clearly gone into this ...
9 years, 8 months ago (2011-04-07 14:16:05 UTC) #4
agl
wtc pointed out that there are entries in the NSS bug tracker for this, specifically ...
9 years, 8 months ago (2011-04-07 14:56:27 UTC) #5
sqs_cs.stanford.edu
On Thu, Apr 7, 2011 at 7:56 AM, <agl@chromium.org> wrote: > wtc pointed out that ...
9 years, 8 months ago (2011-04-07 17:54:22 UTC) #6
sqs_cs.stanford.edu
On Thu, Apr 7, 2011 at 7:16 AM, <agl@chromium.org> wrote: > I think that TLS-SRP ...
9 years, 8 months ago (2011-04-07 22:02:56 UTC) #7
sqs
On Thu, Apr 7, 2011 at 7:16 AM, <mailto:agl@chromium.org> wrote: > The changes to TLSLite ...
9 years, 8 months ago (2011-04-11 01:16:41 UTC) #8
wtc
sqs: thanks a lot for contributing the patch to Chromium. I skimmed through the patch. ...
9 years, 8 months ago (2011-04-20 18:00:37 UTC) #9
sqs
Thanks for looking this over, wtc. I'll fix the NSS things, and... On 2011/04/20 18:00:37, ...
9 years, 8 months ago (2011-04-20 19:11:13 UTC) #10
wtc
sqs: just curious: where does the "httpsv" scheme come from? I didn't find it in ...
9 years, 8 months ago (2011-04-20 23:32:32 UTC) #11
sqs
On 2011/04/20 23:32:32, wtc wrote: > sqs: just curious: where does the "httpsv" scheme come ...
9 years, 8 months ago (2011-04-20 23:53:10 UTC) #12
heri16
6 years, 4 months ago (2014-07-31 16:17:39 UTC) #13
On 2011/04/20 23:53:10, sqs wrote:
> On 2011/04/20 23:32:32, wtc wrote:
> > sqs: just curious: where does the "httpsv" scheme come from?  I didn't
> > find it in RFC 5054, and my Google and Bing searches didn't turn up
> > anything.
> 
> Totally made up by someone who had previously implemented PAKE login for
> Firefox. I took it from that.
> 
> The idea was to let users require TLS-SRP for certain URLs (by using httpsv)
but
> not others. E.g., they might want to require TLS-SRP for their blog's admin
> interface, so they wouldn't be fooled by an attacker who got a CA to produce a
> bad certificate and who then hijacked their server to perform SSL with that
> cert. Likewise for a server wanting to require PAKE.
> 
> I decided, however, that this would be an unwieldy and overly specific
solution
> to a larger problem that STS (and, e.g., DANE) already addresses.
> 
> Having a separate scheme does make it easier to allow logging in and logging
out
> (log in = redirect to httpsv, log out = redirect to https) through
content-area
> links (as opposed to a log out button in browser chrome), but there are other
> ways to do this.

Hi Sqs,

I was wondering what happened to the patch that you are working on for TLS-SRP? 
It seems that Certificate Authorities cannot be trusted anymore these days after
the Snowden revelations.
According to the EFF SSL Observatory, 2000 different entities can sign
certificates for any domain on the internet, including yahoo.com or
chromium.org. 
TLS-SRP is the most elegant solution for many use cases.

Thanks.

Powered by Google App Engine