| 1 | // Copyright (c) 2017, the Dart project authors. Please see the AUTHORS file |
|---|---|
| 2 | // for details. All rights reserved. Use of this source code is governed by a |
| 3 | // BSD-style license that can be found in the LICENSE file. |
| 4 | |
| 5 | #ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| 6 | #define RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| 7 | |
| 8 | #include <openssl/ssl.h> |
| 9 | #include <openssl/x509.h> |
| 10 | |
| 11 | #include "bin/lockers.h" |
| 12 | #include "bin/reference_counting.h" |
| 13 | #include "bin/socket.h" |
| 14 | |
| 15 | namespace dart { |
| 16 | namespace bin { |
| 17 | |
| 18 | // Forward declaration |
| 19 | class SSLFilter; |
| 20 | |
| 21 | class SSLCertContext : public ReferenceCounted<SSLCertContext> { |
| 22 | public: |
| 23 | static const intptr_t kApproximateSize; |
| 24 | static const int kSecurityContextNativeFieldIndex = 0; |
| 25 | static const int kX509NativeFieldIndex = 0; |
| 26 | |
| 27 | explicit SSLCertContext(SSL_CTX* context) |
| 28 | : ReferenceCounted(), |
| 29 | context_(context), |
| 30 | alpn_protocol_string_(NULL), |
| 31 | trust_builtin_(false) {} |
| 32 | |
| 33 | ~SSLCertContext() { |
| 34 | SSL_CTX_free(context_); |
| 35 | if (alpn_protocol_string_ != NULL) { |
| 36 | free(alpn_protocol_string_); |
| 37 | } |
| 38 | } |
| 39 | |
| 40 | static int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx); |
| 41 | |
| 42 | static SSLCertContext* GetSecurityContext(Dart_NativeArguments args); |
| 43 | static const char* GetPasswordArgument(Dart_NativeArguments args, |
| 44 | intptr_t index); |
| 45 | static void SetAlpnProtocolList(Dart_Handle protocols_handle, |
| 46 | SSL* ssl, |
| 47 | SSLCertContext* context, |
| 48 | bool is_server); |
| 49 | |
| 50 | static const char* root_certs_file() { return root_certs_file_; } |
| 51 | static void set_root_certs_file(const char* root_certs_file) { |
| 52 | root_certs_file_ = root_certs_file; |
| 53 | } |
| 54 | static const char* root_certs_cache() { return root_certs_cache_; } |
| 55 | static void set_root_certs_cache(const char* root_certs_cache) { |
| 56 | root_certs_cache_ = root_certs_cache; |
| 57 | } |
| 58 | |
| 59 | void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, |
| 60 | const char* password); |
| 61 | |
| 62 | void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, |
| 63 | const char* password); |
| 64 | |
| 65 | int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, |
| 66 | const char* password); |
| 67 | |
| 68 | void TrustBuiltinRoots(); |
| 69 | |
| 70 | SSL_CTX* context() const { return context_; } |
| 71 | |
| 72 | uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; } |
| 73 | |
| 74 | void set_alpn_protocol_string(uint8_t* protocol_string) { |
| 75 | if (alpn_protocol_string_ != NULL) { |
| 76 | free(alpn_protocol_string_); |
| 77 | } |
| 78 | alpn_protocol_string_ = protocol_string; |
| 79 | } |
| 80 | |
| 81 | bool trust_builtin() const { return trust_builtin_; } |
| 82 | |
| 83 | void set_trust_builtin(bool trust_builtin) { trust_builtin_ = trust_builtin; } |
| 84 | |
| 85 | void RegisterCallbacks(SSL* ssl); |
| 86 | |
| 87 | private: |
| 88 | void AddCompiledInCerts(); |
| 89 | void LoadRootCertFile(const char* file); |
| 90 | void LoadRootCertCache(const char* cache); |
| 91 | |
| 92 | static const char* root_certs_file_; |
| 93 | static const char* root_certs_cache_; |
| 94 | |
| 95 | SSL_CTX* context_; |
| 96 | uint8_t* alpn_protocol_string_; |
| 97 | |
| 98 | bool trust_builtin_; |
| 99 | |
| 100 | DISALLOW_COPY_AND_ASSIGN(SSLCertContext); |
| 101 | }; |
| 102 | |
| 103 | class X509Helper : public AllStatic { |
| 104 | public: |
| 105 | static Dart_Handle GetDer(Dart_NativeArguments args); |
| 106 | static Dart_Handle GetPem(Dart_NativeArguments args); |
| 107 | static Dart_Handle GetSha1(Dart_NativeArguments args); |
| 108 | static Dart_Handle GetSubject(Dart_NativeArguments args); |
| 109 | static Dart_Handle GetIssuer(Dart_NativeArguments args); |
| 110 | static Dart_Handle GetStartValidity(Dart_NativeArguments args); |
| 111 | static Dart_Handle GetEndValidity(Dart_NativeArguments args); |
| 112 | static Dart_Handle WrappedX509Certificate(X509* certificate); |
| 113 | }; |
| 114 | |
| 115 | } // namespace bin |
| 116 | } // namespace dart |
| 117 | |
| 118 | #endif // RUNTIME_BIN_SECURITY_CONTEXT_H_ |
| 119 |
Generated while processing engine/third_party/dart/runtime/bin/dart_embedder_api_impl.cc
Generated on 2020-Aug-16 from project engine revision 1.21
Powered by 
Code Browser 2.1
Generator usage only permitted with license.