d3/db2/secure__socket__filter_8h_source.html

// Copyright (c) 2017, the Dart project authors.  Please see the AUTHORS file

// for details. All rights reserved. Use of this source code is governed by a

// BSD-style license that can be found in the LICENSE file.


#ifndef RUNTIME_BIN_SECURE_SOCKET_FILTER_H_

#define RUNTIME_BIN_SECURE_SOCKET_FILTER_H_


#include <openssl/bio.h>

#include <openssl/ssl.h>

#include <openssl/x509.h>


#include <memory>


#include "bin/builtin.h"

#include "bin/reference_counting.h"

#include "bin/security_context.h"

#include "platform/utils.h"


namespace dart {

namespace bin {


/* These are defined in root_certificates.cc. */

extern const unsigned char* root_certificates_pem;

extern unsigned int root_certificates_pem_length;


class X509TrustState {

 public:


  X509TrustState(const X509* x509, bool is_trusted)

      : x509_(x509), is_trusted_(is_trusted) {}


  const X509* x509() const { return x509_; }

  bool is_trusted() const { return is_trusted_; }


 private:

  const X509* x509_;

  bool is_trusted_;


  DISALLOW_COPY_AND_ASSIGN(X509TrustState);

};


class SSLFilter : public ReferenceCounted<SSLFilter> {

 public:

  static void Init();

  static void Cleanup();


  // These enums must agree with those in sdk/lib/io/secure_socket.dart.


  enum BufferIndex {

    kReadPlaintext,

    kWritePlaintext,

    kReadEncrypted,

    kWriteEncrypted,

    kNumBuffers,

    kFirstEncrypted = kReadEncrypted

  };


  static const intptr_t kApproximateSize;

  static constexpr int kSSLFilterNativeFieldIndex = 0;


  SSLFilter()

      : callback_error(nullptr),

        ssl_(nullptr),

        socket_side_(nullptr),

        string_start_(nullptr),

        string_length_(nullptr),

        handshake_complete_(nullptr),

        bad_certificate_callback_(nullptr),

        in_handshake_(false),

        hostname_(nullptr) {}


  ~SSLFilter();


  char* hostname() const { return hostname_; }

  bool is_server() const { return is_server_; }

  bool is_client() const { return !is_server_; }


  Dart_Handle Init(Dart_Handle dart_this);

  void Connect(const char* hostname,

               SSLCertContext* context,

               bool is_server,

               bool request_client_certificate,

               bool require_client_certificate,

               Dart_Handle protocols_handle);

  void Destroy();

  void FreeResources();

  void MarkAsTrusted(Dart_NativeArguments args);

  int Handshake(Dart_Port reply_port);

  void GetSelectedProtocol(Dart_NativeArguments args);

  void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete);

  void RegisterBadCertificateCallback(Dart_Handle callback);

  void RegisterKeyLogPort(Dart_Port key_log_port);

  Dart_Port key_log_port() { return key_log_port_; }


  Dart_Handle bad_certificate_callback() {

    return Dart_HandleFromPersistent(bad_certificate_callback_);

  }


  int ProcessReadPlaintextBuffer(int start, int end);

  int ProcessWritePlaintextBuffer(int start, int end);

  int ProcessReadEncryptedBuffer(int start, int end);

  int ProcessWriteEncryptedBuffer(int start, int end);

  bool ProcessAllBuffers(int starts[kNumBuffers],

                         int ends[kNumBuffers],

                         bool in_handshake);

  Dart_Handle PeerCertificate();

  static void InitializeLibrary();

  Dart_Handle callback_error;


  static CObject* ProcessFilterRequest(const CObjectArray& request);


  // The index of the external data field in _ssl that points to the SSLFilter.

  static int filter_ssl_index;

  // The index of the external data field in _ssl that points to the

  // SSLCertContext.

  static int ssl_cert_context_index;


  const X509TrustState* certificate_trust_state() {

    return certificate_trust_state_.get();

  }


  Dart_Port reply_port() const { return reply_port_; }


  Dart_Port trust_evaluate_reply_port() const {

    return trust_evaluate_reply_port_;

  }


 private:

  static const intptr_t kInternalBIOSize;

  static bool library_initialized_;

  static Mutex* mutex_;  // To protect library initialization.


  SSL* ssl_;

  BIO* socket_side_;

  // Currently only one(root) certificate is evaluated via

  // TrustEvaluate mechanism.

  std::unique_ptr<X509TrustState> certificate_trust_state_;


  uint8_t* buffers_[kNumBuffers];

  int buffer_size_;

  int encrypted_buffer_size_;

  Dart_PersistentHandle string_start_;

  Dart_PersistentHandle string_length_;

  Dart_PersistentHandle dart_buffer_objects_[kNumBuffers];

  Dart_PersistentHandle handshake_complete_;

  Dart_PersistentHandle bad_certificate_callback_;

  bool in_handshake_;

  bool is_server_;

  char* hostname_;


  Dart_Port reply_port_ = ILLEGAL_PORT;

  Dart_Port trust_evaluate_reply_port_ = ILLEGAL_PORT;

  Dart_Port key_log_port_ = ILLEGAL_PORT;


  static bool IsBufferEncrypted(int i) {

    return static_cast<BufferIndex>(i) >= kFirstEncrypted;

  }

  Dart_Handle InitializeBuffers(Dart_Handle dart_this);

  void InitializePlatformData();


  DISALLOW_COPY_AND_ASSIGN(SSLFilter);

};


}  // namespace bin

}  // namespace dart


#endif  // RUNTIME_BIN_SECURE_SOCKET_FILTER_H_

builtin.h

dart::bin::CObjectArray
Definition dartutils.h:540

dart::bin::CObject
Definition dartutils.h:329

dart::bin::Mutex
Definition thread.h:60

dart::bin::ReferenceCounted
Definition reference_counting.h:36

dart::bin::SSLCertContext
Definition security_context.h:24

dart::bin::SSLFilter
Definition secure_socket_filter.h:41

dart::bin::SSLFilter::Connect
void Connect(const char *hostname, SSLCertContext *context, bool is_server, bool request_client_certificate, bool require_client_certificate, Dart_Handle protocols_handle)
Definition secure_socket_filter.cc:484

dart::bin::SSLFilter::FreeResources
void FreeResources()
Definition secure_socket_filter.cc:668

dart::bin::SSLFilter::is_client
bool is_client() const
Definition secure_socket_filter.h:74

dart::bin::SSLFilter::ProcessReadEncryptedBuffer
int ProcessReadEncryptedBuffer(int start, int end)
Definition secure_socket_filter.cc:779

dart::bin::SSLFilter::hostname
char * hostname() const
Definition secure_socket_filter.h:72

dart::bin::SSLFilter::RegisterHandshakeCompleteCallback
void RegisterHandshakeCompleteCallback(Dart_Handle handshake_complete)
Definition secure_socket_filter.cc:444

dart::bin::SSLFilter::RegisterKeyLogPort
void RegisterKeyLogPort(Dart_Port key_log_port)
Definition secure_socket_filter.cc:466

dart::bin::SSLFilter::ProcessWritePlaintextBuffer
int ProcessWritePlaintextBuffer(int start, int end)
Definition secure_socket_filter.cc:757

dart::bin::SSLFilter::key_log_port
Dart_Port key_log_port()
Definition secure_socket_filter.h:91

dart::bin::SSLFilter::SSLFilter
SSLFilter()
Definition secure_socket_filter.h:59

dart::bin::SSLFilter::MarkAsTrusted
void MarkAsTrusted(Dart_NativeArguments args)
Definition secure_socket_filter.cc:588

dart::bin::SSLFilter::Init
static void Init()
Definition secure_socket_filter.cc:38

dart::bin::SSLFilter::PeerCertificate
Dart_Handle PeerCertificate()
Definition secure_socket_filter.cc:458

dart::bin::SSLFilter::RegisterBadCertificateCallback
void RegisterBadCertificateCallback(Dart_Handle callback)
Definition secure_socket_filter.cc:451

dart::bin::SSLFilter::InitializeLibrary
static void InitializeLibrary()
Definition secure_socket_filter.cc:470

dart::bin::SSLFilter::GetSelectedProtocol
void GetSelectedProtocol(Dart_NativeArguments args)
Definition secure_socket_filter.cc:657

dart::bin::SSLFilter::bad_certificate_callback
Dart_Handle bad_certificate_callback()
Definition secure_socket_filter.h:92

dart::bin::SSLFilter::ProcessAllBuffers
bool ProcessAllBuffers(int starts[kNumBuffers], int ends[kNumBuffers], bool in_handshake)
Definition secure_socket_filter.cc:276

dart::bin::SSLFilter::ProcessFilterRequest
static CObject * ProcessFilterRequest(const CObjectArray &request)
Definition secure_socket_filter.cc:243

dart::bin::SSLFilter::Destroy
void Destroy()
Definition secure_socket_filter.cc:693

dart::bin::SSLFilter::Handshake
int Handshake(Dart_Port reply_port)
Definition secure_socket_filter.cc:601

dart::bin::SSLFilter::ssl_cert_context_index
static int ssl_cert_context_index
Definition secure_socket_filter.h:112

dart::bin::SSLFilter::kApproximateSize
static const intptr_t kApproximateSize
Definition secure_socket_filter.h:56

dart::bin::SSLFilter::trust_evaluate_reply_port
Dart_Port trust_evaluate_reply_port() const
Definition secure_socket_filter.h:118

dart::bin::SSLFilter::callback_error
Dart_Handle callback_error
Definition secure_socket_filter.h:104

dart::bin::SSLFilter::filter_ssl_index
static int filter_ssl_index
Definition secure_socket_filter.h:109

dart::bin::SSLFilter::kSSLFilterNativeFieldIndex
static constexpr int kSSLFilterNativeFieldIndex
Definition secure_socket_filter.h:57

dart::bin::SSLFilter::ProcessReadPlaintextBuffer
int ProcessReadPlaintextBuffer(int start, int end)
Definition secure_socket_filter.cc:724

dart::bin::SSLFilter::is_server
bool is_server() const
Definition secure_socket_filter.h:73

dart::bin::SSLFilter::ProcessWriteEncryptedBuffer
int ProcessWriteEncryptedBuffer(int start, int end)
Definition secure_socket_filter.cc:806

dart::bin::SSLFilter::BufferIndex
BufferIndex
Definition secure_socket_filter.h:47

dart::bin::SSLFilter::kNumBuffers
@ kNumBuffers
Definition secure_socket_filter.h:52

dart::bin::SSLFilter::kReadEncrypted
@ kReadEncrypted
Definition secure_socket_filter.h:50

dart::bin::SSLFilter::kWriteEncrypted
@ kWriteEncrypted
Definition secure_socket_filter.h:51

dart::bin::SSLFilter::kReadPlaintext
@ kReadPlaintext
Definition secure_socket_filter.h:48

dart::bin::SSLFilter::kFirstEncrypted
@ kFirstEncrypted
Definition secure_socket_filter.h:53

dart::bin::SSLFilter::kWritePlaintext
@ kWritePlaintext
Definition secure_socket_filter.h:49

dart::bin::SSLFilter::reply_port
Dart_Port reply_port() const
Definition secure_socket_filter.h:117

dart::bin::SSLFilter::Cleanup
static void Cleanup()
Definition secure_socket_filter.cc:43

dart::bin::SSLFilter::certificate_trust_state
const X509TrustState * certificate_trust_state()
Definition secure_socket_filter.h:114

dart::bin::SSLFilter::~SSLFilter
~SSLFilter()
Definition secure_socket_filter.cc:689

dart::bin::X509TrustState
Definition secure_socket_filter.h:26

dart::bin::X509TrustState::is_trusted
bool is_trusted() const
Definition secure_socket_filter.h:32

dart::bin::X509TrustState::X509TrustState
X509TrustState(const X509 *x509, bool is_trusted)
Definition secure_socket_filter.h:28

dart::bin::X509TrustState::x509
const X509 * x509() const
Definition secure_socket_filter.h:31

ILLEGAL_PORT
#define ILLEGAL_PORT
Definition dart_api.h:1530

Dart_Port
int64_t Dart_Port
Definition dart_api.h:1524

Dart_Handle
struct _Dart_Handle * Dart_Handle
Definition dart_api.h:258

Dart_NativeArguments
struct _Dart_NativeArguments * Dart_NativeArguments
Definition dart_api.h:3010

Dart_PersistentHandle
Dart_Handle Dart_PersistentHandle
Definition dart_api.h:259

start
glong start
Definition fl_accessible_text_field.cc:39

end
glong glong end
Definition fl_accessible_text_field.cc:40

args
G_BEGIN_DECLS G_MODULE_EXPORT FlValue * args
Definition fl_event_channel.h:89

callback
FlKeyEvent uint64_t FlKeyResponderAsyncCallback callback
Definition fl_key_channel_responder.cc:120

dart::bin::root_certificates_pem
const unsigned char * root_certificates_pem
Definition root_certificates.cc:18309

dart::bin::root_certificates_pem_length
unsigned int root_certificates_pem_length
Definition root_certificates.cc:18310

dart
Definition dart_vm.cc:33

dart::Dart_HandleFromPersistent
DART_EXPORT Dart_Handle Dart_HandleFromPersistent(Dart_PersistentHandle object)
Definition dart_api_impl.cc:929

dart::false
false
Definition isolate_reload.cc:58

DISALLOW_COPY_AND_ASSIGN
#define DISALLOW_COPY_AND_ASSIGN(TypeName)
Definition globals.h:581

reference_counting.h

utils.h

security_context.h