5#ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_
6#define RUNTIME_BIN_SECURITY_CONTEXT_H_
8#include <openssl/ssl.h>
9#include <openssl/x509.h>
33 alpn_protocol_string_(nullptr),
34 trust_builtin_(
false),
35 allow_tls_renegotiation_(
false) {}
38 SSL_CTX_free(context_);
39 free(alpn_protocol_string_);
63 const char* password);
66 const char* password);
69 const char* password);
73 SSL_CTX*
context()
const {
return context_; }
78 if (alpn_protocol_string_ !=
nullptr) {
79 free(alpn_protocol_string_);
81 alpn_protocol_string_ = protocol_string;
87 allow_tls_renegotiation_ = allow;
102 return bypass_trusting_system_roots_;
110 void AddCompiledInCerts();
111 void LoadRootCertFile(
const char* file);
112 void LoadRootCertCache(
const char* cache);
114 static const char* root_certs_file_;
115 static const char* root_certs_cache_;
118 uint8_t* alpn_protocol_string_;
121 bool allow_tls_renegotiation_;
122 static bool long_ssl_cert_evaluation_;
123 static bool bypass_trusting_system_roots_;
static void KeyLogCallback(const SSL *ssl, const char *line)
static SSLCertContext * GetSecurityContext(Dart_NativeArguments args)
void RegisterCallbacks(SSL *ssl)
SSL_CTX * context() const
static void set_long_ssl_cert_evaluation(bool long_ssl_cert_evaluation)
static constexpr int kX509NativeFieldIndex
void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, const char *password)
static const char * root_certs_file()
static void set_bypass_trusting_system_roots(bool bypass_trusting_system_roots)
static int CertificateCallback(int preverify_ok, X509_STORE_CTX *store_ctx)
static void set_root_certs_file(const char *root_certs_file)
static const char * GetPasswordArgument(Dart_NativeArguments args, intptr_t index)
static void set_root_certs_cache(const char *root_certs_cache)
uint8_t * alpn_protocol_string() const
bool allow_tls_renegotiation() const
TrustEvaluateHandlerFunc GetTrustEvaluateHandler() const
static const intptr_t kApproximateSize
void set_allow_tls_renegotiation(bool allow)
static const char * root_certs_cache()
static bool long_ssl_cert_evaluation()
void set_trust_builtin(bool trust_builtin)
int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, const char *password)
void set_alpn_protocol_string(uint8_t *protocol_string)
static void SetAlpnProtocolList(Dart_Handle protocols_handle, SSL *ssl, SSLCertContext *context, bool is_server)
void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, const char *password)
bool trust_builtin() const
SSLCertContext(SSL_CTX *context)
static constexpr int kSecurityContextNativeFieldIndex
static bool bypass_trusting_system_roots()
static Dart_Handle GetSha1(Dart_NativeArguments args)
static Dart_Handle GetDer(Dart_NativeArguments args)
static Dart_Handle GetStartValidity(Dart_NativeArguments args)
static Dart_Handle WrappedX509Certificate(X509 *certificate)
static Dart_Handle GetIssuer(Dart_NativeArguments args)
static Dart_Handle GetPem(Dart_NativeArguments args)
static Dart_Handle GetEndValidity(Dart_NativeArguments args)
static Dart_Handle GetSubject(Dart_NativeArguments args)
struct _Dart_Handle * Dart_Handle
struct _Dart_NativeArguments * Dart_NativeArguments
G_BEGIN_DECLS G_MODULE_EXPORT FlValue * args
void(* TrustEvaluateHandlerFunc)(Dart_Port dest_port_id, Dart_CObject *message)