da/de7/security__context_8h_source.html

// Copyright (c) 2017, the Dart project authors.  Please see the AUTHORS file

// for details. All rights reserved. Use of this source code is governed by a

// BSD-style license that can be found in the LICENSE file.


#ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_

#define RUNTIME_BIN_SECURITY_CONTEXT_H_


#include <openssl/ssl.h>

#include <openssl/x509.h>


#include "bin/lockers.h"

#include "bin/reference_counting.h"

#include "bin/socket.h"


namespace dart {

namespace bin {


// Forward declaration

class SSLFilter;


typedef void (*TrustEvaluateHandlerFunc)(Dart_Port dest_port_id,

                                         Dart_CObject* message);


class SSLCertContext : public ReferenceCounted<SSLCertContext> {

 public:

  static const intptr_t kApproximateSize;

  static constexpr int kSecurityContextNativeFieldIndex = 0;

  static constexpr int kX509NativeFieldIndex = 0;


  explicit SSLCertContext(SSL_CTX* context)

      : ReferenceCounted(),

        context_(context),

        alpn_protocol_string_(nullptr),

        trust_builtin_(false),

        allow_tls_renegotiation_(false) {}


  ~SSLCertContext() {

    SSL_CTX_free(context_);

    free(alpn_protocol_string_);

  }


  static int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx);

  static void KeyLogCallback(const SSL* ssl, const char* line);


  static SSLCertContext* GetSecurityContext(Dart_NativeArguments args);

  static const char* GetPasswordArgument(Dart_NativeArguments args,

                                         intptr_t index);

  static void SetAlpnProtocolList(Dart_Handle protocols_handle,

                                  SSL* ssl,

                                  SSLCertContext* context,

                                  bool is_server);


  static const char* root_certs_file() { return root_certs_file_; }

  static void set_root_certs_file(const char* root_certs_file) {

    root_certs_file_ = root_certs_file;

  }

  static const char* root_certs_cache() { return root_certs_cache_; }

  static void set_root_certs_cache(const char* root_certs_cache) {

    root_certs_cache_ = root_certs_cache;

  }


  void SetTrustedCertificatesBytes(Dart_Handle cert_bytes,

                                   const char* password);


  void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes,

                                 const char* password);


  int UseCertificateChainBytes(Dart_Handle cert_chain_bytes,

                               const char* password);


  void TrustBuiltinRoots();


  SSL_CTX* context() const { return context_; }


  uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; }


  void set_alpn_protocol_string(uint8_t* protocol_string) {

    if (alpn_protocol_string_ != nullptr) {

      free(alpn_protocol_string_);

    }

    alpn_protocol_string_ = protocol_string;

  }


  bool trust_builtin() const { return trust_builtin_; }


  void set_allow_tls_renegotiation(bool allow) {

    allow_tls_renegotiation_ = allow;

  }

  bool allow_tls_renegotiation() const { return allow_tls_renegotiation_; }


  void set_trust_builtin(bool trust_builtin) { trust_builtin_ = trust_builtin; }


  void RegisterCallbacks(SSL* ssl);

  TrustEvaluateHandlerFunc GetTrustEvaluateHandler() const;


  static bool long_ssl_cert_evaluation() { return long_ssl_cert_evaluation_; }

  static void set_long_ssl_cert_evaluation(bool long_ssl_cert_evaluation) {

    long_ssl_cert_evaluation_ = long_ssl_cert_evaluation;

  }


  static bool bypass_trusting_system_roots() {

    return bypass_trusting_system_roots_;

  }

  static void set_bypass_trusting_system_roots(

      bool bypass_trusting_system_roots) {

    bypass_trusting_system_roots_ = bypass_trusting_system_roots;

  }


 private:

  void AddCompiledInCerts();

  void LoadRootCertFile(const char* file);

  void LoadRootCertCache(const char* cache);


  static const char* root_certs_file_;

  static const char* root_certs_cache_;


  SSL_CTX* context_;

  uint8_t* alpn_protocol_string_;


  bool trust_builtin_;

  bool allow_tls_renegotiation_;

  static bool long_ssl_cert_evaluation_;

  static bool bypass_trusting_system_roots_;


  DISALLOW_COPY_AND_ASSIGN(SSLCertContext);

};


class X509Helper : public AllStatic {

 public:

  static Dart_Handle GetDer(Dart_NativeArguments args);

  static Dart_Handle GetPem(Dart_NativeArguments args);

  static Dart_Handle GetSha1(Dart_NativeArguments args);

  static Dart_Handle GetSubject(Dart_NativeArguments args);

  static Dart_Handle GetIssuer(Dart_NativeArguments args);

  static Dart_Handle GetStartValidity(Dart_NativeArguments args);

  static Dart_Handle GetEndValidity(Dart_NativeArguments args);

  static Dart_Handle WrappedX509Certificate(X509* certificate);

};


}  // namespace bin

}  // namespace dart


#endif  // RUNTIME_BIN_SECURITY_CONTEXT_H_

lockers.h

dart::AllStatic
Definition: allocation.h:33

dart::bin::ReferenceCounted
Definition: reference_counting.h:36

dart::bin::SSLCertContext
Definition: security_context.h:24

dart::bin::SSLCertContext::KeyLogCallback
static void KeyLogCallback(const SSL *ssl, const char *line)
Definition: security_context.cc:85

dart::bin::SSLCertContext::GetSecurityContext
static SSLCertContext * GetSecurityContext(Dart_NativeArguments args)
Definition: security_context.cc:95

dart::bin::SSLCertContext::RegisterCallbacks
void RegisterCallbacks(SSL *ssl)

dart::bin::SSLCertContext::context
SSL_CTX * context() const
Definition: security_context.h:73

dart::bin::SSLCertContext::set_long_ssl_cert_evaluation
static void set_long_ssl_cert_evaluation(bool long_ssl_cert_evaluation)
Definition: security_context.h:97

dart::bin::SSLCertContext::kX509NativeFieldIndex
static constexpr int kX509NativeFieldIndex
Definition: security_context.h:28

dart::bin::SSLCertContext::SetClientAuthoritiesBytes
void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, const char *password)
Definition: security_context.cc:308

dart::bin::SSLCertContext::root_certs_file
static const char * root_certs_file()
Definition: security_context.h:53

dart::bin::SSLCertContext::set_bypass_trusting_system_roots
static void set_bypass_trusting_system_roots(bool bypass_trusting_system_roots)
Definition: security_context.h:104

dart::bin::SSLCertContext::CertificateCallback
static int CertificateCallback(int preverify_ok, X509_STORE_CTX *store_ctx)
Definition: security_context.cc:40

dart::bin::SSLCertContext::set_root_certs_file
static void set_root_certs_file(const char *root_certs_file)
Definition: security_context.h:54

dart::bin::SSLCertContext::GetPasswordArgument
static const char * GetPasswordArgument(Dart_NativeArguments args, intptr_t index)
Definition: security_context.cc:431

dart::bin::SSLCertContext::set_root_certs_cache
static void set_root_certs_cache(const char *root_certs_cache)
Definition: security_context.h:58

dart::bin::SSLCertContext::alpn_protocol_string
uint8_t * alpn_protocol_string() const
Definition: security_context.h:75

dart::bin::SSLCertContext::allow_tls_renegotiation
bool allow_tls_renegotiation() const
Definition: security_context.h:89

dart::bin::SSLCertContext::GetTrustEvaluateHandler
TrustEvaluateHandlerFunc GetTrustEvaluateHandler() const

dart::bin::SSLCertContext::kApproximateSize
static const intptr_t kApproximateSize
Definition: security_context.h:26

dart::bin::SSLCertContext::set_allow_tls_renegotiation
void set_allow_tls_renegotiation(bool allow)
Definition: security_context.h:86

dart::bin::SSLCertContext::root_certs_cache
static const char * root_certs_cache()
Definition: security_context.h:57

dart::bin::SSLCertContext::long_ssl_cert_evaluation
static bool long_ssl_cert_evaluation()
Definition: security_context.h:96

dart::bin::SSLCertContext::set_trust_builtin
void set_trust_builtin(bool trust_builtin)
Definition: security_context.h:91

dart::bin::SSLCertContext::UseCertificateChainBytes
int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, const char *password)
Definition: security_context.cc:629

dart::bin::SSLCertContext::set_alpn_protocol_string
void set_alpn_protocol_string(uint8_t *protocol_string)
Definition: security_context.h:77

dart::bin::SSLCertContext::SetAlpnProtocolList
static void SetAlpnProtocolList(Dart_Handle protocols_handle, SSL *ssl, SSLCertContext *context, bool is_server)
Definition: security_context.cc:481

dart::bin::SSLCertContext::SetTrustedCertificatesBytes
void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, const char *password)
Definition: security_context.cc:230

dart::bin::SSLCertContext::~SSLCertContext
~SSLCertContext()
Definition: security_context.h:37

dart::bin::SSLCertContext::trust_builtin
bool trust_builtin() const
Definition: security_context.h:84

dart::bin::SSLCertContext::SSLCertContext
SSLCertContext(SSL_CTX *context)
Definition: security_context.h:30

dart::bin::SSLCertContext::kSecurityContextNativeFieldIndex
static constexpr int kSecurityContextNativeFieldIndex
Definition: security_context.h:27

dart::bin::SSLCertContext::bypass_trusting_system_roots
static bool bypass_trusting_system_roots()
Definition: security_context.h:101

dart::bin::SSLCertContext::TrustBuiltinRoots
void TrustBuiltinRoots()

dart::bin::X509Helper
Definition: security_context.h:128

dart::bin::X509Helper::GetSha1
static Dart_Handle GetSha1(Dart_NativeArguments args)
Definition: security_context.cc:709

dart::bin::X509Helper::GetDer
static Dart_Handle GetDer(Dart_NativeArguments args)
Definition: security_context.cc:649

dart::bin::X509Helper::GetStartValidity
static Dart_Handle GetStartValidity(Dart_NativeArguments args)
Definition: security_context.cc:785

dart::bin::X509Helper::WrappedX509Certificate
static Dart_Handle WrappedX509Certificate(X509 *certificate)
Definition: security_context.cc:146

dart::bin::X509Helper::GetIssuer
static Dart_Handle GetIssuer(Dart_NativeArguments args)
Definition: security_context.cc:758

dart::bin::X509Helper::GetPem
static Dart_Handle GetPem(Dart_NativeArguments args)
Definition: security_context.cc:686

dart::bin::X509Helper::GetEndValidity
static Dart_Handle GetEndValidity(Dart_NativeArguments args)
Definition: security_context.cc:791

dart::bin::X509Helper::GetSubject
static Dart_Handle GetSubject(Dart_NativeArguments args)
Definition: security_context.cc:745

Dart_Port
int64_t Dart_Port
Definition: dart_api.h:1525

Dart_Handle
struct _Dart_Handle * Dart_Handle
Definition: dart_api.h:258

Dart_NativeArguments
struct _Dart_NativeArguments * Dart_NativeArguments
Definition: dart_api.h:3019

args
G_BEGIN_DECLS G_MODULE_EXPORT FlValue * args
Definition: fl_event_channel.h:89

message
Win32Message message
Definition: keyboard_unittests.cc:139

dart::bin::TrustEvaluateHandlerFunc
void(* TrustEvaluateHandlerFunc)(Dart_Port dest_port_id, Dart_CObject *message)
Definition: security_context.h:21

dart
Definition: dart_vm.cc:33

dart::false
false
Definition: isolate_reload.cc:58

flutter::cache
DEF_SWITCHES_START aot vmservice shared library Name of the *so containing AOT compiled Dart assets for launching the service isolate vm snapshot The VM snapshot data that will be memory mapped as read only SnapshotAssetPath must be present isolate snapshot The isolate snapshot data that will be memory mapped as read only SnapshotAssetPath must be present cache dir Path to the cache directory This is different from the persistent_cache_path in embedder which is used for Skia shader cache icu native lib Path to the library file that exports the ICU data vm service The hostname IP address on which the Dart VM Service should be served If not defaults to or::depending on whether ipv6 is specified vm service A custom Dart VM Service port The default is to pick a randomly available open port disable vm Disable the Dart VM Service The Dart VM Service is never available in release mode disable vm service Disable mDNS Dart VM Service publication Bind to the IPv6 localhost address for the Dart VM Service Ignored if vm service host is set endless trace Enable an endless trace buffer The default is a ring buffer This is useful when very old events need to viewed For during application launch Memory usage will continue to grow indefinitely however Start app with an specific route defined on the framework flutter assets Path to the Flutter assets directory enable service port Allow the VM service to fallback to automatic port selection if binding to a specified port fails trace Trace early application lifecycle Automatically switches to an endless trace buffer trace skia Filters out all Skia trace event categories except those that are specified in this comma separated list dump skp on shader Automatically dump the skp that triggers new shader compilations This is useful for writing custom ShaderWarmUp to reduce jank By this is not enabled to reduce the overhead purge persistent cache
Definition: switches.h:191

gn.gn_meta_sln.line
line
Definition: gn_meta_sln.py:144

protoc_wrapper.file
file
Definition: protoc_wrapper.py:226

reference_counting.h

socket.h

_Dart_CObject
Definition: dart_native_api.h:63