da/de7/security__context_8h_source.html

// Copyright (c) 2017, the Dart project authors.  Please see the AUTHORS file

// for details. All rights reserved. Use of this source code is governed by a

// BSD-style license that can be found in the LICENSE file.


#ifndef RUNTIME_BIN_SECURITY_CONTEXT_H_

#define RUNTIME_BIN_SECURITY_CONTEXT_H_


#include <openssl/ssl.h>

#include <openssl/x509.h>


#include "bin/lockers.h"

#include "bin/reference_counting.h"

#include "bin/socket.h"


namespace dart {

namespace bin {


// Forward declaration

class SSLFilter;


typedef void (*TrustEvaluateHandlerFunc)(Dart_Port dest_port_id,

                                         Dart_CObject* message);


class SSLCertContext : public ReferenceCounted<SSLCertContext> {

 public:

  static const intptr_t kApproximateSize;

  static constexpr int kSecurityContextNativeFieldIndex = 0;

  static constexpr int kX509NativeFieldIndex = 0;


  explicit SSLCertContext(SSL_CTX* context)

      : ReferenceCounted(),

        context_(context),

        alpn_protocol_string_(nullptr),

        trust_builtin_(false),

        allow_tls_renegotiation_(false) {}


  ~SSLCertContext() {

    SSL_CTX_free(context_);

    free(alpn_protocol_string_);

  }


  static int CertificateCallback(int preverify_ok, X509_STORE_CTX* store_ctx);

  static void KeyLogCallback(const SSL* ssl, const char* line);


  static SSLCertContext* GetSecurityContext(Dart_NativeArguments args);

  static const char* GetPasswordArgument(Dart_NativeArguments args,

                                         intptr_t index);

  static void SetAlpnProtocolList(Dart_Handle protocols_handle,

                                  SSL* ssl,

                                  SSLCertContext* context,

                                  bool is_server);


  static const char* root_certs_file() { return root_certs_file_; }


  static void set_root_certs_file(const char* root_certs_file) {

    root_certs_file_ = root_certs_file;

  }


  static const char* root_certs_cache() { return root_certs_cache_; }


  static void set_root_certs_cache(const char* root_certs_cache) {

    root_certs_cache_ = root_certs_cache;

  }


  void SetTrustedCertificatesBytes(Dart_Handle cert_bytes,

                                   const char* password);


  void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes,

                                 const char* password);


  int UseCertificateChainBytes(Dart_Handle cert_chain_bytes,

                               const char* password);


  void TrustBuiltinRoots();


  SSL_CTX* context() const { return context_; }


  uint8_t* alpn_protocol_string() const { return alpn_protocol_string_; }


  void set_alpn_protocol_string(uint8_t* protocol_string) {

    if (alpn_protocol_string_ != nullptr) {

      free(alpn_protocol_string_);

    }

    alpn_protocol_string_ = protocol_string;

  }


  bool trust_builtin() const { return trust_builtin_; }


  void set_allow_tls_renegotiation(bool allow) {

    allow_tls_renegotiation_ = allow;

  }


  bool allow_tls_renegotiation() const { return allow_tls_renegotiation_; }


  void set_trust_builtin(bool trust_builtin) { trust_builtin_ = trust_builtin; }


  void RegisterCallbacks(SSL* ssl);

  TrustEvaluateHandlerFunc GetTrustEvaluateHandler() const;


  static bool long_ssl_cert_evaluation() { return long_ssl_cert_evaluation_; }


  static void set_long_ssl_cert_evaluation(bool long_ssl_cert_evaluation) {

    long_ssl_cert_evaluation_ = long_ssl_cert_evaluation;

  }


  static bool bypass_trusting_system_roots() {

    return bypass_trusting_system_roots_;

  }


  static void set_bypass_trusting_system_roots(

      bool bypass_trusting_system_roots) {

    bypass_trusting_system_roots_ = bypass_trusting_system_roots;

  }


 private:

  void AddCompiledInCerts();

  void LoadRootCertFile(const char* file);

  void LoadRootCertCache(const char* cache);


  static const char* root_certs_file_;

  static const char* root_certs_cache_;


  SSL_CTX* context_;

  uint8_t* alpn_protocol_string_;


  bool trust_builtin_;

  bool allow_tls_renegotiation_;

  static bool long_ssl_cert_evaluation_;

  static bool bypass_trusting_system_roots_;


  DISALLOW_COPY_AND_ASSIGN(SSLCertContext);

};


class X509Helper : public AllStatic {

 public:

  static Dart_Handle GetDer(Dart_NativeArguments args);

  static Dart_Handle GetPem(Dart_NativeArguments args);

  static Dart_Handle GetSha1(Dart_NativeArguments args);

  static Dart_Handle GetSubject(Dart_NativeArguments args);

  static Dart_Handle GetIssuer(Dart_NativeArguments args);

  static Dart_Handle GetStartValidity(Dart_NativeArguments args);

  static Dart_Handle GetEndValidity(Dart_NativeArguments args);

  static Dart_Handle WrappedX509Certificate(X509* certificate);

};


}  // namespace bin

}  // namespace dart


#endif  // RUNTIME_BIN_SECURITY_CONTEXT_H_

lockers.h

dart::AllStatic
Definition allocation.h:33

dart::bin::ReferenceCounted
Definition reference_counting.h:36

dart::bin::SSLCertContext
Definition security_context.h:24

dart::bin::SSLCertContext::KeyLogCallback
static void KeyLogCallback(const SSL *ssl, const char *line)
Definition security_context.cc:85

dart::bin::SSLCertContext::GetSecurityContext
static SSLCertContext * GetSecurityContext(Dart_NativeArguments args)
Definition security_context.cc:95

dart::bin::SSLCertContext::RegisterCallbacks
void RegisterCallbacks(SSL *ssl)

dart::bin::SSLCertContext::context
SSL_CTX * context() const
Definition security_context.h:73

dart::bin::SSLCertContext::set_long_ssl_cert_evaluation
static void set_long_ssl_cert_evaluation(bool long_ssl_cert_evaluation)
Definition security_context.h:97

dart::bin::SSLCertContext::kX509NativeFieldIndex
static constexpr int kX509NativeFieldIndex
Definition security_context.h:28

dart::bin::SSLCertContext::SetClientAuthoritiesBytes
void SetClientAuthoritiesBytes(Dart_Handle client_authorities_bytes, const char *password)
Definition security_context.cc:308

dart::bin::SSLCertContext::root_certs_file
static const char * root_certs_file()
Definition security_context.h:53

dart::bin::SSLCertContext::set_bypass_trusting_system_roots
static void set_bypass_trusting_system_roots(bool bypass_trusting_system_roots)
Definition security_context.h:104

dart::bin::SSLCertContext::CertificateCallback
static int CertificateCallback(int preverify_ok, X509_STORE_CTX *store_ctx)
Definition security_context.cc:40

dart::bin::SSLCertContext::set_root_certs_file
static void set_root_certs_file(const char *root_certs_file)
Definition security_context.h:54

dart::bin::SSLCertContext::GetPasswordArgument
static const char * GetPasswordArgument(Dart_NativeArguments args, intptr_t index)
Definition security_context.cc:431

dart::bin::SSLCertContext::set_root_certs_cache
static void set_root_certs_cache(const char *root_certs_cache)
Definition security_context.h:58

dart::bin::SSLCertContext::alpn_protocol_string
uint8_t * alpn_protocol_string() const
Definition security_context.h:75

dart::bin::SSLCertContext::allow_tls_renegotiation
bool allow_tls_renegotiation() const
Definition security_context.h:89

dart::bin::SSLCertContext::GetTrustEvaluateHandler
TrustEvaluateHandlerFunc GetTrustEvaluateHandler() const

dart::bin::SSLCertContext::kApproximateSize
static const intptr_t kApproximateSize
Definition security_context.h:26

dart::bin::SSLCertContext::set_allow_tls_renegotiation
void set_allow_tls_renegotiation(bool allow)
Definition security_context.h:86

dart::bin::SSLCertContext::root_certs_cache
static const char * root_certs_cache()
Definition security_context.h:57

dart::bin::SSLCertContext::long_ssl_cert_evaluation
static bool long_ssl_cert_evaluation()
Definition security_context.h:96

dart::bin::SSLCertContext::set_trust_builtin
void set_trust_builtin(bool trust_builtin)
Definition security_context.h:91

dart::bin::SSLCertContext::UseCertificateChainBytes
int UseCertificateChainBytes(Dart_Handle cert_chain_bytes, const char *password)
Definition security_context.cc:629

dart::bin::SSLCertContext::set_alpn_protocol_string
void set_alpn_protocol_string(uint8_t *protocol_string)
Definition security_context.h:77

dart::bin::SSLCertContext::SetAlpnProtocolList
static void SetAlpnProtocolList(Dart_Handle protocols_handle, SSL *ssl, SSLCertContext *context, bool is_server)
Definition security_context.cc:481

dart::bin::SSLCertContext::SetTrustedCertificatesBytes
void SetTrustedCertificatesBytes(Dart_Handle cert_bytes, const char *password)
Definition security_context.cc:230

dart::bin::SSLCertContext::~SSLCertContext
~SSLCertContext()
Definition security_context.h:37

dart::bin::SSLCertContext::trust_builtin
bool trust_builtin() const
Definition security_context.h:84

dart::bin::SSLCertContext::SSLCertContext
SSLCertContext(SSL_CTX *context)
Definition security_context.h:30

dart::bin::SSLCertContext::kSecurityContextNativeFieldIndex
static constexpr int kSecurityContextNativeFieldIndex
Definition security_context.h:27

dart::bin::SSLCertContext::bypass_trusting_system_roots
static bool bypass_trusting_system_roots()
Definition security_context.h:101

dart::bin::SSLCertContext::TrustBuiltinRoots
void TrustBuiltinRoots()

dart::bin::X509Helper
Definition security_context.h:128

dart::bin::X509Helper::GetSha1
static Dart_Handle GetSha1(Dart_NativeArguments args)
Definition security_context.cc:709

dart::bin::X509Helper::GetDer
static Dart_Handle GetDer(Dart_NativeArguments args)
Definition security_context.cc:649

dart::bin::X509Helper::GetStartValidity
static Dart_Handle GetStartValidity(Dart_NativeArguments args)
Definition security_context.cc:785

dart::bin::X509Helper::WrappedX509Certificate
static Dart_Handle WrappedX509Certificate(X509 *certificate)
Definition security_context.cc:146

dart::bin::X509Helper::GetIssuer
static Dart_Handle GetIssuer(Dart_NativeArguments args)
Definition security_context.cc:758

dart::bin::X509Helper::GetPem
static Dart_Handle GetPem(Dart_NativeArguments args)
Definition security_context.cc:686

dart::bin::X509Helper::GetEndValidity
static Dart_Handle GetEndValidity(Dart_NativeArguments args)
Definition security_context.cc:791

dart::bin::X509Helper::GetSubject
static Dart_Handle GetSubject(Dart_NativeArguments args)
Definition security_context.cc:745

Dart_Port
int64_t Dart_Port
Definition dart_api.h:1524

Dart_Handle
struct _Dart_Handle * Dart_Handle
Definition dart_api.h:258

Dart_NativeArguments
struct _Dart_NativeArguments * Dart_NativeArguments
Definition dart_api.h:3010

args
G_BEGIN_DECLS G_MODULE_EXPORT FlValue * args
Definition fl_event_channel.h:89

message
Win32Message message
Definition keyboard_unittests.cc:139

dart::bin::TrustEvaluateHandlerFunc
void(* TrustEvaluateHandlerFunc)(Dart_Port dest_port_id, Dart_CObject *message)
Definition security_context.h:21

dart
Definition dart_vm.cc:33

dart::false
false
Definition isolate_reload.cc:58

DISALLOW_COPY_AND_ASSIGN
#define DISALLOW_COPY_AND_ASSIGN(TypeName)
Definition globals.h:581

reference_counting.h

socket.h

_Dart_CObject
Definition dart_native_api.h:63