1 #ifndef SRC_NODE_CRYPTO_COMMON_H_ 2 #define SRC_NODE_CRYPTO_COMMON_H_ 3 4 #if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS 5 6 #include "node_crypto.h" 7 #include "v8.h" 8 #include <openssl/ssl.h> 9 #include <openssl/x509v3.h> 10 11 #include <string> 12 #include <unordered_map> 13 14 namespace node { 15 namespace crypto { 16 17 // OPENSSL_free is a macro, so we need a wrapper function. 18 struct OpenSSLBufferDeleter { operatorOpenSSLBufferDeleter19 void operator()(char* pointer) const { OPENSSL_free(pointer); } 20 }; 21 using OpenSSLBuffer = std::unique_ptr<char[], OpenSSLBufferDeleter>; 22 23 struct StackOfX509Deleter { operatorStackOfX509Deleter24 void operator()(STACK_OF(X509)* p) const { sk_X509_pop_free(p, X509_free); } 25 }; 26 using StackOfX509 = std::unique_ptr<STACK_OF(X509), StackOfX509Deleter>; 27 28 struct StackOfXASN1Deleter { operatorStackOfXASN1Deleter29 void operator()(STACK_OF(ASN1_OBJECT)* p) const { 30 sk_ASN1_OBJECT_pop_free(p, ASN1_OBJECT_free); 31 } 32 }; 33 using StackOfASN1 = std::unique_ptr<STACK_OF(ASN1_OBJECT), StackOfXASN1Deleter>; 34 35 int SSL_CTX_get_issuer(SSL_CTX* ctx, X509* cert, X509** issuer); 36 37 void LogSecret( 38 const SSLPointer& ssl, 39 const char* name, 40 const unsigned char* secret, 41 size_t secretlen); 42 43 bool SetALPN(const SSLPointer& ssl, const std::string& alpn); 44 45 bool SetALPN(const SSLPointer& ssl, v8::Local<v8::Value> alpn); 46 47 v8::MaybeLocal<v8::Value> GetSSLOCSPResponse( 48 Environment* env, 49 SSL* ssl, 50 v8::Local<v8::Value> default_value); 51 52 bool SetTLSSession( 53 const SSLPointer& ssl, 54 const unsigned char* buf, 55 size_t length); 56 57 bool SetTLSSession( 58 const SSLPointer& ssl, 59 const SSLSessionPointer& session); 60 61 SSLSessionPointer GetTLSSession(v8::Local<v8::Value> val); 62 63 SSLSessionPointer GetTLSSession(const unsigned char* buf, size_t length); 64 65 std::unordered_multimap<std::string, std::string> 66 GetCertificateAltNames(X509* cert); 67 68 std::string GetCertificateCN(X509* cert); 69 70 long VerifyPeerCertificate( // NOLINT(runtime/int) 71 const SSLPointer& ssl, 72 long def = X509_V_ERR_UNSPECIFIED); // NOLINT(runtime/int) 73 74 int UseSNIContext(const SSLPointer& ssl, BaseObjectPtr<SecureContext> context); 75 76 const char* GetClientHelloALPN(const SSLPointer& ssl); 77 78 const char* GetClientHelloServerName(const SSLPointer& ssl); 79 80 const char* GetServerName(SSL* ssl); 81 82 v8::MaybeLocal<v8::Array> GetClientHelloCiphers( 83 Environment* env, 84 const SSLPointer& ssl); 85 86 bool SetGroups(SecureContext* sc, const char* groups); 87 88 const char* X509ErrorCode(long err); // NOLINT(runtime/int) 89 90 v8::MaybeLocal<v8::Value> GetValidationErrorReason(Environment* env, int err); 91 92 v8::MaybeLocal<v8::Value> GetValidationErrorCode(Environment* env, int err); 93 94 v8::MaybeLocal<v8::Value> GetCert(Environment* env, const SSLPointer& ssl); 95 96 v8::MaybeLocal<v8::Value> GetCipherName( 97 Environment* env, 98 const SSLPointer& ssl); 99 100 v8::MaybeLocal<v8::Value> GetCipherStandardName( 101 Environment* env, 102 const SSLPointer& ssl); 103 104 v8::MaybeLocal<v8::Value> GetCipherVersion( 105 Environment* env, 106 const SSLPointer& ssl); 107 108 v8::MaybeLocal<v8::Object> GetCipherInfo( 109 Environment* env, 110 const SSLPointer& ssl); 111 112 v8::MaybeLocal<v8::Object> GetEphemeralKey( 113 Environment* env, 114 const SSLPointer& ssl); 115 116 v8::MaybeLocal<v8::Value> GetPeerCert( 117 Environment* env, 118 const SSLPointer& ssl, 119 bool abbreviated = false, 120 bool is_server = false); 121 122 v8::MaybeLocal<v8::Object> ECPointToBuffer( 123 Environment* env, 124 const EC_GROUP* group, 125 const EC_POINT* point, 126 point_conversion_form_t form, 127 const char** error); 128 129 v8::MaybeLocal<v8::Object> X509ToObject( 130 Environment* env, 131 X509* cert); 132 133 } // namespace crypto 134 } // namespace node 135 136 #endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS 137 138 #endif // SRC_NODE_CRYPTO_COMMON_H_ 139