• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
6 #define NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
7 
8 #include <certt.h>
9 #include <keyt.h>
10 #include <nspr.h>
11 #include <nss.h>
12 
13 #include "base/memory/scoped_ptr.h"
14 #include "net/base/completion_callback.h"
15 #include "net/base/host_port_pair.h"
16 #include "net/base/net_log.h"
17 #include "net/base/nss_memio.h"
18 #include "net/socket/ssl_server_socket.h"
19 #include "net/ssl/ssl_config_service.h"
20 
21 namespace net {
22 
23 class SSLServerSocketNSS : public SSLServerSocket {
24  public:
25   // See comments on CreateSSLServerSocket for details of how these
26   // parameters are used.
27   SSLServerSocketNSS(scoped_ptr<StreamSocket> socket,
28                      scoped_refptr<X509Certificate> certificate,
29                      crypto::RSAPrivateKey* key,
30                      const SSLConfig& ssl_config);
31   virtual ~SSLServerSocketNSS();
32 
33   // SSLServerSocket interface.
34   virtual int Handshake(const CompletionCallback& callback) OVERRIDE;
35 
36   // SSLSocket interface.
37   virtual int ExportKeyingMaterial(const base::StringPiece& label,
38                                    bool has_context,
39                                    const base::StringPiece& context,
40                                    unsigned char* out,
41                                    unsigned int outlen) OVERRIDE;
42   virtual int GetTLSUniqueChannelBinding(std::string* out) OVERRIDE;
43 
44   // Socket interface (via StreamSocket).
45   virtual int Read(IOBuffer* buf, int buf_len,
46                    const CompletionCallback& callback) OVERRIDE;
47   virtual int Write(IOBuffer* buf, int buf_len,
48                     const CompletionCallback& callback) OVERRIDE;
49   virtual int SetReceiveBufferSize(int32 size) OVERRIDE;
50   virtual int SetSendBufferSize(int32 size) OVERRIDE;
51 
52   // StreamSocket implementation.
53   virtual int Connect(const CompletionCallback& callback) OVERRIDE;
54   virtual void Disconnect() OVERRIDE;
55   virtual bool IsConnected() const OVERRIDE;
56   virtual bool IsConnectedAndIdle() const OVERRIDE;
57   virtual int GetPeerAddress(IPEndPoint* address) const OVERRIDE;
58   virtual int GetLocalAddress(IPEndPoint* address) const OVERRIDE;
59   virtual const BoundNetLog& NetLog() const OVERRIDE;
60   virtual void SetSubresourceSpeculation() OVERRIDE;
61   virtual void SetOmniboxSpeculation() OVERRIDE;
62   virtual bool WasEverUsed() const OVERRIDE;
63   virtual bool UsingTCPFastOpen() const OVERRIDE;
64   virtual bool WasNpnNegotiated() const OVERRIDE;
65   virtual NextProto GetNegotiatedProtocol() const OVERRIDE;
66   virtual bool GetSSLInfo(SSLInfo* ssl_info) OVERRIDE;
67 
68  private:
69   enum State {
70     STATE_NONE,
71     STATE_HANDSHAKE,
72   };
73 
74   int InitializeSSLOptions();
75 
76   void OnSendComplete(int result);
77   void OnRecvComplete(int result);
78   void OnHandshakeIOComplete(int result);
79 
80   int BufferSend();
81   void BufferSendComplete(int result);
82   int BufferRecv();
83   void BufferRecvComplete(int result);
84   bool DoTransportIO();
85   int DoPayloadRead();
86   int DoPayloadWrite();
87 
88   int DoHandshakeLoop(int last_io_result);
89   int DoReadLoop(int result);
90   int DoWriteLoop(int result);
91   int DoHandshake();
92   void DoHandshakeCallback(int result);
93   void DoReadCallback(int result);
94   void DoWriteCallback(int result);
95 
96   static SECStatus OwnAuthCertHandler(void* arg,
97                                       PRFileDesc* socket,
98                                       PRBool checksig,
99                                       PRBool is_server);
100   static void HandshakeCallback(PRFileDesc* socket, void* arg);
101 
102   int Init();
103 
104   // Members used to send and receive buffer.
105   bool transport_send_busy_;
106   bool transport_recv_busy_;
107 
108   scoped_refptr<IOBuffer> recv_buffer_;
109 
110   BoundNetLog net_log_;
111 
112   CompletionCallback user_handshake_callback_;
113   CompletionCallback user_read_callback_;
114   CompletionCallback user_write_callback_;
115 
116   // Used by Read function.
117   scoped_refptr<IOBuffer> user_read_buf_;
118   int user_read_buf_len_;
119 
120   // Used by Write function.
121   scoped_refptr<IOBuffer> user_write_buf_;
122   int user_write_buf_len_;
123 
124   // The NSS SSL state machine
125   PRFileDesc* nss_fd_;
126 
127   // Buffers for the network end of the SSL state machine
128   memio_Private* nss_bufs_;
129 
130   // StreamSocket for sending and receiving data.
131   scoped_ptr<StreamSocket> transport_socket_;
132 
133   // Options for the SSL socket.
134   SSLConfig ssl_config_;
135 
136   // Certificate for the server.
137   scoped_refptr<X509Certificate> cert_;
138 
139   // Private key used by the server.
140   scoped_ptr<crypto::RSAPrivateKey> key_;
141 
142   State next_handshake_state_;
143   bool completed_handshake_;
144 
145   DISALLOW_COPY_AND_ASSIGN(SSLServerSocketNSS);
146 };
147 
148 }  // namespace net
149 
150 #endif  // NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
151