blob: ee1b18c6a9bcdbcfe759ab0a1c32f06015e735ae [file] [log] [blame]
[email protected]61f3ddf2012-02-08 02:45:391// Copyright (c) 2012 The Chromium Authors. All rights reserved.
[email protected]d518cd92010-09-29 12:27:442// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
svaldeze83af292016-04-26 14:33:375#ifndef NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_
6#define NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_
[email protected]d518cd92010-09-29 12:27:447
Avi Drissman13fc8932015-12-20 04:40:468#include <stddef.h>
tbansalf82cc8e2015-10-14 20:05:499#include <stdint.h>
davidben1d489522015-07-01 18:48:4610
danakj655b66c2016-04-16 00:51:3811#include <memory>
[email protected]ea4a1c6a2010-12-09 13:33:2812#include <string>
davidben1d489522015-07-01 18:48:4613#include <vector>
[email protected]ea4a1c6a2010-12-09 13:33:2814
nharperb7441ef2016-01-25 23:54:1415#include "base/compiler_specific.h"
16#include "base/containers/mru_cache.h"
David Benjamine34d74242017-06-29 20:35:1617#include "base/macros.h"
davidben2a811e4e2015-12-01 10:49:3418#include "base/memory/ref_counted.h"
[email protected]be90ba32013-05-13 20:05:2519#include "base/memory/weak_ptr.h"
[email protected]d518cd92010-09-29 12:27:4420#include "net/base/completion_callback.h"
21#include "net/base/io_buffer.h"
eroman7f9236a2015-05-11 21:23:4322#include "net/cert/cert_verifier.h"
[email protected]6e7845ae2013-03-29 21:48:1123#include "net/cert/cert_verify_result.h"
davidbeneb5f8ef32014-09-04 14:14:3224#include "net/cert/ct_verify_result.h"
mikecironef22f9812016-10-04 03:40:1925#include "net/log/net_log_with_source.h"
[email protected]d518cd92010-09-29 12:27:4426#include "net/socket/client_socket_handle.h"
bnc3472afd2016-11-17 15:27:2127#include "net/socket/next_proto.h"
davidben3418e81f2016-10-19 00:09:4528#include "net/socket/socket_bio_adapter.h"
[email protected]536fd0b2013-03-14 17:41:5729#include "net/socket/ssl_client_socket.h"
davidbenb8c23212014-10-28 00:12:1630#include "net/ssl/openssl_ssl_util.h"
[email protected]c0787702014-05-20 21:51:4431#include "net/ssl/ssl_client_cert_type.h"
Ryan Sleevib369d712018-08-20 16:43:2232#include "net/ssl/ssl_config.h"
[email protected]a2b2cfc2017-12-06 09:06:0833#include "net/traffic_annotation/network_traffic_annotation.h"
tfarinae8cb8aa2016-10-21 02:44:0134#include "third_party/boringssl/src/include/openssl/base.h"
35#include "third_party/boringssl/src/include/openssl/ssl.h"
[email protected]d518cd92010-09-29 12:27:4436
davidben2a811e4e2015-12-01 10:49:3437namespace base {
xunjieli9f8c5fb52016-12-07 22:59:3338namespace trace_event {
39class ProcessMemoryDump;
40}
davidben2a811e4e2015-12-01 10:49:3441}
42
davidbenfe132d92016-09-27 18:07:2143namespace crypto {
44class OpenSSLErrStackTracer;
45}
46
[email protected]d518cd92010-09-29 12:27:4447namespace net {
48
[email protected]170e76c2010-10-04 15:04:2049class CertVerifier;
davidbeneb5f8ef32014-09-04 14:14:3250class CTVerifier;
[email protected]d518cd92010-09-29 12:27:4451class SSLCertRequestInfo;
[email protected]d518cd92010-09-29 12:27:4452class SSLInfo;
David Benjaminbd37c172018-07-11 17:24:5753class SSLKeyLogger;
[email protected]d518cd92010-09-29 12:27:4454
davidben3418e81f2016-10-19 00:09:4555class SSLClientSocketImpl : public SSLClientSocket,
56 public SocketBIOAdapter::Delegate {
[email protected]d518cd92010-09-29 12:27:4457 public:
58 // Takes ownership of the transport_socket, which may already be connected.
59 // The given hostname will be compared with the name(s) in the server's
60 // certificate during the SSL handshake. ssl_config specifies the SSL
61 // settings.
svaldeze83af292016-04-26 14:33:3762 SSLClientSocketImpl(std::unique_ptr<ClientSocketHandle> transport_socket,
63 const HostPortPair& host_and_port,
64 const SSLConfig& ssl_config,
65 const SSLClientSocketContext& context);
66 ~SSLClientSocketImpl() override;
[email protected]d518cd92010-09-29 12:27:4467
[email protected]fbef13932010-11-23 12:38:5368 const HostPortPair& host_and_port() const { return host_and_port_; }
[email protected]c3456bb2011-12-12 22:22:1969 const std::string& ssl_session_cache_shard() const {
70 return ssl_session_cache_shard_;
71 }
[email protected]fbef13932010-11-23 12:38:5372
David Benjaminbd37c172018-07-11 17:24:5773 // Log SSL key material to |logger|. Must be called before any
74 // SSLClientSockets are created.
75 static void SetSSLKeyLogger(std::unique_ptr<SSLKeyLogger> logger);
zhongyi81f85c6d92015-10-16 19:34:1476
[email protected]81ec7c12012-07-31 18:32:1977 // SSLSocket implementation.
dchengb03027d2014-10-21 12:00:2078 int ExportKeyingMaterial(const base::StringPiece& label,
79 bool has_context,
80 const base::StringPiece& context,
81 unsigned char* out,
82 unsigned int outlen) override;
[email protected]d518cd92010-09-29 12:27:4483
[email protected]dbf036f2011-12-06 23:33:2484 // StreamSocket implementation.
Brad Lassey3a814172018-04-26 03:30:2185 int Connect(CompletionOnceCallback callback) override;
dchengb03027d2014-10-21 12:00:2086 void Disconnect() override;
Steven Valdez6af02df2018-07-15 21:52:3387 int ConfirmHandshake(CompletionOnceCallback callback) override;
dchengb03027d2014-10-21 12:00:2088 bool IsConnected() const override;
89 bool IsConnectedAndIdle() const override;
90 int GetPeerAddress(IPEndPoint* address) const override;
91 int GetLocalAddress(IPEndPoint* address) const override;
tfarina428341112016-09-22 13:38:2092 const NetLogWithSource& NetLog() const override;
dchengb03027d2014-10-21 12:00:2093 bool WasEverUsed() const override;
tfarina2846404c2016-12-25 14:31:3794 bool WasAlpnNegotiated() const override;
bnc3cf2a592016-08-11 14:48:3695 NextProto GetNegotiatedProtocol() const override;
dchengb03027d2014-10-21 12:00:2096 bool GetSSLInfo(SSLInfo* ssl_info) override;
ttuttle23fdb7b2015-05-15 01:28:0397 void GetConnectionAttempts(ConnectionAttempts* out) const override;
98 void ClearConnectionAttempts() override {}
99 void AddConnectionAttempts(const ConnectionAttempts& attempts) override {}
tbansalf82cc8e2015-10-14 20:05:49100 int64_t GetTotalReceivedBytes() const override;
xunjieli998d2472017-01-12 01:12:28101 void DumpMemoryStats(SocketMemoryStats* stats) const override;
Bence Békydae8af5f2018-04-13 08:53:17102 void GetSSLCertRequestInfo(
103 SSLCertRequestInfo* cert_request_info) const override;
Bence Békydae8af5f2018-04-13 08:53:17104
Paul Jensen0f49dec2017-12-12 23:39:58105 void ApplySocketTag(const SocketTag& tag) override;
xunjieli9f8c5fb52016-12-07 22:59:33106
107 // Dumps memory allocation stats. |pmd| is the browser process memory dump.
108 static void DumpSSLClientSessionMemoryStats(
109 base::trace_event::ProcessMemoryDump* pmd);
[email protected]d518cd92010-09-29 12:27:44110
[email protected]dbf036f2011-12-06 23:33:24111 // Socket implementation.
dchengb03027d2014-10-21 12:00:20112 int Read(IOBuffer* buf,
113 int buf_len,
Brad Lassey3a814172018-04-26 03:30:21114 CompletionOnceCallback callback) override;
xunjieli321a96f32017-03-07 19:42:17115 int ReadIfReady(IOBuffer* buf,
116 int buf_len,
Brad Lassey3a814172018-04-26 03:30:21117 CompletionOnceCallback callback) override;
Helen Li5f3d96a2018-08-10 20:37:24118 int CancelReadIfReady() override;
dchengb03027d2014-10-21 12:00:20119 int Write(IOBuffer* buf,
120 int buf_len,
Brad Lassey3a814172018-04-26 03:30:21121 CompletionOnceCallback callback,
[email protected]578968d42017-12-13 15:39:32122 const NetworkTrafficAnnotationTag& traffic_annotation) override;
Avi Drissman13fc8932015-12-20 04:40:46123 int SetReceiveBufferSize(int32_t size) override;
124 int SetSendBufferSize(int32_t size) override;
[email protected]d518cd92010-09-29 12:27:44125
davidben3418e81f2016-10-19 00:09:45126 // SocketBIOAdapter implementation:
127 void OnReadReady() override;
128 void OnWriteReady() override;
129
[email protected]d518cd92010-09-29 12:27:44130 private:
[email protected]7f38da8a2014-03-17 16:44:26131 class PeerCertificateChain;
[email protected]821e3bb2013-11-08 01:06:01132 class SSLContext;
133 friend class SSLClientSocket;
134 friend class SSLContext;
135
[email protected]c8a80e92014-05-17 16:02:08136 int Init();
[email protected]d518cd92010-09-29 12:27:44137 void DoReadCallback(int result);
138 void DoWriteCallback(int result);
139
[email protected]d518cd92010-09-29 12:27:44140 int DoHandshake();
davidbenc4212c02015-05-12 22:30:18141 int DoHandshakeComplete(int result);
[email protected]d518cd92010-09-29 12:27:44142 void DoConnectCallback(int result);
143
Jesse Selover94c9a942019-01-16 01:18:04144 void OnVerifyComplete(int result);
[email protected]d518cd92010-09-29 12:27:44145 void OnHandshakeIOComplete(int result);
[email protected]d518cd92010-09-29 12:27:44146
147 int DoHandshakeLoop(int last_io_result);
xunjieli321a96f32017-03-07 19:42:17148 int DoPayloadRead(IOBuffer* buf, int buf_len);
[email protected]d518cd92010-09-29 12:27:44149 int DoPayloadWrite();
150
davidben1d489522015-07-01 18:48:46151 // Called when an asynchronous event completes which may have blocked the
davidben3418e81f2016-10-19 00:09:45152 // pending Connect, Read or Write calls, if any. Retries all state machines
153 // and, if complete, runs the respective callbacks.
154 void RetryAllOperations();
davidben1d489522015-07-01 18:48:46155
Jesse Selover94c9a942019-01-16 01:18:04156 // Callback from the SSL layer when a certificate needs to be verified. This
157 // is called when establishing new (fresh) connections and when evaluating
158 // whether an existing session can be resumed.
159 static ssl_verify_result_t VerifyCertCallback(SSL* ssl, uint8_t* out_alert);
160 ssl_verify_result_t VerifyCert();
161 ssl_verify_result_t HandleVerifyResult();
rsleevi4a6ca8c2016-06-24 03:05:22162 int VerifyCT();
[email protected]d518cd92010-09-29 12:27:44163
[email protected]821e3bb2013-11-08 01:06:01164 // Callback from the SSL layer that indicates the remote server is requesting
165 // a certificate for this client.
[email protected]82c59022014-08-15 09:38:27166 int ClientCertRequestCallback(SSL* ssl);
[email protected]821e3bb2013-11-08 01:06:01167
davidben44aeae62015-06-24 20:47:43168 // Called from the SSL layer whenever a new session is established.
169 int NewSessionCallback(SSL_SESSION* session);
davidbendafe4e52015-04-08 22:53:52170
estark723b5eeb2016-02-18 21:01:12171 // Adds the Certificate Transparency info from ct_verify_result_ to
172 // |ssl_info|.
davidbeneb5f8ef32014-09-04 14:14:32173 // SCTs are held in three separate vectors in ct_verify_result, each
174 // vetor representing a particular verification state, this method associates
175 // each of the SCTs with the corresponding SCTVerifyStatus as it adds it to
176 // the |ssl_info|.signed_certificate_timestamps list.
estark723b5eeb2016-02-18 21:01:12177 void AddCTInfoToSSLInfo(SSLInfo* ssl_info) const;
davidbeneb5f8ef32014-09-04 14:14:32178
David Benjaminb3840f42017-08-03 15:50:16179 // Returns a unique key string for the SSL session cache for this socket. This
180 // must not be called if |ssl_session_cache_shard_| is empty.
rsleevif020edc2015-03-16 19:31:24181 std::string GetSessionCacheKey() const;
182
davidben421116c2015-05-12 19:56:51183 // Returns true if renegotiations are allowed.
184 bool IsRenegotiationAllowed() const;
185
davidben1d489522015-07-01 18:48:46186 // Callbacks for operations with the private key.
David Benjaminb9bafbe2017-11-07 21:41:38187 ssl_private_key_result_t PrivateKeySignCallback(uint8_t* out,
188 size_t* out_len,
189 size_t max_out,
190 uint16_t algorithm,
191 const uint8_t* in,
192 size_t in_len);
davidben0bca07fd2016-07-18 15:12:03193 ssl_private_key_result_t PrivateKeyCompleteCallback(uint8_t* out,
194 size_t* out_len,
195 size_t max_out);
davidben1d489522015-07-01 18:48:46196
davidben0bca07fd2016-07-18 15:12:03197 void OnPrivateKeyComplete(Error error, const std::vector<uint8_t>& signature);
davidben1d489522015-07-01 18:48:46198
David Benjamin7a8e4dfa2018-06-12 23:07:21199 // Called from the BoringSSL info callback. (See |SSL_CTX_set_info_callback|.)
200 void InfoCallback(int type, int value);
201
davidbencef9e212017-04-19 15:00:10202 // Called whenever BoringSSL processes a protocol message.
203 void MessageCallback(int is_write,
204 int content_type,
205 const void* buf,
206 size_t len);
207
davidben281d13f02016-04-27 20:43:28208 void LogConnectEndEvent(int rv);
209
bncbd442c22016-09-14 20:49:16210 // Record whether ALPN was used, and if so, the negotiated protocol,
211 // in a UMA histogram.
212 void RecordNegotiatedProtocol() const;
bnc3cf2a592016-08-11 14:48:36213
davidbenfe132d92016-09-27 18:07:21214 // Returns the net error corresponding to the most recent OpenSSL
215 // error. ssl_error is the output of SSL_get_error.
216 int MapLastOpenSSLError(int ssl_error,
217 const crypto::OpenSSLErrStackTracer& tracer,
218 OpenSSLErrorInfo* info);
219
Brad Lassey3a814172018-04-26 03:30:21220 CompletionOnceCallback user_connect_callback_;
221 CompletionOnceCallback user_read_callback_;
222 CompletionOnceCallback user_write_callback_;
[email protected]d518cd92010-09-29 12:27:44223
224 // Used by Read function.
225 scoped_refptr<IOBuffer> user_read_buf_;
226 int user_read_buf_len_;
227
228 // Used by Write function.
229 scoped_refptr<IOBuffer> user_write_buf_;
230 int user_write_buf_len_;
Adam Langley68df3af2019-01-19 00:37:10231 bool first_post_handshake_write_ = true;
[email protected]d518cd92010-09-29 12:27:44232
[email protected]4b768562013-02-16 04:10:07233 // Used by DoPayloadRead() when attempting to fill the caller's buffer with
234 // as much data as possible without blocking.
235 // If DoPayloadRead() encounters an error after having read some data, stores
236 // the result to return on the *next* call to DoPayloadRead(). A value > 0
237 // indicates there is no pending result, otherwise 0 indicates EOF and < 0
238 // indicates an error.
239 int pending_read_error_;
240
davidbenb8c23212014-10-28 00:12:16241 // If there is a pending read result, the OpenSSL result code (output of
242 // SSL_get_error) associated with it.
243 int pending_read_ssl_error_;
244
245 // If there is a pending read result, the OpenSSLErrorInfo associated with it.
246 OpenSSLErrorInfo pending_read_error_info_;
247
[email protected]64b5c892014-08-08 09:39:26248 // Set when Connect finishes.
[email protected]170e76c2010-10-04 15:04:20249 scoped_refptr<X509Certificate> server_cert_;
250 CertVerifyResult server_cert_verify_result_;
[email protected]64b5c892014-08-08 09:39:26251 bool completed_connect_;
[email protected]170e76c2010-10-04 15:04:20252
[email protected]0dc88b32014-03-26 20:12:28253 // Set when Read() or Write() successfully reads or writes data to or from the
254 // network.
255 bool was_ever_used_;
256
[email protected]822581d2010-12-16 17:27:15257 CertVerifier* const cert_verifier_;
danakj655b66c2016-04-16 00:51:38258 std::unique_ptr<CertVerifier::Request> cert_verifier_request_;
davidben09c3d072014-08-25 20:33:58259 base::TimeTicks start_cert_verification_time_;
[email protected]170e76c2010-10-04 15:04:20260
Jesse Selover94c9a942019-01-16 01:18:04261 // Result from Cert Verifier.
262 int cert_verification_result_;
263
davidbeneb5f8ef32014-09-04 14:14:32264 // Certificate Transparency: Verifier and result holder.
265 ct::CTVerifyResult ct_verify_result_;
266 CTVerifier* cert_transparency_verifier_;
267
[email protected]d518cd92010-09-29 12:27:44268 // OpenSSL stuff
davidbend80c12c2016-10-11 00:13:49269 bssl::UniquePtr<SSL> ssl_;
[email protected]d518cd92010-09-29 12:27:44270
danakj655b66c2016-04-16 00:51:38271 std::unique_ptr<ClientSocketHandle> transport_;
davidben3418e81f2016-10-19 00:09:45272 std::unique_ptr<SocketBIOAdapter> transport_adapter_;
[email protected]055d7f22010-11-15 12:03:12273 const HostPortPair host_and_port_;
[email protected]d518cd92010-09-29 12:27:44274 SSLConfig ssl_config_;
[email protected]c3456bb2011-12-12 22:22:19275 // ssl_session_cache_shard_ is an opaque string that partitions the SSL
276 // session cache. i.e. sessions created with one value will not attempt to
277 // resume on the socket with a different value.
278 const std::string ssl_session_cache_shard_;
[email protected]d518cd92010-09-29 12:27:44279
[email protected]d518cd92010-09-29 12:27:44280 enum State {
281 STATE_NONE,
282 STATE_HANDSHAKE,
davidbenc4212c02015-05-12 22:30:18283 STATE_HANDSHAKE_COMPLETE,
[email protected]d518cd92010-09-29 12:27:44284 };
285 State next_handshake_state_;
svaldez4af14d22015-08-20 13:48:24286
Steven Valdez6af02df2018-07-15 21:52:33287 // True if we are currently confirming the handshake.
288 bool in_confirm_handshake_;
289
svaldez4af14d22015-08-20 13:48:24290 // True if the socket has been disconnected.
291 bool disconnected_;
292
bnc3cf2a592016-08-11 14:48:36293 NextProto negotiated_protocol_;
davidbenfe132d92016-09-27 18:07:21294 // Set to true if a CertificateRequest was received.
295 bool certificate_requested_;
[email protected]8bd4e7a2014-08-09 14:49:17296
davidben1d489522015-07-01 18:48:46297 int signature_result_;
298 std::vector<uint8_t> signature_;
299
[email protected]8bd4e7a2014-08-09 14:49:17300 TransportSecurityState* transport_security_state_;
301
estark6f9b3d82016-01-12 21:37:05302 CTPolicyEnforcer* const policy_enforcer_;
eranm6571b2b2014-12-03 15:53:23303
[email protected]8bd4e7a2014-08-09 14:49:17304 // pinning_failure_log contains a message produced by
305 // TransportSecurityState::CheckPublicKeyPins in the event of a
306 // pinning failure. It is a (somewhat) human-readable string.
307 std::string pinning_failure_log_;
308
dadriandf302c42016-06-10 18:48:59309 // True if PKP is bypassed due to a local trust anchor.
310 bool pkp_bypassed_;
311
Carlos IL81133382017-12-06 17:18:45312 // True if there was a certificate error which should be treated as fatal,
313 // and false otherwise.
314 bool is_fatal_cert_error_;
315
tfarina428341112016-09-22 13:38:20316 NetLogWithSource net_log_;
svaldeze83af292016-04-26 14:33:37317 base::WeakPtrFactory<SSLClientSocketImpl> weak_factory_;
David Benjamine34d74242017-06-29 20:35:16318
319 DISALLOW_COPY_AND_ASSIGN(SSLClientSocketImpl);
[email protected]d518cd92010-09-29 12:27:44320};
321
322} // namespace net
323
svaldeze83af292016-04-26 14:33:37324#endif // NET_SOCKET_SSL_CLIENT_SOCKET_IMPL_H_