net/socket/ssl_server_socket_nss.h

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
   6 #define NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_
   7 #pragma once
   8
   9 #include <certt.h>
  10 #include <keyt.h>
  11 #include <nspr.h>
  12 #include <nss.h>
  13
  14 #include "base/memory/scoped_ptr.h"
  15 #include "net/base/completion_callback.h"
  16 #include "net/base/host_port_pair.h"
  17 #include "net/base/net_log.h"
  18 #include "net/base/nss_memio.h"
  19 #include "net/base/ssl_config_service.h"
  20 #include "net/socket/ssl_server_socket.h"
  21
  22 namespace net {
  23
  24 class SSLServerSocketNSS : public SSLServerSocket {
  25  public:
  26   // See comments on CreateSSLServerSocket for details of how these
  27   // parameters are used.
  28   SSLServerSocketNSS(StreamSocket* socket,
  29                      scoped_refptr<X509Certificate> certificate,
  30                      crypto::RSAPrivateKey* key,
  31                      const SSLConfig& ssl_config);
  32   virtual ~SSLServerSocketNSS();
  33
  34   // SSLServerSocket interface.
  35   virtual int Handshake(const CompletionCallback& callback) OVERRIDE;
  36   virtual int ExportKeyingMaterial(const base::StringPiece& label,
  37                                    bool has_context,
  38                                    const base::StringPiece& context,
  39                                    unsigned char* out,
  40                                    unsigned int outlen) OVERRIDE;
  41
  42   // Socket interface (via StreamSocket).
  43   virtual int Read(IOBuffer* buf, int buf_len,
  44                    const CompletionCallback& callback) OVERRIDE;
  45   virtual int Write(IOBuffer* buf, int buf_len,
  46                     const CompletionCallback& callback) OVERRIDE;
  47   virtual bool SetReceiveBufferSize(int32 size) OVERRIDE;
  48   virtual bool SetSendBufferSize(int32 size) OVERRIDE;
  49
  50   // StreamSocket implementation.
  51   virtual int Connect(const CompletionCallback& callback) OVERRIDE;
  52   virtual void Disconnect() OVERRIDE;
  53   virtual bool IsConnected() const OVERRIDE;
  54   virtual bool IsConnectedAndIdle() const OVERRIDE;
  55   virtual int GetPeerAddress(IPEndPoint* address) const OVERRIDE;
  56   virtual int GetLocalAddress(IPEndPoint* address) const OVERRIDE;
  57   virtual const BoundNetLog& NetLog() const OVERRIDE;
  58   virtual void SetSubresourceSpeculation() OVERRIDE;
  59   virtual void SetOmniboxSpeculation() OVERRIDE;
  60   virtual bool WasEverUsed() const OVERRIDE;
  61   virtual bool UsingTCPFastOpen() const OVERRIDE;
  62   virtual int64 NumBytesRead() const OVERRIDE;
  63   virtual base::TimeDelta GetConnectTimeMicros() const OVERRIDE;
  64   virtual NextProto GetNegotiatedProtocol() const OVERRIDE;
  65
  66  private:
  67   enum State {
  68     STATE_NONE,
  69     STATE_HANDSHAKE,
  70   };
  71
  72   int InitializeSSLOptions();
  73
  74   void OnSendComplete(int result);
  75   void OnRecvComplete(int result);
  76   void OnHandshakeIOComplete(int result);
  77
  78   int BufferSend();
  79   void BufferSendComplete(int result);
  80   int BufferRecv();
  81   void BufferRecvComplete(int result);
  82   bool DoTransportIO();
  83   int DoPayloadRead();
  84   int DoPayloadWrite();
  85
  86   int DoHandshakeLoop(int last_io_result);
  87   int DoReadLoop(int result);
  88   int DoWriteLoop(int result);
  89   int DoHandshake();
  90   void DoHandshakeCallback(int result);
  91   void DoReadCallback(int result);
  92   void DoWriteCallback(int result);
  93
  94   static SECStatus OwnAuthCertHandler(void* arg,
  95                                       PRFileDesc* socket,
  96                                       PRBool checksig,
  97                                       PRBool is_server);
  98   static void HandshakeCallback(PRFileDesc* socket, void* arg);
  99
 100   virtual int Init();
 101
 102   // Members used to send and receive buffer.
 103   bool transport_send_busy_;
 104   bool transport_recv_busy_;
 105
 106   scoped_refptr<IOBuffer> recv_buffer_;
 107
 108   BoundNetLog net_log_;
 109
 110   CompletionCallback user_handshake_callback_;
 111   CompletionCallback user_read_callback_;
 112   CompletionCallback user_write_callback_;
 113
 114   // Used by Read function.
 115   scoped_refptr<IOBuffer> user_read_buf_;
 116   int user_read_buf_len_;
 117
 118   // Used by Write function.
 119   scoped_refptr<IOBuffer> user_write_buf_;
 120   int user_write_buf_len_;
 121
 122   // The NSS SSL state machine
 123   PRFileDesc* nss_fd_;
 124
 125   // Buffers for the network end of the SSL state machine
 126   memio_Private* nss_bufs_;
 127
 128   // StreamSocket for sending and receiving data.
 129   scoped_ptr<StreamSocket> transport_socket_;
 130
 131   // Options for the SSL socket.
 132   SSLConfig ssl_config_;
 133
 134   // Certificate for the server.
 135   scoped_refptr<X509Certificate> cert_;
 136
 137   // Private key used by the server.
 138   scoped_ptr<crypto::RSAPrivateKey> key_;
 139
 140   State next_handshake_state_;
 141   bool completed_handshake_;
 142
 143   DISALLOW_COPY_AND_ASSIGN(SSLServerSocketNSS);
 144 };
 145
 146 }  // namespace net
 147
 148 #endif  // NET_SOCKET_SSL_SERVER_SOCKET_NSS_H_