1 |
|
|
#ifndef SRC_CRYPTO_CRYPTO_COMMON_H_ |
2 |
|
|
#define SRC_CRYPTO_CRYPTO_COMMON_H_ |
3 |
|
|
|
4 |
|
|
#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS |
5 |
|
|
|
6 |
|
|
#include "node_crypto.h" |
7 |
|
|
#include "v8.h" |
8 |
|
|
#include <openssl/ssl.h> |
9 |
|
|
#include <openssl/x509v3.h> |
10 |
|
|
|
11 |
|
|
#include <string> |
12 |
|
|
#include <unordered_map> |
13 |
|
|
|
14 |
|
|
namespace node { |
15 |
|
|
namespace crypto { |
16 |
|
|
|
17 |
|
|
struct StackOfX509Deleter { |
18 |
|
1275 |
void operator()(STACK_OF(X509)* p) const { sk_X509_pop_free(p, X509_free); } |
19 |
|
|
}; |
20 |
|
|
using StackOfX509 = std::unique_ptr<STACK_OF(X509), StackOfX509Deleter>; |
21 |
|
|
|
22 |
|
|
struct StackOfXASN1Deleter { |
23 |
|
9 |
void operator()(STACK_OF(ASN1_OBJECT)* p) const { |
24 |
|
9 |
sk_ASN1_OBJECT_pop_free(p, ASN1_OBJECT_free); |
25 |
|
9 |
} |
26 |
|
|
}; |
27 |
|
|
using StackOfASN1 = std::unique_ptr<STACK_OF(ASN1_OBJECT), StackOfXASN1Deleter>; |
28 |
|
|
|
29 |
|
|
int SSL_CTX_get_issuer(SSL_CTX* ctx, X509* cert, X509** issuer); |
30 |
|
|
|
31 |
|
|
void LogSecret( |
32 |
|
|
const SSLPointer& ssl, |
33 |
|
|
const char* name, |
34 |
|
|
const unsigned char* secret, |
35 |
|
|
size_t secretlen); |
36 |
|
|
|
37 |
|
|
bool SetALPN(const SSLPointer& ssl, const std::string& alpn); |
38 |
|
|
|
39 |
|
|
bool SetALPN(const SSLPointer& ssl, v8::Local<v8::Value> alpn); |
40 |
|
|
|
41 |
|
|
v8::MaybeLocal<v8::Value> GetSSLOCSPResponse( |
42 |
|
|
Environment* env, |
43 |
|
|
SSL* ssl, |
44 |
|
|
v8::Local<v8::Value> default_value); |
45 |
|
|
|
46 |
|
|
bool SetTLSSession( |
47 |
|
|
const SSLPointer& ssl, |
48 |
|
|
const unsigned char* buf, |
49 |
|
|
size_t length); |
50 |
|
|
|
51 |
|
|
bool SetTLSSession( |
52 |
|
|
const SSLPointer& ssl, |
53 |
|
|
const SSLSessionPointer& session); |
54 |
|
|
|
55 |
|
|
SSLSessionPointer GetTLSSession(v8::Local<v8::Value> val); |
56 |
|
|
|
57 |
|
|
SSLSessionPointer GetTLSSession(const unsigned char* buf, size_t length); |
58 |
|
|
|
59 |
|
|
std::unordered_multimap<std::string, std::string> |
60 |
|
|
GetCertificateAltNames(X509* cert); |
61 |
|
|
|
62 |
|
|
std::string GetCertificateCN(X509* cert); |
63 |
|
|
|
64 |
|
|
long VerifyPeerCertificate( // NOLINT(runtime/int) |
65 |
|
|
const SSLPointer& ssl, |
66 |
|
|
long def = X509_V_ERR_UNSPECIFIED); // NOLINT(runtime/int) |
67 |
|
|
|
68 |
|
|
int UseSNIContext(const SSLPointer& ssl, BaseObjectPtr<SecureContext> context); |
69 |
|
|
|
70 |
|
|
const char* GetClientHelloALPN(const SSLPointer& ssl); |
71 |
|
|
|
72 |
|
|
const char* GetClientHelloServerName(const SSLPointer& ssl); |
73 |
|
|
|
74 |
|
|
const char* GetServerName(SSL* ssl); |
75 |
|
|
|
76 |
|
|
v8::MaybeLocal<v8::Array> GetClientHelloCiphers( |
77 |
|
|
Environment* env, |
78 |
|
|
const SSLPointer& ssl); |
79 |
|
|
|
80 |
|
|
bool SetGroups(SecureContext* sc, const char* groups); |
81 |
|
|
|
82 |
|
|
const char* X509ErrorCode(long err); // NOLINT(runtime/int) |
83 |
|
|
|
84 |
|
|
v8::MaybeLocal<v8::Value> GetValidationErrorReason(Environment* env, int err); |
85 |
|
|
|
86 |
|
|
v8::MaybeLocal<v8::Value> GetValidationErrorCode(Environment* env, int err); |
87 |
|
|
|
88 |
|
|
v8::MaybeLocal<v8::Value> GetCert(Environment* env, const SSLPointer& ssl); |
89 |
|
|
|
90 |
|
|
v8::MaybeLocal<v8::Value> GetCipherName( |
91 |
|
|
Environment* env, |
92 |
|
|
const SSLPointer& ssl); |
93 |
|
|
|
94 |
|
|
v8::MaybeLocal<v8::Value> GetCipherStandardName( |
95 |
|
|
Environment* env, |
96 |
|
|
const SSLPointer& ssl); |
97 |
|
|
|
98 |
|
|
v8::MaybeLocal<v8::Value> GetCipherVersion( |
99 |
|
|
Environment* env, |
100 |
|
|
const SSLPointer& ssl); |
101 |
|
|
|
102 |
|
|
v8::MaybeLocal<v8::Object> GetCipherInfo( |
103 |
|
|
Environment* env, |
104 |
|
|
const SSLPointer& ssl); |
105 |
|
|
|
106 |
|
|
v8::MaybeLocal<v8::Object> GetEphemeralKey( |
107 |
|
|
Environment* env, |
108 |
|
|
const SSLPointer& ssl); |
109 |
|
|
|
110 |
|
|
v8::MaybeLocal<v8::Value> GetPeerCert( |
111 |
|
|
Environment* env, |
112 |
|
|
const SSLPointer& ssl, |
113 |
|
|
bool abbreviated = false, |
114 |
|
|
bool is_server = false); |
115 |
|
|
|
116 |
|
|
v8::MaybeLocal<v8::Object> ECPointToBuffer( |
117 |
|
|
Environment* env, |
118 |
|
|
const EC_GROUP* group, |
119 |
|
|
const EC_POINT* point, |
120 |
|
|
point_conversion_form_t form, |
121 |
|
|
const char** error); |
122 |
|
|
|
123 |
|
|
v8::MaybeLocal<v8::Object> X509ToObject( |
124 |
|
|
Environment* env, |
125 |
|
|
X509* cert); |
126 |
|
|
|
127 |
|
|
v8::MaybeLocal<v8::Value> GetValidTo( |
128 |
|
|
Environment* env, |
129 |
|
|
X509* cert, |
130 |
|
|
const BIOPointer& bio); |
131 |
|
|
|
132 |
|
|
v8::MaybeLocal<v8::Value> GetValidFrom( |
133 |
|
|
Environment* env, |
134 |
|
|
X509* cert, |
135 |
|
|
const BIOPointer& bio); |
136 |
|
|
|
137 |
|
|
v8::MaybeLocal<v8::Value> GetFingerprintDigest( |
138 |
|
|
Environment* env, |
139 |
|
|
const EVP_MD* method, |
140 |
|
|
X509* cert); |
141 |
|
|
|
142 |
|
|
v8::MaybeLocal<v8::Value> GetKeyUsage(Environment* env, X509* cert); |
143 |
|
|
|
144 |
|
|
v8::MaybeLocal<v8::Value> GetSerialNumber(Environment* env, X509* cert); |
145 |
|
|
|
146 |
|
|
v8::MaybeLocal<v8::Object> GetRawDERCertificate(Environment* env, X509* cert); |
147 |
|
|
|
148 |
|
|
v8::Local<v8::Value> ToV8Value(Environment* env, const BIOPointer& bio); |
149 |
|
|
bool SafeX509ExtPrint(const BIOPointer& out, X509_EXTENSION* ext); |
150 |
|
|
|
151 |
|
|
v8::MaybeLocal<v8::Value> GetSubject( |
152 |
|
|
Environment* env, |
153 |
|
|
const BIOPointer& bio, |
154 |
|
|
X509* cert); |
155 |
|
|
|
156 |
|
|
v8::MaybeLocal<v8::Value> GetIssuerString( |
157 |
|
|
Environment* env, |
158 |
|
|
const BIOPointer& bio, |
159 |
|
|
X509* cert); |
160 |
|
|
|
161 |
|
|
template <int nid> |
162 |
|
4616 |
v8::MaybeLocal<v8::Value> GetInfoString( |
163 |
|
|
Environment* env, |
164 |
|
|
const BIOPointer& bio, |
165 |
|
|
X509* cert) { |
166 |
|
2308 |
int index = X509_get_ext_by_NID(cert, nid, -1); |
167 |
✓✓✓✓
|
2308 |
if (index < 0) |
168 |
|
4464 |
return Undefined(env->isolate()); |
169 |
|
|
|
170 |
|
76 |
X509_EXTENSION* ext = X509_get_ext(cert, index); |
171 |
✗✓✗✓
|
76 |
CHECK_NOT_NULL(ext); |
172 |
|
|
|
173 |
✓✗✗✓
✗✓✗✓
✗✗✗✓
|
146 |
if (!SafeX509ExtPrint(bio, ext) && |
174 |
|
70 |
X509V3_EXT_print(bio.get(), ext, 0, 0) != 1) { |
175 |
|
|
USE(BIO_reset(bio.get())); |
176 |
|
|
return v8::Null(env->isolate()); |
177 |
|
|
} |
178 |
|
|
|
179 |
|
152 |
return ToV8Value(env, bio); |
180 |
|
|
} |
181 |
|
|
|
182 |
|
|
} // namespace crypto |
183 |
|
|
} // namespace node |
184 |
|
|
|
185 |
|
|
#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS |
186 |
|
|
|
187 |
|
|
#endif // SRC_CRYPTO_CRYPTO_COMMON_H_ |