proxygen
OpenSSLUtils.h
Go to the documentation of this file.
1 /*
2  * Copyright 2016-present Facebook, Inc.
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 #pragma once
17 
18 #include <folly/Range.h>
19 #include <folly/portability/OpenSSL.h>
20 #include <folly/portability/Sockets.h>
21 #include <folly/ssl/OpenSSLPtrTypes.h>
22 
23 namespace folly {
24 namespace ssl {
25 
26 class OpenSSLUtils {
27  public:
28  /*
29  * Get the TLS Session Master Key used to generate the TLS key material
30  *
31  * @param session ssl session
32  * @param keyOut destination for the master key, the buffer must be at least
33  * 48 bytes
34  * @return true if the master key is available (>= TLS1) and the output buffer
35  * large enough
36  */
37  static bool getTLSMasterKey(
38  const SSL_SESSION* session,
39  MutableByteRange keyOut);
40 
41  /*
42  * Get the TLS Client Random used to generate the TLS key material
43  *
44  * @param ssl
45  * @param randomOut destination for the client random, the buffer must be at
46  * least 32 bytes
47  * @return true if the client random is available (>= TLS1) and the output
48  * buffer large enough
49  */
50  static bool getTLSClientRandom(const SSL* ssl, MutableByteRange randomOut);
51 
63  // TODO(agartrell): Add support for things like common name when
64  // necessary.
65  static bool
66  validatePeerCertNames(X509* cert, const sockaddr* addr, socklen_t addrLen);
67 
78  static bool getPeerAddressFromX509StoreCtx(
79  X509_STORE_CTX* ctx,
80  sockaddr_storage* addrStorage,
81  socklen_t* addrLen);
82 
91  static const std::string& getCipherName(uint16_t cipherCode);
92 
104  static void setSSLInitialCtx(SSL* ssl, SSL_CTX* ctx);
105  static SSL_CTX* getSSLInitialCtx(SSL* ssl);
106 
110  static std::string getCommonName(X509* x509);
111 
116  static BioMethodUniquePtr newSocketBioMethod();
117  static bool setCustomBioReadMethod(
118  BIO_METHOD* bioMeth,
119  int (*meth)(BIO*, char*, int));
120  static bool setCustomBioWriteMethod(
121  BIO_METHOD* bioMeth,
122  int (*meth)(BIO*, const char*, int));
123  static int getBioShouldRetryWrite(int ret);
124  static void setBioAppData(BIO* b, void* ptr);
125  static void* getBioAppData(BIO* b);
126  static int getBioFd(BIO* b, int* fd);
127  static void setBioFd(BIO* b, int fd, int flags);
128 };
129 
130 } // namespace ssl
131 } // namespace folly
folly::ssl::OpenSSLUtils::getCommonName
static std::string getCommonName(X509 *x509)
Definition: OpenSSLUtils.cpp:317
ptr
void * ptr
Definition: StaticSingletonManager.cpp:38
folly::ssl::OpenSSLUtils::getSSLInitialCtx
static SSL_CTX * getSSLInitialCtx(SSL *ssl)
Definition: OpenSSLUtils.cpp:215
flags
flags
Definition: http_parser.h:127
folly::ssl::OpenSSLUtils::getTLSMasterKey
static bool getTLSMasterKey(const SSL_SESSION *session, MutableByteRange keyOut)
Definition: OpenSSLUtils.cpp:40
folly::ssl::OpenSSLUtils::setCustomBioReadMethod
static bool setCustomBioReadMethod(BIO_METHOD *bioMeth, int(*meth)(BIO *, char *, int))
Definition: OpenSSLUtils.cpp:250
b
char b
Definition: OptionalTest.cpp:53
folly::ssl::OpenSSLUtils::getBioAppData
static void * getBioAppData(BIO *b)
Definition: OpenSSLUtils.cpp:284
folly
—— Concurrent Priority Queue Implementation ——
Definition: AtomicBitSet.h:29
folly::ssl::OpenSSLUtils::getTLSClientRandom
static bool getTLSClientRandom(const SSL *ssl, MutableByteRange randomOut)
Definition: OpenSSLUtils.cpp:58
folly::ssl::OpenSSLUtils::setSSLInitialCtx
static void setSSLInitialCtx(SSL *ssl, SSL_CTX *ctx)
Definition: OpenSSLUtils.cpp:202
folly::ssl::OpenSSLUtils::setBioFd
static void setBioFd(BIO *b, int fd, int flags)
Definition: OpenSSLUtils.cpp:304
folly::ssl::OpenSSLUtils::getBioFd
static int getBioFd(BIO *b, int *fd)
Definition: OpenSSLUtils.cpp:292
folly::ssl::OpenSSLUtils::setCustomBioWriteMethod
static bool setCustomBioWriteMethod(BIO_METHOD *bioMeth, int(*meth)(BIO *, const char *, int))
Definition: OpenSSLUtils.cpp:258
folly::ssl::OpenSSLUtils::newSocketBioMethod
static BioMethodUniquePtr newSocketBioMethod()
Definition: OpenSSLUtils.cpp:225
folly::ssl::OpenSSLUtils::validatePeerCertNames
static bool validatePeerCertNames(X509 *cert, const sockaddr *addr, socklen_t addrLen)
Definition: OpenSSLUtils.cpp:98
folly::ssl::OpenSSLUtils::getBioShouldRetryWrite
static int getBioShouldRetryWrite(int ret)
Definition: OpenSSLUtils.cpp:266
string
const char * string
Definition: Conv.cpp:212
folly::ssl::OpenSSLUtils::getPeerAddressFromX509StoreCtx
static bool getPeerAddressFromX509StoreCtx(X509_STORE_CTX *ctx, sockaddr_storage *addrStorage, socklen_t *addrLen)
Definition: OpenSSLUtils.cpp:75
folly::ssl::OpenSSLUtils::setBioAppData
static void setBioAppData(BIO *b, void *ptr)
Definition: OpenSSLUtils.cpp:276
folly::ssl::BioMethodUniquePtr
std::unique_ptr< BIO_METHOD, BioMethodDeleter > BioMethodUniquePtr
Definition: OpenSSLPtrTypes.h:89
addr
ThreadPoolListHook * addr
Definition: GlobalThreadPoolList.cpp:61
folly::ssl::OpenSSLUtils::getCipherName
static const std::string & getCipherName(uint16_t cipherCode)
Definition: OpenSSLUtils.cpp:188