Issue 1378613004: Set Token-Binding HTTP header

Issue 1378613004: Set Token-Binding HTTP header (Closed)

Created:
5 years, 2 months ago by nharper

Modified:
4 years, 11 months ago

Reviewers:
Bence, Ryan Sleevi, Mark P, davidben, asargent_no_longer_on_chrome, mattm, mmenke

CC:
chromium-reviews, cbentzel+watch_chromium.org

Base URL:
https://chromium.googlesource.com/chromium/src.git@tb-tls-ext-new

Target Ref:
refs/pending/heads/master

Project:
chromium

Visibility:
Public.

More Reviews

Description

Set Token-Binding HTTP header Adds a new method to SSLClientSocket to get the Token Binding from an SSL connection where Token Binding was negotiated, and uses that to add the Set-Token-Binding HTTP header (only when Token Binding was negotiated). BUG=467312 Committed: https://crrev.com/b7441ef2effe86324798710a82d8a006f5eb1395 Cr-Commit-Position: refs/heads/master@{#371347}

Patch Set 1 #

Patch Set 2 : rebase #

Patch Set 3 : Fix compilation errors discovered by trybots #

Patch Set 4 : Fix msvc compilation error (again); fix memory leak when signing #

Patch Set 5 : Fix usage of ScopedEVP_MD_CTX #

Patch Set 6 : rebase #

Total comments: 6

Patch Set 7 : Minor changes #

Total comments: 1

Patch Set 8 : Major changes: add commandline switch; do key lookup in HttpNetworkTransaction, add tests #

Patch Set 9 : Remove extra SHA256 from signing #

Patch Set 10 : update to match change to SSLConfig in dependent patchset #

Patch Set 11 : rebase #

Patch Set 12 : Add UMA logging of Token Binding support and NetLog event for Token Binding key lookup #

Total comments: 66

Patch Set 13 : rebase #

Patch Set 14 : reply to comments #

Patch Set 15 : rebase #

Patch Set 16 : rebase #

Patch Set 17 : fix build issues #

Total comments: 30

Patch Set 18 : rebase #

Patch Set 19 : address comments #

Patch Set 20 : Add #if !defined(OS_IOS) to a unittest #

Patch Set 21 : Add another #if !defined(OS_IOS) #

Total comments: 16

Patch Set 22 : fix nits #

Patch Set 23 : Remove sequence numbers from mock reads #

Total comments: 2

Created: 4 years, 11 months ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+1029 lines, -80 lines)			Patch
M	chrome/browser/extensions/api/socket/tls_socket_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	chrome/browser/io_thread.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+1 line, -0 lines	0 comments	Download
M	chrome/browser/io_thread.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	3 chunks	+6 lines, -2 lines	2 comments	Download
M	chrome/common/chrome_switches.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+1 line, -0 lines	0 comments	Download
M	chrome/common/chrome_switches.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+3 lines, -0 lines	0 comments	Download
M	net/BUILD.gn	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	2 chunks	+2 lines, -0 lines	0 comments	Download
M	net/http/http_basic_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+3 lines, -0 lines	0 comments	Download
M	net/http/http_basic_stream.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/http/http_network_session.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/http/http_network_session.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+2 lines, -1 line	0 comments	Download
M	net/http/http_network_transaction.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	7 chunks	+19 lines, -1 line	0 comments	Download
M	net/http/http_network_transaction.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21	10 chunks	+110 lines, -3 lines	0 comments	Download
M	net/http/http_network_transaction_ssl_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19	3 chunks	+68 lines, -0 lines	0 comments	Download
M	net/http/http_network_transaction_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22	4 chunks	+50 lines, -0 lines	0 comments	Download
M	net/http/http_request_headers.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	1 chunk	+2 lines, -1 line	0 comments	Download
M	net/http/http_request_headers.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15	1 chunk	+2 lines, -1 line	0 comments	Download
M	net/http/http_response_body_drainer_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/http/http_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	2 chunks	+12 lines, -0 lines	0 comments	Download
M	net/http/http_stream_factory_impl_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/http/http_stream_parser.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	2 chunks	+5 lines, -0 lines	0 comments	Download
M	net/http/http_stream_parser.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	2 chunks	+12 lines, -0 lines	0 comments	Download
M	net/http/proxy_connect_redirect_http_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/http/proxy_connect_redirect_http_stream.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+7 lines, -0 lines	0 comments	Download
M	net/log/net_log_event_type_list.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+3 lines, -0 lines	0 comments	Download
M	net/net.gypi	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	1 chunk	+3 lines, -0 lines	0 comments	Download
M	net/net_common.gypi	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17	2 chunks	+2 lines, -0 lines	0 comments	Download
M	net/quic/quic_http_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/quic/quic_http_stream.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+6 lines, -0 lines	0 comments	Download
M	net/socket/socket_test_util.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	3 chunks	+6 lines, -0 lines	0 comments	Download
M	net/socket/socket_test_util.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	4 chunks	+17 lines, -1 line	0 comments	Download
M	net/socket/ssl_client_socket.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	2 chunks	+9 lines, -0 lines	0 comments	Download
M	net/socket/ssl_client_socket_nss.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/socket/ssl_client_socket_nss.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+7 lines, -0 lines	0 comments	Download
M	net/socket/ssl_client_socket_openssl.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	4 chunks	+7 lines, -0 lines	0 comments	Download
M	net/socket/ssl_client_socket_openssl.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	2 chunks	+42 lines, -0 lines	0 comments	Download
M	net/spdy/spdy_http_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/spdy/spdy_http_stream.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/spdy/spdy_session.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+5 lines, -0 lines	0 comments	Download
M	net/spdy/spdy_session.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+11 lines, -0 lines	0 comments	Download
M	net/spdy/spdy_test_util_common.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	1 chunk	+1 line, -0 lines	0 comments	Download
M	net/spdy/spdy_test_util_common.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	3 chunks	+3 lines, -0 lines	0 comments	Download
A	net/ssl/token_binding.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16	1 chunk	+94 lines, -0 lines	0 comments	Download
A	net/ssl/token_binding_nss.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13	1 chunk	+39 lines, -0 lines	0 comments	Download
A	net/ssl/token_binding_openssl.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+147 lines, -0 lines	0 comments	Download
M	net/tools/testserver/testserver.py	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	2 chunks	+16 lines, -0 lines	0 comments	Download
M	net/url_request/url_request_http_job_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+6 lines, -0 lines	0 comments	Download
M	net/url_request/url_request_test_util.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14	1 chunk	+1 line, -0 lines	0 comments	Download
M	net/url_request/url_request_unittest.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	8 chunks	+136 lines, -70 lines	0 comments	Download
M	net/websockets/websocket_basic_handshake_stream.h	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+2 lines, -0 lines	0 comments	Download
M	net/websockets/websocket_basic_handshake_stream.cc	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18	1 chunk	+7 lines, -0 lines	0 comments	Download
M	third_party/tlslite/README.chromium	View	1 2 3 4 5 6 7	1 chunk	+4 lines, -0 lines	0 comments	Download
A	third_party/tlslite/patches/exported_keying_material.patch	View	1 2 3 4 5 6 7 8 9 10 11 12 13	1 chunk	+56 lines, -0 lines	0 comments	Download
A	third_party/tlslite/patches/token_binding_resumption.patch	View	1 2 3 4 5 6 7	1 chunk	+15 lines, -0 lines	0 comments	Download
M	third_party/tlslite/tlslite/tlsconnection.py	View	1 2 3 4 5 6 7 8 9 10 11 12 13	5 chunks	+31 lines, -0 lines	0 comments	Download
M	tools/metrics/histograms/histograms.xml	View	1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21	2 chunks	+16 lines, -0 lines	0 comments	Download

Messages

Total messages: 73 (19 generated)

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages

nharper

This is dependent on https://chromiumcodereview.appspot.com/1360633002/.

5 years, 2 months ago (2015-09-30 22:47:27 UTC) #4

mattm

Is it possible to add tests? (note: this is just comments from a first pass.) ...

5 years, 2 months ago (2015-10-01 01:53:01 UTC) #5

nharper

> Is it possible to add tests? I knew I forgot something. I'm working on ...

5 years, 2 months ago (2015-10-01 20:25:47 UTC) #7

Ryan Sleevi

As discussed in person, going to sit on this until we get some of the ...

5 years, 2 months ago (2015-10-01 23:44:25 UTC) #8

davidben

(Reviewing the other CL now and not doing a full review here yet. This just ...

5 years, 2 months ago (2015-10-15 20:37:17 UTC) #9

nharper

Major changes: add commandline switch; do key lookup in HttpNetworkTransaction, add tests

5 years, 1 month ago (2015-10-31 01:27:09 UTC) #11

nharper

Major changes: add commandline switch; do key lookup in HttpNetworkTransaction, add tests

5 years, 1 month ago (2015-10-31 01:29:37 UTC) #13

nharper

Major changes: add commandline switch; do key lookup in HttpNetworkTransaction, add tests

5 years, 1 month ago (2015-10-31 01:32:07 UTC) #15

nharper

This CL has been updated and mostly rewritten. Comparing patchset 8 to previous ones probably ...

5 years, 1 month ago (2015-10-31 01:42:02 UTC) #19

nharper

update to match change to SSLConfig in dependent patchset

5 years, 1 month ago (2015-11-04 02:59:19 UTC) #21

nharper

Add UMA logging of Token Binding support and NetLog event for Token Binding key lookup

5 years, 1 month ago (2015-11-07 02:18:07 UTC) #23

davidben

Phew. Large CL. Here's a first pass over it. I think it's basically good as ...

5 years, 1 month ago (2015-11-18 20:49:01 UTC) #25

nharper

https://codereview.chromium.org/1378613004/diff/300001/chrome/common/chrome_switches.cc File chrome/common/chrome_switches.cc (right): https://codereview.chromium.org/1378613004/diff/300001/chrome/common/chrome_switches.cc#newcode550 chrome/common/chrome_switches.cc:550: // handshake. On 2015/11/18 20:49:00, davidben (slow) wrote: > ...

5 years ago (2015-12-04 01:42:21 UTC) #28

https://codereview.chromium.org/1378613004/diff/300001/chrome/common/chrome_s...
File chrome/common/chrome_switches.cc (right):

https://codereview.chromium.org/1378613004/diff/300001/chrome/common/chrome_s...
chrome/common/chrome_switches.cc:550: // handshake.
On 2015/11/18 20:49:00, davidben (slow) wrote:
> I would probably say
> 
> // Enables token binding (draft-ietf-tokbind-protocol-02).
> 
> and not mention TLS. Maybe we'll do QUIC. And the important part is that the
> HTTP code does it, not the TLS code.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
File net/http/http_network_transaction.cc (right):

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:656: supported = UNSUPPORTED_KEY_PARAM;
On 2015/11/18 20:49:00, davidben (slow) wrote:
> This can never happen, no? You'll only negotiate the ones you set up in line
> 205. Also probably bad to look at this before the bool below.

My thought here was if the server can negotiate token binding, but not with a
key param that we support, then record it here. Clearly that doesn't work. The
easier thing to do is drop UNSUPPORTED_KEY_PARAM from this enum altogether;
otherwise I'll need to plumb more info up into SSLInfo to expose what happened
in the extension at the ssl layer.

I've removed UNSUPPORTED_KEY_PARAM for now.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:963:
base::Bind(&HttpNetworkTransaction::OnIOComplete, base::Unretained(this)),
On 2015/11/18 20:49:00, davidben (slow) wrote:
> io_callback_

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:974: rv = ERR_CHANNEL_ID_IMPORT_FAILED;
On 2015/11/18 20:49:00, davidben (slow) wrote:
> Is this possible?

I can't see how this would be possible (GetOrCreateChannelID's documentation
indicates that token_binding_key_ will be filled if it returns success), but
SSLClientSocketOpenSSL has a similar check when looking up the channel ID key.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:1015: if (token_binding_key_) {
On 2015/11/18 20:49:00, davidben (slow) wrote:
> An HttpNetworkSession may run through a request multiple times (see
> ResetStateForRestart). The server may change its mind on whether to negotiate
TB
> or whatever. You should probably reset everything in ResetStateForRestart,
> otherwise this check is invalid and some other stuff might be weird.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:1054: return "";
On 2015/11/18 20:49:00, davidben (slow) wrote:
> If this or below fails, it should probably be fatal to the connection.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.cc:1064: base::ReplaceChars(base64_header,
"/", "_", &base64_header);
On 2015/11/18 20:49:00, davidben (slow) wrote:
> base/base64url.h

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
File net/http/http_network_transaction.h (right):

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_network_...
net/http/http_network_transaction.h:17: #include "crypto/ec_private_key.h"
On 2015/11/18 20:49:00, davidben (slow) wrote:
> I think you can still forward-decl this.

Yes I can. Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h
File net/http/http_stream.h (right):

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h...
net/http/http_stream.h:18: #include "crypto/ec_private_key.h"
On 2015/11/18 20:49:00, davidben (slow) wrote:
> Forward decl

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h...
net/http/http_stream.h:153: 
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> Documentation?

This method is now gone, and a passthru to
SSLClientSocket::GetSignedEKMForTokenBinding added in its place, with
documentation.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h...
net/http/http_stream.h:154: virtual int GetProvidedTokenBindingWithKey(
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> Nit: Maybe WithKey -> ForKey? Not sure. That seems marginally better. WithKey
> sounds like it might return binding + key.

Method is gone, so naming is moot.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h...
net/http/http_stream.h:154: virtual int GetProvidedTokenBindingWithKey(
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> So, I'm a little confused about this "provided" vs "referred" business. Since
> the signature doesn't include the type anyway (a little bit suspicious in
> itself), why not make HttpStream just pass up GetSignedEKMForTokenBinding. We
> can wrap it in "provided" outside.
> 
> The other motivation is if we push it up as high as assembling the
> TokenBindingMessage, we can save an allocation and copy. (Honestly, I'm really
> confused what's the point of that too. You can already emit a header multiple
> times, so why not use that...)

Pushing this up higher did clean up some stuff.

https://codereview.chromium.org/1378613004/diff/300001/net/http/http_stream.h...
net/http/http_stream.h:155: const scoped_ptr<crypto::ECPrivateKey>& key,
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> crypto::ECPrivateKey* is how you spell a non-owning pointer. :-P I'm not sure
> const references to scoped_ptr actually make sense.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
File net/socket/ssl_client_socket_openssl.cc (right):

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:500:
tb_signed_ekm_map_(SignedEkmMap::NO_AUTO_EVICT),
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> With NO_AUTO_EVICT and no explicit evictions, this means we're not actually
> using the MRU-ness, right? Seems we'd want to just set a fairly conservative
one
> and leave it at that.

Correct. I've changed it to 10.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:558: std::vector<uint8_t>* out) {
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> I think this deserves a comment like:
> 
>   // The same key will be asserted for multiple requests, so look up a
>   // signature in the cache first.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:566: }
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> Nit: Newline here, probably.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:569: const char tb_ekm_label[] =
"EXPORTER-Token-Binding";
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> Nit: static const char kTbEkmLabel[]. Or maybe kTokenBindingEkmLabel[] or even
> kTokenBindingExporterLabel[] to cut down on abbreviation soup?

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:573: size_t ekm_label_length =
arraysize(tb_ekm_label) - 1;
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> Rather than that long comment, how about just using strlen? I'm sure the
> compiler will be smart enough to avoid the function call.

I forgot about strlen. Done.

https://codereview.chromium.org/1378613004/diff/300001/net/socket/ssl_client_...
net/socket/ssl_client_socket_openssl.cc:586: if (!EVP_PKEY_sign(pctx.get(),
&out->front(), &sig_len, tb_ekm_buf,
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> vector_as_array(out) from base/stl_util.h, very soon to be replaced with
> out->data().

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding.h
File net/ssl/token_binding.h (right):

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding....
net/ssl/token_binding.h:18: // error.
On 2015/11/18 20:49:00, davidben (behind on reviews) wrote:
> You can return a net::Error to make that clearer since you're not muxing in an
> output size with it.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding....
net/ssl/token_binding.h:44: //     provided_token_binding(0),
referred_token_binding(1), (255)
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> This is somewhat less related, but what exactly is this provided vs. referred
> thing supposed to be for? Whatever it is, we don't actually sign the type.

The type (provided vs referred) is for the federated use case (which I haven't
implemented yet). A provided token binding on a connection between client and
server A is when the client uses its keypair for server A to sign, while a
referred token binding is when the client connects to server B and uses its
keypair for server A (as well as sending a provided token binding using the
keypair for B). This is so that server B can generate a token containing the
public key for server A that the client will present to server A.

In terms of not signing the type, I can't think of a danger of that (so long as
the exported keying material can't be replicated on another connection, but if
that's the case, then there are much larger protocol problems with token
binding).

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding....
net/ssl/token_binding.h:75: bool ParseTokenBindingMessage(const std::string&
token_binding_message,
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> This doesn't appear to have any callers.

This is called in url_request_unittest.cc

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding....
net/ssl/token_binding.h:77: std::string* signature);
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> StringPiece to avoid all the copies? This function could just take in
> StringPiece and spit out StringPieces

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding....
net/ssl/token_binding.h:84: bool VerifyEKMSignature(const std::string& ec_point,
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> This doesn't appear to have any callers.

This is called in url_request_unittest.cc

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
File net/ssl/token_binding_openssl.cc (right):

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
net/ssl/token_binding_openssl.cc:36: if (i2d_PublicKey(pkey, NULL) !=
kExpectedKeyLength)
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> It's kind of confusing what type you're using when you call i2d_PublicKey.
It's
> even kind of screwy because, despite the name, you aren't serializing to DER.
> 
> I'll get a better API later, but for now I'd use:
>
https://commondatastorage.googleapis.com/chromium-boringssl-docs/ec_key.h.htm...

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
net/ssl/token_binding_openssl.cc:45: }
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> You can save the extra copy by doing:
> 
>   uint8_t *buf;
>   if (i2d_Foo(pkey, nullptr) != kExpectedKeyLength ||
>       !CBB_add_space(&ec_point, &buf, kExpectedKeyLength) ||
>       i2d_Foo(pkey, &buf) != kExpectedKeyLength ||
>       !CBB_flush(out)) {
>     return false;
>   }
> 
> Which is generalizable to cases where you don't know the expected length by
> using what the first call returned. (It's not generalizable to the
EVP_PKEY_sign
> case where you only get an upper-bound initially, but I'll add a CBB_reserve +
> CBB_advance pair at some point when we need it.)

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
net/ssl/token_binding_openssl.cc:54: CBB tb_message, tb_messages;
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> tb_message vs tb_messages is kind of confusing. I'd probably just call the
> second one 'child'.

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
net/ssl/token_binding_openssl.cc:63:
reinterpret_cast<uint8_t*>(const_cast<char*>(token_binding.data())),
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> No need for the const_cast

Done.

https://codereview.chromium.org/1378613004/diff/300001/net/ssl/token_binding_...
net/ssl/token_binding_openssl.cc:90: !CBB_add_bytes(&token_binding,
&signed_ekm[0], signed_ekm.size()) ||
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> vector_as_array(&signed_ekm)

Done.

https://codereview.chromium.org/1378613004/diff/300001/third_party/tlslite/tl...
File third_party/tlslite/tlslite/session.py (right):

https://codereview.chromium.org/1378613004/diff/300001/third_party/tlslite/tl...
third_party/tlslite/tlslite/session.py:71: self.serverRandom = serverRandom
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> I don't think storing the client/server random on the Session is quite right.
If
> you resume a session, you will have different randoms on the connection, but
the
> same session.

Moved to the TLSConnection class. The clientRandom and serverRandom member
variables are the only member variables of that class (everything else is in the
parent class TLSRecordLayer).

https://codereview.chromium.org/1378613004/diff/300001/third_party/tlslite/tl...
third_party/tlslite/tlslite/session.py:135: """Returns the exported keying
material as defined in RFC 5705."""
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> Ditto. The client and server random used in the exporter are different on
> session resumption. This probably wants to be a method on the connection.

Done.

https://codereview.chromium.org/1378613004/diff/300001/tools/metrics/histogra...
File tools/metrics/histograms/histograms.xml (right):

https://codereview.chromium.org/1378613004/diff/300001/tools/metrics/histogra...
tools/metrics/histograms/histograms.xml:47965: +<histogram
name="TokenBinding.Support" enum="TokenBinding.Support">
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> Probably wants a Net prefix.

Done.

https://codereview.chromium.org/1378613004/diff/300001/tools/metrics/histogra...
tools/metrics/histograms/histograms.xml:74718: +<enum
name="TokenBinding.Support" type="int">
On 2015/11/18 20:49:01, davidben (behind on reviews) wrote:
> I don't think enum names typically have dots in them.

There are multiple enum names with dots in them - I modeled this after
DomainBoundCerts.Support.

If I'm changing the histogram name to have a 'Net.' prefix, should I change the
enum name as well?

davidben

So much plumbing. Looks good though. Just minor comments. https://codereview.chromium.org/1378613004/diff/480001/net/http/http_network_transaction.cc File net/http/http_network_transaction.cc (right): https://codereview.chromium.org/1378613004/diff/480001/net/http/http_network_transaction.cc#newcode660 net/http/http_network_transaction.cc:660: ...

4 years, 11 months ago (2016-01-22 00:19:22 UTC) #38

nharper

+bnc Bence, can you take a look at http_network_transaction_unittest.cc? https://codereview.chromium.org/1378613004/diff/480001/net/http/http_network_transaction.cc File net/http/http_network_transaction.cc (right): https://codereview.chromium.org/1378613004/diff/480001/net/http/http_network_transaction.cc#newcode660 net/http/http_network_transaction.cc:660: ...

4 years, 11 months ago (2016-01-22 19:36:52 UTC) #43

nharper

asargent, can you review chrome/browser/extensions? rsleevi, can you review chrome/browser/io_thread.*?

4 years, 11 months ago (2016-01-22 22:18:53 UTC) #46

nharper

+mpearson to review tools/metrics/histograms/histograms.xml davidben, can you take a look at the most recent change ...

4 years, 11 months ago (2016-01-23 00:36:42 UTC) #50

Mark P

histograms.xml lgtm with minor comments below https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction.cc File net/http/http_network_transaction.cc (right): https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction.cc#newcode660 net/http/http_network_transaction.cc:660: enum { Please ...

4 years, 11 months ago (2016-01-23 05:01:49 UTC) #52

Bence

net/http/http_network_transaction_unittest.cc LGTM modulo nits. https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc File net/http/http_network_transaction_unittest.cc (right): https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc#newcode25 net/http/http_network_transaction_unittest.cc:25: #include "base/strings/string_number_conversions.h" Sorry, I cannot ...

4 years, 11 months ago (2016-01-23 22:31:18 UTC) #54

nharper

https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction.cc File net/http/http_network_transaction.cc (right): https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction.cc#newcode660 net/http/http_network_transaction.cc:660: enum { On 2016/01/23 05:01:49, Mark P wrote: > ...

4 years, 11 months ago (2016-01-25 18:54:55 UTC) #56

Bence

https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc File net/http/http_network_transaction_unittest.cc (right): https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc#newcode15834 net/http/http_network_transaction_unittest.cc:15834: MockRead reads[] = {CreateMockRead(*resp, 1), CreateMockRead(*body, 2), On 2016/01/25 ...

4 years, 11 months ago (2016-01-25 21:45:19 UTC) #57

mmenke

On 2016/01/25 21:46:07, nharper wrote: > R+mmenke,-sleevi for chrome/browser/io_thread* io_thread LGTM

4 years, 11 months ago (2016-01-25 21:47:44 UTC) #60

nharper

4 years, 11 months ago (2016-01-25 22:06:17 UTC) #62

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-cq-status.appspot.com/patch-status/1378613004/600001 View timeline at https://chromium-cq-status.appspot.com/patch-timeline/1378613004/600001

4 years, 11 months ago (2016-01-25 22:07:37 UTC) #65

commit-bot: I haz the power

Patchset 23 (id:??) landed as https://crrev.com/b7441ef2effe86324798710a82d8a006f5eb1395 Cr-Commit-Position: refs/heads/master@{#371347}

4 years, 11 months ago (2016-01-25 23:55:30 UTC) #69

Bence

On 2016/01/25 22:06:17, nharper wrote: > https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc > File net/http/http_network_transaction_unittest.cc (right): > > https://codereview.chromium.org/1378613004/diff/560001/net/http/http_network_transaction_unittest.cc#newcode15834 > ...

4 years, 11 months ago (2016-01-26 15:59:17 UTC) #70

Ryan Sleevi

chrome/browser/io_thread LGTM % nit (addressible in a follow-up CL/separately) https://codereview.chromium.org/1378613004/diff/600001/chrome/browser/io_thread.cc File chrome/browser/io_thread.cc (right): https://codereview.chromium.org/1378613004/diff/600001/chrome/browser/io_thread.cc#newcode850 chrome/browser/io_thread.cc:850: ...

4 years, 11 months ago (2016-01-26 22:53:47 UTC) #72

nharper

4 years, 11 months ago (2016-01-26 23:29:30 UTC) #73

Message was sent while issue was closed.

https://codereview.chromium.org/1378613004/diff/600001/chrome/browser/io_thre...
File chrome/browser/io_thread.cc (right):

https://codereview.chromium.org/1378613004/diff/600001/chrome/browser/io_thre...
chrome/browser/io_thread.cc:850: if
(command_line.HasSwitch(switches::kEnableTokenBinding)) {
On 2016/01/26 22:53:47, Ryan Sleevi wrote:
> As command-line switches are generally inaccessible on Android/ChromeOS, are
> there plans to add it to about://flags? Or via Policy? Or via Finch? Just
> exploring here.
> 
> Note that this file appears to omit braces for one-line ifs, so I think local
> style should dominate.

There is a plan to add it to about:flags - see
https://codereview.chromium.org/1409323011/. That CL also fixes this style nit.

Expand Messages | Collapse Messages | Show Generated Messages | Hide Generated Messages