Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / 0a6380f069461638d87988d0443fc21e18dc7336 / . / webrtc / base / sslidentity.cc
blob: ed9e5aca93f172010dcc727df197c3e7e32af9d1 [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]1/*
2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11// Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
12#if HAVE_CONFIG_H
13#include "config.h"
14#endif // HAVE_CONFIG_H
15
16#include "webrtc/base/sslidentity.h"
17
18#include <string>
19
20#include "webrtc/base/base64.h"
21#include "webrtc/base/logging.h"
22#include "webrtc/base/sslconfig.h"
23
24#if SSL_USE_SCHANNEL
25
26#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
27
28#include "webrtc/base/opensslidentity.h"
29
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]30#endif // SSL_USE_SCHANNEL
31
32namespace rtc {
33
34const char kPemTypeCertificate[] = "CERTIFICATE";
35const char kPemTypeRsaPrivateKey[] = "RSA PRIVATE KEY";
Torbjorn Granlundb6d4ec42015-08-17 14:08:59 +0200[diff] [blame]36const char kPemTypeEcPrivateKey[] = "EC PRIVATE KEY";
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]37
Henrik Boström9b5476d2015-09-22 14:12:57 +0200[diff] [blame]38KeyType IntKeyTypeFamilyToKeyType(int key_type_family) {
39 return static_cast<KeyType>(key_type_family);
40}
41
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]42bool SSLIdentity::PemToDer(const std::string& pem_type,
43 const std::string& pem_string,
44 std::string* der) {
45 // Find the inner body. We need this to fulfill the contract of
46 // returning pem_length.
47 size_t header = pem_string.find("-----BEGIN " + pem_type + "-----");
48 if (header == std::string::npos)
49 return false;
50
51 size_t body = pem_string.find("\n", header);
52 if (body == std::string::npos)
53 return false;
54
55 size_t trailer = pem_string.find("-----END " + pem_type + "-----");
56 if (trailer == std::string::npos)
57 return false;
58
59 std::string inner = pem_string.substr(body + 1, trailer - (body + 1));
60
61 *der = Base64::Decode(inner, Base64::DO_PARSE_WHITE |
62 Base64::DO_PAD_ANY |
63 Base64::DO_TERM_BUFFER);
64 return true;
65}
66
67std::string SSLIdentity::DerToPem(const std::string& pem_type,
68 const unsigned char* data,
69 size_t length) {
70 std::stringstream result;
71
72 result << "-----BEGIN " << pem_type << "-----\n";
73
74 std::string b64_encoded;
75 Base64::EncodeFromArray(data, length, &b64_encoded);
76
77 // Divide the Base-64 encoded data into 64-character chunks, as per
78 // 4.3.2.4 of RFC 1421.
79 static const size_t kChunkSize = 64;
80 size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize;
81 for (size_t i = 0, chunk_offset = 0; i < chunks;
82 ++i, chunk_offset += kChunkSize) {
83 result << b64_encoded.substr(chunk_offset, kChunkSize);
84 result << "\n";
85 }
86
87 result << "-----END " << pem_type << "-----\n";
88
89 return result.str();
90}
91
kwiberg@webrtc.org67186fe2015-03-09 22:21:53 +0000[diff] [blame]92SSLCertChain::SSLCertChain(const std::vector<SSLCertificate*>& certs) {
93 ASSERT(!certs.empty());
94 certs_.resize(certs.size());
95 std::transform(certs.begin(), certs.end(), certs_.begin(), DupCert);
96}
97
98SSLCertChain::SSLCertChain(const SSLCertificate* cert) {
99 certs_.push_back(cert->GetReference());
100}
101
102SSLCertChain::~SSLCertChain() {
103 std::for_each(certs_.begin(), certs_.end(), DeleteCert);
104}
105
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]106#if SSL_USE_SCHANNEL
107
108SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
109 return NULL;
110}
111
Torbjorn Granlundb6d4ec42015-08-17 14:08:59 +0200[diff] [blame]112SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
113 KeyType key_type) {
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]114 return NULL;
115}
116
117SSLIdentity* GenerateForTest(const SSLIdentityParams& params) {
118 return NULL;
119}
120
121SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
122 const std::string& certificate) {
123 return NULL;
124}
125
126#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
127
128SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
129 return OpenSSLCertificate::FromPEMString(pem_string);
130}
131
Torbjorn Granlundb6d4ec42015-08-17 14:08:59 +0200[diff] [blame]132SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
133 KeyType key_type) {
134 return OpenSSLIdentity::Generate(common_name, key_type);
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]135}
136
137SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
138 return OpenSSLIdentity::GenerateForTest(params);
139}
140
141SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
142 const std::string& certificate) {
143 return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
144}
145
torbjorng07d09362015-09-22 11:58:04 -0700[diff] [blame]146#else // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL
henrike@webrtc.orgf0488722014-05-13 18:00:26 +0000[diff] [blame]147
148#error "No SSL implementation"
149
150#endif // SSL_USE_SCHANNEL
151
152} // namespace rtc