Blame - webrtc/base/sslidentity.cc - webrtc.googlesource.com/src

blob: ea9f547a87d812cac35fac39ad562c15d1103afd [file] [log] [blame]

henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	1	/*
				2	* Copyright 2004 The WebRTC Project Authors. All rights reserved.
				3	*
				4	* Use of this source code is governed by a BSD-style license
				5	* that can be found in the LICENSE file in the root of the source
				6	* tree. An additional intellectual property rights grant can be found
				7	* in the file PATENTS. All contributing project authors may
				8	* be found in the AUTHORS file in the root of the source tree.
				9	*/
				10
				11	// Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
				12	#if HAVE_CONFIG_H
				13	#include "config.h"
				14	#endif // HAVE_CONFIG_H
				15
				16	#include "webrtc/base/sslidentity.h"
				17
				18	#include <string>
				19
				20	#include "webrtc/base/base64.h"
				21	#include "webrtc/base/logging.h"
				22	#include "webrtc/base/sslconfig.h"
				23
				24	#if SSL_USE_SCHANNEL
				25
				26	#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
				27
				28	#include "webrtc/base/opensslidentity.h"
				29
				30	#elif SSL_USE_NSS // !SSL_USE_SCHANNEL && !SSL_USE_OPENSSL
				31
				32	#include "webrtc/base/nssidentity.h"
				33
				34	#endif // SSL_USE_SCHANNEL
				35
				36	namespace rtc {
				37
				38	const char kPemTypeCertificate[] = "CERTIFICATE";
				39	const char kPemTypeRsaPrivateKey[] = "RSA PRIVATE KEY";
				40
				41	bool SSLIdentity::PemToDer(const std::string& pem_type,
				42	const std::string& pem_string,
				43	std::string* der) {
				44	// Find the inner body. We need this to fulfill the contract of
				45	// returning pem_length.
				46	size_t header = pem_string.find("-----BEGIN " + pem_type + "-----");
				47	if (header == std::string::npos)
				48	return false;
				49
				50	size_t body = pem_string.find("\n", header);
				51	if (body == std::string::npos)
				52	return false;
				53
				54	size_t trailer = pem_string.find("-----END " + pem_type + "-----");
				55	if (trailer == std::string::npos)
				56	return false;
				57
				58	std::string inner = pem_string.substr(body + 1, trailer - (body + 1));
				59
				60	*der = Base64::Decode(inner, Base64::DO_PARSE_WHITE \|
				61	Base64::DO_PAD_ANY \|
				62	Base64::DO_TERM_BUFFER);
				63	return true;
				64	}
				65
				66	std::string SSLIdentity::DerToPem(const std::string& pem_type,
				67	const unsigned char* data,
				68	size_t length) {
				69	std::stringstream result;
				70
				71	result << "-----BEGIN " << pem_type << "-----\n";
				72
				73	std::string b64_encoded;
				74	Base64::EncodeFromArray(data, length, &b64_encoded);
				75
				76	// Divide the Base-64 encoded data into 64-character chunks, as per
				77	// 4.3.2.4 of RFC 1421.
				78	static const size_t kChunkSize = 64;
				79	size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize;
				80	for (size_t i = 0, chunk_offset = 0; i < chunks;
				81	++i, chunk_offset += kChunkSize) {
				82	result << b64_encoded.substr(chunk_offset, kChunkSize);
				83	result << "\n";
				84	}
				85
				86	result << "-----END " << pem_type << "-----\n";
				87
				88	return result.str();
				89	}
				90
kwiberg@webrtc.org	67186fe	2015-03-09 22:21:53 +0000	[diff] [blame^]	91	SSLCertChain::SSLCertChain(const std::vector<SSLCertificate*>& certs) {
				92	ASSERT(!certs.empty());
				93	certs_.resize(certs.size());
				94	std::transform(certs.begin(), certs.end(), certs_.begin(), DupCert);
				95	}
				96
				97	SSLCertChain::SSLCertChain(const SSLCertificate* cert) {
				98	certs_.push_back(cert->GetReference());
				99	}
				100
				101	SSLCertChain::~SSLCertChain() {
				102	std::for_each(certs_.begin(), certs_.end(), DeleteCert);
				103	}
				104
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	105	#if SSL_USE_SCHANNEL
				106
				107	SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
				108	return NULL;
				109	}
				110
				111	SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
				112	return NULL;
				113	}
				114
				115	SSLIdentity* GenerateForTest(const SSLIdentityParams& params) {
				116	return NULL;
				117	}
				118
				119	SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
				120	const std::string& certificate) {
				121	return NULL;
				122	}
				123
				124	#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
				125
				126	SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
				127	return OpenSSLCertificate::FromPEMString(pem_string);
				128	}
				129
				130	SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
				131	return OpenSSLIdentity::Generate(common_name);
				132	}
				133
				134	SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
				135	return OpenSSLIdentity::GenerateForTest(params);
				136	}
				137
				138	SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
				139	const std::string& certificate) {
				140	return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
				141	}
				142
				143	#elif SSL_USE_NSS // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL
				144
				145	SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
				146	return NSSCertificate::FromPEMString(pem_string);
				147	}
				148
				149	SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
				150	return NSSIdentity::Generate(common_name);
				151	}
				152
				153	SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
				154	return NSSIdentity::GenerateForTest(params);
				155	}
				156
				157	SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
				158	const std::string& certificate) {
				159	return NSSIdentity::FromPEMStrings(private_key, certificate);
				160	}
				161
				162	#else // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL && !SSL_USE_NSS
				163
				164	#error "No SSL implementation"
				165
				166	#endif // SSL_USE_SCHANNEL
				167
				168	} // namespace rtc