Blame - webrtc/base/sslidentity.cc - webrtc.googlesource.com/src

blob: 0da254fcaa15666607ab9a9deb11d5fdab221de7 [file] [log] [blame]

henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	1	/*
				2	* Copyright 2004 The WebRTC Project Authors. All rights reserved.
				3	*
				4	* Use of this source code is governed by a BSD-style license
				5	* that can be found in the LICENSE file in the root of the source
				6	* tree. An additional intellectual property rights grant can be found
				7	* in the file PATENTS. All contributing project authors may
				8	* be found in the AUTHORS file in the root of the source tree.
				9	*/
				10
				11	// Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
				12	#if HAVE_CONFIG_H
				13	#include "config.h"
				14	#endif // HAVE_CONFIG_H
				15
				16	#include "webrtc/base/sslidentity.h"
				17
				18	#include <string>
				19
				20	#include "webrtc/base/base64.h"
				21	#include "webrtc/base/logging.h"
				22	#include "webrtc/base/sslconfig.h"
				23
				24	#if SSL_USE_SCHANNEL
				25
				26	#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
				27
				28	#include "webrtc/base/opensslidentity.h"
				29
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	30	#endif // SSL_USE_SCHANNEL
				31
				32	namespace rtc {
				33
				34	const char kPemTypeCertificate[] = "CERTIFICATE";
				35	const char kPemTypeRsaPrivateKey[] = "RSA PRIVATE KEY";
Torbjorn Granlund	b6d4ec4	2015-08-17 14:08:59 +0200	[diff] [blame]	36	const char kPemTypeEcPrivateKey[] = "EC PRIVATE KEY";
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	37
				38	bool SSLIdentity::PemToDer(const std::string& pem_type,
				39	const std::string& pem_string,
				40	std::string* der) {
				41	// Find the inner body. We need this to fulfill the contract of
				42	// returning pem_length.
				43	size_t header = pem_string.find("-----BEGIN " + pem_type + "-----");
				44	if (header == std::string::npos)
				45	return false;
				46
				47	size_t body = pem_string.find("\n", header);
				48	if (body == std::string::npos)
				49	return false;
				50
				51	size_t trailer = pem_string.find("-----END " + pem_type + "-----");
				52	if (trailer == std::string::npos)
				53	return false;
				54
				55	std::string inner = pem_string.substr(body + 1, trailer - (body + 1));
				56
				57	*der = Base64::Decode(inner, Base64::DO_PARSE_WHITE \|
				58	Base64::DO_PAD_ANY \|
				59	Base64::DO_TERM_BUFFER);
				60	return true;
				61	}
				62
				63	std::string SSLIdentity::DerToPem(const std::string& pem_type,
				64	const unsigned char* data,
				65	size_t length) {
				66	std::stringstream result;
				67
				68	result << "-----BEGIN " << pem_type << "-----\n";
				69
				70	std::string b64_encoded;
				71	Base64::EncodeFromArray(data, length, &b64_encoded);
				72
				73	// Divide the Base-64 encoded data into 64-character chunks, as per
				74	// 4.3.2.4 of RFC 1421.
				75	static const size_t kChunkSize = 64;
				76	size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize;
				77	for (size_t i = 0, chunk_offset = 0; i < chunks;
				78	++i, chunk_offset += kChunkSize) {
				79	result << b64_encoded.substr(chunk_offset, kChunkSize);
				80	result << "\n";
				81	}
				82
				83	result << "-----END " << pem_type << "-----\n";
				84
				85	return result.str();
				86	}
				87
kwiberg@webrtc.org	67186fe	2015-03-09 22:21:53 +0000	[diff] [blame]	88	SSLCertChain::SSLCertChain(const std::vector<SSLCertificate*>& certs) {
				89	ASSERT(!certs.empty());
				90	certs_.resize(certs.size());
				91	std::transform(certs.begin(), certs.end(), certs_.begin(), DupCert);
				92	}
				93
				94	SSLCertChain::SSLCertChain(const SSLCertificate* cert) {
				95	certs_.push_back(cert->GetReference());
				96	}
				97
				98	SSLCertChain::~SSLCertChain() {
				99	std::for_each(certs_.begin(), certs_.end(), DeleteCert);
				100	}
				101
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	102	#if SSL_USE_SCHANNEL
				103
				104	SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
				105	return NULL;
				106	}
				107
Torbjorn Granlund	b6d4ec4	2015-08-17 14:08:59 +0200	[diff] [blame]	108	SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
				109	KeyType key_type) {
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	110	return NULL;
				111	}
				112
				113	SSLIdentity* GenerateForTest(const SSLIdentityParams& params) {
				114	return NULL;
				115	}
				116
				117	SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
				118	const std::string& certificate) {
				119	return NULL;
				120	}
				121
				122	#elif SSL_USE_OPENSSL // !SSL_USE_SCHANNEL
				123
				124	SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
				125	return OpenSSLCertificate::FromPEMString(pem_string);
				126	}
				127
Torbjorn Granlund	b6d4ec4	2015-08-17 14:08:59 +0200	[diff] [blame]	128	SSLIdentity* SSLIdentity::Generate(const std::string& common_name,
				129	KeyType key_type) {
				130	return OpenSSLIdentity::Generate(common_name, key_type);
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	131	}
				132
				133	SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
				134	return OpenSSLIdentity::GenerateForTest(params);
				135	}
				136
				137	SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
				138	const std::string& certificate) {
				139	return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
				140	}
				141
torbjorng	5647a2c	2015-09-04 08:11:51 -0700	[diff] [blame]	142	#else // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	143
				144	#error "No SSL implementation"
				145
				146	#endif // SSL_USE_SCHANNEL
				147
				148	} // namespace rtc