Blame - rtc_base/ssl_fingerprint.cc - webrtc.googlesource.com/src

blob: a85b7a09ceaff0254a28d112cf21d91656f3b71d [file] [log] [blame]

henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	1	/*
				2	* Copyright 2012 The WebRTC Project Authors. All rights reserved.
				3	*
				4	* Use of this source code is governed by a BSD-style license
				5	* that can be found in the LICENSE file in the root of the source
				6	* tree. An additional intellectual property rights grant can be found
				7	* in the file PATENTS. All contributing project authors may
				8	* be found in the AUTHORS file in the root of the source tree.
				9	*/
				10
Steve Anton	10542f2	2019-01-11 09:11:00 -0800	[diff] [blame]	11	#include "rtc_base/ssl_fingerprint.h"
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	12
				13	#include <ctype.h>
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	14
Yves Gerey	988cc08	2018-10-23 12:03:01 +0200	[diff] [blame]	15	#include <cstdint>
Mirko Bonadei	317a1f0	2019-09-17 17:06:18 +0200	[diff] [blame]	16	#include <memory>
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	17	#include <string>
				18
Steve Anton	2acd163	2019-03-25 13:48:30 -0700	[diff] [blame]	19	#include "absl/algorithm/container.h"
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	20	#include "absl/strings/string_view.h"
Mirko Bonadei	92ea95e	2017-09-15 06:47:31 +0200	[diff] [blame]	21	#include "rtc_base/logging.h"
Steve Anton	10542f2	2019-01-11 09:11:00 -0800	[diff] [blame]	22	#include "rtc_base/message_digest.h"
				23	#include "rtc_base/rtc_certificate.h"
				24	#include "rtc_base/ssl_certificate.h"
				25	#include "rtc_base/ssl_identity.h"
				26	#include "rtc_base/string_encode.h"
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	27
				28	namespace rtc {
				29
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	30	SSLFingerprint* SSLFingerprint::Create(absl::string_view algorithm,
Mirko Bonadei	6932fb2	2018-10-15 14:18:03 +0000	[diff] [blame]	31	const rtc::SSLIdentity* identity) {
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	32	return CreateUnique(algorithm, *identity).release();
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	33	}
				34
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	35	std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUnique(
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	36	absl::string_view algorithm,
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	37	const rtc::SSLIdentity& identity) {
				38	return Create(algorithm, identity.certificate());
				39	}
				40
				41	std::unique_ptr<SSLFingerprint> SSLFingerprint::Create(
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	42	absl::string_view algorithm,
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	43	const rtc::SSLCertificate& cert) {
Peter Boström	0c4e06b	2015-10-07 12:23:21 +0200	[diff] [blame]	44	uint8_t digest_val[64];
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	45	size_t digest_len;
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	46	bool ret = cert.ComputeDigest(algorithm, digest_val, sizeof(digest_val),
				47	&digest_len);
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	48	if (!ret) {
deadbeef	37f5ecf	2017-02-27 14:06:41 -0800	[diff] [blame]	49	return nullptr;
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	50	}
Mirko Bonadei	317a1f0	2019-09-17 17:06:18 +0200	[diff] [blame]	51	return std::make_unique<SSLFingerprint>(
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	52	algorithm, ArrayView<const uint8_t>(digest_val, digest_len));
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	53	}
				54
				55	SSLFingerprint* SSLFingerprint::CreateFromRfc4572(
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	56	absl::string_view algorithm,
				57	absl::string_view fingerprint) {
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	58	return CreateUniqueFromRfc4572(algorithm, fingerprint).release();
				59	}
				60
				61	std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUniqueFromRfc4572(
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	62	absl::string_view algorithm,
				63	absl::string_view fingerprint) {
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	64	if (algorithm.empty() \|\| !rtc::IsFips180DigestAlgorithm(algorithm))
deadbeef	37f5ecf	2017-02-27 14:06:41 -0800	[diff] [blame]	65	return nullptr;
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	66
				67	if (fingerprint.empty())
deadbeef	37f5ecf	2017-02-27 14:06:41 -0800	[diff] [blame]	68	return nullptr;
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	69
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	70	char value[rtc::MessageDigest::kMaxSize];
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	71	size_t value_len = rtc::hex_decode_with_delimiter(
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	72	value, sizeof(value), fingerprint.data(), fingerprint.length(), ':');
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	73	if (!value_len)
deadbeef	37f5ecf	2017-02-27 14:06:41 -0800	[diff] [blame]	74	return nullptr;
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	75
Mirko Bonadei	317a1f0	2019-09-17 17:06:18 +0200	[diff] [blame]	76	return std::make_unique<SSLFingerprint>(
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	77	algorithm,
				78	ArrayView<const uint8_t>(reinterpret_cast<uint8_t*>(value), value_len));
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	79	}
				80
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	81	std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateFromCertificate(
				82	const RTCCertificate& cert) {
deadbeef	8662f94	2017-01-20 21:20:51 -0800	[diff] [blame]	83	std::string digest_alg;
Benjamin Wright	6c6c9df	2018-10-25 01:16:26 -0700	[diff] [blame]	84	if (!cert.GetSSLCertificate().GetSignatureDigestAlgorithm(&digest_alg)) {
Mirko Bonadei	675513b	2017-11-09 11:09:25 +0100	[diff] [blame]	85	RTC_LOG(LS_ERROR)
				86	<< "Failed to retrieve the certificate's digest algorithm";
deadbeef	8662f94	2017-01-20 21:20:51 -0800	[diff] [blame]	87	return nullptr;
				88	}
				89
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	90	std::unique_ptr<SSLFingerprint> fingerprint =
				91	CreateUnique(digest_alg, *cert.identity());
deadbeef	8662f94	2017-01-20 21:20:51 -0800	[diff] [blame]	92	if (!fingerprint) {
Mirko Bonadei	675513b	2017-11-09 11:09:25 +0100	[diff] [blame]	93	RTC_LOG(LS_ERROR) << "Failed to create identity fingerprint, alg="
				94	<< digest_alg;
deadbeef	8662f94	2017-01-20 21:20:51 -0800	[diff] [blame]	95	}
				96	return fingerprint;
				97	}
				98
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	99	SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	100	ArrayView<const uint8_t> digest_view)
				101	: algorithm(algorithm), digest(digest_view.data(), digest_view.size()) {}
				102
Ali Tofigh	7fa9057	2022-03-17 15:47:49 +0100	[diff] [blame]	103	SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
Peter Boström	0c4e06b	2015-10-07 12:23:21 +0200	[diff] [blame]	104	const uint8_t* digest_in,
				105	size_t digest_len)
Steve Anton	4905edb	2018-10-15 19:27:44 -0700	[diff] [blame]	106	: SSLFingerprint(algorithm, MakeArrayView(digest_in, digest_len)) {}
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	107
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	108	bool SSLFingerprint::operator==(const SSLFingerprint& other) const {
Yves Gerey	665174f	2018-06-19 15:03:05 +0200	[diff] [blame]	109	return algorithm == other.algorithm && digest == other.digest;
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	110	}
				111
				112	std::string SSLFingerprint::GetRfc4572Fingerprint() const {
				113	std::string fingerprint =
Karl Wiberg	9478437	2015-04-20 14:03:07 +0200	[diff] [blame]	114	rtc::hex_encode_with_delimiter(digest.data<char>(), digest.size(), ':');
Steve Anton	2acd163	2019-03-25 13:48:30 -0700	[diff] [blame]	115	absl::c_transform(fingerprint, fingerprint.begin(), ::toupper);
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	116	return fingerprint;
				117	}
				118
mikescarlett	e774867	2016-04-29 20:20:54 -0700	[diff] [blame]	119	std::string SSLFingerprint::ToString() const {
henrike@webrtc.org	f048872	2014-05-13 18:00:26 +0000	[diff] [blame]	120	std::string fp_str = algorithm;
				121	fp_str.append(" ");
				122	fp_str.append(GetRfc4572Fingerprint());
				123	return fp_str;
				124	}
				125
				126	} // namespace rtc