Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / refs/heads/lkgr / . / rtc_base / boringssl_certificate.h
blob: bd331686b7ae7dc9305ed1ede04258f64decf761 [file] [log] [blame]
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]1/*
2 * Copyright 2020 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11#ifndef RTC_BASE_BORINGSSL_CERTIFICATE_H_
12#define RTC_BASE_BORINGSSL_CERTIFICATE_H_
13
14#include <openssl/ossl_typ.h>
15#include <stddef.h>
16#include <stdint.h>
17
18#include <memory>
19#include <string>
20
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]21#include "absl/strings/string_view.h"
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]22#include "rtc_base/buffer.h"
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]23#include "rtc_base/ssl_certificate.h"
24#include "rtc_base/ssl_identity.h"
25
26namespace rtc {
27
28class OpenSSLKeyPair;
29
30// BoringSSLCertificate encapsulates a BoringSSL CRYPTO_BUFFER object holding a
31// certificate, which is also reference counted inside the BoringSSL library.
32// This offers binary size and memory improvements over the OpenSSL X509
33// object.
34class BoringSSLCertificate final : public SSLCertificate {
35 public:
36 explicit BoringSSLCertificate(bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer);
37
38 static std::unique_ptr<BoringSSLCertificate> Generate(
39 OpenSSLKeyPair* key_pair,
40 const SSLIdentityParams& params);
41 static std::unique_ptr<BoringSSLCertificate> FromPEMString(
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]42 absl::string_view pem_string);
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]43
44 ~BoringSSLCertificate() override;
45
Byoungchan Lee14af7622022-01-12 05:24:58 +0900[diff] [blame]46 BoringSSLCertificate(const BoringSSLCertificate&) = delete;
47 BoringSSLCertificate& operator=(const BoringSSLCertificate&) = delete;
48
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]49 std::unique_ptr<SSLCertificate> Clone() const override;
50
51 CRYPTO_BUFFER* cert_buffer() const { return cert_buffer_.get(); }
52
53 std::string ToPEMString() const override;
54 void ToDER(Buffer* der_buffer) const override;
55 bool operator==(const BoringSSLCertificate& other) const;
56 bool operator!=(const BoringSSLCertificate& other) const;
57
Artem Titov96e3b992021-07-26 16:03:14 +0200[diff] [blame]58 // Compute the digest of the certificate given `algorithm`.
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]59 bool ComputeDigest(absl::string_view algorithm,
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]60 unsigned char* digest,
61 size_t size,
62 size_t* length) const override;
63
64 // Compute the digest of a certificate as a CRYPTO_BUFFER.
65 static bool ComputeDigest(const CRYPTO_BUFFER* cert_buffer,
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]66 absl::string_view algorithm,
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]67 unsigned char* digest,
68 size_t size,
69 size_t* length);
70
71 bool GetSignatureDigestAlgorithm(std::string* algorithm) const override;
72
73 int64_t CertificateExpirationTime() const override;
74
75 private:
76 // A handle to the DER encoded certificate data.
77 bssl::UniquePtr<CRYPTO_BUFFER> cert_buffer_;
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]78};
79
80} // namespace rtc
81
82#endif // RTC_BASE_BORINGSSL_CERTIFICATE_H_