Gitiles
Code Review Sign In
gerrit.openfyde.cn / webrtc.googlesource.com / src / refs/heads/lkgr / . / rtc_base / boringssl_identity.h
blob: ffc8812af2f0345fc85b5870c523bec1279b9b9a [file] [log] [blame]
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]1/*
2 * Copyright 2020 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
11#ifndef RTC_BASE_BORINGSSL_IDENTITY_H_
12#define RTC_BASE_BORINGSSL_IDENTITY_H_
13
14#include <openssl/ossl_typ.h>
15
16#include <ctime>
17#include <memory>
18#include <string>
19
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]20#include "absl/strings/string_view.h"
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]21#include "rtc_base/boringssl_certificate.h"
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]22#include "rtc_base/openssl_key_pair.h"
23#include "rtc_base/ssl_certificate.h"
24#include "rtc_base/ssl_identity.h"
25
26namespace rtc {
27
28// Holds a keypair and certificate together, and a method to generate them
29// consistently. Uses CRYPTO_BUFFER instead of X509, which offers binary size
30// and memory improvements.
31class BoringSSLIdentity final : public SSLIdentity {
32 public:
33 static std::unique_ptr<BoringSSLIdentity> CreateWithExpiration(
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]34 absl::string_view common_name,
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]35 const KeyParams& key_params,
36 time_t certificate_lifetime);
37 static std::unique_ptr<BoringSSLIdentity> CreateForTest(
38 const SSLIdentityParams& params);
39 static std::unique_ptr<SSLIdentity> CreateFromPEMStrings(
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]40 absl::string_view private_key,
41 absl::string_view certificate);
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]42 static std::unique_ptr<SSLIdentity> CreateFromPEMChainStrings(
Ali Tofigh7fa90572022-03-17 15:47:49 +0100[diff] [blame]43 absl::string_view private_key,
44 absl::string_view certificate_chain);
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]45 ~BoringSSLIdentity() override;
46
Byoungchan Lee14af7622022-01-12 05:24:58 +0900[diff] [blame]47 BoringSSLIdentity(const BoringSSLIdentity&) = delete;
48 BoringSSLIdentity& operator=(const BoringSSLIdentity&) = delete;
49
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]50 const BoringSSLCertificate& certificate() const override;
51 const SSLCertChain& cert_chain() const override;
52
53 // Configure an SSL context object to use our key and certificate.
54 bool ConfigureIdentity(SSL_CTX* ctx);
55
56 std::string PrivateKeyToPEMString() const override;
57 std::string PublicKeyToPEMString() const override;
58 bool operator==(const BoringSSLIdentity& other) const;
59 bool operator!=(const BoringSSLIdentity& other) const;
60
61 private:
62 BoringSSLIdentity(std::unique_ptr<OpenSSLKeyPair> key_pair,
63 std::unique_ptr<BoringSSLCertificate> certificate);
64 BoringSSLIdentity(std::unique_ptr<OpenSSLKeyPair> key_pair,
65 std::unique_ptr<SSLCertChain> cert_chain);
66 std::unique_ptr<SSLIdentity> CloneInternal() const override;
67
68 static std::unique_ptr<BoringSSLIdentity> CreateInternal(
69 const SSLIdentityParams& params);
70
71 std::unique_ptr<OpenSSLKeyPair> key_pair_;
72 std::unique_ptr<SSLCertChain> cert_chain_;
Taylor Brandstetter165c6182020-12-10 16:23:03 -0800[diff] [blame]73};
74
75} // namespace rtc
76
77#endif // RTC_BASE_BORINGSSL_IDENTITY_H_