| OLD | NEW |
|---|
| (Empty) |
| 1 /* | |
| 2 * Copyright 2004 The WebRTC Project Authors. All rights reserved. | |
| 3 * | |
| 4 * Use of this source code is governed by a BSD-style license | |
| 5 * that can be found in the LICENSE file in the root of the source | |
| 6 * tree. An additional intellectual property rights grant can be found | |
| 7 * in the file PATENTS. All contributing project authors may | |
| 8 * be found in the AUTHORS file in the root of the source tree. | |
| 9 */ | |
| 10 | |
| 11 #ifndef WEBRTC_BASE_NSSIDENTITY_H_ | |
| 12 #define WEBRTC_BASE_NSSIDENTITY_H_ | |
| 13 | |
| 14 #include <string> | |
| 15 | |
| 16 // Hack: Define+undefine int64 and uint64 to avoid typedef conflict with NSS. | |
| 17 // TODO(kjellander): Remove when webrtc:4497 is completed. | |
| 18 #define uint64 foo_uint64 | |
| 19 #define int64 foo_int64 | |
| 20 #include "cert.h" | |
| 21 #undef uint64 | |
| 22 #undef int64 | |
| 23 #include "nspr.h" | |
| 24 #include "hasht.h" | |
| 25 #include "keythi.h" | |
| 26 | |
| 27 #ifdef NSS_SSL_RELATIVE_PATH | |
| 28 #include "ssl.h" | |
| 29 #else | |
| 30 #include "net/third_party/nss/ssl/ssl.h" | |
| 31 #endif | |
| 32 | |
| 33 #include "webrtc/base/common.h" | |
| 34 #include "webrtc/base/logging.h" | |
| 35 #include "webrtc/base/scoped_ptr.h" | |
| 36 #include "webrtc/base/sslidentity.h" | |
| 37 | |
| 38 namespace rtc { | |
| 39 | |
| 40 class NSSKeyPair { | |
| 41 public: | |
| 42 NSSKeyPair(SECKEYPrivateKey* privkey, SECKEYPublicKey* pubkey) | |
| 43 : privkey_(privkey), pubkey_(pubkey), ssl_kea_type_(ssl_kea_null) {} | |
| 44 NSSKeyPair(SECKEYPrivateKey* privkey, | |
| 45 SECKEYPublicKey* pubkey, | |
| 46 SSLKEAType ssl_kea_type) | |
| 47 : privkey_(privkey), pubkey_(pubkey), ssl_kea_type_(ssl_kea_type) {} | |
| 48 ~NSSKeyPair(); | |
| 49 | |
| 50 // Generate a 1024-bit RSA key pair. | |
| 51 static NSSKeyPair* Generate(KeyType key_type); | |
| 52 NSSKeyPair* GetReference(); | |
| 53 | |
| 54 SECKEYPrivateKey* privkey() const { return privkey_; } | |
| 55 SECKEYPublicKey * pubkey() const { return pubkey_; } | |
| 56 SSLKEAType ssl_kea_type() const { return ssl_kea_type_; } | |
| 57 | |
| 58 private: | |
| 59 SECKEYPrivateKey* privkey_; | |
| 60 SECKEYPublicKey* pubkey_; | |
| 61 SSLKEAType ssl_kea_type_; | |
| 62 | |
| 63 RTC_DISALLOW_COPY_AND_ASSIGN(NSSKeyPair); | |
| 64 }; | |
| 65 | |
| 66 | |
| 67 class NSSCertificate : public SSLCertificate { | |
| 68 public: | |
| 69 static NSSCertificate* FromPEMString(const std::string& pem_string); | |
| 70 // The caller retains ownership of the argument to all the constructors, | |
| 71 // and the constructor makes a copy. | |
| 72 explicit NSSCertificate(CERTCertificate* cert); | |
| 73 explicit NSSCertificate(CERTCertList* cert_list); | |
| 74 ~NSSCertificate() override; | |
| 75 | |
| 76 NSSCertificate* GetReference() const override; | |
| 77 | |
| 78 std::string ToPEMString() const override; | |
| 79 | |
| 80 void ToDER(Buffer* der_buffer) const override; | |
| 81 | |
| 82 bool GetSignatureDigestAlgorithm(std::string* algorithm) const override; | |
| 83 | |
| 84 bool ComputeDigest(const std::string& algorithm, | |
| 85 unsigned char* digest, | |
| 86 size_t size, | |
| 87 size_t* length) const override; | |
| 88 | |
| 89 bool GetChain(SSLCertChain** chain) const override; | |
| 90 | |
| 91 CERTCertificate* certificate() { return certificate_; } | |
| 92 | |
| 93 // Performs minimal checks to determine if the list is a valid chain. This | |
| 94 // only checks that each certificate certifies the preceding certificate, | |
| 95 // and ignores many other certificate features such as expiration dates. | |
| 96 static bool IsValidChain(const CERTCertList* cert_list); | |
| 97 | |
| 98 // Helper function to get the length of a digest | |
| 99 static bool GetDigestLength(const std::string& algorithm, size_t* length); | |
| 100 | |
| 101 // Comparison. Only the certificate itself is considered, not the chain. | |
| 102 bool Equals(const NSSCertificate* tocompare) const; | |
| 103 | |
| 104 private: | |
| 105 NSSCertificate(CERTCertificate* cert, SSLCertChain* chain); | |
| 106 static bool GetDigestObject(const std::string& algorithm, | |
| 107 const SECHashObject** hash_object); | |
| 108 | |
| 109 CERTCertificate* certificate_; | |
| 110 scoped_ptr<SSLCertChain> chain_; | |
| 111 | |
| 112 RTC_DISALLOW_COPY_AND_ASSIGN(NSSCertificate); | |
| 113 }; | |
| 114 | |
| 115 // Represents a SSL key pair and certificate for NSS. | |
| 116 class NSSIdentity : public SSLIdentity { | |
| 117 public: | |
| 118 static NSSIdentity* Generate(const std::string& common_name, | |
| 119 KeyType key_type); | |
| 120 static NSSIdentity* GenerateForTest(const SSLIdentityParams& params); | |
| 121 static SSLIdentity* FromPEMStrings(const std::string& private_key, | |
| 122 const std::string& certificate); | |
| 123 ~NSSIdentity() override; | |
| 124 | |
| 125 NSSIdentity* GetReference() const override; | |
| 126 NSSCertificate& certificate() const override; | |
| 127 | |
| 128 NSSKeyPair* keypair() const { return keypair_.get(); } | |
| 129 | |
| 130 private: | |
| 131 NSSIdentity(NSSKeyPair* keypair, NSSCertificate* cert); | |
| 132 | |
| 133 static NSSIdentity* GenerateInternal(const SSLIdentityParams& params); | |
| 134 | |
| 135 rtc::scoped_ptr<NSSKeyPair> keypair_; | |
| 136 rtc::scoped_ptr<NSSCertificate> certificate_; | |
| 137 | |
| 138 RTC_DISALLOW_COPY_AND_ASSIGN(NSSIdentity); | |
| 139 }; | |
| 140 | |
| 141 } // namespace rtc | |
| 142 | |
| 143 #endif // WEBRTC_BASE_NSSIDENTITY_H_ | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1351503004:
Purge nss files and dependencies. (Closed)
Base URL: https://chromium.googlesource.com/external/webrtc.git@master