webrtc/base/sslidentity.h - Issue 1683193003: Implement certificate lifetime parameter as required by WebRTC RFC.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Unified Diff: webrtc/base/sslidentity.h

Issue 1683193003: Implement certificate lifetime parameter as required by WebRTC RFC. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master

Patch Set: Adjust test code Created 4 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: webrtc/base/sslidentity.h

diff --git a/webrtc/base/sslidentity.h b/webrtc/base/sslidentity.h

index a143ee4108bc4585174e2a19838133273751a5d9..2fcd28a61dc61158fd008ac280708e8b3bf18acf 100644

--- a/webrtc/base/sslidentity.h

+++ b/webrtc/base/sslidentity.h

@@ -125,6 +125,12 @@ static const int kRsaDefaultExponent = 0x10001; // = 2^16+1 = 65537

static const int kRsaMinModSize = 1024;

static const int kRsaMaxModSize = 8192;

+// Certificate default validity lifetime.

+static const int CERTIFICATE_LIFETIME = 60*60*24*30; // 30 days, arbitrarily

+// Certificate validity window.

+// This is to compensate for slightly incorrect system clocks.

+static const int CERTIFICATE_WINDOW = -60*60*24;

struct RSAParams {

unsigned int mod_size;

unsigned int pub_exp;

@@ -189,7 +195,12 @@ class SSLIdentity {

// Returns NULL on failure.

// Caller is responsible for freeing the returned object.

static SSLIdentity* Generate(const std::string& common_name,

- const KeyParams& key_param);

+ const KeyParams& key_param,

+ time_t certificate_lifetime);

+ static SSLIdentity* Generate(const std::string& common_name,

+ const KeyParams& key_param) {

+ return Generate(common_name, key_param, CERTIFICATE_LIFETIME);

+ }

static SSLIdentity* Generate(const std::string& common_name,

KeyType key_type) {

return Generate(common_name, KeyParams(key_type));

« no previous file with comments | « webrtc/base/opensslidentity.cc ('k') | webrtc/base/sslidentity.cc » ('j') | webrtc/base/sslidentity_unittest.cc » ('J')