webrtc/base/opensslidentity.h - Issue 1898383003: RTCCertificate serialization.

Side by Side Diff: webrtc/base/opensslidentity.h

Issue 1898383003: RTCCertificate serialization. (Closed) Base URL: https://chromium.googlesource.com/external/webrtc.git@master

Patch Set: PublicKeyToPEMString Created 4 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 /*	1 /*

2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.	2 * Copyright 2004 The WebRTC Project Authors. All rights reserved.

3 *	3 *

4 * Use of this source code is governed by a BSD-style license	4 * Use of this source code is governed by a BSD-style license

5 * that can be found in the LICENSE file in the root of the source	5 * that can be found in the LICENSE file in the root of the source

6 * tree. An additional intellectual property rights grant can be found	6 * tree. An additional intellectual property rights grant can be found

7 * in the file PATENTS. All contributing project authors may	7 * in the file PATENTS. All contributing project authors may

8 * be found in the AUTHORS file in the root of the source tree.	8 * be found in the AUTHORS file in the root of the source tree.

9 */	9 */

10	10

(...skipping 15 matching lines...) Expand all Loading...
26	26

27 // OpenSSLKeyPair encapsulates an OpenSSL EVP_PKEY* keypair object,	27 // OpenSSLKeyPair encapsulates an OpenSSL EVP_PKEY* keypair object,

28 // which is reference counted inside the OpenSSL library.	28 // which is reference counted inside the OpenSSL library.

29 class OpenSSLKeyPair {	29 class OpenSSLKeyPair {

30 public:	30 public:

31 explicit OpenSSLKeyPair(EVP_PKEY* pkey) : pkey_(pkey) {	31 explicit OpenSSLKeyPair(EVP_PKEY* pkey) : pkey_(pkey) {

32 ASSERT(pkey_ != NULL);	32 ASSERT(pkey_ != NULL);

33 }	33 }

34	34

35 static OpenSSLKeyPair* Generate(const KeyParams& key_params);	35 static OpenSSLKeyPair* Generate(const KeyParams& key_params);

	36 // Constructs a key pair from the private key PEM string. This must not result

	37 // in missing public key parameters. Returns null on error.

	38 static OpenSSLKeyPair* FromPrivateKeyPEMString(

	39 const std::string& pem_string);

36	40

37 virtual ~OpenSSLKeyPair();	41 virtual ~OpenSSLKeyPair();

38	42

39 virtual OpenSSLKeyPair* GetReference();	43 virtual OpenSSLKeyPair* GetReference();

40	44

41 EVP_PKEY* pkey() const { return pkey_; }	45 EVP_PKEY* pkey() const { return pkey_; }

	46 std::string PrivateKeyToPEMString() const;

	47 std::string PublicKeyToPEMString() const;

	48 bool operator==(const OpenSSLKeyPair& other) const;

	49 bool operator!=(const OpenSSLKeyPair& other) const;
	torbjorng (webrtc) 2016/04/26 13:35:51 It is not clear that we should have a != operator. It is not clear that we should have a != operator. It will return true for invalid compares (which might make sense, or not). (Here and in for at least two more types.) hbos 2016/04/27 07:52:09 I'm thinking if we have an "equals" then "not equa Show quoted text On 2016/04/26 13:35:51, torbjorng (webrtc) wrote: > It is not clear that we should have a != operator. It will return true for > invalid compares (which might make sense, or not). > > (Here and in for at least two more types.) I'm thinking if we have an "equals" then "not equals" should be well defined, that they go hand in hand if operators are used as expected. Do you want me to remove it? nisse-webrtc 2016/04/27 08:05:46 I think I'd prefer to drop the operator overloadin Show quoted text On 2016/04/27 07:52:09, hbos wrote: > On 2016/04/26 13:35:51, torbjorng (webrtc) wrote: > > It is not clear that we should have a != operator. It will return true for > > invalid compares (which might make sense, or not). > > > > (Here and in for at least two more types.) > > I'm thinking if we have an "equals" then "not equals" should be well defined, > that they go hand in hand if operators are used as expected. Do you want me to > remove it? I think I'd prefer to drop the operator overloading. These comparison functions are obscure, and I don't think they should ever be used except by the tests. And then they deserve longer names making their use more explicit. hbos 2016/04/27 09:00:45 From offline discussion: style guide prefers == ov Show quoted text On 2016/04/27 08:05:46, nisse-webrtc wrote: > On 2016/04/27 07:52:09, hbos wrote: > > On 2016/04/26 13:35:51, torbjorng (webrtc) wrote: > > > It is not clear that we should have a != operator. It will return true for > > > invalid compares (which might make sense, or not). > > > > > > (Here and in for at least two more types.) > > > > I'm thinking if we have an "equals" then "not equals" should be well defined, > > that they go hand in hand if operators are used as expected. Do you want me to > > remove it? > > I think I'd prefer to drop the operator overloading. These comparison functions > are obscure, and I don't think they should ever be used except by the tests. And > then they deserve longer names making their use more explicit. From offline discussion: style guide prefers == over Equals function, keeping as-is.
42	50

43 private:	51 private:

44 void AddReference();	52 void AddReference();

45	53

46 EVP_PKEY* pkey_;	54 EVP_PKEY* pkey_;

47	55

48 RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyPair);	56 RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyPair);

49 };	57 };

50	58

51 // OpenSSLCertificate encapsulates an OpenSSL X509* certificate object,	59 // OpenSSLCertificate encapsulates an OpenSSL X509* certificate object,

52 // which is also reference counted inside the OpenSSL library.	60 // which is also reference counted inside the OpenSSL library.

53 class OpenSSLCertificate : public SSLCertificate {	61 class OpenSSLCertificate : public SSLCertificate {

54 public:	62 public:

55 // Caller retains ownership of the X509 object.	63 // Caller retains ownership of the X509 object.

56 explicit OpenSSLCertificate(X509* x509) : x509_(x509) {	64 explicit OpenSSLCertificate(X509* x509) : x509_(x509) {

57 AddReference();	65 AddReference();

58 }	66 }

59	67

60 static OpenSSLCertificate* Generate(OpenSSLKeyPair* key_pair,	68 static OpenSSLCertificate* Generate(OpenSSLKeyPair* key_pair,

61 const SSLIdentityParams& params);	69 const SSLIdentityParams& params);

62 static OpenSSLCertificate* FromPEMString(const std::string& pem_string);	70 static OpenSSLCertificate* FromPEMString(const std::string& pem_string);

63	71

64 ~OpenSSLCertificate() override;	72 ~OpenSSLCertificate() override;

65	73

66 OpenSSLCertificate* GetReference() const override;	74 OpenSSLCertificate* GetReference() const override;

67	75

68 X509* x509() const { return x509_; }	76 X509* x509() const { return x509_; }

69	77

70 std::string ToPEMString() const override;	78 std::string ToPEMString() const override;

71

72 void ToDER(Buffer* der_buffer) const override;	79 void ToDER(Buffer* der_buffer) const override;

	80 bool operator==(const OpenSSLCertificate& other) const;

	81 bool operator!=(const OpenSSLCertificate& other) const;

73	82

74 // Compute the digest of the certificate given algorithm	83 // Compute the digest of the certificate given algorithm

75 bool ComputeDigest(const std::string& algorithm,	84 bool ComputeDigest(const std::string& algorithm,

76 unsigned char* digest,	85 unsigned char* digest,

77 size_t size,	86 size_t size,

78 size_t* length) const override;	87 size_t* length) const override;

79	88

80 // Compute the digest of a certificate as an X509 *	89 // Compute the digest of a certificate as an X509 *

81 static bool ComputeDigest(const X509* x509,	90 static bool ComputeDigest(const X509* x509,

82 const std::string& algorithm,	91 const std::string& algorithm,

(...skipping 25 matching lines...) Expand all Loading...
108 static SSLIdentity* FromPEMStrings(const std::string& private_key,	117 static SSLIdentity* FromPEMStrings(const std::string& private_key,

109 const std::string& certificate);	118 const std::string& certificate);

110 ~OpenSSLIdentity() override;	119 ~OpenSSLIdentity() override;

111	120

112 const OpenSSLCertificate& certificate() const override;	121 const OpenSSLCertificate& certificate() const override;

113 OpenSSLIdentity* GetReference() const override;	122 OpenSSLIdentity* GetReference() const override;

114	123

115 // Configure an SSL context object to use our key and certificate.	124 // Configure an SSL context object to use our key and certificate.

116 bool ConfigureIdentity(SSL_CTX* ctx);	125 bool ConfigureIdentity(SSL_CTX* ctx);

117	126

	127 std::string PrivateKeyToPEMString() const override;

	128 std::string PublicKeyToPEMString() const override;

	129 bool operator==(const OpenSSLIdentity& other) const;

	130 bool operator!=(const OpenSSLIdentity& other) const;

	131

118 private:	132 private:

119 OpenSSLIdentity(OpenSSLKeyPair* key_pair, OpenSSLCertificate* certificate);	133 OpenSSLIdentity(OpenSSLKeyPair* key_pair, OpenSSLCertificate* certificate);

120	134

121 static OpenSSLIdentity* GenerateInternal(const SSLIdentityParams& params);	135 static OpenSSLIdentity* GenerateInternal(const SSLIdentityParams& params);

122	136

123 scoped_ptr<OpenSSLKeyPair> key_pair_;	137 scoped_ptr<OpenSSLKeyPair> key_pair_;

124 scoped_ptr<OpenSSLCertificate> certificate_;	138 scoped_ptr<OpenSSLCertificate> certificate_;

125	139

126 RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLIdentity);	140 RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLIdentity);

127 };	141 };

128	142

129	143

130 } // namespace rtc	144 } // namespace rtc

131	145

132 #endif // WEBRTC_BASE_OPENSSLIDENTITY_H_	146 #endif // WEBRTC_BASE_OPENSSLIDENTITY_H_

OLD	NEW

« no previous file with comments | « webrtc/base/fakesslidentity.h ('k') | webrtc/base/opensslidentity.cc » ('j') | webrtc/base/opensslidentity.cc » ('J')