| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. | 2 * Copyright 2012 The WebRTC Project Authors. All rights reserved. |
| 3 * | 3 * |
| 4 * Use of this source code is governed by a BSD-style license | 4 * Use of this source code is governed by a BSD-style license |
| 5 * that can be found in the LICENSE file in the root of the source | 5 * that can be found in the LICENSE file in the root of the source |
| 6 * tree. An additional intellectual property rights grant can be found | 6 * tree. An additional intellectual property rights grant can be found |
| 7 * in the file PATENTS. All contributing project authors may | 7 * in the file PATENTS. All contributing project authors may |
| 8 * be found in the AUTHORS file in the root of the source tree. | 8 * be found in the AUTHORS file in the root of the source tree. |
| 9 */ | 9 */ |
| 10 | 10 |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 103 | 103 |
| 104 bool TransportDescriptionFactory::SetSecurityInfo( | 104 bool TransportDescriptionFactory::SetSecurityInfo( |
| 105 TransportDescription* desc, ConnectionRole role) const { | 105 TransportDescription* desc, ConnectionRole role) const { |
| 106 if (!certificate_) { | 106 if (!certificate_) { |
| 107 LOG(LS_ERROR) << "Cannot create identity digest with no certificate"; | 107 LOG(LS_ERROR) << "Cannot create identity digest with no certificate"; |
| 108 return false; | 108 return false; |
| 109 } | 109 } |
| 110 | 110 |
| 111 // This digest algorithm is used to produce the a=fingerprint lines in SDP. | 111 // This digest algorithm is used to produce the a=fingerprint lines in SDP. |
| 112 // RFC 4572 Section 5 requires that those lines use the same hash function as | 112 // RFC 4572 Section 5 requires that those lines use the same hash function as |
| 113 // the certificate's signature. | 113 // the certificate's signature, which is what CreateFromCertificate does. |
| 114 desc->identity_fingerprint.reset( |
| 115 rtc::SSLFingerprint::CreateFromCertificate(certificate_)); |
| 116 if (!desc->identity_fingerprint) { |
| 117 return false; |
| 118 } |
| 114 std::string digest_alg; | 119 std::string digest_alg; |
| 115 if (!certificate_->ssl_certificate().GetSignatureDigestAlgorithm( | 120 if (!certificate_->ssl_certificate().GetSignatureDigestAlgorithm( |
| 116 &digest_alg)) { | 121 &digest_alg)) { |
| 117 LOG(LS_ERROR) << "Failed to retrieve the certificate's digest algorithm"; | 122 LOG(LS_ERROR) << "Failed to retrieve the certificate's digest algorithm"; |
| 118 return false; | 123 return false; |
| 119 } | 124 } |
| 120 | 125 |
| 121 desc->identity_fingerprint.reset( | 126 desc->identity_fingerprint.reset( |
| 122 rtc::SSLFingerprint::Create(digest_alg, certificate_->identity())); | 127 rtc::SSLFingerprint::Create(digest_alg, certificate_->identity())); |
| 123 if (!desc->identity_fingerprint.get()) { | 128 if (!desc->identity_fingerprint.get()) { |
| 124 LOG(LS_ERROR) << "Failed to create identity fingerprint, alg=" | 129 LOG(LS_ERROR) << "Failed to create identity fingerprint, alg=" |
| 125 << digest_alg; | 130 << digest_alg; |
| 126 return false; | 131 return false; |
| 127 } | 132 } |
| 128 | 133 |
| 129 // Assign security role. | 134 // Assign security role. |
| 130 desc->connection_role = role; | 135 desc->connection_role = role; |
| 131 return true; | 136 return true; |
| 132 } | 137 } |
| 133 | 138 |
| 134 } // namespace cricket | 139 } // namespace cricket |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2641633002:
Only set certificate on DTLS transport if fingerprint is found in SDP. (Closed)
