mollyim/webrtc
1
0
Fork 0
mirror of https://github.com/mollyim/webrtc.git synced 2025-05-15 06:40:43 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
webrtc/rtc_base/rtccertificate.h
Taylor Brandstetter c392866d86 Implement certificate chain stats. 
There was an implementation, but it relied on SSLCertificate::GetChain,
which was never implemented. Except in the fake certificate classes
used by the stats collector tests, hence the tests were passing.

Instead of implementing GetChain, we decided (in
https://webrtc-review.googlesource.com/c/src/+/6500) to add
methods that return a SSLCertChain directly, since it results in a
somewhat cleaner object model.

So this CL switches everything to use the "chain" methods, and gets
rid of the obsolete methods and member variables.

Bug: webrtc:8920
Change-Id: Ie9d7d53654ba859535462521b54c788adec7badf
Reviewed-on: https://webrtc-review.googlesource.com/56961
Commit-Queue: Taylor Brandstetter <deadbeef@webrtc.org>
Reviewed-by: Zhi Huang <zhihuang@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#22177}
2018-02-24 00:44:06 +00:00

88 lines
3.2 KiB
C++
Raw Blame History

/*
* Copyright 2015 The WebRTC Project Authors. All rights reserved.
*
* Use of this source code is governed by a BSD-style license
* that can be found in the LICENSE file in the root of the source
* tree. An additional intellectual property rights grant can be found
* in the file PATENTS. All contributing project authors may
* be found in the AUTHORS file in the root of the source tree.
*/
#ifndef RTC_BASE_RTCCERTIFICATE_H_
#define RTC_BASE_RTCCERTIFICATE_H_
#include <stdint.h>
#include <memory>
#include "rtc_base/refcount.h"
#include "rtc_base/scoped_ref_ptr.h"
#include "rtc_base/sslidentity.h"
namespace rtc {
// This class contains PEM strings of an RTCCertificate's private key and
// certificate and acts as a text representation of RTCCertificate. Certificates
// can be serialized and deserialized to and from this format, which allows for
// cloning and storing of certificates to disk. The PEM format is that of
// |SSLIdentity::PrivateKeyToPEMString| and |SSLCertificate::ToPEMString|, e.g.
// the string representations used by OpenSSL.
class RTCCertificatePEM {
public:
RTCCertificatePEM(
const std::string& private_key,
const std::string& certificate)
: private_key_(private_key),
certificate_(certificate) {}
const std::string& private_key() const { return private_key_; }
const std::string& certificate() const { return certificate_; }
private:
std::string private_key_;
std::string certificate_;
};
// A thin abstraction layer between "lower level crypto stuff" like
// SSLCertificate and WebRTC usage. Takes ownership of some lower level objects,
// reference counting protects these from premature destruction.
class RTCCertificate : public RefCountInterface {
public:
// Takes ownership of |identity|.
static scoped_refptr<RTCCertificate> Create(
std::unique_ptr<SSLIdentity> identity);
// Returns the expiration time in ms relative to epoch, 1970-01-01T00:00:00Z.
uint64_t Expires() const;
// Checks if the certificate has expired, where |now| is expressed in ms
// relative to epoch, 1970-01-01T00:00:00Z.
bool HasExpired(uint64_t now) const;
const SSLCertificate& ssl_certificate() const;
const SSLCertChain& ssl_cert_chain() const;
// TODO(hbos): If possible, remove once RTCCertificate and its
// ssl_certificate() is used in all relevant places. Should not pass around
// raw SSLIdentity* for the sake of accessing SSLIdentity::certificate().
// However, some places might need SSLIdentity* for its public/private key...
SSLIdentity* identity() const { return identity_.get(); }
// To/from PEM, a text representation of the RTCCertificate.
RTCCertificatePEM ToPEM() const;
// Can return nullptr if the certificate is invalid.
static scoped_refptr<RTCCertificate> FromPEM(const RTCCertificatePEM& pem);
bool operator==(const RTCCertificate& certificate) const;
bool operator!=(const RTCCertificate& certificate) const;
protected:
explicit RTCCertificate(SSLIdentity* identity);
~RTCCertificate() override;
private:
// The SSLIdentity is the owner of the SSLCertificate. To protect our
// ssl_certificate() we take ownership of |identity_|.
std::unique_ptr<SSLIdentity> identity_;
};
} // namespace rtc
#endif // RTC_BASE_RTCCERTIFICATE_H_
Reference in a new issue View git blame Copy permalink