• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  * libjingle
3  * Copyright 2013 Google Inc.
4  *
5  * Redistribution and use in source and binary forms, with or without
6  * modification, are permitted provided that the following conditions are met:
7  *
8  *  1. Redistributions of source code must retain the above copyright notice,
9  *     this list of conditions and the following disclaimer.
10  *  2. Redistributions in binary form must reproduce the above copyright notice,
11  *     this list of conditions and the following disclaimer in the documentation
12  *     and/or other materials provided with the distribution.
13  *  3. The name of the author may not be used to endorse or promote products
14  *     derived from this software without specific prior written permission.
15  *
16  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
17  * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
18  * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
19  * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
20  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
21  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
22  * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
23  * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
24  * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
25  * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26  */
27 
28 #ifndef TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_
29 #define TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_
30 
31 #include <string>
32 #include <utility>
33 
34 #include "talk/app/webrtc/dtlsidentitystore.h"
35 #include "talk/app/webrtc/peerconnectioninterface.h"
36 #include "webrtc/base/rtccertificate.h"
37 
38 static const struct {
39   const char* rsa_private_key_pem;
40   const char* cert_pem;
41 } kKeysAndCerts[] = {
42     {"-----BEGIN RSA PRIVATE KEY-----\n"
43      "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n"
44      "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
45      "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
46      "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n"
47      "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n"
48      "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n"
49      "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n"
50      "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n"
51      "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n"
52      "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n"
53      "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n"
54      "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n"
55      "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n"
56      "UCXiYxSsu20QNVw=\n"
57      "-----END RSA PRIVATE KEY-----\n",
58      "-----BEGIN CERTIFICATE-----\n"
59      "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n"
60      "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n"
61      "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n"
62      "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n"
63      "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n"
64      "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n"
65      "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n"
66      "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n"
67      "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n"
68      "-----END CERTIFICATE-----\n"},
69     {"-----BEGIN RSA PRIVATE KEY-----\n"
70      "MIICXQIBAAKBgQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgj\n"
71      "Bl8CPZMvDh9EwB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQ\n"
72      "sOR/qPvviJx5I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQAB\n"
73      "AoGARni9eY8/hv+SX+I+05EdXt6MQXNUbQ+cSykBNCfVccLzIFEWUQMT2IHqwl6X\n"
74      "ShIXcq7/n1QzOAEiuzixauM3YHg4xZ1Um2Ha9a7ig5Xg4v6b43bmMkNE6LkoAtYs\n"
75      "qnQdfMh442b1liDud6IMb1Qk0amt3fSrgRMc547TZQVx4QECQQDxUeDm94r3p4ng\n"
76      "5rCLLC1K5/6HSTZsh7jatKPlz7GfP/IZlYV7iE5784/n0wRiCjZOS7hQRy/8m2Gp\n"
77      "pf4aZq+DAkEA6+np4d36FYikydvUrupLT3FkdRHGn/v83qOll/VmeNh+L1xMZlIP\n"
78      "tM26hAXCcQb7O5+J9y3cx2CAQsBS11ZXZQJAfGgTo76WG9p5UEJdXUInD2jOZPwv\n"
79      "XIATolxh6kXKcijLLLlSmT7KB0inNYIpzkkpee+7U1d/u6B3FriGaSHq9QJBAM/J\n"
80      "ICnDdLCgwNvWVraVQC3BpwSB2pswvCFwq7py94V60XFvbw80Ogc6qIv98qvQxVlX\n"
81      "hJIEgA/PjEi+0ng94Q0CQQDm8XSDby35gmjO+6eRmJtAjtB7nguLvrPXM6CPXRmD\n"
82      "sRoBocpHw6j9UdzZ6qYG0FkdXZghezXFY58ro2BYYRR3\n"
83      "-----END RSA PRIVATE KEY-----\n",
84      "-----BEGIN CERTIFICATE-----\n"
85      "MIICWDCCAcGgAwIBAgIJALgDjxMbBOhbMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n"
86      "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n"
87      "aWRnaXRzIFB0eSBMdGQwHhcNMTUxMTEzMjIzMjEzWhcNMTYxMTEyMjIzMjEzWjBF\n"
88      "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n"
89      "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n"
90      "gQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgjBl8CPZMvDh9E\n"
91      "wB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQsOR/qPvviJx5\n"
92      "I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQABo1AwTjAdBgNV\n"
93      "HQ4EFgQUx2tbJdlcSTCepn09UdYORXKuSTAwHwYDVR0jBBgwFoAUx2tbJdlcSTCe\n"
94      "pn09UdYORXKuSTAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQAmp9Id\n"
95      "E716gHMqeBG4S2FCgVFCr0a0ugkaneQAN/c2L9CbMemEN9W6jvucUIVOtYd90dDW\n"
96      "lXuowWmT/JctPe3D2qt4yvYW3puECHk2tVQmrJOZiZiTRtWm6HxkmoUYHYp/DtaS\n"
97      "1Xe29gSTnZtI5sQCrGMzk3SGRSSs7ejLKiVDBQ==\n"
98      "-----END CERTIFICATE-----\n"}};
99 
100 class FakeDtlsIdentityStore : public webrtc::DtlsIdentityStoreInterface,
101                               public rtc::MessageHandler {
102  public:
103   typedef rtc::TypedMessageData<rtc::scoped_refptr<
104       webrtc::DtlsIdentityRequestObserver> > MessageData;
105 
FakeDtlsIdentityStore()106   FakeDtlsIdentityStore() : should_fail_(false) {}
107 
set_should_fail(bool should_fail)108   void set_should_fail(bool should_fail) {
109     should_fail_ = should_fail;
110   }
111 
use_original_key()112   void use_original_key() { key_index_ = 0; }
use_alternate_key()113   void use_alternate_key() { key_index_ = 1; }
114 
RequestIdentity(rtc::KeyType key_type,const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> & observer)115   void RequestIdentity(
116       rtc::KeyType key_type,
117       const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>&
118           observer) override {
119     // TODO(hbos): Should be able to generate KT_ECDSA too.
120     RTC_DCHECK(key_type == rtc::KT_RSA || should_fail_);
121     MessageData* msg = new MessageData(
122         rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>(observer));
123     rtc::Thread::Current()->Post(
124         this, should_fail_ ? MSG_FAILURE : MSG_SUCCESS, msg);
125   }
126 
GenerateCertificate()127   static rtc::scoped_refptr<rtc::RTCCertificate> GenerateCertificate() {
128     std::string cert;
129     std::string key;
130     rtc::SSLIdentity::PemToDer("CERTIFICATE", kKeysAndCerts[0].cert_pem, &cert);
131     rtc::SSLIdentity::PemToDer("RSA PRIVATE KEY",
132                                kKeysAndCerts[0].rsa_private_key_pem, &key);
133 
134     std::string pem_cert = rtc::SSLIdentity::DerToPem(
135         rtc::kPemTypeCertificate,
136         reinterpret_cast<const unsigned char*>(cert.data()),
137         cert.length());
138     std::string pem_key = rtc::SSLIdentity::DerToPem(
139         rtc::kPemTypeRsaPrivateKey,
140         reinterpret_cast<const unsigned char*>(key.data()),
141         key.length());
142     rtc::scoped_ptr<rtc::SSLIdentity> identity(
143         rtc::SSLIdentity::FromPEMStrings(pem_key, pem_cert));
144 
145     return rtc::RTCCertificate::Create(std::move(identity));
146   }
147 
148  private:
149   enum {
150     MSG_SUCCESS,
151     MSG_FAILURE,
152   };
153 
get_key()154   const char* get_key() {
155     return kKeysAndCerts[key_index_].rsa_private_key_pem;
156   }
get_cert()157   const char* get_cert() { return kKeysAndCerts[key_index_].cert_pem; }
158 
159   // rtc::MessageHandler implementation.
OnMessage(rtc::Message * msg)160   void OnMessage(rtc::Message* msg) {
161     MessageData* message_data = static_cast<MessageData*>(msg->pdata);
162     rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer =
163         message_data->data();
164     switch (msg->message_id) {
165       case MSG_SUCCESS: {
166         std::string cert;
167         std::string key;
168         rtc::SSLIdentity::PemToDer("CERTIFICATE", get_cert(), &cert);
169         rtc::SSLIdentity::PemToDer("RSA PRIVATE KEY", get_key(), &key);
170         observer->OnSuccess(cert, key);
171         break;
172       }
173       case MSG_FAILURE:
174         observer->OnFailure(0);
175         break;
176     }
177     delete message_data;
178   }
179 
180   bool should_fail_;
181   int key_index_ = 0;
182 };
183 
184 #endif  // TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_
185