• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /*
2  *  Copyright 2015 The WebRTC Project Authors. All rights reserved.
3  *
4  *  Use of this source code is governed by a BSD-style license
5  *  that can be found in the LICENSE file in the root of the source
6  *  tree. An additional intellectual property rights grant can be found
7  *  in the file PATENTS.  All contributing project authors may
8  *  be found in the AUTHORS file in the root of the source tree.
9  */
10 
11 #ifndef RTC_BASE_RTC_CERTIFICATE_H_
12 #define RTC_BASE_RTC_CERTIFICATE_H_
13 
14 #include <stdint.h>
15 
16 #include <memory>
17 #include <string>
18 
19 #include "api/scoped_refptr.h"
20 #include "rtc_base/ref_count.h"
21 #include "rtc_base/system/rtc_export.h"
22 
23 namespace rtc {
24 
25 class SSLCertChain;
26 class SSLCertificate;
27 class SSLIdentity;
28 
29 // This class contains PEM strings of an RTCCertificate's private key and
30 // certificate and acts as a text representation of RTCCertificate. Certificates
31 // can be serialized and deserialized to and from this format, which allows for
32 // cloning and storing of certificates to disk. The PEM format is that of
33 // |SSLIdentity::PrivateKeyToPEMString| and |SSLCertificate::ToPEMString|, e.g.
34 // the string representations used by OpenSSL.
35 class RTCCertificatePEM {
36  public:
RTCCertificatePEM(const std::string & private_key,const std::string & certificate)37   RTCCertificatePEM(const std::string& private_key,
38                     const std::string& certificate)
39       : private_key_(private_key), certificate_(certificate) {}
40 
private_key()41   const std::string& private_key() const { return private_key_; }
certificate()42   const std::string& certificate() const { return certificate_; }
43 
44  private:
45   std::string private_key_;
46   std::string certificate_;
47 };
48 
49 // A thin abstraction layer between "lower level crypto stuff" like
50 // SSLCertificate and WebRTC usage. Takes ownership of some lower level objects,
51 // reference counting protects these from premature destruction.
52 class RTC_EXPORT RTCCertificate : public RefCountInterface {
53  public:
54   // Takes ownership of |identity|.
55   static scoped_refptr<RTCCertificate> Create(
56       std::unique_ptr<SSLIdentity> identity);
57 
58   // Returns the expiration time in ms relative to epoch, 1970-01-01T00:00:00Z.
59   uint64_t Expires() const;
60   // Checks if the certificate has expired, where |now| is expressed in ms
61   // relative to epoch, 1970-01-01T00:00:00Z.
62   bool HasExpired(uint64_t now) const;
63 
64   const SSLCertificate& GetSSLCertificate() const;
65   const SSLCertChain& GetSSLCertificateChain() const;
66 
67   // Deprecated: TODO(benwright) - Remove once chromium is updated.
68   const SSLCertificate& ssl_certificate() const;
69 
70   // TODO(hbos): If possible, remove once RTCCertificate and its
71   // GetSSLCertificate() is used in all relevant places. Should not pass around
72   // raw SSLIdentity* for the sake of accessing SSLIdentity::certificate().
73   // However, some places might need SSLIdentity* for its public/private key...
identity()74   SSLIdentity* identity() const { return identity_.get(); }
75 
76   // To/from PEM, a text representation of the RTCCertificate.
77   RTCCertificatePEM ToPEM() const;
78   // Can return nullptr if the certificate is invalid.
79   static scoped_refptr<RTCCertificate> FromPEM(const RTCCertificatePEM& pem);
80   bool operator==(const RTCCertificate& certificate) const;
81   bool operator!=(const RTCCertificate& certificate) const;
82 
83  protected:
84   explicit RTCCertificate(SSLIdentity* identity);
85   ~RTCCertificate() override;
86 
87  private:
88   // The SSLIdentity is the owner of the SSLCertificate. To protect our
89   // GetSSLCertificate() we take ownership of |identity_|.
90   std::unique_ptr<SSLIdentity> identity_;
91 };
92 
93 }  // namespace rtc
94 
95 #endif  // RTC_BASE_RTC_CERTIFICATE_H_
96