1 /* 2 * libjingle 3 * Copyright 2013 Google Inc. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright notice, 9 * this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright notice, 11 * this list of conditions and the following disclaimer in the documentation 12 * and/or other materials provided with the distribution. 13 * 3. The name of the author may not be used to endorse or promote products 14 * derived from this software without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED 17 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 18 * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO 19 * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 20 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, 21 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; 22 * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, 23 * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR 24 * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF 25 * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #ifndef TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_ 29 #define TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_ 30 31 #include <string> 32 #include <utility> 33 34 #include "talk/app/webrtc/dtlsidentitystore.h" 35 #include "talk/app/webrtc/peerconnectioninterface.h" 36 #include "webrtc/base/rtccertificate.h" 37 38 static const struct { 39 const char* rsa_private_key_pem; 40 const char* cert_pem; 41 } kKeysAndCerts[] = { 42 {"-----BEGIN RSA PRIVATE KEY-----\n" 43 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" 44 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 45 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 46 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" 47 "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n" 48 "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n" 49 "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n" 50 "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n" 51 "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n" 52 "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n" 53 "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n" 54 "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n" 55 "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n" 56 "UCXiYxSsu20QNVw=\n" 57 "-----END RSA PRIVATE KEY-----\n", 58 "-----BEGIN CERTIFICATE-----\n" 59 "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n" 60 "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n" 61 "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n" 62 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 63 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 64 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n" 65 "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n" 66 "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n" 67 "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n" 68 "-----END CERTIFICATE-----\n"}, 69 {"-----BEGIN RSA PRIVATE KEY-----\n" 70 "MIICXQIBAAKBgQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgj\n" 71 "Bl8CPZMvDh9EwB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQ\n" 72 "sOR/qPvviJx5I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQAB\n" 73 "AoGARni9eY8/hv+SX+I+05EdXt6MQXNUbQ+cSykBNCfVccLzIFEWUQMT2IHqwl6X\n" 74 "ShIXcq7/n1QzOAEiuzixauM3YHg4xZ1Um2Ha9a7ig5Xg4v6b43bmMkNE6LkoAtYs\n" 75 "qnQdfMh442b1liDud6IMb1Qk0amt3fSrgRMc547TZQVx4QECQQDxUeDm94r3p4ng\n" 76 "5rCLLC1K5/6HSTZsh7jatKPlz7GfP/IZlYV7iE5784/n0wRiCjZOS7hQRy/8m2Gp\n" 77 "pf4aZq+DAkEA6+np4d36FYikydvUrupLT3FkdRHGn/v83qOll/VmeNh+L1xMZlIP\n" 78 "tM26hAXCcQb7O5+J9y3cx2CAQsBS11ZXZQJAfGgTo76WG9p5UEJdXUInD2jOZPwv\n" 79 "XIATolxh6kXKcijLLLlSmT7KB0inNYIpzkkpee+7U1d/u6B3FriGaSHq9QJBAM/J\n" 80 "ICnDdLCgwNvWVraVQC3BpwSB2pswvCFwq7py94V60XFvbw80Ogc6qIv98qvQxVlX\n" 81 "hJIEgA/PjEi+0ng94Q0CQQDm8XSDby35gmjO+6eRmJtAjtB7nguLvrPXM6CPXRmD\n" 82 "sRoBocpHw6j9UdzZ6qYG0FkdXZghezXFY58ro2BYYRR3\n" 83 "-----END RSA PRIVATE KEY-----\n", 84 "-----BEGIN CERTIFICATE-----\n" 85 "MIICWDCCAcGgAwIBAgIJALgDjxMbBOhbMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" 86 "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" 87 "aWRnaXRzIFB0eSBMdGQwHhcNMTUxMTEzMjIzMjEzWhcNMTYxMTEyMjIzMjEzWjBF\n" 88 "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" 89 "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" 90 "gQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgjBl8CPZMvDh9E\n" 91 "wB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQsOR/qPvviJx5\n" 92 "I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQABo1AwTjAdBgNV\n" 93 "HQ4EFgQUx2tbJdlcSTCepn09UdYORXKuSTAwHwYDVR0jBBgwFoAUx2tbJdlcSTCe\n" 94 "pn09UdYORXKuSTAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQAmp9Id\n" 95 "E716gHMqeBG4S2FCgVFCr0a0ugkaneQAN/c2L9CbMemEN9W6jvucUIVOtYd90dDW\n" 96 "lXuowWmT/JctPe3D2qt4yvYW3puECHk2tVQmrJOZiZiTRtWm6HxkmoUYHYp/DtaS\n" 97 "1Xe29gSTnZtI5sQCrGMzk3SGRSSs7ejLKiVDBQ==\n" 98 "-----END CERTIFICATE-----\n"}}; 99 100 class FakeDtlsIdentityStore : public webrtc::DtlsIdentityStoreInterface, 101 public rtc::MessageHandler { 102 public: 103 typedef rtc::TypedMessageData<rtc::scoped_refptr< 104 webrtc::DtlsIdentityRequestObserver> > MessageData; 105 FakeDtlsIdentityStore()106 FakeDtlsIdentityStore() : should_fail_(false) {} 107 set_should_fail(bool should_fail)108 void set_should_fail(bool should_fail) { 109 should_fail_ = should_fail; 110 } 111 use_original_key()112 void use_original_key() { key_index_ = 0; } use_alternate_key()113 void use_alternate_key() { key_index_ = 1; } 114 RequestIdentity(rtc::KeyType key_type,const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> & observer)115 void RequestIdentity( 116 rtc::KeyType key_type, 117 const rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>& 118 observer) override { 119 // TODO(hbos): Should be able to generate KT_ECDSA too. 120 RTC_DCHECK(key_type == rtc::KT_RSA || should_fail_); 121 MessageData* msg = new MessageData( 122 rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver>(observer)); 123 rtc::Thread::Current()->Post( 124 this, should_fail_ ? MSG_FAILURE : MSG_SUCCESS, msg); 125 } 126 GenerateCertificate()127 static rtc::scoped_refptr<rtc::RTCCertificate> GenerateCertificate() { 128 std::string cert; 129 std::string key; 130 rtc::SSLIdentity::PemToDer("CERTIFICATE", kKeysAndCerts[0].cert_pem, &cert); 131 rtc::SSLIdentity::PemToDer("RSA PRIVATE KEY", 132 kKeysAndCerts[0].rsa_private_key_pem, &key); 133 134 std::string pem_cert = rtc::SSLIdentity::DerToPem( 135 rtc::kPemTypeCertificate, 136 reinterpret_cast<const unsigned char*>(cert.data()), 137 cert.length()); 138 std::string pem_key = rtc::SSLIdentity::DerToPem( 139 rtc::kPemTypeRsaPrivateKey, 140 reinterpret_cast<const unsigned char*>(key.data()), 141 key.length()); 142 rtc::scoped_ptr<rtc::SSLIdentity> identity( 143 rtc::SSLIdentity::FromPEMStrings(pem_key, pem_cert)); 144 145 return rtc::RTCCertificate::Create(std::move(identity)); 146 } 147 148 private: 149 enum { 150 MSG_SUCCESS, 151 MSG_FAILURE, 152 }; 153 get_key()154 const char* get_key() { 155 return kKeysAndCerts[key_index_].rsa_private_key_pem; 156 } get_cert()157 const char* get_cert() { return kKeysAndCerts[key_index_].cert_pem; } 158 159 // rtc::MessageHandler implementation. OnMessage(rtc::Message * msg)160 void OnMessage(rtc::Message* msg) { 161 MessageData* message_data = static_cast<MessageData*>(msg->pdata); 162 rtc::scoped_refptr<webrtc::DtlsIdentityRequestObserver> observer = 163 message_data->data(); 164 switch (msg->message_id) { 165 case MSG_SUCCESS: { 166 std::string cert; 167 std::string key; 168 rtc::SSLIdentity::PemToDer("CERTIFICATE", get_cert(), &cert); 169 rtc::SSLIdentity::PemToDer("RSA PRIVATE KEY", get_key(), &key); 170 observer->OnSuccess(cert, key); 171 break; 172 } 173 case MSG_FAILURE: 174 observer->OnFailure(0); 175 break; 176 } 177 delete message_data; 178 } 179 180 bool should_fail_; 181 int key_index_ = 0; 182 }; 183 184 #endif // TALK_APP_WEBRTC_TEST_FAKEDTLSIDENTITYSERVICE_H_ 185