openssl_identity.h 3.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. /*
  2. * Copyright 2004 The WebRTC Project Authors. All rights reserved.
  3. *
  4. * Use of this source code is governed by a BSD-style license
  5. * that can be found in the LICENSE file in the root of the source
  6. * tree. An additional intellectual property rights grant can be found
  7. * in the file PATENTS. All contributing project authors may
  8. * be found in the AUTHORS file in the root of the source tree.
  9. */
  10. #ifndef RTC_BASE_OPENSSL_IDENTITY_H_
  11. #define RTC_BASE_OPENSSL_IDENTITY_H_
  12. #include <openssl/ossl_typ.h>
  13. #include <ctime>
  14. #include <memory>
  15. #include <string>
  16. #include "rtc_base/checks.h"
  17. #include "rtc_base/constructor_magic.h"
  18. #include "rtc_base/openssl_certificate.h"
  19. #include "rtc_base/ssl_certificate.h"
  20. #include "rtc_base/ssl_identity.h"
  21. namespace rtc {
  22. // OpenSSLKeyPair encapsulates an OpenSSL EVP_PKEY* keypair object,
  23. // which is reference counted inside the OpenSSL library.
  24. class OpenSSLKeyPair final {
  25. public:
  26. explicit OpenSSLKeyPair(EVP_PKEY* pkey) : pkey_(pkey) {
  27. RTC_DCHECK(pkey_ != nullptr);
  28. }
  29. static OpenSSLKeyPair* Generate(const KeyParams& key_params);
  30. // Constructs a key pair from the private key PEM string. This must not result
  31. // in missing public key parameters. Returns null on error.
  32. static OpenSSLKeyPair* FromPrivateKeyPEMString(const std::string& pem_string);
  33. virtual ~OpenSSLKeyPair();
  34. virtual OpenSSLKeyPair* GetReference();
  35. EVP_PKEY* pkey() const { return pkey_; }
  36. std::string PrivateKeyToPEMString() const;
  37. std::string PublicKeyToPEMString() const;
  38. bool operator==(const OpenSSLKeyPair& other) const;
  39. bool operator!=(const OpenSSLKeyPair& other) const;
  40. private:
  41. void AddReference();
  42. EVP_PKEY* pkey_;
  43. RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLKeyPair);
  44. };
  45. // Holds a keypair and certificate together, and a method to generate
  46. // them consistently.
  47. class OpenSSLIdentity final : public SSLIdentity {
  48. public:
  49. static std::unique_ptr<OpenSSLIdentity> CreateWithExpiration(
  50. const std::string& common_name,
  51. const KeyParams& key_params,
  52. time_t certificate_lifetime);
  53. static std::unique_ptr<OpenSSLIdentity> CreateForTest(
  54. const SSLIdentityParams& params);
  55. static std::unique_ptr<SSLIdentity> CreateFromPEMStrings(
  56. const std::string& private_key,
  57. const std::string& certificate);
  58. static std::unique_ptr<SSLIdentity> CreateFromPEMChainStrings(
  59. const std::string& private_key,
  60. const std::string& certificate_chain);
  61. ~OpenSSLIdentity() override;
  62. const OpenSSLCertificate& certificate() const override;
  63. const SSLCertChain& cert_chain() const override;
  64. // Configure an SSL context object to use our key and certificate.
  65. bool ConfigureIdentity(SSL_CTX* ctx);
  66. std::string PrivateKeyToPEMString() const override;
  67. std::string PublicKeyToPEMString() const override;
  68. bool operator==(const OpenSSLIdentity& other) const;
  69. bool operator!=(const OpenSSLIdentity& other) const;
  70. private:
  71. OpenSSLIdentity(std::unique_ptr<OpenSSLKeyPair> key_pair,
  72. std::unique_ptr<OpenSSLCertificate> certificate);
  73. OpenSSLIdentity(std::unique_ptr<OpenSSLKeyPair> key_pair,
  74. std::unique_ptr<SSLCertChain> cert_chain);
  75. std::unique_ptr<SSLIdentity> CloneInternal() const override;
  76. static std::unique_ptr<OpenSSLIdentity> CreateInternal(
  77. const SSLIdentityParams& params);
  78. std::unique_ptr<OpenSSLKeyPair> key_pair_;
  79. std::unique_ptr<SSLCertChain> cert_chain_;
  80. RTC_DISALLOW_COPY_AND_ASSIGN(OpenSSLIdentity);
  81. };
  82. } // namespace rtc
  83. #endif // RTC_BASE_OPENSSL_IDENTITY_H_