2014-05-13 18:00:26 +00:00
|
|
|
/*
|
|
|
|
|
* Copyright 2012 The WebRTC Project Authors. All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* Use of this source code is governed by a BSD-style license
|
|
|
|
|
* that can be found in the LICENSE file in the root of the source
|
|
|
|
|
* tree. An additional intellectual property rights grant can be found
|
|
|
|
|
* in the file PATENTS. All contributing project authors may
|
|
|
|
|
* be found in the AUTHORS file in the root of the source tree.
|
|
|
|
|
*/
|
|
|
|
|
|
2017-06-30 10:45:21 -07:00
|
|
|
#include "webrtc/rtc_base/sslfingerprint.h"
|
2014-05-13 18:00:26 +00:00
|
|
|
|
|
|
|
|
#include <ctype.h>
|
|
|
|
|
#include <string>
|
|
|
|
|
|
2017-06-30 10:45:21 -07:00
|
|
|
#include "webrtc/rtc_base/helpers.h"
|
|
|
|
|
#include "webrtc/rtc_base/logging.h"
|
|
|
|
|
#include "webrtc/rtc_base/messagedigest.h"
|
|
|
|
|
#include "webrtc/rtc_base/stringencode.h"
|
2014-05-13 18:00:26 +00:00
|
|
|
|
|
|
|
|
namespace rtc {
|
|
|
|
|
|
|
|
|
|
SSLFingerprint* SSLFingerprint::Create(
|
|
|
|
|
const std::string& algorithm, const rtc::SSLIdentity* identity) {
|
|
|
|
|
if (!identity) {
|
2017-02-27 14:06:41 -08:00
|
|
|
return nullptr;
|
2014-05-13 18:00:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return Create(algorithm, &(identity->certificate()));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSLFingerprint* SSLFingerprint::Create(
|
|
|
|
|
const std::string& algorithm, const rtc::SSLCertificate* cert) {
|
Use suffixed {uint,int}{8,16,32,64}_t types.
Removes the use of uint8, etc. in favor of uint8_t.
BUG=webrtc:5024
R=henrik.lundin@webrtc.org, henrikg@webrtc.org, perkj@webrtc.org, solenberg@webrtc.org, stefan@webrtc.org, tina.legrand@webrtc.org
Review URL: https://codereview.webrtc.org/1362503003 .
Cr-Commit-Position: refs/heads/master@{#10196}
2015-10-07 12:23:21 +02:00
|
|
|
uint8_t digest_val[64];
|
2014-05-13 18:00:26 +00:00
|
|
|
size_t digest_len;
|
|
|
|
|
bool ret = cert->ComputeDigest(
|
|
|
|
|
algorithm, digest_val, sizeof(digest_val), &digest_len);
|
|
|
|
|
if (!ret) {
|
2017-02-27 14:06:41 -08:00
|
|
|
return nullptr;
|
2014-05-13 18:00:26 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return new SSLFingerprint(algorithm, digest_val, digest_len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSLFingerprint* SSLFingerprint::CreateFromRfc4572(
|
|
|
|
|
const std::string& algorithm, const std::string& fingerprint) {
|
|
|
|
|
if (algorithm.empty() || !rtc::IsFips180DigestAlgorithm(algorithm))
|
2017-02-27 14:06:41 -08:00
|
|
|
return nullptr;
|
2014-05-13 18:00:26 +00:00
|
|
|
|
|
|
|
|
if (fingerprint.empty())
|
2017-02-27 14:06:41 -08:00
|
|
|
return nullptr;
|
2014-05-13 18:00:26 +00:00
|
|
|
|
|
|
|
|
size_t value_len;
|
|
|
|
|
char value[rtc::MessageDigest::kMaxSize];
|
|
|
|
|
value_len = rtc::hex_decode_with_delimiter(value, sizeof(value),
|
|
|
|
|
fingerprint.c_str(),
|
|
|
|
|
fingerprint.length(),
|
|
|
|
|
':');
|
|
|
|
|
if (!value_len)
|
2017-02-27 14:06:41 -08:00
|
|
|
return nullptr;
|
2014-05-13 18:00:26 +00:00
|
|
|
|
Use suffixed {uint,int}{8,16,32,64}_t types.
Removes the use of uint8, etc. in favor of uint8_t.
BUG=webrtc:5024
R=henrik.lundin@webrtc.org, henrikg@webrtc.org, perkj@webrtc.org, solenberg@webrtc.org, stefan@webrtc.org, tina.legrand@webrtc.org
Review URL: https://codereview.webrtc.org/1362503003 .
Cr-Commit-Position: refs/heads/master@{#10196}
2015-10-07 12:23:21 +02:00
|
|
|
return new SSLFingerprint(algorithm, reinterpret_cast<uint8_t*>(value),
|
2014-05-13 18:00:26 +00:00
|
|
|
value_len);
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-20 21:20:51 -08:00
|
|
|
SSLFingerprint* SSLFingerprint::CreateFromCertificate(
|
|
|
|
|
const RTCCertificate* cert) {
|
|
|
|
|
std::string digest_alg;
|
|
|
|
|
if (!cert->ssl_certificate().GetSignatureDigestAlgorithm(&digest_alg)) {
|
|
|
|
|
LOG(LS_ERROR) << "Failed to retrieve the certificate's digest algorithm";
|
|
|
|
|
return nullptr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSLFingerprint* fingerprint = Create(digest_alg, cert->identity());
|
|
|
|
|
if (!fingerprint) {
|
|
|
|
|
LOG(LS_ERROR) << "Failed to create identity fingerprint, alg="
|
|
|
|
|
<< digest_alg;
|
|
|
|
|
}
|
|
|
|
|
return fingerprint;
|
|
|
|
|
}
|
|
|
|
|
|
Use suffixed {uint,int}{8,16,32,64}_t types.
Removes the use of uint8, etc. in favor of uint8_t.
BUG=webrtc:5024
R=henrik.lundin@webrtc.org, henrikg@webrtc.org, perkj@webrtc.org, solenberg@webrtc.org, stefan@webrtc.org, tina.legrand@webrtc.org
Review URL: https://codereview.webrtc.org/1362503003 .
Cr-Commit-Position: refs/heads/master@{#10196}
2015-10-07 12:23:21 +02:00
|
|
|
SSLFingerprint::SSLFingerprint(const std::string& algorithm,
|
|
|
|
|
const uint8_t* digest_in,
|
|
|
|
|
size_t digest_len)
|
2014-05-13 18:00:26 +00:00
|
|
|
: algorithm(algorithm) {
|
|
|
|
|
digest.SetData(digest_in, digest_len);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
SSLFingerprint::SSLFingerprint(const SSLFingerprint& from)
|
|
|
|
|
: algorithm(from.algorithm), digest(from.digest) {}
|
|
|
|
|
|
|
|
|
|
bool SSLFingerprint::operator==(const SSLFingerprint& other) const {
|
|
|
|
|
return algorithm == other.algorithm &&
|
|
|
|
|
digest == other.digest;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
std::string SSLFingerprint::GetRfc4572Fingerprint() const {
|
|
|
|
|
std::string fingerprint =
|
rtc::Buffer improvements
1. Constructors, SetData(), and AppendData() now accept uint8_t*,
int8_t*, and char*. Previously, they accepted void*, meaning that
any kind of pointer was accepted. I think requiring an explicit
cast in cases where the input array isn't already of a byte-sized
type is a better compromise between convenience and safety.
2. data() can now return a uint8_t* instead of a char*, which seems
more appropriate for a byte array, and is harder to mix up with
zero-terminated C strings. data<int8_t>() is also available so
that callers that want that type instead won't have to cast, as
is data<char>() (which remains the default until all existing
callers have been fixed).
3. Constructors, SetData(), and AppendData() now accept arrays
natively, not just decayed to pointers. The advantage of this is
that callers don't have to pass the size separately.
4. There are new constructors that allow setting size and capacity
without initializing the array. Previously, this had to be done
separately after construction.
5. Instead of TransferTo(), Buffer now supports swap(), and move
construction and assignment, and has a Pass() method that works
just like std::move(). (The Pass method is modeled after
scoped_ptr::Pass().)
R=jmarusic@webrtc.org, tommi@webrtc.org
Review URL: https://webrtc-codereview.appspot.com/42989004
Cr-Commit-Position: refs/heads/master@{#9033}
2015-04-20 14:03:07 +02:00
|
|
|
rtc::hex_encode_with_delimiter(digest.data<char>(), digest.size(), ':');
|
2014-05-13 18:00:26 +00:00
|
|
|
std::transform(fingerprint.begin(), fingerprint.end(),
|
|
|
|
|
fingerprint.begin(), ::toupper);
|
|
|
|
|
return fingerprint;
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-29 20:20:54 -07:00
|
|
|
std::string SSLFingerprint::ToString() const {
|
2014-05-13 18:00:26 +00:00
|
|
|
std::string fp_str = algorithm;
|
|
|
|
|
fp_str.append(" ");
|
|
|
|
|
fp_str.append(GetRfc4572Fingerprint());
|
|
|
|
|
return fp_str;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
} // namespace rtc
|