/* * Copyright 2004 The WebRTC Project Authors. All rights reserved. * * Use of this source code is governed by a BSD-style license * that can be found in the LICENSE file in the root of the source * tree. An additional intellectual property rights grant can be found * in the file PATENTS. All contributing project authors may * be found in the AUTHORS file in the root of the source tree. */ // Handling of certificates and keypairs for SSLStreamAdapter's peer mode. #ifndef RTC_BASE_SSL_IDENTITY_H_ #define RTC_BASE_SSL_IDENTITY_H_ #include <stdint.h> #include <ctime> #include <memory> #include <string> #include "absl/strings/string_view.h" #include "rtc_base/system/rtc_export.h" namespace rtc { class SSLCertChain; class SSLCertificate; // KT_LAST is intended for vector declarations and loops over all key types; // it does not represent any key type in itself. // KT_DEFAULT is used as the default KeyType for KeyParams. enum KeyType { … }; static const int kRsaDefaultModSize = …; static const int kRsaDefaultExponent = …; // = 2^16+1 = 65537 static const int kRsaMinModSize = …; static const int kRsaMaxModSize = …; // Certificate default validity lifetime. static const int kDefaultCertificateLifetimeInSeconds = …; // 30 days // Certificate validity window. // This is to compensate for slightly incorrect system clocks. static const int kCertificateWindowInSeconds = …; struct RSAParams { … }; enum ECCurve { … }; class RTC_EXPORT KeyParams { … }; // TODO(hbos): Remove once rtc::KeyType (to be modified) and // blink::WebRTCKeyType (to be landed) match. By using this function in Chromium // appropriately we can change KeyType enum -> class without breaking Chromium. KeyType IntKeyTypeFamilyToKeyType(int key_type_family); // Parameters for generating a certificate. If `common_name` is non-empty, it // will be used for the certificate's subject and issuer name, otherwise a // random string will be used. struct SSLIdentityParams { … }; // Our identity in an SSL negotiation: a keypair and certificate (both // with the same public key). // This too is pretty much immutable once created. class RTC_EXPORT SSLIdentity { … }; bool operator==(const SSLIdentity& a, const SSLIdentity& b); bool operator!=(const SSLIdentity& a, const SSLIdentity& b); // Convert from ASN1 time as restricted by RFC 5280 to seconds from 1970-01-01 // 00.00 ("epoch"). If the ASN1 time cannot be read, return -1. The data at // `s` is not 0-terminated; its char count is defined by `length`. int64_t ASN1TimeToSec(const unsigned char* s, size_t length, bool long_format); extern const char kPemTypeCertificate[]; extern const char kPemTypeRsaPrivateKey[]; extern const char kPemTypeEcPrivateKey[]; } // namespace rtc #endif // RTC_BASE_SSL_IDENTITY_H_
Codebase Browser
chromium