commit f048872e915a3ee229044ec4bc541f6cbf9e4de1
author henrike@webrtc.org <henrike@webrtc.org@4adac7df-926f-26a2-2b94-8c16560cd09d> Tue May 13 18:00:26 2014
committer henrike@webrtc.org <henrike@webrtc.org@4adac7df-926f-26a2-2b94-8c16560cd09d> Tue May 13 18:00:26 2014
tree df6a85065b81a76772d3a23dc9eac919a2134ce4
parent 3e01e0b16cbde481241b9bcfdbbdd591cd920b99

Adds a modified copy of talk/base to webrtc/base. It is the first step in
migrating talk/base to webrtc/base.

BUG=N/A
R=niklas.enbom@webrtc.org

Review URL: https://webrtc-codereview.appspot.com/17479005

git-svn-id: http://webrtc.googlecode.com/svn/trunk@6129 4adac7df-926f-26a2-2b94-8c16560cd09d

webrtc/base/sslidentity.cc

diff --git a/webrtc/base/sslidentity.cc b/webrtc/base/sslidentity.cc
new file mode 100644
index 0000000..0008574
--- /dev/null
+++ b/webrtc/base/sslidentity.cc
@@ -0,0 +1,154 @@
+/*
+ *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+// Handling of certificates and keypairs for SSLStreamAdapter's peer mode.
+#if HAVE_CONFIG_H
+#include "config.h"
+#endif  // HAVE_CONFIG_H
+
+#include "webrtc/base/sslidentity.h"
+
+#include <string>
+
+#include "webrtc/base/base64.h"
+#include "webrtc/base/logging.h"
+#include "webrtc/base/sslconfig.h"
+
+#if SSL_USE_SCHANNEL
+
+#elif SSL_USE_OPENSSL  // !SSL_USE_SCHANNEL
+
+#include "webrtc/base/opensslidentity.h"
+
+#elif SSL_USE_NSS  // !SSL_USE_SCHANNEL && !SSL_USE_OPENSSL
+
+#include "webrtc/base/nssidentity.h"
+
+#endif  // SSL_USE_SCHANNEL
+
+namespace rtc {
+
+const char kPemTypeCertificate[] = "CERTIFICATE";
+const char kPemTypeRsaPrivateKey[] = "RSA PRIVATE KEY";
+
+bool SSLIdentity::PemToDer(const std::string& pem_type,
+                           const std::string& pem_string,
+                           std::string* der) {
+  // Find the inner body. We need this to fulfill the contract of
+  // returning pem_length.
+  size_t header = pem_string.find("-----BEGIN " + pem_type + "-----");
+  if (header == std::string::npos)
+    return false;
+
+  size_t body = pem_string.find("\n", header);
+  if (body == std::string::npos)
+    return false;
+
+  size_t trailer = pem_string.find("-----END " + pem_type + "-----");
+  if (trailer == std::string::npos)
+    return false;
+
+  std::string inner = pem_string.substr(body + 1, trailer - (body + 1));
+
+  *der = Base64::Decode(inner, Base64::DO_PARSE_WHITE |
+                        Base64::DO_PAD_ANY |
+                        Base64::DO_TERM_BUFFER);
+  return true;
+}
+
+std::string SSLIdentity::DerToPem(const std::string& pem_type,
+                                  const unsigned char* data,
+                                  size_t length) {
+  std::stringstream result;
+
+  result << "-----BEGIN " << pem_type << "-----\n";
+
+  std::string b64_encoded;
+  Base64::EncodeFromArray(data, length, &b64_encoded);
+
+  // Divide the Base-64 encoded data into 64-character chunks, as per
+  // 4.3.2.4 of RFC 1421.
+  static const size_t kChunkSize = 64;
+  size_t chunks = (b64_encoded.size() + (kChunkSize - 1)) / kChunkSize;
+  for (size_t i = 0, chunk_offset = 0; i < chunks;
+       ++i, chunk_offset += kChunkSize) {
+    result << b64_encoded.substr(chunk_offset, kChunkSize);
+    result << "\n";
+  }
+
+  result << "-----END " << pem_type << "-----\n";
+
+  return result.str();
+}
+
+#if SSL_USE_SCHANNEL
+
+SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
+  return NULL;
+}
+
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
+  return NULL;
+}
+
+SSLIdentity* GenerateForTest(const SSLIdentityParams& params) {
+  return NULL;
+}
+
+SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
+                                         const std::string& certificate) {
+  return NULL;
+}
+
+#elif SSL_USE_OPENSSL  // !SSL_USE_SCHANNEL
+
+SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
+  return OpenSSLCertificate::FromPEMString(pem_string);
+}
+
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
+  return OpenSSLIdentity::Generate(common_name);
+}
+
+SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
+  return OpenSSLIdentity::GenerateForTest(params);
+}
+
+SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
+                                         const std::string& certificate) {
+  return OpenSSLIdentity::FromPEMStrings(private_key, certificate);
+}
+
+#elif SSL_USE_NSS  // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL
+
+SSLCertificate* SSLCertificate::FromPEMString(const std::string& pem_string) {
+  return NSSCertificate::FromPEMString(pem_string);
+}
+
+SSLIdentity* SSLIdentity::Generate(const std::string& common_name) {
+  return NSSIdentity::Generate(common_name);
+}
+
+SSLIdentity* SSLIdentity::GenerateForTest(const SSLIdentityParams& params) {
+  return NSSIdentity::GenerateForTest(params);
+}
+
+SSLIdentity* SSLIdentity::FromPEMStrings(const std::string& private_key,
+                                         const std::string& certificate) {
+  return NSSIdentity::FromPEMStrings(private_key, certificate);
+}
+
+#else  // !SSL_USE_OPENSSL && !SSL_USE_SCHANNEL && !SSL_USE_NSS
+
+#error "No SSL implementation"
+
+#endif  // SSL_USE_SCHANNEL
+
+}  // namespace rtc