Google Git
Sign in
webrtc / src / / 76821c85eb45b618bd00ad82363a65ce3fa6f14a / . / rtc_base / ssl_fingerprint.cc
blob: a43bb159c346abd747527ba1e5658685e5ee597b [file] [log] [blame]
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]1/*
2 * Copyright 2012 The WebRTC Project Authors. All rights reserved.
3 *
4 * Use of this source code is governed by a BSD-style license
5 * that can be found in the LICENSE file in the root of the source
6 * tree. An additional intellectual property rights grant can be found
7 * in the file PATENTS. All contributing project authors may
8 * be found in the AUTHORS file in the root of the source tree.
9 */
10
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]11#include "rtc_base/ssl_fingerprint.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]12
13#include <ctype.h>
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]14
Yves Gerey988cc082018-10-23 10:03:01[diff] [blame]15#include <cstdint>
Mirko Bonadei317a1f02019-09-17 15:06:18[diff] [blame]16#include <memory>
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]17#include <string>
18
Steve Anton2acd1632019-03-25 20:48:30[diff] [blame]19#include "absl/algorithm/container.h"
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]20#include "absl/strings/string_view.h"
Ali Tofighfd6a4d62022-03-31 08:36:48[diff] [blame]21#include "api/array_view.h"
Mirko Bonadei92ea95e2017-09-15 04:47:31[diff] [blame]22#include "rtc_base/logging.h"
Steve Anton10542f22019-01-11 17:11:00[diff] [blame]23#include "rtc_base/message_digest.h"
24#include "rtc_base/rtc_certificate.h"
25#include "rtc_base/ssl_certificate.h"
26#include "rtc_base/ssl_identity.h"
27#include "rtc_base/string_encode.h"
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]28
29namespace rtc {
30
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]31SSLFingerprint* SSLFingerprint::Create(absl::string_view algorithm,
Mirko Bonadei6932fb22018-10-15 14:18:03[diff] [blame]32 const rtc::SSLIdentity* identity) {
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]33 return CreateUnique(algorithm, *identity).release();
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]34}
35
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]36std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUnique(
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]37 absl::string_view algorithm,
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]38 const rtc::SSLIdentity& identity) {
39 return Create(algorithm, identity.certificate());
40}
41
42std::unique_ptr<SSLFingerprint> SSLFingerprint::Create(
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]43 absl::string_view algorithm,
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]44 const rtc::SSLCertificate& cert) {
Peter Boström0c4e06b2015-10-07 10:23:21[diff] [blame]45 uint8_t digest_val[64];
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]46 size_t digest_len;
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]47 bool ret = cert.ComputeDigest(algorithm, digest_val, sizeof(digest_val),
48 &digest_len);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]49 if (!ret) {
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]50 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]51 }
Mirko Bonadei317a1f02019-09-17 15:06:18[diff] [blame]52 return std::make_unique<SSLFingerprint>(
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]53 algorithm, ArrayView<const uint8_t>(digest_val, digest_len));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]54}
55
56SSLFingerprint* SSLFingerprint::CreateFromRfc4572(
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]57 absl::string_view algorithm,
58 absl::string_view fingerprint) {
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]59 return CreateUniqueFromRfc4572(algorithm, fingerprint).release();
60}
61
62std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUniqueFromRfc4572(
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]63 absl::string_view algorithm,
64 absl::string_view fingerprint) {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]65 if (algorithm.empty() || !rtc::IsFips180DigestAlgorithm(algorithm))
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]66 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]67
68 if (fingerprint.empty())
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]69 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]70
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]71 char value[rtc::MessageDigest::kMaxSize];
Ali Tofighfd6a4d62022-03-31 08:36:48[diff] [blame]72 size_t value_len =
73 rtc::hex_decode_with_delimiter(ArrayView<char>(value), fingerprint, ':');
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]74 if (!value_len)
deadbeef37f5ecf2017-02-27 22:06:41[diff] [blame]75 return nullptr;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]76
Mirko Bonadei317a1f02019-09-17 15:06:18[diff] [blame]77 return std::make_unique<SSLFingerprint>(
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]78 algorithm,
79 ArrayView<const uint8_t>(reinterpret_cast<uint8_t*>(value), value_len));
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]80}
81
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]82std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateFromCertificate(
83 const RTCCertificate& cert) {
deadbeef8662f942017-01-21 05:20:51[diff] [blame]84 std::string digest_alg;
Benjamin Wright6c6c9df2018-10-25 08:16:26[diff] [blame]85 if (!cert.GetSSLCertificate().GetSignatureDigestAlgorithm(&digest_alg)) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]86 RTC_LOG(LS_ERROR)
87 << "Failed to retrieve the certificate's digest algorithm";
deadbeef8662f942017-01-21 05:20:51[diff] [blame]88 return nullptr;
89 }
90
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]91 std::unique_ptr<SSLFingerprint> fingerprint =
92 CreateUnique(digest_alg, *cert.identity());
deadbeef8662f942017-01-21 05:20:51[diff] [blame]93 if (!fingerprint) {
Mirko Bonadei675513b2017-11-09 10:09:25[diff] [blame]94 RTC_LOG(LS_ERROR) << "Failed to create identity fingerprint, alg="
95 << digest_alg;
deadbeef8662f942017-01-21 05:20:51[diff] [blame]96 }
97 return fingerprint;
98}
99
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]100SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]101 ArrayView<const uint8_t> digest_view)
102 : algorithm(algorithm), digest(digest_view.data(), digest_view.size()) {}
103
Ali Tofigh7fa90572022-03-17 14:47:49[diff] [blame]104SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
Peter Boström0c4e06b2015-10-07 10:23:21[diff] [blame]105 const uint8_t* digest_in,
106 size_t digest_len)
Steve Anton4905edb2018-10-16 02:27:44[diff] [blame]107 : SSLFingerprint(algorithm, MakeArrayView(digest_in, digest_len)) {}
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]108
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]109bool SSLFingerprint::operator==(const SSLFingerprint& other) const {
Yves Gerey665174f2018-06-19 13:03:05[diff] [blame]110 return algorithm == other.algorithm && digest == other.digest;
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]111}
112
113std::string SSLFingerprint::GetRfc4572Fingerprint() const {
Ali Tofighfd6a4d62022-03-31 08:36:48[diff] [blame]114 std::string fingerprint = rtc::hex_encode_with_delimiter(
115 absl::string_view(digest.data<char>(), digest.size()), ':');
Steve Anton2acd1632019-03-25 20:48:30[diff] [blame]116 absl::c_transform(fingerprint, fingerprint.begin(), ::toupper);
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]117 return fingerprint;
118}
119
mikescarlette7748672016-04-30 03:20:54[diff] [blame]120std::string SSLFingerprint::ToString() const {
henrike@webrtc.orgf0488722014-05-13 18:00:26[diff] [blame]121 std::string fp_str = algorithm;
122 fp_str.append(" ");
123 fp_str.append(GetRfc4572Fingerprint());
124 return fp_str;
125}
126
127} // namespace rtc