mirror of
https://github.com/classilla/tenfourfox.git
synced 2025-01-01 06:33:22 +00:00
72 lines
2.5 KiB
C
72 lines
2.5 KiB
C
|
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
||
|
/* vim: set ts=2 et sw=2 tw=80: */
|
||
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
||
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
||
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
||
|
#ifndef dtls_identity_h__
|
||
|
#define dtls_identity_h__
|
||
|
|
||
|
#include <string>
|
||
|
|
||
|
#include "m_cpp_utils.h"
|
||
|
#include "mozilla/RefPtr.h"
|
||
|
#include "nsISupportsImpl.h"
|
||
|
#include "sslt.h"
|
||
|
#include "ScopedNSSTypes.h"
|
||
|
|
||
|
// All code in this module requires NSS to be live.
|
||
|
// Callers must initialize NSS and implement the nsNSSShutdownObject
|
||
|
// protocol.
|
||
|
namespace mozilla {
|
||
|
|
||
|
class DtlsIdentity final {
|
||
|
public:
|
||
|
// This constructor takes ownership of privkey and cert.
|
||
|
DtlsIdentity(SECKEYPrivateKey *privkey,
|
||
|
CERTCertificate *cert,
|
||
|
SSLKEAType authType)
|
||
|
: private_key_(privkey), cert_(cert), auth_type_(authType) {}
|
||
|
|
||
|
// This is only for use in tests, or for external linkage. It makes a (bad)
|
||
|
// instance of this class.
|
||
|
static RefPtr<DtlsIdentity> Generate();
|
||
|
|
||
|
// These don't create copies or transfer ownership. If you want these to live
|
||
|
// on, make a copy.
|
||
|
CERTCertificate *cert() const { return cert_; }
|
||
|
SECKEYPrivateKey *privkey() const { return private_key_; }
|
||
|
// Note: this uses SSLKEAType because that is what the libssl API requires.
|
||
|
// This is a giant confusing mess, but libssl indexes certificates based on a
|
||
|
// key exchange type, not authentication type (as you might have reasonably
|
||
|
// expected).
|
||
|
SSLKEAType auth_type() const { return auth_type_; }
|
||
|
|
||
|
nsresult ComputeFingerprint(const std::string algorithm,
|
||
|
uint8_t *digest,
|
||
|
size_t size,
|
||
|
size_t *digest_length) const;
|
||
|
static nsresult ComputeFingerprint(const CERTCertificate *cert,
|
||
|
const std::string algorithm,
|
||
|
uint8_t *digest,
|
||
|
size_t size,
|
||
|
size_t *digest_length);
|
||
|
|
||
|
static const std::string DEFAULT_HASH_ALGORITHM;
|
||
|
enum {
|
||
|
HASH_ALGORITHM_MAX_LENGTH = 64
|
||
|
};
|
||
|
|
||
|
NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DtlsIdentity)
|
||
|
|
||
|
private:
|
||
|
~DtlsIdentity();
|
||
|
DISALLOW_COPY_ASSIGN(DtlsIdentity);
|
||
|
|
||
|
ScopedSECKEYPrivateKey private_key_;
|
||
|
CERTCertificate *cert_; // TODO: Using a smart pointer here causes link
|
||
|
// errors.
|
||
|
SSLKEAType auth_type_;
|
||
|
};
|
||
|
} // close namespace
|
||
|
#endif
|