Adds RTCCertificate, a reference counted object indirectly owning an SSLCertificate (by owning the SSLIdentity).

BUG=webrtc:4927 R=tommi@chromium.org, tommi@webrtc.org, torbjorng@webrtc.org Review URL: https://codereview.webrtc.org/1299223002 . Cr-Commit-Position: refs/heads/master@{#9741}
2015-08-20 12:15:54 +02:00 · 2015-08-20 12:15:54 +02:00 · 41b3a384f4
commit 41b3a384f4
parent 9e260f184b
4 changed files with 100 additions and 0 deletions
--- a/webrtc/base/BUILD.gn
+++ b/webrtc/base/BUILD.gn
@ -272,6 +272,8 @@ static_library("rtc_base") {
    "ratelimiter.h",
    "ratetracker.cc",
    "ratetracker.h",
+    "rtccertificate.cc",
+    "rtccertificate.h",
    "scoped_autorelease_pool.h",
    "scoped_autorelease_pool.mm",
    "sha1.cc",
--- a/webrtc/base/base.gyp
+++ b/webrtc/base/base.gyp
@ -248,6 +248,8 @@
        'refcount.h',
        'referencecountedsingletonfactory.h',
        'rollingaccumulator.h',
+        'rtccertificate.cc',
+        'rtccertificate.h',
        'schanneladapter.cc',
        'schanneladapter.h',
        'scoped_autorelease_pool.h',
--- a/webrtc/base/rtccertificate.cc
+++ b/webrtc/base/rtccertificate.cc
@ -0,0 +1,44 @@
+/*
+ *  Copyright 2015 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#include "webrtc/base/rtccertificate.h"
+
+#include "webrtc/base/checks.h"
+#include "webrtc/base/timeutils.h"
+
+namespace rtc {
+
+scoped_refptr<RTCCertificate> RTCCertificate::Create(
+    scoped_ptr<SSLIdentity> identity) {
+  return new RefCountedObject<RTCCertificate>(identity.release());
+}
+
+RTCCertificate::RTCCertificate(SSLIdentity* identity)
+    : identity_(identity) {
+  DCHECK(identity_);
+}
+
+RTCCertificate::~RTCCertificate() {
+}
+
+uint64 RTCCertificate::expires_timestamp_ns() const {
+  // TODO(hbos): Update once SSLIdentity/SSLCertificate supports expires field.
+  return 0;
+}
+
+bool RTCCertificate::HasExpired() const {
+  return expires_timestamp_ns() <= TimeNanos();
+}
+
+const SSLCertificate& RTCCertificate::ssl_certificate() const {
+  return identity_->certificate();
+}
+
+}  // namespace rtc
--- a/webrtc/base/rtccertificate.h
+++ b/webrtc/base/rtccertificate.h
@ -0,0 +1,52 @@
+/*
+ *  Copyright 2015 The WebRTC Project Authors. All rights reserved.
+ *
+ *  Use of this source code is governed by a BSD-style license
+ *  that can be found in the LICENSE file in the root of the source
+ *  tree. An additional intellectual property rights grant can be found
+ *  in the file PATENTS.  All contributing project authors may
+ *  be found in the AUTHORS file in the root of the source tree.
+ */
+
+#ifndef WEBRTC_BASE_RTCCERTIFICATE_H_
+#define WEBRTC_BASE_RTCCERTIFICATE_H_
+
+#include "webrtc/base/basictypes.h"
+#include "webrtc/base/refcount.h"
+#include "webrtc/base/scoped_ptr.h"
+#include "webrtc/base/scoped_ref_ptr.h"
+#include "webrtc/base/sslidentity.h"
+
+namespace rtc {
+
+// A thin abstraction layer between "lower level crypto stuff" like
+// SSLCertificate and WebRTC usage. Takes ownership of some lower level objects,
+// reference counting protects these from premature destruction.
+class RTCCertificate : public RefCountInterface {
+ public:
+  // Takes ownership of |identity|.
+  static scoped_refptr<RTCCertificate> Create(scoped_ptr<SSLIdentity> identity);
+
+  uint64 expires_timestamp_ns() const;
+  bool HasExpired() const;
+  const SSLCertificate& ssl_certificate() const;
+
+  // TODO(hbos): If possible, remove once RTCCertificate and its
+  // ssl_certificate() is used in all relevant places. Should not pass around
+  // raw SSLIdentity* for the sake of accessing SSLIdentity::certificate().
+  // However, some places might need SSLIdentity* for its public/private key...
+  SSLIdentity* identity() const { return identity_.get(); }
+
+ protected:
+  explicit RTCCertificate(SSLIdentity* identity);
+  ~RTCCertificate() override;
+
+ private:
+  // The SSLIdentity is the owner of the SSLCertificate. To protect our
+  // ssl_certificate() we take ownership of |identity_|.
+  scoped_ptr<SSLIdentity> identity_;
+};
+
+}  // namespace rtc
+
+#endif  // WEBRTC_BASE_RTCCERTIFICATE_H_