1 /* 2 * Copyright 2013 The WebRTC project authors. All Rights Reserved. 3 * 4 * Use of this source code is governed by a BSD-style license 5 * that can be found in the LICENSE file in the root of the source 6 * tree. An additional intellectual property rights grant can be found 7 * in the file PATENTS. All contributing project authors may 8 * be found in the AUTHORS file in the root of the source tree. 9 */ 10 11 #ifndef PC_TEST_FAKE_RTC_CERTIFICATE_GENERATOR_H_ 12 #define PC_TEST_FAKE_RTC_CERTIFICATE_GENERATOR_H_ 13 14 #include <memory> 15 #include <string> 16 #include <utility> 17 18 #include "api/peer_connection_interface.h" 19 #include "rtc_base/rtc_certificate.h" 20 #include "rtc_base/rtc_certificate_generator.h" 21 22 // RSA with mod size 1024, pub exp 0x10001. 23 static const rtc::RTCCertificatePEM kRsaPems[] = { 24 rtc::RTCCertificatePEM( 25 "-----BEGIN RSA PRIVATE KEY-----\n" 26 "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAMYRkbhmI7kVA/rM\n" 27 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 28 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 29 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAECgYAvgOs4FJcgvp+TuREx7YtiYVsH\n" 30 "mwQPTum2z/8VzWGwR8BBHBvIpVe1MbD/Y4seyI2aco/7UaisatSgJhsU46/9Y4fq\n" 31 "2TwXH9QANf4at4d9n/R6rzwpAJOpgwZgKvdQjkfrKTtgLV+/dawvpxUYkRH4JZM1\n" 32 "CVGukMfKNrSVH4Ap4QJBAOJmGV1ASPnB4r4nc99at7JuIJmd7fmuVUwUgYi4XgaR\n" 33 "WhScBsgYwZ/JoywdyZJgnbcrTDuVcWG56B3vXbhdpMsCQQDf9zeJrjnPZ3Cqm79y\n" 34 "kdqANep0uwZciiNiWxsQrCHztywOvbFhdp8iYVFG9EK8DMY41Y5TxUwsHD+67zao\n" 35 "ZNqJAkEA1suLUP/GvL8IwuRneQd2tWDqqRQ/Td3qq03hP7e77XtF/buya3Ghclo5\n" 36 "54czUR89QyVfJEC6278nzA7n2h1uVQJAcG6mztNL6ja/dKZjYZye2CY44QjSlLo0\n" 37 "MTgTSjdfg/28fFn2Jjtqf9Pi/X+50LWI/RcYMC2no606wRk9kyOuIQJBAK6VSAim\n" 38 "1pOEjsYQn0X5KEIrz1G3bfCbB848Ime3U2/FWlCHMr6ch8kCZ5d1WUeJD3LbwMNG\n" 39 "UCXiYxSsu20QNVw=\n" 40 "-----END RSA PRIVATE KEY-----\n", 41 "-----BEGIN CERTIFICATE-----\n" 42 "MIIBmTCCAQKgAwIBAgIEbzBSAjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDEwZX\n" 43 "ZWJSVEMwHhcNMTQwMTAyMTgyNDQ3WhcNMTQwMjAxMTgyNDQ3WjARMQ8wDQYDVQQD\n" 44 "EwZXZWJSVEMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYRkbhmI7kVA/rM\n" 45 "czsZ+6JDhDvnkF+vn6yCAGuRPV03zuRqZtDy4N4to7PZu9PjqrRl7nDMXrG3YG9y\n" 46 "rlIAZ72KjcKKFAJxQyAKLCIdawKRyp8RdK3LEySWEZb0AV58IadqPZDTNHHRX8dz\n" 47 "5aTSMsbbkZ+C/OzTnbiMqLL/vg6jAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAUflI\n" 48 "VUe5Krqf5RVa5C3u/UTAOAUJBiDS3VANTCLBxjuMsvqOG0WvaYWP3HYPgrz0jXK2\n" 49 "LJE/mGw3MyFHEqi81jh95J+ypl6xKW6Rm8jKLR87gUvCaVYn/Z4/P3AqcQTB7wOv\n" 50 "UD0A8qfhfDM+LK6rPAnCsVN0NRDY3jvd6rzix9M=\n" 51 "-----END CERTIFICATE-----\n"), 52 rtc::RTCCertificatePEM( 53 "-----BEGIN RSA PRIVATE KEY-----\n" 54 "MIICXQIBAAKBgQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgj\n" 55 "Bl8CPZMvDh9EwB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQ\n" 56 "sOR/qPvviJx5I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQAB\n" 57 "AoGARni9eY8/hv+SX+I+05EdXt6MQXNUbQ+cSykBNCfVccLzIFEWUQMT2IHqwl6X\n" 58 "ShIXcq7/n1QzOAEiuzixauM3YHg4xZ1Um2Ha9a7ig5Xg4v6b43bmMkNE6LkoAtYs\n" 59 "qnQdfMh442b1liDud6IMb1Qk0amt3fSrgRMc547TZQVx4QECQQDxUeDm94r3p4ng\n" 60 "5rCLLC1K5/6HSTZsh7jatKPlz7GfP/IZlYV7iE5784/n0wRiCjZOS7hQRy/8m2Gp\n" 61 "pf4aZq+DAkEA6+np4d36FYikydvUrupLT3FkdRHGn/v83qOll/VmeNh+L1xMZlIP\n" 62 "tM26hAXCcQb7O5+J9y3cx2CAQsBS11ZXZQJAfGgTo76WG9p5UEJdXUInD2jOZPwv\n" 63 "XIATolxh6kXKcijLLLlSmT7KB0inNYIpzkkpee+7U1d/u6B3FriGaSHq9QJBAM/J\n" 64 "ICnDdLCgwNvWVraVQC3BpwSB2pswvCFwq7py94V60XFvbw80Ogc6qIv98qvQxVlX\n" 65 "hJIEgA/PjEi+0ng94Q0CQQDm8XSDby35gmjO+6eRmJtAjtB7nguLvrPXM6CPXRmD\n" 66 "sRoBocpHw6j9UdzZ6qYG0FkdXZghezXFY58ro2BYYRR3\n" 67 "-----END RSA PRIVATE KEY-----\n", 68 "-----BEGIN CERTIFICATE-----\n" 69 "MIICWDCCAcGgAwIBAgIJALgDjxMbBOhbMA0GCSqGSIb3DQEBCwUAMEUxCzAJBgNV\n" 70 "BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX\n" 71 "aWRnaXRzIFB0eSBMdGQwHhcNMTUxMTEzMjIzMjEzWhcNMTYxMTEyMjIzMjEzWjBF\n" 72 "MQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UECgwYSW50\n" 73 "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB\n" 74 "gQDeYqlyJ1wuiMsi905e3X81/WA/G3ym50PIDZBVtSwZi7JVQPgjBl8CPZMvDh9E\n" 75 "wB4Ji9ytA8dZZbQ4WbJWPr73zPpJSCvQqz6sOXSlenBRi72acNaQsOR/qPvviJx5\n" 76 "I6Hqo4qemfnjZhAW85a5BpgrAwKgMLIQTHCTLWwVSyrDrwIDAQABo1AwTjAdBgNV\n" 77 "HQ4EFgQUx2tbJdlcSTCepn09UdYORXKuSTAwHwYDVR0jBBgwFoAUx2tbJdlcSTCe\n" 78 "pn09UdYORXKuSTAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOBgQAmp9Id\n" 79 "E716gHMqeBG4S2FCgVFCr0a0ugkaneQAN/c2L9CbMemEN9W6jvucUIVOtYd90dDW\n" 80 "lXuowWmT/JctPe3D2qt4yvYW3puECHk2tVQmrJOZiZiTRtWm6HxkmoUYHYp/DtaS\n" 81 "1Xe29gSTnZtI5sQCrGMzk3SGRSSs7ejLKiVDBQ==\n" 82 "-----END CERTIFICATE-----\n")}; 83 84 // ECDSA with EC_NIST_P256. 85 // These PEM strings were created by generating an identity with 86 // |SSLIdentity::Generate| and invoking |identity->PrivateKeyToPEMString()|, 87 // |identity->PublicKeyToPEMString()| and 88 // |identity->certificate().ToPEMString()|. 89 static const rtc::RTCCertificatePEM kEcdsaPems[] = { 90 rtc::RTCCertificatePEM( 91 "-----BEGIN PRIVATE KEY-----\n" 92 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg+qaRsR5uHtqG689M\n" 93 "A3PHSJNeVpyi5wUKCft62h0UWy+hRANCAAS5Mjc85q9fVq4ln+zOPlaEC/Rzj5Pb\n" 94 "MVZtf1x/8k2KsbmyZoAMDX2yer/atEuXmItMe3yd6/DXnvboU//D3Lyt\n" 95 "-----END PRIVATE KEY-----\n", 96 "-----BEGIN CERTIFICATE-----\n" 97 "MIIBFTCBu6ADAgECAgkA30tGY5XG7oowCgYIKoZIzj0EAwIwEDEOMAwGA1UEAwwF\n" 98 "dGVzdDMwHhcNMTYwNTA5MDkxODA4WhcNMTYwNjA5MDkxODA4WjAQMQ4wDAYDVQQD\n" 99 "DAV0ZXN0MzBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABLkyNzzmr19WriWf7M4+\n" 100 "VoQL9HOPk9sxVm1/XH/yTYqxubJmgAwNfbJ6v9q0S5eYi0x7fJ3r8Nee9uhT/8Pc\n" 101 "vK0wCgYIKoZIzj0EAwIDSQAwRgIhAIIc3+CqfkZ9lLwTj1PvUtt3KhnqF2kD0War\n" 102 "cCoTBbCxAiEAyp9Cn4vo2ZBhRIVDKyoxmwak8Z0PAVhJAQaWCgoY2D4=\n" 103 "-----END CERTIFICATE-----\n"), 104 rtc::RTCCertificatePEM( 105 "-----BEGIN PRIVATE KEY-----\n" 106 "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQghL/G4JRYnuDNbQuh\n" 107 "LqkytcE39Alsq6FItDVFgOesfCmhRANCAATd53FjPLyVUcwYguEPbSJM03fP6Rx5\n" 108 "GY1dEZ00+ZykjJI83VfDAyvmpRuGahNtBH0hc+7xkDCbeo6TM0tN35xr\n" 109 "-----END PRIVATE KEY-----\n", 110 "-----BEGIN CERTIFICATE-----\n" 111 "MIIBFDCBu6ADAgECAgkArZYdXMyJ5rswCgYIKoZIzj0EAwIwEDEOMAwGA1UEAwwF\n" 112 "dGVzdDQwHhcNMTYwNTA5MDkxODA4WhcNMTYwNjA5MDkxODA4WjAQMQ4wDAYDVQQD\n" 113 "DAV0ZXN0NDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABN3ncWM8vJVRzBiC4Q9t\n" 114 "IkzTd8/pHHkZjV0RnTT5nKSMkjzdV8MDK+alG4ZqE20EfSFz7vGQMJt6jpMzS03f\n" 115 "nGswCgYIKoZIzj0EAwIDSAAwRQIgb/LBc8OtsC5lEDyjCP6M9xt5mwzUNrQBOFWZ\n" 116 "1fE/g68CIQD7uoFfbiq6dTp8ZwzbwQ8jJf08KjriamqA9OW/4268Dw==\n" 117 "-----END CERTIFICATE-----\n")}; 118 119 class FakeRTCCertificateGenerator 120 : public rtc::RTCCertificateGeneratorInterface, 121 public rtc::MessageHandler { 122 public: 123 typedef rtc::TypedMessageData< 124 rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback> > 125 MessageData; 126 FakeRTCCertificateGenerator()127 FakeRTCCertificateGenerator() : should_fail_(false), should_wait_(false) {} 128 set_should_fail(bool should_fail)129 void set_should_fail(bool should_fail) { should_fail_ = should_fail; } 130 131 // If set to true, stalls the generation of the fake certificate until it is 132 // set to false. set_should_wait(bool should_wait)133 void set_should_wait(bool should_wait) { should_wait_ = should_wait; } 134 use_original_key()135 void use_original_key() { key_index_ = 0; } use_alternate_key()136 void use_alternate_key() { key_index_ = 1; } 137 generated_certificates()138 int generated_certificates() { return generated_certificates_; } generated_failures()139 int generated_failures() { return generated_failures_; } 140 GenerateCertificateAsync(const rtc::KeyParams & key_params,const absl::optional<uint64_t> & expires_ms,const rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback> & callback)141 void GenerateCertificateAsync( 142 const rtc::KeyParams& key_params, 143 const absl::optional<uint64_t>& expires_ms, 144 const rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback>& callback) 145 override { 146 // The certificates are created from constant PEM strings and use its coded 147 // expiration time, we do not support modifying it. 148 RTC_DCHECK(!expires_ms); 149 MessageData* msg = new MessageData( 150 rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback>(callback)); 151 uint32_t msg_id; 152 // Only supports RSA-1024-0x10001 and ECDSA-P256. 153 if (should_fail_) { 154 msg_id = MSG_FAILURE; 155 } else if (key_params.type() == rtc::KT_RSA) { 156 RTC_DCHECK_EQ(key_params.rsa_params().mod_size, 1024); 157 RTC_DCHECK_EQ(key_params.rsa_params().pub_exp, 0x10001); 158 msg_id = MSG_SUCCESS_RSA; 159 } else { 160 RTC_DCHECK_EQ(key_params.type(), rtc::KT_ECDSA); 161 RTC_DCHECK_EQ(key_params.ec_curve(), rtc::EC_NIST_P256); 162 msg_id = MSG_SUCCESS_ECDSA; 163 } 164 rtc::Thread::Current()->Post(RTC_FROM_HERE, this, msg_id, msg); 165 } 166 GenerateCertificate()167 static rtc::scoped_refptr<rtc::RTCCertificate> GenerateCertificate() { 168 switch (rtc::KT_DEFAULT) { 169 case rtc::KT_RSA: 170 return rtc::RTCCertificate::FromPEM(kRsaPems[0]); 171 case rtc::KT_ECDSA: 172 return rtc::RTCCertificate::FromPEM(kEcdsaPems[0]); 173 default: 174 RTC_NOTREACHED(); 175 return nullptr; 176 } 177 } 178 179 private: 180 enum { 181 MSG_SUCCESS_RSA, 182 MSG_SUCCESS_ECDSA, 183 MSG_FAILURE, 184 }; 185 get_pem(const rtc::KeyType & key_type)186 const rtc::RTCCertificatePEM& get_pem(const rtc::KeyType& key_type) const { 187 switch (key_type) { 188 case rtc::KT_RSA: 189 return kRsaPems[key_index_]; 190 case rtc::KT_ECDSA: 191 return kEcdsaPems[key_index_]; 192 default: 193 RTC_NOTREACHED(); 194 return kEcdsaPems[key_index_]; 195 } 196 } get_key(const rtc::KeyType & key_type)197 const std::string& get_key(const rtc::KeyType& key_type) const { 198 return get_pem(key_type).private_key(); 199 } get_cert(const rtc::KeyType & key_type)200 const std::string& get_cert(const rtc::KeyType& key_type) const { 201 return get_pem(key_type).certificate(); 202 } 203 204 // rtc::MessageHandler implementation. OnMessage(rtc::Message * msg)205 void OnMessage(rtc::Message* msg) override { 206 // If the certificate generation should be stalled, re-post this same 207 // message to the queue with a small delay so as to wait in a loop until 208 // set_should_wait(false) is called. 209 if (should_wait_) { 210 rtc::Thread::Current()->PostDelayed(RTC_FROM_HERE, 1, this, 211 msg->message_id, msg->pdata); 212 return; 213 } 214 MessageData* message_data = static_cast<MessageData*>(msg->pdata); 215 rtc::scoped_refptr<rtc::RTCCertificateGeneratorCallback> callback = 216 message_data->data(); 217 rtc::scoped_refptr<rtc::RTCCertificate> certificate; 218 switch (msg->message_id) { 219 case MSG_SUCCESS_RSA: 220 case MSG_SUCCESS_ECDSA: { 221 rtc::KeyType key_type = 222 msg->message_id == MSG_SUCCESS_RSA ? rtc::KT_RSA : rtc::KT_ECDSA; 223 certificate = rtc::RTCCertificate::FromPEM(get_pem(key_type)); 224 RTC_DCHECK(certificate); 225 ++generated_certificates_; 226 callback->OnSuccess(certificate); 227 break; 228 } 229 case MSG_FAILURE: 230 ++generated_failures_; 231 callback->OnFailure(); 232 break; 233 } 234 delete message_data; 235 } 236 237 bool should_fail_; 238 bool should_wait_; 239 int key_index_ = 0; 240 int generated_certificates_ = 0; 241 int generated_failures_ = 0; 242 }; 243 244 #endif // PC_TEST_FAKE_RTC_CERTIFICATE_GENERATOR_H_ 245