media/mtransport/dtlsidentity.h@97036ab72558 (annotated)
media/mtransport/dtlsidentity.h
Tue, 06 Jan 2015 21:39:09 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Tue, 06 Jan 2015 21:39:09 +0100
- branch
- TOR_BUG_9701
- changeset 8
- 97036ab72558
- permissions
- -rw-r--r--
Conditionally force memory storage according to privacy.thirdparty.isolate;
This solves Tor bug #9701, complying with disk avoidance documented in
https://www.torproject.org/projects/torbrowser/design/#disk-avoidance.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ |
| michael@0 | 2 | /* vim: set ts=2 et sw=2 tw=80: */ |
| michael@0 | 3 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this file, |
| michael@0 | 5 | * You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | #ifndef dtls_identity_h__ |
| michael@0 | 7 | #define dtls_identity_h__ |
| michael@0 | 8 | |
| michael@0 | 9 | #include <string> |
| michael@0 | 10 | |
| michael@0 | 11 | #include "m_cpp_utils.h" |
| michael@0 | 12 | #include "mozilla/RefPtr.h" |
| michael@0 | 13 | #include "nsISupportsImpl.h" |
| michael@0 | 14 | #include "ScopedNSSTypes.h" |
| michael@0 | 15 | |
| michael@0 | 16 | // All code in this module requires NSS to be live. |
| michael@0 | 17 | // Callers must initialize NSS and implement the nsNSSShutdownObject |
| michael@0 | 18 | // protocol. |
| michael@0 | 19 | namespace mozilla { |
| michael@0 | 20 | |
| michael@0 | 21 | class DtlsIdentity { |
| michael@0 | 22 | public: |
| michael@0 | 23 | ~DtlsIdentity(); |
| michael@0 | 24 | |
| michael@0 | 25 | // Generate an identity with a random name. |
| michael@0 | 26 | static TemporaryRef<DtlsIdentity> Generate(); |
| michael@0 | 27 | |
| michael@0 | 28 | // Note: the following two functions just provide access. They |
| michael@0 | 29 | // do not transfer ownership. If you want a pointer that lasts |
| michael@0 | 30 | // past the lifetime of the DtlsIdentity, you must make |
| michael@0 | 31 | // a copy yourself. |
| michael@0 | 32 | CERTCertificate *cert() { return cert_; } |
| michael@0 | 33 | SECKEYPrivateKey *privkey() { return privkey_; } |
| michael@0 | 34 | |
| michael@0 | 35 | std::string GetFormattedFingerprint(const std::string &algorithm = DEFAULT_HASH_ALGORITHM); |
| michael@0 | 36 | |
| michael@0 | 37 | nsresult ComputeFingerprint(const std::string algorithm, |
| michael@0 | 38 | unsigned char *digest, |
| michael@0 | 39 | std::size_t size, |
| michael@0 | 40 | std::size_t *digest_length); |
| michael@0 | 41 | |
| michael@0 | 42 | static nsresult ComputeFingerprint(const CERTCertificate *cert, |
| michael@0 | 43 | const std::string algorithm, |
| michael@0 | 44 | unsigned char *digest, |
| michael@0 | 45 | std::size_t size, |
| michael@0 | 46 | std::size_t *digest_length); |
| michael@0 | 47 | |
| michael@0 | 48 | static nsresult ParseFingerprint(const std::string fp, |
| michael@0 | 49 | unsigned char *digest, |
| michael@0 | 50 | size_t size, size_t *length); |
| michael@0 | 51 | |
| michael@0 | 52 | NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DtlsIdentity) |
| michael@0 | 53 | |
| michael@0 | 54 | private: |
| michael@0 | 55 | DtlsIdentity(SECKEYPrivateKey *privkey, CERTCertificate *cert) |
| michael@0 | 56 | : privkey_(privkey), cert_(cert) {} |
| michael@0 | 57 | DISALLOW_COPY_ASSIGN(DtlsIdentity); |
| michael@0 | 58 | |
| michael@0 | 59 | static const std::string DEFAULT_HASH_ALGORITHM; |
| michael@0 | 60 | static const size_t HASH_ALGORITHM_MAX_LENGTH; |
| michael@0 | 61 | |
| michael@0 | 62 | std::string FormatFingerprint(const unsigned char *digest, |
| michael@0 | 63 | std::size_t size); |
| michael@0 | 64 | |
| michael@0 | 65 | ScopedSECKEYPrivateKey privkey_; |
| michael@0 | 66 | CERTCertificate *cert_; // TODO: Using a smart pointer here causes link |
| michael@0 | 67 | // errors. |
| michael@0 | 68 | }; |
| michael@0 | 69 | } // close namespace |
| michael@0 | 70 | #endif |
