michael@0: /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
michael@0: /* vim: set ts=2 et sw=2 tw=80: */
michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public
michael@0:  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
michael@0:  * You can obtain one at http://mozilla.org/MPL/2.0/. */
michael@0: #ifndef dtls_identity_h__
michael@0: #define dtls_identity_h__
michael@0: 
michael@0: #include <string>
michael@0: 
michael@0: #include "m_cpp_utils.h"
michael@0: #include "mozilla/RefPtr.h"
michael@0: #include "nsISupportsImpl.h"
michael@0: #include "ScopedNSSTypes.h"
michael@0: 
michael@0: // All code in this module requires NSS to be live.
michael@0: // Callers must initialize NSS and implement the nsNSSShutdownObject
michael@0: // protocol.
michael@0: namespace mozilla {
michael@0: 
michael@0: class DtlsIdentity {
michael@0:  public:
michael@0:   ~DtlsIdentity();
michael@0: 
michael@0:   // Generate an identity with a random name.
michael@0:   static TemporaryRef<DtlsIdentity> Generate();
michael@0: 
michael@0:   // Note: the following two functions just provide access. They
michael@0:   // do not transfer ownership. If you want a pointer that lasts
michael@0:   // past the lifetime of the DtlsIdentity, you must make
michael@0:   // a copy yourself.
michael@0:   CERTCertificate *cert() { return cert_; }
michael@0:   SECKEYPrivateKey *privkey() { return privkey_; }
michael@0: 
michael@0:   std::string GetFormattedFingerprint(const std::string &algorithm = DEFAULT_HASH_ALGORITHM);
michael@0: 
michael@0:   nsresult ComputeFingerprint(const std::string algorithm,
michael@0:                               unsigned char *digest,
michael@0:                               std::size_t size,
michael@0:                               std::size_t *digest_length);
michael@0: 
michael@0:   static nsresult ComputeFingerprint(const CERTCertificate *cert,
michael@0:                                      const std::string algorithm,
michael@0:                                      unsigned char *digest,
michael@0:                                      std::size_t size,
michael@0:                                      std::size_t *digest_length);
michael@0: 
michael@0:   static nsresult ParseFingerprint(const std::string fp,
michael@0:                                    unsigned char *digest,
michael@0:                                    size_t size, size_t *length);
michael@0: 
michael@0:   NS_INLINE_DECL_THREADSAFE_REFCOUNTING(DtlsIdentity)
michael@0: 
michael@0:  private:
michael@0:   DtlsIdentity(SECKEYPrivateKey *privkey, CERTCertificate *cert)
michael@0:       : privkey_(privkey), cert_(cert) {}
michael@0:   DISALLOW_COPY_ASSIGN(DtlsIdentity);
michael@0: 
michael@0:   static const std::string DEFAULT_HASH_ALGORITHM;
michael@0:   static const size_t HASH_ALGORITHM_MAX_LENGTH;
michael@0: 
michael@0:   std::string FormatFingerprint(const unsigned char *digest,
michael@0:                                 std::size_t size);
michael@0: 
michael@0:   ScopedSECKEYPrivateKey privkey_;
michael@0:   CERTCertificate *cert_;  // TODO: Using a smart pointer here causes link
michael@0:                            // errors.
michael@0: };
michael@0: }  // close namespace
michael@0: #endif