1*3f982cf4SFabien Sanglard // Copyright 2020 The Chromium Authors. All rights reserved. 2*3f982cf4SFabien Sanglard // Use of this source code is governed by a BSD-style license that can be 3*3f982cf4SFabien Sanglard // found in the LICENSE file. 4*3f982cf4SFabien Sanglard 5*3f982cf4SFabien Sanglard #ifndef CAST_RECEIVER_CHANNEL_STATIC_CREDENTIALS_H_ 6*3f982cf4SFabien Sanglard #define CAST_RECEIVER_CHANNEL_STATIC_CREDENTIALS_H_ 7*3f982cf4SFabien Sanglard 8*3f982cf4SFabien Sanglard #include <memory> 9*3f982cf4SFabien Sanglard #include <string> 10*3f982cf4SFabien Sanglard #include <vector> 11*3f982cf4SFabien Sanglard 12*3f982cf4SFabien Sanglard #include "absl/strings/string_view.h" 13*3f982cf4SFabien Sanglard #include "cast/common/certificate/cast_cert_validator_internal.h" 14*3f982cf4SFabien Sanglard #include "cast/receiver/channel/device_auth_namespace_handler.h" 15*3f982cf4SFabien Sanglard #include "platform/base/error.h" 16*3f982cf4SFabien Sanglard #include "platform/base/tls_credentials.h" 17*3f982cf4SFabien Sanglard 18*3f982cf4SFabien Sanglard namespace openscreen { 19*3f982cf4SFabien Sanglard namespace cast { 20*3f982cf4SFabien Sanglard 21*3f982cf4SFabien Sanglard class StaticCredentialsProvider final 22*3f982cf4SFabien Sanglard : public DeviceAuthNamespaceHandler::CredentialsProvider { 23*3f982cf4SFabien Sanglard public: 24*3f982cf4SFabien Sanglard StaticCredentialsProvider(); 25*3f982cf4SFabien Sanglard StaticCredentialsProvider(DeviceCredentials device_creds, 26*3f982cf4SFabien Sanglard std::vector<uint8_t> tls_cert_der); 27*3f982cf4SFabien Sanglard 28*3f982cf4SFabien Sanglard StaticCredentialsProvider(const StaticCredentialsProvider&) = delete; 29*3f982cf4SFabien Sanglard StaticCredentialsProvider(StaticCredentialsProvider&&) noexcept; 30*3f982cf4SFabien Sanglard StaticCredentialsProvider& operator=(const StaticCredentialsProvider&) = 31*3f982cf4SFabien Sanglard delete; 32*3f982cf4SFabien Sanglard StaticCredentialsProvider& operator=(StaticCredentialsProvider&&); 33*3f982cf4SFabien Sanglard ~StaticCredentialsProvider(); 34*3f982cf4SFabien Sanglard GetCurrentTlsCertAsDer()35*3f982cf4SFabien Sanglard absl::Span<const uint8_t> GetCurrentTlsCertAsDer() override { 36*3f982cf4SFabien Sanglard return absl::Span<uint8_t>(tls_cert_der); 37*3f982cf4SFabien Sanglard } GetCurrentDeviceCredentials()38*3f982cf4SFabien Sanglard const DeviceCredentials& GetCurrentDeviceCredentials() override { 39*3f982cf4SFabien Sanglard return device_creds; 40*3f982cf4SFabien Sanglard } 41*3f982cf4SFabien Sanglard 42*3f982cf4SFabien Sanglard DeviceCredentials device_creds; 43*3f982cf4SFabien Sanglard std::vector<uint8_t> tls_cert_der; 44*3f982cf4SFabien Sanglard }; 45*3f982cf4SFabien Sanglard 46*3f982cf4SFabien Sanglard struct GeneratedCredentials { 47*3f982cf4SFabien Sanglard std::unique_ptr<StaticCredentialsProvider> provider; 48*3f982cf4SFabien Sanglard TlsCredentials tls_credentials; 49*3f982cf4SFabien Sanglard std::vector<uint8_t> root_cert_der; 50*3f982cf4SFabien Sanglard }; 51*3f982cf4SFabien Sanglard 52*3f982cf4SFabien Sanglard // Generates a private key and root TLS server certificate for use with cast 53*3f982cf4SFabien Sanglard // sockets. 54*3f982cf4SFabien Sanglard void GenerateDeveloperCredentialsToFile(); 55*3f982cf4SFabien Sanglard 56*3f982cf4SFabien Sanglard // Generates a valid set of credentials for use with cast sockets/TLS. 57*3f982cf4SFabien Sanglard // Both the private key and server certificate paths are required, except 58*3f982cf4SFabien Sanglard // in testing where they can be omitted. 59*3f982cf4SFabien Sanglard ErrorOr<GeneratedCredentials> GenerateCredentials( 60*3f982cf4SFabien Sanglard const std::string& device_certificate_id, 61*3f982cf4SFabien Sanglard const std::string& private_key_path, 62*3f982cf4SFabien Sanglard const std::string& server_certificate_path); 63*3f982cf4SFabien Sanglard 64*3f982cf4SFabien Sanglard ErrorOr<GeneratedCredentials> GenerateCredentialsForTesting( 65*3f982cf4SFabien Sanglard const std::string& device_certificate_id); 66*3f982cf4SFabien Sanglard 67*3f982cf4SFabien Sanglard } // namespace cast 68*3f982cf4SFabien Sanglard } // namespace openscreen 69*3f982cf4SFabien Sanglard 70*3f982cf4SFabien Sanglard #endif // CAST_RECEIVER_CHANNEL_STATIC_CREDENTIALS_H_ 71