xref: /aosp_15_r20/external/webrtc/rtc_base/ssl_fingerprint.cc (revision d9f758449e529ab9291ac668be2861e7a55c2422) 
1 /*
2  *  Copyright 2012 The WebRTC Project Authors. All rights reserved.
3  *
4  *  Use of this source code is governed by a BSD-style license
5  *  that can be found in the LICENSE file in the root of the source
6  *  tree. An additional intellectual property rights grant can be found
7  *  in the file PATENTS.  All contributing project authors may
8  *  be found in the AUTHORS file in the root of the source tree.
9  */
10 
11 #include "rtc_base/ssl_fingerprint.h"
12 
13 #include <ctype.h>
14 
15 #include <cstdint>
16 #include <memory>
17 #include <string>
18 
19 #include "absl/algorithm/container.h"
20 #include "absl/strings/string_view.h"
21 #include "api/array_view.h"
22 #include "rtc_base/logging.h"
23 #include "rtc_base/message_digest.h"
24 #include "rtc_base/rtc_certificate.h"
25 #include "rtc_base/ssl_certificate.h"
26 #include "rtc_base/ssl_identity.h"
27 #include "rtc_base/string_encode.h"
28 
29 namespace rtc {
30 
Create(absl::string_view algorithm,const rtc::SSLIdentity * identity)31 SSLFingerprint* SSLFingerprint::Create(absl::string_view algorithm,
32                                        const rtc::SSLIdentity* identity) {
33   return CreateUnique(algorithm, *identity).release();
34 }
35 
CreateUnique(absl::string_view algorithm,const rtc::SSLIdentity & identity)36 std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUnique(
37     absl::string_view algorithm,
38     const rtc::SSLIdentity& identity) {
39   return Create(algorithm, identity.certificate());
40 }
41 
Create(absl::string_view algorithm,const rtc::SSLCertificate & cert)42 std::unique_ptr<SSLFingerprint> SSLFingerprint::Create(
43     absl::string_view algorithm,
44     const rtc::SSLCertificate& cert) {
45   uint8_t digest_val[64];
46   size_t digest_len;
47   bool ret = cert.ComputeDigest(algorithm, digest_val, sizeof(digest_val),
48                                 &digest_len);
49   if (!ret) {
50     return nullptr;
51   }
52   return std::make_unique<SSLFingerprint>(
53       algorithm, ArrayView<const uint8_t>(digest_val, digest_len));
54 }
55 
CreateFromRfc4572(absl::string_view algorithm,absl::string_view fingerprint)56 SSLFingerprint* SSLFingerprint::CreateFromRfc4572(
57     absl::string_view algorithm,
58     absl::string_view fingerprint) {
59   return CreateUniqueFromRfc4572(algorithm, fingerprint).release();
60 }
61 
CreateUniqueFromRfc4572(absl::string_view algorithm,absl::string_view fingerprint)62 std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateUniqueFromRfc4572(
63     absl::string_view algorithm,
64     absl::string_view fingerprint) {
65   if (algorithm.empty() || !rtc::IsFips180DigestAlgorithm(algorithm))
66     return nullptr;
67 
68   if (fingerprint.empty())
69     return nullptr;
70 
71   char value[rtc::MessageDigest::kMaxSize];
72   size_t value_len =
73       rtc::hex_decode_with_delimiter(ArrayView<char>(value), fingerprint, ':');
74   if (!value_len)
75     return nullptr;
76 
77   return std::make_unique<SSLFingerprint>(
78       algorithm,
79       ArrayView<const uint8_t>(reinterpret_cast<uint8_t*>(value), value_len));
80 }
81 
CreateFromCertificate(const RTCCertificate & cert)82 std::unique_ptr<SSLFingerprint> SSLFingerprint::CreateFromCertificate(
83     const RTCCertificate& cert) {
84   std::string digest_alg;
85   if (!cert.GetSSLCertificate().GetSignatureDigestAlgorithm(&digest_alg)) {
86     RTC_LOG(LS_ERROR)
87         << "Failed to retrieve the certificate's digest algorithm";
88     return nullptr;
89   }
90 
91   std::unique_ptr<SSLFingerprint> fingerprint =
92       CreateUnique(digest_alg, *cert.identity());
93   if (!fingerprint) {
94     RTC_LOG(LS_ERROR) << "Failed to create identity fingerprint, alg="
95                       << digest_alg;
96   }
97   return fingerprint;
98 }
99 
SSLFingerprint(absl::string_view algorithm,ArrayView<const uint8_t> digest_view)100 SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
101                                ArrayView<const uint8_t> digest_view)
102     : algorithm(algorithm), digest(digest_view.data(), digest_view.size()) {}
103 
SSLFingerprint(absl::string_view algorithm,const uint8_t * digest_in,size_t digest_len)104 SSLFingerprint::SSLFingerprint(absl::string_view algorithm,
105                                const uint8_t* digest_in,
106                                size_t digest_len)
107     : SSLFingerprint(algorithm, MakeArrayView(digest_in, digest_len)) {}
108 
operator ==(const SSLFingerprint & other) const109 bool SSLFingerprint::operator==(const SSLFingerprint& other) const {
110   return algorithm == other.algorithm && digest == other.digest;
111 }
112 
GetRfc4572Fingerprint() const113 std::string SSLFingerprint::GetRfc4572Fingerprint() const {
114   std::string fingerprint = rtc::hex_encode_with_delimiter(
115       absl::string_view(digest.data<char>(), digest.size()), ':');
116   absl::c_transform(fingerprint, fingerprint.begin(), ::toupper);
117   return fingerprint;
118 }
119 
ToString() const120 std::string SSLFingerprint::ToString() const {
121   std::string fp_str = algorithm;
122   fp_str.append(" ");
123   fp_str.append(GetRfc4572Fingerprint());
124   return fp_str;
125 }
126 
127 }  // namespace rtc
128