1/*
2 *  Copyright 2004 The WebRTC Project Authors. All rights reserved.
3 *
4 *  Use of this source code is governed by a BSD-style license
5 *  that can be found in the LICENSE file in the root of the source
6 *  tree. An additional intellectual property rights grant can be found
7 *  in the file PATENTS.  All contributing project authors may
8 *  be found in the AUTHORS file in the root of the source tree.
9 */
10
11#ifndef WEBRTC_BASE_NSSSTREAMADAPTER_H_
12#define WEBRTC_BASE_NSSSTREAMADAPTER_H_
13
14#include <string>
15#include <vector>
16
17#include "nspr.h"
18#include "nss.h"
19#include "secmodt.h"
20
21#include "webrtc/base/buffer.h"
22#include "webrtc/base/nssidentity.h"
23#include "webrtc/base/ssladapter.h"
24#include "webrtc/base/sslstreamadapter.h"
25#include "webrtc/base/sslstreamadapterhelper.h"
26
27namespace rtc {
28
29// Singleton
30class NSSContext {
31 public:
32  NSSContext() {}
33  ~NSSContext() {
34  }
35
36  static PK11SlotInfo *GetSlot() {
37    return Instance() ? Instance()->slot_: NULL;
38  }
39
40  static NSSContext *Instance();
41  static bool InitializeSSL(VerificationCallback callback);
42  static bool InitializeSSLThread();
43  static bool CleanupSSL();
44
45 private:
46  PK11SlotInfo *slot_;                    // The PKCS-11 slot
47  static bool initialized;                // Was this initialized?
48  static NSSContext *global_nss_context;  // The global context
49};
50
51
52class NSSStreamAdapter : public SSLStreamAdapterHelper {
53 public:
54  explicit NSSStreamAdapter(StreamInterface* stream);
55  virtual ~NSSStreamAdapter();
56  bool Init();
57
58  virtual StreamResult Read(void* data, size_t data_len,
59                            size_t* read, int* error);
60  virtual StreamResult Write(const void* data, size_t data_len,
61                             size_t* written, int* error);
62  void OnMessage(Message *msg);
63
64  // Key Extractor interface
65  virtual bool ExportKeyingMaterial(const std::string& label,
66                                    const uint8* context,
67                                    size_t context_len,
68                                    bool use_context,
69                                    uint8* result,
70                                    size_t result_len);
71
72  // DTLS-SRTP interface
73  virtual bool SetDtlsSrtpCiphers(const std::vector<std::string>& ciphers);
74  virtual bool GetDtlsSrtpCipher(std::string* cipher);
75
76  // Capabilities interfaces
77  static bool HaveDtls();
78  static bool HaveDtlsSrtp();
79  static bool HaveExporter();
80
81 protected:
82  // Override SSLStreamAdapter
83  virtual void OnEvent(StreamInterface* stream, int events, int err);
84
85  // Override SSLStreamAdapterHelper
86  virtual int BeginSSL();
87  virtual void Cleanup();
88  virtual bool GetDigestLength(const std::string& algorithm, size_t* length) {
89    return NSSCertificate::GetDigestLength(algorithm, length);
90  }
91
92 private:
93  int ContinueSSL();
94  static SECStatus AuthCertificateHook(void *arg, PRFileDesc *fd,
95                                       PRBool checksig, PRBool isServer);
96  static SECStatus GetClientAuthDataHook(void *arg, PRFileDesc *fd,
97                                         CERTDistNames *caNames,
98                                         CERTCertificate **pRetCert,
99                                         SECKEYPrivateKey **pRetKey);
100
101  PRFileDesc *ssl_fd_;              // NSS's SSL file descriptor
102  static bool initialized;          // Was InitializeSSL() called?
103  bool cert_ok_;                    // Did we get and check a cert
104  std::vector<PRUint16> srtp_ciphers_;  // SRTP cipher list
105
106  static PRDescIdentity nspr_layer_identity;  // The NSPR layer identity
107};
108
109}  // namespace rtc
110
111#endif  // WEBRTC_BASE_NSSSTREAMADAPTER_H_
112