AuroraSupport/AuroraRuntime
2
1
Fork 0
Code Issues 27 Pull Requests Releases Wiki Activity
1fb36548ea
AuroraRuntime/Source/Crypto/KeyPair/AuPrivateKeyPair.cpp

104 lines
2.8 KiB
C++
Raw Normal View History

[+] AuCrypto::CA::ICertificateStore [+] AuCrypto::CA::INewCertificateStore [+] AuCrypto::CA::IPinCertificate [+] AuCrypto::CA::PinAlwaysFail [+] AuCrypto::CA::PinAlwaysPass [+] AuCrypto::CA::PinCheckOS [+] AuCrypto::CA::PinCheckDefault [+] AuCrypto::CA::PinCheckBuiltin [+] AuCrypto::CA::PinCheckGlobal [+] AuCrypto::CA::PinCheckTwoAnd [+] AuCrypto::CA::PinCheckTwoOr [+] AuCrypto::CA::SetGlobalTLSPinner [*] Minor AuCrypto::X509 decoder work [*] AuCrypto::X509: transition to memory views (x509 is bytebuffer era and earlier code, beri early) [+] AuCrypto::IPrivateKeyProvider [+] AuCrypto::IPrivateKeyPair [+] AuCrypto::PrivateKeyPair [+] AuCrypto::ImportPrivateKeyPair [*] Refactor: AuCrypto::X509::GenerateCertificate(...) [+] AuCrypto::X509::NewChainFromOneDer [+] AuCrypto::X509::NewChainFromManyDer [+] AuCrypto::X509::NewChainFromManyDerInStream [+] AuCrypto::X509::NewChainFromOnePem [+] AuCrypto::X509::NewChainFromManyPem [+] AuCrypto::X509::NewChainFromManyPemInStream [*] Fix TLS code that was abandoned since its introduction with the net code. mbedtls is a hairbrained mess. so many *blocking* github issues starting after 2017. so little progress. [+] AuIO::TLS::TLSMeta::pKeyPairProvider [+] AuIO::TLS::TLSServer::bAllowSNIToFallBackDefault [+] AuIO::TLS::TLSServer::bAllowSNILessUseDefaultCert
2024-10-16 01:05:11 +00:00
/***
Copyright (C) 2022-2024 Jamie Reece Wilson (a/k/a "Reece"). All rights reserved.
File: AuPrivateKeyPair.cpp
File: TLSPrivateKeyPair.cpp
Date: 2022-8-27
Author: Reece
***/
#include <Source/RuntimeInternal.hpp>
#include "AuPrivateKeyPair.hpp"
namespace Aurora::IO::TLS
{
AuString TLSErrorToString(int iError);
}
#include <mbedtls/ctr_drbg.h>
#include <mbedtls/timing.h> // TODO: deprecate me
namespace Aurora::IO::TLS
{
extern mbedtls_entropy_context gEntropy;
extern mbedtls_ctr_drbg_context gCtrDrbg;
}
namespace Aurora::Crypto::KeyPair
{
PrivateKeyPairImpl::PrivateKeyPairImpl(const AuSPtr<X509::ICertificateChain> &pCertificateChain) :
pCertificateChain(pCertificateChain)
{
::mbedtls_pk_init(&this->privateKey_);
}
PrivateKeyPairImpl::PrivateKeyPairImpl()
{
::mbedtls_pk_init(&this->privateKey_);
}
PrivateKeyPairImpl::~PrivateKeyPairImpl()
{
::mbedtls_pk_free(&this->privateKey_);
AuMemset(&this->privateKey_, 0xFF, sizeof(this->privateKey_));
}
AuSPtr<X509::ICertificateChain> PrivateKeyPairImpl::GetChain()
{
return this->pCertificateChain;
}
X509::CertificateChain *PrivateKeyPairImpl::ToChain()
{
if (this->pCertificateChain)
{
return AuStaticCast<X509::CertificateChain>(this->pCertificateChain.get());
}
else
{
return {};
}
}
mbedtls_pk_context &PrivateKeyPairImpl::GetInternal()
{
return this->privateKey_;
}
AUKN_SYM IPrivateKeyPair *ImportPrivateKeyPairNew(const PrivateKeyPair &keyPair)
{
int iRet {};
if (!keyPair.pCertificateChain)
{
SysPushErrorArg();
return {};
}
auto pPrivateKey = _new PrivateKeyPairImpl(keyPair.pCertificateChain);
if (!pPrivateKey)
{
SysPushErrorMemory();
return {};
}
iRet = ::mbedtls_pk_parse_key(&pPrivateKey->GetInternal(),
(const unsigned char *)keyPair.privateKey.Begin(),
keyPair.privateKey.Size(),
keyPair.sPassword.size() ? (const unsigned char *)keyPair.sPassword.c_str() : nullptr,
keyPair.sPassword.size(),
mbedtls_ctr_drbg_random,
&Aurora::IO::TLS::gCtrDrbg);
if (iRet != 0)
{
SysPushErrorCrypto("Invalid Private Key: {} ({})", Aurora::IO::TLS::TLSErrorToString(iRet), iRet);
return {};
}
return pPrivateKey;
}
AUKN_SYM void ImportPrivateKeyPairRelease(IPrivateKeyPair *pHandle)
{
AuSafeDelete<PrivateKeyPairImpl *>(pHandle);
}
}
Reference in New Issue Copy Permalink