AuroraSupport/AuroraRuntime
2
1
Fork 0
Code Issues 27 Pull Requests Releases Wiki Activity

[+] ByteBuffer::GetNextLinearRead()

Browse Source 
[+] ByteBuffer::GetNextLinearWrite()
[-] ByteBuffer::WriterTryGetWriteHeadFor
[+] ITLSPrivateKeyPair
[+] ITLSContext::GetFatalErrorCodeAsString()
[+] Begin to add certificate chains
[*] Clean up TLS
This commit is contained in:
Reece Wilson 2022-08-30 22:18:15 +01:00
parent afa7c8f5f8
commit d68fc7fc91
19 changed files with 524 additions and 153 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
Include/Aurora/IO/TLS/ICertificateChain.hpp Normal file
View File

@ -0,0 +1,20 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: ICertifiateChain.hpp
Date: 2022-8-30
Author: Reece
***/
#pragma once
namespace Aurora::IO::TLS
{
struct ICertificateChain
{
virtual AuUInt32 GetCertificateCount() = 0;
virtual AuMemoryViewRead GetCertificate(AuUInt32 idx) = 0;
};
AUKN_SYM AuSPtr<ICertificateChain> ChainFromOne(const AuMemoryViewRead &read);
AUKN_SYM AuSPtr<ICertificateChain> ChainFromMany(const AuList<AuMemoryViewRead> &read);
}

40
Include/Aurora/IO/TLS/ITLSContext.hpp
View File

@ -23,13 +23,45 @@ namespace Aurora::IO::TLS
{
struct TLSMeta
{
/**
* @brief Input to-send, output-buffer size
*/
AuUInt uOutPageSize {};
/**
* @brief
*/
AuString sSNIServerName;
/**
* @brief Switches between server/client mode
*/
bool bIsClient { true };
/**
* @brief
*/
AuNet::ETransportProtocol transportProtocol { AuNet::ETransportProtocol::eProtocolTCP };
/**
* @brief
*/
AuSPtr<IPinCertificate> pCertPin;
TLSPrivateKey privateKey;
/**
* @brief
*/
AuSPtr<ITLSPrivateKeyPair> pKeyPair;
/**
* @brief Override the cipersuites defined by ::GetDefaultCipherSuites()
*/
AuList<AuUInt16> cipherSuites;
/**
* @brief Forces server side pinning of clients
*/
bool bPinServerPeers { false };
};
struct ITLSContext
@ -108,6 +140,12 @@ namespace Aurora::IO::TLS
*/
virtual int GetFatalErrorCode() = 0;
/**
* @brief
* @return
*/
virtual AuString GetFatalErrorCodeAsString() = 0;
/**
* @brief
*/

18
Include/Aurora/IO/TLS/ITLSPrivateKey.hpp
View File

@ -1,18 +0,0 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: ITLSPrivateKey.hpp
Date: 2022-8-27
Author: Reece
***/
#pragma once
namespace Aurora::IO::TLS
{
struct ITLSPrivateKey
{
};
AUKN_SYM AuSPtr<ITLSPrivateKey> ImportPrivateKey(const TLSPrivateKey &key);
}

18
Include/Aurora/IO/TLS/ITLSPrivateKeyPair.hpp Normal file
View File

@ -0,0 +1,18 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: ITLSPrivateKeyPair.hpp
Date: 2022-8-27
Author: Reece
***/
#pragma once
namespace Aurora::IO::TLS
{
struct ITLSPrivateKeyPair
{
virtual AuSPtr<ICertificateChain> GetChain() = 0;
};
AUKN_SYM AuSPtr<ITLSPrivateKeyPair> ImportPrivateKeyPair(const TLSPrivateKeyPair &keyPair);
}

6
Include/Aurora/IO/TLS/TLS.hpp
View File

@ -8,13 +8,13 @@
#pragma once
#include "../Protocol/Protocol.hpp"
#include "ICertificateChain.hpp"
#include "IPinCertificate.hpp"
#include "TLSPrivateKey.hpp"
#include "ITLSPrivateKey.hpp"
#include "TLSPrivateKeyPair.hpp"
#include "ITLSPrivateKeyPair.hpp"
#include "ITLSContext.hpp"
#include "TLSCipherSuites.hpp"
namespace Aurora::IO::TLS
{
}

7
Include/Aurora/IO/TLS/TLSPrivateKey.hpp → Include/Aurora/IO/TLS/TLSPrivateKeyPair.hpp
View File

@ -1,7 +1,7 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSPrivateKey.hpp
File: TLSPrivateKeyPair.hpp
Date: 2022-8-26
Author: Reece
***/
@ -9,9 +9,10 @@
namespace Aurora::IO::TLS
{
struct TLSPrivateKey
struct TLSPrivateKeyPair
{
AuByteBuffer raw;
AuList<AuByteBuffer> certificateChain;
AuByteBuffer privateKey;
AuString sPassword;
};
}

7
Include/Aurora/Memory/ByteBuffer.hpp
View File

@ -307,8 +307,8 @@ namespace Aurora::Memory
inline auline bool WriterTryGoForward(AuUInt32 offset);
inline auline AuUInt RemainingWrite(bool endAtRead = true);
inline auline AuUInt RemainingBytes(bool endAtWrite = true);
inline auline AuUInt RemainingWrite(bool endAtRead = true) const;
inline auline AuUInt RemainingBytes(bool endAtWrite = true) const;
inline auline bool Skip(AuUInt count);
inline auline AuUInt GetReadOffset() const;
@ -316,7 +316,8 @@ namespace Aurora::Memory
inline auline void ResetReadPointer();
inline AuOptional<AuUInt8 *> WriterTryGetWriteHeadFor(AuUInt32 nBytes);
inline MemoryViewRead GetNextLinearRead();
inline MemoryViewWrite GetNextLinearWrite();
// Memory operations

99
Include/Aurora/Memory/ByteBuffer_Position.inl
View File

@ -45,45 +45,6 @@ namespace Aurora::Memory
return true;
}
AuOptional<AuUInt8 *> ByteBuffer::WriterTryGetWriteHeadFor(AuUInt32 nBytes)
{
if (writePtr == base + length)
{
writePtr = base;
}
if (flagCircular)
{
AuUInt32 linearOverhead;
if (writePtr < readPtr)
{
linearOverhead = readPtr - writePtr;
}
else if (writePtr == readPtr)
{
linearOverhead = 0;
}
else
{
linearOverhead = length - (writePtr - base);
}
if (linearOverhead < nBytes)
{
return {};
}
}
else
{
if (length - (writePtr - base) < nBytes)
{
return {};
}
}
return writePtr;
}
bool ByteBuffer::ReaderTryGoBack(AuUInt32 offset)
{
if (flagCircular)
@ -134,7 +95,7 @@ namespace Aurora::Memory
}
}
AuUInt ByteBuffer::RemainingBytes(bool endAtWrite)
AuUInt ByteBuffer::RemainingBytes(bool endAtWrite) const
{
if (flagCircular)
{
@ -173,7 +134,7 @@ namespace Aurora::Memory
}
}
AuUInt ByteBuffer::RemainingWrite(bool endAtRead)
AuUInt ByteBuffer::RemainingWrite(bool endAtRead) const
{
if (flagCircular)
{
@ -215,6 +176,62 @@ namespace Aurora::Memory
readPtr = base;
}
MemoryViewRead ByteBuffer::GetNextLinearRead()
{
AuUInt8 *pBase {};
AuUInt uCount {};
if (this->flagCircular && this->base + this->length == this->readPtr)
{
this->readPtr = this->base;
}
if (this->writePtr >= this->readPtr)
{
uCount = this->writePtr - this->readPtr;
pBase = this->readPtr;
}
else if (this->flagCircular)
{
uCount = (this->base + this->length) - this->readPtr;
pBase = this->readPtr;
}
return MemoryViewRead(pBase, uCount);
}
MemoryViewWrite ByteBuffer::GetNextLinearWrite()
{
AuUInt8 *pBase {};
AuUInt uCount {};
if (this->flagCircular)
{
if (this->writePtr == this->base + this->length)
{
this->writePtr = this->base;
}
if (this->readPtr > this->writePtr)
{
uCount = (this->writePtr - this->readPtr) - 1;
pBase = this->writePtr;
}
else
{
uCount = ((this->base + this->length) - this->readPtr) - 1;
pBase = this->writePtr;
}
}
else
{
uCount = (this->base + this->length) - this->writePtr;
pBase = this->writePtr;
}
return MemoryViewWrite(pBase, uCount);
}
AuUInt ByteBuffer::GetReadOffset() const
{
if (flagCircular)

6
Source/IO/TLS/TLS.hpp
View File

@ -10,7 +10,13 @@
#include <Source/RuntimeInternal.hpp>
#include <Aurora/IO/TLS/TLS.hpp>
#include <mbedtls/ssl.h>
#include <mbedtls/x509.h>
namespace Aurora::IO::TLS
{
extern mbedtls_entropy_context gEntropy;
extern mbedtls_ctr_drbg_context gCtrDrbg;
AuString TLSErrorToString(int iError);
}

140
Source/IO/TLS/TLSCertificateChain.cpp Normal file
View File

@ -0,0 +1,140 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSCertificateChain.cpp
Date: 2022-8-27
Author: Reece
***/
#include "TLS.hpp"
#include "TLSCertificateChain.hpp"
namespace Aurora::IO::TLS
{
CertificateChain::CertificateChain()
{
}
CertificateChain::~CertificateChain()
{
::mbedtls_x509_crt_free(&this->ownCertificate);
}
AuUInt32 CertificateChain::GetCertificateCount()
{
return 0;
}
AuMemoryViewRead CertificateChain::GetCertificate(AuUInt32 idx)
{
return {};
}
bool CertificateChain::Init(const AuList<AuByteBuffer> &certs)
{
int iRet {};
this->pCertificate = &this->ownCertificate;
::mbedtls_x509_crt_init(&this->ownCertificate);
for (const auto &cert : certs)
{
iRet = ::mbedtls_x509_crt_parse(&this->ownCertificate,
(const unsigned char *)cert.base,
cert.length);
if (iRet != 0)
{
SysPushErrorCrypto("Failed to parse certificate chain: {}", iRet);
return false;
}
}
return this->Precache();
}
bool CertificateChain::Init(const AuList<AuMemoryViewRead> &certs)
{
int iRet {};
this->pCertificate = &this->ownCertificate;
::mbedtls_x509_crt_init(&this->ownCertificate);
for (const auto &cert : certs)
{
iRet = ::mbedtls_x509_crt_parse(&this->ownCertificate,
(const unsigned char *)cert.ToPointer(),
cert.length);
if (iRet != 0)
{
SysPushErrorCrypto("Failed to parse certificate chain: {}", iRet);
return false;
}
}
return this->Precache();
}
bool CertificateChain::Init(const AuMemoryViewRead &cert)
{
int iRet {};
this->pCertificate = &this->ownCertificate;
::mbedtls_x509_crt_init(&this->ownCertificate);
iRet = ::mbedtls_x509_crt_parse(&this->ownCertificate,
(const unsigned char *)cert.ToPointer(),
cert.length);
if (iRet != 0)
{
SysPushErrorCrypto("Failed to parse certificate chain: {}", iRet);
return false;
}
return this->Precache();
}
bool CertificateChain::Init(const mbedtls_x509_crt *pCert)
{
this->pCertificate = &this->ownCertificate;
return this->Precache();
}
bool CertificateChain::Precache()
{
return true;
}
AUKN_SYM AuSPtr<ICertificateChain> ChainFromOne(const AuMemoryViewRead &read)
{
auto pCertificateChain = AuMakeShared<CertificateChain>();
if (!pCertificateChain)
{
SysPushErrorMemory();
return {};
}
if (!pCertificateChain->Init(read))
{
return {};
}
return pCertificateChain;
}
AUKN_SYM AuSPtr<ICertificateChain> ChainFromMany(const AuList<AuMemoryViewRead> &read)
{
auto pCertificateChain = AuMakeShared<CertificateChain>();
if (!pCertificateChain)
{
SysPushErrorMemory();
return {};
}
if (!pCertificateChain->Init(read))
{
return {};
}
return pCertificateChain;
}
}

29
Source/IO/TLS/TLSCertificateChain.hpp Normal file
View File

@ -0,0 +1,29 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSCertificateChain.hpp
Date: 2022-8-27
Author: Reece
***/
#pragma once
namespace Aurora::IO::TLS
{
struct CertificateChain : ICertificateChain
{
CertificateChain();
~CertificateChain();
virtual AuUInt32 GetCertificateCount() override;
virtual AuMemoryViewRead GetCertificate(AuUInt32 idx) override;
bool Init(const AuList<AuByteBuffer> &certs);
bool Init(const AuList<AuMemoryViewRead> &certs);
bool Init(const AuMemoryViewRead &cert);
bool Init(const mbedtls_x509_crt *pCert);
bool Precache();
mbedtls_x509_crt *pCertificate;
mbedtls_x509_crt ownCertificate;
};
}

146
Source/IO/TLS/TLSContext.cpp
View File

@ -13,24 +13,29 @@
namespace Aurora::IO::TLS
{
static mbedtls_entropy_context gEntropy;
static mbedtls_ctr_drbg_context gCtrDrbg;
mbedtls_entropy_context gEntropy;
mbedtls_ctr_drbg_context gCtrDrbg;
static bool gTlsReady {};
AuString TLSErrorToString(int iError)
{
return {};
}
void TLSInit()
{
int iRet;
::mbedtls_ctr_drbg_init(&gCtrDrbg);
::mbedtls_entropy_init(&gEntropy);
int ret;
if ((ret = ::mbedtls_ctr_drbg_seed(&gCtrDrbg,
if ((iRet = ::mbedtls_ctr_drbg_seed(&gCtrDrbg,
::mbedtls_entropy_func,
&gEntropy,
(const unsigned char *)"ReeceWasHere",
12)) != 0)
{
SysPushErrorNet("{}", ret);
SysPushErrorNet("{} ({})", TLSErrorToString(iRet), iRet);
return;
}
@ -56,8 +61,8 @@ namespace Aurora::IO::TLS
channelSend_(this),
meta_(meta)
{
this->recvStack_ = AuMakeShared<Protocol::ProtocolStack>();
this->sendStack_ = AuMakeShared<Protocol::ProtocolStack>();
this->pRecvStack_ = AuMakeShared<Protocol::ProtocolStack>();
this->pSendStack_ = AuMakeShared<Protocol::ProtocolStack>();
}
TLSContext::TLSContext(const AuSPtr<Protocol::IProtocolStack> &pSendStack,
@ -65,8 +70,8 @@ namespace Aurora::IO::TLS
const TLSMeta &meta) :
channelRecv_(this),
channelSend_(this),
recvStack_(AuStaticCast<Protocol::ProtocolStack>(pRecvStack)),
sendStack_(AuStaticCast<Protocol::ProtocolStack>(pSendStack)),
pRecvStack_(AuStaticCast<Protocol::ProtocolStack>(pRecvStack)),
pSendStack_(AuStaticCast<Protocol::ProtocolStack>(pSendStack)),
meta_(meta)
{
}
@ -83,7 +88,7 @@ namespace Aurora::IO::TLS
int TLSContext::Write(const void *pIn, AuUInt length)
{
return this->sendStack_->pDrainBuffer->Write(pIn, length);
return this->pSendStack_->pDrainBuffer->Write(pIn, length);
}
int TLSContext::Read(void *pOut, AuUInt length)
@ -123,38 +128,48 @@ namespace Aurora::IO::TLS
//
//
void TLSContext::Init()
bool TLSContext::Init()
{
int ret;
int iRet;
if (!this->sendStack_)
if (!this->pSendStack_)
{
return;
return false;
}
if (!this->recvStack_)
if (!this->pRecvStack_)
{
return;
return false;
}
SysAssert(this->sendStack_->AddInterceptorEx(this->GetSendInterceptor(), this->meta_.uOutPageSize));
SysAssert(this->recvStack_->AddInterceptorEx(this->GetRecvInterceptor(), this->meta_.uOutPageSize));
if (!this->pSendStack_->AddInterceptorEx(this->GetSendInterceptor(), this->meta_.uOutPageSize))
{
SysPushErrorNet("Couldn't add TLS interceptor");
return false;
}
if (!this->pRecvStack_->AddInterceptorEx(this->GetRecvInterceptor(), this->meta_.uOutPageSize))
{
SysPushErrorNet("Couldn't add TLS interceptor");
return false;
}
::mbedtls_ssl_init(&ssl);
::mbedtls_ssl_config_init(&conf);
::mbedtls_x509_crt_init(&cacert);
::mbedtls_ssl_init(&this->ssl);
::mbedtls_ssl_config_init(&this->conf);
::mbedtls_x509_crt_init(&this->cacert);
if ((ret = ::mbedtls_ssl_config_defaults(&conf,
if ((iRet = ::mbedtls_ssl_config_defaults(&this->conf,
this->meta_.bIsClient ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
this->meta_.transportProtocol == AuNet::ETransportProtocol::eProtocolUDP ? MBEDTLS_SSL_TRANSPORT_DATAGRAM : MBEDTLS_SSL_TRANSPORT_STREAM,
MBEDTLS_SSL_PRESET_DEFAULT)) != 0)
{
SysPushErrorNet("{}", ret);
return;
SysPushErrorNet("{} ({})", TLSErrorToString(iRet), iRet);
return false;
}
::mbedtls_ssl_conf_authmode(&conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
::mbedtls_ssl_conf_ca_cb(&conf, [](void *p_ctx,
::mbedtls_ssl_conf_authmode(&this->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
::mbedtls_ssl_conf_ca_cb(&this->conf, [](void *p_ctx,
mbedtls_x509_crt const *child,
mbedtls_x509_crt **candidate_cas) -> int
{
@ -162,35 +177,40 @@ namespace Aurora::IO::TLS
return ((TLSContext *)p_ctx)->CheckCertificate({ child->raw.p, child->raw.len }) ? 0 : -1;
}, this);
::mbedtls_ssl_conf_rng(&conf, mbedtls_ctr_drbg_random, &gCtrDrbg);
::mbedtls_ssl_conf_dbg(&conf, [](void *, int, const char *as, int, const char *ad)
::mbedtls_ssl_conf_rng(&this->conf, mbedtls_ctr_drbg_random, &gCtrDrbg);
::mbedtls_ssl_conf_dbg(&this->conf, [](void *, int, const char *as, int, const char *ad)
{
//AuLogDbg("{} <--> {}", as, ad);
}, nullptr);
if ((ret = ::mbedtls_ssl_setup(&ssl, &conf)) != 0)
if ((iRet = ::mbedtls_ssl_setup(&this->ssl, &this->conf)) != 0)
{
SysPushErrorNet("{}", ret);
return;
SysPushErrorNet("{} ({})", TLSErrorToString(iRet), iRet);
return false;
}
if (this->meta_.sSNIServerName.size())
{
if ((ret = ::mbedtls_ssl_set_hostname(&ssl, this->meta_.sSNIServerName.c_str())) != 0)
if ((iRet = ::mbedtls_ssl_set_hostname(&this->ssl, this->meta_.sSNIServerName.c_str())) != 0)
{
SysPushErrorNet("{}", ret);
return;
SysPushErrorNet("{} ({})", TLSErrorToString(iRet), iRet);
return false;
}
}
::mbedtls_ssl_set_bio(&ssl, this, TLSContextSend, TLSContextRecv, nullptr);
::mbedtls_ssl_set_bio(&this->ssl, this, TLSContextSend, TLSContextRecv, nullptr);
if (this->meta_.cipherSuites.size())
{
this->cipherSuites_.reserve(this->meta_.cipherSuites.size());
for (const auto &cipher : this->meta_.cipherSuites)
{
this->cipherSuites_.push_back(cipher);
if (!AuTryInsert(this->cipherSuites_, cipher))
{
SysPushErrorMemory();
return false;
}
}
}
else
@ -199,19 +219,29 @@ namespace Aurora::IO::TLS
this->cipherSuites_.reserve(defaultCiphers.size());
for (const auto &cipher : defaultCiphers)
{
this->cipherSuites_.push_back(cipher);
if (!AuTryInsert(this->cipherSuites_, cipher))
{
SysPushErrorMemory();
return false;
}
}
}
this->cipherSuites_.push_back(0);
((mbedtls_ssl_config *)ssl.private_conf/*fuck yourself*/)->private_ciphersuite_list = this->cipherSuites_.data();
if (!AuTryInsert(this->cipherSuites_, 0))
{
SysPushErrorMemory();
return false;
}
((mbedtls_ssl_config *)this->ssl.private_conf/*fuck yourself*/)->private_ciphersuite_list = this->cipherSuites_.data();
return true;
}
void TLSContext::Destroy()
{
::mbedtls_ssl_free(&ssl);
::mbedtls_ssl_config_free(&conf);
::mbedtls_x509_crt_free(&cacert);
::mbedtls_ssl_free(&this->ssl);
::mbedtls_ssl_config_free(&this->conf);
::mbedtls_x509_crt_free(&this->cacert);
this->Attach({});
}
@ -248,12 +278,12 @@ namespace Aurora::IO::TLS
AuSPtr<Protocol::IProtocolStack> TLSContext::ToReadStack()
{
return this->recvStack_;
return this->pRecvStack_;
}
AuSPtr<Protocol::IProtocolStack> TLSContext::ToWriteStack()
{
return this->sendStack_;
return this->pSendStack_;
}
AuSPtr<Protocol::IProtocolInterceptorEx> TLSContext::GetRecvInterceptor()
@ -288,7 +318,21 @@ namespace Aurora::IO::TLS
void TLSContext::StartHandshake()
{
this->channelRecv_.TryHandshake();
this->bIsAlive = false;
this->bIsDead = false;
this->bIsFatal = false;
this->iFatalError = 0;
this->channelRecv_.HasCompletedHandshake() = false;
if (::mbedtls_ssl_session_reset(&this->ssl) != 0)
{
this->OnFatal();
}
else
{
this->channelRecv_.TryHandshake();
}
}
void TLSContext::StartClose()
@ -314,6 +358,11 @@ namespace Aurora::IO::TLS
{
return this->iFatalError;
}
AuString TLSContext::GetFatalErrorCodeAsString()
{
return TLSErrorToString(this->GetFatalErrorCode());
}
AUKN_SYM AuSPtr<ITLSContext> NewTLSContext(const TLSMeta &meta)
{
@ -338,7 +387,10 @@ namespace Aurora::IO::TLS
return {};
}
pTlsContext->Init();
if (!pTlsContext->Init())
{
return {};
}
return pTlsContext;
}

8
Source/IO/TLS/TLSContext.hpp
View File

@ -31,7 +31,7 @@ namespace Aurora::IO::TLS
const TLSMeta &meta);
~TLSContext();
void Init();
bool Init();
virtual void Destroy() override;
@ -52,6 +52,8 @@ namespace Aurora::IO::TLS
int GetFatalErrorCode() override;
AuString GetFatalErrorCodeAsString() override;
void OnClose();
void OnFatal();
@ -75,8 +77,8 @@ namespace Aurora::IO::TLS
AuWPtr<Net::ISocket> wpSocket_;
TLSProtocolRecv channelRecv_;
TLSProtocolSend channelSend_;
AuSPtr<Protocol::ProtocolStack> sendStack_;
AuSPtr<Protocol::ProtocolStack> recvStack_;
AuSPtr<Protocol::ProtocolStack> pSendStack_;
AuSPtr<Protocol::ProtocolStack> pRecvStack_;
};
}

16
Source/IO/TLS/TLSPrivateKey.cpp
View File

@ -1,16 +0,0 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSPrivateKey.cpp
Date: 2022-8-27
Author: Reece
***/
#include "TLS.hpp"
namespace Aurora::IO::TLS
{
AUKN_SYM AuSPtr<ITLSPrivateKey> ImportPrivateKey(const TLSPrivateKey &key)
{
return {};
}
}

16
Source/IO/TLS/TLSPrivateKey.hpp
View File

@ -1,16 +0,0 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSPrivateKey.hpp
Date: 2022-8-27
Author: Reece
***/
#pragma once
namespace Aurora::IO::TLS
{
struct TLSPrivateKeyImpl : ITLSPrivateKey
{
};
}

69
Source/IO/TLS/TLSPrivateKeyPair.cpp Normal file
View File

@ -0,0 +1,69 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSPrivateKeyPair.cpp
Date: 2022-8-27
Author: Reece
***/
#include "TLS.hpp"
#include "TLSPrivateKeyPair.hpp"
namespace Aurora::IO::TLS
{
TLSPrivateKeyPairImpl::TLSPrivateKeyPairImpl()
{
::mbedtls_pk_init(&this->privateKey_);
}
TLSPrivateKeyPairImpl::~TLSPrivateKeyPairImpl()
{
::mbedtls_pk_free(&this->privateKey_);
}
AuSPtr<ICertificateChain> TLSPrivateKeyPairImpl::GetChain()
{
return AuSPtr<ICertificateChain>(AuSharedFromThis(), &this->chain_);
}
CertificateChain *TLSPrivateKeyPairImpl::ToChain()
{
return &this->chain_;
}
mbedtls_pk_context &TLSPrivateKeyPairImpl::GetInternal()
{
return this->privateKey_;
}
AUKN_SYM AuSPtr<ITLSPrivateKeyPair> ImportPrivateKeyPair(const TLSPrivateKeyPair &keyPair)
{
int iRet {};
auto pPrivateKey = AuMakeShared<TLSPrivateKeyPairImpl>();
if (!pPrivateKey)
{
SysPushErrorMemory();
return {};
}
if (!pPrivateKey->ToChain()->Init(keyPair.certificateChain))
{
// Not going to bother with a nested push
return {};
}
iRet = ::mbedtls_pk_parse_key(&pPrivateKey->GetInternal(),
(const unsigned char *)keyPair.privateKey.readPtr,
keyPair.privateKey.RemainingBytes(),
keyPair.sPassword.size() ? (const unsigned char *)keyPair.sPassword.c_str() : nullptr,
keyPair.sPassword.size(),
gEntropy,
&gCtrDrbg);
if (iRet != 0)
{
SysPushErrorCrypto("Invalid Private Key: {} ({})", TLSErrorToString(iRet), iRet);
return {};
}
return pPrivateKey;
}
}

28
Source/IO/TLS/TLSPrivateKeyPair.hpp Normal file
View File

@ -0,0 +1,28 @@
/***
Copyright (C) 2022 J Reece Wilson (a/k/a "Reece"). All rights reserved.
File: TLSPrivateKeyPair.hpp
Date: 2022-8-27
Author: Reece
***/
#pragma once
#include "TLSCertificateChain.hpp"
namespace Aurora::IO::TLS
{
struct TLSPrivateKeyPairImpl : ITLSPrivateKeyPair, AuEnableSharedFromThis<TLSPrivateKeyPairImpl>
{
TLSPrivateKeyPairImpl();
~TLSPrivateKeyPairImpl();
virtual AuSPtr<ICertificateChain> GetChain() override;
CertificateChain *ToChain();
mbedtls_pk_context &GetInternal();
private:
CertificateChain chain_;
mbedtls_pk_context privateKey_;
};
}

2
Source/IO/TLS/TLSProtocolRecv.cpp
View File

@ -194,7 +194,7 @@ namespace Aurora::IO::TLS
return this->bHasRead;
}
bool TLSProtocolRecv::HasCompletedHandshake()
bool &TLSProtocolRecv::HasCompletedHandshake()
{
return this->bHasCompletedHandshake_;
}

2
Source/IO/TLS/TLSProtocolRecv.hpp
View File

@ -28,7 +28,7 @@ namespace Aurora::IO::TLS
AuUInt32 uBytesReadAvail {};
AuWPtr<Memory::ByteBuffer> pReadInByteBuffer;
bool HasCompletedHandshake();
bool &HasCompletedHandshake();
private:
TLSContext *pParent_;