1
0

Renamed cPublicKey to cCryptoKey.

The class can hold both the private key and the public key, bad naming on PolarSSL's part.
Also somewhat fixed the cert and key loading in cHTTPServer.
This commit is contained in:
madmaxoft 2014-05-01 15:21:41 +02:00
parent 60850fe3e8
commit 1587b21edd
9 changed files with 40 additions and 41 deletions

View File

@ -124,17 +124,17 @@ class cDebugCallbacks :
cHTTPServer::cHTTPServer(void) : cHTTPServer::cHTTPServer(void) :
m_ListenThreadIPv4(*this, cSocket::IPv4, "WebServer IPv4"), m_ListenThreadIPv4(*this, cSocket::IPv4, "WebServer IPv4"),
m_ListenThreadIPv6(*this, cSocket::IPv6, "WebServer IPv6"), m_ListenThreadIPv6(*this, cSocket::IPv6, "WebServer IPv6"),
m_Callbacks(NULL), m_Callbacks(NULL)
m_Cert(new cX509Cert),
m_CertPrivKey(new cPublicKey)
{ {
AString CertFile = cFile::ReadWholeFile("webadmin/httpscert.crt"); AString CertFile = cFile::ReadWholeFile("webadmin/httpscert.crt");
AString KeyFile = cFile::ReadWholeFile("webadmin/httpskey.pem"); AString KeyFile = cFile::ReadWholeFile("webadmin/httpskey.pem");
if (!CertFile.empty() && !KeyFile.empty()) if (!CertFile.empty() && !KeyFile.empty())
{ {
m_Cert.reset(new cX509Cert);
int res = m_Cert->Parse(CertFile.data(), CertFile.size()); int res = m_Cert->Parse(CertFile.data(), CertFile.size());
if (res == 0) if (res == 0)
{ {
m_CertPrivKey.reset(new cCryptoKey);
int res2 = m_CertPrivKey->ParsePrivate(KeyFile.data(), KeyFile.size(), ""); int res2 = m_CertPrivKey->ParsePrivate(KeyFile.data(), KeyFile.size(), "");
if (res2 != 0) if (res2 != 0)
{ {

View File

@ -13,7 +13,7 @@
#include "../OSSupport/SocketThreads.h" #include "../OSSupport/SocketThreads.h"
#include "inifile/iniFile.h" #include "inifile/iniFile.h"
#include "PolarSSL++/RsaPrivateKey.h" #include "PolarSSL++/RsaPrivateKey.h"
#include "PolarSSL++/PublicKey.h" #include "PolarSSL++/CryptoKey.h"
#include "PolarSSL++/X509Cert.h" #include "PolarSSL++/X509Cert.h"
@ -85,8 +85,8 @@ protected:
/** The server certificate to use for the SSL connections */ /** The server certificate to use for the SSL connections */
cX509CertPtr m_Cert; cX509CertPtr m_Cert;
/** The private key for m_Cert. Despite the class name, this is the PRIVATE key. */ /** The private key for m_Cert. */
cPublicKeyPtr m_CertPrivKey; cCryptoKeyPtr m_CertPrivKey;
// cListenThread::cCallback overrides: // cListenThread::cCallback overrides:

View File

@ -11,7 +11,7 @@
cSslHTTPConnection::cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cPublicKeyPtr & a_PrivateKey) : cSslHTTPConnection::cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cCryptoKeyPtr & a_PrivateKey) :
super(a_HTTPServer), super(a_HTTPServer),
m_Ssl(64000), m_Ssl(64000),
m_Cert(a_Cert), m_Cert(a_Cert),

View File

@ -22,9 +22,9 @@ class cSslHTTPConnection :
typedef cHTTPConnection super; typedef cHTTPConnection super;
public: public:
/** Creates a new connection on the specified server; sends the specified cert as the server certificate, /** Creates a new connection on the specified server.
uses the private key for decryption. a_Private key is, despite the class name, a PRIVATE key for the cert. */ Sends the specified cert as the server certificate, uses the private key for decryption. */
cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cPublicKeyPtr & a_PrivateKey); cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cCryptoKeyPtr & a_PrivateKey);
protected: protected:
cBufferedSslContext m_Ssl; cBufferedSslContext m_Ssl;
@ -33,7 +33,7 @@ protected:
cX509CertPtr m_Cert; cX509CertPtr m_Cert;
/** The private key used for the certificate */ /** The private key used for the certificate */
cPublicKeyPtr m_PrivateKey; cCryptoKeyPtr m_PrivateKey;
// cHTTPConnection overrides: // cHTTPConnection overrides:
virtual bool DataReceived (const char * a_Data, size_t a_Size) override; // Data is received from the client virtual bool DataReceived (const char * a_Data, size_t a_Size) override; // Data is received from the client

View File

@ -1,16 +1,16 @@
// PublicKey.cpp // CryptoKey.cpp
// Implements the cPublicKey class representing a RSA public key in PolarSSL // Implements the cCryptoKey class representing a RSA public key in PolarSSL
#include "Globals.h" #include "Globals.h"
#include "PublicKey.h" #include "CryptoKey.h"
cPublicKey::cPublicKey(void) cCryptoKey::cCryptoKey(void)
{ {
pk_init(&m_Pk); pk_init(&m_Pk);
m_CtrDrbg.Initialize("rsa_pubkey", 10); m_CtrDrbg.Initialize("rsa_pubkey", 10);
@ -20,7 +20,7 @@ cPublicKey::cPublicKey(void)
cPublicKey::cPublicKey(const AString & a_PublicKeyData) cCryptoKey::cCryptoKey(const AString & a_PublicKeyData)
{ {
pk_init(&m_Pk); pk_init(&m_Pk);
m_CtrDrbg.Initialize("rsa_pubkey", 10); m_CtrDrbg.Initialize("rsa_pubkey", 10);
@ -37,7 +37,7 @@ cPublicKey::cPublicKey(const AString & a_PublicKeyData)
cPublicKey::cPublicKey(const AString & a_PrivateKeyData, const AString & a_Password) cCryptoKey::cCryptoKey(const AString & a_PrivateKeyData, const AString & a_Password)
{ {
pk_init(&m_Pk); pk_init(&m_Pk);
m_CtrDrbg.Initialize("rsa_privkey", 11); m_CtrDrbg.Initialize("rsa_privkey", 11);
@ -54,7 +54,7 @@ cPublicKey::cPublicKey(const AString & a_PrivateKeyData, const AString & a_Passw
cPublicKey::~cPublicKey() cCryptoKey::~cCryptoKey()
{ {
pk_free(&m_Pk); pk_free(&m_Pk);
} }
@ -63,7 +63,7 @@ cPublicKey::~cPublicKey()
int cPublicKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength, Byte * a_DecryptedData, size_t a_DecryptedMaxLength) int cCryptoKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength, Byte * a_DecryptedData, size_t a_DecryptedMaxLength)
{ {
ASSERT(IsValid()); ASSERT(IsValid());
@ -84,7 +84,7 @@ int cPublicKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength,
int cPublicKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a_EncryptedData, size_t a_EncryptedMaxLength) int cCryptoKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a_EncryptedData, size_t a_EncryptedMaxLength)
{ {
ASSERT(IsValid()); ASSERT(IsValid());
@ -105,7 +105,7 @@ int cPublicKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a
int cPublicKey::ParsePublic(const void * a_Data, size_t a_NumBytes) int cCryptoKey::ParsePublic(const void * a_Data, size_t a_NumBytes)
{ {
ASSERT(!IsValid()); // Cannot parse a second key ASSERT(!IsValid()); // Cannot parse a second key
@ -117,7 +117,7 @@ int cPublicKey::ParsePublic(const void * a_Data, size_t a_NumBytes)
int cPublicKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password) int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password)
{ {
ASSERT(!IsValid()); // Cannot parse a second key ASSERT(!IsValid()); // Cannot parse a second key
@ -139,7 +139,7 @@ int cPublicKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AStri
bool cPublicKey::IsValid(void) const bool cCryptoKey::IsValid(void) const
{ {
return (pk_get_type(&m_Pk) != POLARSSL_PK_NONE); return (pk_get_type(&m_Pk) != POLARSSL_PK_NONE);
} }

View File

@ -1,7 +1,7 @@
// PublicKey.h // CryptoKey.h
// Declares the cPublicKey class representing a RSA public key in PolarSSL // Declares the cCryptoKey class representing a RSA public key in PolarSSL
@ -16,22 +16,22 @@
class cPublicKey class cCryptoKey
{ {
friend class cSslContext; friend class cSslContext;
public: public:
/** Constructs an empty key instance. Before use, it needs to be filled by ParsePublic() or ParsePrivate() */ /** Constructs an empty key instance. Before use, it needs to be filled by ParsePublic() or ParsePrivate() */
cPublicKey(void); cCryptoKey(void);
/** Constructs the public key out of the DER- or PEM-encoded pubkey data */ /** Constructs the public key out of the DER- or PEM-encoded pubkey data */
cPublicKey(const AString & a_PublicKeyData); cCryptoKey(const AString & a_PublicKeyData);
/** Constructs the private key out of the DER- or PEM-encoded privkey data, with the specified password. /** Constructs the private key out of the DER- or PEM-encoded privkey data, with the specified password.
If a_Password is empty, no password is assumed. */ If a_Password is empty, no password is assumed. */
cPublicKey(const AString & a_PrivateKeyData, const AString & a_Password); cCryptoKey(const AString & a_PrivateKeyData, const AString & a_Password);
~cPublicKey(); ~cCryptoKey();
/** Decrypts the data using the stored public key /** Decrypts the data using the stored public key
Both a_EncryptedData and a_DecryptedData must be at least <KeySizeBytes> bytes large. Both a_EncryptedData and a_DecryptedData must be at least <KeySizeBytes> bytes large.
@ -58,7 +58,7 @@ public:
bool IsValid(void) const; bool IsValid(void) const;
protected: protected:
/** The public key PolarSSL representation */ /** The PolarSSL representation of the key data */
pk_context m_Pk; pk_context m_Pk;
/** The random generator used in encryption and decryption */ /** The random generator used in encryption and decryption */
@ -69,7 +69,7 @@ protected:
pk_context * GetInternal(void) { return &m_Pk; } pk_context * GetInternal(void) { return &m_Pk; }
} ; } ;
typedef SharedPtr<cPublicKey> cPublicKeyPtr; typedef SharedPtr<cCryptoKey> cCryptoKeyPtr;

View File

@ -26,7 +26,7 @@ class cCtrDrbgContext
{ {
friend class cSslContext; friend class cSslContext;
friend class cRsaPrivateKey; friend class cRsaPrivateKey;
friend class cPublicKey; friend class cCryptoKey;
public: public:
/** Constructs the context with a new entropy context. */ /** Constructs the context with a new entropy context. */

View File

@ -115,7 +115,7 @@ void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKe
void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cPublicKeyPtr & a_OwnCertPrivKey) void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey)
{ {
ASSERT(m_IsValid); // Call Initialize() first ASSERT(m_IsValid); // Call Initialize() first

View File

@ -11,7 +11,7 @@
#include "polarssl/ssl.h" #include "polarssl/ssl.h"
#include "../ByteBuffer.h" #include "../ByteBuffer.h"
#include "PublicKey.h" #include "CryptoKey.h"
#include "RsaPrivateKey.h" #include "RsaPrivateKey.h"
#include "X509Cert.h" #include "X509Cert.h"
@ -54,9 +54,8 @@ public:
void SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKeyPtr & a_OwnCertPrivKey); void SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKeyPtr & a_OwnCertPrivKey);
/** Sets the certificate to use as our own. Must be used when representing a server, optional when client. /** Sets the certificate to use as our own. Must be used when representing a server, optional when client.
Must be called after Initialize(). Must be called after Initialize(). */
Despite the class name, a_OwnCertPrivKey is a PRIVATE key. */ void SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey);
void SetOwnCert(const cX509CertPtr & a_OwnCert, const cPublicKeyPtr & a_OwnCertPrivKey);
/** Sets a cert chain as the trusted cert store for this context. Must be called after Initialize(). /** Sets a cert chain as the trusted cert store for this context. Must be called after Initialize().
Calling this will switch the context into strict cert verification mode. Calling this will switch the context into strict cert verification mode.
@ -107,11 +106,11 @@ protected:
/** The certificate that we present to the peer. */ /** The certificate that we present to the peer. */
cX509CertPtr m_OwnCert; cX509CertPtr m_OwnCert;
/** Private key for m_OwnCert, if initialized from a cRsaPrivateKey */ /** Private key for m_OwnCert, if initialized from a cRsaPrivateKey. */
cRsaPrivateKeyPtr m_OwnCertPrivKey; cRsaPrivateKeyPtr m_OwnCertPrivKey;
/** Private key for m_OwnCert, if initialized from a cPublicKey. Despite the class name, this is a PRIVATE key. */ /** Private key for m_OwnCert, if initialized from a cCryptoKey. */
cPublicKeyPtr m_OwnCertPrivKey2; cCryptoKeyPtr m_OwnCertPrivKey2;
/** True if the SSL handshake has been completed. */ /** True if the SSL handshake has been completed. */
bool m_HasHandshaken; bool m_HasHandshaken;