flewkey/cuberite-2a
1
0
Fork 0
Code Releases Activity

Fixed webadmin certificate reading.

Browse Source
This commit is contained in:
Mattes D 2017-09-19 18:28:51 +02:00 committed by Lukas Pioch
parent 30c8470a52
commit e0d1f791a3
3 changed files with 10 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/mbedTLS++/CryptoKey.cpp
View File

@ -120,16 +120,19 @@ int cCryptoKey::ParsePublic(const void * a_Data, size_t a_NumBytes)
int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password)
{
ASSERT(!IsValid()); // Cannot parse a second key
// mbedTLS requires that PEM-encoded data is passed including the terminating NUL byte,
// and DER-encoded data is decoded properly even with an extra trailing NUL byte, so we simply add one to everything:
AString keyData(reinterpret_cast<const char *>(a_Data), a_NumBytes);
if (a_Password.empty())
{
return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(a_Data), a_NumBytes, nullptr, 0);
return mbedtls_pk_parse_key(&m_Pk, reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1, nullptr, 0);
}
else
{
return mbedtls_pk_parse_key(
&m_Pk,
reinterpret_cast<const unsigned char *>(a_Data), a_NumBytes,
reinterpret_cast<const unsigned char *>(keyData.data()), a_NumBytes + 1,
reinterpret_cast<const unsigned char *>(a_Password.c_str()), a_Password.size()
);
}

5
src/mbedTLS++/X509Cert.cpp
View File

@ -30,7 +30,10 @@ cX509Cert::~cX509Cert()
int cX509Cert::Parse(const void * a_CertContents, size_t a_Size)
{
return mbedtls_x509_crt_parse(&m_Cert, reinterpret_cast<const unsigned char *>(a_CertContents), a_Size);
// mbedTLS requires that PEM-encoded data is passed including the terminating NUL byte,
// and DER-encoded data is decoded properly even with an extra trailing NUL byte, so we simply add one to everything:
AString certContents(reinterpret_cast<const char *>(a_CertContents), a_Size);
return mbedtls_x509_crt_parse(&m_Cert, reinterpret_cast<const unsigned char *>(certContents.data()), a_Size + 1);
}

1
src/mbedTLS++/X509Cert.h
View File

@ -24,6 +24,7 @@ public:
~cX509Cert(void);
/** Parses the certificate chain data into the context.
The certificate can be DER- or PEM-encoded.
Returns 0 on succes, or mbedTLS error code on failure. */
int Parse(const void * a_CertContents, size_t a_Size);