diff options
| author | ScorpionInc <d2dejohn@gmail.com> | 2023-04-05 17:45:55 -0400 |
|---|---|---|
| committer | ScorpionInc <19487319+ScorpionInc@users.noreply.github.com> | 2023-05-09 19:02:33 -0400 |
| commit | a5b867391e5228b491befadca101d4918dd0820c (patch) | |
| tree | 93c1441b332c62f1ed5a8424c8262e4b1a9ae104 | |
| parent | fba9416fe0046c32b19d47523eab95e9e6036093 (diff) | |
| download | redot-engine-a5b867391e5228b491befadca101d4918dd0820c.tar.gz | |
Exposes String functions for X509Certificates
Exposes String functions for X509Certificates via two function calls: save_to_string() and load_from_string(str).
| -rw-r--r-- | core/crypto/crypto.cpp | 2 | ||||
| -rw-r--r-- | core/crypto/crypto.h | 2 | ||||
| -rw-r--r-- | doc/classes/X509Certificate.xml | 13 | ||||
| -rw-r--r-- | modules/mbedtls/crypto_mbedtls.cpp | 30 | ||||
| -rw-r--r-- | modules/mbedtls/crypto_mbedtls.h | 2 |
5 files changed, 49 insertions, 0 deletions
diff --git a/core/crypto/crypto.cpp b/core/crypto/crypto.cpp index 939c1c298f..6b1c2a9cb2 100644 --- a/core/crypto/crypto.cpp +++ b/core/crypto/crypto.cpp @@ -63,6 +63,8 @@ X509Certificate *X509Certificate::create() { void X509Certificate::_bind_methods() { ClassDB::bind_method(D_METHOD("save", "path"), &X509Certificate::save); ClassDB::bind_method(D_METHOD("load", "path"), &X509Certificate::load); + ClassDB::bind_method(D_METHOD("save_to_string"), &X509Certificate::save_to_string); + ClassDB::bind_method(D_METHOD("load_from_string", "string"), &X509Certificate::load_from_string); } /// TLSOptions diff --git a/core/crypto/crypto.h b/core/crypto/crypto.h index 999fe076d6..4b5bf8305f 100644 --- a/core/crypto/crypto.h +++ b/core/crypto/crypto.h @@ -65,6 +65,8 @@ public: virtual Error load(String p_path) = 0; virtual Error load_from_memory(const uint8_t *p_buffer, int p_len) = 0; virtual Error save(String p_path) = 0; + virtual String save_to_string() = 0; + virtual Error load_from_string(const String &string) = 0; }; class TLSOptions : public RefCounted { diff --git a/doc/classes/X509Certificate.xml b/doc/classes/X509Certificate.xml index 6123d35d1f..051d4579a6 100644 --- a/doc/classes/X509Certificate.xml +++ b/doc/classes/X509Certificate.xml @@ -17,6 +17,13 @@ Loads a certificate from [param path] ("*.crt" file). </description> </method> + <method name="load_from_string"> + <return type="int" enum="Error" /> + <param index="0" name="string" type="String" /> + <description> + Loads a certificate from the given [param string]. + </description> + </method> <method name="save"> <return type="int" enum="Error" /> <param index="0" name="path" type="String" /> @@ -24,5 +31,11 @@ Saves a certificate to the given [param path] (should be a "*.crt" file). </description> </method> + <method name="save_to_string"> + <return type="String" /> + <description> + Returns a string representation of the certificate, or an empty string if the certificate is invalid. + </description> + </method> </methods> </class> diff --git a/modules/mbedtls/crypto_mbedtls.cpp b/modules/mbedtls/crypto_mbedtls.cpp index 5b52af3068..6ae36daffe 100644 --- a/modules/mbedtls/crypto_mbedtls.cpp +++ b/modules/mbedtls/crypto_mbedtls.cpp @@ -42,6 +42,7 @@ #endif #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" #define PEM_END_CRT "-----END CERTIFICATE-----\n" +#define PEM_MIN_SIZE 54 #include <mbedtls/debug.h> #include <mbedtls/md.h> @@ -181,6 +182,35 @@ Error X509CertificateMbedTLS::save(String p_path) { return OK; } +String X509CertificateMbedTLS::save_to_string() { + String buffer; + mbedtls_x509_crt *crt = &cert; + while (crt) { + unsigned char w[4096]; + size_t wrote = 0; + int ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, cert.raw.p, cert.raw.len, w, sizeof(w), &wrote); + ERR_FAIL_COND_V_MSG(ret != 0 || wrote == 0, String(), "Error saving the certificate."); + + buffer += String((char *)w, wrote); + crt = crt->next; + } + if (buffer.length() <= PEM_MIN_SIZE) { + // When the returned value of variable 'buffer' would consist of no Base-64 data, return an empty String instead. + return String(); + } + return buffer; +} + +Error X509CertificateMbedTLS::load_from_string(const String &p_string_key) { + ERR_FAIL_COND_V_MSG(locks, ERR_ALREADY_IN_USE, "Certificate is in use"); + CharString cs = p_string_key.utf8(); + + int ret = mbedtls_x509_crt_parse(&cert, (const unsigned char *)cs.get_data(), cs.size()); + ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing some certificates: " + itos(ret)); + + return OK; +} + bool HMACContextMbedTLS::is_md_type_allowed(mbedtls_md_type_t p_md_type) { switch (p_md_type) { case MBEDTLS_MD_SHA1: diff --git a/modules/mbedtls/crypto_mbedtls.h b/modules/mbedtls/crypto_mbedtls.h index 7422ebad3e..0168e1f663 100644 --- a/modules/mbedtls/crypto_mbedtls.h +++ b/modules/mbedtls/crypto_mbedtls.h @@ -85,6 +85,8 @@ public: virtual Error load(String p_path); virtual Error load_from_memory(const uint8_t *p_buffer, int p_len); virtual Error save(String p_path); + virtual String save_to_string(); + virtual Error load_from_string(const String &p_string_key); X509CertificateMbedTLS() { mbedtls_x509_crt_init(&cert); |