diff options
author | madmaxoft <github@xoft.cz> | 2014-05-01 15:21:41 +0200 |
---|---|---|
committer | madmaxoft <github@xoft.cz> | 2014-05-01 15:21:41 +0200 |
commit | 1587b21edded56dbfb88150500336c2853b460c6 (patch) | |
tree | 544cd9d1aece0e7902739b30a75e372506d775fa /src | |
parent | Fixed crashes in the SSL HTTP connection. (diff) | |
download | cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar.gz cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar.bz2 cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar.lz cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar.xz cuberite-1587b21edded56dbfb88150500336c2853b460c6.tar.zst cuberite-1587b21edded56dbfb88150500336c2853b460c6.zip |
Diffstat (limited to 'src')
-rw-r--r-- | src/HTTPServer/HTTPServer.cpp | 6 | ||||
-rw-r--r-- | src/HTTPServer/HTTPServer.h | 6 | ||||
-rw-r--r-- | src/HTTPServer/SslHTTPConnection.cpp | 2 | ||||
-rw-r--r-- | src/HTTPServer/SslHTTPConnection.h | 8 | ||||
-rw-r--r-- | src/PolarSSL++/CryptoKey.cpp (renamed from src/PolarSSL++/PublicKey.cpp) | 24 | ||||
-rw-r--r-- | src/PolarSSL++/CryptoKey.h (renamed from src/PolarSSL++/PublicKey.h) | 18 | ||||
-rw-r--r-- | src/PolarSSL++/CtrDrbgContext.h | 2 | ||||
-rw-r--r-- | src/PolarSSL++/SslContext.cpp | 2 | ||||
-rw-r--r-- | src/PolarSSL++/SslContext.h | 13 |
9 files changed, 40 insertions, 41 deletions
diff --git a/src/HTTPServer/HTTPServer.cpp b/src/HTTPServer/HTTPServer.cpp index 9e3e0a17b..c45044c66 100644 --- a/src/HTTPServer/HTTPServer.cpp +++ b/src/HTTPServer/HTTPServer.cpp @@ -124,17 +124,17 @@ class cDebugCallbacks : cHTTPServer::cHTTPServer(void) : m_ListenThreadIPv4(*this, cSocket::IPv4, "WebServer IPv4"), m_ListenThreadIPv6(*this, cSocket::IPv6, "WebServer IPv6"), - m_Callbacks(NULL), - m_Cert(new cX509Cert), - m_CertPrivKey(new cPublicKey) + m_Callbacks(NULL) { AString CertFile = cFile::ReadWholeFile("webadmin/httpscert.crt"); AString KeyFile = cFile::ReadWholeFile("webadmin/httpskey.pem"); if (!CertFile.empty() && !KeyFile.empty()) { + m_Cert.reset(new cX509Cert); int res = m_Cert->Parse(CertFile.data(), CertFile.size()); if (res == 0) { + m_CertPrivKey.reset(new cCryptoKey); int res2 = m_CertPrivKey->ParsePrivate(KeyFile.data(), KeyFile.size(), ""); if (res2 != 0) { diff --git a/src/HTTPServer/HTTPServer.h b/src/HTTPServer/HTTPServer.h index eb91dd5a3..522b7da62 100644 --- a/src/HTTPServer/HTTPServer.h +++ b/src/HTTPServer/HTTPServer.h @@ -13,7 +13,7 @@ #include "../OSSupport/SocketThreads.h" #include "inifile/iniFile.h" #include "PolarSSL++/RsaPrivateKey.h" -#include "PolarSSL++/PublicKey.h" +#include "PolarSSL++/CryptoKey.h" #include "PolarSSL++/X509Cert.h" @@ -85,8 +85,8 @@ protected: /** The server certificate to use for the SSL connections */ cX509CertPtr m_Cert; - /** The private key for m_Cert. Despite the class name, this is the PRIVATE key. */ - cPublicKeyPtr m_CertPrivKey; + /** The private key for m_Cert. */ + cCryptoKeyPtr m_CertPrivKey; // cListenThread::cCallback overrides: diff --git a/src/HTTPServer/SslHTTPConnection.cpp b/src/HTTPServer/SslHTTPConnection.cpp index b6b222b47..d237089d9 100644 --- a/src/HTTPServer/SslHTTPConnection.cpp +++ b/src/HTTPServer/SslHTTPConnection.cpp @@ -11,7 +11,7 @@ -cSslHTTPConnection::cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cPublicKeyPtr & a_PrivateKey) : +cSslHTTPConnection::cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cCryptoKeyPtr & a_PrivateKey) : super(a_HTTPServer), m_Ssl(64000), m_Cert(a_Cert), diff --git a/src/HTTPServer/SslHTTPConnection.h b/src/HTTPServer/SslHTTPConnection.h index 653acbfce..c2c1585cd 100644 --- a/src/HTTPServer/SslHTTPConnection.h +++ b/src/HTTPServer/SslHTTPConnection.h @@ -22,9 +22,9 @@ class cSslHTTPConnection : typedef cHTTPConnection super; public: - /** Creates a new connection on the specified server; sends the specified cert as the server certificate, - uses the private key for decryption. a_Private key is, despite the class name, a PRIVATE key for the cert. */ - cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cPublicKeyPtr & a_PrivateKey); + /** Creates a new connection on the specified server. + Sends the specified cert as the server certificate, uses the private key for decryption. */ + cSslHTTPConnection(cHTTPServer & a_HTTPServer, const cX509CertPtr & a_Cert, const cCryptoKeyPtr & a_PrivateKey); protected: cBufferedSslContext m_Ssl; @@ -33,7 +33,7 @@ protected: cX509CertPtr m_Cert; /** The private key used for the certificate */ - cPublicKeyPtr m_PrivateKey; + cCryptoKeyPtr m_PrivateKey; // cHTTPConnection overrides: virtual bool DataReceived (const char * a_Data, size_t a_Size) override; // Data is received from the client diff --git a/src/PolarSSL++/PublicKey.cpp b/src/PolarSSL++/CryptoKey.cpp index dae026082..0763c387b 100644 --- a/src/PolarSSL++/PublicKey.cpp +++ b/src/PolarSSL++/CryptoKey.cpp @@ -1,16 +1,16 @@ -// PublicKey.cpp +// CryptoKey.cpp -// Implements the cPublicKey class representing a RSA public key in PolarSSL +// Implements the cCryptoKey class representing a RSA public key in PolarSSL #include "Globals.h" -#include "PublicKey.h" +#include "CryptoKey.h" -cPublicKey::cPublicKey(void) +cCryptoKey::cCryptoKey(void) { pk_init(&m_Pk); m_CtrDrbg.Initialize("rsa_pubkey", 10); @@ -20,7 +20,7 @@ cPublicKey::cPublicKey(void) -cPublicKey::cPublicKey(const AString & a_PublicKeyData) +cCryptoKey::cCryptoKey(const AString & a_PublicKeyData) { pk_init(&m_Pk); m_CtrDrbg.Initialize("rsa_pubkey", 10); @@ -37,7 +37,7 @@ cPublicKey::cPublicKey(const AString & a_PublicKeyData) -cPublicKey::cPublicKey(const AString & a_PrivateKeyData, const AString & a_Password) +cCryptoKey::cCryptoKey(const AString & a_PrivateKeyData, const AString & a_Password) { pk_init(&m_Pk); m_CtrDrbg.Initialize("rsa_privkey", 11); @@ -54,7 +54,7 @@ cPublicKey::cPublicKey(const AString & a_PrivateKeyData, const AString & a_Passw -cPublicKey::~cPublicKey() +cCryptoKey::~cCryptoKey() { pk_free(&m_Pk); } @@ -63,7 +63,7 @@ cPublicKey::~cPublicKey() -int cPublicKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength, Byte * a_DecryptedData, size_t a_DecryptedMaxLength) +int cCryptoKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength, Byte * a_DecryptedData, size_t a_DecryptedMaxLength) { ASSERT(IsValid()); @@ -84,7 +84,7 @@ int cPublicKey::Decrypt(const Byte * a_EncryptedData, size_t a_EncryptedLength, -int cPublicKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a_EncryptedData, size_t a_EncryptedMaxLength) +int cCryptoKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a_EncryptedData, size_t a_EncryptedMaxLength) { ASSERT(IsValid()); @@ -105,7 +105,7 @@ int cPublicKey::Encrypt(const Byte * a_PlainData, size_t a_PlainLength, Byte * a -int cPublicKey::ParsePublic(const void * a_Data, size_t a_NumBytes) +int cCryptoKey::ParsePublic(const void * a_Data, size_t a_NumBytes) { ASSERT(!IsValid()); // Cannot parse a second key @@ -117,7 +117,7 @@ int cPublicKey::ParsePublic(const void * a_Data, size_t a_NumBytes) -int cPublicKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password) +int cCryptoKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AString & a_Password) { ASSERT(!IsValid()); // Cannot parse a second key @@ -139,7 +139,7 @@ int cPublicKey::ParsePrivate(const void * a_Data, size_t a_NumBytes, const AStri -bool cPublicKey::IsValid(void) const +bool cCryptoKey::IsValid(void) const { return (pk_get_type(&m_Pk) != POLARSSL_PK_NONE); } diff --git a/src/PolarSSL++/PublicKey.h b/src/PolarSSL++/CryptoKey.h index df52a4143..9c298e501 100644 --- a/src/PolarSSL++/PublicKey.h +++ b/src/PolarSSL++/CryptoKey.h @@ -1,7 +1,7 @@ -// PublicKey.h +// CryptoKey.h -// Declares the cPublicKey class representing a RSA public key in PolarSSL +// Declares the cCryptoKey class representing a RSA public key in PolarSSL @@ -16,22 +16,22 @@ -class cPublicKey +class cCryptoKey { friend class cSslContext; public: /** Constructs an empty key instance. Before use, it needs to be filled by ParsePublic() or ParsePrivate() */ - cPublicKey(void); + cCryptoKey(void); /** Constructs the public key out of the DER- or PEM-encoded pubkey data */ - cPublicKey(const AString & a_PublicKeyData); + cCryptoKey(const AString & a_PublicKeyData); /** Constructs the private key out of the DER- or PEM-encoded privkey data, with the specified password. If a_Password is empty, no password is assumed. */ - cPublicKey(const AString & a_PrivateKeyData, const AString & a_Password); + cCryptoKey(const AString & a_PrivateKeyData, const AString & a_Password); - ~cPublicKey(); + ~cCryptoKey(); /** Decrypts the data using the stored public key Both a_EncryptedData and a_DecryptedData must be at least <KeySizeBytes> bytes large. @@ -58,7 +58,7 @@ public: bool IsValid(void) const; protected: - /** The public key PolarSSL representation */ + /** The PolarSSL representation of the key data */ pk_context m_Pk; /** The random generator used in encryption and decryption */ @@ -69,7 +69,7 @@ protected: pk_context * GetInternal(void) { return &m_Pk; } } ; -typedef SharedPtr<cPublicKey> cPublicKeyPtr; +typedef SharedPtr<cCryptoKey> cCryptoKeyPtr; diff --git a/src/PolarSSL++/CtrDrbgContext.h b/src/PolarSSL++/CtrDrbgContext.h index 65e9a2374..230db8753 100644 --- a/src/PolarSSL++/CtrDrbgContext.h +++ b/src/PolarSSL++/CtrDrbgContext.h @@ -26,7 +26,7 @@ class cCtrDrbgContext { friend class cSslContext; friend class cRsaPrivateKey; - friend class cPublicKey; + friend class cCryptoKey; public: /** Constructs the context with a new entropy context. */ diff --git a/src/PolarSSL++/SslContext.cpp b/src/PolarSSL++/SslContext.cpp index df0219610..bc397b655 100644 --- a/src/PolarSSL++/SslContext.cpp +++ b/src/PolarSSL++/SslContext.cpp @@ -115,7 +115,7 @@ void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKe -void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cPublicKeyPtr & a_OwnCertPrivKey) +void cSslContext::SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey) { ASSERT(m_IsValid); // Call Initialize() first diff --git a/src/PolarSSL++/SslContext.h b/src/PolarSSL++/SslContext.h index 273939b9f..a4ad1a345 100644 --- a/src/PolarSSL++/SslContext.h +++ b/src/PolarSSL++/SslContext.h @@ -11,7 +11,7 @@ #include "polarssl/ssl.h" #include "../ByteBuffer.h" -#include "PublicKey.h" +#include "CryptoKey.h" #include "RsaPrivateKey.h" #include "X509Cert.h" @@ -54,9 +54,8 @@ public: void SetOwnCert(const cX509CertPtr & a_OwnCert, const cRsaPrivateKeyPtr & a_OwnCertPrivKey); /** Sets the certificate to use as our own. Must be used when representing a server, optional when client. - Must be called after Initialize(). - Despite the class name, a_OwnCertPrivKey is a PRIVATE key. */ - void SetOwnCert(const cX509CertPtr & a_OwnCert, const cPublicKeyPtr & a_OwnCertPrivKey); + Must be called after Initialize(). */ + void SetOwnCert(const cX509CertPtr & a_OwnCert, const cCryptoKeyPtr & a_OwnCertPrivKey); /** Sets a cert chain as the trusted cert store for this context. Must be called after Initialize(). Calling this will switch the context into strict cert verification mode. @@ -107,11 +106,11 @@ protected: /** The certificate that we present to the peer. */ cX509CertPtr m_OwnCert; - /** Private key for m_OwnCert, if initialized from a cRsaPrivateKey */ + /** Private key for m_OwnCert, if initialized from a cRsaPrivateKey. */ cRsaPrivateKeyPtr m_OwnCertPrivKey; - /** Private key for m_OwnCert, if initialized from a cPublicKey. Despite the class name, this is a PRIVATE key. */ - cPublicKeyPtr m_OwnCertPrivKey2; + /** Private key for m_OwnCert, if initialized from a cCryptoKey. */ + cCryptoKeyPtr m_OwnCertPrivKey2; /** True if the SSL handshake has been completed. */ bool m_HasHandshaken; |