Merge pull request #75721 from ScorpionInc/Expose_String_functions_for_X509Certificate

Exposes String functions for X509Certificates
This commit is contained in:
Fabio Alessandrelli 2023-05-10 05:26:55 +02:00 committed by GitHub
commit 081808be49
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 49 additions and 0 deletions

View File

@ -63,6 +63,8 @@ X509Certificate *X509Certificate::create() {
void X509Certificate::_bind_methods() {
ClassDB::bind_method(D_METHOD("save", "path"), &X509Certificate::save);
ClassDB::bind_method(D_METHOD("load", "path"), &X509Certificate::load);
ClassDB::bind_method(D_METHOD("save_to_string"), &X509Certificate::save_to_string);
ClassDB::bind_method(D_METHOD("load_from_string", "string"), &X509Certificate::load_from_string);
}
/// TLSOptions

View File

@ -65,6 +65,8 @@ public:
virtual Error load(String p_path) = 0;
virtual Error load_from_memory(const uint8_t *p_buffer, int p_len) = 0;
virtual Error save(String p_path) = 0;
virtual String save_to_string() = 0;
virtual Error load_from_string(const String &string) = 0;
};
class TLSOptions : public RefCounted {

View File

@ -17,6 +17,13 @@
Loads a certificate from [param path] ("*.crt" file).
</description>
</method>
<method name="load_from_string">
<return type="int" enum="Error" />
<param index="0" name="string" type="String" />
<description>
Loads a certificate from the given [param string].
</description>
</method>
<method name="save">
<return type="int" enum="Error" />
<param index="0" name="path" type="String" />
@ -24,5 +31,11 @@
Saves a certificate to the given [param path] (should be a "*.crt" file).
</description>
</method>
<method name="save_to_string">
<return type="String" />
<description>
Returns a string representation of the certificate, or an empty string if the certificate is invalid.
</description>
</method>
</methods>
</class>

View File

@ -42,6 +42,7 @@
#endif
#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
#define PEM_END_CRT "-----END CERTIFICATE-----\n"
#define PEM_MIN_SIZE 54
#include <mbedtls/debug.h>
#include <mbedtls/md.h>
@ -181,6 +182,35 @@ Error X509CertificateMbedTLS::save(String p_path) {
return OK;
}
String X509CertificateMbedTLS::save_to_string() {
String buffer;
mbedtls_x509_crt *crt = &cert;
while (crt) {
unsigned char w[4096];
size_t wrote = 0;
int ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, cert.raw.p, cert.raw.len, w, sizeof(w), &wrote);
ERR_FAIL_COND_V_MSG(ret != 0 || wrote == 0, String(), "Error saving the certificate.");
buffer += String((char *)w, wrote);
crt = crt->next;
}
if (buffer.length() <= PEM_MIN_SIZE) {
// When the returned value of variable 'buffer' would consist of no Base-64 data, return an empty String instead.
return String();
}
return buffer;
}
Error X509CertificateMbedTLS::load_from_string(const String &p_string_key) {
ERR_FAIL_COND_V_MSG(locks, ERR_ALREADY_IN_USE, "Certificate is in use");
CharString cs = p_string_key.utf8();
int ret = mbedtls_x509_crt_parse(&cert, (const unsigned char *)cs.get_data(), cs.size());
ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing some certificates: " + itos(ret));
return OK;
}
bool HMACContextMbedTLS::is_md_type_allowed(mbedtls_md_type_t p_md_type) {
switch (p_md_type) {
case MBEDTLS_MD_SHA1:

View File

@ -85,6 +85,8 @@ public:
virtual Error load(String p_path);
virtual Error load_from_memory(const uint8_t *p_buffer, int p_len);
virtual Error save(String p_path);
virtual String save_to_string();
virtual Error load_from_string(const String &p_string_key);
X509CertificateMbedTLS() {
mbedtls_x509_crt_init(&cert);