Set EVP private key on SSL context (#2259)

2025-11-04 04:09:57 +01:00 · 2018-06-03 18:27:32 +02:00
parent 612f092235
commit 5fb10f6746
2 changed files with 22 additions and 0 deletions
--- a/NetSSL_OpenSSL/include/Poco/Net/Context.h
+++ b/NetSSL_OpenSSL/include/Poco/Net/Context.h
@@ -21,6 +21,7 @@
 #include "Poco/Net/NetSSL.h"
 #include "Poco/Net/SocketDefs.h"
 #include "Poco/Crypto/X509Certificate.h"
+#include "Poco/Crypto/EVPPKey.h"
 #include "Poco/Crypto/RSAKey.h"
 #include "Poco/RefCountedObject.h"
 #include "Poco/AutoPtr.h"
@@ -236,6 +237,16 @@ public:
 		/// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired
 		/// event must be handled.

+	void usePrivateKey(const Poco::Crypto::EVPPKey &pkey);
+		/// Sets the private key to be used by the Context.
+		///
+		/// Note that useCertificate() must always be called before
+		/// usePrivateKey().
+		///
+		/// Note: If the private key is protected by a passphrase, a PrivateKeyPassphraseHandler
+		/// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired
+		/// event must be handled.
+
 	SSL_CTX* sslContext() const;
 		/// Returns the underlying OpenSSL SSL Context object.

--- a/NetSSL_OpenSSL/src/Context.cpp
+++ b/NetSSL_OpenSSL/src/Context.cpp
@@ -237,6 +237,17 @@ void Context::usePrivateKey(const Poco::Crypto::RSAKey& key)
 }


+void Context::usePrivateKey(const Poco::Crypto::EVPPKey& pkey)
+{
+	int errCode = SSL_CTX_use_PrivateKey(_pSSLContext, const_cast<EVP_PKEY*>(static_cast<const EVP_PKEY*>(pkey)));
+	if (errCode != 1)
+	{
+		std::string msg = Utility::getLastError();
+		throw SSLContextException("Cannot set private key for Context", msg);
+	}
+}
+
+
 void Context::enableSessionCache(bool flag)
 {
 	if (flag)