From 5fb10f6746fcc2967a98e5f37768aefbcc061ffc Mon Sep 17 00:00:00 2001 From: Joerg-Christian Boehme Date: Sun, 3 Jun 2018 18:27:32 +0200 Subject: [PATCH] Set EVP private key on SSL context (#2259) --- NetSSL_OpenSSL/include/Poco/Net/Context.h | 11 +++++++++++ NetSSL_OpenSSL/src/Context.cpp | 11 +++++++++++ 2 files changed, 22 insertions(+) diff --git a/NetSSL_OpenSSL/include/Poco/Net/Context.h b/NetSSL_OpenSSL/include/Poco/Net/Context.h index d66328380..c239d52b4 100644 --- a/NetSSL_OpenSSL/include/Poco/Net/Context.h +++ b/NetSSL_OpenSSL/include/Poco/Net/Context.h @@ -21,6 +21,7 @@ #include "Poco/Net/NetSSL.h" #include "Poco/Net/SocketDefs.h" #include "Poco/Crypto/X509Certificate.h" +#include "Poco/Crypto/EVPPKey.h" #include "Poco/Crypto/RSAKey.h" #include "Poco/RefCountedObject.h" #include "Poco/AutoPtr.h" @@ -236,6 +237,16 @@ public: /// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired /// event must be handled. + void usePrivateKey(const Poco::Crypto::EVPPKey &pkey); + /// Sets the private key to be used by the Context. + /// + /// Note that useCertificate() must always be called before + /// usePrivateKey(). + /// + /// Note: If the private key is protected by a passphrase, a PrivateKeyPassphraseHandler + /// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired + /// event must be handled. + SSL_CTX* sslContext() const; /// Returns the underlying OpenSSL SSL Context object. diff --git a/NetSSL_OpenSSL/src/Context.cpp b/NetSSL_OpenSSL/src/Context.cpp index 8815f6d25..575276405 100644 --- a/NetSSL_OpenSSL/src/Context.cpp +++ b/NetSSL_OpenSSL/src/Context.cpp @@ -237,6 +237,17 @@ void Context::usePrivateKey(const Poco::Crypto::RSAKey& key) } +void Context::usePrivateKey(const Poco::Crypto::EVPPKey& pkey) +{ + int errCode = SSL_CTX_use_PrivateKey(_pSSLContext, const_cast(static_cast(pkey))); + if (errCode != 1) + { + std::string msg = Utility::getLastError(); + throw SSLContextException("Cannot set private key for Context", msg); + } +} + + void Context::enableSessionCache(bool flag) { if (flag)