Loading src/ssl.cpp +0 −100 Original line number Diff line number Diff line Loading @@ -4420,106 +4420,6 @@ static bool isOidEcPublicKey(const uint8_t* oid, size_t len) { return (len == sizeof(EC_OID) && std::memcmp(oid, EC_OID, len) == 0); } bool netplus::ssl::loadServerPrivateKeyDer(const std::string& keyDerPath) { try { std::vector<uint8_t> der = readFileBytesDer(keyDerPath); return loadServerPrivateKey(der); } catch (...) { throw; } } bool netplus::ssl::loadServerPrivateKey(const std::vector<uint8_t>& der) { try { // ✅ Extract RSA key data from DER and load into selected bundle's RSA if (_selected_cert_bundle) { return _loadRsaFromDer(der, _selected_cert_bundle->rsa_key); } return false; } catch (...) { throw; } } // ✅ Static helper: Extract RSA key from DER bytes and populate rsa object bool netplus::ssl::_loadRsaFromDer(const std::vector<uint8_t>& derData, netplus::rsa& out_rsa) { try { // Create a temporary x509cert just for parsing ASN.1 netplus::x509cert temp_cert; netplus::ASN1Node root; size_t used = temp_cert.parseInternal(derData.data(), derData.size(), root); if (used == 0) { netplus::NetException e; e[netplus::NetException::Error] << "failed parsing key DER ASN.1"; throw e; } std::vector<uint8_t> nBE, eBE, dBE; // Detect PKCS#8: bool looksPkcs8 = (root.tag == 0x30 && root.children.size() >= 3 && root.children[2].tag == 0x04 && root.children[2].data != nullptr && root.children[2].len > 0); bool isEcKey = false; if (looksPkcs8 && root.children.size() >= 2 && root.children[1].tag == 0x30) { const auto& algId = root.children[1]; if (algId.children.size() >= 1 && algId.children[0].tag == 0x06) { const auto& oid = algId.children[0]; isEcKey = isOidEcPublicKey(oid.data, oid.len); if (isEcKey && algId.children.size() >= 2 && algId.children[1].tag == 0x06) { const auto& curveOid = algId.children[1]; if (!isOidP256(curveOid.data, curveOid.len)) { isEcKey = false; } } } } if (isEcKey) { // EC keys not supported in CertificateBundle for now // (only RSA for TLS handshake signatures) return false; } bool ok = false; if (looksPkcs8) { netplus::ASN1Node inner; const auto& oct = root.children[2]; if (temp_cert.parseInternal(oct.data, oct.len, inner) == 0) { netplus::NetException e; e[netplus::NetException::Error] << "failed parsing PKCS#8 inner private key"; throw e; } ok = parsePkcs1RsaPrivateKeyDer(inner, nBE, eBE, dBE); } else { ok = parsePkcs1RsaPrivateKeyDer(root, nBE, eBE, dBE); } if (!ok || nBE.empty() || eBE.empty() || dBE.empty()) { netplus::NetException e; e[netplus::NetException::Error] << "failed extracting RSA key (n/e/d) from DER"; throw e; } // Install into output RSA object out_rsa.setRsaKeyFromRaw(nBE, eBE, dBE); std::cerr << "[SSL] _loadRsaFromDer: Successfully loaded RSA private key" << std::endl; return true; } catch (netplus::NetException&) { throw; } catch (...) { netplus::NetException e; e[netplus::NetException::Error] << "_loadRsaFromDer: unknown exception"; throw e; } } bool netplus::ssl::_popHandshakeMsg(std::vector<uint8_t>& out, uint8_t& type) { if (_rx_handshake_buf.size() < 4) return false; Loading test/https_test.cpp +2 −2 Original line number Diff line number Diff line Loading @@ -109,8 +109,8 @@ int main() { netplus::ssl::CertificateBundle bundle1; bundle1.cert = cert; bundle1.privateKeyDer = std::vector<uint8_t>(test_key_der.begin(), test_key_der.end()); // Pre-load RSA key into bundle if (!netplus::ssl::_loadRsaFromDer(bundle1.privateKeyDer, bundle1.rsa_key)) { // Pre-load RSA key into bundle using the rsa::loadRsaFromDerFile static function if (!netplus::rsa::loadRsaFromDerFile(bundle1.privateKeyDer, bundle1.rsa_key)) { std::cerr << "Failed to load RSA key 1!" << std::endl; std::cerr.flush(); return 1; Loading Loading
src/ssl.cpp +0 −100 Original line number Diff line number Diff line Loading @@ -4420,106 +4420,6 @@ static bool isOidEcPublicKey(const uint8_t* oid, size_t len) { return (len == sizeof(EC_OID) && std::memcmp(oid, EC_OID, len) == 0); } bool netplus::ssl::loadServerPrivateKeyDer(const std::string& keyDerPath) { try { std::vector<uint8_t> der = readFileBytesDer(keyDerPath); return loadServerPrivateKey(der); } catch (...) { throw; } } bool netplus::ssl::loadServerPrivateKey(const std::vector<uint8_t>& der) { try { // ✅ Extract RSA key data from DER and load into selected bundle's RSA if (_selected_cert_bundle) { return _loadRsaFromDer(der, _selected_cert_bundle->rsa_key); } return false; } catch (...) { throw; } } // ✅ Static helper: Extract RSA key from DER bytes and populate rsa object bool netplus::ssl::_loadRsaFromDer(const std::vector<uint8_t>& derData, netplus::rsa& out_rsa) { try { // Create a temporary x509cert just for parsing ASN.1 netplus::x509cert temp_cert; netplus::ASN1Node root; size_t used = temp_cert.parseInternal(derData.data(), derData.size(), root); if (used == 0) { netplus::NetException e; e[netplus::NetException::Error] << "failed parsing key DER ASN.1"; throw e; } std::vector<uint8_t> nBE, eBE, dBE; // Detect PKCS#8: bool looksPkcs8 = (root.tag == 0x30 && root.children.size() >= 3 && root.children[2].tag == 0x04 && root.children[2].data != nullptr && root.children[2].len > 0); bool isEcKey = false; if (looksPkcs8 && root.children.size() >= 2 && root.children[1].tag == 0x30) { const auto& algId = root.children[1]; if (algId.children.size() >= 1 && algId.children[0].tag == 0x06) { const auto& oid = algId.children[0]; isEcKey = isOidEcPublicKey(oid.data, oid.len); if (isEcKey && algId.children.size() >= 2 && algId.children[1].tag == 0x06) { const auto& curveOid = algId.children[1]; if (!isOidP256(curveOid.data, curveOid.len)) { isEcKey = false; } } } } if (isEcKey) { // EC keys not supported in CertificateBundle for now // (only RSA for TLS handshake signatures) return false; } bool ok = false; if (looksPkcs8) { netplus::ASN1Node inner; const auto& oct = root.children[2]; if (temp_cert.parseInternal(oct.data, oct.len, inner) == 0) { netplus::NetException e; e[netplus::NetException::Error] << "failed parsing PKCS#8 inner private key"; throw e; } ok = parsePkcs1RsaPrivateKeyDer(inner, nBE, eBE, dBE); } else { ok = parsePkcs1RsaPrivateKeyDer(root, nBE, eBE, dBE); } if (!ok || nBE.empty() || eBE.empty() || dBE.empty()) { netplus::NetException e; e[netplus::NetException::Error] << "failed extracting RSA key (n/e/d) from DER"; throw e; } // Install into output RSA object out_rsa.setRsaKeyFromRaw(nBE, eBE, dBE); std::cerr << "[SSL] _loadRsaFromDer: Successfully loaded RSA private key" << std::endl; return true; } catch (netplus::NetException&) { throw; } catch (...) { netplus::NetException e; e[netplus::NetException::Error] << "_loadRsaFromDer: unknown exception"; throw e; } } bool netplus::ssl::_popHandshakeMsg(std::vector<uint8_t>& out, uint8_t& type) { if (_rx_handshake_buf.size() < 4) return false; Loading
test/https_test.cpp +2 −2 Original line number Diff line number Diff line Loading @@ -109,8 +109,8 @@ int main() { netplus::ssl::CertificateBundle bundle1; bundle1.cert = cert; bundle1.privateKeyDer = std::vector<uint8_t>(test_key_der.begin(), test_key_der.end()); // Pre-load RSA key into bundle if (!netplus::ssl::_loadRsaFromDer(bundle1.privateKeyDer, bundle1.rsa_key)) { // Pre-load RSA key into bundle using the rsa::loadRsaFromDerFile static function if (!netplus::rsa::loadRsaFromDerFile(bundle1.privateKeyDer, bundle1.rsa_key)) { std::cerr << "Failed to load RSA key 1!" << std::endl; std::cerr.flush(); return 1; Loading