From dac4d486ecb27baeedef7fd8d14d52c98629de56 Mon Sep 17 00:00:00 2001 From: Ryan Dahl Date: Wed, 8 Dec 2010 12:49:53 -0800 Subject: [PATCH] Accept Buffers as well as strings for addCert, addKey --- src/node_crypto.cc | 112 +++++++++++++++----------- test/simple/test-tls-server-verify.js | 2 +- 2 files changed, 64 insertions(+), 50 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 7b3b76b349..4ef6874eaf 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -108,34 +108,76 @@ Handle SecureContext::Init(const Arguments& args) { } -Handle SecureContext::SetKey(const Arguments& args) { +// Takes a string or buffer and loads it into a BIO. +// Caller responsible for BIO_free-ing the returned object. +static BIO* LoadBIO (Handle v) { + BIO *bio = BIO_new(BIO_s_mem()); + if (!bio) return NULL; + HandleScope scope; - SecureContext *sc = ObjectWrap::Unwrap(args.Holder()); + int r; - if (args.Length() != 1 || !args[0]->IsString()) { - return ThrowException(Exception::TypeError(String::New("Bad parameter"))); + if (v->IsString()) { + String::Utf8Value s(v->ToString()); + r = BIO_write(bio, *s, s.length()); + } else if (Buffer::HasInstance(v)) { + Local buffer_obj = v->ToObject(); + char *buffer_data = Buffer::Data(buffer_obj); + size_t buffer_length = Buffer::Length(buffer_obj); + r = BIO_write(bio, buffer_data, buffer_length); + } + + if (r <= 0) { + BIO_free(bio); + return NULL; } - String::Utf8Value key_pem(args[0]->ToString()); + return bio; +} + - BIO *bp = BIO_new(BIO_s_mem()); +// Takes a string or buffer and loads it into an X509 +// Caller responsible for X509_free-ing the returned object. +static X509* LoadX509 (Handle v) { + HandleScope scope; // necessary? - if (!BIO_write(bp, *key_pem, key_pem.length())) { - BIO_free(bp); - return False(); + BIO *bio = LoadBIO(v); + if (!bio) return NULL; + + X509 * x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL); + if (!x509) { + BIO_free(bio); + return NULL; } - EVP_PKEY* pkey = PEM_read_bio_PrivateKey(bp, NULL, NULL, NULL); + BIO_free(bio); + return x509; +} + - if (pkey == NULL) { - BIO_free(bp); +Handle SecureContext::SetKey(const Arguments& args) { + HandleScope scope; + + SecureContext *sc = ObjectWrap::Unwrap(args.Holder()); + + if (args.Length() != 1) { + return ThrowException(Exception::TypeError(String::New("Bad parameter"))); + } + + BIO *bio = LoadBIO(args[0]); + if (!bio) return False(); + + EVP_PKEY* key = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL); + + if (!key) { + BIO_free(bio); return False(); } - SSL_CTX_use_PrivateKey(sc->ctx_, pkey); - BIO_free(bp); - // XXX Free pkey? + SSL_CTX_use_PrivateKey(sc->ctx_, key); + BIO_free(bio); + // XXX Free key? return True(); } @@ -146,30 +188,15 @@ Handle SecureContext::SetCert(const Arguments& args) { SecureContext *sc = ObjectWrap::Unwrap(args.Holder()); - if (args.Length() != 1 || - !args[0]->IsString()) { + if (args.Length() != 1) { return ThrowException(Exception::TypeError( String::New("Bad parameter"))); } - String::Utf8Value cert_pem(args[0]->ToString()); - - BIO *bp = BIO_new(BIO_s_mem()); - - if (!BIO_write(bp, *cert_pem, cert_pem.length())) { - BIO_free(bp); - return False(); - } - X509 * x509 = PEM_read_bio_X509(bp, NULL, NULL, NULL); - - if (x509 == NULL) { - BIO_free(bp); - return False(); - } + X509* x509 = LoadX509(args[0]); + if (!x509) return False(); SSL_CTX_use_certificate(sc->ctx_, x509); - - BIO_free(bp); X509_free(x509); return True(); @@ -181,28 +208,15 @@ Handle SecureContext::AddCACert(const Arguments& args) { SecureContext *sc = ObjectWrap::Unwrap(args.Holder()); - if (args.Length() != 1 || !args[0]->IsString()) { + if (args.Length() != 1) { return ThrowException(Exception::TypeError(String::New("Bad parameter"))); } - String::Utf8Value cert_pem(args[0]->ToString()); - - BIO *bp = BIO_new(BIO_s_mem()); - - if (!BIO_write(bp, *cert_pem, cert_pem.length())) { - BIO_free(bp); - return False(); - } - - X509 *x509 = PEM_read_bio_X509(bp, NULL, NULL, NULL); - if (x509 == NULL) { - BIO_free(bp); - return False(); - } + X509* x509 = LoadX509(args[0]); + if (!x509) return False(); X509_STORE_add_cert(sc->ca_store_, x509); - BIO_free(bp); X509_free(x509); return True(); diff --git a/test/simple/test-tls-server-verify.js b/test/simple/test-tls-server-verify.js index cc5539ec36..a1decbd29b 100644 --- a/test/simple/test-tls-server-verify.js +++ b/test/simple/test-tls-server-verify.js @@ -70,7 +70,7 @@ function filenamePEM(n) { function loadPEM(n) { - return fs.readFileSync(filenamePEM(n)).toString(); + return fs.readFileSync(filenamePEM(n)); }