Set EVP private key on SSL context (#2259)

pocoproject · Jun 3, 2018 · 490a8ca · 490a8ca
1 parent 5665230
commit 490a8ca
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 0 deletions.
diff --git a/NetSSL_OpenSSL/include/Poco/Net/Context.h b/NetSSL_OpenSSL/include/Poco/Net/Context.h
@@ -21,6 +21,7 @@
 #include "Poco/Net/NetSSL.h"
 #include "Poco/Net/SocketDefs.h"
 #include "Poco/Crypto/X509Certificate.h"
+#include "Poco/Crypto/EVPPKey.h"
 #include "Poco/Crypto/RSAKey.h"
 #include "Poco/RefCountedObject.h"
 #include "Poco/AutoPtr.h"
@@ -236,6 +237,16 @@ class NetSSL_API Context: public Poco::RefCountedObject
 		/// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired
 		/// event must be handled.
 
+	void usePrivateKey(const Poco::Crypto::EVPPKey &pkey);
+		/// Sets the private key to be used by the Context.
+		///
+		/// Note that useCertificate() must always be called before
+		/// usePrivateKey().
+		///
+		/// Note: If the private key is protected by a passphrase, a PrivateKeyPassphraseHandler
+		/// must have been setup with the SSLManager, or the SSLManager's PrivateKeyPassphraseRequired
+		/// event must be handled.
+
 	SSL_CTX* sslContext() const;
 		/// Returns the underlying OpenSSL SSL Context object.
 

diff --git a/NetSSL_OpenSSL/src/Context.cpp b/NetSSL_OpenSSL/src/Context.cpp
@@ -237,6 +237,17 @@ void Context::usePrivateKey(const Poco::Crypto::RSAKey& key)
 }
 
 
+void Context::usePrivateKey(const Poco::Crypto::EVPPKey& pkey)
+{
+	int errCode = SSL_CTX_use_PrivateKey(_pSSLContext, const_cast<EVP_PKEY*>(static_cast<const EVP_PKEY*>(pkey)));
+	if (errCode != 1)
+	{
+		std::string msg = Utility::getLastError();
+		throw SSLContextException("Cannot set private key for Context", msg);
+	}
+}
+
+
 void Context::enableSessionCache(bool flag)
 {
 	if (flag)