| 1032 | } |
| 1033 | |
| 1034 | void TSSLSocketFactory::loadPrivateKeyFromBuffer(const char* aPrivateKey, const char* format) { |
| 1035 | if (aPrivateKey == nullptr || format == nullptr) { |
| 1036 | throw TTransportException(TTransportException::BAD_ARGS, |
| 1037 | "loadPrivateKey: either <path> or <format> is nullptr"); |
| 1038 | } |
| 1039 | if (strcmp(format, "PEM") == 0) { |
| 1040 | EVP_PKEY* cert; |
| 1041 | BIO* mem; |
| 1042 | |
| 1043 | mem = BIO_new(BIO_s_mem()); |
| 1044 | BIO_puts(mem, aPrivateKey); |
| 1045 | cert = PEM_read_bio_PrivateKey(mem, nullptr, nullptr, nullptr); |
| 1046 | |
| 1047 | BIO_free(mem); |
| 1048 | const int status = SSL_CTX_use_PrivateKey(ctx_->get(), cert); |
| 1049 | EVP_PKEY_free(cert); |
| 1050 | |
| 1051 | if (status == 0) { |
| 1052 | int errno_copy = THRIFT_GET_SOCKET_ERROR; |
| 1053 | string errors; |
| 1054 | buildErrors(errors, errno_copy); |
| 1055 | throw TSSLException("SSL_CTX_use_PrivateKey: " + errors); |
| 1056 | } |
| 1057 | } else { |
| 1058 | throw TSSLException("Unsupported certificate format: " + string(format)); |
| 1059 | } |
| 1060 | } |
| 1061 | |
| 1062 | void TSSLSocketFactory::loadTrustedCertificates(const char* path, const char* capath) { |
| 1063 | if (path == nullptr) { |