Implement SSL_use_PrivateKey & SSL_use_certificate

ctz · ctz · commit 9c13e8e4ac6a · 2024-04-10T17:21:47.000+01:00
diff --git a/rustls-libssl/MATRIX.md b/rustls-libssl/MATRIX.md
@@ -485,14 +485,14 @@
 | `SSL_test_functions` [^unit_test] |  |  |  |
 | `SSL_trace` [^ssl_trace] |  |  |  |
 | `SSL_up_ref`  |  |  | :white_check_mark: |
-| `SSL_use_PrivateKey`  |  | :white_check_mark: |  |
+| `SSL_use_PrivateKey`  |  | :white_check_mark: | :white_check_mark: |
 | `SSL_use_PrivateKey_ASN1`  |  |  |  |
 | `SSL_use_PrivateKey_file`  |  |  |  |
 | `SSL_use_RSAPrivateKey` [^deprecatedin_3_0] |  |  |  |
 | `SSL_use_RSAPrivateKey_ASN1` [^deprecatedin_3_0] |  |  |  |
 | `SSL_use_RSAPrivateKey_file` [^deprecatedin_3_0] |  |  |  |
 | `SSL_use_cert_and_key`  |  |  |  |
-| `SSL_use_certificate`  |  | :white_check_mark: |  |
+| `SSL_use_certificate`  |  | :white_check_mark: | :white_check_mark: |
 | `SSL_use_certificate_ASN1`  |  |  |  |
 | `SSL_use_certificate_chain_file`  |  |  |  |
 | `SSL_use_certificate_file`  |  |  |  |
diff --git a/rustls-libssl/build.rs b/rustls-libssl/build.rs
@@ -151,6 +151,8 @@ const ENTRYPOINTS: &[&str] = &[
     "SSL_set_SSL_CTX",
     "SSL_shutdown",
     "SSL_up_ref",
+    "SSL_use_certificate",
+    "SSL_use_PrivateKey",
     "SSL_want",
     "SSL_write",
     "TLS_client_method",
diff --git a/rustls-libssl/src/entry.rs b/rustls-libssl/src/entry.rs
@@ -1114,6 +1114,49 @@ entry! {
     }
 }
 
+entry! {
+    pub fn _SSL_use_certificate(ssl: *mut SSL, x: *mut X509) -> c_int {
+        let ssl = try_clone_arc!(ssl);
+
+        if x.is_null() {
+            return Error::null_pointer().raise().into();
+        }
+
+        let x509 = OwnedX509::new_incref(x);
+        let ee = CertificateDer::from(x509.der_bytes());
+
+        match ssl
+            .lock()
+            .map_err(|_| Error::cannot_lock())
+            .map(|mut ssl| ssl.stage_certificate_end(ee))
+        {
+            Err(e) => e.raise().into(),
+            Ok(()) => C_INT_SUCCESS,
+        }
+    }
+}
+
+entry! {
+    pub fn _SSL_use_PrivateKey(ssl: *mut SSL, pkey: *mut EVP_PKEY) -> c_int {
+        let ssl = try_clone_arc!(ssl);
+
+        if pkey.is_null() {
+            return Error::null_pointer().raise().into();
+        }
+
+        let pkey = EvpPkey::new_incref(pkey);
+
+        match ssl
+            .lock()
+            .map_err(|_| Error::cannot_lock())
+            .and_then(|mut ssl| ssl.commit_private_key(pkey))
+        {
+            Err(e) => e.raise().into(),
+            Ok(()) => C_INT_SUCCESS,
+        }
+    }
+}
+
 impl Castable for SSL {
     type Ownership = OwnershipArc;
     type RustType = Mutex<SSL>;
