Export/import X509 certificates to PEM format (#1913)

* Export/import X509 certificate from/to PEM

* - Add tests
- Add doxygen documentation

* Fix typos

Author: seladb

Packet++/header/X509Decoder.h

@@ -766,6 +766,19 @@ namespace pcpp
 		/// @throws An exception if the file doesn't exist, cannot be read or contains invalid data
 		static std::unique_ptr<X509Certificate> fromDERFile(const std::string& derFileName);
 
+		/// Creates an X509Certificate from PEM-encoded data
+		/// @param[in] pemData PEM-encoded certificate data
+		/// @return A unique pointer to the created X509Certificate
+		/// @throws std::invalid_argument exception if the data is not a valid PEM-encoded certificate
+		static std::unique_ptr<X509Certificate> fromPEM(const std::string& pemData);
+
+		/// Creates an X509Certificate from a file containing PEM-encoded data
+		/// @param[in] pemFileName Path to the file containing PEM-encoded certificate
+		/// @return A unique pointer to the created X509Certificate
+		/// @throws std::runtime_error exception if the file doesn't exist or cannot be read
+		/// @throws std::invalid_argument exception if the data is not a valid PEM-encoded certificate
+		static std::unique_ptr<X509Certificate> fromPEMFile(const std::string& pemFileName);
+
 		/// Gets the version of the certificate
 		/// @return The X509Version of the certificate
 		X509Version getVersion() const;
@@ -824,6 +837,10 @@ namespace pcpp
 		/// @return A byte vector containing the DER-encoded data
 		std::vector<uint8_t> toDER() const;
 
+		/// Converts the certificate to PEM-encoded format
+		/// @return A string containing the PEM-encoded data
+		std::string toPEM() const;
+
 		/// Converts the certificate to a JSON string representation
 		/// @param[in] indent Number of spaces to use for indentation (-1 for no pretty printing)
 		/// @return A JSON string representation of the certificate
@@ -847,5 +864,7 @@ namespace pcpp
 		mutable std::vector<X509Extension> m_Extensions;
 		mutable bool m_ExtensionsParsed = false;
 		std::unique_ptr<uint8_t[]> m_DerData;
+
+		static constexpr const char* certificatePemLabel = "CERTIFICATE";
 	};
 }  // namespace pcpp

Packet++/src/X509Decoder.cpp

@@ -1,6 +1,7 @@
 #include "X509Decoder.h"
 #include "Asn1Codec.h"
 #include "GeneralUtils.h"
+#include "PemCodec.h"
 #include "json.hpp"
 #include <fstream>
 #include <unordered_map>
@@ -971,6 +972,40 @@ namespace pcpp
 		return std::unique_ptr<X509Certificate>(new X509Certificate(std::move(derData), derDataLen));
 	}
 
+	std::unique_ptr<X509Certificate> X509Certificate::fromPEM(const std::string& pemData)
+	{
+		auto derData = PemCodec::decode(pemData, certificatePemLabel);
+		std::unique_ptr<uint8_t[]> derDataBuffer(new uint8_t[derData.size()]);
+		std::copy(derData.begin(), derData.end(), derDataBuffer.get());
+		return std::unique_ptr<X509Certificate>(new X509Certificate(std::move(derDataBuffer), derData.size()));
+	}
+
+	std::unique_ptr<X509Certificate> X509Certificate::fromPEMFile(const std::string& pemFileName)
+	{
+		std::ifstream pemFile(pemFileName, std::ios::in | std::ios::binary);
+		if (!pemFile.good())
+		{
+			throw std::runtime_error("PEM file doesn't exist or cannot be opened");
+		}
+
+		pemFile.seekg(0, std::ios::end);
+		std::streamsize pemContentLen = pemFile.tellg();
+		if (pemContentLen < 0)
+		{
+			throw std::runtime_error("Failed to determine PEM file size");
+		}
+		pemFile.seekg(0, std::ios::beg);
+
+		std::string pemContent;
+		pemContent.resize(static_cast<std::size_t>(pemContentLen));
+		if (!pemFile.read(&pemContent[0], pemContentLen))
+		{
+			throw std::runtime_error("Failed to read PEM file");
+		}
+
+		return fromPEM(pemContent);
+	}
+
 	X509Version X509Certificate::getVersion() const
 	{
 		return m_TBSCertificate.getVersion();
@@ -1068,6 +1103,11 @@ namespace pcpp
 		return m_X509Internal->encode();
 	}
 
+	std::string X509Certificate::toPEM() const
+	{
+		return PemCodec::encode(m_X509Internal->encode(), certificatePemLabel);
+	}
+
 	std::string X509Certificate::toJson(int indent) const
 	{
 		auto extensions = nlohmann::ordered_json::array();

Tests/Packet++Test/PacketExamples/x509_cert_chatgpt.pem

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDpzCCA0ygAwIBAgIRAI98/hCe+ph/EWgS4ZgAhJcwCgYIKoZIzj0EAwIwOzEL
+MAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEMMAoG
+A1UEAxMDV0UxMB4XDTI1MDYwMTAwNDU0M1oXDTI1MDgzMDAxNDUzOVowFjEUMBIG
+A1UEAxMLY2hhdGdwdC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQbb9p/
+fexDlq6DFwH3ks4KGFAYc5/kJ1tL1LZCuJwBMpQx02n0LcqeuYY1UyBq2UXmAxMM
+/ZRRVSGEBm/fW7mZo4ICVDCCAlAwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG
+CCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJudysWJUhKe/wXlhjfw
+nWrOLQqWMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUF
+BwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvajN3
+MCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCUGA1UdEQQe
+MByCC2NoYXRncHQuY29tgg0qLmNoYXRncHQuY29tMBMGA1UdIAQMMAowCAYGZ4EM
+AQIBMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jLnBraS5nb29nL3dlMS9EUDJQ
+Uzh6UW5Wcy5jcmwwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgAS8U40vVNyTIQG
+GcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZcpKo0ZAAAEAwBHMEUCIQDG0omkHJ1j
+58VJxETXJNXHgob8t1O3HKDQcDd8dFJuPAIgQ/OkVI9FMLAEHNB6N/BeU/eWDbgA
+udw0RytVoruF45oAdwAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAA
+AZcpKo0mAAAEAwBIMEYCIQC3HRsfCw3UUGrK+o/dPf9lsONitH7V7cqYx5v8HqSc
+IQIhAJ7aj827Kpha2y+NA436TmDrurPa8Cfvojbic/xBICGOMAoGCCqGSM49BAMC
+A0kAMEYCIQDfBtqCdYOeZduS2KF7XjyN6NZh6TnOLuVZkvOPCk9D9QIhAI/fE7Gl
+4BD14XuGllB9qGPdGGfUfpTyG6ZAxulgdhFg
+-----END CERTIFICATE-----

Tests/Packet++Test/Tests/X509Tests.cpp

@@ -175,16 +175,46 @@ PTF_TEST_CASE(X509ParsingTest)
 	    "308203a73082034ca0030201020211008f7cfe109efa987f116812e198008497300a06082a8648ce3d040302303b310b3009060355040613025553311e301c060355040a1315476f6f676c65205472757374205365727669636573310c300a06035504031303574531301e170d3235303630313030343534335a170d3235303833303031343533395a3016311430120603550403130b636861746770742e636f6d3059301306072a8648ce3d020106082a8648ce3d030107034200041b6fda7f7dec4396ae831701f792ce0a185018739fe4275b4bd4b642b89c01329431d369f42dca9eb9863553206ad945e603130cfd9451552184066fdf5bb999a382025430820250300e0603551d0f0101ff04040302078030130603551d25040c300a06082b06010505070301300c0603551d130101ff04023000301d0603551d0e041604149b9dcac58952129eff05e58637f09d6ace2d0a96301f0603551d230418301680149077923567c4ffa8cca9e67bd980797bcc93f938305e06082b0601050507010104523050302706082b06010505073001861b687474703a2f2f6f2e706b692e676f6f672f732f7765312f6a3377302506082b060105050730028619687474703a2f2f692e706b692e676f6f672f7765312e63727430250603551d11041e301c820b636861746770742e636f6d820d2a2e636861746770742e636f6d30130603551d20040c300a3008060667810c01020130360603551d1f042f302d302ba029a0278625687474703a2f2f632e706b692e676f6f672f7765312f4450325053387a516e56732e63726c30820105060a2b06010401d6790204020481f60481f300f100760012f14e34bd53724c840619c38f3f7a13f8e7b56287889c6d300584ebe586263a00000197292a8d190000040300473045022100c6d289a41c9d63e7c549c444d724d5c78286fcb753b71ca0d070377c74526e3c022043f3a4548f4530b0041cd07a37f05e53f7960db800b9dc34472b55a2bb85e39a0077000de1f2302bd30dc140621209ea552efc47747cb1d7e930ef0e421eb47e4eaa3400000197292a8d260000040300483046022100b71d1b1f0b0dd4506acafa8fdd3dff65b0e362b47ed5edca98c79bfc1ea49c210221009eda8fcdbb2a985adb2f8d038dfa4e60ebbab3daf027efa236e273fc4120218e300a06082a8648ce3d0403020349003046022100df06da8275839e65db92d8a17b5e3c8de8d661e939ce2ee55992f38f0a4f43f50221008fdf13b1a5e010f5e17b8696507da863dd1867d47e94f21ba640c6e960761160";
 	uint8_t derData[5000];
 	auto derDataLen = pcpp::hexStringToByteArray(derDataString, derData, 5000);
-
-	auto x509CertFromString = pcpp::X509Certificate::fromDER(derDataString);
+	std::string pemDataString = R"(-----BEGIN CERTIFICATE-----
+MIIDpzCCA0ygAwIBAgIRAI98/hCe+ph/EWgS4ZgAhJcwCgYIKoZIzj0EAwIwOzEL
+MAkGA1UEBhMCVVMxHjAcBgNVBAoTFUdvb2dsZSBUcnVzdCBTZXJ2aWNlczEMMAoG
+A1UEAxMDV0UxMB4XDTI1MDYwMTAwNDU0M1oXDTI1MDgzMDAxNDUzOVowFjEUMBIG
+A1UEAxMLY2hhdGdwdC5jb20wWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQbb9p/
+fexDlq6DFwH3ks4KGFAYc5/kJ1tL1LZCuJwBMpQx02n0LcqeuYY1UyBq2UXmAxMM
+/ZRRVSGEBm/fW7mZo4ICVDCCAlAwDgYDVR0PAQH/BAQDAgeAMBMGA1UdJQQMMAoG
+CCsGAQUFBwMBMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFJudysWJUhKe/wXlhjfw
+nWrOLQqWMB8GA1UdIwQYMBaAFJB3kjVnxP+ozKnme9mAeXvMk/k4MF4GCCsGAQUF
+BwEBBFIwUDAnBggrBgEFBQcwAYYbaHR0cDovL28ucGtpLmdvb2cvcy93ZTEvajN3
+MCUGCCsGAQUFBzAChhlodHRwOi8vaS5wa2kuZ29vZy93ZTEuY3J0MCUGA1UdEQQe
+MByCC2NoYXRncHQuY29tgg0qLmNoYXRncHQuY29tMBMGA1UdIAQMMAowCAYGZ4EM
+AQIBMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jLnBraS5nb29nL3dlMS9EUDJQ
+Uzh6UW5Wcy5jcmwwggEFBgorBgEEAdZ5AgQCBIH2BIHzAPEAdgAS8U40vVNyTIQG
+GcOPP3oT+Oe1YoeInG0wBYTr5YYmOgAAAZcpKo0ZAAAEAwBHMEUCIQDG0omkHJ1j
+58VJxETXJNXHgob8t1O3HKDQcDd8dFJuPAIgQ/OkVI9FMLAEHNB6N/BeU/eWDbgA
+udw0RytVoruF45oAdwAN4fIwK9MNwUBiEgnqVS78R3R8sdfpMO8OQh60fk6qNAAA
+AZcpKo0mAAAEAwBIMEYCIQC3HRsfCw3UUGrK+o/dPf9lsONitH7V7cqYx5v8HqSc
+IQIhAJ7aj827Kpha2y+NA436TmDrurPa8Cfvojbic/xBICGOMAoGCCqGSM49BAMC
+A0kAMEYCIQDfBtqCdYOeZduS2KF7XjyN6NZh6TnOLuVZkvOPCk9D9QIhAI/fE7Gl
+4BD14XuGllB9qGPdGGfUfpTyG6ZAxulgdhFg
+-----END CERTIFICATE-----
+)";
+
+	auto x509CertFromDerString = pcpp::X509Certificate::fromDER(derDataString);
 	auto x509CertFromDerData = pcpp::X509Certificate::fromDER(derData, derDataLen);
+	auto x509CertFromPemData = pcpp::X509Certificate::fromPEM(pemDataString);
+	auto x509CertFromPemFile = pcpp::X509Certificate::fromPEMFile("PacketExamples/x509_cert_chatgpt.pem");
 
-	PTF_ASSERT_EQUAL(x509CertFromString->toJson(), expectedJson);
+	PTF_ASSERT_EQUAL(x509CertFromDerString->toJson(), expectedJson);
 	PTF_ASSERT_EQUAL(x509CertFromDerData->toJson(), expectedJson);
+	PTF_ASSERT_EQUAL(x509CertFromPemData->toJson(), expectedJson);
+	PTF_ASSERT_EQUAL(x509CertFromPemFile->toJson(), expectedJson);
 
 	auto certDerData = x509Certificate->toDER();
 	PTF_ASSERT_EQUAL(certDerData.size(), derDataLen)
 	PTF_ASSERT_BUF_COMPARE(certDerData.data(), derData, derDataLen);
+
+	auto certPemData = x509Certificate->toPEM();
+	PTF_ASSERT_EQUAL(certPemData, pemDataString);
 }
 
 PTF_TEST_CASE(X509VariantsParsingTest)
@@ -348,6 +378,12 @@ PTF_TEST_CASE(X509InvalidDataTest)
 		PTF_ASSERT_RAISES(pcpp::X509Certificate::fromDERFile("PacketExamples/missing_file.der"), std::runtime_error,
 		                  "DER file doesn't exist or cannot be opened");
 	}
+
+	// PEM file doesn't exist
+	{
+		PTF_ASSERT_RAISES(pcpp::X509Certificate::fromPEMFile("PacketExamples/missing_file.pem"), std::runtime_error,
+		                  "PEM file doesn't exist or cannot be opened");
+	}
 }
 
 PTF_TEST_CASE(X509ExtensionDataTest)

typos-config.toml

@@ -38,6 +38,7 @@ pinter = "pinter"
 helo = "helo"
 hom = "hom"
 pn = "pn"
+ND = "ND"
 
 [type.make]
 extend-glob = []