43179a7ef4
Summary: RSocket plays nicely with Folly and OpenSSL. Flipper WebSocket-client uses SocketRocket which instead relies on Apple's NSInputStream and NSOutputStream types. SSL options can be set to secure the communication in both. Unfortunately, Apple APIs are a bit limited on the supported cryptographic formats it can accept as arguments. SSL options require the client certificate to be set in PKCS #12 format, contrary to the existing PEM format used by RSocket. This change adds a method to the ConnectionContext which converts and saves the client certificate in PKCS #12 format. The method is always expected to succeed as it will only be called once a valid client certificate is available. An unlikely failure will raise an exception. Reviewed By: fabiomassimo Differential Revision: D30074334 fbshipit-source-id: 91a475d080569cc339b649c7302b1f28793c7de7
35 lines
765 B
C++
35 lines
765 B
C++
/*
|
|
* Copyright (c) Facebook, Inc. and its affiliates.
|
|
*
|
|
* This source code is licensed under the MIT license found in the
|
|
* LICENSE file in the root directory of this source tree.
|
|
*/
|
|
|
|
#ifndef CertificateUtils_hpp
|
|
#define CertificateUtils_hpp
|
|
|
|
#include <openssl/pem.h>
|
|
#include <openssl/rsa.h>
|
|
#include <stdio.h>
|
|
|
|
namespace facebook {
|
|
namespace flipper {
|
|
|
|
bool generateCertSigningRequest(
|
|
const char* appId,
|
|
const char* csrFile,
|
|
const char* privateKeyFile);
|
|
|
|
bool generateCertPKCS12(
|
|
const char* caCertificateFile,
|
|
const char* certificateFile,
|
|
const char* keyFile,
|
|
const char* pkcs12File,
|
|
const char* pkcs12Name,
|
|
const char* pkcs12Password);
|
|
|
|
} // namespace flipper
|
|
} // namespace facebook
|
|
|
|
#endif /* CertificateUtils_hpp */
|