Merge pull request #75721 from ScorpionInc/Expose_String_functions_for_X509Certificate

Exposes String functions for X509Certificates

core/crypto/crypto.cpp

@@ -63,6 +63,8 @@ X509Certificate *X509Certificate::create() {
 void X509Certificate::_bind_methods() {
 	ClassDB::bind_method(D_METHOD("save", "path"), &X509Certificate::save);
 	ClassDB::bind_method(D_METHOD("load", "path"), &X509Certificate::load);
+	ClassDB::bind_method(D_METHOD("save_to_string"), &X509Certificate::save_to_string);
+	ClassDB::bind_method(D_METHOD("load_from_string", "string"), &X509Certificate::load_from_string);
 }
 
 /// TLSOptions

core/crypto/crypto.h

@@ -65,6 +65,8 @@ public:
 	virtual Error load(String p_path) = 0;
 	virtual Error load_from_memory(const uint8_t *p_buffer, int p_len) = 0;
 	virtual Error save(String p_path) = 0;
+	virtual String save_to_string() = 0;
+	virtual Error load_from_string(const String &string) = 0;
 };
 
 class TLSOptions : public RefCounted {

doc/classes/X509Certificate.xml

@@ -17,6 +17,13 @@
 				Loads a certificate from [param path] ("*.crt" file).
 			</description>
 		</method>
+		<method name="load_from_string">
+			<return type="int" enum="Error" />
+			<param index="0" name="string" type="String" />
+			<description>
+				Loads a certificate from the given [param string].
+			</description>
+		</method>
 		<method name="save">
 			<return type="int" enum="Error" />
 			<param index="0" name="path" type="String" />
@@ -24,5 +31,11 @@
 				Saves a certificate to the given [param path] (should be a "*.crt" file).
 			</description>
 		</method>
+		<method name="save_to_string">
+			<return type="String" />
+			<description>
+				Returns a string representation of the certificate, or an empty string if the certificate is invalid.
+			</description>
+		</method>
 	</methods>
 </class>

modules/mbedtls/crypto_mbedtls.cpp

@@ -42,6 +42,7 @@
 #endif
 #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n"
 #define PEM_END_CRT "-----END CERTIFICATE-----\n"
+#define PEM_MIN_SIZE 54
 
 #include <mbedtls/debug.h>
 #include <mbedtls/md.h>
@@ -181,6 +182,35 @@ Error X509CertificateMbedTLS::save(String p_path) {
 	return OK;
 }
 
+String X509CertificateMbedTLS::save_to_string() {
+	String buffer;
+	mbedtls_x509_crt *crt = &cert;
+	while (crt) {
+		unsigned char w[4096];
+		size_t wrote = 0;
+		int ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, cert.raw.p, cert.raw.len, w, sizeof(w), &wrote);
+		ERR_FAIL_COND_V_MSG(ret != 0 || wrote == 0, String(), "Error saving the certificate.");
+
+		buffer += String((char *)w, wrote);
+		crt = crt->next;
+	}
+	if (buffer.length() <= PEM_MIN_SIZE) {
+		// When the returned value of variable 'buffer' would consist of no Base-64 data, return an empty String instead.
+		return String();
+	}
+	return buffer;
+}
+
+Error X509CertificateMbedTLS::load_from_string(const String &p_string_key) {
+	ERR_FAIL_COND_V_MSG(locks, ERR_ALREADY_IN_USE, "Certificate is in use");
+	CharString cs = p_string_key.utf8();
+
+	int ret = mbedtls_x509_crt_parse(&cert, (const unsigned char *)cs.get_data(), cs.size());
+	ERR_FAIL_COND_V_MSG(ret, FAILED, "Error parsing some certificates: " + itos(ret));
+
+	return OK;
+}
+
 bool HMACContextMbedTLS::is_md_type_allowed(mbedtls_md_type_t p_md_type) {
 	switch (p_md_type) {
 		case MBEDTLS_MD_SHA1:

modules/mbedtls/crypto_mbedtls.h

@@ -85,6 +85,8 @@ public:
 	virtual Error load(String p_path);
 	virtual Error load_from_memory(const uint8_t *p_buffer, int p_len);
 	virtual Error save(String p_path);
+	virtual String save_to_string();
+	virtual Error load_from_string(const String &p_string_key);
 
 	X509CertificateMbedTLS() {
 		mbedtls_x509_crt_init(&cert);