ipkn / crow

Crow is very fast and easy to use C++ micro web framework (inspired by Python Flask)
BSD 3-Clause "New" or "Revised" License
7.48k stars 891 forks source link

Does it possiable to hardcode the SSL private key inside the Crow? #291

Open LeonardPan opened 6 years ago

LeonardPan commented 6 years ago

I have such a ridiculous requirement: think about the scenario that I need to deploy and run the crow server on a customer's PC. And so dose the http clients(e.g. browsers, PC clients and so on).

Furthermore, the communication between web server and the clients has to be secured. It's not difficult to me to come up with the HTTPS solution. But as we all know that the HTTPS is based on the SSL library, which has a generated private key kept secretly on the disk of the server. Here came up with the problem, the server computer will be kept by the customer, which means he can get the private key easily and the SSL encryption mechanism will fail.

So here is the question, dose it possiable to hardcode the SSL private key inside the Crow? Or passing a hardcoding SSL private key to crow app? Standard call: app.port(18080).ssl_file("test.crt", "test.key").run(); A fancy call I need: app.port(18080).ssl_file("test.crt").ssl_secret_key("balabala").run();

LeonardPan commented 6 years ago

I have a possible solution now:

    std::ofstream wfile;
    wfile.open("example_vs.exe:secret.key");
    wfile << "this is a test.";
    wfile.close();

    std::ifstream rfile("example_vs.exe:secret.key");
    std::string line;
    if (rfile.is_open())
    {
        while (std::getline(rfile, line))
        {
            std::cout << line << std::endl;
        }
    }
    rfile.close();

The virtual path "example_vs.exe:secret.key" may work. Like this: app.port(18080).ssl_file("test.crt", "example_vs.exe:secret.key").run();

Wait for my test, I'll post the result back to this thread sooner or later.

LeonardPan commented 6 years ago
#define CROW_ENABLE_SSL
#include "crow.h"
#include <iostream>

int main()
{
    std::ofstream keyFile;
    keyFile.open("example_vs.exe:secret.key");
    keyFile << "-----BEGIN RSA PRIVATE KEY-----\n"
        "MIIEowIBAAKCAQEAnu4/AfOvQPRScPEnIDDkSqSthLR4TnTC5p1A6WYIZ/lH4txK\n"
        "9IxW1ks71Gm1ps8qexW9o6YIRj7BRXlJJ3X5tAiJXmcIOUxa4U6+H360C24J3sAi\n"
        "... balabal ...\n"
        "z/PniwKBgGMTI6B8h7ZvFNh82QDzysgsvOpaEo5Ri+q2VI3vnUdbsmtxRWPpxQlN\n"
        "ZxSfqU0AawiRvDP/cR3hhd1uH9MYkyQu2o5othsRmAtJ99m3sg205E6FR+bIIQbM\n"
        "hwnW9owQ8fxncoGZwvwo5PEESQ7ThDPcJ63vTzeUVLdL30idM/c4\n"
        "-----END RSA PRIVATE KEY-----\n";
    keyFile.close();

    crow::SimpleApp app;

    CROW_ROUTE(app, "/")
    ([]() {
        return "Hello world!";
    });

    try
    {
        app.port(18080).ssl_file("server.crt", "example_vs.exe:secret.key").run();
    }
    catch (boost::system::system_error boost_ex)
    {
        std::cout << boost_ex.what() << "   error code = " << boost_ex.code() << std::endl;
    }
    catch (std::exception ex)
    {
        std::cout << ex.what() << std::endl;
    }
}

It works! Please mark this issue fixed. Thanks.