Ark Server API (ASA) - Wiki
Loading...
Searching...
No Matches
KeyChainUtilities.h
Go to the documentation of this file.
1// Copyright Epic Games, Inc. All Rights Reserved.
2
3#pragma once
4
5// HEADER_UNIT_UNSUPPORTED - Includes JsonSerializer.h which is not in Core module
6
7#include "CoreMinimal.h"
8#include "HAL/FileManager.h"
9#include "Misc/AES.h"
10#include "Misc/IEngineCrypto.h"
11#include "Misc/CoreDelegates.h"
12#include "Misc/Base64.h"
13#include "Serialization/Archive.h"
14#include "Serialization/JsonSerializer.h"
15#include "RSA.h"
16
17struct FNamedAESKey
18{
19 FString Name;
20 FGuid Guid;
21 FAES::FAESKey Key;
22
23 bool IsValid() const
24 {
25 return Key.IsValid();
26 }
27};
28
29struct FKeyChain
30{
31public:
32
33 FKeyChain() = default;
34
35 FKeyChain(const FKeyChain& Other)
36 {
37 SetSigningKey(Other.GetSigningKey());
38 SetEncryptionKeys(Other.GetEncryptionKeys());
39
40 if (Other.GetPrincipalEncryptionKey())
41 {
42 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
43 }
44 }
45
46 FKeyChain(FKeyChain&& Other)
47 {
48 SetSigningKey(Other.GetSigningKey());
49 SetEncryptionKeys(MoveTemp(Other.GetEncryptionKeys()));
50
51 if (Other.GetPrincipalEncryptionKey())
52 {
53 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
54 }
55
56 Other.SetSigningKey(InvalidRSAKeyHandle);
57 Other.SetPrincipalEncryptionKey(nullptr);
58 Other.SetEncryptionKeys(TMap<FGuid, FNamedAESKey>());
59 }
60
61 FKeyChain& operator=(const FKeyChain& Other)
62 {
63 SetSigningKey(Other.GetSigningKey());
64 SetEncryptionKeys(Other.GetEncryptionKeys());
65
66 if (Other.GetPrincipalEncryptionKey())
67 {
68 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
69 }
70 else
71 {
72 SetPrincipalEncryptionKey(nullptr);
73 }
74
75 return *this;
76 }
77
78 FKeyChain& operator=(FKeyChain&& Other)
79 {
80 SetSigningKey(Other.GetSigningKey());
81 SetEncryptionKeys(MoveTemp(Other.GetEncryptionKeys()));
82
83 if (Other.GetPrincipalEncryptionKey())
84 {
85 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
86 }
87 else
88 {
89 SetPrincipalEncryptionKey(nullptr);
90 }
91
92 Other.SetSigningKey(InvalidRSAKeyHandle);
93 Other.SetPrincipalEncryptionKey(nullptr);
94 Other.SetEncryptionKeys(TMap<FGuid, FNamedAESKey>());
95
96 return *this;
97 }
98
99 PRAGMA_DISABLE_DEPRECATION_WARNINGS
100 FRSAKeyHandle GetSigningKey() const { return SigningKey; }
101 void SetSigningKey(FRSAKeyHandle key) { SigningKey = key; }
102
103 const FNamedAESKey* GetPrincipalEncryptionKey() const { return MasterEncryptionKey; }
104 void SetPrincipalEncryptionKey(const FNamedAESKey* key) { MasterEncryptionKey =key; }
105
106 const TMap<FGuid, FNamedAESKey>& GetEncryptionKeys() const { return EncryptionKeys; }
107 TMap<FGuid, FNamedAESKey>& GetEncryptionKeys() { return EncryptionKeys; }
108
109 void SetEncryptionKeys(const TMap<FGuid, FNamedAESKey>& keys) { EncryptionKeys = keys; }
110 PRAGMA_ENABLE_DEPRECATION_WARNINGS
111
112 UE_DEPRECATED(5.1, "Use Get/SetSigningKey instead")
113 FRSAKeyHandle SigningKey = InvalidRSAKeyHandle;
114
115 UE_DEPRECATED(5.1, "Use GetEncryptionKeys instead")
116 TMap<FGuid, FNamedAESKey> EncryptionKeys;
117
118 UE_DEPRECATED(5.1, "Use Get/SetPrincipalEncryptionKey instead")
119 const FNamedAESKey* MasterEncryptionKey = nullptr;
120};
121
122
123namespace KeyChainUtilities
124{
125 static FRSAKeyHandle ParseRSAKeyFromJson(TSharedPtr<FJsonObject> InObj)
126 {
127 TSharedPtr<FJsonObject> PublicKey = InObj->GetObjectField(TEXT("PublicKey"));
128 TSharedPtr<FJsonObject> PrivateKey = InObj->GetObjectField(TEXT("PrivateKey"));
129
130 FString PublicExponentBase64, PrivateExponentBase64, PublicModulusBase64, PrivateModulusBase64;
131
132 if (PublicKey->TryGetStringField("Exponent", PublicExponentBase64)
133 && PublicKey->TryGetStringField("Modulus", PublicModulusBase64)
134 && PrivateKey->TryGetStringField("Exponent", PrivateExponentBase64)
135 && PrivateKey->TryGetStringField("Modulus", PrivateModulusBase64))
136 {
137 check(PublicModulusBase64 == PrivateModulusBase64);
138
139 TArray<uint8> PublicExponent, PrivateExponent, Modulus;
140 FBase64::Decode(PublicExponentBase64, PublicExponent);
141 FBase64::Decode(PrivateExponentBase64, PrivateExponent);
142 FBase64::Decode(PublicModulusBase64, Modulus);
143
144 return FRSA::CreateKey(PublicExponent, PrivateExponent, Modulus);
145 }
146 else
147 {
148 return nullptr;
149 }
150 }
151
152 static void LoadKeyChainFromFile(const FString& InFilename, FKeyChain& OutCryptoSettings)
153 {
154 FArchive* File = IFileManager::Get().CreateFileReader(*InFilename);
155 checkf(File != nullptr, TEXT("Specified crypto keys cache '%s' does not exist!"), *InFilename);
156 TSharedPtr<FJsonObject> RootObject;
157 TSharedRef<TJsonReader<UTF8CHAR>> Reader = TJsonReaderFactory<UTF8CHAR>::Create(File);
158 if (FJsonSerializer::Deserialize(Reader, RootObject))
159 {
160 const TSharedPtr<FJsonObject>* EncryptionKeyObject;
161 if (RootObject->TryGetObjectField(TEXT("EncryptionKey"), EncryptionKeyObject))
162 {
163 FString EncryptionKeyBase64;
164 if ((*EncryptionKeyObject)->TryGetStringField(TEXT("Key"), EncryptionKeyBase64))
165 {
166 if (EncryptionKeyBase64.Len() > 0)
167 {
168 TArray<uint8> Key;
169 FBase64::Decode(EncryptionKeyBase64, Key);
170 check(Key.Num() == sizeof(FAES::FAESKey::Key));
171 FNamedAESKey NewKey;
172 NewKey.Name = TEXT("Default");
173 NewKey.Guid = FGuid();
174 FMemory::Memcpy(NewKey.Key.Key, &Key[0], sizeof(FAES::FAESKey::Key));
175 OutCryptoSettings.GetEncryptionKeys().Add(NewKey.Guid, NewKey);
176 }
177 }
178 }
179
180 const TSharedPtr<FJsonObject>* SigningKey = nullptr;
181 if (RootObject->TryGetObjectField(TEXT("SigningKey"), SigningKey))
182 {
183 OutCryptoSettings.SetSigningKey(ParseRSAKeyFromJson(*SigningKey));
184 }
185
186 const TArray<TSharedPtr<FJsonValue>>* SecondaryEncryptionKeyArray = nullptr;
187 if (RootObject->TryGetArrayField(TEXT("SecondaryEncryptionKeys"), SecondaryEncryptionKeyArray))
188 {
189 for (TSharedPtr<FJsonValue> EncryptionKeyValue : *SecondaryEncryptionKeyArray)
190 {
191 FNamedAESKey NewKey;
192 TSharedPtr<FJsonObject> SecondaryEncryptionKeyObject = EncryptionKeyValue->AsObject();
193 FGuid::Parse(SecondaryEncryptionKeyObject->GetStringField(TEXT("Guid")), NewKey.Guid);
194 NewKey.Name = SecondaryEncryptionKeyObject->GetStringField(TEXT("Name"));
195 FString KeyBase64 = SecondaryEncryptionKeyObject->GetStringField(TEXT("Key"));
196
197 TArray<uint8> Key;
198 FBase64::Decode(KeyBase64, Key);
199 check(Key.Num() == sizeof(FAES::FAESKey::Key));
200 FMemory::Memcpy(NewKey.Key.Key, &Key[0], sizeof(FAES::FAESKey::Key));
201
202 check(!OutCryptoSettings.GetEncryptionKeys().Contains(NewKey.Guid) || OutCryptoSettings.GetEncryptionKeys()[NewKey.Guid].Key == NewKey.Key);
203 OutCryptoSettings.GetEncryptionKeys().Add(NewKey.Guid, NewKey);
204 }
205 }
206 }
207 delete File;
208 FGuid EncryptionKeyOverrideGuid;
209 OutCryptoSettings.SetPrincipalEncryptionKey(OutCryptoSettings.GetEncryptionKeys().Find(EncryptionKeyOverrideGuid));
210 }
211
212 static void ApplyEncryptionKeys(const FKeyChain& KeyChain)
213 {
214 if (KeyChain.GetEncryptionKeys().Contains(FGuid()))
215 {
216 FAES::FAESKey DefaultKey = KeyChain.GetEncryptionKeys()[FGuid()].Key;
217 FCoreDelegates::GetPakEncryptionKeyDelegate().BindLambda([DefaultKey](uint8 OutKey[32]) { FMemory::Memcpy(OutKey, DefaultKey.Key, sizeof(DefaultKey.Key)); });
218 }
219
220 for (const TMap<FGuid, FNamedAESKey>::ElementType& Key : KeyChain.GetEncryptionKeys())
221 {
222 if (Key.Key.IsValid())
223 {
224 FCoreDelegates::GetRegisterEncryptionKeyMulticastDelegate().Broadcast(Key.Key, Key.Value.Key);
225 }
226 }
227 }
228}
check
#define check(expr)
Definition AssertionMacros.h:305
checkf
#define checkf(expr, format,...)
Definition AssertionMacros.h:306
UE_DEPRECATED
#define UE_DEPRECATED(Version, Message)
Definition CoreMiscDefines.h:259
PRAGMA_ENABLE_DEPRECATION_WARNINGS
#define PRAGMA_ENABLE_DEPRECATION_WARNINGS
Definition GenericPlatformCompilerPreSetup.h:11
PRAGMA_DISABLE_DEPRECATION_WARNINGS
#define PRAGMA_DISABLE_DEPRECATION_WARNINGS
Definition GenericPlatformCompilerPreSetup.h:7
InvalidRSAKeyHandle
static constexpr FRSAKeyHandle InvalidRSAKeyHandle
Definition IEngineCrypto.h:10
FRSAKeyHandle
void * FRSAKeyHandle
Definition IEngineCrypto.h:9
TEXT
#define TEXT(x)
Definition Platform.h:1108
FString::Len
UE_NODISCARD FORCEINLINE int32 Len() const
Definition UnrealString.h:1045
FString::operator*
UE_NODISCARD FORCEINLINE const TCHAR * operator*() const UE_LIFETIMEBOUND
Definition UnrealString.h:379
IFileManager::CreateFileReader
virtual FArchive * CreateFileReader(const TCHAR *Filename, uint32 ReadFlags=0)=0
IFileManager::Get
static IFileManager & Get()
KeyChainUtilities::ParseRSAKeyFromJson
static FRSAKeyHandle ParseRSAKeyFromJson(TSharedPtr< FJsonObject > InObj)
Definition KeyChainUtilities.h:125
KeyChainUtilities::ApplyEncryptionKeys
static void ApplyEncryptionKeys(const FKeyChain &KeyChain)
Definition KeyChainUtilities.h:212
KeyChainUtilities::LoadKeyChainFromFile
static void LoadKeyChainFromFile(const FString &InFilename, FKeyChain &OutCryptoSettings)
Definition KeyChainUtilities.h:152
FAES::FAESKey::IsValid
bool IsValid() const
Definition AES.h:37
FAES
Definition AES.h:20
FGuid
Definition Guid.h:108
FGuid::FGuid
FGuid()
Definition Guid.h:112
FKeyChain::FKeyChain
FKeyChain()=default
FKeyChain::GetEncryptionKeys
TMap< FGuid, FNamedAESKey > & GetEncryptionKeys()
Definition KeyChainUtilities.h:107
FKeyChain::GetEncryptionKeys
const TMap< FGuid, FNamedAESKey > & GetEncryptionKeys() const
Definition KeyChainUtilities.h:106
FKeyChain::operator=
FKeyChain & operator=(const FKeyChain &Other)
Definition KeyChainUtilities.h:61
FKeyChain::FKeyChain
FKeyChain(const FKeyChain &Other)
Definition KeyChainUtilities.h:35
FKeyChain::GetPrincipalEncryptionKey
const FNamedAESKey * GetPrincipalEncryptionKey() const
Definition KeyChainUtilities.h:103
FKeyChain::GetSigningKey
PRAGMA_DISABLE_DEPRECATION_WARNINGS FRSAKeyHandle GetSigningKey() const
Definition KeyChainUtilities.h:100
FKeyChain::MasterEncryptionKey
const FNamedAESKey * MasterEncryptionKey
Definition KeyChainUtilities.h:119
FKeyChain::SetEncryptionKeys
void SetEncryptionKeys(const TMap< FGuid, FNamedAESKey > &keys)
Definition KeyChainUtilities.h:109
FKeyChain::EncryptionKeys
TMap< FGuid, FNamedAESKey > EncryptionKeys
Definition KeyChainUtilities.h:116
FKeyChain::FKeyChain
FKeyChain(FKeyChain &&Other)
Definition KeyChainUtilities.h:46
FKeyChain::SigningKey
PRAGMA_ENABLE_DEPRECATION_WARNINGS FRSAKeyHandle SigningKey
Definition KeyChainUtilities.h:113
FKeyChain::SetSigningKey
void SetSigningKey(FRSAKeyHandle key)
Definition KeyChainUtilities.h:101
FKeyChain::SetPrincipalEncryptionKey
void SetPrincipalEncryptionKey(const FNamedAESKey *key)
Definition KeyChainUtilities.h:104
FKeyChain::operator=
FKeyChain & operator=(FKeyChain &&Other)
Definition KeyChainUtilities.h:78
FNamedAESKey::Key
FAES::FAESKey Key
Definition KeyChainUtilities.h:21
FNamedAESKey::IsValid
bool IsValid() const
Definition KeyChainUtilities.h:23