Updated for PR comments

Signed-off-by: AssemblyJohn <[email protected]>

include/evse_security/crypto/openssl/openssl_provider.hpp

@@ -17,17 +17,19 @@ struct ossl_provider_st; // OpenSSL OSSL_PROVIDER
 
 namespace evse_security {
 
-/// @brief determine if the PEM string is a custom private key
+/// @brief determine if the PEM string is a custom private key. Will
+/// only work for private keys, public keys will always return true
 /// @param private_key_pem string containing the PEM encoded key
-/// @return true when "-----BEGIN PRIVATE KEY-----" is not found
+/// @return true when file does not start "-----BEGIN PRIVATE KEY-----"
 /// @note works irrespective of OpenSSL version
-bool is_custom_key_string(const std::string& private_key_pem);
+bool is_custom_private_key_string(const std::string& private_key_pem);
 
-/// @brief determine if the PEM file contains a custom private key
+/// @brief determine if the PEM file contains a custom private key. Will
+/// only work for private keys, public keys will always return true
 /// @param private_key_file_pem filename of the PEM file
-/// @return true when file starts "-----BEGIN PRIVATE KEY-----"
+/// @return true when file does not start "-----BEGIN PRIVATE KEY-----"
 /// @note works irrespective of OpenSSL version
-bool is_custom_key_file(const fs::path& private_key_file_pem);
+bool is_custom_private_key_file(const fs::path& private_key_file_pem);
 
 /// @brief Manage the loading and configuring of OpenSSL providers
 ///

lib/evse_security/crypto/openssl/openssl_crypto_supplier.cpp

@@ -564,7 +564,7 @@ KeyValidationResult OpenSSLSupplier::x509_check_private_key(X509Handle* handle,
 
     OpenSSLProvider provider;
 
-    const bool custom_key = is_custom_key_string(private_key);
+    const bool custom_key = is_custom_private_key_string(private_key);
     if (custom_key) {
         provider.set_global_mode(OpenSSLProvider::mode_t::custom_provider);
     } else {

lib/evse_security/crypto/openssl/openssl_provider.cpp

@@ -26,20 +26,20 @@ namespace evse_security {
 static auto KEY_HEADER_DEFAULT = "-----BEGIN PRIVATE KEY-----";
 static auto KEY_HEADER_TPM2 = "-----BEGIN TSS2 PRIVATE KEY-----";
 
-bool is_custom_key_string(const std::string& private_key_pem) {
+bool is_custom_private_key_string(const std::string& private_key_pem) {
     // If we can't find the standard header it means it's a custom key
     return private_key_pem.find(KEY_HEADER_DEFAULT) == std::string::npos;
 }
 
-bool is_custom_key_file(const fs::path& private_key_file_pem) {
+bool is_custom_private_key_file(const fs::path& private_key_file_pem) {
     if (fs::is_regular_file(private_key_file_pem)) {
         std::ifstream key_file(private_key_file_pem);
         std::string line;
         std::getline(key_file, line);
         key_file.close();
 
         // Search for the standard header
-        return line.find(KEY_HEADER_DEFAULT) == std::string::npos;
+        return is_custom_private_key_string(line);
     }
 
     return false;
@@ -49,15 +49,8 @@ bool is_custom_key_file(const fs::path& private_key_file_pem) {
 
 constexpr bool is_custom_provider_tpm() {
     // custom provider string (see CMakeLists.txt)
-    const char* custom_provider = CUSTOM_PROVIDER_NAME;
-    const char* tpm_provider = "tpm2";
-
-    while (*tpm_provider && (*tpm_provider == *custom_provider)) {
-        ++tpm_provider;
-        ++custom_provider;
-    }
-
-    return (*tpm_provider == *custom_provider);
+    constexpr const std::string_view custom_provider(CUSTOM_PROVIDER_NAME);
+    return (custom_provider == "tpm2");
 }
 
 // ----------------------------------------------------------------------------