UDocumentation UE5.7 10.02.2026 (Source)
API documentation for Unreal Engine 5.7
KeyChainUtilities.h
Go to the documentation of this file.
1// Copyright Epic Games, Inc. All Rights Reserved.
2#pragma once
3
4// HEADER_UNIT_UNSUPPORTED - Includes JsonSerializer.h which is not in Core module
5
6#include "Base64.h"
7#include "CoreDelegates.h"
8#include "CoreMinimal.h"
9#include "HAL/FileManager.h"
10#include "IEngineCrypto.h"
11#include "NamedAESKey.h"
12#include "RSA.h"
13#include "Serialization/Archive.h"
14#include "Serialization/JsonSerializer.h"
15
16struct FKeyChain
17{
18public:
19
20 FKeyChain() = default;
21
22 FKeyChain(const FKeyChain& Other)
23 {
24 SetSigningKey(Other.GetSigningKey());
25 SetEncryptionKeys(Other.GetEncryptionKeys());
26
27 if (Other.GetPrincipalEncryptionKey())
28 {
29 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
30 }
31 }
32
33 FKeyChain(FKeyChain&& Other)
34 {
35 SetSigningKey(Other.GetSigningKey());
36 SetEncryptionKeys(MoveTemp(Other.GetEncryptionKeys()));
37
38 if (Other.GetPrincipalEncryptionKey())
39 {
40 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
41 }
42
43 Other.SetSigningKey(InvalidRSAKeyHandle);
44 Other.SetPrincipalEncryptionKey(nullptr);
45 Other.SetEncryptionKeys(TMap<FGuid, FNamedAESKey>());
46 }
47
48 FKeyChain& operator=(const FKeyChain& Other)
49 {
50 SetSigningKey(Other.GetSigningKey());
51 SetEncryptionKeys(Other.GetEncryptionKeys());
52
53 if (Other.GetPrincipalEncryptionKey())
54 {
55 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
56 }
57 else
58 {
59 SetPrincipalEncryptionKey(nullptr);
60 }
61
62 return *this;
63 }
64
65 FKeyChain& operator=(FKeyChain&& Other)
66 {
67 SetSigningKey(Other.GetSigningKey());
68 SetEncryptionKeys(MoveTemp(Other.GetEncryptionKeys()));
69
70 if (Other.GetPrincipalEncryptionKey())
71 {
72 SetPrincipalEncryptionKey(GetEncryptionKeys().Find(Other.GetPrincipalEncryptionKey()->Guid));
73 }
74 else
75 {
76 SetPrincipalEncryptionKey(nullptr);
77 }
78
79 Other.SetSigningKey(InvalidRSAKeyHandle);
80 Other.SetPrincipalEncryptionKey(nullptr);
81 Other.SetEncryptionKeys(TMap<FGuid, FNamedAESKey>());
82
83 return *this;
84 }
85
86 PRAGMA_DISABLE_DEPRECATION_WARNINGS
87 FRSAKeyHandle GetSigningKey() const { return SigningKey; }
88 void SetSigningKey(FRSAKeyHandle key) { SigningKey = key; }
89
90 const FNamedAESKey* GetPrincipalEncryptionKey() const { return MasterEncryptionKey; }
91 void SetPrincipalEncryptionKey(const FNamedAESKey* key) { MasterEncryptionKey =key; }
92
93 const TMap<FGuid, FNamedAESKey>& GetEncryptionKeys() const { return EncryptionKeys; }
94 TMap<FGuid, FNamedAESKey>& GetEncryptionKeys() { return EncryptionKeys; }
95
96 void SetEncryptionKeys(const TMap<FGuid, FNamedAESKey>& keys) { EncryptionKeys = keys; }
97 PRAGMA_ENABLE_DEPRECATION_WARNINGS
98
99 UE_DEPRECATED(5.1, "Use Get/SetSigningKey instead")
100 FRSAKeyHandle SigningKey = InvalidRSAKeyHandle;
101
102 UE_DEPRECATED(5.1, "Use GetEncryptionKeys instead")
103 TMap<FGuid, FNamedAESKey> EncryptionKeys;
104
105 UE_DEPRECATED(5.1, "Use Get/SetPrincipalEncryptionKey instead")
106 const FNamedAESKey* MasterEncryptionKey = nullptr;
107};
108
109
110namespace KeyChainUtilities
111{
112 static FRSAKeyHandle ParseRSAKeyFromJson(TSharedPtr<FJsonObject> InObj)
113 {
114 TSharedPtr<FJsonObject> PublicKey = InObj->GetObjectField(TEXT("PublicKey"));
115 TSharedPtr<FJsonObject> PrivateKey = InObj->GetObjectField(TEXT("PrivateKey"));
116
117 FString PublicExponentBase64, PrivateExponentBase64, PublicModulusBase64, PrivateModulusBase64;
118
119 if (PublicKey->TryGetStringField(TEXT("Exponent"), PublicExponentBase64)
120 && PublicKey->TryGetStringField(TEXT("Modulus"), PublicModulusBase64)
121 && PrivateKey->TryGetStringField(TEXT("Exponent"), PrivateExponentBase64)
122 && PrivateKey->TryGetStringField(TEXT("Modulus"), PrivateModulusBase64))
123 {
124 check(PublicModulusBase64 == PrivateModulusBase64);
125
126 TArray<uint8> PublicExponent, PrivateExponent, Modulus;
127 FBase64::Decode(PublicExponentBase64, PublicExponent);
128 FBase64::Decode(PrivateExponentBase64, PrivateExponent);
129 FBase64::Decode(PublicModulusBase64, Modulus);
130
131 return FRSA::CreateKey(PublicExponent, PrivateExponent, Modulus);
132 }
133 else
134 {
135 return nullptr;
136 }
137 }
138
139 static void LoadKeyChainFromFile(const FString& InFilename, FKeyChain& OutCryptoSettings)
140 {
141 FArchive* File = IFileManager::Get().CreateFileReader(*InFilename);
142 checkf(File != nullptr, TEXT("Specified crypto keys cache '%s' does not exist!"), *InFilename);
143 TSharedPtr<FJsonObject> RootObject;
144 TSharedRef<TJsonReader<UTF8CHAR>> Reader = TJsonReaderFactory<UTF8CHAR>::Create(File);
145 if (FJsonSerializer::Deserialize(Reader, RootObject))
146 {
147 const TSharedPtr<FJsonObject>* EncryptionKeyObject;
148 if (RootObject->TryGetObjectField(TEXT("EncryptionKey"), EncryptionKeyObject))
149 {
150 FString EncryptionKeyBase64;
151 if ((*EncryptionKeyObject)->TryGetStringField(TEXT("Key"), EncryptionKeyBase64))
152 {
153 if (EncryptionKeyBase64.Len() > 0)
154 {
155 TArray<uint8> Key;
156 FBase64::Decode(EncryptionKeyBase64, Key);
157 check(Key.Num() == sizeof(FAES::FAESKey::Key));
158 FNamedAESKey NewKey;
159 NewKey.Name = TEXT("Default");
160 NewKey.Guid = FGuid();
161 FMemory::Memcpy(NewKey.Key.Key, &Key[0], sizeof(FAES::FAESKey::Key));
162 OutCryptoSettings.GetEncryptionKeys().Add(NewKey.Guid, NewKey);
163 }
164 }
165 }
166
167 const TSharedPtr<FJsonObject>* SigningKey = nullptr;
168 if (RootObject->TryGetObjectField(TEXT("SigningKey"), SigningKey))
169 {
170 OutCryptoSettings.SetSigningKey(ParseRSAKeyFromJson(*SigningKey));
171 }
172
173 const TArray<TSharedPtr<FJsonValue>>* SecondaryEncryptionKeyArray = nullptr;
174 if (RootObject->TryGetArrayField(TEXT("SecondaryEncryptionKeys"), SecondaryEncryptionKeyArray))
175 {
176 for (TSharedPtr<FJsonValue> EncryptionKeyValue : *SecondaryEncryptionKeyArray)
177 {
178 FNamedAESKey NewKey;
179 TSharedPtr<FJsonObject> SecondaryEncryptionKeyObject = EncryptionKeyValue->AsObject();
180 FGuid::Parse(SecondaryEncryptionKeyObject->GetStringField(TEXT("Guid")), NewKey.Guid);
181 NewKey.Name = SecondaryEncryptionKeyObject->GetStringField(TEXT("Name"));
182 FString KeyBase64 = SecondaryEncryptionKeyObject->GetStringField(TEXT("Key"));
183
184 TArray<uint8> Key;
185 FBase64::Decode(KeyBase64, Key);
186 check(Key.Num() == sizeof(FAES::FAESKey::Key));
187 FMemory::Memcpy(NewKey.Key.Key, &Key[0], sizeof(FAES::FAESKey::Key));
188
189 check(!OutCryptoSettings.GetEncryptionKeys().Contains(NewKey.Guid) || OutCryptoSettings.GetEncryptionKeys()[NewKey.Guid].Key == NewKey.Key);
190 OutCryptoSettings.GetEncryptionKeys().Add(NewKey.Guid, NewKey);
191 }
192 }
193 }
194 delete File;
195 FGuid EncryptionKeyOverrideGuid;
196 OutCryptoSettings.SetPrincipalEncryptionKey(OutCryptoSettings.GetEncryptionKeys().Find(EncryptionKeyOverrideGuid));
197 }
198
199 static void ApplyEncryptionKeys(const FKeyChain& KeyChain)
200 {
201 if (KeyChain.GetEncryptionKeys().Contains(FGuid()))
202 {
203 FAES::FAESKey DefaultKey = KeyChain.GetEncryptionKeys()[FGuid()].Key;
204 FCoreDelegates::GetPakEncryptionKeyDelegate().BindLambda([DefaultKey](uint8 OutKey[32]) { FMemory::Memcpy(OutKey, DefaultKey.Key, sizeof(DefaultKey.Key)); });
205 }
206
207 for (const TMap<FGuid, FNamedAESKey>::ElementType& Key : KeyChain.GetEncryptionKeys())
208 {
209 if (Key.Key.IsValid())
210 {
211 FCoreDelegates::GetRegisterEncryptionKeyMulticastDelegate().Broadcast(Key.Key, Key.Value.Key);
212 }
213 }
214 }
215}
check
#define check(expr)
Definition AssertionMacros.h:314
checkf
#define checkf(expr, format,...)
Definition AssertionMacros.h:315
UE_DEPRECATED
#define UE_DEPRECATED(Version, Message)
Definition CoreMiscDefines.h:302
TEXT
#define TEXT(x)
Definition Platform.h:1272
StaticCastSharedRef
UE_FORCEINLINE_HINT TSharedRef< CastToType, Mode > StaticCastSharedRef(TSharedRef< CastFromType, Mode > const &InSharedRef)
Definition SharedPointer.h:127
PRAGMA_ENABLE_DEPRECATION_WARNINGS
#define PRAGMA_ENABLE_DEPRECATION_WARNINGS
Definition GenericPlatformCompilerPreSetup.h:12
PRAGMA_DISABLE_DEPRECATION_WARNINGS
#define PRAGMA_DISABLE_DEPRECATION_WARNINGS
Definition GenericPlatformCompilerPreSetup.h:8
InvalidRSAKeyHandle
constexpr FRSAKeyHandle InvalidRSAKeyHandle
Definition IEngineCrypto.h:10
FRSAKeyHandle
void * FRSAKeyHandle
Definition IEngineCrypto.h:9
MoveTemp
UE_INTRINSIC_CAST UE_REWRITE constexpr std::remove_reference_t< T > && MoveTemp(T &&Obj) noexcept
Definition UnrealTemplate.h:520
uint8
uint8_t uint8
Definition binka_ue_file_header.h:8
FArchive
Definition Archive.h:1208
FCoreDelegates::GetPakEncryptionKeyDelegate
static CORE_API TDelegate< void(uint8[32])> & GetPakEncryptionKeyDelegate()
Definition CoreDelegates.cpp:100
FCoreDelegates::GetRegisterEncryptionKeyMulticastDelegate
static CORE_API TMulticastDelegate< void(const FGuid &, const FAES::FAESKey &)> & GetRegisterEncryptionKeyMulticastDelegate()
Definition CoreDelegates.cpp:94
FObjectProperty
Definition UnrealType.h:3087
IFileManager::Get
static CORE_API IFileManager & Get()
Definition FileManagerGeneric.cpp:1072
IFileManager::CreateFileReader
virtual FArchive * CreateFileReader(const TCHAR *Filename, uint32 ReadFlags=0)=0
TArray
Definition Array.h:670
TJsonReaderFactory::Create
static TSharedRef< TJsonReader< TElementType_T< StringType > > > Create(StringType &&JsonString)
Definition JsonReader.h:1070
TJsonSerializer::Deserialize
static bool Deserialize(const TSharedRef< TJsonReader< CharType > > &Reader, typename Policy::FValue &OutValue, EFlags InOptions=EFlags::None)
Definition JsonSerializer.h:283
TMap
Definition UnrealString.h.inl:34
TSharedPtr
Definition SharedPointer.h:692
TSharedRef
Definition SharedPointer.h:153
KeyChainUtilities
Definition KeyChainUtilities.h:111
FAES::FAESKey
Definition AES.h:27
FAES::FAESKey::Key
uint8 Key[KeySize]
Definition AES.h:30
FBase64::Decode
static CORE_API bool Decode(const FString &Source, FString &OutDest, EBase64Mode Mode=EBase64Mode::Standard)
Definition Base64.cpp:166
FGuid
Definition Guid.h:109
FGuid::Parse
static CORE_API bool Parse(const TCHAR *GuidString, FGuid &OutGuid)
Definition Guid.cpp:307
FKeyChain
Definition KeyChainUtilities.h:17
FKeyChain::FKeyChain
FKeyChain()=default
FKeyChain::GetEncryptionKeys
TMap< FGuid, FNamedAESKey > & GetEncryptionKeys()
Definition KeyChainUtilities.h:94
FKeyChain::GetEncryptionKeys
const TMap< FGuid, FNamedAESKey > & GetEncryptionKeys() const
Definition KeyChainUtilities.h:93
FKeyChain::operator=
FKeyChain & operator=(const FKeyChain &Other)
Definition KeyChainUtilities.h:48
FKeyChain::FKeyChain
FKeyChain(const FKeyChain &Other)
Definition KeyChainUtilities.h:22
FKeyChain::GetPrincipalEncryptionKey
const FNamedAESKey * GetPrincipalEncryptionKey() const
Definition KeyChainUtilities.h:90
FKeyChain::GetSigningKey
PRAGMA_DISABLE_DEPRECATION_WARNINGS FRSAKeyHandle GetSigningKey() const
Definition KeyChainUtilities.h:87
FKeyChain::MasterEncryptionKey
const FNamedAESKey * MasterEncryptionKey
Definition KeyChainUtilities.h:106
FKeyChain::SetEncryptionKeys
void SetEncryptionKeys(const TMap< FGuid, FNamedAESKey > &keys)
Definition KeyChainUtilities.h:96
FKeyChain::EncryptionKeys
TMap< FGuid, FNamedAESKey > EncryptionKeys
Definition KeyChainUtilities.h:103
FKeyChain::FKeyChain
FKeyChain(FKeyChain &&Other)
Definition KeyChainUtilities.h:33
FKeyChain::SigningKey
PRAGMA_ENABLE_DEPRECATION_WARNINGS FRSAKeyHandle SigningKey
Definition KeyChainUtilities.h:100
FKeyChain::SetSigningKey
void SetSigningKey(FRSAKeyHandle key)
Definition KeyChainUtilities.h:88
FKeyChain::SetPrincipalEncryptionKey
void SetPrincipalEncryptionKey(const FNamedAESKey *key)
Definition KeyChainUtilities.h:91
FKeyChain::operator=
FKeyChain & operator=(FKeyChain &&Other)
Definition KeyChainUtilities.h:65
FMemory::Memcpy
static UE_FORCEINLINE_HINT void * Memcpy(void *Dest, const void *Src, SIZE_T Count)
Definition UnrealMemory.h:160
FNamedAESKey
Definition NamedAESKey.h:9
FRSA::CreateKey
static RSA_API FRSAKeyHandle CreateKey(const TArray< uint8 > &InPublicExponent, const TArray< uint8 > &InPrivateExponent, const TArray< uint8 > &InModulus)
Definition RSA.cpp:16