diff options
author | Florent Le Coz <louiz@louiz.org> | 2015-11-02 03:26:13 +0100 |
---|---|---|
committer | Florent Le Coz <louiz@louiz.org> | 2015-11-02 03:26:13 +0100 |
commit | f928f7627247ceaafcf3538066ac17609b652aac (patch) | |
tree | 4f5740fb8150876a9eaad16c2339f3a338899ebf /louloulibs/network/credentials_manager.cpp | |
parent | 7e07a17420117758ca319b5beab6440ff1d634f7 (diff) | |
download | biboumi-f928f7627247ceaafcf3538066ac17609b652aac.tar.gz biboumi-f928f7627247ceaafcf3538066ac17609b652aac.tar.bz2 biboumi-f928f7627247ceaafcf3538066ac17609b652aac.tar.xz biboumi-f928f7627247ceaafcf3538066ac17609b652aac.zip |
Verify the remote TLS certificates using the system-wide trusted CAs
Diffstat (limited to 'louloulibs/network/credentials_manager.cpp')
-rw-r--r-- | louloulibs/network/credentials_manager.cpp | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/louloulibs/network/credentials_manager.cpp b/louloulibs/network/credentials_manager.cpp new file mode 100644 index 0000000..77198a4 --- /dev/null +++ b/louloulibs/network/credentials_manager.cpp @@ -0,0 +1,33 @@ +#include <network/credentials_manager.hpp> +#include <logger/logger.hpp> + +Basic_Credentials_Manager::Basic_Credentials_Manager(): + Botan::Credentials_Manager() +{ + this->load_certs(); +} +void Basic_Credentials_Manager::verify_certificate_chain(const std::string& type, + const std::string& purported_hostname, + const std::vector<Botan::X509_Certificate>& certs) +{ + log_debug("Checking remote certificate (" << type << ") for hostname " << purported_hostname); + Botan::Credentials_Manager::verify_certificate_chain(type, "louiz.org", certs); + log_debug("Certificate is valid"); +} +void Basic_Credentials_Manager::load_certs() +{ + const std::vector<std::string> paths = {"/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem"}; + for (const auto& path: paths) + { + Botan::DataSource_Stream bundle(path); + while (!bundle.end_of_data() && bundle.check_available(27)) + { + const Botan::X509_Certificate cert(bundle); + this->certificate_store.add_certificate(cert); + } + } +} +std::vector<Botan::Certificate_Store*> Basic_Credentials_Manager::trusted_certificate_authorities(const std::string&, const std::string&) +{ + return {&this->certificate_store}; +} |