Verify the remote TLS certificates using the system-wide trusted CAs

1 files changed, 22 insertions, 0 deletions

diff --git a/louloulibs/network/credentials_manager.hpp b/louloulibs/network/credentials_manager.hpp
new file mode 100644
index 0000000..ea89eca
--- /dev/null
+++ b/louloulibs/network/credentials_manager.hpp
@@ -0,0 +1,22 @@
+#ifndef BIBOUMI_CREDENTIALS_MANAGER_HPP
+#define BIBOUMI_CREDENTIALS_MANAGER_HPP
+
+#include <botan/botan.h>
+#include <botan/tls_client.h>
+
+class Basic_Credentials_Manager: public Botan::Credentials_Manager
+{
+public:
+  Basic_Credentials_Manager();
+  void verify_certificate_chain(const std::string& type,
+                                const std::string& purported_hostname,
+                                const std::vector<Botan::X509_Certificate>&) override final;
+  std::vector<Botan::Certificate_Store*> trusted_certificate_authorities(const std::string& type,
+                                                                         const std::string& context) override final;
+
+private:
+  void load_certs();
+  Botan::Certificate_Store_In_Memory certificate_store;
+};
+
+#endif //BIBOUMI_CREDENTIALS_MANAGER_HPP