AuroraRuntime/Source/Crypto/CA/AuPinLinuxLike.cpp

/***
    Copyright (C) 2024 Jamie Reece Wilson (a/k/a "Reece"). All rights reserved.

    File: AuPinLinuxLike.cpp
    Date: 2024-10-14
    Author: Reece
***/
#include <Source/RuntimeInternal.hpp>
#include "AuPinLinuxLike.hpp"

namespace Aurora::Crypto::CA
{
    IPinCertificate *PinLinuxLikeNew()
    {
        auto pStore = NewCertificateStoreNew();
        if (!pStore)
        {
            return nullptr;
        }

        AuString certs;
        if (!AuFS::ReadString("/etc/ssl/certs/ca-bundle.crt", certs))
        {
            if (!AuFS::ReadString("/etc/ssl/certs/ca-certificates.crt", certs))
            {
                SysPushErrorIO("No SSL certificates.crt file");
                NewCertificateStoreRelease(pStore);
                return nullptr;
            }
        }

        auto pChain = AuCrypto::X509::NewChainFromManyPemInStreamUnique(certs);
        if (!pChain)
        {
            SysPushErrorSyntax("Couldn't parse system cert file!");
            NewCertificateStoreRelease(pStore);
            return nullptr;
        }

        if (!pStore->AddCertificateChain(pChain.get()))
        {
            SysPushErrorGeneric();
            NewCertificateStoreRelease(pStore);
            return nullptr;
        }

        return pStore;
    }

    void PinLinuxLikeRelease(IPinCertificate *pHandle)
    {
        NewCertificateStoreRelease(AuStaticCast<ICertificateStore>(pHandle));
    }
}
[+] AuCrypto::CA::ICertificateStore [+] AuCrypto::CA::INewCertificateStore [+] AuCrypto::CA::IPinCertificate [+] AuCrypto::CA::PinAlwaysFail [+] AuCrypto::CA::PinAlwaysPass [+] AuCrypto::CA::PinCheckOS [+] AuCrypto::CA::PinCheckDefault [+] AuCrypto::CA::PinCheckBuiltin [+] AuCrypto::CA::PinCheckGlobal [+] AuCrypto::CA::PinCheckTwoAnd [+] AuCrypto::CA::PinCheckTwoOr [+] AuCrypto::CA::SetGlobalTLSPinner [] Minor AuCrypto::X509 decoder work [] AuCrypto::X509: transition to memory views (x509 is bytebuffer era and earlier code, beri early) [+] AuCrypto::IPrivateKeyProvider [+] AuCrypto::IPrivateKeyPair [+] AuCrypto::PrivateKeyPair [+] AuCrypto::ImportPrivateKeyPair [] Refactor: AuCrypto::X509::GenerateCertificate(...) [+] AuCrypto::X509::NewChainFromOneDer [+] AuCrypto::X509::NewChainFromManyDer [+] AuCrypto::X509::NewChainFromManyDerInStream [+] AuCrypto::X509::NewChainFromOnePem [+] AuCrypto::X509::NewChainFromManyPem [+] AuCrypto::X509::NewChainFromManyPemInStream [] Fix TLS code that was abandoned since its introduction with the net code. mbedtls is a hairbrained mess. so many blocking github issues starting after 2017. so little progress. [+] AuIO::TLS::TLSMeta::pKeyPairProvider [+] AuIO::TLS::TLSServer::bAllowSNIToFallBackDefault [+] AuIO::TLS::TLSServer::bAllowSNILessUseDefaultCert 2024-10-16 01:05:11 +00:00			`/***`
			`Copyright (C) 2024 Jamie Reece Wilson (a/k/a "Reece"). All rights reserved.`

			`File: AuPinLinuxLike.cpp`
			`Date: 2024-10-14`
			`Author: Reece`
			`***/`
			`#include <Source/RuntimeInternal.hpp>`
			`#include "AuPinLinuxLike.hpp"`

			`namespace Aurora::Crypto::CA`
			`{`
			`IPinCertificate *PinLinuxLikeNew()`
			`{`
			`auto pStore = NewCertificateStoreNew();`
			`if (!pStore)`
			`{`
			`return nullptr;`
			`}`

			`AuString certs;`
			`if (!AuFS::ReadString("/etc/ssl/certs/ca-bundle.crt", certs))`
			`{`
			`if (!AuFS::ReadString("/etc/ssl/certs/ca-certificates.crt", certs))`
			`{`
			`SysPushErrorIO("No SSL certificates.crt file");`
			`NewCertificateStoreRelease(pStore);`
			`return nullptr;`
			`}`
			`}`

			`auto pChain = AuCrypto::X509::NewChainFromManyPemInStreamUnique(certs);`
			`if (!pChain)`
			`{`
			`SysPushErrorSyntax("Couldn't parse system cert file!");`
			`NewCertificateStoreRelease(pStore);`
			`return nullptr;`
			`}`

			`if (!pStore->AddCertificateChain(pChain.get()))`
			`{`
			`SysPushErrorGeneric();`
			`NewCertificateStoreRelease(pStore);`
			`return nullptr;`
			`}`

			`return pStore;`
			`}`

			`void PinLinuxLikeRelease(IPinCertificate *pHandle)`
			`{`
			`NewCertificateStoreRelease(AuStaticCast<ICertificateStore>(pHandle));`
			`}`
			`}`