J Reece Wilson
7a0593adeb
[+] AuCrypto::CA::INewCertificateStore [+] AuCrypto::CA::IPinCertificate [+] AuCrypto::CA::PinAlwaysFail [+] AuCrypto::CA::PinAlwaysPass [+] AuCrypto::CA::PinCheckOS [+] AuCrypto::CA::PinCheckDefault [+] AuCrypto::CA::PinCheckBuiltin [+] AuCrypto::CA::PinCheckGlobal [+] AuCrypto::CA::PinCheckTwoAnd [+] AuCrypto::CA::PinCheckTwoOr [+] AuCrypto::CA::SetGlobalTLSPinner [*] Minor AuCrypto::X509 decoder work [*] AuCrypto::X509: transition to memory views (x509 is bytebuffer era and earlier code, beri early) [+] AuCrypto::IPrivateKeyProvider [+] AuCrypto::IPrivateKeyPair [+] AuCrypto::PrivateKeyPair [+] AuCrypto::ImportPrivateKeyPair [*] Refactor: AuCrypto::X509::GenerateCertificate(...) [+] AuCrypto::X509::NewChainFromOneDer [+] AuCrypto::X509::NewChainFromManyDer [+] AuCrypto::X509::NewChainFromManyDerInStream [+] AuCrypto::X509::NewChainFromOnePem [+] AuCrypto::X509::NewChainFromManyPem [+] AuCrypto::X509::NewChainFromManyPemInStream [*] Fix TLS code that was abandoned since its introduction with the net code. mbedtls is a hairbrained mess. so many *blocking* github issues starting after 2017. so little progress. [+] AuIO::TLS::TLSMeta::pKeyPairProvider [+] AuIO::TLS::TLSServer::bAllowSNIToFallBackDefault [+] AuIO::TLS::TLSServer::bAllowSNILessUseDefaultCert
54 lines
1.4 KiB
C++
Executable File
54 lines
1.4 KiB
C++
Executable File
/***
|
|
Copyright (C) 2024 Jamie Reece Wilson (a/k/a "Reece"). All rights reserved.
|
|
|
|
File: AuPinLinuxLike.cpp
|
|
Date: 2024-10-14
|
|
Author: Reece
|
|
***/
|
|
#include <Source/RuntimeInternal.hpp>
|
|
#include "AuPinLinuxLike.hpp"
|
|
|
|
namespace Aurora::Crypto::CA
|
|
{
|
|
IPinCertificate *PinLinuxLikeNew()
|
|
{
|
|
auto pStore = NewCertificateStoreNew();
|
|
if (!pStore)
|
|
{
|
|
return nullptr;
|
|
}
|
|
|
|
AuString certs;
|
|
if (!AuFS::ReadString("/etc/ssl/certs/ca-bundle.crt", certs))
|
|
{
|
|
if (!AuFS::ReadString("/etc/ssl/certs/ca-certificates.crt", certs))
|
|
{
|
|
SysPushErrorIO("No SSL certificates.crt file");
|
|
NewCertificateStoreRelease(pStore);
|
|
return nullptr;
|
|
}
|
|
}
|
|
|
|
auto pChain = AuCrypto::X509::NewChainFromManyPemInStreamUnique(certs);
|
|
if (!pChain)
|
|
{
|
|
SysPushErrorSyntax("Couldn't parse system cert file!");
|
|
NewCertificateStoreRelease(pStore);
|
|
return nullptr;
|
|
}
|
|
|
|
if (!pStore->AddCertificateChain(pChain.get()))
|
|
{
|
|
SysPushErrorGeneric();
|
|
NewCertificateStoreRelease(pStore);
|
|
return nullptr;
|
|
}
|
|
|
|
return pStore;
|
|
}
|
|
|
|
void PinLinuxLikeRelease(IPinCertificate *pHandle)
|
|
{
|
|
NewCertificateStoreRelease(AuStaticCast<ICertificateStore>(pHandle));
|
|
}
|
|
} |