RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-25 16:47:36 +00:00
Code Issues Activity Actions

LibTLS: (Almost) verify certificate chain against root CA certificates

Browse source 
Also adds a very primitive systemwide ca_certs.ini file.
This commit is contained in:
AnotherTest 2020-10-30 11:56:31 +03:30 committed by Andreas Kling
parent 34f8d55100
commit 37c089fb7b
7 changed files with 632 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

16
Libraries/LibTLS/Certificate.h
View file

@ -28,6 +28,7 @@
#include <AK/ByteBuffer.h>
#include <AK/Forward.h>
#include <AK/Singleton.h>
#include <AK/Types.h>
#include <LibCrypto/BigInt/UnsignedBigInteger.h>
#include <LibCrypto/PK/RSA.h>
@ -77,6 +78,21 @@ struct Certificate {
bool is_valid() const;
};
class DefaultRootCACertificates {
public:
DefaultRootCACertificates();
const Vector<Certificate>& certificates() const { return m_ca_certificates; }
static DefaultRootCACertificates& the() { return s_the; }
private:
static AK::Singleton<DefaultRootCACertificates> s_the;
Vector<Certificate> m_ca_certificates;
};
}
using TLS::Certificate;
using TLS::DefaultRootCACertificates;