1 #include "libfilezilla/tls_info.hpp"
2 #include "tls_layer_impl.hpp"
3
4 namespace fz {
x509_certificate(std::vector<uint8_t> const & rawData,datetime const & activation_time,datetime const & expiration_time,std::string const & serial,std::string const & pkalgoname,unsigned int bits,std::string const & signalgoname,std::string const & fingerprint_sha256,std::string const & fingerprint_sha1,std::string const & issuer,std::string const & subject,std::vector<subject_name> const & alt_subject_names,bool const self_signed)5 x509_certificate::x509_certificate(
6 std::vector<uint8_t> const& rawData,
7 datetime const& activation_time, datetime const& expiration_time,
8 std::string const& serial,
9 std::string const& pkalgoname, unsigned int bits,
10 std::string const& signalgoname,
11 std::string const& fingerprint_sha256,
12 std::string const& fingerprint_sha1,
13 std::string const& issuer,
14 std::string const& subject,
15 std::vector<subject_name> const& alt_subject_names,
16 bool const self_signed)
17 : activation_time_(activation_time)
18 , expiration_time_(expiration_time)
19 , raw_cert_(rawData)
20 , serial_(serial)
21 , pkalgoname_(pkalgoname)
22 , pkalgobits_(bits)
23 , signalgoname_(signalgoname)
24 , fingerprint_sha256_(fingerprint_sha256)
25 , fingerprint_sha1_(fingerprint_sha1)
26 , issuer_(issuer)
27 , subject_(subject)
28 , alt_subject_names_(alt_subject_names)
29 , self_signed_(self_signed)
30 {
31 }
32
x509_certificate(std::vector<uint8_t> && rawData,datetime const & activation_time,datetime const & expiration_time,std::string const & serial,std::string const & pkalgoname,unsigned int bits,std::string const & signalgoname,std::string const & fingerprint_sha256,std::string const & fingerprint_sha1,std::string const & issuer,std::string const & subject,std::vector<subject_name> && alt_subject_names,bool const self_signed)33 x509_certificate::x509_certificate(
34 std::vector<uint8_t> && rawData,
35 datetime const& activation_time, datetime const& expiration_time,
36 std::string const& serial,
37 std::string const& pkalgoname, unsigned int bits,
38 std::string const& signalgoname,
39 std::string const& fingerprint_sha256,
40 std::string const& fingerprint_sha1,
41 std::string const& issuer,
42 std::string const& subject,
43 std::vector<subject_name> && alt_subject_names,
44 bool const self_signed)
45 : activation_time_(activation_time)
46 , expiration_time_(expiration_time)
47 , raw_cert_(rawData)
48 , serial_(serial)
49 , pkalgoname_(pkalgoname)
50 , pkalgobits_(bits)
51 , signalgoname_(signalgoname)
52 , fingerprint_sha256_(fingerprint_sha256)
53 , fingerprint_sha1_(fingerprint_sha1)
54 , issuer_(issuer)
55 , subject_(subject)
56 , alt_subject_names_(alt_subject_names)
57 , self_signed_(self_signed)
58 {
59 }
60
tls_session_info(std::string const & host,unsigned int port,std::string const & protocol,std::string const & key_exchange,std::string const & session_cipher,std::string const & session_mac,int algorithm_warnings,std::vector<x509_certificate> && certificates,bool system_trust,bool hostname_mismatch)61 tls_session_info::tls_session_info(std::string const& host, unsigned int port,
62 std::string const& protocol,
63 std::string const& key_exchange,
64 std::string const& session_cipher,
65 std::string const& session_mac,
66 int algorithm_warnings,
67 std::vector<x509_certificate> && certificates,
68 bool system_trust,
69 bool hostname_mismatch)
70 : host_(host)
71 , port_(port)
72 , protocol_(protocol)
73 , key_exchange_(key_exchange)
74 , session_cipher_(session_cipher)
75 , session_mac_(session_mac)
76 , algorithm_warnings_(algorithm_warnings)
77 , certificates_(certificates)
78 , system_trust_(system_trust)
79 , hostname_mismatch_(hostname_mismatch)
80 {
81 }
82
load_certificates_file(native_string const & certsfile,bool pem,bool sort,logger_interface * logger)83 std::vector<x509_certificate> load_certificates_file(native_string const& certsfile, bool pem, bool sort, logger_interface * logger)
84 {
85 std::string certdata = read_certificates_file(certsfile, logger);
86 if (certdata.empty()) {
87 return {};
88 }
89
90 return load_certificates(certdata, pem, sort, logger);
91 }
92
load_certificates(std::string_view const & certdata,bool pem,bool sort,logger_interface * logger)93 std::vector<x509_certificate> load_certificates(std::string_view const& certdata, bool pem, bool sort, logger_interface * logger)
94 {
95 cert_list_holder certs;
96 if (tls_layer_impl::load_certificates(certdata, pem, certs.certs, certs.certs_size, sort) != GNUTLS_E_SUCCESS) {
97 return {};
98 }
99
100 std::vector<x509_certificate> certificates;
101 certificates.reserve(certs.certs_size);
102 for (unsigned int i = 0; i < certs.certs_size; ++i) {
103 x509_certificate cert;
104 if (tls_layer_impl::extract_cert(certs.certs[i], cert, i + 1 == certs.certs_size, logger)) {
105 certificates.emplace_back(std::move(cert));
106 }
107 else {
108 certificates.clear();
109 break;
110 }
111 }
112
113 return certificates;
114 }
115
116 }
117