proxygen
|
#include <JavaCryptoCertificateVerifier.h>
Public Member Functions | |
JavaCryptoCertificateVerifier (VerificationContext context) | |
JavaCryptoCertificateVerifier (VerificationContext context, folly::ssl::X509StoreUniquePtr &&store) | |
void | verify (const std::vector< std::shared_ptr< const fizz::PeerCert >> &certs) const override |
void | setX509Store (folly::ssl::X509StoreUniquePtr &&store) |
std::vector< Extension > | getCertificateRequestExtensions () const override |
![]() | |
virtual | ~CertificateVerifier ()=default |
Static Public Member Functions | |
static X509_STORE * | getDefaultX509Store () |
static std::unique_ptr< JavaCryptoCertificateVerifier > | createFromCAFile (VerificationContext context, const std::string &caFile) |
Private Member Functions | |
void | createAuthorities () |
Private Attributes | |
CertificateAuthorities | authorities_ |
VerificationContext | context_ |
folly::ssl::X509StoreUniquePtr | x509Store_ |
Certificate verifier that verifies a certificate against a trusted certificate store
This does not perform any identity or hostname verification.
Definition at line 27 of file JavaCryptoCertificateVerifier.h.
|
inlineexplicit |
Definition at line 29 of file JavaCryptoCertificateVerifier.h.
|
inlineexplicit |
Definition at line 33 of file JavaCryptoCertificateVerifier.h.
References verify().
|
private |
Definition at line 89 of file JavaCryptoCertificateVerifier.cpp.
References fizz::CertificateAuthorities::authorities, folly::IOBuf::create(), fizz::DistinguishedName::encoded_name, i, folly::gen::move, folly::portability::ssl::STACK_OF(), folly::portability::ssl::X509_OBJECT_get0_X509(), and folly::portability::ssl::X509_OBJECT_get_type().
|
static |
Definition at line 21 of file JavaCryptoCertificateVerifier.cpp.
References context, folly::gen::move, and folly::ssl::OpenSSLCertUtils::readStoreFromFile().
|
overridevirtual |
Returns a vector of extensions to send in a certificate request.
Implements fizz::CertificateVerifier.
Definition at line 136 of file JavaCryptoCertificateVerifier.cpp.
References fizz::encodeExtension().
|
static |
Definition at line 117 of file JavaCryptoCertificateVerifier.cpp.
|
inline |
Definition at line 43 of file JavaCryptoCertificateVerifier.h.
References context, folly::gen::move, and string.
|
overridevirtual |
Verifies the certificates in certs. The peer has been already proven possession of the first certificate in certs. Throws on error or if verification fails.
Implements fizz::CertificateVerifier.
Definition at line 29 of file JavaCryptoCertificateVerifier.cpp.
References i, fizz::Server, and string.
|
private |
Definition at line 58 of file JavaCryptoCertificateVerifier.h.
|
private |
Definition at line 59 of file JavaCryptoCertificateVerifier.h.
|
private |
Definition at line 60 of file JavaCryptoCertificateVerifier.h.