The credentials manager interface seems a much better place for cert

checking, allowed client auth CAs, etc than the policy class. With
this change, most users won't ever need to modify the default policy
which is likely a good thing.

Remove copy and paste of the credentials manager implemenation in the
examples.

2 files changed, 56 insertions, 1 deletions

diff --git a/src/credentials/credentials_manager.cpp b/src/credentials/credentials_manager.cpp
index e7886d307..82da8a75d 100644
--- a/src/credentials/credentials_manager.cpp
+++ b/src/credentials/credentials_manager.cpp
@@ -49,4 +49,34 @@ Private_Key* Credentials_Manager::private_key_for(const X509_Certificate&,
    return 0;
    }
 
+std::vector<X509_Certificate>
+Credentials_Manager::trusted_certificate_authorities(
+   const std::string&,
+   const std::string&)
+   {
+   return std::vector<X509_Certificate>();
+   }
+
+void Credentials_Manager::verify_certificate_chain(
+   const std::vector<X509_Certificate>& cert_chain,
+   const std::string& purported_hostname)
+   {
+   if(cert_chain.empty())
+      throw std::invalid_argument("Certificate chain was empty");
+
+#if 0
+   if(!cert_chain[0].matches_dns_name(purported_hostname))
+      return false;
+
+   X509_Store store;
+
+   std::vector<X509_Certificate> CAs = trusted_certificate_authorities();
+
+   for(size_t i = 1; i != CAs.size(); ++i)
+      store.add_cert(CAs[i], true);
+   for(size_t i = 1; i != cert_chain.size(); ++i)
+      store.add_cert(cert_chain[i]);
+#endif
+   }
+
 }
diff --git a/src/credentials/credentials_manager.h b/src/credentials/credentials_manager.h
index 43bccec69..fdcfa74da 100644
--- a/src/credentials/credentials_manager.h
+++ b/src/credentials/credentials_manager.h
@@ -62,6 +62,10 @@ class BOTAN_DLL Credentials_Manager
                                 bool generate_fake_on_unknown);
 
       /**
+      * Return a cert chain we can use, ordered from leaf to root.
+      * Assumed that we can get the private key of the leaf with
+      * private_key_for
+      *
       * @param cert_key_type is a string representing the key type
       * ("rsa", "dsa", "ecdsa", etc) or empty if no preference.
       */
@@ -71,8 +75,29 @@ class BOTAN_DLL Credentials_Manager
          const std::string& context);
 
       /**
+      * Return a list of the certificates of CAs that we trust in this
+      * type/context.
+      */
+      virtual std::vector<X509_Certificate> trusted_certificate_authorities(
+         const std::string& type,
+         const std::string& context);
+
+      /**
+      * Check the certificate chain is valid up to a trusted root, and
+      * optionally (if hostname != "") that the hostname given is
+      * consistent with the leaf certificate.
+      *
+      * This function should throw an exception derived from
+      * std::exception with an informative what() result if the
+      * certificate chain cannot be verified.
+      */
+      virtual void verify_certificate_chain(
+         const std::vector<X509_Certificate>& cert_chain,
+         const std::string& hostname = "");
+
+      /**
       * @return private key associated with this certificate if we should
-      *         use it with this context
+      *         use it with this context. cert was returned by cert_chain
       */
       virtual Private_Key* private_key_for(const X509_Certificate& cert,
                                            const std::string& type,