forked from sony/nmos-cpp
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcertificate_handlers.cpp
124 lines (108 loc) · 5.16 KB
/
certificate_handlers.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
#include "nmos/certificate_handlers.h"
#include "cpprest/basic_utils.h"
#include "nmos/certificate_settings.h"
#include "nmos/slog.h"
namespace nmos
{
// construct callback to load certification authorities from file based on settings, see nmos/certificate_settings.h
load_ca_certificates_handler make_load_ca_certificates_handler(const nmos::settings& settings, slog::base_gate& gate)
{
const auto ca_certificate_file = nmos::experimental::fields::ca_certificate_file(settings);
return [&, ca_certificate_file]()
{
slog::log<slog::severities::more_info>(gate, SLOG_FLF) << "Load certification authorities";
if (ca_certificate_file.empty())
{
slog::log<slog::severities::warning>(gate, SLOG_FLF) << "Missing certification authorities file";
}
else
{
utility::ifstream_t ca_file(ca_certificate_file);
utility::stringstream_t cacerts;
cacerts << ca_file.rdbuf();
return cacerts.str();
}
return utility::string_t{};
};
}
// construct callback to load server certificates from files based on settings, see nmos/certificate_settings.h
load_server_certificates_handler make_load_server_certificates_handler(const nmos::settings& settings, slog::base_gate& gate)
{
// load the server private keys and certificate chains from files
auto server_certificates = nmos::experimental::fields::server_certificates(settings);
if (0 == server_certificates.size())
{
// (deprecated, replaced by server_certificates)
const auto private_key_files = nmos::experimental::fields::private_key_files(settings);
const auto certificate_chain_files = nmos::experimental::fields::certificate_chain_files(settings);
const auto size = (std::min)(private_key_files.size(), certificate_chain_files.size());
for (size_t i = 0; i < size; ++i)
{
web::json::push_back(server_certificates,
web::json::value_of({
{ nmos::experimental::fields::private_key_file, private_key_files.at(i) },
{ nmos::experimental::fields::certificate_chain_file, certificate_chain_files.at(i) }
})
);
}
}
return [&, server_certificates]()
{
slog::log<slog::severities::info>(gate, SLOG_FLF) << "Load server private keys and certificate chains";
auto data = std::vector<nmos::certificate>();
if (0 == server_certificates.size())
{
slog::log<slog::severities::warning>(gate, SLOG_FLF) << "Missing server certificates";
}
for (const auto& server_certificate : server_certificates.as_array())
{
const auto key_algorithm = nmos::experimental::fields::key_algorithm(server_certificate);
const auto private_key_file = nmos::experimental::fields::private_key_file(server_certificate);
const auto certificate_chain_file = nmos::experimental::fields::certificate_chain_file(server_certificate);
utility::stringstream_t pkey;
if (private_key_file.empty())
{
slog::log<slog::severities::warning>(gate, SLOG_FLF) << "Missing server private key file";
}
else
{
utility::ifstream_t pkey_file(private_key_file);
pkey << pkey_file.rdbuf();
}
utility::stringstream_t cert_chain;
if (certificate_chain_file.empty())
{
slog::log<slog::severities::warning>(gate, SLOG_FLF) << "Missing server certificate chain file";
}
else
{
utility::ifstream_t cert_chain_file(certificate_chain_file);
cert_chain << cert_chain_file.rdbuf();
}
data.push_back(nmos::certificate(nmos::key_algorithm{ key_algorithm }, pkey.str(), cert_chain.str()));
}
return data;
};
}
// construct callback to load Diffie-Hellman parameters for ephemeral key exchange support from file based on settings, see nmos/certificate_settings.h
load_dh_param_handler make_load_dh_param_handler(const nmos::settings& settings, slog::base_gate& gate)
{
const auto dh_param_file = nmos::experimental::fields::dh_param_file(settings);
return[&, dh_param_file]()
{
slog::log<slog::severities::info>(gate, SLOG_FLF) << "Load DH parameters";
if (dh_param_file.empty())
{
slog::log<slog::severities::warning>(gate, SLOG_FLF) << "Missing DH parameters file";
}
else
{
utility::ifstream_t dh_file(dh_param_file);
utility::stringstream_t dh_param;
dh_param << dh_file.rdbuf();
return dh_param.str();
}
return utility::string_t{};
};
}
}