Mercurial > thymian
diff 3rdparty/vmime/examples/example6_certificateVerifier.hpp @ 0:a4671277546c tip
created the repository for the thymian project
| author | ferencd |
|---|---|
| date | Tue, 17 Aug 2021 11:19:54 +0200 |
| parents | |
| children |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/3rdparty/vmime/examples/example6_certificateVerifier.hpp Tue Aug 17 11:19:54 2021 +0200 @@ -0,0 +1,62 @@ + + +#if VMIME_HAVE_TLS_SUPPORT + +// Certificate verifier (TLS/SSL) +class interactiveCertificateVerifier : public vmime::security::cert::defaultCertificateVerifier +{ +public: + + void verify(vmime::shared_ptr <vmime::security::cert::certificateChain> chain, const vmime::string& hostname) + { + try + { + setX509TrustedCerts(m_trustedCerts); + + defaultCertificateVerifier::verify(chain, hostname); + } + catch (vmime::security::cert::certificateException&) + { + // Obtain subject's certificate + vmime::shared_ptr <vmime::security::cert::certificate> cert = chain->getAt(0); + + std::cout << std::endl; + std::cout << "Server sent a '" << cert->getType() << "'" << " certificate." << std::endl; + std::cout << "Do you want to accept this certificate? (Y/n) "; + std::cout.flush(); + + std::string answer; + std::getline(std::cin, answer); + + if (answer.length() != 0 && + (answer[0] == 'Y' || answer[0] == 'y')) + { + // Accept it, and remember user's choice for later + if (cert->getType() == "X.509") + { + m_trustedCerts.push_back(vmime::dynamicCast + <vmime::security::cert::X509Certificate>(cert)); + + setX509TrustedCerts(m_trustedCerts); + defaultCertificateVerifier::verify(chain, hostname); + } + + return; + } + + throw vmime::security::cert::certificateException + ("User did not accept the certificate."); + } + } + +private: + + static std::vector <vmime::shared_ptr <vmime::security::cert::X509Certificate> > m_trustedCerts; +}; + + +std::vector <vmime::shared_ptr <vmime::security::cert::X509Certificate> > + interactiveCertificateVerifier::m_trustedCerts; + +#endif // VMIME_HAVE_TLS_SUPPORT +