tls: Add x509 cert wrapper

For now, wholly incomplete (no methods)
whl739 · Dec 9, 2015 · 44f3e0b · 44f3e0b
1 parent 5dc22fa
commit 44f3e0b
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 0 deletions.
diff --git a/net/tls.cc b/net/tls.cc
@@ -20,6 +20,8 @@
  */
 
 #include <gnutls/gnutls.h>
+#include <gnutls/x509.h>
+
 #include <experimental/optional>
 #include <system_error>
 
@@ -156,6 +158,49 @@ future<seastar::tls::dh_params> seastar::tls::dh_params::from_file(
     });
 }
 
+class seastar::tls::x509_cert::impl {
+public:
+    impl()
+            : _cert([] {
+                gnutls_x509_crt_t cert;
+                gtls_chk(gnutls_x509_crt_init(&cert));
+                return cert;
+            }()) {
+    }
+    impl(const blob& b, x509_crt_format fmt)
+        : impl()
+    {
+        blob_wrapper w(b);
+        gtls_chk(gnutls_x509_crt_import(*this, &w, gnutls_x509_crt_fmt_t(fmt)));
+    }
+    ~impl() {
+        if (_cert != nullptr) {
+            gnutls_x509_crt_deinit(_cert);
+        }
+    }
+    operator gnutls_x509_crt_t() const {
+        return _cert;
+    }
+
+private:
+    gnutls_x509_crt_t _cert;
+};
+
+seastar::tls::x509_cert::x509_cert(::shared_ptr<impl> impl)
+        : _impl(std::move(impl)) {
+}
+
+seastar::tls::x509_cert::x509_cert(const blob& b, x509_crt_format fmt)
+        : x509_cert(::make_shared<impl>(b, fmt)) {
+}
+
+future<seastar::tls::x509_cert> seastar::tls::x509_cert::from_file(
+        const sstring& filename, x509_crt_format fmt) {
+    return read_fully(filename).then([fmt](temporary_buffer<char> buf) {
+        return make_ready_future<x509_cert>(x509_cert(blob(buf.get()), fmt));
+    });
+}
+
 class seastar::tls::certificate_credentials::impl: public gnutlsobj {
 public:
     impl()

diff --git a/net/tls.hh b/net/tls.hh
@@ -21,6 +21,7 @@
 #pragma once
 
 #include <experimental/string_view>
+#include <vector>
 
 #include "core/future.hh"
 #include "core/sstring.hh"
@@ -84,6 +85,16 @@ namespace tls {
         std::unique_ptr<impl> _impl;
     };
 
+    class x509_cert {
+        x509_cert(const blob&, x509_crt_format);
+
+        static future<x509_cert> from_file(const sstring&, x509_crt_format);
+    private:
+        class impl;
+        x509_cert(::shared_ptr<impl>);
+        ::shared_ptr<impl> _impl;
+    };
+
     /**
      * Holds certificates and keys.
      *