Swift
summaryrefslogtreecommitdiffstats
path: root/Swiften/TLS/Schannel
diff options
context:
space:
mode:
Diffstat (limited to 'Swiften/TLS/Schannel')
-rw-r--r--Swiften/TLS/Schannel/SchannelCertificateFactory.h4
-rw-r--r--Swiften/TLS/Schannel/SchannelContext.cpp25
-rw-r--r--Swiften/TLS/Schannel/SchannelContext.h2
3 files changed, 26 insertions, 5 deletions
diff --git a/Swiften/TLS/Schannel/SchannelCertificateFactory.h b/Swiften/TLS/Schannel/SchannelCertificateFactory.h
index d09bb54..5a2b208 100644
--- a/Swiften/TLS/Schannel/SchannelCertificateFactory.h
+++ b/Swiften/TLS/Schannel/SchannelCertificateFactory.h
@@ -13,6 +13,6 @@ namespace Swift {
class SchannelCertificateFactory : public CertificateFactory {
public:
- virtual Certificate::ref createCertificateFromDER(const ByteArray& der) {
- return Certificate::ref(new SchannelCertificate(der));
+ virtual Certificate* createCertificateFromDER(const ByteArray& der) {
+ return new SchannelCertificate(der);
}
};
diff --git a/Swiften/TLS/Schannel/SchannelContext.cpp b/Swiften/TLS/Schannel/SchannelContext.cpp
index 641568d..b4b2843 100644
--- a/Swiften/TLS/Schannel/SchannelContext.cpp
+++ b/Swiften/TLS/Schannel/SchannelContext.cpp
@@ -626,8 +626,29 @@ void SchannelContext::handleCertificateCardRemoved() {
//------------------------------------------------------------------------
-Certificate::ref SchannelContext::getPeerCertificate() const {
+std::vector<Certificate::ref> SchannelContext::getPeerCertificateChain() const {
+ std::vector<Certificate::ref> certificateChain;
ScopedCertContext pServerCert;
+ ScopedCertContext pIssuerCert;
+ ScopedCertContext pCurrentCert;
SECURITY_STATUS status = QueryContextAttributes(m_ctxtHandle, SECPKG_ATTR_REMOTE_CERT_CONTEXT, pServerCert.Reset());
- return status == SEC_E_OK ? boost::make_shared<SchannelCertificate>(pServerCert) : SchannelCertificate::ref();
+
+ if (status != SEC_E_OK) {
+ return certificateChain;
+ }
+ certificateChain.push_back(boost::make_shared<SchannelCertificate>(pServerCert));
+
+ pCurrentCert = pServerCert;
+ while(pCurrentCert.GetPointer()) {
+ DWORD dwVerificationFlags = 0;
+ pIssuerCert = CertGetIssuerCertificateFromStore(pServerCert->hCertStore, pCurrentCert, NULL, &dwVerificationFlags );
+ if (!(*pIssuerCert.GetPointer())) {
+ break;
+ }
+ certificateChain.push_back(boost::make_shared<SchannelCertificate>(pIssuerCert));
+
+ pCurrentCert = pIssuerCert;
+ pIssuerCert = NULL;
+ }
+ return certificateChain;
}
diff --git a/Swiften/TLS/Schannel/SchannelContext.h b/Swiften/TLS/Schannel/SchannelContext.h
index 587d0e7..8603498 100644
--- a/Swiften/TLS/Schannel/SchannelContext.h
+++ b/Swiften/TLS/Schannel/SchannelContext.h
@@ -51,5 +51,5 @@ namespace Swift
virtual void handleDataFromApplication(const SafeByteArray& data);
- virtual Certificate::ref getPeerCertificate() const;
+ virtual std::vector<Certificate::ref> getPeerCertificateChain() const;
virtual CertificateVerificationError::ref getPeerCertificateVerificationError() const;