X509Credentials(const std::string& certstr, const std::string& keystr) : key(keystr) , certs(certstr) { // Throwing is ok here, the destructor of Credentials is called in that case int ret = gnutls_certificate_set_x509_key(cred, certs.raw(), certs.size(), key.get()); ThrowOnError(ret, "Unable to set cert/key pair"); #ifdef GNUTLS_NEW_CERT_CALLBACK_API gnutls_certificate_set_retrieve_function(cred, cert_callback); #else gnutls_certificate_client_set_retrieve_function(cred, cert_callback); #endif }
X509Credentials(const std::string& certstr, const std::string& keystr) : key(keystr) , certs(certstr) { // Verify that one of the certs match the private key bool found = false; for (mbedtls_x509_crt* cert = certs.get(); cert; cert = cert->next) { if (mbedtls_pk_check_pair(&cert->pk, key.get()) == 0) { found = true; break; } } if (!found) throw Exception("Public/private key pair does not match"); }
mbedtls_pk_context* getkey() { return key.get(); }