bool CVerifyCertDialog::IsTrusted(CCertificateNotification const& notification)
{
LoadTrustedCerts();
unsigned int len;
CCertificate cert = notification.GetCertificates()[0];
const unsigned char* data = cert.GetRawData(len);
return IsTrusted(notification.GetHost(), notification.GetPort(), data, len, false);
}
void CVerifyCertDialog::SetPermanentlyTrusted(CCertificateNotification const& notification)
{
const CCertificate certificate = notification.GetCertificates()[0];
unsigned int len;
const unsigned char* const data = certificate.GetRawData(len);
CReentrantInterProcessMutexLocker mutex(MUTEX_TRUSTEDCERTS);
LoadTrustedCerts();
if (IsTrusted(notification.GetHost(), notification.GetPort(), data, len, true)) {
return;
}
t_certData cert;
cert.host = notification.GetHost();
cert.port = notification.GetPort();
cert.len = len;
cert.data = new unsigned char[len];
memcpy(cert.data, data, len);
m_trustedCerts.push_back(cert);
if (COptions::Get()->GetOptionVal(OPTION_DEFAULT_KIOSKMODE) == 2) {
return;
}
TiXmlElement* pElement = m_xmlFile.GetElement();
if (!pElement) {
return;
}
TiXmlElement* pCerts = pElement->FirstChildElement("TrustedCerts");
if (!pCerts)
pCerts = pElement->LinkEndChild(new TiXmlElement("TrustedCerts"))->ToElement();
TiXmlElement* pCert = pCerts->LinkEndChild(new TiXmlElement("Certificate"))->ToElement();
AddTextElement(pCert, "Data", ConvertHexToString(data, len));
wxLongLong time = certificate.GetActivationTime().GetTicks();
AddTextElement(pCert, "ActivationTime", time.ToString());
time = certificate.GetExpirationTime().GetTicks();
AddTextElement(pCert, "ExpirationTime", time.ToString());
AddTextElement(pCert, "Host", notification.GetHost());
AddTextElement(pCert, "Port", notification.GetPort());
m_xmlFile.Save(true);
}
bool CVerifyCertDialog::IsTrusted(CCertificateNotification const& notification)
{
if (notification.GetAlgorithmWarnings() != 0) {
// These certs are never trusted.
return false;
}
LoadTrustedCerts();
unsigned int len;
CCertificate cert = notification.GetCertificates()[0];
const unsigned char* data = cert.GetRawData(len);
return IsTrusted(notification.GetHost(), notification.GetPort(), data, len, false);
}
void CVerifyCertDialog::SetPermanentlyTrusted(CCertificateNotification const& notification)
{
const CCertificate certificate = notification.GetCertificates()[0];
unsigned int len;
const unsigned char* const data = certificate.GetRawData(len);
CReentrantInterProcessMutexLocker mutex(MUTEX_TRUSTEDCERTS);
LoadTrustedCerts();
if (IsTrusted(notification.GetHost(), notification.GetPort(), data, len, true)) {
return;
}
t_certData cert;
cert.host = notification.GetHost();
cert.port = notification.GetPort();
cert.len = len;
cert.data = new unsigned char[len];
memcpy(cert.data, data, len);
m_trustedCerts.push_back(cert);
if (COptions::Get()->GetOptionVal(OPTION_DEFAULT_KIOSKMODE) == 2) {
return;
}
auto element = m_xmlFile.GetElement();
if (!element) {
return;
}
auto certs = element.child("TrustedCerts");
if (!certs)
certs = element.append_child("TrustedCerts");
auto xCert = certs.append_child("Certificate");
AddTextElement(xCert, "Data", ConvertHexToString(data, len));
AddTextElement(xCert, "ActivationTime", static_cast<int64_t>(certificate.GetActivationTime().get_time_t()));
AddTextElement(xCert, "ExpirationTime", static_cast<int64_t>(certificate.GetExpirationTime().get_time_t()));
AddTextElement(xCert, "Host", notification.GetHost());
AddTextElement(xCert, "Port", notification.GetPort());
m_xmlFile.Save(true);
}