MEPP2 Project
root_certificates.hpp
Go to the documentation of this file.
1 //
2 // Copyright (c) 2016-2019 Vinnie Falco (vinnie dot falco at gmail dot com)
3 //
4 // Distributed under the Boost Software License, Version 1.0. (See accompanying
5 // file LICENSE_1_0.txt or copy at http://www.boost.org/LICENSE_1_0.txt)
6 //
7 // Official repository: https://github.com/boostorg/beast
8 //
9 
10 #ifndef BOOST_BEAST_EXAMPLE_COMMON_ROOT_CERTIFICATES_HPP
11 #define BOOST_BEAST_EXAMPLE_COMMON_ROOT_CERTIFICATES_HPP
12 
13 #include <boost/asio/ssl.hpp>
14 #include <string>
15 
16 /*
17  PLEASE READ
18 
19  These root certificates here are included just to make the
20  SSL client examples work. They are NOT intended to be
21  illustrative of best-practices for performing TLS certificate
22  verification.
23 
24  A REAL program which needs to verify the authenticity of a
25  server IP address resolved from a given DNS name needs to
26  consult the operating system specific certificate store
27  to validate the chain of signatures, compare the domain name
28  properly against the domain name in the certificate, check
29  the certificate revocation list, and probably do some other
30  things.
31 
32  ALL of these operations are entirely outside the scope of
33  both Boost.Beast and Boost.Asio.
34 
35  See (work in progress):
36  https://github.com/djarek/certify
37 
38  tl;dr: root_certificates.hpp should not be used in production code
39 */
40 
41 namespace ssl = boost::asio::ssl; // from <boost/asio/ssl.hpp>
42 
43 namespace detail {
44 
45 inline
46 void
47 load_root_certificates(ssl::context& ctx, boost::system::error_code& ec)
48 {
49  std::string const cert =
50  /* This is the DigiCert Global Root CA
51 
52  CN = DigiCert High Assurance EV Root CA
53  OU = www.digicert.com
54  O = DigiCert Inc
55  C = US
56 
57  Valid to: 10 November 2031
58 
59  Serial #:
60  08:3B:E0:56:90:42:46:B1:A1:75:6A:C9:59:91:C7:4A
61 
62  SHA1 Fingerprint:
63  A8:98:5D:3A:65:E5:E5:C4:B2:D7:D6:6D:40:C6:DD:2F:B1:9C:54:36
64 
65  SHA256 Fingerprint:
66  43:48:A0:E9:44:4C:78:CB:26:5E:05:8D:5E:89:44:B4:D8:4F:96:62:BD:26:DB:25:7F:89:34:A4:43:C7:01:61
67  */
68  "-----BEGIN CERTIFICATE-----\n"
69  "MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n"
70  "MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n"
71  "d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n"
72  "QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n"
73  "MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n"
74  "b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n"
75  "9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n"
76  "CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n"
77  "nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n"
78  "43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n"
79  "T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n"
80  "gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n"
81  "BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n"
82  "TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n"
83  "DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n"
84  "hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n"
85  "06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n"
86  "PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n"
87  "YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n"
88  "CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n"
89  "-----END CERTIFICATE-----\n"
90 
91  /* This is the GeoTrust root certificate.
92 
93  CN = GeoTrust Global CA
94  O = GeoTrust Inc.
95  C = US
96  Valid to: Friday, ‎May ‎20, ‎2022 9:00:00 PM
97 
98  Thumbprint(sha1):
99  ‎de 28 f4 a4 ff e5 b9 2f a3 c5 03 d1 a3 49 a7 f9 96 2a 82 12
100  */
101  "-----BEGIN CERTIFICATE-----\n"
102  "MIIDaDCCAlCgAwIBAgIJAO8vBu8i8exWMA0GCSqGSIb3DQEBCwUAMEkxCzAJBgNV\n"
103  "BAYTAlVTMQswCQYDVQQIDAJDQTEtMCsGA1UEBwwkTG9zIEFuZ2VsZXNPPUJlYXN0\n"
104  "Q049d3d3LmV4YW1wbGUuY29tMB4XDTE3MDUwMzE4MzkxMloXDTQ0MDkxODE4Mzkx\n"
105  "MlowSTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAkNBMS0wKwYDVQQHDCRMb3MgQW5n\n"
106  "ZWxlc089QmVhc3RDTj13d3cuZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUA\n"
107  "A4IBDwAwggEKAoIBAQDJ7BRKFO8fqmsEXw8v9YOVXyrQVsVbjSSGEs4Vzs4cJgcF\n"
108  "xqGitbnLIrOgiJpRAPLy5MNcAXE1strVGfdEf7xMYSZ/4wOrxUyVw/Ltgsft8m7b\n"
109  "Fu8TsCzO6XrxpnVtWk506YZ7ToTa5UjHfBi2+pWTxbpN12UhiZNUcrRsqTFW+6fO\n"
110  "9d7xm5wlaZG8cMdg0cO1bhkz45JSl3wWKIES7t3EfKePZbNlQ5hPy7Pd5JTmdGBp\n"
111  "yY8anC8u4LPbmgW0/U31PH0rRVfGcBbZsAoQw5Tc5dnb6N2GEIbq3ehSfdDHGnrv\n"
112  "enu2tOK9Qx6GEzXh3sekZkxcgh+NlIxCNxu//Dk9AgMBAAGjUzBRMB0GA1UdDgQW\n"
113  "BBTZh0N9Ne1OD7GBGJYz4PNESHuXezAfBgNVHSMEGDAWgBTZh0N9Ne1OD7GBGJYz\n"
114  "4PNESHuXezAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCmTJVT\n"
115  "LH5Cru1vXtzb3N9dyolcVH82xFVwPewArchgq+CEkajOU9bnzCqvhM4CryBb4cUs\n"
116  "gqXWp85hAh55uBOqXb2yyESEleMCJEiVTwm/m26FdONvEGptsiCmF5Gxi0YRtn8N\n"
117  "V+KhrQaAyLrLdPYI7TrwAOisq2I1cD0mt+xgwuv/654Rl3IhOMx+fKWKJ9qLAiaE\n"
118  "fQyshjlPP9mYVxWOxqctUdQ8UnsUKKGEUcVrA08i1OAnVKlPFjKBvk+r7jpsTPcr\n"
119  "9pWXTO9JrYMML7d+XRSZA1n3856OqZDX4403+9FnXCvfcLZLLKTBvwwFgEFGpzjK\n"
120  "UEVbkhd5qstF6qWK\n"
121  "-----END CERTIFICATE-----\n";
122  ;
123 
124  ctx.add_certificate_authority(
125  boost::asio::buffer(cert.data(), cert.size()), ec);
126  if(ec)
127  return;
128 }
129 
130 } // detail
131 
132 // Load the root certificates into an ssl::context
133 
134 inline
135 void
136 load_root_certificates(ssl::context& ctx, boost::system::error_code& ec)
137 {
138  detail::load_root_certificates(ctx, ec);
139 }
140 
141 inline
142 void
143 load_root_certificates(ssl::context& ctx)
144 {
145  boost::system::error_code ec;
146  detail::load_root_certificates(ctx, ec);
147  if(ec)
148  throw boost::system::system_error{ec};
149 }
150 
151 #endif
detail
Definition: root_certificates.hpp:43
load_root_certificates
void load_root_certificates(ssl::context &ctx, boost::system::error_code &ec)
Definition: root_certificates.hpp:136
detail::load_root_certificates
void load_root_certificates(ssl::context &ctx, boost::system::error_code &ec)
Definition: root_certificates.hpp:47
Generated by doxygen 1.8.20