TLSCredentialsManager

Interface for a credentials manager.

A type is a fairly static value that represents the general nature of the transaction occuring. Currently used values are "tls-client" and "tls-server". Context represents a hostname, email address, username, or other identifier.

Members

Functions

attemptSrp
bool attemptSrp(string type, string context)
certChain
Vector!X509Certificate certChain(Vector!string cert_key_types, string type, string context)
Vector!X509Certificate certChain(T cert_key_types, string type, string context)

Return a cert chain we can use, ordered from leaf to root, or else an empty vector.

certChainSingleType
Vector!X509Certificate certChainSingleType(string cert_key_type, string type, string context)

Return a cert chain we can use, ordered from leaf to root, or else an empty vector.

privateKeyFor
PrivateKey privateKeyFor(X509Certificate cert, string type, string context)
psk
SymmetricKey psk(string type, string context, string identity)
pskIdentity
string pskIdentity(string type, string context, string identity_hint)
pskIdentityHint
string pskIdentityHint(string type, string context)
srpIdentifier
string srpIdentifier(string type, string context)
srpPassword
string srpPassword(string type, string context, string identifier)
srpVerifier
bool srpVerifier(string type, string context, string identifier, string group_name, BigInt verifier, Vector!ubyte salt, bool generate_fake_on_unknown)

Retrieve SRP verifier parameters

trustedCertificateAuthorities
Vector!CertificateStore trustedCertificateAuthorities(string type, string context)

Return a list of the certificates of CAs that we trust in this type/context.

verifyCertificateChain
void verifyCertificateChain(string type, string purported_hostname, Vector!X509Certificate cert_chain)

Check the certificate chain is valid up to a trusted root, and optionally (if hostname != "") that the hostname given is consistent with the leaf certificate.

Meta