ddn.net.tls.truststore

Trust store implementation for managing trusted CA certificates.

Stores trusted CA certificates in memory for use during TLS certificate chain verification.

class NativeTlsTrustStore

Types 1

classNativeTlsTrustStore : TlsTrustStore

In-memory trust store for CA certificates.

Certificates can be added individually, from PEM data, or from DER data. The system CA certificate store can also be loaded.

Fields
TlsCertificate[] certs_
Methods
void addCertificate(TlsCertificate cert)Adds a trusted CA certificate.
void addFromPem(const(char)[] pemData)Adds certificates from PEM-encoded data.
void addFromDer(const(ubyte)[] derData)Adds a certificate from DER-encoded data.
void loadSystemCerts()Loads the system's default trusted CA certificates.
size_t length() @property constReturns: The number of trusted certificates.
const(TlsCertificate[]) certificates() @property constReturns: All trusted certificates.
NativeTlsCertificate parseDerCertificate(const(ubyte)[] derData)Attempts to parse a DER-encoded X.509 certificate into a NativeTlsCertificate. Returns null if parsing fails.
private string[] parseSanExtension(const(ubyte)[] extValue)
private void parseBasicConstraints(const(ubyte)[] extValue, out bool isCa, out int pathLen)
private string digestToFingerprint(const(ubyte)[] digest)