openssl/src/x509/store.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53

use ffi;
use std::mem;

use {cvt, cvt_p};
use error::ErrorStack;
use types::OpenSslTypeRef;
use x509::X509;

type_!(X509StoreBuilder, X509StoreBuilderRef, ffi::X509_STORE, ffi::X509_STORE_free);

impl X509StoreBuilder {
    /// Returns a builder for a certificate store.
    ///
    /// The store is initially empty.
    pub fn new() -> Result<X509StoreBuilder, ErrorStack> {
        unsafe {
            ffi::init();

            cvt_p(ffi::X509_STORE_new()).map(X509StoreBuilder)
        }
    }

    /// Constructs the `X509Store`.
    pub fn build(self) -> X509Store {
        let store = X509Store(self.0);
        mem::forget(self);
        store
    }
}

impl X509StoreBuilderRef {
    /// Adds a certificate to the certificate store.
    pub fn add_cert(&mut self, cert: X509) -> Result<(), ErrorStack> {
        unsafe {
            let ptr = cert.as_ptr();
            mem::forget(cert); // the cert will be freed inside of X509_STORE_add_cert on error
            cvt(ffi::X509_STORE_add_cert(self.as_ptr(), ptr)).map(|_| ())
        }
    }

    /// Load certificates from their default locations.
    ///
    /// These locations are read from the `SSL_CERT_FILE` and `SSL_CERT_DIR`
    /// environment variables if present, or defaults specified at OpenSSL
    /// build time otherwise.
    pub fn set_default_paths(&mut self) -> Result<(), ErrorStack> {
        unsafe {
            cvt(ffi::X509_STORE_set_default_paths(self.as_ptr())).map(|_| ())
        }
    }
}

type_!(X509Store, X509StoreRef, ffi::X509_STORE, ffi::X509_STORE_free);