SensESP 3.4.1-alpha
Universal Signal K sensor toolkit ESP32
Loading...
Searching...
No Matches
signalk_tofu.h
Go to the documentation of this file.
1#ifndef SENSESP_SRC_SENSESP_SIGNALK_SIGNALK_TOFU_H_
2#define SENSESP_SRC_SENSESP_SIGNALK_SIGNALK_TOFU_H_
3
4namespace sensesp {
5
20
41inline TofuCaptureDecision tofu_decide_capture(bool has_leaf_anchor,
42 bool leaf_matches_anchor,
43 bool ca_present,
44 bool leaf_has_identity) {
45 if (!has_leaf_anchor) {
46 const bool ca_usable = ca_present && leaf_has_identity;
47 return ca_usable ? TofuCaptureDecision::kCaptureCa
49 }
50 return leaf_matches_anchor ? TofuCaptureDecision::kAccept
52}
53
54} // namespace sensesp
55
56#endif // SENSESP_SRC_SENSESP_SIGNALK_SIGNALK_TOFU_H_
TofuCaptureDecision tofu_decide_capture(bool has_leaf_anchor, bool leaf_matches_anchor, bool ca_present, bool leaf_has_identity)
TofuCaptureDecision
Capture-mode decision for TOFU certificate pinning.
@ kCaptureLeaf
first use, no usable CA in the chain: pin the leaf
@ kAccept
leaf matches the stored fingerprint; nothing to capture
@ kCaptureCa
first use, usable CA present: pin the CA
@ kReject
leaf does not match the stored fingerprint