add the hifi root CA trusted cert to source

libraries/shared/src/DTLSClientSession.cpp

@@ -16,6 +16,8 @@ void DTLSClientSession::globalInit() {
     if (!initialized) {
         gnutls_global_init();
         gnutls_certificate_allocate_credentials(&_x509CACredentials);
+        int certsProcessed = gnutls_certificate_set_x509_trust_mem(_x509CACredentials, DTLSSession::highFidelityCADatum(), GNUTLS_X509_FMT_PEM);
+        qDebug() << "There were" << certsProcessed;
     }
 }
 

libraries/shared/src/DTLSSession.cpp

@@ -70,6 +70,43 @@ ssize_t DTLSSession::socketPull(gnutls_transport_ptr_t ptr, void* buffer, size_t
     return -1;
 }
 
+gnutls_datum_t* DTLSSession::highFidelityCADatum() {
+    static gnutls_datum_t hifiCADatum;
+    static bool datumInitialized = false;
+    
+    static unsigned char HIGHFIDELITY_ROOT_CA_CERT[] =
+        "-----BEGIN CERTIFICATE-----"
+        "MIID6TCCA1KgAwIBAgIJANlfRkRD9A8bMA0GCSqGSIb3DQEBBQUAMIGqMQswCQYD\n"
+        "VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5j\n"
+        "aXNjbzEbMBkGA1UEChMSSGlnaCBGaWRlbGl0eSwgSW5jMRMwEQYDVQQLEwpPcGVy\n"
+        "YXRpb25zMRgwFgYDVQQDEw9oaWdoZmlkZWxpdHkuaW8xIjAgBgkqhkiG9w0BCQEW\n"
+        "E29wc0BoaWdoZmlkZWxpdHkuaW8wHhcNMTQwMzI4MjIzMzM1WhcNMjQwMzI1MjIz\n"
+        "MzM1WjCBqjELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNV\n"
+        "BAcTDVNhbiBGcmFuY2lzY28xGzAZBgNVBAoTEkhpZ2ggRmlkZWxpdHksIEluYzET\n"
+        "MBEGA1UECxMKT3BlcmF0aW9uczEYMBYGA1UEAxMPaGlnaGZpZGVsaXR5LmlvMSIw\n"
+        "IAYJKoZIhvcNAQkBFhNvcHNAaGlnaGZpZGVsaXR5LmlvMIGfMA0GCSqGSIb3DQEB\n"
+        "AQUAA4GNADCBiQKBgQDyo1euYiPPEdnvDZnIjWrrP230qUKMSj8SWoIkbTJF2hE8\n"
+        "2eP3YOgbgSGBzZ8EJBxIOuNmj9g9Eg6691hIKFqy5W0BXO38P04Gg+pVBvpHFGBi\n"
+        "wpqGbfsjaUDuYmBeJRcMO0XYkLCRQG+lAQNHoFDdItWAJfC3FwtP3OCDnz8cNwID\n"
+        "AQABo4IBEzCCAQ8wHQYDVR0OBBYEFCSv2kmiGg6VFMnxXzLDNP304cPAMIHfBgNV\n"
+        "HSMEgdcwgdSAFCSv2kmiGg6VFMnxXzLDNP304cPAoYGwpIGtMIGqMQswCQYDVQQG\n"
+        "EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNj\n"
+        "bzEbMBkGA1UEChMSSGlnaCBGaWRlbGl0eSwgSW5jMRMwEQYDVQQLEwpPcGVyYXRp\n"
+        "b25zMRgwFgYDVQQDEw9oaWdoZmlkZWxpdHkuaW8xIjAgBgkqhkiG9w0BCQEWE29w\n"
+        "c0BoaWdoZmlkZWxpdHkuaW+CCQDZX0ZEQ/QPGzAMBgNVHRMEBTADAQH/MA0GCSqG\n"
+        "SIb3DQEBBQUAA4GBAEkQl3p+lH5vuoCNgyfa67nL0MsBEt+5RSBOgjwCjjASjzou\n"
+        "FTv5w0he2OypgMQb8i/BYtS1lJSFqjPJcSM1Salzrm3xDOK5pOXJ7h6SQLPDVEyf\n"
+        "Hy2/9d/to+99+SOUlvfzfgycgjOc+s/AV7Y+GBd7uzGxUdrN4egCZW1F6/mH\n"
+        "-----END CERTIFICATE-----";
+    
+    if (!datumInitialized) {
+        hifiCADatum.data = HIGHFIDELITY_ROOT_CA_CERT;
+        hifiCADatum.size = sizeof(HIGHFIDELITY_ROOT_CA_CERT);
+    }
+    
+    return &hifiCADatum;
+}
+
 DTLSSession::DTLSSession(int end, QUdpSocket& dtlsSocket, HifiSockAddr& destinationSocket) :
     DummyDTLSSession(dtlsSocket, destinationSocket),
     _completedHandshake(false)

libraries/shared/src/DTLSSession.h

@@ -25,6 +25,8 @@ public:
     static int socketPullTimeout(gnutls_transport_ptr_t ptr, unsigned int ms);
     static ssize_t socketPull(gnutls_transport_ptr_t ptr, void* buffer, size_t size);
     
+    static gnutls_datum_t* highFidelityCADatum();
+    
     qint64 writeDatagram(const QByteArray& datagram);
     
     gnutls_session_t* getGnuTLSSession() { return &_gnutlsSession; }