aboutsummaryrefslogtreecommitdiffstats
path: root/src/credentials
diff options
context:
space:
mode:
authorlloyd <[email protected]>2012-03-23 13:37:34 +0000
committerlloyd <[email protected]>2012-03-23 13:37:34 +0000
commitbd92af1b7fff3943703f2422836db84ba71f4e44 (patch)
tree2f3c7116e66e6dc2b7e486e2a571f872c6922366 /src/credentials
parentafcd29c599e1e27b674df4f630a665c095b0ff44 (diff)
Add a special hook in credentials manager for the session ticket key,
with a default implementation that creates a new random key on the first call.
Diffstat (limited to 'src/credentials')
-rw-r--r--src/credentials/credentials_manager.cpp8
-rw-r--r--src/credentials/credentials_manager.h8
2 files changed, 16 insertions, 0 deletions
diff --git a/src/credentials/credentials_manager.cpp b/src/credentials/credentials_manager.cpp
index ef5d44819..a70d8d660 100644
--- a/src/credentials/credentials_manager.cpp
+++ b/src/credentials/credentials_manager.cpp
@@ -7,6 +7,7 @@
#include <botan/credentials_manager.h>
#include <botan/x509stor.h>
+#include <botan/libstate.h>
namespace Botan {
@@ -30,6 +31,13 @@ SymmetricKey Credentials_Manager::psk(const std::string&,
throw Internal_Error("No PSK set for identity " + identity);
}
+const SymmetricKey& Credentials_Manager::session_ticket_key()
+ {
+ if(m_session_ticket_key.length() == 0)
+ m_session_ticket_key = SymmetricKey(global_state().global_rng(), 32);
+ return m_session_ticket_key;
+ }
+
std::string Credentials_Manager::srp_identifier(const std::string&,
const std::string&)
{
diff --git a/src/credentials/credentials_manager.h b/src/credentials/credentials_manager.h
index 3994de6c6..7fcdcd6eb 100644
--- a/src/credentials/credentials_manager.h
+++ b/src/credentials/credentials_manager.h
@@ -48,6 +48,11 @@ class BOTAN_DLL Credentials_Manager
const std::string& identity);
/**
+ * @return key used to encrypt session tickets by a TLS server
+ */
+ virtual const SymmetricKey& session_ticket_key();
+
+ /**
* @return identifier for client-side SRP auth, if available
for this type/context. Should return empty string
if password auth not desired/available.
@@ -137,6 +142,9 @@ class BOTAN_DLL Credentials_Manager
virtual Private_Key* private_key_for(const X509_Certificate& cert,
const std::string& type,
const std::string& context);
+
+ private:
+ SymmetricKey m_session_ticket_key;
};
}