Add Credentials_Manager which is an interface to something that knows

what certs, keys, etc are available to the app. Needs polishing but it seems like it should be sound.
author: lloyd <[email protected]> 2012-01-03 14:18:03 +0000
committer: lloyd <[email protected]> 2012-01-03 14:18:03 +0000
commit: 5c00cc7305718fe209757142f7a43b711cccd8f9 (patch)
tree: 560b225a66b06682d16182c5f0c57988242c8d48 /src/credentials
parent: 52868a93300a3b7e8666c49ccc786e6dba66438e (diff)
3 files changed, 130 insertions, 0 deletions
diff --git a/src/credentials/credentials_manager.cpp b/src/credentials/credentials_manager.cpp
new file mode 100644
index 000000000..46d9e300c
--- /dev/null
+++ b/src/credentials/credentials_manager.cpp
@@ -0,0 +1,51 @@
+/*
+* Credentials Manager
+* (C) 2011,2012 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#include <botan/credentials_manager.h>
+
+namespace Botan {
+
+std::string Credentials_Manager::srp_identifier(const std::string& type,
+                                                const std::string& context)
+   {
+   return "";
+   }
+
+std::string Credentials_Manager::srp_password(const std::string& identifier,
+                                              const std::string& type,
+                                              const std::string& context)
+   {
+   return "";
+   }
+
+bool Credentials_Manager::srp_verifier(const std::string& identifier,
+                                       const std::string& type,
+                                       const std::string& context,
+                                       BigInt& group_prime,
+                                       BigInt& group_generator,
+                                       BigInt& verifier,
+                                       MemoryRegion<byte>& salt)
+   {
+   return false;
+   }
+
+std::vector<X509_Certificate> Credentials_Manager::cert_chain(
+   const std::string& cert_key_type,
+   const std::string& type,
+   const std::string& context)
+   {
+   return std::vector<X509_Certificate>();
+   }
+
+Private_Key* Credentials_Manager::private_key_for(const X509_Certificate& cert,
+                                                  const std::string& type,
+                                                  const std::string& context)
+   {
+   return 0;
+   }
+
+}
diff --git a/src/credentials/credentials_manager.h b/src/credentials/credentials_manager.h
new file mode 100644
index 000000000..a54b2ec31
--- /dev/null
+++ b/src/credentials/credentials_manager.h
@@ -0,0 +1,78 @@
+/*
+* Credentials Manager
+* (C) 2011,2012 Jack Lloyd
+*
+* Distributed under the terms of the Botan license
+*/
+
+#ifndef BOTAN_CREDENTIALS_MANAGER_H__
+#define BOTAN_CREDENTIALS_MANAGER_H__
+
+#include <botan/x509cert.h>
+#include <botan/secmem.h>
+#include <string>
+
+namespace Botan {
+
+class BigInt;
+
+/**
+* Interface for a credentials manager.
+*
+* A type is a fairly static value that represents the general nature
+* of the transaction occuring. Currently defined are "tls-client" and
+* "tls-server". Context represents a hostname, email address,
+* username, or other identifier.
+*/
+class BOTAN_DLL Credentials_Manager
+   {
+   public:
+      virtual ~Credentials_Manager() {}
+
+      /**
+      * @return identifier for client-side SRP auth, if available
+                for this type/context
+      */
+      virtual std::string srp_identifier(const std::string& type,
+                                         const std::string& context);
+
+      /**
+      * @return password for client-side SRP auth, if available
+                for this identifier/type/context
+      */
+      virtual std::string srp_password(const std::string& identifier,
+                                       const std::string& type,
+                                       const std::string& context);
+
+      /**
+      * @todo add option for faking verifier if identifier is unknown
+      */
+      virtual bool srp_verifier(const std::string& identifier,
+                                const std::string& type,
+                                const std::string& context,
+                                BigInt& group_prime,
+                                BigInt& group_generator,
+                                BigInt& verifier,
+                                MemoryRegion<byte>& salt);
+
+      /**
+      * @param cert_key_type is a string representing the key type
+      * ("RSA", "DSA", "ECDSA") or empty if no preference.
+      */
+      virtual std::vector<X509_Certificate> cert_chain(
+         const std::string& cert_key_type,
+         const std::string& type,
+         const std::string& context);
+
+      /**
+      * @return private key associated with this certificate if we should
+      *         use it with this context
+      */
+      virtual Private_Key* private_key_for(const X509_Certificate& cert,
+                                           const std::string& type,
+                                           const std::string& context);
+   };
+
+}
+
+#endif
diff --git a/src/credentials/info.txt b/src/credentials/info.txt
new file mode 100644
index 000000000..f6dcdd64d
--- /dev/null
+++ b/src/credentials/info.txt
@@ -0,0 +1 @@
+define CREDENTIALS_MANAGER
author	lloyd <[email protected]>	2012-01-03 14:18:03 +0000
committer	lloyd <[email protected]>	2012-01-03 14:18:03 +0000
commit	5c00cc7305718fe209757142f7a43b711cccd8f9 (patch)
tree	560b225a66b06682d16182c5f0c57988242c8d48 /src/credentials
parent	52868a93300a3b7e8666c49ccc786e6dba66438e (diff)