1 files changed, 107 insertions, 1 deletions
diff --git a/doc/examples/credentials.h b/doc/examples/credentials.h
index 8a0d47911..65d34aeee 100644
--- a/doc/examples/credentials.h
+++ b/doc/examples/credentials.h
@@ -6,6 +6,8 @@
 #include <botan/x509self.h>
 #include <botan/rsa.h>
 #include <botan/dsa.h>
+#include <botan/srp6.h>
+#include <botan/srp6_files.h>
 #include <botan/ecdsa.h>
 #include <iostream>
 #include <fstream>
@@ -25,6 +27,104 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
    public:
       Credentials_Manager_Simple(Botan::RandomNumberGenerator& rng) : rng(rng) {}
 
+      std::string srp_identifier(const std::string& type,
+                                 const std::string& hostname)
+         {
+         if(type == "tls-client" && hostname == "srp-host")
+            return "user";
+         return "";
+         }
+
+      bool attempt_srp(const std::string& type,
+                       const std::string& hostname)
+         {
+         if(hostname == "srp-host")
+            return true;
+         return false;
+         }
+
+      std::vector<Botan::X509_Certificate>
+      trusted_certificate_authorities(const std::string& type,
+                                      const std::string& hostname)
+         {
+
+         std::vector<Botan::X509_Certificate> certs;
+
+         try
+            {
+            Botan::X509_Certificate testca("testCA.crt");
+            certs.push_back(testca);
+            }
+
+         if(type == "tls-client" && hostname == "twitter.com")
+            {
+            Botan::X509_Certificate verisign("/usr/share/ca-certificates/mozilla/VeriSign_Class_3_Public_Primary_Certification_Authority_-_G5.crt");
+            certs.push_back(verisign);
+            }
+
+         return certs;
+         }
+
+      void verify_certificate_chain(
+         const std::string& type,
+         const std::string& purported_hostname,
+         const std::vector<Botan::X509_Certificate>& cert_chain)
+         {
+         try
+            {
+            Botan::Credentials_Manager::verify_certificate_chain(type,
+                                                                 purported_hostname,
+                                                                 cert_chain);
+            }
+         catch(std::exception& e)
+            {
+            std::cout << "Certificate verification failed - " << e.what() << " - but will ignore\n";
+            }
+         }
+
+      std::string srp_password(const std::string& type,
+                               const std::string& hostname,
+                               const std::string& identifier)
+         {
+         if(type == "tls-client" && hostname == "localhost" && identifier == "user")
+            return "password";
+
+         return "";
+         }
+
+      bool srp_verifier(const std::string& type,
+                        const std::string& context,
+                        const std::string& identifier,
+                        std::string& group_id,
+                        Botan::BigInt& verifier,
+                        Botan::MemoryRegion<Botan::byte>& salt,
+                        bool generate_fake_on_unknown)
+         {
+
+         std::string pass = srp_password("tls-client", context, identifier);
+         if(pass == "")
+            {
+            if(!generate_fake_on_unknown)
+               return false;
+
+            pass.resize(16);
+            Botan::global_state().global_rng().randomize((Botan::byte*)&pass[0], pass.size());
+            }
+
+         group_id = "modp/srp/2048";
+
+         salt.resize(16);
+         Botan::global_state().global_rng().randomize(&salt[0], salt.size());
+
+         verifier = Botan::generate_srp6_verifier(identifier,
+                                                  pass,
+                                                  salt,
+                                                  group_id,
+                                                  "SHA-1");
+
+         return true;
+         }
+
       std::string psk_identity_hint(const std::string&,
                                     const std::string&)
          {
@@ -34,6 +134,7 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
       std::string psk_identity(const std::string&, const std::string&,
                                const std::string& identity_hint)
          {
+         //return "lloyd";
          return "Client_identity";
          }
 
@@ -49,6 +150,8 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
 
          if(identity == "Client_identity")
             return Botan::SymmetricKey("b5a72e1387552e6dc10766dc0eda12961f5b21e17f98ef4c41e6572e53bd7527");
+         if(identity == "lloyd")
+            return Botan::SymmetricKey("85b3c1b7dc62b507636ac767999c9630");
 
          throw Botan::Internal_Error("No PSK set for " + identity);
          }
@@ -86,7 +189,7 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
          opts.email = "root@" + hostname;
          opts.dns = hostname;
 
-         std::unique_ptr<Private_Key> key;
+         std::auto_ptr<Private_Key> key;
          if(key_type == "rsa")
             key.reset(new RSA_PrivateKey(rng, 1024));
          else if(key_type == "dsa")
@@ -129,6 +232,9 @@ class Credentials_Manager_Simple : public Botan::Credentials_Manager
                {
                const std::string hostname = (context == "" ? "localhost" : context);
 
+               if(hostname == "nosuchname")
+                  return std::vector<Botan::X509_Certificate>();
+
                std::string key_name = "";
 
                if(value_exists(cert_key_types, "RSA"))