From 5c00cc7305718fe209757142f7a43b711cccd8f9 Mon Sep 17 00:00:00 2001 From: lloyd Date: Tue, 3 Jan 2012 14:18:03 +0000 Subject: Add Credentials_Manager which is an interface to something that knows what certs, keys, etc are available to the app. Needs polishing but it seems like it should be sound. --- doc/examples/tls_server.cpp | 66 ++++++++++++++++++++++++++++++++------------- 1 file changed, 48 insertions(+), 18 deletions(-) (limited to 'doc/examples') diff --git a/doc/examples/tls_server.cpp b/doc/examples/tls_server.cpp index d9334c47e..10f294a3f 100644 --- a/doc/examples/tls_server.cpp +++ b/doc/examples/tls_server.cpp @@ -16,6 +16,46 @@ using namespace Botan; #include #include +class Credentials_Manager_Simple : public Credentials_Manager + { + public: + Credentials_Manager_Simple(RandomNumberGenerator& rng) : rng(rng) {} + + std::vector cert_chain( + const std::string& cert_key_type, + const std::string& type, + const std::string& context) + { + const std::string hostname = (context == "" ? "localhost" : context); + + //RSA_PrivateKey key(rng, 1024); + DSA_PrivateKey key(rng, DL_Group("dsa/jce/1024")); + + X509_Cert_Options options( + hostname + "/US/Botan Library/Test Server"); + + X509_Certificate cert = + X509::create_self_signed_cert(options, key, "SHA-1", rng); + + certs_and_keys[cert] = PKCS8::copy_key(key, rng); + + std::vector certs; + certs.push_back(cert); + return certs; + } + + Private_Key* private_key_for(const X509_Certificate& cert, + const std::string& type, + const std::string& context) + { + return certs_and_keys[cert]; + } + + private: + RandomNumberGenerator& rng; + std::map certs_and_keys; + }; + void handshake_complete(const TLS_Session& session) { printf("Handshake complete, protocol=%04X ciphersuite=%04X compression=%d\n", @@ -32,20 +72,18 @@ class Blocking_TLS_Server Blocking_TLS_Server(std::tr1::function output_fn, std::tr1::function input_fn, TLS_Session_Manager& sessions, + Credentials_Manager& creds, TLS_Policy& policy, - RandomNumberGenerator& rng, - const X509_Certificate& cert, - const Private_Key& key) : + RandomNumberGenerator& rng) : input_fn(input_fn), server( output_fn, std::tr1::bind(&Blocking_TLS_Server::reader_fn, std::tr1::ref(*this), _1, _2, _3), handshake_complete, sessions, + creds, policy, - rng, - cert, - key), + rng), exit(false) { read_loop(); @@ -154,21 +192,14 @@ int main(int argc, char* argv[]) AutoSeeded_RNG rng; - RSA_PrivateKey key(rng, 1024); - //DSA_PrivateKey key(rng, DL_Group("dsa/jce/1024")); - - X509_Cert_Options options( - "localhost/US/Botan Library/Test Server"); - - X509_Certificate cert = - X509::create_self_signed_cert(options, key, "SHA-1", rng); - Server_Socket listener(port); Server_TLS_Policy policy; TLS_Session_Manager_In_Memory sessions; + Credentials_Manager_Simple creds(rng); + while(true) { try { @@ -182,10 +213,9 @@ int main(int argc, char* argv[]) std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2), std::tr1::bind(&Socket::read, std::tr1::ref(sock), _1, _2, true), sessions, + creds, policy, - rng, - cert, - key); + rng); const char* msg = "Welcome to the best echo server evar\n"; tls.write((const Botan::byte*)msg, strlen(msg)); -- cgit v1.2.3