Botan  2.4.0
Crypto and TLS for C++11
Public Member Functions | List of all members
Botan::Credentials_Manager Class Reference

#include <credentials_manager.h>

Public Member Functions

virtual bool attempt_srp (const std::string &type, const std::string &context)
 
virtual std::vector< X509_Certificatecert_chain (const std::vector< std::string > &cert_key_types, const std::string &type, const std::string &context)
 
std::vector< X509_Certificatecert_chain_single_type (const std::string &cert_key_type, const std::string &type, const std::string &context)
 
virtual Private_Keyprivate_key_for (const X509_Certificate &cert, const std::string &type, const std::string &context)
 
virtual SymmetricKey psk (const std::string &type, const std::string &context, const std::string &identity)
 
virtual std::string psk_identity (const std::string &type, const std::string &context, const std::string &identity_hint)
 
virtual std::string psk_identity_hint (const std::string &type, const std::string &context)
 
virtual std::string srp_identifier (const std::string &type, const std::string &context)
 
virtual std::string srp_password (const std::string &type, const std::string &context, const std::string &identifier)
 
virtual bool srp_verifier (const std::string &type, const std::string &context, const std::string &identifier, std::string &group_name, BigInt &verifier, std::vector< uint8_t > &salt, bool generate_fake_on_unknown)
 
virtual std::vector< Certificate_Store * > trusted_certificate_authorities (const std::string &type, const std::string &context)
 
virtual ~Credentials_Manager ()=default
 

Detailed Description

Interface for a credentials manager.

A type is a fairly static value that represents the general nature of the transaction occurring. Currently used values are "tls-client" and "tls-server". Context represents a hostname, email address, username, or other identifier.

Definition at line 29 of file credentials_manager.h.

Constructor & Destructor Documentation

◆ ~Credentials_Manager()

virtual Botan::Credentials_Manager::~Credentials_Manager ( )
virtualdefault

Member Function Documentation

◆ attempt_srp()

bool Botan::Credentials_Manager::attempt_srp ( const std::string &  type,
const std::string &  context 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
Returns
true if we should attempt SRP authentication

Definition at line 32 of file credentials_manager.cpp.

34  {
35  return false;
36  }

◆ cert_chain()

std::vector< X509_Certificate > Botan::Credentials_Manager::cert_chain ( const std::vector< std::string > &  cert_key_types,
const std::string &  type,
const std::string &  context 
)
virtual

Return a cert chain we can use, ordered from leaf to root, or else an empty vector.

It is assumed that the caller can get the private key of the leaf with private_key_for

Parameters
cert_key_typesspecifies the key types desired ("RSA", "DSA", "ECDSA", etc), or empty if there is no preference by the caller.
typespecifies the type of operation occurring
contextspecifies a context relative to type.

Definition at line 62 of file credentials_manager.cpp.

Referenced by cert_chain_single_type(), and Botan::TLS::Client::Client().

66  {
67  return std::vector<X509_Certificate>();
68  }

◆ cert_chain_single_type()

std::vector< X509_Certificate > Botan::Credentials_Manager::cert_chain_single_type ( const std::string &  cert_key_type,
const std::string &  type,
const std::string &  context 
)

Return a cert chain we can use, ordered from leaf to root, or else an empty vector.

It is assumed that the caller can get the private key of the leaf with private_key_for

Parameters
cert_key_typespecifies the type of key requested ("RSA", "DSA", "ECDSA", etc)
typespecifies the type of operation occurring
contextspecifies a context relative to type.

Definition at line 70 of file credentials_manager.cpp.

References cert_chain().

74  {
75  std::vector<std::string> cert_types;
76  cert_types.push_back(cert_key_type);
77  return cert_chain(cert_types, type, context);
78  }
MechanismType type
virtual std::vector< X509_Certificate > cert_chain(const std::vector< std::string > &cert_key_types, const std::string &type, const std::string &context)

◆ private_key_for()

Private_Key * Botan::Credentials_Manager::private_key_for ( const X509_Certificate cert,
const std::string &  type,
const std::string &  context 
)
virtual
Returns
private key associated with this certificate if we should use it with this context. cert was returned by cert_chain
Note
this object should retain ownership of the returned key; it should not be deleted by the caller.

Definition at line 80 of file credentials_manager.cpp.

Referenced by Botan::TLS::Server::Server().

83  {
84  return nullptr;
85  }

◆ psk()

SymmetricKey Botan::Credentials_Manager::psk ( const std::string &  type,
const std::string &  context,
const std::string &  identity 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
identityis a PSK identity previously returned by psk_identity for the same type and context.
Returns
the PSK used for identity, or throw an exception if no key exists

Definition at line 25 of file credentials_manager.cpp.

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange(), and Botan::TLS::Server::Server().

28  {
29  throw Internal_Error("No PSK set for identity " + identity);
30  }

◆ psk_identity()

std::string Botan::Credentials_Manager::psk_identity ( const std::string &  type,
const std::string &  context,
const std::string &  identity_hint 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
identity_hintwas passed by the server (but may be empty)
Returns
the PSK identity we want to use

Definition at line 18 of file credentials_manager.cpp.

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

21  {
22  return "";
23  }

◆ psk_identity_hint()

std::string Botan::Credentials_Manager::psk_identity_hint ( const std::string &  type,
const std::string &  context 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
Returns
the PSK identity hint for this type/context

Definition at line 12 of file credentials_manager.cpp.

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

14  {
15  return "";
16  }

◆ srp_identifier()

std::string Botan::Credentials_Manager::srp_identifier ( const std::string &  type,
const std::string &  context 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
Returns
identifier for client-side SRP auth, if available for this type/context. Should return empty string if password auth not desired/available.

Definition at line 38 of file credentials_manager.cpp.

Referenced by Botan::TLS::Client::Client(), and Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

40  {
41  return "";
42  }

◆ srp_password()

std::string Botan::Credentials_Manager::srp_password ( const std::string &  type,
const std::string &  context,
const std::string &  identifier 
)
virtual
Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type.
identifierspecifies what identifier we want the password for. This will be a value previously returned by srp_identifier.
Returns
password for client-side SRP auth, if available for this identifier/type/context.

Definition at line 44 of file credentials_manager.cpp.

Referenced by Botan::TLS::Client_Key_Exchange::Client_Key_Exchange().

47  {
48  return "";
49  }

◆ srp_verifier()

bool Botan::Credentials_Manager::srp_verifier ( const std::string &  type,
const std::string &  context,
const std::string &  identifier,
std::string &  group_name,
BigInt verifier,
std::vector< uint8_t > &  salt,
bool  generate_fake_on_unknown 
)
virtual

Retrieve SRP verifier parameters

Definition at line 51 of file credentials_manager.cpp.

Referenced by Botan::TLS::Server_Key_Exchange::Server_Key_Exchange().

58  {
59  return false;
60  }

◆ trusted_certificate_authorities()

std::vector< Certificate_Store * > Botan::Credentials_Manager::trusted_certificate_authorities ( const std::string &  type,
const std::string &  context 
)
virtual

Return a list of the certificates of CAs that we trust in this type/context.

Parameters
typespecifies the type of operation occurring
contextspecifies a context relative to type. For instance for type "tls-client", context specifies the servers name.

Definition at line 88 of file credentials_manager.cpp.

Referenced by Botan::TLS::Client::Client(), and Botan::TLS::Server::Server().

91  {
92  return std::vector<Certificate_Store*>();
93  }

The documentation for this class was generated from the following files: