Merge f4a679c into 75dbe54

tlslite/handshakesettings.py

@@ -49,6 +49,57 @@
 PSK_MODES = ["psk_dhe_ke", "psk_ke"]
 
 
+class Keypair(object):
+    """
+    Key, certificate and related data.
+
+    Stores also certificate associate data like OCSPs and transparency info.
+    TODO: add the above
+
+    First certificate in certificates needs to match key, remaining should
+    build a trust path to a root CA.
+    """
+    def __init__(self, key=None, certificates=tuple()):
+        self.key = key
+        self.certificates = certificates
+
+
+class VirtualHost(object):
+    """
+    Configuration of keys and certs for a single virual server.
+
+    This class encapsulates keys and certificates for hosts specified by
+    server_name (SNI) and ALPN extensions.
+
+    :vartype keys: list of :ref:`~Keypair`
+    :ivar keys: List of certificates and keys to be used in this
+        virtual host. First keypair able to server ClientHello will be used.
+
+    :vartype hostnames: set of bytes
+    :ivar hostnames: all the hostnames that server supports
+        please use :ref:`matches_hostname` to verify if the VirtualHost
+        can serve a request to a given hostname as that allows wildcard hosts
+        that always reply True.
+
+    :vartype trust_anchors: list of X509
+    :ivar trust_anchors: list of CA certificates supported for client
+        certificate authentication, sent in CertificateRequest
+
+    :ivar app_protocols: all the application protocols that the server supports
+    """
+
+    def __init__(self):
+        """Set up default configuration."""
+        self.keys = []
+        self.hostnames = set()
+        self.trust_anchors = []
+        self.app_protocols = set()
+
+    def matches_hostname(self, hostname):
+        """Checks if the virtual host can serv hostname"""
+        return hostname in self.hostnames
+
+
 class HandshakeSettings(object):
     """
     This class encapsulates various parameters that can be used with