Add examples for the ZMQCert and ZMQAuth classes

grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and
ironhouse.php are faithful translations of Pieter Hintjens' examples of
the same names, which he originally published as part of his blog post
Using ZeroMQ Security (part 2)[0].

[0] http://hintjens.com/blog:49

Author: phuedx

examples/README

@@ -0,0 +1,6 @@
+grasslands.php, strawhouse.php, woodhouse.php, stonehouse.php, and
+ironhouse.php are faithful translations of Pieter Hintjens' examples of
+the same names, which he originally published as part of his blog post
+Using ZeroMQ Security (part 2)[0].
+
+[0] http://hintjens.com/blog:49

examples/grasslands.php

@@ -0,0 +1,22 @@
+<?php
+
+//  The Grasslands Pattern
+//
+//  The Classic ZeroMQ model, plain text with no protection at all.
+
+//  Create context
+$ctx = new ZMQContext();
+
+//  Create and bind server socket
+$server = $ctx->getSocket(ZMQ::SOCKET_PUSH);
+$server->bind('tcp://*:9000');
+
+//  Create and connect client socket
+$client = $ctx->getSocket(ZMQ::SOCKET_PULL);
+$client->connect('tcp://127.0.0.1:9000');
+
+//  Send a single message from server to client
+$server->send( 'Hello' );
+$message = $client->recv();
+assert($message === 'Hello');
+echo "Grasslands test OK\n";

examples/ironhouse.php

@@ -0,0 +1,44 @@
+<?php
+
+//  The Ironhouse Pattern
+//
+//  Security doesn't get any stronger than this. An attacker is going to
+//  have to break into your systems to see data before/after encryption.
+
+// Create context and start authentication engine
+$ctx = new ZMQContext();
+$auth = new ZMQAuth($ctx);
+$auth->allow('127.0.0.1');
+
+//  Tell the authenticator how to handle CURVE requests
+$auth->configure(ZMQAuth::AUTH_TYPE_CURVE, '*', '.curve');
+
+//  We'll generate a new client certificate and save the public part
+//  in the certificate store (in practice this would be done by hand
+//  or some out-of-band process).
+$clientCert = new ZMQCert();
+mkdir('.curve');
+$clientCert->setMeta('name', 'Client test certificate');
+$clientCert->savePublic('.curve/testcert.pub');
+
+// Prepare the server certificate as we did in Stonehouse
+$serverCert = new ZMQCert();
+$serverKey = $serverCert->getPublicTxt();
+
+//  Create and bind server socket
+$server = $ctx->getSocket(ZMQ::SOCKET_PUSH);
+$serverCert->apply($server);
+$server->setSockOpt(ZMQ::SOCKOPT_CURVE_SERVER, true);
+$server->bind('tcp://127.0.0.1:9000');
+
+//  Create and connect client socket
+$client = $ctx->getSocket(ZMQ::SOCKET_PULL);
+$clientCert->apply($client);
+$client->setSockOpt(ZMQ::SOCKOPT_CURVE_SERVERKEY, $serverKey);
+$client->connect('tcp://127.0.0.1:9000');
+
+//  Send a single message from server to client
+$server->send('Hello');
+$message = $client->recv();
+assert($message === 'Hello');
+echo "Ironhouse test OK\n";

examples/passwords

@@ -0,0 +1,3 @@
+guest=guest
+tourist=1234
+admin=secret

examples/stonehouse.php

@@ -0,0 +1,40 @@
+<?php
+
+//  The Stonehouse Pattern
+//
+//  Where we allow any clients to connect, but we promise clients
+//  that we are who we claim to be, and our conversations won't be
+//  tampered with or modified, or spied on.
+
+//  Create context and start authentication engine
+$ctx = new ZMQContext();
+$auth = new ZMQAuth($ctx);
+$auth->allow('127.0.0.1');
+
+//  Tell the authenticator how to handle CURVE requests
+$auth->configure(ZMQAuth::AUTH_TYPE_CURVE, '*', ZMQ::CURVE_ALLOW_ANY);
+
+//  We need two certificates, one for the client and one for
+//  the server. The client must know the server's public key
+//  to make a CURVE connection.
+$clientCert = new ZMQCert();
+$serverCert = new ZMQCert();
+$serverKey = $serverCert->getPublicTxt();
+
+//  Create and bind server socket
+$server = $ctx->getSocket(ZMQ::SOCKET_PUSH);
+$serverCert->apply($server);
+$server->setSockOpt(ZMQ::SOCKOPT_CURVE_SERVER, true);
+$server->bind('tcp://*:9000');
+
+//  Create and connect client socket
+$client = $ctx->getSocket(ZMQ::SOCKET_PULL);
+$clientCert->apply($client);
+$client->setSockOpt(ZMQ::SOCKOPT_CURVE_SERVERKEY, $serverKey);
+$client->connect('tcp://127.0.0.1:9000');
+
+//  Send a single message from server to client
+$server->send('Hello');
+$message = $client->recv();
+assert($message === 'Hello');
+echo "Stonehouse test OK\n";

examples/strawhouse.php

@@ -0,0 +1,33 @@
+<?php
+
+//  The Strawhouse Pattern
+//
+//  We allow or deny clients according to their IP address. It may keep
+//  spammers and itiots away, but won't stop a real attacker for more
+//  than a heartbeat.
+
+//  Create context
+$ctx = new ZMQContext();
+
+//  Start an authentication engine for this context. This engine
+//  allows or denies incoming connections (talking to the libzmq
+//  core over a protocol called ZAP).
+$auth = new ZMQAuth($ctx);
+
+//  Whitelist our address; any other address will be rejected
+$auth->allow('127.0.0.1');
+
+//  Create and bind server socket
+$server = $ctx->getSocket(ZMQ::SOCKET_PUSH);
+$server->setSockOpt(ZMQ::SOCKOPT_ZAP_DOMAIN, 'global');
+$server->bind('tcp://*:9000');
+
+//  Create and connect client socket
+$client = $ctx->getSocket(ZMQ::SOCKET_PULL);
+$client->connect('tcp://127.0.0.1:9000');
+
+//  Send a single message from server to client
+$server->send('Hello');
+$message = $client->recv();
+assert($message === 'Hello');
+echo "Strawhouse test OK\n";

examples/woodhouse.php

@@ -0,0 +1,31 @@
+<?php
+
+//  The Woodhouse Pattern
+//
+//  It may keep some malicious people out but all it takes is a bit
+//  of network sniffing, and they'll be able to fake their way in.
+
+//  Create context and start authentication engine
+$ctx = new ZMQContext();
+$auth = new ZMQAuth($ctx);
+$auth->allow('127.0.0.1');
+
+//  Tell the authenticator how to handle PLAIN requests
+$auth->configure(ZMQAuth::AUTH_TYPE_PLAIN, '*', __DIR__ . '/passwords');
+
+//  Create and bind server socket
+$server = $ctx->getSocket(ZMQ::SOCKET_PUSH);
+$server->setSockOpt(ZMQ::SOCKOPT_PLAIN_SERVER, true);
+$server->bind('tcp://*:9000');
+
+//  Create and connect client socket
+$client = $ctx->getSocket(ZMQ::SOCKET_PULL);
+$client->setSockOpt(ZMQ::SOCKOPT_PLAIN_USERNAME, 'admin');
+$client->setSockOpt(ZMQ::SOCKOPT_PLAIN_PASSWORD, 'secret');
+$client->connect('tcp://127.0.0.1:9000');
+
+//  Send a single message from server to client
+$server->send('Hello');
+$message = $client->recv();
+assert($message === 'Hello');
+echo "Woodhouse test OK\n";