search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added "Since" field to new functions.
[gnutls.git] / tests / openpgp-auth.c
blob548d51188ac016d51f96cfe954f1283b9e02b652
1 /*
2 * Copyright (C) 2010-2012 Free Software Foundation, Inc.
3 * Author: Ludovic Courtès
4 *
5 * This file is part of GNUTLS.
6 *
7 * GNUTLS is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GNUTLS is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with GNUTLS; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <gnutls/gnutls.h>
27 #include <gnutls/openpgp.h>
28
29 #include "utils.h"
30 #include <read-file.h>
31
32 #include <unistd.h>
33 #include <stdlib.h>
34 #include <sys/types.h>
35 #include <sys/socket.h>
36 #if !defined(_WIN32)
37 #include <sys/wait.h>
38 #endif
39 #include <string.h>
40 #include <errno.h>
41 #include <stdio.h>
42 #if !defined(_WIN32)
43 static const char message[] = "Hello, brave GNU world!";
44
45 /* The OpenPGP key pair for use and the key ID in those keys. */
46 static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
47 static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
48 static const char *key_id = NULL;
49
50 static void
51 log_message (int level, const char *message)
52 {
53 fprintf (stderr, "[%5d|%2d] %s", getpid (), level, message);
54 }
55 \f
56
57 void
58 doit ()
59 {
60 int err, i;
61 int sockets[2];
62 const char *srcdir;
63 char pub_key_path[512], priv_key_path[512];
64 pid_t child;
65
66 gnutls_global_init ();
67
68 srcdir = getenv ("srcdir") ? getenv ("srcdir") : ".";
69
70 for (i = 0; i < 4; i++)
71 {
72
73 if (i <= 1)
74 key_id = NULL; /* try using the master key */
75 else if (i == 2)
76 key_id = "auto"; /* test auto */
77 else if (i == 3)
78 key_id = "f30fd423c143e7ba";
79
80 if (debug)
81 {
82 gnutls_global_set_log_level (5);
83 gnutls_global_set_log_function (log_message);
84 }
85
86 err = socketpair (AF_UNIX, SOCK_STREAM, 0, sockets);
87 if (err != 0)
88 fail ("socketpair %s\n", strerror (errno));
89
90 if (sizeof(pub_key_path) < strlen (srcdir) + strlen (pub_key_file) + 2)
91 abort();
92
93 strcpy (pub_key_path, srcdir);
94 strcat (pub_key_path, "/");
95 strcat (pub_key_path, pub_key_file);
96
97 if (sizeof(priv_key_path) < strlen (srcdir) + strlen (priv_key_file) + 2)
98 abort();
99
100 strcpy (priv_key_path, srcdir);
101 strcat (priv_key_path, "/");
102 strcat (priv_key_path, priv_key_file);
103
104 child = fork ();
105 if (child == -1)
106 fail ("fork %s\n", strerror (errno));
107
108 if (child == 0)
109 {
110 /* Child process (client). */
111 gnutls_session_t session;
112 gnutls_certificate_credentials_t cred;
113 ssize_t sent;
114
115 if (debug)
116 printf ("client process %i\n", getpid ());
117
118 err = gnutls_init (&session, GNUTLS_CLIENT);
119 if (err != 0)
120 fail ("client session %d\n", err);
121
122 if (i==0) /* we use the primary key which is RSA. Test the RSA ciphersuite */
123 gnutls_priority_set_direct (session,
124 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+RSA:+CTYPE-OPENPGP",
125 NULL);
126 else
127 gnutls_priority_set_direct (session,
128 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
129 NULL);
130 gnutls_transport_set_ptr (session,
131 (gnutls_transport_ptr_t) (intptr_t)
132 sockets[0]);
133
134 err = gnutls_certificate_allocate_credentials (&cred);
135 if (err != 0)
136 fail ("client credentials %d\n", err);
137
138 err =
139 gnutls_certificate_set_openpgp_key_file2 (cred,
140 pub_key_path,
141 priv_key_path, key_id,
142 GNUTLS_OPENPGP_FMT_BASE64);
143 if (err != 0)
144 fail ("client openpgp keys %s\n", gnutls_strerror (err));
145
146 err =
147 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
148 if (err != 0)
149 fail ("client credential_set %d\n", err);
150
151 gnutls_dh_set_prime_bits (session, 1024);
152
153 err = gnutls_handshake (session);
154 if (err != 0)
155 fail ("client handshake %s (%d) \n", gnutls_strerror (err), err);
156 else if (debug)
157 printf ("client handshake successful\n");
158
159 sent = gnutls_record_send (session, message, sizeof (message));
160 if (sent != sizeof (message))
161 fail ("client sent %li vs. %li\n",
162 (long) sent, (long) sizeof (message));
163
164 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
165 if (err != 0)
166 fail ("client bye %d\n", err);
167
168 if (debug)
169 printf ("client done\n");
170
171 gnutls_deinit(session);
172 gnutls_certificate_free_credentials (cred);
173 }
174 else
175 {
176 /* Parent process (server). */
177 gnutls_session_t session;
178 gnutls_dh_params_t dh_params;
179 gnutls_certificate_credentials_t cred;
180 char greetings[sizeof (message) * 2];
181 ssize_t received;
182 pid_t done;
183 int status;
184 const gnutls_datum_t p3 = { (void *) pkcs3, strlen (pkcs3) };
185
186 if (debug)
187 printf ("server process %i (child %i)\n", getpid (), child);
188
189 err = gnutls_init (&session, GNUTLS_SERVER);
190 if (err != 0)
191 fail ("server session %d\n", err);
192
193 gnutls_priority_set_direct (session,
194 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+RSA:+CTYPE-OPENPGP",
195 NULL);
196 gnutls_transport_set_ptr (session,
197 (gnutls_transport_ptr_t) (intptr_t)
198 sockets[1]);
199
200 err = gnutls_certificate_allocate_credentials (&cred);
201 if (err != 0)
202 fail ("server credentials %d\n", err);
203
204 err =
205 gnutls_certificate_set_openpgp_key_file2 (cred,
206 pub_key_path,
207 priv_key_path, key_id,
208 GNUTLS_OPENPGP_FMT_BASE64);
209 if (err != 0)
210 fail ("server openpgp keys %s\n", gnutls_strerror (err));
211
212 err = gnutls_dh_params_init (&dh_params);
213 if (err)
214 fail ("server DH params init %d\n", err);
215
216 err =
217 gnutls_dh_params_import_pkcs3 (dh_params, &p3,
218 GNUTLS_X509_FMT_PEM);
219 if (err)
220 fail ("server DH params generate %d\n", err);
221
222 gnutls_certificate_set_dh_params (cred, dh_params);
223
224 err =
225 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
226 if (err != 0)
227 fail ("server credential_set %d\n", err);
228
229 gnutls_certificate_server_set_request (session,
230 GNUTLS_CERT_REQUIRE);
231
232 err = gnutls_handshake (session);
233 if (err != 0)
234 fail ("server handshake %s (%d) \n", gnutls_strerror (err), err);
235
236 received =
237 gnutls_record_recv (session, greetings, sizeof (greetings));
238 if (received != sizeof (message)
239 || memcmp (greetings, message, sizeof (message)))
240 fail ("server received %li vs. %li\n", (long) received,
241 (long) sizeof (message));
242
243 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
244 if (err != 0)
245 fail ("server bye %s (%d) \n", gnutls_strerror (err), err);
246
247 if (debug)
248 printf ("server done\n");
249
250 gnutls_deinit(session);
251 gnutls_certificate_free_credentials (cred);
252 gnutls_dh_params_deinit (dh_params);
253
254 done = wait (&status);
255 if (done < 0)
256 fail ("wait %s\n", strerror (errno));
257
258 if (done != child)
259 fail ("who's that?! %d\n", done);
260
261 if (WIFEXITED (status))
262 {
263 if (WEXITSTATUS (status) != 0)
264 fail ("child exited with status %d\n", WEXITSTATUS (status));
265 }
266 else if (WIFSIGNALED (status))
267 fail ("child stopped by signal %d\n", WTERMSIG (status));
268 else
269 fail ("child failed: %d\n", status);
270 }
271
272 }
273
274 gnutls_global_deinit ();
275 }
276 #else
277 void
278 doit ()
279 {
280 exit (77);
281 }
282 #endif
Implementation of the SSL/TLS protocol