doc update
[gnutls.git] / tests / openpgp-auth2.c
blob79a7ad9bef2473f79250e79cdbaf7807804f9ef3
1 /*
2 * Copyright (C) 2010-2012 Free Software Foundation, Inc.
3 * Author: Ludovic Courtès
5 * This file is part of GNUTLS.
7 * GNUTLS is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
12 * GNUTLS is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
17 * You should have received a copy of the GNU General Public License
18 * along with GNUTLS; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
26 #if !defined(_WIN32)
28 #include <gnutls/gnutls.h>
29 #include <gnutls/openpgp.h>
31 #include "utils.h"
32 #include <read-file.h>
34 #include <unistd.h>
35 #include <stdlib.h>
36 #include <sys/types.h>
37 #include <sys/socket.h>
38 #include <sys/wait.h>
39 #include <string.h>
40 #include <errno.h>
41 #include <stdio.h>
44 /* This is the same test as openpgp-auth but tests
45 * openpgp under the latest TLS protocol (TLSv1.2). In
46 * addition it tests DSS signatures under that.
49 static const char message[] = "Hello, brave GNU world!";
51 /* The OpenPGP key pair for use and the key ID in those keys. */
52 static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
53 static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
54 static const char *key_id = NULL
55 /* FIXME: The values below don't work as expected. */
56 /* "auto" */
57 /* "bd572cdcccc07c35" */ ;
59 static void
60 log_message (int level, const char *message)
62 fprintf (stderr, "[%5d|%2d] %s", getpid (), level, message);
66 void
67 doit ()
69 int err;
70 int sockets[2];
71 const char *srcdir;
72 char pub_key_path[512], priv_key_path[512];
73 pid_t child;
75 gnutls_global_init ();
77 srcdir = getenv ("srcdir") ? getenv ("srcdir") : ".";
79 if (debug)
81 gnutls_global_set_log_level (10);
82 gnutls_global_set_log_function (log_message);
85 err = socketpair (AF_UNIX, SOCK_STREAM, 0, sockets);
86 if (err != 0)
87 fail ("socketpair %s\n", strerror (errno));
89 if (sizeof(pub_key_path) < strlen (srcdir) + strlen (pub_key_file) + 2)
90 abort();
92 strcpy (pub_key_path, srcdir);
93 strcat (pub_key_path, "/");
94 strcat (pub_key_path, pub_key_file);
96 if (sizeof(priv_key_path) < strlen (srcdir) + strlen (priv_key_file) + 2)
97 abort();
99 strcpy (priv_key_path, srcdir);
100 strcat (priv_key_path, "/");
101 strcat (priv_key_path, priv_key_file);
103 child = fork ();
104 if (child == -1)
105 fail ("fork %s\n", strerror (errno));
107 if (child == 0)
109 /* Child process (client). */
110 gnutls_session_t session;
111 gnutls_certificate_credentials_t cred;
112 ssize_t sent;
114 if (debug)
115 printf ("client process %i\n", getpid ());
117 err = gnutls_init (&session, GNUTLS_CLIENT);
118 if (err != 0)
119 fail ("client session %d\n", err);
121 gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
122 gnutls_transport_set_ptr (session,
123 (gnutls_transport_ptr_t) (intptr_t)
124 sockets[0]);
126 err = gnutls_certificate_allocate_credentials (&cred);
127 if (err != 0)
128 fail ("client credentials %d\n", err);
130 err =
131 gnutls_certificate_set_openpgp_key_file2 (cred,
132 pub_key_path, priv_key_path,
133 key_id,
134 GNUTLS_OPENPGP_FMT_BASE64);
135 if (err != 0)
136 fail ("client openpgp keys %d\n", err);
138 err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
139 if (err != 0)
140 fail ("client credential_set %d\n", err);
142 gnutls_dh_set_prime_bits (session, 1024);
144 err = gnutls_handshake (session);
145 if (err != 0)
146 fail ("client handshake %s (%d) \n", gnutls_strerror(err), err);
147 else if (debug)
148 printf ("client handshake successful\n");
150 sent = gnutls_record_send (session, message, sizeof (message));
151 if (sent != sizeof (message))
152 fail ("client sent %li vs. %li\n",
153 (long) sent, (long) sizeof (message));
155 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
156 if (err != 0)
157 fail ("client bye %d\n", err);
159 if (debug)
160 printf ("client done\n");
162 gnutls_deinit(session);
163 gnutls_certificate_free_credentials (cred);
165 else
167 /* Parent process (server). */
168 gnutls_session_t session;
169 gnutls_dh_params_t dh_params;
170 gnutls_certificate_credentials_t cred;
171 char greetings[sizeof (message) * 2];
172 ssize_t received;
173 pid_t done;
174 int status;
175 const gnutls_datum_t p3 = { (void*) pkcs3, strlen (pkcs3) };
177 if (debug)
178 printf ("server process %i (child %i)\n", getpid (), child);
180 err = gnutls_init (&session, GNUTLS_SERVER);
181 if (err != 0)
182 fail ("server session %d\n", err);
184 gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
185 gnutls_transport_set_ptr (session,
186 (gnutls_transport_ptr_t) (intptr_t)
187 sockets[1]);
189 err = gnutls_certificate_allocate_credentials (&cred);
190 if (err != 0)
191 fail ("server credentials %d\n", err);
193 err =
194 gnutls_certificate_set_openpgp_key_file2 (cred,
195 pub_key_path, priv_key_path,
196 key_id,
197 GNUTLS_OPENPGP_FMT_BASE64);
198 if (err != 0)
199 fail ("server openpgp keys %d\n", err);
201 err = gnutls_dh_params_init (&dh_params);
202 if (err)
203 fail ("server DH params init %d\n", err);
205 err =
206 gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
207 if (err)
208 fail ("server DH params generate %d\n", err);
210 gnutls_certificate_set_dh_params (cred, dh_params);
212 err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
213 if (err != 0)
214 fail ("server credential_set %d\n", err);
216 gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE);
218 err = gnutls_handshake (session);
219 if (err != 0)
220 fail ("server handshake %s (%d) \n", gnutls_strerror(err), err);
222 received = gnutls_record_recv (session, greetings, sizeof (greetings));
223 if (received != sizeof (message)
224 || memcmp (greetings, message, sizeof (message)))
225 fail ("server received %li vs. %li\n",
226 (long) received, (long) sizeof (message));
228 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
229 if (err != 0)
230 fail ("server bye %s (%d) \n", gnutls_strerror(err), err);
232 if (debug)
233 printf ("server done\n");
235 gnutls_deinit(session);
236 gnutls_certificate_free_credentials (cred);
237 gnutls_dh_params_deinit (dh_params);
239 done = wait (&status);
240 if (done < 0)
241 fail ("wait %s\n", strerror (errno));
243 if (done != child)
244 fail ("who's that?! %d\n", done);
246 if (WIFEXITED (status))
248 if (WEXITSTATUS (status) != 0)
249 fail ("child exited with status %d\n", WEXITSTATUS (status));
251 else if (WIFSIGNALED (status))
252 fail ("child stopped by signal %d\n", WTERMSIG (status));
253 else
254 fail ("child failed: %d\n", status);
257 gnutls_global_deinit ();
259 #else
260 #include <stdlib.h>
262 void
263 doit ()
265 exit (77);
267 #endif