search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bumped version
[gnutls.git] / tests / openpgp-auth2.c
blob79a7ad9bef2473f79250e79cdbaf7807804f9ef3
1 /*
2 * Copyright (C) 2010-2012 Free Software Foundation, Inc.
3 * Author: Ludovic Courtès
4 *
5 * This file is part of GNUTLS.
6 *
7 * GNUTLS is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GNUTLS is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with GNUTLS; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #if !defined(_WIN32)
27
28 #include <gnutls/gnutls.h>
29 #include <gnutls/openpgp.h>
30
31 #include "utils.h"
32 #include <read-file.h>
33
34 #include <unistd.h>
35 #include <stdlib.h>
36 #include <sys/types.h>
37 #include <sys/socket.h>
38 #include <sys/wait.h>
39 #include <string.h>
40 #include <errno.h>
41 #include <stdio.h>
42
43
44 /* This is the same test as openpgp-auth but tests
45 * openpgp under the latest TLS protocol (TLSv1.2). In
46 * addition it tests DSS signatures under that.
47 */
48
49 static const char message[] = "Hello, brave GNU world!";
50
51 /* The OpenPGP key pair for use and the key ID in those keys. */
52 static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
53 static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
54 static const char *key_id = NULL
55 /* FIXME: The values below don't work as expected. */
56 /* "auto" */
57 /* "bd572cdcccc07c35" */ ;
58
59 static void
60 log_message (int level, const char *message)
61 {
62 fprintf (stderr, "[%5d|%2d] %s", getpid (), level, message);
63 }
64 \f
65
66 void
67 doit ()
68 {
69 int err;
70 int sockets[2];
71 const char *srcdir;
72 char pub_key_path[512], priv_key_path[512];
73 pid_t child;
74
75 gnutls_global_init ();
76
77 srcdir = getenv ("srcdir") ? getenv ("srcdir") : ".";
78
79 if (debug)
80 {
81 gnutls_global_set_log_level (10);
82 gnutls_global_set_log_function (log_message);
83 }
84
85 err = socketpair (AF_UNIX, SOCK_STREAM, 0, sockets);
86 if (err != 0)
87 fail ("socketpair %s\n", strerror (errno));
88
89 if (sizeof(pub_key_path) < strlen (srcdir) + strlen (pub_key_file) + 2)
90 abort();
91
92 strcpy (pub_key_path, srcdir);
93 strcat (pub_key_path, "/");
94 strcat (pub_key_path, pub_key_file);
95
96 if (sizeof(priv_key_path) < strlen (srcdir) + strlen (priv_key_file) + 2)
97 abort();
98
99 strcpy (priv_key_path, srcdir);
100 strcat (priv_key_path, "/");
101 strcat (priv_key_path, priv_key_file);
102
103 child = fork ();
104 if (child == -1)
105 fail ("fork %s\n", strerror (errno));
106
107 if (child == 0)
108 {
109 /* Child process (client). */
110 gnutls_session_t session;
111 gnutls_certificate_credentials_t cred;
112 ssize_t sent;
113
114 if (debug)
115 printf ("client process %i\n", getpid ());
116
117 err = gnutls_init (&session, GNUTLS_CLIENT);
118 if (err != 0)
119 fail ("client session %d\n", err);
120
121 gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
122 gnutls_transport_set_ptr (session,
123 (gnutls_transport_ptr_t) (intptr_t)
124 sockets[0]);
125
126 err = gnutls_certificate_allocate_credentials (&cred);
127 if (err != 0)
128 fail ("client credentials %d\n", err);
129
130 err =
131 gnutls_certificate_set_openpgp_key_file2 (cred,
132 pub_key_path, priv_key_path,
133 key_id,
134 GNUTLS_OPENPGP_FMT_BASE64);
135 if (err != 0)
136 fail ("client openpgp keys %d\n", err);
137
138 err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
139 if (err != 0)
140 fail ("client credential_set %d\n", err);
141
142 gnutls_dh_set_prime_bits (session, 1024);
143
144 err = gnutls_handshake (session);
145 if (err != 0)
146 fail ("client handshake %s (%d) \n", gnutls_strerror(err), err);
147 else if (debug)
148 printf ("client handshake successful\n");
149
150 sent = gnutls_record_send (session, message, sizeof (message));
151 if (sent != sizeof (message))
152 fail ("client sent %li vs. %li\n",
153 (long) sent, (long) sizeof (message));
154
155 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
156 if (err != 0)
157 fail ("client bye %d\n", err);
158
159 if (debug)
160 printf ("client done\n");
161
162 gnutls_deinit(session);
163 gnutls_certificate_free_credentials (cred);
164 }
165 else
166 {
167 /* Parent process (server). */
168 gnutls_session_t session;
169 gnutls_dh_params_t dh_params;
170 gnutls_certificate_credentials_t cred;
171 char greetings[sizeof (message) * 2];
172 ssize_t received;
173 pid_t done;
174 int status;
175 const gnutls_datum_t p3 = { (void*) pkcs3, strlen (pkcs3) };
176
177 if (debug)
178 printf ("server process %i (child %i)\n", getpid (), child);
179
180 err = gnutls_init (&session, GNUTLS_SERVER);
181 if (err != 0)
182 fail ("server session %d\n", err);
183
184 gnutls_priority_set_direct (session, "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP", NULL);
185 gnutls_transport_set_ptr (session,
186 (gnutls_transport_ptr_t) (intptr_t)
187 sockets[1]);
188
189 err = gnutls_certificate_allocate_credentials (&cred);
190 if (err != 0)
191 fail ("server credentials %d\n", err);
192
193 err =
194 gnutls_certificate_set_openpgp_key_file2 (cred,
195 pub_key_path, priv_key_path,
196 key_id,
197 GNUTLS_OPENPGP_FMT_BASE64);
198 if (err != 0)
199 fail ("server openpgp keys %d\n", err);
200
201 err = gnutls_dh_params_init (&dh_params);
202 if (err)
203 fail ("server DH params init %d\n", err);
204
205 err =
206 gnutls_dh_params_import_pkcs3 (dh_params, &p3, GNUTLS_X509_FMT_PEM);
207 if (err)
208 fail ("server DH params generate %d\n", err);
209
210 gnutls_certificate_set_dh_params (cred, dh_params);
211
212 err = gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
213 if (err != 0)
214 fail ("server credential_set %d\n", err);
215
216 gnutls_certificate_server_set_request (session, GNUTLS_CERT_REQUIRE);
217
218 err = gnutls_handshake (session);
219 if (err != 0)
220 fail ("server handshake %s (%d) \n", gnutls_strerror(err), err);
221
222 received = gnutls_record_recv (session, greetings, sizeof (greetings));
223 if (received != sizeof (message)
224 || memcmp (greetings, message, sizeof (message)))
225 fail ("server received %li vs. %li\n",
226 (long) received, (long) sizeof (message));
227
228 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
229 if (err != 0)
230 fail ("server bye %s (%d) \n", gnutls_strerror(err), err);
231
232 if (debug)
233 printf ("server done\n");
234
235 gnutls_deinit(session);
236 gnutls_certificate_free_credentials (cred);
237 gnutls_dh_params_deinit (dh_params);
238
239 done = wait (&status);
240 if (done < 0)
241 fail ("wait %s\n", strerror (errno));
242
243 if (done != child)
244 fail ("who's that?! %d\n", done);
245
246 if (WIFEXITED (status))
247 {
248 if (WEXITSTATUS (status) != 0)
249 fail ("child exited with status %d\n", WEXITSTATUS (status));
250 }
251 else if (WIFSIGNALED (status))
252 fail ("child stopped by signal %d\n", WTERMSIG (status));
253 else
254 fail ("child failed: %d\n", status);
255 }
256
257 gnutls_global_deinit ();
258 }
259 #else
260 #include <stdlib.h>
261
262 void
263 doit ()
264 {
265 exit (77);
266 }
267 #endif
Implementation of the SSL/TLS protocol