search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bumped version
[gnutls.git] / tests / openpgp-auth.c
blobd3e521c415285770fb88d6955d7ec2bd0a848748
1 /*
2 * Copyright (C) 2010-2012 Free Software Foundation, Inc.
3 * Author: Ludovic Courtès
4 *
5 * This file is part of GNUTLS.
6 *
7 * GNUTLS is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 3 of the License, or
10 * (at your option) any later version.
11 *
12 * GNUTLS is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License
18 * along with GNUTLS; if not, write to the Free Software Foundation,
19 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
20 */
21
22 #ifdef HAVE_CONFIG_H
23 #include <config.h>
24 #endif
25
26 #include <gnutls/gnutls.h>
27 #include <gnutls/openpgp.h>
28
29 #include "utils.h"
30 #include <read-file.h>
31
32 #include <unistd.h>
33 #include <stdlib.h>
34 #include <sys/types.h>
35 #include <sys/socket.h>
36 #if !defined(_WIN32)
37 #include <sys/wait.h>
38 #endif
39 #include <string.h>
40 #include <errno.h>
41 #include <stdio.h>
42 #if !defined(_WIN32)
43 static const char message[] = "Hello, brave GNU world!";
44
45 /* The OpenPGP key pair for use and the key ID in those keys. */
46 static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
47 static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
48 static const char *key_id = NULL;
49
50 static void
51 log_message (int level, const char *message)
52 {
53 fprintf (stderr, "[%5d|%2d] %s", getpid (), level, message);
54 }
55 \f
56
57 void
58 doit ()
59 {
60 int err, i;
61 int sockets[2];
62 const char *srcdir;
63 char *pub_key_path, *priv_key_path;
64 pid_t child;
65
66 gnutls_global_init ();
67
68 srcdir = getenv ("srcdir") ? getenv ("srcdir") : ".";
69
70 for (i = 0; i < 4; i++)
71 {
72
73 if (i <= 1)
74 key_id = NULL; /* try using the master key */
75 else if (i == 2)
76 key_id = "auto"; /* test auto */
77 else if (i == 3)
78 key_id = "f30fd423c143e7ba";
79
80 if (debug)
81 {
82 gnutls_global_set_log_level (5);
83 gnutls_global_set_log_function (log_message);
84 }
85
86 err = socketpair (AF_UNIX, SOCK_STREAM, 0, sockets);
87 if (err != 0)
88 fail ("socketpair %s\n", strerror (errno));
89
90 pub_key_path = alloca (strlen (srcdir) + strlen (pub_key_file) + 2);
91 strcpy (pub_key_path, srcdir);
92 strcat (pub_key_path, "/");
93 strcat (pub_key_path, pub_key_file);
94
95 priv_key_path = alloca (strlen (srcdir) + strlen (priv_key_file) + 2);
96 strcpy (priv_key_path, srcdir);
97 strcat (priv_key_path, "/");
98 strcat (priv_key_path, priv_key_file);
99
100 child = fork ();
101 if (child == -1)
102 fail ("fork %s\n", strerror (errno));
103
104 if (child == 0)
105 {
106 /* Child process (client). */
107 gnutls_session_t session;
108 gnutls_certificate_credentials_t cred;
109 ssize_t sent;
110
111 if (debug)
112 printf ("client process %i\n", getpid ());
113
114 err = gnutls_init (&session, GNUTLS_CLIENT);
115 if (err != 0)
116 fail ("client session %d\n", err);
117
118 if (i==0) /* we use the primary key which is RSA. Test the RSA ciphersuite */
119 gnutls_priority_set_direct (session,
120 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+RSA:+CTYPE-OPENPGP",
121 NULL);
122 else
123 gnutls_priority_set_direct (session,
124 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
125 NULL);
126 gnutls_transport_set_ptr (session,
127 (gnutls_transport_ptr_t) (intptr_t)
128 sockets[0]);
129
130 err = gnutls_certificate_allocate_credentials (&cred);
131 if (err != 0)
132 fail ("client credentials %d\n", err);
133
134 err =
135 gnutls_certificate_set_openpgp_key_file2 (cred,
136 pub_key_path,
137 priv_key_path, key_id,
138 GNUTLS_OPENPGP_FMT_BASE64);
139 if (err != 0)
140 fail ("client openpgp keys %s\n", gnutls_strerror (err));
141
142 err =
143 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
144 if (err != 0)
145 fail ("client credential_set %d\n", err);
146
147 gnutls_dh_set_prime_bits (session, 1024);
148
149 err = gnutls_handshake (session);
150 if (err != 0)
151 fail ("client handshake %s (%d) \n", gnutls_strerror (err), err);
152 else if (debug)
153 printf ("client handshake successful\n");
154
155 sent = gnutls_record_send (session, message, sizeof (message));
156 if (sent != sizeof (message))
157 fail ("client sent %li vs. %li\n",
158 (long) sent, (long) sizeof (message));
159
160 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
161 if (err != 0)
162 fail ("client bye %d\n", err);
163
164 if (debug)
165 printf ("client done\n");
166
167 gnutls_deinit(session);
168 gnutls_certificate_free_credentials (cred);
169 }
170 else
171 {
172 /* Parent process (server). */
173 gnutls_session_t session;
174 gnutls_dh_params_t dh_params;
175 gnutls_certificate_credentials_t cred;
176 char greetings[sizeof (message) * 2];
177 ssize_t received;
178 pid_t done;
179 int status;
180 const gnutls_datum_t p3 = { (void *) pkcs3, strlen (pkcs3) };
181
182 if (debug)
183 printf ("server process %i (child %i)\n", getpid (), child);
184
185 err = gnutls_init (&session, GNUTLS_SERVER);
186 if (err != 0)
187 fail ("server session %d\n", err);
188
189 gnutls_priority_set_direct (session,
190 "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+RSA:+CTYPE-OPENPGP",
191 NULL);
192 gnutls_transport_set_ptr (session,
193 (gnutls_transport_ptr_t) (intptr_t)
194 sockets[1]);
195
196 err = gnutls_certificate_allocate_credentials (&cred);
197 if (err != 0)
198 fail ("server credentials %d\n", err);
199
200 err =
201 gnutls_certificate_set_openpgp_key_file2 (cred,
202 pub_key_path,
203 priv_key_path, key_id,
204 GNUTLS_OPENPGP_FMT_BASE64);
205 if (err != 0)
206 fail ("server openpgp keys %s\n", gnutls_strerror (err));
207
208 err = gnutls_dh_params_init (&dh_params);
209 if (err)
210 fail ("server DH params init %d\n", err);
211
212 err =
213 gnutls_dh_params_import_pkcs3 (dh_params, &p3,
214 GNUTLS_X509_FMT_PEM);
215 if (err)
216 fail ("server DH params generate %d\n", err);
217
218 gnutls_certificate_set_dh_params (cred, dh_params);
219
220 err =
221 gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, cred);
222 if (err != 0)
223 fail ("server credential_set %d\n", err);
224
225 gnutls_certificate_server_set_request (session,
226 GNUTLS_CERT_REQUIRE);
227
228 err = gnutls_handshake (session);
229 if (err != 0)
230 fail ("server handshake %s (%d) \n", gnutls_strerror (err), err);
231
232 received =
233 gnutls_record_recv (session, greetings, sizeof (greetings));
234 if (received != sizeof (message)
235 || memcmp (greetings, message, sizeof (message)))
236 fail ("server received %li vs. %li\n", (long) received,
237 (long) sizeof (message));
238
239 err = gnutls_bye (session, GNUTLS_SHUT_RDWR);
240 if (err != 0)
241 fail ("server bye %s (%d) \n", gnutls_strerror (err), err);
242
243 if (debug)
244 printf ("server done\n");
245
246 gnutls_deinit(session);
247 gnutls_certificate_free_credentials (cred);
248 gnutls_dh_params_deinit (dh_params);
249
250 done = wait (&status);
251 if (done < 0)
252 fail ("wait %s\n", strerror (errno));
253
254 if (done != child)
255 fail ("who's that?! %d\n", done);
256
257 if (WIFEXITED (status))
258 {
259 if (WEXITSTATUS (status) != 0)
260 fail ("child exited with status %d\n", WEXITSTATUS (status));
261 }
262 else if (WIFSIGNALED (status))
263 fail ("child stopped by signal %d\n", WTERMSIG (status));
264 else
265 fail ("child failed: %d\n", status);
266 }
267
268 }
269
270 gnutls_global_deinit ();
271 }
272 #else
273 void
274 doit ()
275 {
276 exit (77);
277 }
278 #endif
Implementation of the SSL/TLS protocol