+++ /dev/null
-¶
\ No newline at end of file
+++ /dev/null
-ÍÿÿÿÿÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÌÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍÍ ÍÍÍÍÍÍÍÍÍÍ ÿÿÿÿÿÿÿÿ\ 2\ 2
\ No newline at end of file
+++ /dev/null
-#!/bin/sh
-
-# Copyright (C) 2010, 2012 Free Software Foundation, Inc.
-#
-# Author: Nikos Mavrogiannopoulos
-#
-# This file is part of GnuTLS.
-#
-# GnuTLS is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 3 of the License, or (at
-# your option) any later version.
-#
-# GnuTLS is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GnuTLS; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-srcdir="${srcdir:-.}"
-CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}"
-
-if ! test -z "${VALGRIND}"; then
- VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND}"
-fi
-
-if ! test -x "${CERTTOOL}"; then
- exit 77
-fi
-
-unset RETCODE || true
-
-fail() {
- echo "Failure: $1" >&2
- RETCODE=${RETCODE:-${2:-1}}
-}
-
-echo "Checking OpenPGP certificate parsing"
-
-for i in "truncated.pub" "attribute-leak-1.pub" "subpkt-leak.pub" "openpgp-invalid1.pub" \
- "openpgp-invalid2.pub" "openpgp-invalid3.pub" "openpgp-invalid4.pub" "openpgp-invalid5.pub" \
- "openpgp-invalid6.pub" "openpgp-invalid7.pub" "openpgp-invalid8.pub" \
- "openpgp-invalid9.pub" "openpgp-invalid10" "openpgp-invalid11";do
- ${VALGRIND} "${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/${i}"
- rc=$?
- if test $rc != 1;then
- fail "$i: Parsing should have errored ($rc)"
- fi
-done
-
-exit ${RETCODE:-0}
+++ /dev/null
-#!/bin/sh
-
-# Copyright (C) 2010-2012 Free Software Foundation, Inc.
-#
-# Author: Nikos Mavrogiannopoulos
-#
-# This file is part of GnuTLS.
-#
-# GnuTLS is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 3 of the License, or (at
-# your option) any later version.
-#
-# GnuTLS is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GnuTLS; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-srcdir="${srcdir:-.}"
-SERV="${SERV:-../../src/gnutls-serv}"
-CLI="${CLI:-../../src/gnutls-cli}"
-DEBUG=""
-
-if ! test -x "${SERV}"; then
- exit 77
-fi
-
-if ! test -x "${CLI}"; then
- exit 77
-fi
-
-if ! test -z "${VALGRIND}"; then
- VALGRIND="${LIBTOOL:-libtool} --mode=execute ${VALGRIND} --error-exitcode=15"
-fi
-
-if test "${WINDIR}" != ""; then
- exit 77
-fi
-
-SERV="${SERV} -q"
-
-. "${srcdir}/../scripts/common.sh"
-
-echo "Checking OpenPGP certificate verification"
-
-eval "${GETPORT}"
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/data/srv-public-127.0.0.1-signed.gpg" --pgpkeyfile "${srcdir}/data/srv-secret.gpg"
-PID=$!
-wait_server ${PID}
-
-# give the server a chance to initialize
-
-#gnutls currently only considers PGP certificates verified only if
-#all user IDs in the certificate were signed.
-
-#"${CLI}" -p "${PORT}" 127.0.0.1 --pgpkeyring ca-public.gpg </dev/null >/dev/null || \
-# fail "Connection to verified IP address should have succeeded! (error code $?)" $?
-
-${VALGRIND} "${CLI}" ${DEBUG} -p "${PORT}" 127.0.0.2 --priority NORMAL:+CTYPE-OPENPGP --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 && \
- fail ${PID} "Connection to unrecognized IP address should have failed!"
-
-${VALGRIND} "${CLI}" ${DEBUG} -p "${PORT}" localhost --priority NORMAL:+CTYPE-OPENPGP --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 && \
- fail ${PID} "Connection to unverified (but present) 'localhost' should have failed!"
-
-kill ${PID}
-wait
-
-eval "${GETPORT}"
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/data/srv-public-localhost-signed.gpg" --pgpkeyfile "${srcdir}/data/srv-secret.gpg"
-PID=$!
-wait_server ${PID}
-
-echo | ${VALGRIND} "${CLI}" ${DEBUG} --priority NORMAL:+CTYPE-OPENPGP -p "${PORT}" 127.0.0.1 --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 && \
- fail ${PID} "Connection to unverified IP address should have failed! (error code $?)" $?
-
-${VALGRIND} "${CLI}" ${DEBUG} --priority NORMAL:+CTYPE-OPENPGP -p "${PORT}" 127.0.0.2 --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 && \
- fail ${PID} "Connection to unrecognized IP address should have failed!"
-
-#see reason above
-#"${CLI}" -p "${PORT}" localhost --pgpkeyring ca-public.gpg </dev/null >/dev/null || \
-# fail ${PID} "Connection to verified 'localhost' should have succeded! (error code $?)" $?
-
-kill ${PID}
-wait
-
-eval "${GETPORT}"
-launch_server $$ --priority NORMAL:+CTYPE-OPENPGP --pgpcertfile "${srcdir}/data/srv-public-all-signed.gpg" --pgpkeyfile "${srcdir}/data/srv-secret.gpg"
-PID=$!
-wait_server ${PID}
-
-# give the server a chance to initialize
-echo | ${VALGRIND} "${CLI}" ${DEBUG} --priority NORMAL:+CTYPE-OPENPGP -p "${PORT}" 127.0.0.1 --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 || \
- fail ${PID} "Connection to signed PGP certificate should have succeeded! (error code $?)" $?
-
-${VALGRIND} "${CLI}" ${DEBUG} --priority NORMAL:+CTYPE-OPENPGP -p "${PORT}" 127.0.0.2 --pgpkeyring "${srcdir}/data/ca-public.gpg" </dev/null >/dev/null 2>&1 && \
- fail ${PID} "Connection to unrecognized IP address should have failed!"
-
-kill ${PID}
-wait
-
-exit 0
+++ /dev/null
-#!/bin/sh
-
-# Copyright (C) 2010, 2012 Free Software Foundation, Inc.
-#
-# Author: Nikos Mavrogiannopoulos
-#
-# This file is part of GnuTLS.
-#
-# GnuTLS is free software; you can redistribute it and/or modify it
-# under the terms of the GNU General Public License as published by the
-# Free Software Foundation; either version 3 of the License, or (at
-# your option) any later version.
-#
-# GnuTLS is distributed in the hope that it will be useful, but
-# WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with GnuTLS; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-
-set -e
-
-srcdir="${srcdir:-.}"
-CERTTOOL="${CERTTOOL:-../../src/certtool${EXEEXT}}"
-
-if ! test -x "${CERTTOOL}"; then
- exit 77
-fi
-
-unset RETCODE || true
-
-fail() {
- echo "Failure: $1" >&2
- RETCODE=${RETCODE:-${2:-1}}
-}
-
-echo "Checking OpenPGP certificate self verification"
-
-("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/selfsigs/alice.pub" \
- | grep "^Self Signature verification: ok" > /dev/null) || \
- fail "Self sig Verification should have succeeded!"
-
-("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/selfsigs/alice-mallory-badsig18.pub" \
- | grep "^Self Signature verification: failed" > /dev/null) || \
- fail "Self sig Verification should have failed!"
-
-("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/selfsigs/alice-mallory-irrelevantsig.pub" \
- | grep "^Self Signature verification: failed" >/dev/null) || \
- fail "Self sig Verification should have failed!"
-
-("${CERTTOOL}" --inraw --pgp-certificate-info --infile "${srcdir}/data/selfsigs/alice-mallory-nosig18.pub" \
- | grep "^Self Signature verification: failed" >/dev/null) || \
- fail "Self sig Verification should have failed!"
-
-exit ${RETCODE:-0}
+++ /dev/null
-/*
- * Copyright (C) 2010-2012 Free Software Foundation, Inc.
- * Author: Ludovic Courtès
- *
- * This file is part of GNUTLS.
- *
- * GNUTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GNUTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GNUTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <gnutls/gnutls.h>
-#include <gnutls/openpgp.h>
-
-#include "utils.h"
-
-#include <unistd.h>
-#include <stdlib.h>
-#if !defined(_WIN32)
-# include <sys/types.h>
-# include <sys/socket.h>
-#include <sys/wait.h>
-#endif
-#include <string.h>
-#include <errno.h>
-#include <stdio.h>
-#if !defined(_WIN32)
-static const char message[] = "Hello, brave GNU world!";
-
-/* The OpenPGP key pair for use and the key ID in those keys. */
-static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
-static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
-static const char *key_id = NULL;
-static gnutls_datum_t stored_cli_cert = { NULL, 0 };
-
-static void log_message(int level, const char *msg)
-{
- fprintf(stderr, "[%5d|%2d] %s", getpid(), level, msg);
-}
-
-static
-int key_recv_func(gnutls_session_t session, const unsigned char *keyfpr,
- unsigned int keyfpr_length, gnutls_datum_t * key)
-{
- key->data = gnutls_malloc(stored_cli_cert.size);
- memcpy(key->data, stored_cli_cert.data, stored_cli_cert.size);
- key->size = stored_cli_cert.size;
-
- return 0;
-}
-
-static
-void check_loaded_key(gnutls_certificate_credentials_t cred)
-{
- int err;
- gnutls_openpgp_privkey_t key;
- gnutls_openpgp_crt_t *crts;
- unsigned n_crts;
- gnutls_openpgp_keyid_t keyid;
- unsigned i;
-
- /* check that the getter functions for openpgp keys of
- * gnutls_certificate_credentials_t work and deliver the
- * expected key ID. */
-
- err = gnutls_certificate_get_openpgp_key(cred, 0, &key);
- if (err != 0)
- fail("get openpgp key %s\n",
- gnutls_strerror(err));
-
- gnutls_openpgp_privkey_get_subkey_id(key, 0, keyid);
- if (keyid[0] != 0xf3 || keyid[1] != 0x0f || keyid[2] != 0xd4 || keyid[3] != 0x23 ||
- keyid[4] != 0xc1 || keyid[5] != 0x43 || keyid[6] != 0xe7 || keyid[7] != 0xba)
- fail("incorrect key id (privkey)\n");
-
- err = gnutls_certificate_get_openpgp_crt(cred, 0, &crts, &n_crts);
- if (err != 0)
- fail("get openpgp crts %s\n",
- gnutls_strerror(err));
-
- if (n_crts != 1)
- fail("openpgp n_crts != 1\n");
-
- gnutls_openpgp_crt_get_subkey_id(crts[0], 0, keyid);
- if (keyid[0] != 0xf3 || keyid[1] != 0x0f || keyid[2] != 0xd4 || keyid[3] != 0x23 ||
- keyid[4] != 0xc1 || keyid[5] != 0x43 || keyid[6] != 0xe7 || keyid[7] != 0xba)
- fail("incorrect key id (pubkey)\n");
-
- for (i = 0; i < n_crts; ++i)
- gnutls_openpgp_crt_deinit(crts[i]);
- gnutls_free(crts);
- gnutls_openpgp_privkey_deinit(key);
-}
-
-void doit(void)
-{
- int err, i;
- int sockets[2];
- const char *srcdir;
- pid_t child;
- char pub_key_path[512], priv_key_path[512];
-
- global_init();
-
- srcdir = getenv("srcdir") ? getenv("srcdir") : ".";
-
- for (i = 0; i < 5; i++) {
- if (i <= 1)
- key_id = NULL; /* try using the master key */
- else if (i == 2)
- key_id = "auto"; /* test auto */
- else if (i >= 3)
- key_id = "f30fd423c143e7ba";
-
- if (debug) {
- gnutls_global_set_log_level(5);
- gnutls_global_set_log_function(log_message);
- }
-
- err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
- if (err != 0)
- fail("socketpair %s\n", strerror(errno));
-
- if (sizeof(pub_key_path) <
- strlen(srcdir) + strlen(pub_key_file) + 2)
- abort();
-
- strcpy(pub_key_path, srcdir);
- strcat(pub_key_path, "/");
- strcat(pub_key_path, pub_key_file);
-
- if (sizeof(priv_key_path) <
- strlen(srcdir) + strlen(priv_key_file) + 2)
- abort();
-
- strcpy(priv_key_path, srcdir);
- strcat(priv_key_path, "/");
- strcat(priv_key_path, priv_key_file);
-
- child = fork();
- if (child == -1)
- fail("fork %s\n", strerror(errno));
-
- if (child == 0) {
- /* Child process (client). */
- gnutls_session_t session;
- gnutls_certificate_credentials_t cred;
- ssize_t sent;
-
- if (debug)
- printf("client process %i\n", getpid());
-
- err = gnutls_init(&session, GNUTLS_CLIENT);
- if (err != 0)
- fail("client session %d\n", err);
-
- if (i == 0) /* we use the primary key which is RSA. Test the RSA ciphersuite */
- gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+RSA:+CTYPE-OPENPGP",
- NULL);
- else
- gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
- NULL);
- gnutls_transport_set_int(session, sockets[0]);
-
- err =
- gnutls_certificate_allocate_credentials(&cred);
- if (err != 0)
- fail("client credentials %d\n", err);
-
- err =
- gnutls_certificate_set_openpgp_key_file2(cred,
- pub_key_path,
- priv_key_path,
- key_id,
- GNUTLS_OPENPGP_FMT_BASE64);
- if (err != 0)
- fail("client openpgp keys %s\n",
- gnutls_strerror(err));
-
- check_loaded_key(cred);
-
- err =
- gnutls_credentials_set(session,
- GNUTLS_CRD_CERTIFICATE,
- cred);
- if (err != 0)
- fail("client credential_set %d\n", err);
-
- gnutls_dh_set_prime_bits(session, 1024);
-
- if (i == 4)
- gnutls_openpgp_send_cert(session,
- GNUTLS_OPENPGP_CERT_FINGERPRINT);
-
- err = gnutls_handshake(session);
- if (err != 0)
- fail("client handshake %s (%d) \n",
- gnutls_strerror(err), err);
- else if (debug)
- printf("client handshake successful\n");
-
- sent =
- gnutls_record_send(session, message,
- sizeof(message));
- if (sent != sizeof(message))
- fail("client sent %li vs. %li\n",
- (long) sent, (long) sizeof(message));
-
- err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
- if (err != 0)
- fail("client bye %d\n", err);
-
- if (debug)
- printf("client done\n");
-
- gnutls_deinit(session);
- gnutls_certificate_free_credentials(cred);
- gnutls_free(stored_cli_cert.data);
- gnutls_global_deinit();
- return;
- } else {
- /* Parent process (server). */
- gnutls_session_t session;
- gnutls_dh_params_t dh_params;
- gnutls_certificate_credentials_t cred;
- char greetings[sizeof(message) * 2];
- ssize_t received;
- pid_t done;
- int status;
- const gnutls_datum_t p3 =
- { (void *) pkcs3, strlen(pkcs3) };
-
- if (debug)
- printf("server process %i (child %i)\n",
- getpid(), child);
-
- err = gnutls_init(&session, GNUTLS_SERVER);
- if (err != 0)
- fail("server session %d\n", err);
-
- gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.0:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+RSA:+CTYPE-OPENPGP",
- NULL);
- gnutls_transport_set_int(session, sockets[1]);
-
- err =
- gnutls_certificate_allocate_credentials(&cred);
- if (err != 0)
- fail("server credentials %d\n", err);
-
- err =
- gnutls_certificate_set_openpgp_key_file2(cred,
- pub_key_path,
- priv_key_path,
- key_id,
- GNUTLS_OPENPGP_FMT_BASE64);
- if (err != 0)
- fail("server openpgp keys %s\n",
- gnutls_strerror(err));
-
- check_loaded_key(cred);
-
- err = gnutls_dh_params_init(&dh_params);
- if (err)
- fail("server DH params init %d\n", err);
-
- err =
- gnutls_dh_params_import_pkcs3(dh_params, &p3,
- GNUTLS_X509_FMT_PEM);
- if (err)
- fail("server DH params generate %d\n",
- err);
-
- gnutls_certificate_set_dh_params(cred, dh_params);
-
- err =
- gnutls_credentials_set(session,
- GNUTLS_CRD_CERTIFICATE,
- cred);
- if (err != 0)
- fail("server credential_set %d\n", err);
-
- gnutls_certificate_server_set_request(session,
- GNUTLS_CERT_REQUIRE);
-
- if (i == 4)
- gnutls_openpgp_set_recv_key_function
- (session, key_recv_func);
-
- err = gnutls_handshake(session);
- if (err != 0)
- fail("server handshake %s (%d) \n",
- gnutls_strerror(err), err);
-
- if (stored_cli_cert.data == NULL) {
- const gnutls_datum_t *d;
- unsigned int d_size;
- d = gnutls_certificate_get_peers(session,
- &d_size);
- if (d != NULL) {
- stored_cli_cert.data =
- gnutls_malloc(d[0].size);
- memcpy(stored_cli_cert.data,
- d[0].data, d[0].size);
- stored_cli_cert.size = d[0].size;
- }
- }
-
- received =
- gnutls_record_recv(session, greetings,
- sizeof(greetings));
- if (received != sizeof(message)
- || memcmp(greetings, message, sizeof(message)))
- fail("server received %li vs. %li\n",
- (long) received,
- (long) sizeof(message));
-
- err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
- if (err != 0)
- fail("server bye %s (%d) \n",
- gnutls_strerror(err), err);
-
- if (debug)
- printf("server done\n");
-
- gnutls_deinit(session);
- gnutls_certificate_free_credentials(cred);
- gnutls_dh_params_deinit(dh_params);
-
- done = wait(&status);
- if (done < 0)
- fail("wait %s\n", strerror(errno));
-
- if (done != child)
- fail("who's that?! %d\n", done);
-
- check_wait_status(status);
- }
- }
-
- gnutls_free(stored_cli_cert.data);
- gnutls_global_deinit();
-}
-#else
-void doit()
-{
- exit(77);
-}
-#endif
+++ /dev/null
-/*
- * Copyright (C) 2010-2012 Free Software Foundation, Inc.
- * Author: Ludovic Courtès
- *
- * This file is part of GNUTLS.
- *
- * GNUTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GNUTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GNUTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#if !defined(_WIN32)
-
-#include <gnutls/gnutls.h>
-#include <gnutls/openpgp.h>
-
-#include "utils.h"
-
-#include <unistd.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/wait.h>
-#include <string.h>
-#include <errno.h>
-#include <stdio.h>
-
-
-/* This is the same test as openpgp-auth but tests
- * openpgp under the latest TLS protocol (TLSv1.2). In
- * addition it tests DSS signatures under that.
- */
-
-static const char g_message[] = "Hello, brave GNU world!";
-
-/* The OpenPGP key pair for use and the key ID in those keys. */
-static const char pub_key_file[] = "../guile/tests/openpgp-pub.asc";
-static const char priv_key_file[] = "../guile/tests/openpgp-sec.asc";
-static const char *key_id = NULL
- /* FIXME: The values below don't work as expected. */
- /* "auto" */
- /* "bd572cdcccc07c35" */ ;
-
-static void log_message(int level, const char *message)
-{
- fprintf(stderr, "[%5d|%2d] %s", getpid(), level, message);
-}
-\f
-
-void doit(void)
-{
- int err;
- int sockets[2];
- const char *srcdir;
- char pub_key_path[512], priv_key_path[512];
- pid_t child;
-
- global_init();
-
- srcdir = getenv("srcdir") ? getenv("srcdir") : ".";
-
- if (debug) {
- gnutls_global_set_log_level(10);
- gnutls_global_set_log_function(log_message);
- }
-
- err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
- if (err != 0)
- fail("socketpair %s\n", strerror(errno));
-
- if (sizeof(pub_key_path) <
- strlen(srcdir) + strlen(pub_key_file) + 2)
- abort();
-
- strcpy(pub_key_path, srcdir);
- strcat(pub_key_path, "/");
- strcat(pub_key_path, pub_key_file);
-
- if (sizeof(priv_key_path) <
- strlen(srcdir) + strlen(priv_key_file) + 2)
- abort();
-
- strcpy(priv_key_path, srcdir);
- strcat(priv_key_path, "/");
- strcat(priv_key_path, priv_key_file);
-
- child = fork();
- if (child == -1)
- fail("fork %s\n", strerror(errno));
-
- if (child == 0) {
- /* Child process (client). */
- gnutls_session_t session;
- gnutls_certificate_credentials_t cred;
- ssize_t sent;
-
- if (debug)
- printf("client process %i\n", getpid());
-
- err = gnutls_init(&session, GNUTLS_CLIENT);
- if (err != 0)
- fail("client session %d\n", err);
-
- gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
- NULL);
- gnutls_transport_set_int(session, sockets[0]);
-
- err = gnutls_certificate_allocate_credentials(&cred);
- if (err != 0)
- fail("client credentials %d\n", err);
-
- err =
- gnutls_certificate_set_openpgp_key_file2(cred,
- pub_key_path,
- priv_key_path,
- key_id,
- GNUTLS_OPENPGP_FMT_BASE64);
- if (err != 0)
- fail("client openpgp keys %d\n", err);
-
- err =
- gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
- cred);
- if (err != 0)
- fail("client credential_set %d\n", err);
-
- gnutls_dh_set_prime_bits(session, 1024);
-
- err = gnutls_handshake(session);
- if (err != 0)
- fail("client handshake %s (%d) \n",
- gnutls_strerror(err), err);
- else if (debug)
- printf("client handshake successful\n");
-
- sent =
- gnutls_record_send(session, g_message, sizeof(g_message));
- if (sent != sizeof(g_message))
- fail("client sent %li vs. %li\n",
- (long) sent, (long) sizeof(g_message));
-
- err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
- if (err != 0)
- fail("client bye %d\n", err);
-
- if (debug)
- printf("client done\n");
-
- gnutls_deinit(session);
- gnutls_certificate_free_credentials(cred);
- } else {
- /* Parent process (server). */
- gnutls_session_t session;
- gnutls_dh_params_t dh_params;
- gnutls_certificate_credentials_t cred;
- char greetings[sizeof(g_message) * 2];
- ssize_t received;
- pid_t done;
- int status;
- const gnutls_datum_t p3 =
- { (void *) pkcs3, strlen(pkcs3) };
-
- if (debug)
- printf("server process %i (child %i)\n", getpid(),
- child);
-
- err = gnutls_init(&session, GNUTLS_SERVER);
- if (err != 0)
- fail("server session %d\n", err);
-
- gnutls_priority_set_direct(session,
- "NONE:+VERS-TLS1.2:+CIPHER-ALL:+MAC-ALL:+SIGN-ALL:+COMP-ALL:+DHE-DSS:+DHE-RSA:+CTYPE-OPENPGP",
- NULL);
- gnutls_transport_set_int(session, sockets[1]);
-
- err = gnutls_certificate_allocate_credentials(&cred);
- if (err != 0)
- fail("server credentials %d\n", err);
-
- err =
- gnutls_certificate_set_openpgp_key_file2(cred,
- pub_key_path,
- priv_key_path,
- key_id,
- GNUTLS_OPENPGP_FMT_BASE64);
- if (err != 0)
- fail("server openpgp keys %d\n", err);
-
- err = gnutls_dh_params_init(&dh_params);
- if (err)
- fail("server DH params init %d\n", err);
-
- err =
- gnutls_dh_params_import_pkcs3(dh_params, &p3,
- GNUTLS_X509_FMT_PEM);
- if (err)
- fail("server DH params generate %d\n", err);
-
- gnutls_certificate_set_dh_params(cred, dh_params);
-
- err =
- gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
- cred);
- if (err != 0)
- fail("server credential_set %d\n", err);
-
- gnutls_certificate_server_set_request(session,
- GNUTLS_CERT_REQUIRE);
-
- err = gnutls_handshake(session);
- if (err != 0)
- fail("server handshake %s (%d) \n",
- gnutls_strerror(err), err);
-
- received =
- gnutls_record_recv(session, greetings,
- sizeof(greetings));
- if (received != sizeof(g_message)
- || memcmp(greetings, g_message, sizeof(g_message)))
- fail("server received %li vs. %li\n",
- (long) received, (long) sizeof(g_message));
-
- err = gnutls_bye(session, GNUTLS_SHUT_RDWR);
- if (err != 0)
- fail("server bye %s (%d) \n", gnutls_strerror(err),
- err);
-
- if (debug)
- printf("server done\n");
-
- gnutls_deinit(session);
- gnutls_certificate_free_credentials(cred);
- gnutls_dh_params_deinit(dh_params);
-
- done = wait(&status);
- if (done < 0)
- fail("wait %s\n", strerror(errno));
-
- if (done != child)
- fail("who's that?! %d\n", done);
-
- check_wait_status(status);
- }
-
- gnutls_global_deinit();
-}
-#else
-#include <stdlib.h>
-
-void doit()
-{
- exit(77);
-}
-#endif
+++ /dev/null
-/*
- * Copyright (C) 2004-2014 Free Software Foundation, Inc.
- *
- * Author: Nikos Mavrogiannopoulos
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-
-#if defined(_WIN32) || !defined(ENABLE_OPENPGP)
-
-/* socketpair isn't supported on Win32. */
-int main(int argc, char **argv)
-{
- exit(77);
-}
-
-#else
-
-#include <string.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#if !defined(_WIN32)
-#include <sys/wait.h>
-#endif
-#include <unistd.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/abstract.h>
-
-#include "utils.h"
-
-#include "ex-session-info.c"
-#include "ex-x509-info.c"
-
-pid_t child;
-
-static void tls_log_func(int level, const char *str)
-{
- fprintf(stderr, "%s |<%d>| %s", child ? "server" : "client", level,
- str);
-}
-
-/* A very basic TLS client, with anonymous authentication.
- */
-
-#define MAX_BUF 1024
-#define MSG "Hello TLS"
-
-static unsigned char cert_txt[] =
- "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
- "Version: GnuPG v1.4.10 (GNU/Linux)\n"
- "Comment: Test key for GnuTLS\n"
- "\n"
- "mI0ETYD2OQEEAMHmDBtJii82NbWuYcvEWCYnwa7GTcz2PYikYCcq/t5nkyb5Bfmx\n"
- "mh2hpto7Lr5d1L/shvab1gXCcrWEAREgNNk9LiowtLuTHBdeOFlJ1u1P1rvdFVKq\n"
- "2a6ft77Q5VltUDKPgTqz4NWH2KUlLfTvwJDnq2DxYsbwVpBDURuUocXhABEBAAG0\n"
- "CVRlc3QgdXNlcoi4BBMBAgAiBQJNgPY5AhsvBgsJCAcDAgYVCAIJCgsEFgIDAQIe\n"
- "AQIXgAAKCRAMTrFUBnAKMOVDA/9GEw7AokwJSGvHREriXcvMMKp6c6SYqa0TVsTg\n"
- "Gh3ENu/KTfGJIM5p+zR6xy+5u5DfP5qLrRdCnoczncR5w9fn3RsP8ju/Ga5z23Q+\n"
- "6XxRKRkXjE/E0ZFulbuaBom/nhrOmmfqKe7Mor9Y4QwzL2wL3sf6jWLglwdFYS/X\n"
- "W3wqjLkBogRNgPY5EQQApafdUhCAHj8LLXYCqOXRSPZbKzvB55NwWrdvnod0seUW\n"
- "aiTSWBlKnSvIomdcII/E3bjdngK4fTJ+Xr5pEJuzBnW3w787r6jBJSq2Lp0T9SP4\n"
- "CBzd0gXcOQkILvX1VzxAsYVULJA0mhAR3IHFcywjX6ENKuvs7ApniBNoXqi6d3cA\n"
- "oIAzYKrjyZ+guM4IUlRRrB8abx5vBACJPV+d15GYgzt1d8zLvOl/mzs85Twj2SB1\n"
- "ZqzK6H/6QxQkEZpP/UVFpXaUGUly3nGEqg1yw4cgqW4SSxgLFz6B23Si+cTsssE6\n"
- "CYziN1UI6NjxkoG/npMm0wRp7Z+KylEolAdbFBAAprORkt58CrGgpYe8O/35+PWc\n"
- "J9rjhwxxkQP/VCpbZLugkL4XHWGWFGG35S6k9F3xPPTPoX9Zoud+0bOeoOK5RQHo\n"
- "e99sVNN4hxxPTM/rJXfTTZUoB6o84yulTSxb6C9ueHotDV0eB9QX1ov/ltmwy3XS\n"
- "fXEyWtI0CDBuZgEww26Up0pzg4XTBYMkmXrxx3J9ihcCIYyAHoE13EWI5wQYAQIA\n"
- "CQUCTYD2OQIbIgBSCRAMTrFUBnAKMEcgBBkRAgAGBQJNgPY5AAoJEPMP1CPBQ+e6\n"
- "3fQAnR7HWLnQTbxCIhlBTZiuJv2HC6cbAJwJ6VsSU6ADCkMuGT3LLNo+UnckK+4i\n"
- "BACcivWsW40ddtEQ0wno1uP65TmKq3aJrdODXTAnqkmNQKL7X7Fz+nmEWiS+LBH8\n"
- "lRvAaeRPX2LV+DCJDbAPrYd7LkOHyuM0I+ZApto5cjem/EnO7op2QwkCCa6oUp0l\n"
- "YA6i6aGF2KGx7WQwi2URIMPhihpOvAbkjfszYpFL4VP5wQ==\n"
- "=ydIq\n" "-----END PGP PUBLIC KEY BLOCK-----\n";
-
-const gnutls_datum_t cert = { cert_txt, sizeof(cert_txt) };
-
-static unsigned char key_txt[] =
- "-----BEGIN PGP PRIVATE KEY BLOCK-----\n"
- "Version: GnuPG v1.4.10 (GNU/Linux)\n"
- "Comment: Test key for GnuTLS\n"
- "\n"
- "lQHYBE2A9jkBBADB5gwbSYovNjW1rmHLxFgmJ8Guxk3M9j2IpGAnKv7eZ5Mm+QX5\n"
- "sZodoabaOy6+XdS/7Ib2m9YFwnK1hAERIDTZPS4qMLS7kxwXXjhZSdbtT9a73RVS\n"
- "qtmun7e+0OVZbVAyj4E6s+DVh9ilJS3078CQ56tg8WLG8FaQQ1EblKHF4QARAQAB\n"
- "AAP9HJePsXZmqg+UW/Ya9bE+TmIObXdQgajN6hhTFXOBocokKNsPxoIp97Sepg+U\n"
- "FP5BIQv/2t2f8bl6sMmGXsAhCqVzRxGuA+9USx8OfTHSdgIKT5T2VFSGJaU4df3Q\n"
- "rstUY3dcvl6VKpDDZic1T7u2ANzaWM2u+pwooKC4cc/k9AECAMNDvrKF3FC7R9sd\n"
- "TagVrrfde0RZuwhbGW9ghslkY893EelXQL/lbBI20crPdrsdDpMe370KO2bQLqwO\n"
- "HGAxIYUCAP41iC7KReYvysLZ34tM55ZFE7BPsMcXUeu6hkYOMDZYvE+x4KV6Umo+\n"
- "Civd4qD9dESR3WOcI9MwALUdNTxQU60B/21MrWjajY1m1vv7l2slJon5eSrH6BkH\n"
- "Aj173uZca8HbgqSF1xOQW8ZGa6KInN3wHe+vPOXAgzlku/4XHgEYVVGeq7QJVGVz\n"
- "dCB1c2VyiLgEEwECACIFAk2A9jkCGy8GCwkIBwMCBhUIAgkKCwQWAgMBAh4BAheA\n"
- "AAoJEAxOsVQGcAow5UMD/0YTDsCiTAlIa8dESuJdy8wwqnpzpJiprRNWxOAaHcQ2\n"
- "78pN8Ykgzmn7NHrHL7m7kN8/moutF0KehzOdxHnD1+fdGw/yO78ZrnPbdD7pfFEp\n"
- "GReMT8TRkW6Vu5oGib+eGs6aZ+op7syiv1jhDDMvbAvex/qNYuCXB0VhL9dbfCqM\n"
- "nQG7BE2A9jkRBAClp91SEIAePwstdgKo5dFI9lsrO8Hnk3Bat2+eh3Sx5RZqJNJY\n"
- "GUqdK8iiZ1wgj8TduN2eArh9Mn5evmkQm7MGdbfDvzuvqMElKrYunRP1I/gIHN3S\n"
- "Bdw5CQgu9fVXPECxhVQskDSaEBHcgcVzLCNfoQ0q6+zsCmeIE2heqLp3dwCggDNg\n"
- "quPJn6C4zghSVFGsHxpvHm8EAIk9X53XkZiDO3V3zMu86X+bOzzlPCPZIHVmrMro\n"
- "f/pDFCQRmk/9RUWldpQZSXLecYSqDXLDhyCpbhJLGAsXPoHbdKL5xOyywToJjOI3\n"
- "VQjo2PGSgb+ekybTBGntn4rKUSiUB1sUEACms5GS3nwKsaClh7w7/fn49Zwn2uOH\n"
- "DHGRA/9UKltku6CQvhcdYZYUYbflLqT0XfE89M+hf1mi537Rs56g4rlFAeh732xU\n"
- "03iHHE9Mz+sld9NNlSgHqjzjK6VNLFvoL254ei0NXR4H1BfWi/+W2bDLddJ9cTJa\n"
- "0jQIMG5mATDDbpSnSnODhdMFgySZevHHcn2KFwIhjIAegTXcRQAAn2PK9kOqhjOJ\n"
- "KU5iaagnF176FwhdCO2I5wQYAQIACQUCTYD2OQIbIgBSCRAMTrFUBnAKMEcgBBkR\n"
- "AgAGBQJNgPY5AAoJEPMP1CPBQ+e63fQAniK5kU+dwIbkD+OHJHkC73V6v4D8AJ0Z\n"
- "+GBYj4nhKEX21QXfj55F3Zpg1e4iBACcivWsW40ddtEQ0wno1uP65TmKq3aJrdOD\n"
- "XTAnqkmNQKL7X7Fz+nmEWiS+LBH8lRvAaeRPX2LV+DCJDbAPrYd7LkOHyuM0I+ZA\n"
- "pto5cjem/EnO7op2QwkCCa6oUp0lYA6i6aGF2KGx7WQwi2URIMPhihpOvAbkjfsz\n"
- "YpFL4VP5wQ==\n" "=zzoN\n" "-----END PGP PRIVATE KEY BLOCK-----\n";
-
-const gnutls_datum_t key = { key_txt, sizeof(key_txt) };
-
-
-static void client(int sd)
-{
- int ret, ii;
- gnutls_session_t session;
- char buffer[MAX_BUF + 1];
- gnutls_certificate_credentials_t xcred;
-
- global_init();
-
- gnutls_global_set_log_function(tls_log_func);
- if (debug)
- gnutls_global_set_log_level(4711);
-
- gnutls_certificate_allocate_credentials(&xcred);
-
- ret =
- gnutls_certificate_set_openpgp_key_mem2
- (xcred, &cert, &key, "auto",
- GNUTLS_OPENPGP_FMT_BASE64);
- if (ret < 0) {
- fail("error[%d]: %s\n", __LINE__, gnutls_strerror(ret));
- }
-
- /* Initialize TLS session
- */
- gnutls_init(&session, GNUTLS_CLIENT);
-
- /* Use default priorities */
- gnutls_priority_set_direct(session, "NORMAL:+CTYPE-OPENPGP:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1", NULL);
-
- /* put the x509 credentials to the current session
- */
- gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
-
- gnutls_transport_set_int(session, sd);
-
- /* Perform the TLS handshake
- */
- do {
- ret = gnutls_handshake(session);
- } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
-
- if (ret < 0) {
- fail("client: Handshake failed\n");
- gnutls_perror(ret);
- goto end;
- } else {
- if (debug)
- success("client: Handshake was completed\n");
- }
-
- if (debug)
- success("client: TLS version is: %s\n",
- gnutls_protocol_get_name
- (gnutls_protocol_get_version(session)));
-
- /* see the Getting peer's information example */
- if (debug)
- print_info(session);
-
- gnutls_record_send(session, MSG, strlen(MSG));
-
- ret = gnutls_record_recv(session, buffer, MAX_BUF);
- if (ret == 0) {
- if (debug)
- success
- ("client: Peer has closed the TLS connection\n");
- goto end;
- } else if (ret < 0) {
- fail("client: Error: %s\n", gnutls_strerror(ret));
- goto end;
- }
-
- if (debug) {
- printf("- Received %d bytes: ", ret);
- for (ii = 0; ii < ret; ii++) {
- fputc(buffer[ii], stdout);
- }
- fputs("\n", stdout);
- }
-
- gnutls_bye(session, GNUTLS_SHUT_RDWR);
-
- end:
-
- close(sd);
-
- gnutls_deinit(session);
-
- gnutls_certificate_free_credentials(xcred);
-
- gnutls_global_deinit();
-}
-
-/* This is a sample TLS 1.0 echo server, using X.509 authentication.
- */
-
-static unsigned char server_crt_txt[] =
- "-----BEGIN PGP PUBLIC KEY BLOCK-----\n"
- "Version: GnuPG v1.4.6 (GNU/Linux)\n"
- "\n"
- "mNEER2PogwEGINdIR4u5PR4SwADWwj/ztgtoi7XVbmlfbQTHpBYFxTSC88pISSNy\n"
- "V/rgnlqunYP77F7aHL4KUReN3v9sKw01xSGEfox/JmlqUUg6CVvTjdeLfkuVIBnH\n"
- "j+2KMlaxezp7IxtPaTXpXcSf8iOuVq7UX7p6tKbppKXO5GgmfA88VUVvGBs1/PQp\n"
- "WKQdGrj+6I3RRmDN/hna1jGU/N23230Hbx+bu7g9cviiSh10ri7rdDhVJ67tRkRG\n"
- "Usy3XO6dWC7EmzZlEO8AEQEAAbQQdGVzdDMuZ251dGxzLm9yZ4kBAAQTAQIAJgUC\n"
- "R2PogwIbAwUJCWYBgAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEKAh4/gImZBR\n"
- "96QGH3E3zynETuQS3++hGMvMXq2mDJeT2e8964y/ifIOBpr2K2isuLYnrtGKyxi+\n"
- "ZptyHv6ymR3bDvio50cjnoT/WK1onosOJvtijGBS+U/ooq3im7ExpeQYXc/zpYsX\n"
- "OmB5m6BvdomUp2PMqdxsmOPoaRkSYx5R2Rlo/z3csodl6sp3k465Y/jg7L4gkxDz\n"
- "XJM+CS1xMhcOF0gBhppqLnG67x0ow847Pydstzkw0sOqedkLPuScaHNnlAWQ7QH6\n"
- "mbbpqHJwekS4jQRHiKV8AQQA0iZ81WXypLI4ZE2+hYfBCnfMVfQF/vPgvASxhwri\n"
- "GDa9Zc2f/VfakfNiwZgHH6iCeppHBiP2jljnbuOsL6f1R+0FsnyTVwHbuEU7IU2y\n"
- "+J0/s0z3wcx9sx8T7brP5z5F2hdagBsD9YFGCifHDAEew4mmAisY0i2QHVIuXJFj\n"
- "4RMAEQEAAYkBhwQYAQIADwUCR4ilfAIbAgUJEOrPgACoCRCgIeP4CJmQUZ0gBBkB\n"
- "AgAGBQJHiKV8AAoJEIN7b7QuD+F2AEcEAKAjhO9kSOE8UuwEOKlwsWL9LUUSkHJj\n"
- "c/ca0asLAerzrHsldRAcwCbWkVxBBHySw2CLFjzpgdXhwRtsytMgHaapfAPbinAW\n"
- "jCPIEJx2gDZeZnTgi4DVbZn5E3UzHGyL69MEoXr5t+vpiemQFd/nGD+h/Q2A76od\n"
- "gvAryRvS1Soj8bcGHjUflayXGOSvaD8P2V5Vz0hS82QZcqWxD8qUBqbcB8atokmO\n"
- "IYxhKyRmO58T5Ma+iaxBTUIwee+pBYDgdH6E2dh9xLlwwzZKaCcIRCQcObkLsMVo\n"
- "fZJo+m0Xf8zI57NeQF+hXJhW7lIrWgQVr8IVp/lgo76acLHfL/t1n0Nhg4r2srz2\n"
- "fpP2w5laQ0qImYLnZhGFHU+rJUyFaHfhD8/svN2LuZkO570pjV/K68EaHnEfk5b8\n"
- "jWu/euohwcCwf20M1kTo3Bg=\n"
- "=Xjon\n" "-----END PGP PUBLIC KEY BLOCK-----\n";
-const gnutls_datum_t server_crt =
- { server_crt_txt, sizeof(server_crt_txt) };
-
-static unsigned char server_key_txt[] =
- "-----BEGIN PGP PRIVATE KEY BLOCK-----\n"
- "Version: GnuPG v1.4.6 (GNU/Linux)\n"
- "\n"
- "lQLGBEdj6IMBBiDXSEeLuT0eEsAA1sI/87YLaIu11W5pX20Ex6QWBcU0gvPKSEkj\n"
- "clf64J5arp2D++xe2hy+ClEXjd7/bCsNNcUhhH6MfyZpalFIOglb043Xi35LlSAZ\n"
- "x4/tijJWsXs6eyMbT2k16V3En/Ijrlau1F+6erSm6aSlzuRoJnwPPFVFbxgbNfz0\n"
- "KVikHRq4/uiN0UZgzf4Z2tYxlPzdt9t9B28fm7u4PXL4okoddK4u63Q4VSeu7UZE\n"
- "RlLMt1zunVguxJs2ZRDvABEBAAEABhwMx6crpb75ko5gXl9gsYSMj9O/YyCvU7Fi\n"
- "l8FnZ0dKMz3qs7jXyFlttLjh1DzYkXN6PAN5yp3+wnbK/e5eVeNSdo2WpJOwrVWO\n"
- "7pcQovHoKklAjmU98olaRhpv6BBTK+0tGUFaRrmrrYuz2xnwf3+kIpt4ahYW2dr9\n"
- "B+/pvBSVC/sv2+3PEQSsXlWCYVgkQ7WBN4GQdyjjxhQpcWdf8Z6unx4zuS3s7GGM\n"
- "4WaDxmDNCFlTGdrKPQeogtS3LVF9OiRCOvIlAxDmDvnC3zAwO/IvDUHFED9x9hmK\n"
- "MeVwCg8rwDMptVYN2hm+bjNzjV4pimUVd+w7edjEky0Jd/6tTH01CBUWxs9Pfup2\n"
- "cQ9zkYcVz1bwcoqeyRzFCJgi6PiVT38QFEvyusoVkwMQ747D6p7y+R52MEcIvcLb\n"
- "lBXhRviz3rW+Sch4+ohUPvBU41saM5B6UcOmhdPfdvPriI4qXwFxusGWt98NN3aW\n"
- "Ns2/L9kMX/SWnN6Elfj5hrrExDZ2CE60uuvfj+O/uXfO8LUDENE4vQrC399KLbJw\n"
- "uCaqjqLysYA9EY/Nv8RFGkk1UM4ViW8v1/95D95F9WqochSYH8Phr3br0chDxofb\n"
- "rnm6dUPE8uiriNaKWdoiUNSuvumh9lVixmRI923+4imu3scq+rlJAZ20EHRlc3Qz\n"
- "LmdudXRscy5vcmeJAQAEEwECACYFAkdj6IMCGwMFCQlmAYAGCwkIBwMCBBUCCAME\n"
- "FgIDAQIeAQIXgAAKCRCgIeP4CJmQUfekBh9xN88pxE7kEt/voRjLzF6tpgyXk9nv\n"
- "PeuMv4nyDgaa9itorLi2J67RissYvmabch7+spkd2w74qOdHI56E/1itaJ6LDib7\n"
- "YoxgUvlP6KKt4puxMaXkGF3P86WLFzpgeZugb3aJlKdjzKncbJjj6GkZEmMeUdkZ\n"
- "aP893LKHZerKd5OOuWP44Oy+IJMQ81yTPgktcTIXDhdIAYaaai5xuu8dKMPOOz8n\n"
- "bLc5MNLDqnnZCz7knGhzZ5QFkO0B+pm26ahycHpEnQHXBEeIpXwBBADSJnzVZfKk\n"
- "sjhkTb6Fh8EKd8xV9AX+8+C8BLGHCuIYNr1lzZ/9V9qR82LBmAcfqIJ6mkcGI/aO\n"
- "WOdu46wvp/VH7QWyfJNXAdu4RTshTbL4nT+zTPfBzH2zHxPtus/nPkXaF1qAGwP1\n"
- "gUYKJ8cMAR7DiaYCKxjSLZAdUi5ckWPhEwARAQABAAP3QKGVoNi52HXEN3ttUCyB\n"
- "Q1CDurh0MLDQoHomY3MGfI4VByk2YKMb2el4IJqyHrUbBYjTpHY31W2CSIdWfoTU\n"
- "DIik49CQaUpR13dJXEiG4d+nyETFutEalTQI4hMjABD9l1XvZP7Ll3YWmqN8Cam5\n"
- "JY23YAy2Noqbc3AcEut4+QIA1zcv8EU1QVqOwjSybRdm6HKK/A2bMqnITeUR/ikm\n"
- "IuU4lhijm/d1qS6ZBehRvvYa9MY4V7BGEQLWSlyc5aYJ/wIA+fmRv0lHSs78QSUg\n"
- "uRbNv6Aa6CXEOXmG+TpIaf/RWrPmBpdG8AROBVo1wmwG8oQaIjeX3RjKXfL3HTDD\n"
- "CxNg7QIA06tApdo2j1gr3IrroUwQ7yvi56ELB1Lv+W3WLN8lzCfQ6Fs+7IJRrC2R\n"
- "0uzLMGOsSORGAFIbAuLIMpc6rHCeS50hiQGHBBgBAgAPBQJHiKV8AhsCBQkQ6s+A\n"
- "AKgJEKAh4/gImZBRnSAEGQECAAYFAkeIpXwACgkQg3tvtC4P4XYARwQAoCOE72RI\n"
- "4TxS7AQ4qXCxYv0tRRKQcmNz9xrRqwsB6vOseyV1EBzAJtaRXEEEfJLDYIsWPOmB\n"
- "1eHBG2zK0yAdpql8A9uKcBaMI8gQnHaANl5mdOCLgNVtmfkTdTMcbIvr0wShevm3\n"
- "6+mJ6ZAV3+cYP6H9DYDvqh2C8CvJG9LVKiPxtwYeNR+VrJcY5K9oPw/ZXlXPSFLz\n"
- "ZBlypbEPypQGptwHxq2iSY4hjGErJGY7nxPkxr6JrEFNQjB576kFgOB0foTZ2H3E\n"
- "uXDDNkpoJwhEJBw5uQuwxWh9kmj6bRd/zMjns15AX6FcmFbuUitaBBWvwhWn+WCj\n"
- "vppwsd8v+3WfQ2GDivayvPZ+k/bDmVpDSoiZgudmEYUdT6slTIVod+EPz+y83Yu5\n"
- "mQ7nvSmNX8rrwRoecR+TlvyNa7966iHBwLB/bQzWROjcGA==\n"
- "=mZnW\n" "-----END PGP PRIVATE KEY BLOCK-----\n";
-const gnutls_datum_t server_key =
- { server_key_txt, sizeof(server_key_txt) };
-
-static gnutls_privkey_t g_pkey = NULL;
-static gnutls_pcert_st *g_pcert = NULL;
-
-static int
-cert_callback(gnutls_session_t session,
- const gnutls_datum_t * req_ca_rdn, int nreqs,
- const gnutls_pk_algorithm_t * sign_algos,
- int sign_algos_length, gnutls_pcert_st ** pcert,
- unsigned int *pcert_length, gnutls_privkey_t * pkey)
-{
- int ret;
- gnutls_pcert_st *p;
- gnutls_privkey_t lkey;
-
- p = gnutls_malloc(sizeof(*p));
- if (p==NULL)
- return -1;
-
- if (g_pkey == NULL) {
- ret = gnutls_pcert_import_openpgp_raw(p, &server_crt, GNUTLS_OPENPGP_FMT_BASE64, NULL, 0);
- if (ret < 0)
- return -1;
-
- ret = gnutls_privkey_init(&lkey);
- if (ret < 0)
- return -1;
-
- ret = gnutls_privkey_import_openpgp_raw(lkey, &server_key, GNUTLS_OPENPGP_FMT_BASE64, NULL, NULL);
- if (ret < 0)
- return -1;
-
- g_pcert = p;
- g_pkey = lkey;
-
- *pcert = p;
- *pcert_length = 1;
- *pkey = lkey;
- } else {
- *pcert = g_pcert;
- *pcert_length = 1;
- *pkey = g_pkey;
- }
-
- return 0;
-}
-
-static void server(int sd)
-{
-gnutls_certificate_credentials_t pgp_cred;
-int ret;
-gnutls_session_t session;
-gnutls_dh_params_t dh_params;
-const gnutls_datum_t p3 = { (void *) pkcs3, strlen(pkcs3) };
-
- /* this must be called once in the program
- */
- global_init();
-
- gnutls_global_set_log_function(tls_log_func);
- if (debug)
- gnutls_global_set_log_level(4711);
-
- gnutls_certificate_allocate_credentials(&pgp_cred);
-
- gnutls_certificate_set_retrieve_function2(pgp_cred, cert_callback);
-
- gnutls_dh_params_init(&dh_params);
- gnutls_dh_params_import_pkcs3(dh_params, &p3,
- GNUTLS_X509_FMT_PEM);
-
- gnutls_certificate_set_dh_params(pgp_cred, dh_params);
-
- gnutls_init(&session, GNUTLS_SERVER);
-
- /* avoid calling all the priority functions, since the defaults
- * are adequate.
- */
- gnutls_priority_set_direct(session, "NORMAL:+CTYPE-OPENPGP:-CTYPE-X509:-RSA:+DHE-DSS:+SIGN-DSA-SHA256:+SIGN-DSA-SHA1", NULL);
-
- gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, pgp_cred);
-
- /* request client certificate if any.
- */
- gnutls_certificate_server_set_request(session,
- GNUTLS_CERT_REQUEST);
-
- gnutls_transport_set_int(session, sd);
- gnutls_handshake_set_timeout(session, 20 * 1000);
-
- do {
- ret = gnutls_handshake(session);
- } while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
- if (ret < 0) {
- close(sd);
- gnutls_deinit(session);
- fail("server: Handshake has failed (%s)\n\n",
- gnutls_strerror(ret));
- return;
- }
- if (debug)
- success("server: Handshake was completed\n");
-
- if (gnutls_certificate_get_ours(session) == NULL) {
- fail("our certificate was not sent!\n");
- exit(1);
- }
-
- if (debug)
- success("server: TLS version is: %s\n",
- gnutls_protocol_get_name
- (gnutls_protocol_get_version(session)));
-
- /* see the Getting peer's information example */
- if (debug)
- print_info(session);
-
- /* do not wait for the peer to close the connection.
- */
- gnutls_bye(session, GNUTLS_SHUT_WR);
-
- close(sd);
- gnutls_deinit(session);
-
- gnutls_certificate_free_credentials(pgp_cred);
- gnutls_pcert_deinit(&g_pcert[0]);
- gnutls_privkey_deinit(g_pkey);
-
- gnutls_dh_params_deinit(dh_params);
- gnutls_global_deinit();
-
- if (debug)
- success("server: finished\n");
-}
-
-
-void doit(void)
-{
- int sockets[2];
- int err;
-
- err = socketpair(AF_UNIX, SOCK_STREAM, 0, sockets);
- if (err == -1) {
- perror("socketpair");
- fail("socketpair failed\n");
- return;
- }
-
- child = fork();
- if (child < 0) {
- perror("fork");
- fail("fork");
- return;
- }
-
- if (child) {
- int status;
- /* parent */
- client(sockets[0]);
- wait(&status);
- check_wait_status(status);
- } else
- server(sockets[1]);
-}
-
-#endif /* _WIN32 */
+++ /dev/null
-/*
- * Copyright (C) 2007-2012 Free Software Foundation, Inc.
- * Author: Ludovic Courtès, Timo Schulz
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include "config.h"
-#endif
-
-#include <stdio.h>
-
-#include <gnutls/gnutls.h>
-#include <gnutls/openpgp.h>
-
-#include "utils.h"
-
-/* A hex-encoded raw OpenPGP keyring. This is a copy of (`sha1sum' output):
- 5fdce61bff528070dfabdd237d91be618c353b4e src/openpgp/cli_ring.gpg */
-static unsigned char raw_keyring[] = {
- 0x99, 0x01, 0xA2, 0x04, 0x3C, 0x67, 0x95, 0x8D, 0x11, 0x04, 0x00,
- 0x80,
- 0xB1, 0x65, 0x21, 0x8B, 0xF8, 0x28, 0x06, 0xFA, 0x6F, 0x4C, 0x18,
- 0x0B,
- 0xF1, 0xF1, 0x4F, 0xC0, 0x10, 0x2E, 0x0F, 0x4E, 0x15, 0x60, 0x51,
- 0x2D,
- 0x0B, 0xBF, 0xB8, 0xA4, 0x1A, 0x7A, 0x90, 0x5B, 0x07, 0x8D, 0x44,
- 0x7B,
- 0x4D, 0x35, 0x24, 0x06, 0xC3, 0xA4, 0xD8, 0xFB, 0xCC, 0x1E, 0xB0,
- 0xDD,
- 0xBF, 0x4F, 0x82, 0xE3, 0x1D, 0x82, 0x1F, 0xC6, 0x06, 0x3F, 0x57,
- 0xBE,
- 0x3B, 0x47, 0xF6, 0xC8, 0xB5, 0xA4, 0xF1, 0x4B, 0xBE, 0x92, 0x41,
- 0x75,
- 0xDB, 0x28, 0xAA, 0x6D, 0xBB, 0xC3, 0x12, 0x20, 0x9D, 0x78, 0x94,
- 0xFA,
- 0x73, 0x7B, 0xC8, 0xB2, 0xD6, 0x3C, 0xBC, 0x9F, 0x49, 0xB2, 0x8E,
- 0x60,
- 0xFC, 0xB0, 0x7C, 0x5E, 0x08, 0x2A, 0xF3, 0xC4, 0x7B, 0x8D, 0x71,
- 0x52,
- 0xDE, 0x11, 0xFE, 0x58, 0x2E, 0x6F, 0xFF, 0xA3, 0xFA, 0x48, 0x04,
- 0x5F,
- 0xCD, 0x79, 0x78, 0xE7, 0xB7, 0x15, 0x7B, 0x00, 0xA0, 0xBF, 0x14,
- 0x9F,
- 0x1A, 0xC9, 0xBD, 0x98, 0x5A, 0x2C, 0xA4, 0x9D, 0x01, 0xDD, 0x11,
- 0xB2,
- 0x83, 0x93, 0x01, 0xD1, 0xDF, 0x03, 0xFD, 0x14, 0x10, 0xAF, 0x22,
- 0x42,
- 0x19, 0xD4, 0x76, 0x9C, 0xB7, 0xB8, 0x55, 0xF7, 0x2D, 0x3C, 0xBD,
- 0x90,
- 0x04, 0x3F, 0xF5, 0x5E, 0x1B, 0x6E, 0x6E, 0xA1, 0x1B, 0x7A, 0xD6,
- 0x95,
- 0x3F, 0x1B, 0x2C, 0xAA, 0xB2, 0x5D, 0x03, 0xE7, 0xA9, 0x94, 0x14,
- 0x53,
- 0xED, 0x41, 0xE8, 0x91, 0x20, 0x5A, 0x84, 0xCF, 0x20, 0x99, 0x29,
- 0x8D,
- 0xB9, 0x2A, 0xCB, 0x0E, 0xE8, 0xCF, 0x7C, 0x4B, 0x5A, 0x32, 0x0E,
- 0x98,
- 0x22, 0x40, 0x7E, 0x2A, 0xAD, 0x15, 0x78, 0x92, 0xC4, 0xD1, 0xC5,
- 0xD3,
- 0x64, 0x81, 0xF6, 0xF4, 0xA2, 0x65, 0x23, 0xFA, 0xA4, 0xD7, 0x11,
- 0xB8,
- 0x2B, 0xB0, 0xFA, 0x07, 0x47, 0x0A, 0x68, 0x70, 0xBF, 0x2F, 0x80,
- 0x48,
- 0xA0, 0xA7, 0x10, 0x2C, 0x9C, 0xDF, 0x4C, 0x83, 0xF0, 0xDD, 0xFA,
- 0xD2,
- 0xE2, 0x35, 0x5E, 0x35, 0xA4, 0x19, 0x34, 0x74, 0x95, 0xA9, 0x9F,
- 0x3F,
- 0x56, 0x63, 0x8C, 0x03, 0xFF, 0x6B, 0x90, 0xDB, 0x5C, 0x71, 0x0E,
- 0x11,
- 0x55, 0xDF, 0x56, 0x4C, 0x5A, 0x07, 0x2A, 0xF4, 0xF8, 0xBD, 0xF8,
- 0x88,
- 0x48, 0x43, 0x88, 0xCC, 0xA1, 0xA6, 0x70, 0x16, 0x3D, 0x1F, 0x29,
- 0xAA,
- 0xEC, 0xC0, 0x9C, 0x8B, 0x79, 0x8D, 0x7B, 0x80, 0x83, 0x22, 0x69,
- 0x2F,
- 0x66, 0x09, 0xE3, 0x0E, 0x52, 0x40, 0x33, 0xDD, 0x42, 0x5F, 0x53,
- 0x83,
- 0xB6, 0x13, 0xCB, 0x06, 0xAB, 0xF2, 0x86, 0x73, 0x21, 0x87, 0x10,
- 0xE7,
- 0x68, 0x39, 0x78, 0x36, 0x1E, 0x36, 0xB8, 0xF3, 0x12, 0xAF, 0xD2,
- 0x44,
- 0x5B, 0x62, 0x30, 0xA0, 0x86, 0xC5, 0x9D, 0xED, 0x74, 0x8A, 0x11,
- 0x93,
- 0x3B, 0x89, 0x41, 0x4B, 0x50, 0xB6, 0xF1, 0x47, 0xD2, 0x18, 0x43,
- 0x26,
- 0xFF, 0xC2, 0x41, 0x32, 0xDC, 0x40, 0x8D, 0xB6, 0x32, 0xDC, 0x16,
- 0x33,
- 0x52, 0xD0, 0x8C, 0x03, 0xE6, 0xC6, 0x04, 0x6E, 0x95, 0xA1, 0xEE,
- 0x62,
- 0xE4, 0xB4, 0x25, 0x44, 0x72, 0x2E, 0x20, 0x57, 0x68, 0x6F, 0x20,
- 0x28,
- 0x4E, 0x6F, 0x20, 0x63, 0x6F, 0x6D, 0x6D, 0x65, 0x6E, 0x74, 0x73,
- 0x29,
- 0x20, 0x3C, 0x77, 0x68, 0x6F, 0x40, 0x77, 0x68, 0x6F, 0x69, 0x73,
- 0x2E,
- 0x6F, 0x72, 0x67, 0x3E, 0x88, 0x5D, 0x04, 0x13, 0x11, 0x02, 0x00,
- 0x1D,
- 0x05, 0x02, 0x3C, 0x67, 0x95, 0x8D, 0x05, 0x09, 0x03, 0xC2, 0x67,
- 0x00,
- 0x05, 0x0B, 0x07, 0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03,
- 0x16,
- 0x02, 0x01, 0x02, 0x17, 0x80, 0x00, 0x0A, 0x09, 0x10, 0x35, 0x14,
- 0x5C,
- 0xEA, 0xA7, 0xD9, 0x3C, 0x3F, 0x96, 0x58, 0x00, 0x9F, 0x78, 0x99,
- 0xCB,
- 0xC9, 0xF6, 0xE9, 0x4C, 0x30, 0x7B, 0x98, 0x38, 0x77, 0x68, 0x04,
- 0xDB,
- 0xFB, 0x43, 0xD7, 0xCF, 0x6F, 0x00, 0xA0, 0xA4, 0x5D, 0x02, 0x90,
- 0x55,
- 0x33, 0xA0, 0x6D, 0xCB, 0xEB, 0xD6, 0xC9, 0x71, 0xFA, 0x1D, 0xF1,
- 0x7A,
- 0x65, 0x38, 0xFE, 0x99, 0x01, 0xA2, 0x04, 0x3C, 0x4A, 0xC5, 0x6C,
- 0x11,
- 0x04, 0x00, 0xE7, 0x2E, 0x76, 0xB6, 0x2E, 0xEF, 0xA9, 0xA3, 0xBD,
- 0x59,
- 0x40, 0x93, 0x29, 0x24, 0x18, 0x05, 0x0C, 0x02, 0xD7, 0x02, 0x9D,
- 0x6C,
- 0xA2, 0x06, 0x6E, 0xFC, 0x34, 0xC8, 0x60, 0x38, 0x62, 0x7C, 0x64,
- 0x3E,
- 0xB1, 0xA6, 0x52, 0xA7, 0xAF, 0x1D, 0x37, 0xCF, 0x46, 0xFC, 0x50,
- 0x5A,
- 0xC1, 0xE0, 0xC6, 0x99, 0xB3, 0x78, 0x95, 0xB4, 0xBC, 0xB3, 0xE5,
- 0x35,
- 0x41, 0xFF, 0xDA, 0x47, 0x66, 0xD6, 0x16, 0x8C, 0x2B, 0x8A, 0xAF,
- 0xD6,
- 0xAB, 0x22, 0x46, 0x6D, 0x06, 0xD1, 0x80, 0x34, 0xD5, 0xDA, 0xC6,
- 0x98,
- 0xE6, 0x99, 0x3B, 0xA5, 0xB3, 0x50, 0xFF, 0x82, 0x2E, 0x1C, 0xD8,
- 0x70,
- 0x2A, 0x75, 0x11, 0x4E, 0x8B, 0x73, 0xA6, 0xB0, 0x9C, 0xB3, 0xB9,
- 0x3C,
- 0xE4, 0x4D, 0xBB, 0x51, 0x6C, 0x9B, 0xB5, 0xF9, 0x5B, 0xB6, 0x66,
- 0x18,
- 0x86, 0x02, 0xA0, 0xA1, 0x44, 0x72, 0x36, 0xC0, 0x65, 0x8F, 0x00,
- 0xA0,
- 0x8F, 0x5B, 0x5E, 0x78, 0xD8, 0x5F, 0x79, 0x2C, 0xC2, 0x07, 0x2F,
- 0x94,
- 0x74, 0x64, 0x57, 0x26, 0xFB, 0x4D, 0x93, 0x73, 0x03, 0xFE, 0x35,
- 0x78,
- 0xD6, 0x89, 0xD6, 0x60, 0x6E, 0x91, 0x18, 0xE9, 0xF9, 0xA7, 0x04,
- 0x2B,
- 0x96, 0x3C, 0xF2, 0x3F, 0x3D, 0x8F, 0x13, 0x77, 0xA2, 0x73, 0xC0,
- 0xF0,
- 0x97, 0x4D, 0xBF, 0x44, 0xB3, 0xCA, 0xBC, 0xBE, 0x14, 0xDD, 0x64,
- 0x41,
- 0x25, 0x55, 0x86, 0x3E, 0x39, 0xA9, 0xC6, 0x27, 0x66, 0x2D, 0x77,
- 0xAC,
- 0x36, 0x66, 0x2A, 0xE4, 0x49, 0x79, 0x2C, 0x32, 0x62, 0xD3, 0xF1,
- 0x2E,
- 0x98, 0x32, 0xA7, 0x56, 0x53, 0x09, 0xD6, 0x7B, 0xA0, 0xAE, 0x4D,
- 0xF2,
- 0x5F, 0x5E, 0xDA, 0x09, 0x37, 0x05, 0x6A, 0xD5, 0xBE, 0x89, 0xF4,
- 0x06,
- 0x9E, 0xBD, 0x7E, 0xC7, 0x6C, 0xE4, 0x32, 0x44, 0x1D, 0xF5, 0xD5,
- 0x2F,
- 0xFF, 0xD0, 0x6D, 0x39, 0xE5, 0xF6, 0x1E, 0x36, 0x94, 0x7B, 0x69,
- 0x8A,
- 0x77, 0xCB, 0x62, 0xAB, 0x81, 0xE4, 0xA4, 0x12, 0x2B, 0xF9, 0x05,
- 0x06,
- 0x71, 0xD9, 0x94, 0x6C, 0x86, 0x5E, 0x04, 0x00, 0xD0, 0x61, 0x43,
- 0x7A,
- 0x96, 0x4D, 0xDE, 0x31, 0x88, 0x18, 0xC2, 0xB2, 0x4D, 0xE0, 0x08,
- 0xE6,
- 0x00, 0x96, 0xB6, 0x0D, 0xB8, 0xA6, 0x84, 0xB8, 0x5A, 0x83, 0x8D,
- 0x11,
- 0x9F, 0xC9, 0x30, 0x31, 0x18, 0x89, 0xAD, 0x57, 0xA3, 0xB9, 0x27,
- 0xF4,
- 0x48, 0xF8, 0x4E, 0xB2, 0x53, 0xC6, 0x23, 0xED, 0xA7, 0x3B, 0x42,
- 0xFF,
- 0x78, 0xBC, 0xE6, 0x3A, 0x6A, 0x53, 0x1D, 0x75, 0xA6, 0x4C, 0xE8,
- 0x54,
- 0x05, 0x13, 0x80, 0x8E, 0x9F, 0x5B, 0x10, 0xCE, 0x07, 0x5D, 0x34,
- 0x17,
- 0xB8, 0x01, 0x16, 0x49, 0x18, 0xB1, 0x31, 0xD3, 0x54, 0x4C, 0x87,
- 0x65,
- 0xA8, 0xEC, 0xB9, 0x97, 0x1F, 0x61, 0xA0, 0x9F, 0xC7, 0x3D, 0x50,
- 0x98,
- 0x06, 0x10, 0x6B, 0x59, 0x77, 0xD2, 0x11, 0xCB, 0x0E, 0x1D, 0x04,
- 0xD0,
- 0xED, 0x96, 0xBC, 0xE8, 0x9B, 0xAE, 0x8F, 0x73, 0xD8, 0x00, 0xB0,
- 0x52,
- 0x13, 0x9C, 0xBF, 0x8D, 0xB4, 0x49, 0x4F, 0x70, 0x65, 0x6E, 0x43,
- 0x44,
- 0x4B, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20, 0x6B, 0x65, 0x79, 0x20,
- 0x28,
- 0x4F, 0x6E, 0x6C, 0x79, 0x20, 0x69, 0x6E, 0x74, 0x65, 0x6E, 0x64,
- 0x65,
- 0x64, 0x20, 0x66, 0x6F, 0x72, 0x20, 0x74, 0x65, 0x73, 0x74, 0x20,
- 0x70,
- 0x75, 0x72, 0x70, 0x6F, 0x73, 0x65, 0x73, 0x21, 0x29, 0x20, 0x3C,
- 0x6F,
- 0x70, 0x65, 0x6E, 0x63, 0x64, 0x6B, 0x40, 0x66, 0x6F, 0x6F, 0x2D,
- 0x62,
- 0x61, 0x72, 0x2E, 0x6F, 0x72, 0x67, 0x3E, 0x88, 0x62, 0x04, 0x13,
- 0x11,
- 0x02, 0x00, 0x1A, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6C, 0x05, 0x0B,
- 0x07,
- 0x0A, 0x03, 0x04, 0x03, 0x15, 0x03, 0x02, 0x03, 0x16, 0x02, 0x01,
- 0x02,
- 0x1E, 0x01, 0x02, 0x17, 0x80, 0x00, 0x12, 0x09, 0x10, 0xBD, 0x57,
- 0x2C,
- 0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65, 0x47, 0x50, 0x47, 0x00,
- 0x01,
- 0x01, 0x81, 0xC1, 0x00, 0x9C, 0x0E, 0x12, 0x8D, 0x8E, 0xD4, 0x44,
- 0x7C,
- 0x6D, 0xCB, 0xCE, 0x61, 0x50, 0xD9, 0xCD, 0x86, 0xE2, 0x0D, 0x84,
- 0x59,
- 0xA5, 0x00, 0x9F, 0x66, 0x81, 0x66, 0x2C, 0x80, 0xC6, 0xAA, 0xCF,
- 0x1D,
- 0x2D, 0x2B, 0xC2, 0x04, 0xF0, 0x82, 0xFE, 0x80, 0xD3, 0xDB, 0xA4,
- 0xB9,
- 0x01, 0x0D, 0x04, 0x3C, 0x4A, 0xC5, 0x6F, 0x10, 0x04, 0x00, 0xE2,
- 0x01,
- 0x56, 0x52, 0x60, 0x69, 0xD0, 0x67, 0xD2, 0x4F, 0x4D, 0x71, 0xE6,
- 0xD3,
- 0x86, 0x58, 0xE0, 0x8B, 0xE3, 0xBF, 0x24, 0x6C, 0x1A, 0xDC, 0xE0,
- 0x8D,
- 0xB6, 0x9C, 0xD8, 0xD4, 0x59, 0xC1, 0xED, 0x33, 0x57, 0x38, 0x41,
- 0x07,
- 0x98, 0x75, 0x5A, 0xFD, 0xB7, 0x9F, 0x17, 0x97, 0xCF, 0x02, 0x2E,
- 0x70,
- 0xC7, 0x96, 0x0F, 0x12, 0xCA, 0x68, 0x96, 0xD2, 0x7C, 0xFD, 0x24,
- 0xA1,
- 0x1C, 0xD3, 0x16, 0xDD, 0xE1, 0xFB, 0xCC, 0x1E, 0xA6, 0x15, 0xC5,
- 0xC3,
- 0x1F, 0xEC, 0x65, 0x6E, 0x46, 0x70, 0x78, 0xC8, 0x75, 0xFC, 0x50,
- 0x9B,
- 0x1E, 0xCB, 0x99, 0xC8, 0xB5, 0x6C, 0x2D, 0x87, 0x5C, 0x50, 0xE2,
- 0x01,
- 0x8B, 0x5B, 0x0F, 0xA3, 0x78, 0x60, 0x6E, 0xB6, 0x42, 0x5A, 0x25,
- 0x33,
- 0x83, 0x0F, 0x55, 0xFD, 0x21, 0xD6, 0x49, 0x01, 0x56, 0x15, 0xD4,
- 0x9A,
- 0x1D, 0x09, 0xE9, 0x51, 0x0F, 0x5F, 0x00, 0x03, 0x05, 0x04, 0x00,
- 0xD0,
- 0xBD, 0xAD, 0xE4, 0x04, 0x32, 0x75, 0x86, 0x75, 0xC8, 0x7D, 0x07,
- 0x30,
- 0xC3, 0x60, 0x98, 0x14, 0x67, 0xBA, 0xE1, 0xBE, 0xB6, 0xCC, 0x10,
- 0x5A,
- 0x3C, 0x1F, 0x36, 0x6B, 0xFD, 0xBE, 0xA1, 0x2E, 0x37, 0x84, 0x56,
- 0x51,
- 0x32, 0x38, 0xB8, 0xAD, 0x41, 0x4E, 0x52, 0xA2, 0xA9, 0x66, 0x1D,
- 0x1D,
- 0xF1, 0xDB, 0x6B, 0xB5, 0xF3, 0x3F, 0x69, 0x06, 0x16, 0x61, 0x07,
- 0x55,
- 0x6C, 0x81, 0x32, 0x24, 0x33, 0x0B, 0x30, 0x93, 0x2D, 0xB7, 0xC8,
- 0xCC,
- 0x82, 0x25, 0x67, 0x2D, 0x7A, 0xE2, 0x4A, 0xF2, 0x46, 0x97, 0x50,
- 0xE5,
- 0x39, 0xB6, 0x61, 0xEA, 0x64, 0x75, 0xD2, 0xE0, 0x3C, 0xD8, 0xD3,
- 0x83,
- 0x8D, 0xC4, 0xA8, 0xAC, 0x4A, 0xFD, 0x21, 0x35, 0x36, 0xFE, 0x3E,
- 0x96,
- 0xEC, 0x9D, 0x0A, 0xEA, 0x65, 0x16, 0x4B, 0x57, 0x6E, 0x01, 0xB3,
- 0x7A,
- 0x8D, 0xCA, 0x89, 0xF2, 0xB2, 0x57, 0xD0, 0x88, 0x4E, 0x04, 0x18,
- 0x11,
- 0x02, 0x00, 0x06, 0x05, 0x02, 0x3C, 0x4A, 0xC5, 0x6F, 0x00, 0x12,
- 0x09,
- 0x10, 0xBD, 0x57, 0x2C, 0xDC, 0xCC, 0xC0, 0x7C, 0x35, 0x07, 0x65,
- 0x47,
- 0x50, 0x47, 0x00, 0x01, 0x01, 0x75, 0x66, 0x00, 0x9F, 0x60, 0x1E,
- 0x1F,
- 0x99, 0xE0, 0xB0, 0x7C, 0x77, 0xE6, 0x7F, 0x3E, 0xEC, 0xA1, 0xE1,
- 0x9F,
- 0x94, 0x63, 0xD3, 0x73, 0x67, 0x00, 0x9F, 0x6A, 0xC6, 0x9E, 0xB4,
- 0x11,
- 0x9A, 0x6F, 0xFB, 0xF4, 0x49, 0xE7, 0xD1, 0x54, 0xD8, 0x2E, 0x05,
- 0xD4,
- 0x08, 0x61, 0xDB
-};
-
-/* The ID of a key known to be in the above keyring. */
-static const gnutls_openpgp_keyid_t id_in_keyring =
- /* "Dr. Who", first key in the keyring */
-{ 0x35, 0x14, 0x5c, 0xea,
- 0xa7, 0xd9, 0x3c, 0x3f
-};
-
-static const gnutls_openpgp_keyid_t id2_in_keyring =
- /* OpenCDK test key, second key in the keyring */
-{ 0xbd, 0x57, 0x2c, 0xdc,
- 0xcc, 0xc0, 0x7c, 0x35
-};
-
-static const gnutls_openpgp_keyid_t id_not_in_keyring =
- { 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00
-};
-\f
-
-static void tls_log_func(int level, const char *str)
-{
- fprintf(stderr, "%d| %s", level, str);
-}
-
-void doit(void)
-{
- gnutls_openpgp_keyring_t keyring;
- gnutls_openpgp_crt_t crt;
- gnutls_datum_t data;
- gnutls_datum_t txt;
- int ret;
-
- ret = global_init();
- if (ret < 0)
- fail("init %d\n", ret);
-
- gnutls_global_set_log_function(tls_log_func);
- if (debug)
- gnutls_global_set_log_level(2);
-
- ret = gnutls_openpgp_keyring_init(&keyring);
- if (ret < 0)
- fail("keyring-init %d\n", ret);
-
- data.data = raw_keyring;
- data.size = sizeof(raw_keyring) / sizeof(raw_keyring[0]);
- ret = gnutls_openpgp_keyring_import(keyring, &data,
- GNUTLS_OPENPGP_FMT_RAW);
- if (ret < 0)
- fail("keyring-import %d\n", ret);
-
- ret = gnutls_openpgp_keyring_get_crt_count(keyring);
- if (ret != 2) {
- fail("gnutls_openpgp_keyring_get_crt_count: %d\n", ret);
- }
-
- ret =
- gnutls_openpgp_keyring_check_id(keyring, id_not_in_keyring, 0);
- if (ret == 0)
- fail("keyring-check-id (not-in-keyring) %d\n", ret);
-
- ret = gnutls_openpgp_keyring_check_id(keyring, id_in_keyring, 0);
- if (ret != 0)
- fail("keyring-check-id first key %d\n", ret);
-
- ret = gnutls_openpgp_keyring_check_id(keyring, id2_in_keyring, 0);
- if (ret != 0)
- fail("keyring-check-id second key %d\n", ret);
-
- ret = gnutls_openpgp_keyring_get_crt(keyring, 0, &crt);
- if (ret != 0) {
- fail("gnutls_openpgp_keyring_get_crt1: %d\n", ret);
- }
-
- ret = gnutls_openpgp_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &txt);
- if (ret != 0) {
- fail("gnutls_openpgp_crt_print1: %d\n", ret);
- } else if (debug) {
- success("%s\n", (char*)txt.data);
- }
- gnutls_free(txt.data);
- gnutls_openpgp_crt_deinit(crt);
-
- /* second cert */
- ret = gnutls_openpgp_keyring_get_crt(keyring, 1, &crt);
- if (ret != 0) {
- fail("gnutls_openpgp_keyring_get_crt2: %d\n", ret);
- }
-
- ret = gnutls_openpgp_crt_print(crt, GNUTLS_CRT_PRINT_ONELINE, &txt);
- if (ret != 0) {
- fail("gnutls_openpgp_crt_print2: %d\n", ret);
- } else if (debug) {
- success("%s\n", (char*)txt.data);
- }
- gnutls_free(txt.data);
- gnutls_openpgp_crt_deinit(crt);
- if (debug)
- success("done\n");
-
- gnutls_openpgp_keyring_deinit(keyring);
- gnutls_global_deinit();
-}
-
-/* Local Variables:
- coding: latin-1
- End:
- */
+++ /dev/null
-/** t-openpgp.c -- OpenPGP regression test **/
-
-#include "gnutls_int.h"
-#include "errors.h"
-#include "mpi.h"
-#include "cert.h"
-#include "datum.h"
-#include "global.h"
-#include "auth/cert.h"
-#include "openpgp.h"
-
-#include <str.h>
-#include <stdio.h>
-#include <gcrypt.h>
-#include <time.h>
-#include <assert.h>
-
-static const char *get_pkalgo(int algo)
-{
- switch (algo) {
- case GNUTLS_PK_DSA:
- return "DSA";
- case GNUTLS_PK_RSA:
- return "RSA";
- }
- return NULL;
-}
-
-static const char *get_pktime(long timestamp)
-{
- static char buf[128];
- struct tm *tb;
-
- tb = localtime(×tamp);
- sprintf(buf, "%04d-%02d-%02d", tb->tm_year + 1900, tb->tm_mon + 1,
- tb->tm_mday);
- return buf;
-}
-
-int
-get_pubkey(gnutls_datum_t * pk, const gnutls_datum_t * kr,
- unsigned long kid)
-{
- unsigned char buf[4];
-
- buf[0] = kid >> 24;
- buf[1] = kid >> 16;
- buf[2] = kid >> 8;
- buf[3] = kid;
- return gnutls_openpgp_get_key(pk, kr, KEY_ATTR_SHORT_KEYID, buf);
-}
-
-
-int main(int argc, char **argv)
-{
- gnutls_certificate_credentials ctx;
- gnutls_datum_t dat, xml, pk;
- gnutls_openpgp_name uid;
- gnutls_privkey *pkey;
- gnutls_cert *cert;
- unsigned char fpr[20], keyid[8];
- char *s, *t;
- size_t fprlen = 0;
- int rc, nbits = 0, i;
-
- rc = gnutls_certificate_allocate_credentials(&ctx);
- assert(rc == 0);
-
- s = "../doc/credentials/openpgp/cli_ring.gpg";
- rc = gnutls_certificate_set_openpgp_keyring_file(ctx, s);
- assert(rc == 0);
-
- s = "../doc/credentials/openpgp/pub.asc";
- t = "../doc/credentials/openpgp/sec.asc";
- rc = gnutls_certificate_set_openpgp_key_file(ctx, s, t);
- assert(rc == 0);
-
- dat = ctx->cert_list[0]->raw;
- assert(ctx->cert_list[0]);
- printf("Key v%d\n", gnutls_openpgp_extract_key_version(&dat));
- rc = gnutls_openpgp_extract_key_name(&dat, 1, &uid);
- assert(rc == 0);
- printf("userID %s\n", uid.name);
-
- rc = gnutls_openpgp_extract_key_pk_algorithm(&dat, &nbits);
- printf("pk-algorithm %s %d bits\n", get_pkalgo(rc), nbits);
-
- rc = gnutls_openpgp_extract_key_creation_time(&dat);
- printf("creation time %s\n", get_pktime(rc));
-
- rc = gnutls_openpgp_extract_key_expiration_time(&dat);
- printf("expiration time %lu\n", rc);
-
- printf("key fingerprint: ");
- rc = gnutls_openpgp_fingerprint(&dat, fpr, &fprlen);
- assert(rc == 0);
- for (i = 0; i < fprlen / 2; i++)
- printf("%02X%02X ", fpr[2 * i], fpr[2 * i + 1]);
- printf("\n");
-
- printf("key id: ");
- rc = gnutls_openpgp_extract_key_id(&dat, keyid);
- assert(rc == 0);
- for (i = 0; i < 8; i++)
- printf("%02X", keyid[i]);
- printf("\n\n");
-
- printf("Check MPIs\n");
- cert = ctx->cert_list[0];
- printf("number of certs %d\n", *ctx->cert_list_length);
- assert(*ctx->cert_list_length == 1);
- printf("number of items %d\n", cert->params_size);
- for (i = 0; i < cert->params_size; i++) {
- nbits = gcry_mpi_get_nbits(cert->params[i]);
- printf("mpi %d %d bits\n", i, nbits);
- }
-
- printf("\nCheck key\n");
- rc = gnutls_openpgp_verify_key(NULL, &ctx->keyring, &dat, 1);
- printf("certifiacte status...%d\n", rc);
-
- printf("\nSeckey\n");
- pkey = ctx->pkey;
- assert(pkey);
- assert(pkey->params_size);
- nbits = gcry_mpi_get_nbits(pkey->params[0]);
- rc = pkey->pk_algorithm;
- printf("pk-algorithm %s %d bits\n", get_pkalgo(rc), nbits);
- printf("number of items %d\n", pkey->params_size);
- for (i = 0; i < pkey->params_size; i++) {
- nbits = gcry_mpi_get_nbits(pkey->params[i]);
- printf("mpi %d %d bits\n", i, nbits);
- }
-
- printf("\nGet public key\n");
- rc = get_pubkey(&pk, &ctx->keyring, 0xA7D93C3F);
- assert(rc == 0);
-
- printf("key fingerprint: ");
- gnutls_openpgp_fingerprint(&pk, fpr, &fprlen);
- for (i = 0; i < fprlen / 2; i++)
- printf("%02X%02X ", fpr[2 * i], fpr[2 * i + 1]);
- printf("\n");
- _gnutls_free_datum(&pk);
-
-#if 0
- rc = gnutls_openpgp_key_to_xml(&dat, &xml, 1);
- printf("rc=%d\n", rc);
- assert(rc == 0);
- xml.data[xml.size] = '\0';
- printf("%s\n", xml.data);
- _gnutls_free_datum(&xml);
-#endif
-
- _gnutls_free_datum(&dat);
- gnutls_certificate_free_credentials(ctx);
-
- return 0;
-}
+++ /dev/null
-/*
- * Copyright (C) 2008-2012 Free Software Foundation, Inc.
- *
- * Author: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
-
- * pgps2kgnu: test GNU extensions to the OpenPGP S2K specification.
- * at the moment, we just test the "GNU dummy" S2K
- * extension.
-
- *
- * This file is part of GnuTLS.
- *
- * GnuTLS is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 3 of the License, or
- * (at your option) any later version.
- *
- * GnuTLS is distributed in the hope that it will be useful, but
- * WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with GnuTLS; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#include <utils.h>
-#include <gnutls/gnutls.h>
-#include <gnutls/openpgp.h>
-
-static char dummy_key[] =
- "-----BEGIN PGP PRIVATE KEY BLOCK-----\n"
- "Version: GnuPG v1.4.9 (GNU/Linux)\n"
- "\n"
- "lQCVBEO3YdABBACRqqEnucag4+vyZny2M67Pai5+5suIRRvY+Ly8Ms5MvgCi3EVV\n"
- "xT05O/+0ShiRaf+QicCOFrhbU9PZzzU+seEvkeW2UCu4dQfILkmj+HBEIltGnHr3\n"
- "G0yegHj5pnqrcezERURf2e17gGFWX91cXB9Cm721FPXczuKraphKwCA9PwARAQAB\n"
- "/gNlAkdOVQG0OURlbW9uc3RyYXRpb24gS2V5IGZvciBTMksgR05VIGV4dGVuc2lv\n"
- "biAxMDAxIC0tIGdudS1kdW1teYi8BBMBAgAmBQJDt2HQAhsDBQkB4TOABgsJCAcD\n"
- "AgQVAggDBBYCAwECHgECF4AACgkQQZUwSa4UDezTOQP/TMQXUVrWzHYZGopoPZ2+\n"
- "ZS3qddiznBHsgb7MGYg1KlTiVJSroDUBCHIUJvdQKZV9zrzrFl47D07x6hGyUPHV\n"
- "aZXvuITW8t1o5MMHkCy3pmJ2KgfDvdUxrBvLfgPMICA4c6zA0mWquee43syEW9NY\n"
- "g3q61iPlQwD1J1kX1wlimLCdAdgEQ7dh0AEEANAwa63zlQbuy1Meliy8otwiOa+a\n"
- "mH6pxxUgUNggjyjO5qx+rl25mMjvGIRX4/L1QwIBXJBVi3SgvJW1COZxZqBYqj9U\n"
- "8HVT07mWKFEDf0rZLeUE2jTm16cF9fcW4DQhW+sfYm+hi2sY3HeMuwlUBK9KHfW2\n"
- "+bGeDzVZ4pqfUEudABEBAAEAA/0bemib+wxub9IyVFUp7nPobjQC83qxLSNzrGI/\n"
- "RHzgu/5CQi4tfLOnwbcQsLELfker2hYnjsLrT9PURqK4F7udrWEoZ1I1LymOtLG/\n"
- "4tNZ7Mnul3wRC2tCn7FKx8sGJwGh/3li8vZ6ALVJAyOia5TZ/buX0+QZzt6+hPKk\n"
- "7MU1WQIA4bUBjtrsqDwro94DvPj3/jBnMZbXr6WZIItLNeVDUcM8oHL807Am97K1\n"
- "ueO/f6v1sGAHG6lVPTmtekqPSTWBfwIA7CGFvEyvSALfB8NUa6jtk27NCiw0csql\n"
- "kuhCmwXGMVOiryKEfegkIahf2bAd/gnWHPrpWp7bUE20v8YoW22I4wIAhnm5Wr5Q\n"
- "Sy7EHDUxmJm5TzadFp9gq08qNzHBpXSYXXJ3JuWcL1/awUqp3tE1I6zZ0hZ38Ia6\n"
- "SdBMN88idnhDPqPoiKUEGAECAA8FAkO3YdACGyAFCQHhM4AACgkQQZUwSa4UDezm\n"
- "vQP/ZhK+2ly9oI2z7ZcNC/BJRch0/ybQ3haahII8pXXmOThpZohr/LUgoWgCZdXg\n"
- "vP6yiszNk2tIs8KphCAw7Lw/qzDC2hEORjWO4f46qk73RAgSqG/GyzI4ltWiDhqn\n"
- "vnQCFl3+QFSe4zinqykHnLwGPMXv428d/ZjkIc2ju8dRsn4=\n"
- "=CR5w\n" "-----END PGP PRIVATE KEY BLOCK-----\n";
-
-/* Test capability of reading the gnu-dummy OpenPGP S2K extension.
- See: doc/DETAILS from gnupg
- http://lists.gnu.org/archive/html/gnutls-devel/2008-08/msg00023.html
-*/
-
-static void tls_log_func(int level, const char *str)
-{
- fprintf(stderr, "|<%d>| %s", level, str);
-}
-
-int main(int argc, char **argv)
-{
- int rc;
- gnutls_datum_t keydatum =
- { (unsigned char *) dummy_key, strlen(dummy_key) };
- gnutls_openpgp_privkey_t key;
-
- if (argc > 1) {
- gnutls_global_set_log_function(tls_log_func);
- gnutls_global_set_log_level(9);
- }
-
- rc = global_init();
- if (rc) {
- printf("global_init rc %d: %s\n", rc, gnutls_strerror(rc));
- return 1;
- }
-
- rc = gnutls_openpgp_privkey_init(&key);
- if (rc) {
- printf("gnutls_openpgp_privkey_init rc %d: %s\n",
- rc, gnutls_strerror(rc));
- return 1;
- }
-
- rc = gnutls_openpgp_privkey_import(key, &keydatum,
- GNUTLS_OPENPGP_FMT_BASE64, NULL,
- 0);
- if (rc) {
- printf("gnutls_openpgp_privkey_import rc %d: %s\n",
- rc, gnutls_strerror(rc));
- return 1;
- }
-
- gnutls_openpgp_privkey_deinit(key);
-
- gnutls_global_deinit();
-
- return 0;
-}
projects / thirdparty / gnutls.git / commitdiff
