diff options
author | lloyd <[email protected]> | 2011-12-23 18:22:37 +0000 |
---|---|---|
committer | lloyd <[email protected]> | 2011-12-23 18:22:37 +0000 |
commit | 61d461d0a5fb63c3aee906c76b4aefe3335a7591 (patch) | |
tree | a936e50187ba7ace33c09fcf5a9119e257987f30 /doc | |
parent | 917bf37104eb039a97ef989306954dd8bc05f400 (diff) |
Centralize a lot of the handshaking and message parsing in TLS_Channel
Also delete the obsolete/never worked CMS examples
Diffstat (limited to 'doc')
-rw-r--r-- | doc/examples/cms_dec.cpp | 120 | ||||
-rw-r--r-- | doc/examples/cms_enc.cpp | 59 | ||||
-rw-r--r-- | doc/examples/socket.h | 2 | ||||
-rw-r--r-- | doc/examples/tls_client.cpp | 2 | ||||
-rw-r--r-- | doc/examples/tls_server.cpp | 49 |
5 files changed, 36 insertions, 196 deletions
diff --git a/doc/examples/cms_dec.cpp b/doc/examples/cms_dec.cpp deleted file mode 100644 index 84355fb4a..000000000 --- a/doc/examples/cms_dec.cpp +++ /dev/null @@ -1,120 +0,0 @@ -/* -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/botan.h> -#include <botan/pkcs8.h> -#include <botan/cms_dec.h> -using namespace Botan; - -#include <iostream> -#include <memory> - -int main(int argc, char* argv[]) - { - if(argc != 2) - { - std::cout << "Usage: " << argv[0] << " <filename>\n"; - return 1; - } - - Botan::LibraryInitializer init; - - try { - AutoSeeded_RNG rng; - - X509_Certificate mycert("mycert.pem"); - PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", rng, "cut"); - - X509_Certificate yourcert("yourcert.pem"); - X509_Certificate cacert("cacert.pem"); - X509_Certificate int_ca("int_ca.pem"); - - X509_Store store; - store.add_cert(mycert); - store.add_cert(yourcert); - store.add_cert(cacert, true); - store.add_cert(int_ca); - - DataSource_Stream message(argv[1]); - - CMS_Decoder decoder(message, store, mykey); - - while(decoder.layer_type() != CMS_Decoder::DATA) - { - CMS_Decoder::Status status = decoder.layer_status(); - CMS_Decoder::Content_Type content = decoder.layer_type(); - - if(status == CMS_Decoder::FAILURE) - { - std::cout << "Failure reading CMS data" << std::endl; - break; - } - - if(content == CMS_Decoder::DIGESTED) - { - std::cout << "Digested data, hash = " << decoder.layer_info() - << std::endl; - std::cout << "Hash is " - << ((status == CMS_Decoder::GOOD) ? "good" : "bad") - << std::endl; - } - - if(content == CMS_Decoder::SIGNED) - { - // how to handle multiple signers? they can all exist within a - // single level... - - std::cout << "Signed by " << decoder.layer_info() << std::endl; - //std::cout << "Sign time: " << decoder.xxx() << std::endl; - std::cout << "Signature is "; - if(status == CMS_Decoder::GOOD) - std::cout << "valid"; - else if(status == CMS_Decoder::BAD) - std::cout << "bad"; - else if(status == CMS_Decoder::NO_KEY) - std::cout << "(cannot check, no known cert)"; - std::cout << std::endl; - } - if(content == CMS_Decoder::ENVELOPED || - content == CMS_Decoder::COMPRESSED || - content == CMS_Decoder::AUTHENTICATED) - { - if(content == CMS_Decoder::ENVELOPED) - std::cout << "Enveloped"; - if(content == CMS_Decoder::COMPRESSED) - std::cout << "Compressed"; - if(content == CMS_Decoder::AUTHENTICATED) - std::cout << "MACed"; - - std::cout << ", algo = " << decoder.layer_info() << std::endl; - - if(content == CMS_Decoder::AUTHENTICATED) - { - std::cout << "MAC status is "; - if(status == CMS_Decoder::GOOD) - std::cout << "valid"; - else if(status == CMS_Decoder::BAD) - std::cout << "bad"; - else if(status == CMS_Decoder::NO_KEY) - std::cout << "(cannot check, no key)"; - std::cout << std::endl; - } - } - decoder.next_layer(); - } - - if(decoder.layer_type() == CMS_Decoder::DATA) - std::cout << "Message is \"" << decoder.get_data() - << '"' << std::endl; - else - std::cout << "No data anywhere?" << std::endl; - } - catch(std::exception& e) - { - std::cerr << e.what() << std::endl; - } - return 0; - } diff --git a/doc/examples/cms_enc.cpp b/doc/examples/cms_enc.cpp deleted file mode 100644 index 2cf813987..000000000 --- a/doc/examples/cms_enc.cpp +++ /dev/null @@ -1,59 +0,0 @@ -/* -* (C) 2009 Jack Lloyd -* -* Distributed under the terms of the Botan license -*/ - -#include <botan/botan.h> -#include <botan/cms_enc.h> -using namespace Botan; - -#include <iostream> -#include <fstream> -#include <memory> - -int main() - { - Botan::LibraryInitializer init; - - try { - - X509_Certificate mycert("mycert.pem"); - X509_Certificate mycert2("mycert2.pem"); - X509_Certificate yourcert("yourcert.pem"); - X509_Certificate cacert("cacert.pem"); - X509_Certificate int_ca("int_ca.pem"); - - AutoSeeded_RNG rng; - - X509_Store store; - store.add_cert(mycert); - store.add_cert(mycert2); - store.add_cert(yourcert); - store.add_cert(int_ca); - store.add_cert(cacert, true); - - const std::string msg = "prioncorp: we don't toy\n"; - - CMS_Encoder encoder(msg); - - encoder.compress("Zlib"); - encoder.digest(); - encoder.encrypt(rng, mycert); - - /* - PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", rng, "cut"); - encoder.sign(store, *mykey); - */ - - SecureVector<byte> raw = encoder.get_contents(); - std::ofstream out("out.der"); - - out.write((const char*)raw.begin(), raw.size()); - } - catch(std::exception& e) - { - std::cerr << e.what() << std::endl; - } - return 0; - } diff --git a/doc/examples/socket.h b/doc/examples/socket.h index f10ff9f26..9e16ab36a 100644 --- a/doc/examples/socket.h +++ b/doc/examples/socket.h @@ -180,7 +180,7 @@ size_t Socket::read(unsigned char buf[], size_t length, bool partial) { ssize_t this_time = ::recv(sockfd, (char*)buf + got, length, flags); - const bool full_ret = (this_time == length); + const bool full_ret = (this_time == (ssize_t)length); if(this_time == 0) break; diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp index a51febfcf..ee224e9eb 100644 --- a/doc/examples/tls_client.cpp +++ b/doc/examples/tls_client.cpp @@ -41,7 +41,7 @@ class HTTPS_Client quit_reading = false; - while(!client.handshake_complete() || desired) + while(!client.is_active() || desired) { const size_t socket_got = socket.read(&socket_buf[0], socket_buf.size()); //printf("Got %d bytes from socket\n", socket_got); diff --git a/doc/examples/tls_server.cpp b/doc/examples/tls_server.cpp index 153b26d04..62bc8fadc 100644 --- a/doc/examples/tls_server.cpp +++ b/doc/examples/tls_server.cpp @@ -30,6 +30,13 @@ class Server_TLS_Policy : public TLS_Policy } }; +void proc_data(const byte data[], size_t data_len, u16bit alert_info) + { + printf("Block of data %d bytes alert %04X\n", (int)data_len, alert_info); + for(size_t i = 0; i != data_len; ++i) + printf("%c", data[i]); + } + int main(int argc, char* argv[]) { int port = 4433; @@ -40,7 +47,7 @@ int main(int argc, char* argv[]) try { LibraryInitializer botan_init; - SocketInitializer socket_init; + //SocketInitializer socket_init; AutoSeeded_RNG rng; @@ -67,28 +74,40 @@ int main(int argc, char* argv[]) printf("Got new connection\n"); TLS_Server tls( - std::tr1::bind(&Socket::read, std::tr1::ref(sock), _1, _2), - std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2), - policy, - rng, - cert, - key); - - std::string hostname = tls.requested_hostname(); + std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2), + proc_data, + policy, + rng, + cert, + key); + + SecureVector<byte> buf(1024); + size_t desired = 0; + while(!tls.is_active() || desired) + { + const size_t socket_got = sock->read(&buf[0], desired || 1); + desired = tls.received_data(&buf[0], socket_got); + } + + const std::string hostname = tls.server_name_indicator(); if(hostname != "") printf("Client requested host '%s'\n", hostname.c_str()); printf("Writing some text\n"); - char msg[] = "Foo\nBar\nBaz\nQuux\n"; - tls.write((const Botan::byte*)msg, strlen(msg)); + char msg[] = "Welcome to the best echo server evar\n"; + tls.queue_for_sending((const Botan::byte*)msg, strlen(msg)); + + while(true) + { + size_t got = sock->read(&buf[0], buf.size(), true); - printf("Now trying a read...\n"); + if(got == 0) + break; - char buf[1024] = { 0 }; - u32bit got = tls.read((Botan::byte*)buf, sizeof(buf)-1); - printf("%d: '%s'\n", got, buf); + tls.received_data(&buf[0], got); + } tls.close(); } |