aboutsummaryrefslogtreecommitdiffstats
path: root/doc
diff options
context:
space:
mode:
authorlloyd <[email protected]>2011-12-23 18:22:37 +0000
committerlloyd <[email protected]>2011-12-23 18:22:37 +0000
commit61d461d0a5fb63c3aee906c76b4aefe3335a7591 (patch)
treea936e50187ba7ace33c09fcf5a9119e257987f30 /doc
parent917bf37104eb039a97ef989306954dd8bc05f400 (diff)
Centralize a lot of the handshaking and message parsing in TLS_Channel
Also delete the obsolete/never worked CMS examples
Diffstat (limited to 'doc')
-rw-r--r--doc/examples/cms_dec.cpp120
-rw-r--r--doc/examples/cms_enc.cpp59
-rw-r--r--doc/examples/socket.h2
-rw-r--r--doc/examples/tls_client.cpp2
-rw-r--r--doc/examples/tls_server.cpp49
5 files changed, 36 insertions, 196 deletions
diff --git a/doc/examples/cms_dec.cpp b/doc/examples/cms_dec.cpp
deleted file mode 100644
index 84355fb4a..000000000
--- a/doc/examples/cms_dec.cpp
+++ /dev/null
@@ -1,120 +0,0 @@
-/*
-* (C) 2009 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/botan.h>
-#include <botan/pkcs8.h>
-#include <botan/cms_dec.h>
-using namespace Botan;
-
-#include <iostream>
-#include <memory>
-
-int main(int argc, char* argv[])
- {
- if(argc != 2)
- {
- std::cout << "Usage: " << argv[0] << " <filename>\n";
- return 1;
- }
-
- Botan::LibraryInitializer init;
-
- try {
- AutoSeeded_RNG rng;
-
- X509_Certificate mycert("mycert.pem");
- PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", rng, "cut");
-
- X509_Certificate yourcert("yourcert.pem");
- X509_Certificate cacert("cacert.pem");
- X509_Certificate int_ca("int_ca.pem");
-
- X509_Store store;
- store.add_cert(mycert);
- store.add_cert(yourcert);
- store.add_cert(cacert, true);
- store.add_cert(int_ca);
-
- DataSource_Stream message(argv[1]);
-
- CMS_Decoder decoder(message, store, mykey);
-
- while(decoder.layer_type() != CMS_Decoder::DATA)
- {
- CMS_Decoder::Status status = decoder.layer_status();
- CMS_Decoder::Content_Type content = decoder.layer_type();
-
- if(status == CMS_Decoder::FAILURE)
- {
- std::cout << "Failure reading CMS data" << std::endl;
- break;
- }
-
- if(content == CMS_Decoder::DIGESTED)
- {
- std::cout << "Digested data, hash = " << decoder.layer_info()
- << std::endl;
- std::cout << "Hash is "
- << ((status == CMS_Decoder::GOOD) ? "good" : "bad")
- << std::endl;
- }
-
- if(content == CMS_Decoder::SIGNED)
- {
- // how to handle multiple signers? they can all exist within a
- // single level...
-
- std::cout << "Signed by " << decoder.layer_info() << std::endl;
- //std::cout << "Sign time: " << decoder.xxx() << std::endl;
- std::cout << "Signature is ";
- if(status == CMS_Decoder::GOOD)
- std::cout << "valid";
- else if(status == CMS_Decoder::BAD)
- std::cout << "bad";
- else if(status == CMS_Decoder::NO_KEY)
- std::cout << "(cannot check, no known cert)";
- std::cout << std::endl;
- }
- if(content == CMS_Decoder::ENVELOPED ||
- content == CMS_Decoder::COMPRESSED ||
- content == CMS_Decoder::AUTHENTICATED)
- {
- if(content == CMS_Decoder::ENVELOPED)
- std::cout << "Enveloped";
- if(content == CMS_Decoder::COMPRESSED)
- std::cout << "Compressed";
- if(content == CMS_Decoder::AUTHENTICATED)
- std::cout << "MACed";
-
- std::cout << ", algo = " << decoder.layer_info() << std::endl;
-
- if(content == CMS_Decoder::AUTHENTICATED)
- {
- std::cout << "MAC status is ";
- if(status == CMS_Decoder::GOOD)
- std::cout << "valid";
- else if(status == CMS_Decoder::BAD)
- std::cout << "bad";
- else if(status == CMS_Decoder::NO_KEY)
- std::cout << "(cannot check, no key)";
- std::cout << std::endl;
- }
- }
- decoder.next_layer();
- }
-
- if(decoder.layer_type() == CMS_Decoder::DATA)
- std::cout << "Message is \"" << decoder.get_data()
- << '"' << std::endl;
- else
- std::cout << "No data anywhere?" << std::endl;
- }
- catch(std::exception& e)
- {
- std::cerr << e.what() << std::endl;
- }
- return 0;
- }
diff --git a/doc/examples/cms_enc.cpp b/doc/examples/cms_enc.cpp
deleted file mode 100644
index 2cf813987..000000000
--- a/doc/examples/cms_enc.cpp
+++ /dev/null
@@ -1,59 +0,0 @@
-/*
-* (C) 2009 Jack Lloyd
-*
-* Distributed under the terms of the Botan license
-*/
-
-#include <botan/botan.h>
-#include <botan/cms_enc.h>
-using namespace Botan;
-
-#include <iostream>
-#include <fstream>
-#include <memory>
-
-int main()
- {
- Botan::LibraryInitializer init;
-
- try {
-
- X509_Certificate mycert("mycert.pem");
- X509_Certificate mycert2("mycert2.pem");
- X509_Certificate yourcert("yourcert.pem");
- X509_Certificate cacert("cacert.pem");
- X509_Certificate int_ca("int_ca.pem");
-
- AutoSeeded_RNG rng;
-
- X509_Store store;
- store.add_cert(mycert);
- store.add_cert(mycert2);
- store.add_cert(yourcert);
- store.add_cert(int_ca);
- store.add_cert(cacert, true);
-
- const std::string msg = "prioncorp: we don't toy\n";
-
- CMS_Encoder encoder(msg);
-
- encoder.compress("Zlib");
- encoder.digest();
- encoder.encrypt(rng, mycert);
-
- /*
- PKCS8_PrivateKey* mykey = PKCS8::load_key("mykey.pem", rng, "cut");
- encoder.sign(store, *mykey);
- */
-
- SecureVector<byte> raw = encoder.get_contents();
- std::ofstream out("out.der");
-
- out.write((const char*)raw.begin(), raw.size());
- }
- catch(std::exception& e)
- {
- std::cerr << e.what() << std::endl;
- }
- return 0;
- }
diff --git a/doc/examples/socket.h b/doc/examples/socket.h
index f10ff9f26..9e16ab36a 100644
--- a/doc/examples/socket.h
+++ b/doc/examples/socket.h
@@ -180,7 +180,7 @@ size_t Socket::read(unsigned char buf[], size_t length, bool partial)
{
ssize_t this_time = ::recv(sockfd, (char*)buf + got, length, flags);
- const bool full_ret = (this_time == length);
+ const bool full_ret = (this_time == (ssize_t)length);
if(this_time == 0)
break;
diff --git a/doc/examples/tls_client.cpp b/doc/examples/tls_client.cpp
index a51febfcf..ee224e9eb 100644
--- a/doc/examples/tls_client.cpp
+++ b/doc/examples/tls_client.cpp
@@ -41,7 +41,7 @@ class HTTPS_Client
quit_reading = false;
- while(!client.handshake_complete() || desired)
+ while(!client.is_active() || desired)
{
const size_t socket_got = socket.read(&socket_buf[0], socket_buf.size());
//printf("Got %d bytes from socket\n", socket_got);
diff --git a/doc/examples/tls_server.cpp b/doc/examples/tls_server.cpp
index 153b26d04..62bc8fadc 100644
--- a/doc/examples/tls_server.cpp
+++ b/doc/examples/tls_server.cpp
@@ -30,6 +30,13 @@ class Server_TLS_Policy : public TLS_Policy
}
};
+void proc_data(const byte data[], size_t data_len, u16bit alert_info)
+ {
+ printf("Block of data %d bytes alert %04X\n", (int)data_len, alert_info);
+ for(size_t i = 0; i != data_len; ++i)
+ printf("%c", data[i]);
+ }
+
int main(int argc, char* argv[])
{
int port = 4433;
@@ -40,7 +47,7 @@ int main(int argc, char* argv[])
try
{
LibraryInitializer botan_init;
- SocketInitializer socket_init;
+ //SocketInitializer socket_init;
AutoSeeded_RNG rng;
@@ -67,28 +74,40 @@ int main(int argc, char* argv[])
printf("Got new connection\n");
TLS_Server tls(
- std::tr1::bind(&Socket::read, std::tr1::ref(sock), _1, _2),
- std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2),
- policy,
- rng,
- cert,
- key);
-
- std::string hostname = tls.requested_hostname();
+ std::tr1::bind(&Socket::write, std::tr1::ref(sock), _1, _2),
+ proc_data,
+ policy,
+ rng,
+ cert,
+ key);
+
+ SecureVector<byte> buf(1024);
+ size_t desired = 0;
+ while(!tls.is_active() || desired)
+ {
+ const size_t socket_got = sock->read(&buf[0], desired || 1);
+ desired = tls.received_data(&buf[0], socket_got);
+ }
+
+ const std::string hostname = tls.server_name_indicator();
if(hostname != "")
printf("Client requested host '%s'\n", hostname.c_str());
printf("Writing some text\n");
- char msg[] = "Foo\nBar\nBaz\nQuux\n";
- tls.write((const Botan::byte*)msg, strlen(msg));
+ char msg[] = "Welcome to the best echo server evar\n";
+ tls.queue_for_sending((const Botan::byte*)msg, strlen(msg));
+
+ while(true)
+ {
+ size_t got = sock->read(&buf[0], buf.size(), true);
- printf("Now trying a read...\n");
+ if(got == 0)
+ break;
- char buf[1024] = { 0 };
- u32bit got = tls.read((Botan::byte*)buf, sizeof(buf)-1);
- printf("%d: '%s'\n", got, buf);
+ tls.received_data(&buf[0], got);
+ }
tls.close();
}