|
Packit Service |
4684c1 |
/*
|
|
Packit Service |
4684c1 |
* Copyright (C) 2020 Pierre Ossman for Cendio AB
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* Author: Pierre Ossman
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* This file is part of GnuTLS.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is free software; you can redistribute it and/or modify it
|
|
Packit Service |
4684c1 |
* under the terms of the GNU General Public License as published by
|
|
Packit Service |
4684c1 |
* the Free Software Foundation; either version 3 of the License, or
|
|
Packit Service |
4684c1 |
* (at your option) any later version.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* GnuTLS is distributed in the hope that it will be useful, but
|
|
Packit Service |
4684c1 |
* WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit Service |
4684c1 |
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit Service |
4684c1 |
* General Public License for more details.
|
|
Packit Service |
4684c1 |
*
|
|
Packit Service |
4684c1 |
* You should have received a copy of the GNU General Public License
|
|
Packit Service |
4684c1 |
* along with GnuTLS; if not, write to the Free Software Foundation,
|
|
Packit Service |
4684c1 |
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#ifdef HAVE_CONFIG_H
|
|
Packit Service |
4684c1 |
#include <config.h>
|
|
Packit Service |
4684c1 |
#endif
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include <stdio.h>
|
|
Packit Service |
4684c1 |
#include <stdlib.h>
|
|
Packit Service |
4684c1 |
#include <string.h>
|
|
Packit Service |
4684c1 |
#include <sys/types.h>
|
|
Packit Service |
4684c1 |
#include <unistd.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/gnutls.h>
|
|
Packit Service |
4684c1 |
#include <gnutls/x509.h>
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
#include "utils.h"
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static void tls_log_func(int level, const char *str)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
fprintf(stderr, "<%d>| %s", level, str);
|
|
Packit Service |
4684c1 |
}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* the issuer/subject connection between the server cert and the CA
|
|
Packit Service |
4684c1 |
* cert uses different ASN.1 types, which is uncommon but allowed */
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static unsigned char server_pem[] =
|
|
Packit Service |
4684c1 |
"-----BEGIN CERTIFICATE-----\n"
|
|
Packit Service |
4684c1 |
"MIIDZTCCAc2gAwIBAgIUB7aVTQvtbBpOEtKELkBkLViM0eIwDQYJKoZIhvcNAQEL\n"
|
|
Packit Service |
4684c1 |
"BQAwEjEQMA4GA1UEAwwHVGVzdCBDQTAeFw0yMDAzMjYxMDE4NTdaFw0yMTAzMjYx\n"
|
|
Packit Service |
4684c1 |
"MDE4NTdaMBYxFDASBgNVBAMMC1Rlc3QgY2xpZW50MIIBIjANBgkqhkiG9w0BAQEF\n"
|
|
Packit Service |
4684c1 |
"AAOCAQ8AMIIBCgKCAQEAviqj5S/xe39agbMnq/oPAQmdIhalB17Ewc3AZlD8n+zQ\n"
|
|
Packit Service |
4684c1 |
"scPDNvnk4gxSeSXePtXmh0OaGcBKbMAkjiyo2gPBmV3ay34LQuk97nJxE2TUAWMm\n"
|
|
Packit Service |
4684c1 |
"S8yFwP3yoE+GZ5eYjv+HGQxeAP9uHLjho/jHjVGgUOCVv1QjsKyRx8Tuvy9TH3ON\n"
|
|
Packit Service |
4684c1 |
"DuMPw3Jmnq0OhLy2+SjU0ug5jxfWJvnfeGoFzRgalmWGyoAQsH9bqha/D44QSen+\n"
|
|
Packit Service |
4684c1 |
"Zbbt/A4uNIILAENYuHXEfvpmBuZPpocOb6h2huGbp6iHZfdZUHso37UmWT6PXh+2\n"
|
|
Packit Service |
4684c1 |
"dASPaCpAr3bURBhnEsQM43njb8METZewMeoQxwZC0QIDAQABoy8wLTAMBgNVHRMB\n"
|
|
Packit Service |
4684c1 |
"Af8EAjAAMB0GA1UdDgQWBBSb3h7ZbajS/2RWx2a7hTVSkur0FDANBgkqhkiG9w0B\n"
|
|
Packit Service |
4684c1 |
"AQsFAAOCAYEAPfwyvOwNEjIvlifjBVhiWmrtZAS2YaY9jqFnaA2PvYY2FVyC3AMu\n"
|
|
Packit Service |
4684c1 |
"3BGAorau/4DL3P92/9SlygEmBQpqCq+AJnQRH6WKFT4avAOmw3yc0++st+DhGK0I\n"
|
|
Packit Service |
4684c1 |
"6Cr69WccVi0Kmxi1XP4dpPDWSuVCOP6rGc3ulgEH83xF4ZL+3qVA9Fihsie3ZZme\n"
|
|
Packit Service |
4684c1 |
"7mqWOznVO1MZHLDFIUEoRdOSin5bIkl7FPOCZqMsWRM41GuA1h4aX/X5dLeqRW1c\n"
|
|
Packit Service |
4684c1 |
"mJ5CNRWwPIPcwgqeldFnx07svCv9QseUDaIw+C9vZOlgfIgp0qeYoR6fsD38WcUC\n"
|
|
Packit Service |
4684c1 |
"eJPsOUwhdhMcw+/PM16iwzd89dI+PCecFY9FeLh9YeihZm0DnG8L0To1Y2ry+WRf\n"
|
|
Packit Service |
4684c1 |
"w5knR3FReHPcelymvSKZSEG0d/KKHXBeKWgcrCrdnn4ya71eblsNzO3vnxB5k0Zj\n"
|
|
Packit Service |
4684c1 |
"WcQ3wfeftQKDEIuaRHUP6B4zx2teJWMWvJLcXuavoqo0z3L5EN74RztCpnP9ykSH\n"
|
|
Packit Service |
4684c1 |
"ZsYWoJ3aelFv\n"
|
|
Packit Service |
4684c1 |
"-----END CERTIFICATE-----\n";
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
static unsigned char ca_pem[] =
|
|
Packit Service |
4684c1 |
"-----BEGIN CERTIFICATE-----\n"
|
|
Packit Service |
4684c1 |
"MIID5DCCAkygAwIBAgIUB4lnLAeQ20wlYbqt5ykgvWOPNzgwDQYJKoZIhvcNAQEL\n"
|
|
Packit Service |
4684c1 |
"BQAwEjEQMA4GA1UEAxMHVGVzdCBDQTAeFw0yMDAzMjYxMDI0MjhaFw0yMDAzMjcx\n"
|
|
Packit Service |
4684c1 |
"MDI0MjhaMBIxEDAOBgNVBAMTB1Rlc3QgQ0EwggGiMA0GCSqGSIb3DQEBAQUAA4IB\n"
|
|
Packit Service |
4684c1 |
"jwAwggGKAoIBgQCt9z/noU7qCPquzzgwNvu/rwXyIvxmqdWhpfpBOmVq8wpgUDUU\n"
|
|
Packit Service |
4684c1 |
"cQ94F65UfTo3EcYXCoDs43E4Wo8KmF5YQM2xK+LrH28XmpL3z+NoQGaZoUVrMWp6\n"
|
|
Packit Service |
4684c1 |
"rbIeoGZvITaaGn2uEbGT7iRkBUdS4wOjUT13IxpG8cM4d0i0DIsqSlUPnQCfyMqf\n"
|
|
Packit Service |
4684c1 |
"jsVhO9IQsn7qMo0+2nNCI5JqblEXRvL39hHzJMOsq1NRqZO1Zjt9HCIB7m7Q42Jx\n"
|
|
Packit Service |
4684c1 |
"e8zm7RzTiBFVKecxb5h4mmt3tUZQ0Kjd94yE6ARSE0rULmO+6H7hgI6sU8vqfSFe\n"
|
|
Packit Service |
4684c1 |
"DimQ5mPReumBRDcErX+c7bRGPRul41kAB8XvPmAHG8xCepjH8xrgY/FeVBQT74xm\n"
|
|
Packit Service |
4684c1 |
"MEYQaxdGpa8Azx6MZCrZOI0rzu+zI0CBQGE1h1Xk8HBozrn/G2OOAZcXyzHzq56R\n"
|
|
Packit Service |
4684c1 |
"Z52zEQYFZmKH9tHTDI6fMfo8clr7esb/wmgEOt/lJYE9IMJrzUh+IwWuowdYaDVj\n"
|
|
Packit Service |
4684c1 |
"nMrboUBVepmBKSUCAwEAAaMyMDAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU\n"
|
|
Packit Service |
4684c1 |
"rhkYiczAkbCcVfNr67VGGaqilbgwDQYJKoZIhvcNAQELBQADggGBAGYiUTKdYBXk\n"
|
|
Packit Service |
4684c1 |
"lZFIhZkCc33/lCgJw2mSrdAd+xJmJonRPy3qmYy3HniOmQdRVqResLALubz89VjJ\n"
|
|
Packit Service |
4684c1 |
"dSeokujFrlNtb4CygojseqTsxWgeZlKjLU3tJ/Xn+DFIiP7k9+WPW7KFIIW0fq61\n"
|
|
Packit Service |
4684c1 |
"MAI0lKjqpC8sJTlXoJemDw9MW/380nKr+K1YY3arRzsSHEIeA54xOggKEwvgz11A\n"
|
|
Packit Service |
4684c1 |
"47xT83WoLwFQ4e9LZfCsL/M51lsLHAlJzDKyTTeSxCi/C6kUIzx8QyxHKYgBuNxz\n"
|
|
Packit Service |
4684c1 |
"8vVLY/YzUv/l5ELYQ9gkAX0vZWdw7pqASUY8yvbzImrWqjFAHeN3zK687Ke9uppS\n"
|
|
Packit Service |
4684c1 |
"dmjvPwvTK+SKm++NR8YCwb3xqHQHMYHV3lxjlOhaN6rxBW0l4gtvb2FMlhcljiZ+\n"
|
|
Packit Service |
4684c1 |
"tF2ObVwEs6nqJSGrzubp0os+WmnbVSCaHz9jnRWb68C87mXCZkbA7FTSKJOVuqRM\n"
|
|
Packit Service |
4684c1 |
"vVTcHQ7jwGQ2/SvikndFQ53zi2j9o/jTOiFv29rEOeHu67UAiFSi2A==\n"
|
|
Packit Service |
4684c1 |
"-----END CERTIFICATE-----\n";
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
const gnutls_datum_t server = { server_pem, sizeof(server_pem)-1 };
|
|
Packit Service |
4684c1 |
const gnutls_datum_t ca = { ca_pem, sizeof(ca_pem)-1 };
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
void doit(void)
|
|
Packit Service |
4684c1 |
{
|
|
Packit Service |
4684c1 |
int ret;
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_t server_crt, ca_crt;
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
/* this must be called once in the program
|
|
Packit Service |
4684c1 |
*/
|
|
Packit Service |
4684c1 |
global_init();
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_function(tls_log_func);
|
|
Packit Service |
4684c1 |
if (debug)
|
|
Packit Service |
4684c1 |
gnutls_global_set_log_level(6);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_init(&server_crt);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret =
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_import(server_crt, &server, GNUTLS_X509_FMT_PEM);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
fail("gnutls_x509_crt_import");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_init(&ca_crt);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret =
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_import(ca_crt, &ca, GNUTLS_X509_FMT_PEM);
|
|
Packit Service |
4684c1 |
if (ret < 0)
|
|
Packit Service |
4684c1 |
fail("gnutls_x509_crt_import");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
ret = gnutls_x509_crt_check_issuer(server_crt, ca_crt);
|
|
Packit Service |
4684c1 |
if (!ret)
|
|
Packit Service |
4684c1 |
fail("gnutls_x509_crt_check_issuer");
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_deinit(ca_crt);
|
|
Packit Service |
4684c1 |
gnutls_x509_crt_deinit(server_crt);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
gnutls_global_deinit();
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
if (debug)
|
|
Packit Service |
4684c1 |
success("success");
|
|
Packit Service |
4684c1 |
}
|