diff options
Diffstat (limited to 'doc/examples/ex-client-psk.c')
-rw-r--r-- | doc/examples/ex-client-psk.c | 119 |
1 files changed, 119 insertions, 0 deletions
diff --git a/doc/examples/ex-client-psk.c b/doc/examples/ex-client-psk.c new file mode 100644 index 0000000000..3b2f28069a --- /dev/null +++ b/doc/examples/ex-client-psk.c @@ -0,0 +1,119 @@ +/* Copyright 2007, 2008 Free Software Foundation + * + * Copying and distribution of this file, with or without modification, + * are permitted in any medium without royalty provided the copyright + * notice and this notice are preserved. + */ + +#if HAVE_CONFIG_H +# include <config.h> +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <arpa/inet.h> +#include <unistd.h> +#include <gnutls/gnutls.h> + +/* A very basic TLS client, with PSK authentication. + */ + +#define MAX_BUF 1024 +#define CAFILE "ca.pem" +#define MSG "GET / HTTP/1.0\r\n\r\n" + +extern int tcp_connect (void); +extern void tcp_close (int sd); + +int +main (void) +{ + int ret, sd, ii; + gnutls_session_t session; + char buffer[MAX_BUF + 1]; + const char *err; + gnutls_psk_client_credentials_t pskcred; + const gnutls_datum_t key = { "DEADBEEF", 8 }; + + gnutls_global_init (); + + gnutls_psk_allocate_client_credentials (&pskcred); + gnutls_psk_set_client_credentials (pskcred, "test", &key, + GNUTLS_PSK_KEY_HEX); + + /* Initialize TLS session + */ + gnutls_init (&session, GNUTLS_CLIENT); + + /* Use default priorities */ + ret = gnutls_priority_set_direct (session, "PERFORMANCE", &err); + if (ret < 0) { + if (ret == GNUTLS_E_INVALID_REQUEST) { + fprintf(stderr, "Syntax error at: %s\n", err); + } + exit(1); + } + + /* put the x509 credentials to the current session + */ + gnutls_credentials_set (session, GNUTLS_CRD_PSK, pskcred); + + /* connect to the peer + */ + sd = tcp_connect (); + + gnutls_transport_set_ptr (session, (gnutls_transport_ptr_t) sd); + + /* Perform the TLS handshake + */ + ret = gnutls_handshake (session); + + if (ret < 0) + { + fprintf (stderr, "*** Handshake failed\n"); + gnutls_perror (ret); + goto end; + } + else + { + printf ("- Handshake was completed\n"); + } + + gnutls_record_send (session, MSG, strlen (MSG)); + + ret = gnutls_record_recv (session, buffer, MAX_BUF); + if (ret == 0) + { + printf ("- Peer has closed the TLS connection\n"); + goto end; + } + else if (ret < 0) + { + fprintf (stderr, "*** Error: %s\n", gnutls_strerror (ret)); + goto end; + } + + printf ("- Received %d bytes: ", ret); + for (ii = 0; ii < ret; ii++) + { + fputc (buffer[ii], stdout); + } + fputs ("\n", stdout); + + gnutls_bye (session, GNUTLS_SHUT_RDWR); + +end: + + tcp_close (sd); + + gnutls_deinit (session); + + gnutls_psk_free_client_credentials (pskcred); + + gnutls_global_deinit (); + + return 0; +} |