diff options
Diffstat (limited to 'client.c')
-rw-r--r-- | client.c | 112 |
1 files changed, 112 insertions, 0 deletions
diff --git a/client.c b/client.c new file mode 100644 index 0000000..666a519 --- /dev/null +++ b/client.c @@ -0,0 +1,112 @@ + +#include <netdb.h> +#include <unistd.h> +#include <arpa/inet.h> +#include <netinet/in.h> +#include <sys/socket.h> + +#include <openssl/crypto.h> +#include <openssl/x509.h> +#include <openssl/pem.h> +#include <openssl/ssl.h> + +#include "common.h" + + +int main(void) +{ + const SSL_METHOD *meth; + SSL_CTX *ctx; + int ret; + int sd; + struct sockaddr_in sa; + SSL *ssl; + X509 *server_cert; + char *str; + char buf[64]; + + /* Crypto */ + + SSL_load_error_strings(); + OpenSSL_add_ssl_algorithms(); + + meth = TLSv1_2_client_method(); + ctx = SSL_CTX_new(meth); + CHK_NULL(ctx); + + ret = SSL_CTX_use_certificate_chain_file(ctx, "clientcert.pem"); + CHK_SSL(ret); + + ret = SSL_CTX_use_PrivateKey_file(ctx, "clientkey.pem", SSL_FILETYPE_PEM); + CHK_SSL(ret); + + ret = SSL_CTX_check_private_key(ctx); + CHK_SSL(ret); + + /* Networking */ + + sd = socket(AF_INET, SOCK_STREAM, 0); + CHK_ERR(sd, "socket"); + + memset(&sa, 0, sizeof(sa)); + + sa.sin_family = AF_INET; + sa.sin_addr.s_addr = inet_addr("127.0.0.1"); + sa.sin_port = htons(1111); + + ret = connect(sd, (struct sockaddr *)&sa, sizeof(sa)); + CHK_ERR(ret, "connect"); + + /* SSL negotiation. */ + + ssl = SSL_new(ctx); + CHK_NULL(ssl); + + SSL_set_fd(ssl, sd); + + ret = SSL_connect(ssl); + CHK_SSL_WRAPPER(ret); + + /* Info */ + + printf("SSL connection using %s\n", SSL_get_cipher(ssl)); + + server_cert = SSL_get_peer_certificate(ssl); + CHK_NULL(server_cert); + + printf("Server certificate:\n"); + + str = X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0); + CHK_NULL(str); + printf("\tsubject: %s\n", str); + OPENSSL_free(str); + + str = X509_NAME_oneline(X509_get_issuer_name(server_cert), 0, 0); + CHK_NULL(str); + printf("\tissuer: %s\n", str); + OPENSSL_free(str); + + X509_free(server_cert); + + /* Exchange */ + + ret = SSL_write(ssl, "Hello Server!", strlen("Hello Server!")); + CHK_SSL_WRAPPER(ret); + + ret = SSL_read(ssl, buf, sizeof(buf) - 1); + CHK_SSL_WRAPPER(ret); + + buf[ret] = '\0'; + + printf("Got %d chars: '%s'\n", ret, buf); + + /* End */ + + SSL_shutdown(ssl); + close(sd); + SSL_free(ssl); + SSL_CTX_free(ctx); + + return EXIT_SUCCESS; + +} |