#include #include #include #include #include #include #include #include #include #include "common.h" int main(void) { const SSL_METHOD *meth; SSL_CTX *ctx; int ret; int sd; struct sockaddr_in sa; SSL *ssl; X509 *server_cert; char *str; char buf[64]; /* Crypto */ SSL_load_error_strings(); OpenSSL_add_ssl_algorithms(); meth = TLSv1_2_client_method(); ctx = SSL_CTX_new(meth); CHK_NULL(ctx); ret = SSL_CTX_use_certificate_chain_file(ctx, "clientcert.pem"); CHK_SSL(ret); ret = SSL_CTX_use_PrivateKey_file(ctx, "clientkey.pem", SSL_FILETYPE_PEM); CHK_SSL(ret); ret = SSL_CTX_check_private_key(ctx); CHK_SSL(ret); /* Networking */ sd = socket(AF_INET, SOCK_STREAM, 0); CHK_ERR(sd, "socket"); memset(&sa, 0, sizeof(sa)); sa.sin_family = AF_INET; sa.sin_addr.s_addr = inet_addr("127.0.0.1"); sa.sin_port = htons(1111); ret = connect(sd, (struct sockaddr *)&sa, sizeof(sa)); CHK_ERR(ret, "connect"); /* SSL negotiation. */ ssl = SSL_new(ctx); CHK_NULL(ssl); SSL_set_fd(ssl, sd); ret = SSL_connect(ssl); CHK_SSL_WRAPPER(ret); /* Info */ printf("SSL connection using %s\n", SSL_get_cipher(ssl)); server_cert = SSL_get_peer_certificate(ssl); CHK_NULL(server_cert); printf("Server certificate:\n"); str = X509_NAME_oneline(X509_get_subject_name(server_cert), 0, 0); CHK_NULL(str); printf("\tsubject: %s\n", str); OPENSSL_free(str); str = X509_NAME_oneline(X509_get_issuer_name(server_cert), 0, 0); CHK_NULL(str); printf("\tissuer: %s\n", str); OPENSSL_free(str); X509_free(server_cert); /* Exchange */ ret = SSL_write(ssl, "Hello Server!", strlen("Hello Server!")); CHK_SSL_WRAPPER(ret); ret = SSL_read(ssl, buf, sizeof(buf) - 1); CHK_SSL_WRAPPER(ret); buf[ret] = '\0'; printf("Got %d chars: '%s'\n", ret, buf); /* End */ SSL_shutdown(ssl); close(sd); SSL_free(ssl); SSL_CTX_free(ctx); return EXIT_SUCCESS; }