static void print_openpgp_info_compact(gnutls_session_t session)
{
gnutls_openpgp_crt_t crt;
const gnutls_datum_t *cert_list;
unsigned int cert_list_size = 0;
int ret;
cert_list = gnutls_certificate_get_peers(session, &cert_list_size);
if (cert_list_size > 0) {
gnutls_datum_t cinfo;
gnutls_openpgp_crt_init(&crt);
ret = gnutls_openpgp_crt_import(crt, &cert_list[0],
GNUTLS_OPENPGP_FMT_RAW);
if (ret < 0) {
fprintf(stderr, "Decoding error: %s\n",
gnutls_strerror(ret));
return;
}
ret =
gnutls_openpgp_crt_print(crt, GNUTLS_CRT_PRINT_COMPACT,
&cinfo);
if (ret == 0) {
printf("- OpenPGP cert: %s\n", cinfo.data);
gnutls_free(cinfo.data);
}
gnutls_openpgp_crt_deinit(crt);
}
}
static void
print_openpgp_info (gnutls_session_t session, int flag, int print_cert)
{
gnutls_openpgp_crt_t crt;
const gnutls_datum_t *cert_list;
unsigned int cert_list_size = 0;
int ret;
printf ("- Certificate type: OpenPGP\n");
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
if (cert_list_size > 0)
{
gnutls_datum_t cinfo;
gnutls_openpgp_crt_init (&crt);
ret = gnutls_openpgp_crt_import (crt, &cert_list[0],
GNUTLS_OPENPGP_FMT_RAW);
if (ret < 0)
{
fprintf (stderr, "Decoding error: %s\n",
gnutls_strerror (ret));
return;
}
ret =
gnutls_openpgp_crt_print (crt, flag, &cinfo);
if (ret == 0)
{
printf ("- %s\n", cinfo.data);
gnutls_free (cinfo.data);
}
if (print_cert)
{
size_t size = 0;
char *p = NULL;
ret =
gnutls_openpgp_crt_export (crt,
GNUTLS_OPENPGP_FMT_BASE64,
p, &size);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
{
p = malloc (size);
if (!p)
{
fprintf (stderr, "gnutls_malloc\n");
exit (1);
}
ret =
gnutls_openpgp_crt_export (crt,
GNUTLS_OPENPGP_FMT_BASE64,
p, &size);
}
if (ret < 0)
{
fprintf (stderr, "Encoding error: %s\n",
gnutls_strerror (ret));
return;
}
fputs (p, stdout);
fputs ("\n", stdout);
gnutls_free (p);
}
gnutls_openpgp_crt_deinit (crt);
}
}
static void
print_openpgp_info (gnutls_session_t session, const char *hostname,
int insecure)
{
gnutls_openpgp_crt_t crt;
const gnutls_datum_t *cert_list;
int cert_list_size = 0;
int hostname_ok = 0;
int ret;
cert_list = gnutls_certificate_get_peers (session, &cert_list_size);
if (cert_list_size > 0)
{
gnutls_datum_t cinfo;
gnutls_openpgp_crt_init (&crt);
ret = gnutls_openpgp_crt_import (crt, &cert_list[0],
GNUTLS_OPENPGP_FMT_RAW);
if (ret < 0)
{
fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret));
return;
}
if (verbose)
ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo);
else
ret =
gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo);
if (ret == 0)
{
printf (" - %s\n", cinfo.data);
gnutls_free (cinfo.data);
}
if (print_cert)
{
size_t size = 0;
char *p = NULL;
ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64,
p, &size);
if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER)
{
p = malloc (size);
if (!p)
{
fprintf (stderr, "gnutls_malloc\n");
exit (1);
}
ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64,
p, &size);
}
if (ret < 0)
{
fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret));
return;
}
fputs (p, stdout);
fputs ("\n", stdout);
gnutls_free (p);
}
if (hostname != NULL)
{
/* Check the hostname of the first certificate if it matches
* the name of the host we connected to.
*/
if (gnutls_openpgp_crt_check_hostname (crt, hostname) == 0)
hostname_ok = 1;
else
hostname_ok = 2;
}
gnutls_openpgp_crt_deinit (crt);
}
if (hostname_ok == 1)
{
printf ("- The hostname in the certificate does NOT match '%s'\n",
hostname);
if (!insecure)
exit (1);
}
else if (hostname_ok == 2)
{
printf ("- The hostname in the certificate matches '%s'.\n", hostname);
}
}
