static void print_openpgp_info_compact(gnutls_session_t session) { gnutls_openpgp_crt_t crt; const gnutls_datum_t *cert_list; unsigned int cert_list_size = 0; int ret; cert_list = gnutls_certificate_get_peers(session, &cert_list_size); if (cert_list_size > 0) { gnutls_datum_t cinfo; gnutls_openpgp_crt_init(&crt); ret = gnutls_openpgp_crt_import(crt, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) { fprintf(stderr, "Decoding error: %s\n", gnutls_strerror(ret)); return; } ret = gnutls_openpgp_crt_print(crt, GNUTLS_CRT_PRINT_COMPACT, &cinfo); if (ret == 0) { printf("- OpenPGP cert: %s\n", cinfo.data); gnutls_free(cinfo.data); } gnutls_openpgp_crt_deinit(crt); } }
static void print_openpgp_info (gnutls_session_t session, int flag, int print_cert) { gnutls_openpgp_crt_t crt; const gnutls_datum_t *cert_list; unsigned int cert_list_size = 0; int ret; printf ("- Certificate type: OpenPGP\n"); cert_list = gnutls_certificate_get_peers (session, &cert_list_size); if (cert_list_size > 0) { gnutls_datum_t cinfo; gnutls_openpgp_crt_init (&crt); ret = gnutls_openpgp_crt_import (crt, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) { fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); return; } ret = gnutls_openpgp_crt_print (crt, flag, &cinfo); if (ret == 0) { printf ("- %s\n", cinfo.data); gnutls_free (cinfo.data); } if (print_cert) { size_t size = 0; char *p = NULL; ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, p, &size); if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { p = malloc (size); if (!p) { fprintf (stderr, "gnutls_malloc\n"); exit (1); } ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, p, &size); } if (ret < 0) { fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); return; } fputs (p, stdout); fputs ("\n", stdout); gnutls_free (p); } gnutls_openpgp_crt_deinit (crt); } }
static void print_openpgp_info (gnutls_session_t session, const char *hostname, int insecure) { gnutls_openpgp_crt_t crt; const gnutls_datum_t *cert_list; int cert_list_size = 0; int hostname_ok = 0; int ret; cert_list = gnutls_certificate_get_peers (session, &cert_list_size); if (cert_list_size > 0) { gnutls_datum_t cinfo; gnutls_openpgp_crt_init (&crt); ret = gnutls_openpgp_crt_import (crt, &cert_list[0], GNUTLS_OPENPGP_FMT_RAW); if (ret < 0) { fprintf (stderr, "Decoding error: %s\n", gnutls_strerror (ret)); return; } if (verbose) ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_FULL, &cinfo); else ret = gnutls_openpgp_crt_print (crt, GNUTLS_CRT_PRINT_ONELINE, &cinfo); if (ret == 0) { printf (" - %s\n", cinfo.data); gnutls_free (cinfo.data); } if (print_cert) { size_t size = 0; char *p = NULL; ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, p, &size); if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) { p = malloc (size); if (!p) { fprintf (stderr, "gnutls_malloc\n"); exit (1); } ret = gnutls_openpgp_crt_export (crt, GNUTLS_OPENPGP_FMT_BASE64, p, &size); } if (ret < 0) { fprintf (stderr, "Encoding error: %s\n", gnutls_strerror (ret)); return; } fputs (p, stdout); fputs ("\n", stdout); gnutls_free (p); } if (hostname != NULL) { /* Check the hostname of the first certificate if it matches * the name of the host we connected to. */ if (gnutls_openpgp_crt_check_hostname (crt, hostname) == 0) hostname_ok = 1; else hostname_ok = 2; } gnutls_openpgp_crt_deinit (crt); } if (hostname_ok == 1) { printf ("- The hostname in the certificate does NOT match '%s'\n", hostname); if (!insecure) exit (1); } else if (hostname_ok == 2) { printf ("- The hostname in the certificate matches '%s'.\n", hostname); } }