gnutls_ecc_curve_t str_to_curve(const char *str)
{
unsigned num = 0;
const gnutls_ecc_curve_t *list, *p;
list = gnutls_ecc_curve_list();
p = list;
while(*p != 0) {
if (strcasecmp(str, gnutls_ecc_curve_get_name(*p)) == 0)
return *p;
p++;
num++;
}
fprintf(stderr, "Unsupported curve: %s\nAvailable curves:\n", str);
if (num == 0)
printf("none\n");
p = list;
while(*p != 0) {
fprintf(stderr, "\t- %s\n",
gnutls_ecc_curve_get_name(*p));
p++;
}
exit(1);
}
static inline int is_supported_curve(int curve)
{
if (gnutls_ecc_curve_get_name(curve) != NULL)
return 1;
else
return 0;
}
void
_gnutls_session_ecc_curve_set (gnutls_session_t session,
gnutls_ecc_curve_t c)
{
_gnutls_handshake_log("HSK[%p]: Selected ECC curve %s (%d)\n", session, gnutls_ecc_curve_get_name(c), c);
session->security_parameters.ecc_curve = c;
}
test_code_t
test_ecdhe_curve (gnutls_session_t session)
{
if (curve == GNUTLS_ECC_CURVE_INVALID)
return TEST_IGNORE;
printf ("\n Curve %s", gnutls_ecc_curve_get_name(curve));
return TEST_SUCCEED;
}
void
print_ecc_pkey(FILE * outfile, gnutls_ecc_curve_t curve,
gnutls_datum_t * k, gnutls_datum_t * x, gnutls_datum_t * y,
int cprint)
{
if (cprint != 0)
fprintf(outfile, "/* curve: %s */\n",
gnutls_ecc_curve_get_name(curve));
else
fprintf(outfile, "curve:\t%s\n",
gnutls_ecc_curve_get_name(curve));
if (k) {
print_head(outfile, "private key", k->size, cprint);
print_hex_datum(outfile, k, cprint);
}
print_head(outfile, "x", x->size, cprint);
print_hex_datum(outfile, x, cprint);
print_head(outfile, "y", y->size, cprint);
print_hex_datum(outfile, y, cprint);
}
static void print_ecdh_info(gnutls_session_t session, const char *str)
{
int curve;
printf("- %sEC Diffie-Hellman parameters\n", str);
curve = gnutls_ecc_curve_get(session);
printf(" - Using curve: %s\n", gnutls_ecc_curve_get_name(curve));
printf(" - Curve size: %d bits\n",
gnutls_ecc_curve_get_size(curve) * 8);
}
void
print_ecc_pkey (FILE* outfile, gnutls_ecc_curve_t curve, gnutls_datum_t* k, gnutls_datum_t * x, gnutls_datum_t * y)
{
fprintf (outfile, "curve:\t%s\n", gnutls_ecc_curve_get_name(curve));
if (k)
{
fprintf (outfile, "private key:");
print_hex_datum (outfile, k);
}
fprintf (outfile, "x:");
print_hex_datum (outfile, x);
fprintf (outfile, "y:");
print_hex_datum (outfile, y);
}
void
print_list (const char *priorities, int verbose)
{
size_t i;
int ret;
unsigned int idx;
const char *name;
const char *err;
unsigned char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
gnutls_priority_t pcache;
const unsigned int *list;
if (priorities != NULL)
{
printf ("Cipher suites for %s\n", priorities);
ret = gnutls_priority_init (&pcache, priorities, &err);
if (ret < 0)
{
fprintf (stderr, "Syntax error at: %s\n", err);
exit (1);
}
for (i = 0;; i++)
{
ret =
gnutls_priority_get_cipher_suite_index (pcache, i,
&idx);
if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
break;
if (ret == GNUTLS_E_UNKNOWN_CIPHER_SUITE)
continue;
name =
gnutls_cipher_suite_info (idx, id, NULL, NULL, NULL,
&version);
if (name != NULL)
printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
name, (unsigned char) id[0],
(unsigned char) id[1],
gnutls_protocol_get_name (version));
}
printf("\n");
{
ret = gnutls_priority_certificate_type_list (pcache, &list);
printf ("Certificate types: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("CTYPE-%s",
gnutls_certificate_type_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_protocol_list (pcache, &list);
printf ("Protocols: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("VERS-%s", gnutls_protocol_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_compression_list (pcache, &list);
printf ("Compression: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("COMP-%s",
gnutls_compression_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_ecc_curve_list (pcache, &list);
printf ("Elliptic curves: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("CURVE-%s",
gnutls_ecc_curve_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
{
ret = gnutls_priority_sign_list (pcache, &list);
printf ("PK-signatures: ");
if (ret == 0) printf("none\n");
for (i = 0; i < (unsigned)ret; i++)
{
printf ("SIGN-%s",
gnutls_sign_algorithm_get_name (list[i]));
if (i+1!=(unsigned)ret)
printf (", ");
else
printf ("\n");
}
}
return;
}
printf ("Cipher suites:\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("%-50s\t0x%02x, 0x%02x\t%s\n",
name,
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
if (verbose)
printf ("\tKey exchange: %s\n\tCipher: %s\n\tMAC: %s\n\n",
gnutls_kx_get_name (kx),
gnutls_cipher_get_name (cipher),
gnutls_mac_get_name (mac));
}
printf("\n");
{
const gnutls_certificate_type_t *p =
gnutls_certificate_type_list ();
printf ("Certificate types: ");
for (; *p; p++)
{
printf ("CTYPE-%s", gnutls_certificate_type_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("Protocols: ");
for (; *p; p++)
{
printf ("VERS-%s", gnutls_protocol_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("Ciphers: ");
for (; *p; p++)
{
printf ("%s", gnutls_cipher_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("MACs: ");
for (; *p; p++)
{
printf ("%s", gnutls_mac_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("Key exchange algorithms: ");
for (; *p; p++)
{
printf ("%s", gnutls_kx_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("Compression: ");
for (; *p; p++)
{
printf ("COMP-%s", gnutls_compression_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_ecc_curve_t *p = gnutls_ecc_curve_list ();
printf ("Elliptic curves: ");
for (; *p; p++)
{
printf ("CURVE-%s", gnutls_ecc_curve_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("Public Key Systems: ");
for (; *p; p++)
{
printf ("%s", gnutls_pk_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("PK-signatures: ");
for (; *p; p++)
{
printf ("SIGN-%s", gnutls_sign_algorithm_get_name (*p));
if (*(p + 1))
printf (", ");
else
printf ("\n");
}
}
}
/**
* gnutls_session_get_desc:
* @session: is a gnutls session
*
* This function returns a string describing the current session.
* The string is null terminated and allocated using gnutls_malloc().
*
* Returns: a description of the protocols and algorithms in the current session.
*
* Since: 3.1.10
**/
char *gnutls_session_get_desc(gnutls_session_t session)
{
gnutls_kx_algorithm_t kx;
unsigned type;
char kx_name[32];
char proto_name[32];
const char *curve_name = NULL;
unsigned dh_bits = 0;
unsigned mac_id;
char *desc;
kx = session->security_parameters.kx_algorithm;
if (kx == GNUTLS_KX_ANON_ECDH || kx == GNUTLS_KX_ECDHE_PSK ||
kx == GNUTLS_KX_ECDHE_RSA || kx == GNUTLS_KX_ECDHE_ECDSA) {
curve_name =
gnutls_ecc_curve_get_name(gnutls_ecc_curve_get
(session));
} else if (kx == GNUTLS_KX_ANON_DH || kx == GNUTLS_KX_DHE_PSK
|| kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) {
dh_bits = gnutls_dh_get_prime_bits(session);
}
if (curve_name != NULL)
snprintf(kx_name, sizeof(kx_name), "%s-%s",
gnutls_kx_get_name(kx), curve_name);
else if (dh_bits != 0)
snprintf(kx_name, sizeof(kx_name), "%s-%u",
gnutls_kx_get_name(kx), dh_bits);
else
snprintf(kx_name, sizeof(kx_name), "%s",
gnutls_kx_get_name(kx));
type = gnutls_certificate_type_get(session);
if (type == GNUTLS_CRT_X509)
snprintf(proto_name, sizeof(proto_name), "%s",
gnutls_protocol_get_name(get_num_version
(session)));
else
snprintf(proto_name, sizeof(proto_name), "%s-%s",
gnutls_protocol_get_name(get_num_version
(session)),
gnutls_certificate_type_get_name(type));
gnutls_protocol_get_name(get_num_version(session)),
desc = gnutls_malloc(DESC_SIZE);
if (desc == NULL)
return NULL;
mac_id = gnutls_mac_get(session);
if (mac_id == GNUTLS_MAC_AEAD) { /* no need to print */
snprintf(desc, DESC_SIZE,
"(%s)-(%s)-(%s)",
proto_name,
kx_name,
gnutls_cipher_get_name(gnutls_cipher_get(session)));
} else {
snprintf(desc, DESC_SIZE,
"(%s)-(%s)-(%s)-(%s)",
proto_name,
kx_name,
gnutls_cipher_get_name(gnutls_cipher_get(session)),
gnutls_mac_get_name(mac_id));
}
return desc;
}
static void main_texinfo (void)
{
{
size_t i;
const char *name;
char id[2];
gnutls_kx_algorithm_t kx;
gnutls_cipher_algorithm_t cipher;
gnutls_mac_algorithm_t mac;
gnutls_protocol_t version;
printf ("@heading Ciphersuites\n");
printf ("@multitable @columnfractions .60 .20 .20\n");
printf("@headitem Ciphersuite name @tab TLS ID @tab Since\n");
for (i = 0; (name = gnutls_cipher_suite_info
(i, id, &kx, &cipher, &mac, &version)); i++)
{
printf ("@item %s\n@tab 0x%02X 0x%02X\n@tab %s\n",
escape_texi_string(name, buffer, sizeof(buffer)),
(unsigned char) id[0], (unsigned char) id[1],
gnutls_protocol_get_name (version));
}
printf ("@end multitable\n");
}
{
const gnutls_certificate_type_t *p = gnutls_certificate_type_list ();
printf ("\n\n@heading Certificate types\n");
printf ("@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_certificate_type_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_protocol_t *p = gnutls_protocol_list ();
printf ("\n@heading Protocols\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_protocol_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_cipher_algorithm_t *p = gnutls_cipher_list ();
printf ("\n@heading Ciphers\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_cipher_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_mac_algorithm_t *p = gnutls_mac_list ();
printf ("\n@heading MAC algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_mac_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_kx_algorithm_t *p = gnutls_kx_list ();
printf ("\n@heading Key exchange methods\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_kx_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_pk_algorithm_t *p = gnutls_pk_list ();
printf ("\n@heading Public key algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_pk_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_sign_algorithm_t *p = gnutls_sign_list ();
printf ("\n@heading Public key signature algorithms\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_sign_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_ecc_curve_t *p = gnutls_ecc_curve_list ();
printf ("\n@heading Elliptic curves\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_ecc_curve_get_name (*p));
}
printf ("@end table\n");
}
{
const gnutls_compression_method_t *p = gnutls_compression_list ();
printf ("\n@heading Compression methods\n@table @code\n");
for (; *p; p++)
{
printf ("@item %s\n", gnutls_compression_get_name (*p));
}
printf ("@end table\n");
}
}
/**
* gnutls_session_get_desc:
* @session: is a gnutls session
*
* This function returns a string describing the current session.
* The string is null terminated and allocated using gnutls_malloc().
*
* If initial negotiation is not complete when this function is called,
* %NULL will be returned.
*
* Returns: a description of the protocols and algorithms in the current session.
*
* Since: 3.1.10
**/
char *gnutls_session_get_desc(gnutls_session_t session)
{
gnutls_kx_algorithm_t kx;
const char *kx_str;
unsigned type;
char kx_name[32];
char proto_name[32];
const char *curve_name = NULL;
unsigned dh_bits = 0;
unsigned mac_id;
char *desc;
if (session->internals.initial_negotiation_completed == 0)
return NULL;
kx = session->security_parameters.kx_algorithm;
if (kx == GNUTLS_KX_ANON_ECDH || kx == GNUTLS_KX_ECDHE_PSK ||
kx == GNUTLS_KX_ECDHE_RSA || kx == GNUTLS_KX_ECDHE_ECDSA) {
curve_name =
gnutls_ecc_curve_get_name(gnutls_ecc_curve_get
(session));
#if defined(ENABLE_DHE) || defined(ENABLE_ANON)
} else if (kx == GNUTLS_KX_ANON_DH || kx == GNUTLS_KX_DHE_PSK
|| kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS) {
dh_bits = gnutls_dh_get_prime_bits(session);
#endif
}
kx_str = gnutls_kx_get_name(kx);
if (kx_str) {
if (curve_name != NULL)
snprintf(kx_name, sizeof(kx_name), "%s-%s",
kx_str, curve_name);
else if (dh_bits != 0)
snprintf(kx_name, sizeof(kx_name), "%s-%u",
kx_str, dh_bits);
else
snprintf(kx_name, sizeof(kx_name), "%s",
kx_str);
} else {
strcpy(kx_name, "NULL");
}
type = gnutls_certificate_type_get(session);
if (type == GNUTLS_CRT_X509)
snprintf(proto_name, sizeof(proto_name), "%s",
gnutls_protocol_get_name(get_num_version
(session)));
else
snprintf(proto_name, sizeof(proto_name), "%s-%s",
gnutls_protocol_get_name(get_num_version
(session)),
gnutls_certificate_type_get_name(type));
desc = gnutls_malloc(DESC_SIZE);
if (desc == NULL)
return NULL;
mac_id = gnutls_mac_get(session);
if (mac_id == GNUTLS_MAC_AEAD) { /* no need to print */
snprintf(desc, DESC_SIZE,
"(%s)-(%s)-(%s)",
proto_name,
kx_name,
gnutls_cipher_get_name(gnutls_cipher_get(session)));
} else {
snprintf(desc, DESC_SIZE,
"(%s)-(%s)-(%s)-(%s)",
proto_name,
kx_name,
gnutls_cipher_get_name(gnutls_cipher_get(session)),
gnutls_mac_get_name(mac_id));
}
return desc;
}
static void privkey_info_int(FILE *outfile, common_info_st * cinfo,
gnutls_x509_privkey_t key)
{
int ret, key_type;
unsigned int bits = 0;
size_t size;
const char *cprint;
/* Public key algorithm
*/
fprintf(outfile, "Public Key Info:\n");
ret = gnutls_x509_privkey_get_pk_algorithm2(key, &bits);
fprintf(outfile, "\tPublic Key Algorithm: ");
key_type = ret;
cprint = gnutls_pk_algorithm_get_name(key_type);
fprintf(outfile, "%s\n", cprint ? cprint : "Unknown");
fprintf(outfile, "\tKey Security Level: %s (%u bits)\n\n",
gnutls_sec_param_get_name(gnutls_x509_privkey_sec_param
(key)), bits);
/* Print the raw public and private keys
*/
if (key_type == GNUTLS_PK_RSA) {
gnutls_datum_t m, e, d, p, q, u, exp1, exp2;
ret =
gnutls_x509_privkey_export_rsa_raw2(key, &m, &e, &d,
&p, &q, &u, &exp1,
&exp2);
if (ret < 0)
fprintf(stderr,
"Error in key RSA data export: %s\n",
gnutls_strerror(ret));
else {
print_rsa_pkey(outfile, &m, &e, &d, &p, &q, &u,
&exp1, &exp2, cinfo->cprint);
gnutls_free(m.data);
gnutls_free(e.data);
gnutls_free(d.data);
gnutls_free(p.data);
gnutls_free(q.data);
gnutls_free(u.data);
gnutls_free(exp1.data);
gnutls_free(exp2.data);
}
} else if (key_type == GNUTLS_PK_DSA) {
gnutls_datum_t p, q, g, y, x;
ret =
gnutls_x509_privkey_export_dsa_raw(key, &p, &q, &g, &y,
&x);
if (ret < 0)
fprintf(stderr,
"Error in key DSA data export: %s\n",
gnutls_strerror(ret));
else {
print_dsa_pkey(outfile, &x, &y, &p, &q, &g,
cinfo->cprint);
gnutls_free(x.data);
gnutls_free(y.data);
gnutls_free(p.data);
gnutls_free(q.data);
gnutls_free(g.data);
}
} else if (key_type == GNUTLS_PK_EC) {
gnutls_datum_t y, x, k;
gnutls_ecc_curve_t curve;
ret =
gnutls_x509_privkey_export_ecc_raw(key, &curve, &x, &y,
&k);
if (ret < 0)
fprintf(stderr,
"Error in key ECC data export: %s\n",
gnutls_strerror(ret));
else {
cprint = gnutls_ecc_curve_get_name(curve);
bits = 0;
print_ecc_pkey(outfile, curve, &k, &x, &y,
cinfo->cprint);
gnutls_free(x.data);
gnutls_free(y.data);
gnutls_free(k.data);
}
}
fprintf(outfile, "\n");
size = lbuffer_size;
ret = gnutls_x509_privkey_get_seed(key, NULL, lbuffer, &size);
if (ret >= 0) {
fprintf(outfile, "Seed: %s\n",
raw_to_string(lbuffer, size));
}
size = lbuffer_size;
ret =
gnutls_x509_privkey_get_key_id(key, GNUTLS_KEYID_USE_SHA256, lbuffer, &size);
if (ret < 0) {
fprintf(stderr, "Error in key id calculation: %s\n",
gnutls_strerror(ret));
} else {
gnutls_datum_t art;
fprintf(outfile, "Public Key ID:\n\tsha256:%s\n",
raw_to_string(lbuffer, size));
size = lbuffer_size;
ret =
gnutls_x509_privkey_get_key_id(key, GNUTLS_KEYID_USE_SHA1, lbuffer, &size);
if (ret >= 0) {
fprintf(outfile, "\tsha1:%s\n",
raw_to_string(lbuffer, size));
}
ret =
gnutls_random_art(GNUTLS_RANDOM_ART_OPENSSH, cprint,
bits, lbuffer, size, &art);
if (ret >= 0) {
fprintf(outfile, "Public key's random art:\n%s\n",
art.data);
gnutls_free(art.data);
}
}
fprintf(outfile, "\n");
}
/* This function will print some details of the
* given session.
*/
int
print_info (gnutls_session_t session)
{
const char *tmp;
gnutls_credentials_type_t cred;
gnutls_kx_algorithm_t kx;
int dhe, ecdh;
dhe = ecdh = 0;
/* print the key exchange's algorithm name
*/
kx = gnutls_kx_get (session);
tmp = gnutls_kx_get_name (kx);
printf ("- Key Exchange: %s\n", tmp);
/* Check the authentication type used and switch
* to the appropriate.
*/
cred = gnutls_auth_get_type (session);
switch (cred)
{
case GNUTLS_CRD_IA:
printf ("- TLS/IA session\n");
break;
#ifdef ENABLE_SRP
case GNUTLS_CRD_SRP:
printf ("- SRP session with username %s\n",
gnutls_srp_server_get_username (session));
break;
#endif
case GNUTLS_CRD_PSK:
/* This returns NULL in server side.
*/
if (gnutls_psk_client_get_hint (session) != NULL)
printf ("- PSK authentication. PSK hint '%s'\n",
gnutls_psk_client_get_hint (session));
/* This returns NULL in client side.
*/
if (gnutls_psk_server_get_username (session) != NULL)
printf ("- PSK authentication. Connected as '%s'\n",
gnutls_psk_server_get_username (session));
if (kx == GNUTLS_KX_ECDHE_PSK)
ecdh = 1;
else if (kx == GNUTLS_KX_DHE_PSK)
dhe = 1;
break;
case GNUTLS_CRD_ANON: /* anonymous authentication */
printf ("- Anonymous authentication.\n");
if (kx == GNUTLS_KX_ANON_ECDH)
ecdh = 1;
else if (kx == GNUTLS_KX_ANON_DH)
dhe = 1;
break;
case GNUTLS_CRD_CERTIFICATE: /* certificate authentication */
/* Check if we have been using ephemeral Diffie-Hellman.
*/
if (kx == GNUTLS_KX_DHE_RSA || kx == GNUTLS_KX_DHE_DSS)
dhe = 1;
else if (kx == GNUTLS_KX_ECDHE_RSA || kx == GNUTLS_KX_ECDHE_ECDSA)
ecdh = 1;
/* if the certificate list is available, then
* print some information about it.
*/
print_x509_certificate_info (session);
} /* switch */
if (ecdh != 0)
printf ("- Ephemeral ECDH using curve %s\n",
gnutls_ecc_curve_get_name (gnutls_ecc_curve_get (session)));
else if (dhe != 0)
printf ("- Ephemeral DH using prime of %d bits\n",
gnutls_dh_get_prime_bits (session));
/* print the protocol's name (ie TLS 1.0)
*/
tmp = gnutls_protocol_get_name (gnutls_protocol_get_version (session));
printf ("- Protocol: %s\n", tmp);
/* print the certificate type of the peer.
* ie X.509
*/
tmp =
gnutls_certificate_type_get_name (gnutls_certificate_type_get (session));
printf ("- Certificate Type: %s\n", tmp);
/* print the compression algorithm (if any)
*/
tmp = gnutls_compression_get_name (gnutls_compression_get (session));
printf ("- Compression: %s\n", tmp);
/* print the name of the cipher used.
* ie 3DES.
*/
tmp = gnutls_cipher_get_name (gnutls_cipher_get (session));
printf ("- Cipher: %s\n", tmp);
/* Print the MAC algorithms name.
* ie SHA1
*/
tmp = gnutls_mac_get_name (gnutls_mac_get (session));
printf ("- MAC: %s\n", tmp);
return 0;
}
