curve_client_t * curve_client_new (zcert_t **cert_p) { curve_client_t *self = (curve_client_t *) zmalloc (sizeof (curve_client_t)); assert (self); self->ctx = zctx_new (); self->control = zthread_fork (self->ctx, s_agent_task, NULL); // Create separate data socket, send address on control socket self->data = zsocket_new (self->ctx, ZMQ_PAIR); assert (self->data); int rc = zsocket_bind (self->data, "inproc://data-%p", self->data); assert (rc != -1); zstr_sendfm (self->control, "inproc://data-%p", self->data); // Now send cert on control socket as well rc = zmq_send (self->control, zcert_public_key (*cert_p), 32, ZMQ_SNDMORE); assert (rc == 32); rc = zmq_send (self->control, zcert_secret_key (*cert_p), 32, 0); assert (rc == 32); zcert_destroy (cert_p); return self; }
int main(int argc, char **argv) { char *a = argv[1]; // name of cert char sa[500]; // name of serv_cert char ca[500]; // name of client_cert uint8_t serv_priv[32]; uint8_t serv_pub[32]; uint8_t cli_priv[32]; uint8_t cli_pub[32]; zcert_t *serv_cert = zcert_new(); zcert_t *cli_cert = zcert_new(); uint8_t *serv_privp = zcert_secret_key(serv_cert); uint8_t *serv_pubp = zcert_public_key(serv_cert); uint8_t *cli_privp = zcert_secret_key(cli_cert); uint8_t *cli_pubp = zcert_public_key(cli_cert); memmove(serv_priv, serv_privp, sizeof(serv_priv)); memmove(serv_pub, serv_pubp, sizeof(serv_pub)); memmove(cli_priv, cli_privp, sizeof(cli_priv)); memmove(cli_pub, cli_pubp, sizeof(cli_pub)); char *serv_cprivp = zcert_secret_txt(serv_cert); char *serv_cpubp = zcert_public_txt(serv_cert); char *cli_cprivp = zcert_secret_txt(cli_cert); char *cli_cpubp = zcert_public_txt(cli_cert); char servhnam[1000]; char clihnam[1000]; sprintf(servhnam, "servcert_%s.h", a); sprintf(clihnam, "clicert_%s.h", a); FILE *serv = fopen(servhnam, "w"); FILE *cli = fopen(clihnam, "w"); fprintf(serv, "char *%s_server_private_txt = \"%s\";\n", a, serv_cprivp); fprintf(serv, "char *%s_server_public_txt = \"%s\";\n\n\n", a, serv_cpubp); fprintf(cli, "char *%s_cli_private_txt = \"%s\";\n", a, cli_cprivp); fprintf(cli, "char *%s_cli_public_txt = \"%s\";\n\n\n", a, cli_cpubp); sprintf(sa, "server_%s", a); sprintf(ca, "client_%s", a); zcert_save(serv_cert, sa); zcert_save(cli_cert, ca); // we don't need the secret keys on disk; just a security hazard unlink("server_banshare_secret"); unlink("client_banshare_secret"); fprintf (serv, "uint8_t %s_server_private[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n", a, serv_priv[0], serv_priv[1], serv_priv[2], serv_priv[3], serv_priv[4], serv_priv[5], serv_priv[6], serv_priv[7], serv_priv[8], serv_priv[9], serv_priv[10], serv_priv[11], serv_priv[12], serv_priv[13], serv_priv[14], serv_priv[15], serv_priv[16], serv_priv[17], serv_priv[18], serv_priv[19], serv_priv[20], serv_priv[21], serv_priv[22], serv_priv[23], serv_priv[24], serv_priv[25], serv_priv[26], serv_priv[27], serv_priv[28], serv_priv[29], serv_priv[30], serv_priv[31]); fprintf (serv, "uint8_t %s_server_public[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n", a, serv_pub[0], serv_pub[1], serv_pub[2], serv_pub[3], serv_pub[4], serv_pub[5], serv_pub[6], serv_pub[7], serv_pub[8], serv_pub[9], serv_pub[10], serv_pub[11], serv_pub[12], serv_pub[13], serv_pub[14], serv_pub[15], serv_pub[16], serv_pub[17], serv_pub[18], serv_pub[19], serv_pub[20], serv_pub[21], serv_pub[22], serv_pub[23], serv_pub[24], serv_pub[25], serv_pub[26], serv_pub[27], serv_pub[28], serv_pub[29], serv_pub[30], serv_pub[31]); fprintf (cli, "uint8_t %s_client_private[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n", a, cli_priv[0], cli_priv[1], cli_priv[2], cli_priv[3], cli_priv[4], cli_priv[5], cli_priv[6], cli_priv[7], cli_priv[8], cli_priv[9], cli_priv[10], cli_priv[11], cli_priv[12], cli_priv[13], cli_priv[14], cli_priv[15], cli_priv[16], cli_priv[17], cli_priv[18], cli_priv[19], cli_priv[20], cli_priv[21], cli_priv[22], cli_priv[23], cli_priv[24], cli_priv[25], cli_priv[26], cli_priv[27], cli_priv[28], cli_priv[29], cli_priv[30], cli_priv[31]); fprintf (cli, "uint8_t %s_client_public[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n", a, cli_pub[0], cli_pub[1], cli_pub[2], cli_pub[3], cli_pub[4], cli_pub[5], cli_pub[6], cli_pub[7], cli_pub[8], cli_pub[9], cli_pub[10], cli_pub[11], cli_pub[12], cli_pub[13], cli_pub[14], cli_pub[15], cli_pub[16], cli_pub[17], cli_pub[18], cli_pub[19], cli_pub[20], cli_pub[21], cli_pub[22], cli_pub[23], cli_pub[24], cli_pub[25], cli_pub[26], cli_pub[27], cli_pub[28], cli_pub[29], cli_pub[30], cli_pub[31]); fclose(serv); fclose(cli); exit(0); }
/// // Return public part of key pair as 32-byte binary string byte *QmlZcert::publicKey () { return zcert_public_key (self); };
static void * client_task (void *args) { bool verbose = *((bool *) args); char filename [256]; snprintf (filename, 255, TESTDIR "/client-%07d.cert", randof (10000000)); zcert_t *client_cert = zcert_new (); zcert_save_public (client_cert, filename); curve_client_t *client = curve_client_new (&client_cert); curve_client_set_verbose (client, verbose); zcert_t *server_cert = zcert_load (TESTDIR "/server.cert"); assert (server_cert); curve_client_connect (client, "tcp://127.0.0.1:9006", zcert_public_key (server_cert)); zcert_destroy (&server_cert); curve_client_sendstr (client, "Hello, World"); char *reply = curve_client_recvstr (client); assert (streq (reply, "Hello, World")); free (reply); // Try a multipart message zmsg_t *msg = zmsg_new (); zmsg_addstr (msg, "Hello, World"); zmsg_addstr (msg, "Second frame"); curve_client_send (client, &msg); msg = curve_client_recv (client); assert (zmsg_size (msg) == 2); zmsg_destroy (&msg); // Now send messages of increasing size, check they work int count; int size = 0; for (count = 0; count < 18; count++) { zframe_t *data = zframe_new (NULL, size); int byte_nbr; // Set data to sequence 0...255 repeated for (byte_nbr = 0; byte_nbr < size; byte_nbr++) zframe_data (data)[byte_nbr] = (byte) byte_nbr; msg = zmsg_new (); zmsg_prepend (msg, &data); curve_client_send (client, &msg); msg = curve_client_recv (client); data = zmsg_pop (msg); assert (data); assert (zframe_size (data) == size); for (byte_nbr = 0; byte_nbr < size; byte_nbr++) { assert (zframe_data (data)[byte_nbr] == (byte) byte_nbr); } zframe_destroy (&data); zmsg_destroy (&msg); size = size * 2 + 1; } // Signal end of test curve_client_sendstr (client, "END"); reply = curve_client_recvstr (client); free (reply); curve_client_destroy (&client); return NULL; }
void curve_client_test (bool verbose) { printf (" * curve_client: "); // @selftest // Create temporary directory for test files zsys_dir_create (TESTDIR); // We'll create two new certificates and save the client public // certificate on disk; in a real case we'd transfer this securely // from the client machine to the server machine. zcert_t *server_cert = zcert_new (); zcert_save (server_cert, TESTDIR "/server.cert"); // We'll run the server as a background task, and the // client in this foreground thread. zthread_new (server_task, &verbose); zcert_t *client_cert = zcert_new (); zcert_save_public (client_cert, TESTDIR "/client.cert"); curve_client_t *client = curve_client_new (&client_cert); curve_client_set_metadata (client, "Client", "CURVEZMQ/curve_client"); curve_client_set_metadata (client, "Identity", "E475DA11"); curve_client_set_verbose (client, verbose); curve_client_connect (client, "tcp://127.0.0.1:9005", (byte *)zcert_public_key (server_cert)); curve_client_sendstr (client, "Hello, World"); char *reply = curve_client_recvstr (client); assert (streq (reply, "Hello, World")); free (reply); // Try a multipart message zmsg_t *msg = zmsg_new (); zmsg_addstr (msg, "Hello, World"); zmsg_addstr (msg, "Second frame"); curve_client_send (client, &msg); msg = curve_client_recv (client); assert (zmsg_size (msg) == 2); zmsg_destroy (&msg); // Now send messages of increasing size, check they work int count; int size = 0; for (count = 0; count < 18; count++) { if (verbose) printf ("Testing message of size=%d...\n", size); zframe_t *data = zframe_new (NULL, size); int byte_nbr; // Set data to sequence 0...255 repeated for (byte_nbr = 0; byte_nbr < size; byte_nbr++) zframe_data (data)[byte_nbr] = (byte) byte_nbr; msg = zmsg_new (); zmsg_prepend (msg, &data); curve_client_send (client, &msg); msg = curve_client_recv (client); data = zmsg_pop (msg); assert (data); assert (zframe_size (data) == size); for (byte_nbr = 0; byte_nbr < size; byte_nbr++) { assert (zframe_data (data)[byte_nbr] == (byte) byte_nbr); } zframe_destroy (&data); zmsg_destroy (&msg); size = size * 2 + 1; } // Signal end of test curve_client_sendstr (client, "END"); reply = curve_client_recvstr (client); free (reply); zcert_destroy (&server_cert); zcert_destroy (&client_cert); curve_client_destroy (&client); // Delete all test files zdir_t *dir = zdir_new (TESTDIR, NULL); zdir_remove (dir, true); zdir_destroy (&dir); // @end // Ensure server thread has exited before we do zclock_sleep (100); printf ("OK\n"); }
/// // Return public part of key pair as 32-byte binary string const byte * QZcert::publicKey () { const byte * rv = zcert_public_key (self); return rv; }
String HHVM_METHOD(ZMQCert, getPublicKey) { return String((char*)zcert_public_key(Native::data<ZMQCert>(this_)->zcert), 32, CopyString); }