curve_client_t *
curve_client_new (zcert_t **cert_p)
{
curve_client_t *self = (curve_client_t *) zmalloc (sizeof (curve_client_t));
assert (self);
self->ctx = zctx_new ();
self->control = zthread_fork (self->ctx, s_agent_task, NULL);
// Create separate data socket, send address on control socket
self->data = zsocket_new (self->ctx, ZMQ_PAIR);
assert (self->data);
int rc = zsocket_bind (self->data, "inproc://data-%p", self->data);
assert (rc != -1);
zstr_sendfm (self->control, "inproc://data-%p", self->data);
// Now send cert on control socket as well
rc = zmq_send (self->control, zcert_public_key (*cert_p), 32, ZMQ_SNDMORE);
assert (rc == 32);
rc = zmq_send (self->control, zcert_secret_key (*cert_p), 32, 0);
assert (rc == 32);
zcert_destroy (cert_p);
return self;
}
int main(int argc, char **argv)
{
char *a = argv[1]; // name of cert
char sa[500]; // name of serv_cert
char ca[500]; // name of client_cert
uint8_t serv_priv[32];
uint8_t serv_pub[32];
uint8_t cli_priv[32];
uint8_t cli_pub[32];
zcert_t *serv_cert = zcert_new();
zcert_t *cli_cert = zcert_new();
uint8_t *serv_privp = zcert_secret_key(serv_cert);
uint8_t *serv_pubp = zcert_public_key(serv_cert);
uint8_t *cli_privp = zcert_secret_key(cli_cert);
uint8_t *cli_pubp = zcert_public_key(cli_cert);
memmove(serv_priv, serv_privp, sizeof(serv_priv));
memmove(serv_pub, serv_pubp, sizeof(serv_pub));
memmove(cli_priv, cli_privp, sizeof(cli_priv));
memmove(cli_pub, cli_pubp, sizeof(cli_pub));
char *serv_cprivp = zcert_secret_txt(serv_cert);
char *serv_cpubp = zcert_public_txt(serv_cert);
char *cli_cprivp = zcert_secret_txt(cli_cert);
char *cli_cpubp = zcert_public_txt(cli_cert);
char servhnam[1000];
char clihnam[1000];
sprintf(servhnam, "servcert_%s.h", a);
sprintf(clihnam, "clicert_%s.h", a);
FILE *serv = fopen(servhnam, "w");
FILE *cli = fopen(clihnam, "w");
fprintf(serv, "char *%s_server_private_txt = \"%s\";\n", a, serv_cprivp);
fprintf(serv, "char *%s_server_public_txt = \"%s\";\n\n\n", a, serv_cpubp);
fprintf(cli, "char *%s_cli_private_txt = \"%s\";\n", a, cli_cprivp);
fprintf(cli, "char *%s_cli_public_txt = \"%s\";\n\n\n", a, cli_cpubp);
sprintf(sa, "server_%s", a);
sprintf(ca, "client_%s", a);
zcert_save(serv_cert, sa);
zcert_save(cli_cert, ca);
// we don't need the secret keys on disk; just a security hazard
unlink("server_banshare_secret");
unlink("client_banshare_secret");
fprintf
(serv, "uint8_t %s_server_private[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n",
a, serv_priv[0], serv_priv[1], serv_priv[2], serv_priv[3], serv_priv[4], serv_priv[5], serv_priv[6],
serv_priv[7], serv_priv[8], serv_priv[9], serv_priv[10], serv_priv[11], serv_priv[12], serv_priv[13],
serv_priv[14], serv_priv[15], serv_priv[16], serv_priv[17], serv_priv[18], serv_priv[19], serv_priv[20],
serv_priv[21], serv_priv[22], serv_priv[23], serv_priv[24], serv_priv[25], serv_priv[26], serv_priv[27],
serv_priv[28], serv_priv[29], serv_priv[30], serv_priv[31]);
fprintf
(serv, "uint8_t %s_server_public[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n",
a, serv_pub[0], serv_pub[1], serv_pub[2], serv_pub[3], serv_pub[4], serv_pub[5], serv_pub[6], serv_pub[7],
serv_pub[8], serv_pub[9], serv_pub[10], serv_pub[11], serv_pub[12], serv_pub[13], serv_pub[14], serv_pub[15],
serv_pub[16], serv_pub[17], serv_pub[18], serv_pub[19], serv_pub[20], serv_pub[21], serv_pub[22], serv_pub[23],
serv_pub[24], serv_pub[25], serv_pub[26], serv_pub[27], serv_pub[28], serv_pub[29], serv_pub[30], serv_pub[31]);
fprintf
(cli, "uint8_t %s_client_private[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n",
a, cli_priv[0], cli_priv[1], cli_priv[2], cli_priv[3], cli_priv[4], cli_priv[5], cli_priv[6],
cli_priv[7], cli_priv[8], cli_priv[9], cli_priv[10], cli_priv[11], cli_priv[12], cli_priv[13],
cli_priv[14], cli_priv[15], cli_priv[16], cli_priv[17], cli_priv[18], cli_priv[19], cli_priv[20],
cli_priv[21], cli_priv[22], cli_priv[23], cli_priv[24], cli_priv[25], cli_priv[26], cli_priv[27],
cli_priv[28], cli_priv[29], cli_priv[30], cli_priv[31]);
fprintf
(cli, "uint8_t %s_client_public[32] = {0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,\n 0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx,0x%hhx };\n",
a, cli_pub[0], cli_pub[1], cli_pub[2], cli_pub[3], cli_pub[4], cli_pub[5], cli_pub[6], cli_pub[7],
cli_pub[8], cli_pub[9], cli_pub[10], cli_pub[11], cli_pub[12], cli_pub[13], cli_pub[14], cli_pub[15],
cli_pub[16], cli_pub[17], cli_pub[18], cli_pub[19], cli_pub[20], cli_pub[21], cli_pub[22], cli_pub[23],
cli_pub[24], cli_pub[25], cli_pub[26], cli_pub[27], cli_pub[28], cli_pub[29], cli_pub[30], cli_pub[31]);
fclose(serv);
fclose(cli);
exit(0);
}
///
// Return public part of key pair as 32-byte binary string
byte *QmlZcert::publicKey () {
return zcert_public_key (self);
};
static void *
client_task (void *args)
{
bool verbose = *((bool *) args);
char filename [256];
snprintf (filename, 255, TESTDIR "/client-%07d.cert", randof (10000000));
zcert_t *client_cert = zcert_new ();
zcert_save_public (client_cert, filename);
curve_client_t *client = curve_client_new (&client_cert);
curve_client_set_verbose (client, verbose);
zcert_t *server_cert = zcert_load (TESTDIR "/server.cert");
assert (server_cert);
curve_client_connect (client, "tcp://127.0.0.1:9006", zcert_public_key (server_cert));
zcert_destroy (&server_cert);
curve_client_sendstr (client, "Hello, World");
char *reply = curve_client_recvstr (client);
assert (streq (reply, "Hello, World"));
free (reply);
// Try a multipart message
zmsg_t *msg = zmsg_new ();
zmsg_addstr (msg, "Hello, World");
zmsg_addstr (msg, "Second frame");
curve_client_send (client, &msg);
msg = curve_client_recv (client);
assert (zmsg_size (msg) == 2);
zmsg_destroy (&msg);
// Now send messages of increasing size, check they work
int count;
int size = 0;
for (count = 0; count < 18; count++) {
zframe_t *data = zframe_new (NULL, size);
int byte_nbr;
// Set data to sequence 0...255 repeated
for (byte_nbr = 0; byte_nbr < size; byte_nbr++)
zframe_data (data)[byte_nbr] = (byte) byte_nbr;
msg = zmsg_new ();
zmsg_prepend (msg, &data);
curve_client_send (client, &msg);
msg = curve_client_recv (client);
data = zmsg_pop (msg);
assert (data);
assert (zframe_size (data) == size);
for (byte_nbr = 0; byte_nbr < size; byte_nbr++) {
assert (zframe_data (data)[byte_nbr] == (byte) byte_nbr);
}
zframe_destroy (&data);
zmsg_destroy (&msg);
size = size * 2 + 1;
}
// Signal end of test
curve_client_sendstr (client, "END");
reply = curve_client_recvstr (client);
free (reply);
curve_client_destroy (&client);
return NULL;
}
void
curve_client_test (bool verbose)
{
printf (" * curve_client: ");
// @selftest
// Create temporary directory for test files
zsys_dir_create (TESTDIR);
// We'll create two new certificates and save the client public
// certificate on disk; in a real case we'd transfer this securely
// from the client machine to the server machine.
zcert_t *server_cert = zcert_new ();
zcert_save (server_cert, TESTDIR "/server.cert");
// We'll run the server as a background task, and the
// client in this foreground thread.
zthread_new (server_task, &verbose);
zcert_t *client_cert = zcert_new ();
zcert_save_public (client_cert, TESTDIR "/client.cert");
curve_client_t *client = curve_client_new (&client_cert);
curve_client_set_metadata (client, "Client", "CURVEZMQ/curve_client");
curve_client_set_metadata (client, "Identity", "E475DA11");
curve_client_set_verbose (client, verbose);
curve_client_connect (client, "tcp://127.0.0.1:9005", (byte *)zcert_public_key (server_cert));
curve_client_sendstr (client, "Hello, World");
char *reply = curve_client_recvstr (client);
assert (streq (reply, "Hello, World"));
free (reply);
// Try a multipart message
zmsg_t *msg = zmsg_new ();
zmsg_addstr (msg, "Hello, World");
zmsg_addstr (msg, "Second frame");
curve_client_send (client, &msg);
msg = curve_client_recv (client);
assert (zmsg_size (msg) == 2);
zmsg_destroy (&msg);
// Now send messages of increasing size, check they work
int count;
int size = 0;
for (count = 0; count < 18; count++) {
if (verbose)
printf ("Testing message of size=%d...\n", size);
zframe_t *data = zframe_new (NULL, size);
int byte_nbr;
// Set data to sequence 0...255 repeated
for (byte_nbr = 0; byte_nbr < size; byte_nbr++)
zframe_data (data)[byte_nbr] = (byte) byte_nbr;
msg = zmsg_new ();
zmsg_prepend (msg, &data);
curve_client_send (client, &msg);
msg = curve_client_recv (client);
data = zmsg_pop (msg);
assert (data);
assert (zframe_size (data) == size);
for (byte_nbr = 0; byte_nbr < size; byte_nbr++) {
assert (zframe_data (data)[byte_nbr] == (byte) byte_nbr);
}
zframe_destroy (&data);
zmsg_destroy (&msg);
size = size * 2 + 1;
}
// Signal end of test
curve_client_sendstr (client, "END");
reply = curve_client_recvstr (client);
free (reply);
zcert_destroy (&server_cert);
zcert_destroy (&client_cert);
curve_client_destroy (&client);
// Delete all test files
zdir_t *dir = zdir_new (TESTDIR, NULL);
zdir_remove (dir, true);
zdir_destroy (&dir);
// @end
// Ensure server thread has exited before we do
zclock_sleep (100);
printf ("OK\n");
}
///
// Return public part of key pair as 32-byte binary string
const byte * QZcert::publicKey ()
{
const byte * rv = zcert_public_key (self);
return rv;
}
String HHVM_METHOD(ZMQCert, getPublicKey) {
return String((char*)zcert_public_key(Native::data<ZMQCert>(this_)->zcert), 32, CopyString);
}
