示例#1
0
文件: zcert.c 项目: Lucky7Studio/czmq
void
zcert_test (bool verbose)
{
    printf (" * zcert: ");
#if (ZMQ_VERSION_MAJOR == 4)
    //  @selftest
    //  Create temporary directory for test files
#   define TESTDIR ".test_zcert"
    zsys_dir_create (TESTDIR);
    
    //  Create a simple certificate with metadata
    zcert_t *cert = zcert_new ();
#   if defined (HAVE_LIBSODIUM)
    zcert_set_meta (cert, "email", "*****@*****.**");
    zcert_set_meta (cert, "name", "Pieter Hintjens");
    zcert_set_meta (cert, "organization", "iMatix Corporation");
    zcert_set_meta (cert, "version", "%d", 1);
    assert (streq (zcert_meta (cert, "email"), "*****@*****.**"));
    zlist_t *keys = zcert_meta_keys (cert);
    assert (zlist_size (keys) == 4);
    zlist_destroy (&keys);

    //  Check the dup and eq methods
    zcert_t *shadow = zcert_dup (cert);
    assert (zcert_eq (cert, shadow));
    zcert_destroy (&shadow);

    //  Check we can save and load certificate
    zcert_save (cert, TESTDIR "/mycert.txt");
    assert (zsys_file_exists (TESTDIR "/mycert.txt"));
    assert (zsys_file_exists (TESTDIR "/mycert.txt_secret"));

    //  Load certificate, will in fact load secret one
    shadow = zcert_load (TESTDIR "/mycert.txt");
    assert (shadow);
    assert (zcert_eq (cert, shadow));
    zcert_destroy (&shadow);

    //  Delete secret certificate, load public one
    int rc = zsys_file_delete (TESTDIR "/mycert.txt_secret");
    assert (rc == 0);
    shadow = zcert_load (TESTDIR "/mycert.txt");
    //  32-byte null key encodes as 40 '0' characters
    assert (streq (zcert_secret_txt (shadow),
        "0000000000000000000000000000000000000000"));
    zcert_destroy (&shadow);
    zcert_destroy (&cert);
#   else
    //  Libsodium isn't installed; should have returned NULL
    assert (cert == NULL);
#   endif
    
    //  Delete all test files
    zdir_t *dir = zdir_new (TESTDIR, NULL);
    zdir_remove (dir, true);
    zdir_destroy (&dir);
    //  @end
#endif
    printf ("OK\n");
}
示例#2
0
int main (int argc, char *argv [])
{
    int argn = 1;
    char *filename = "mycert.txt";
    if (argn < argc)
        filename = argv [argn++];

    zsys_info ("Creating new CURVE certificate in %s", filename);

    zcert_t *cert = zcert_new ();
    if (s_get_meta (cert, "Enter your full name:", "name")
    ||  s_get_meta (cert, "Enter your email address:", "email")
    ||  s_get_meta (cert, "Enter your organization:", "organization"))
        return -1;
        
    char *timestr = zclock_timestr ();
    zcert_set_meta (cert, "created-by", "CZMQ zmakecert");
    zcert_set_meta (cert, "date-created", "%s", timestr);
    free (timestr);
    zcert_dump (cert);
    zcert_save (cert, filename);
    zsys_info ("CURVE certificate created in %s and %s_secret", filename, filename);
    zcert_destroy (&cert);

    return 0;
}
示例#3
0
void
zcertstore_test (bool verbose)
{
    printf (" * zcertstore: ");
    if (verbose)
        printf ("\n");

    //  @selftest
    //  Create temporary directory for test files
#   define TESTDIR ".test_zcertstore"
    zsys_dir_create (TESTDIR);

    //  Load certificate store from disk; it will be empty
    zcertstore_t *certstore = zcertstore_new (TESTDIR);
    assert (certstore);

    //  Create a single new certificate and save to disk
    zcert_t *cert = zcert_new ();
    assert (cert);
    char *client_key = strdup (zcert_public_txt (cert));
    assert (client_key);
    zcert_set_meta (cert, "name", "John Doe");
    zcert_save (cert, TESTDIR "/mycert.txt");
    zcert_destroy (&cert);

    //  Check that certificate store refreshes as expected
    cert = zcertstore_lookup (certstore, client_key);
    assert (cert);
    assert (streq (zcert_meta (cert, "name"), "John Doe"));

    //  Test custom loader
    test_loader_state *state = (test_loader_state *) zmalloc (sizeof (test_loader_state));
    state->index = 0;
    zcertstore_set_loader (certstore, s_test_loader, s_test_destructor, (void *)state);
#if (ZMQ_VERSION_MAJOR >= 4)
    cert = zcertstore_lookup (certstore, client_key);
    assert (cert == NULL);
    cert = zcertstore_lookup (certstore, "abcdefghijklmnopqrstuvwxyzabcdefghijklmn");
    assert (cert);
#endif

    free (client_key);

    if (verbose)
        zcertstore_print (certstore);
    zcertstore_destroy (&certstore);

    //  Delete all test files
    zdir_t *dir = zdir_new (TESTDIR, NULL);
    assert (dir);
    zdir_remove (dir, true);
    zdir_destroy (&dir);

#if defined (__WINDOWS__)
    zsys_shutdown();
#endif
    //  @end
    printf ("OK\n");
}
示例#4
0
文件: makecert.c 项目: Prarrot/czmq
int main (void) 
{
    puts ("Creating new CURVE certificate");

    zcert_t *cert = zcert_new ();
    if (s_get_meta (cert, "Enter your full name:", "name")
    ||  s_get_meta (cert, "Enter your email address:", "email")
    ||  s_get_meta (cert, "Enter your organization:", "organization"))
        return -1;
        
    char *timestr = zclock_timestr ();
    zcert_set_meta (cert, "created-by", "CZMQ makecert");
    zcert_set_meta (cert, "date-created", timestr);
    free (timestr);
    zcert_dump (cert);
    zcert_save (cert, "mycert.txt");
    puts ("I: CURVE certificate created in mycert.txt and mycert.txt_secret");
    zcert_destroy (&cert);

    return 0;
}
示例#5
0
文件: makecert.c 项目: Prarrot/czmq
static int
s_get_meta (zcert_t *cert, char *prompt, char *name)
{
    printf ("%s ", prompt);
    char value [256];
    if (fgets (value, 256, stdin) == NULL)
        return -1;
        
    if (strlen (value) && value [strlen (value) - 1] == '\n')
        value [strlen (value) - 1] = 0;
    if (*value)
        zcert_set_meta (cert, name, value);
    return 0;
}
示例#6
0
文件: zcert.c 项目: bakirtasa/czmq
zcert_t *
zcert_load (char *format, ...)
{
#if (ZMQ_VERSION_MAJOR == 4)
    assert (format);
    va_list argptr;
    va_start (argptr, format);
    char *filename = zsys_vprintf (format, argptr);
    va_end (argptr);

    //  Try first to load secret certificate, which has both keys
    //  Then fallback to loading public certificate
    char filename_secret [256];
    snprintf (filename_secret, 256, "%s_secret", filename);
    zconfig_t *root = zconfig_load (filename_secret);
    if (!root)
        root = zconfig_load (filename);
        
    zcert_t *self = NULL;
    if (root) {
        char *public_text = zconfig_resolve (root, "/curve/public-key", NULL);
        char *secret_text = zconfig_resolve (root, "/curve/secret-key", NULL);
        if (public_text && strlen (public_text) == 40) {
            byte public_key [32] = { 0 };
            byte secret_key [32] = { 0 };
            zmq_z85_decode (public_key, public_text);
            if (secret_text && strlen (secret_text) == 40)
                zmq_z85_decode (secret_key, secret_text);

            //  Load metadata into certificate
            self = zcert_new_from (public_key, secret_key);
            zconfig_t *metadata = zconfig_locate (root, "/metadata");
            zconfig_t *item = metadata? zconfig_child (metadata): NULL;
            while (item) {
                zcert_set_meta (self, zconfig_name (item), zconfig_value (item));
                item = zconfig_next (item);
            }
        }
    }
    zconfig_destroy (&root);
    zstr_free (&filename);
    return self;
#else   
    return NULL;
#endif
}
示例#7
0
void
zcertstore_test (bool verbose)
{
    printf (" * zcertstore: ");
    if (verbose)
        printf ("\n");

    //  @selftest
    //  Create temporary directory for test files
#   define TESTDIR ".test_zcertstore"
    zsys_dir_create (TESTDIR);

    //  Load certificate store from disk; it will be empty
    zcertstore_t *certstore = zcertstore_new (TESTDIR);
    assert (certstore);

    //  Create a single new certificate and save to disk
    zcert_t *cert = zcert_new ();
    assert (cert);
    char *client_key = strdup (zcert_public_txt (cert));
    assert (client_key);
    zcert_set_meta (cert, "name", "John Doe");
    zcert_save (cert, TESTDIR "/mycert.txt");
    zcert_destroy (&cert);

    //  Check that certificate store refreshes as expected
    cert = zcertstore_lookup (certstore, client_key);
    assert (cert);
    assert (streq (zcert_meta (cert, "name"), "John Doe"));
    free (client_key);

    if (verbose)
        zcertstore_print (certstore);
    zcertstore_destroy (&certstore);

    //  Delete all test files
    zdir_t *dir = zdir_new (TESTDIR, NULL);
    assert (dir);
    zdir_remove (dir, true);
    zdir_destroy (&dir);
    //  @end
    printf ("OK\n");
}
示例#8
0
///
//  Set certificate metadata from formatted string.
void QmlZcert::setMeta (const QString &name, const QString &format) {
    zcert_set_meta (self, name.toUtf8().data(), "%s", format.toUtf8().data());
};
void ZeroMQEngine::Initialize(const string endPoint, const string instanceName, const string instanceID)
{
    zcert_t* localCertificate = nullptr;

    // Handle common security initialization for server and client instances
    if (SecurityEnabled())
    {
        if (!zsys_has_curve())
            throw runtime_error("Failed to locate needed curve security libraries, cannot initialize ZeroMQ security");
        
        string localCertDirectory = CURVECERTLOCALDIR "/";
        string publicCertFileName;
        string privateCertFileName;
        
        // Make sure certificate store directories exist
        if (zsys_dir_create(CURVECERTLOCALDIR) != 0)
            throw runtime_error("Failed to create local curve security store, cannot initialize ZeroMQ security");

        if (zsys_dir_create(CURVECERTREMOTEDIR) != 0)
            throw runtime_error("Failed to create remote curve security store, cannot initialize ZeroMQ security");
        
        // Derive certificate file names based on engine mode
        if (ServerMode())
        {
            publicCertFileName = localCertDirectory + SVRPUBCERTFILENAME;
            privateCertFileName = localCertDirectory + SVRPVTCERTFILENAME;
        }
        else
        {
            publicCertFileName = localCertDirectory + instanceName + PUBCERTFILENAMEEXT;
            privateCertFileName = localCertDirectory + instanceName + PVTCERTFILENAMEEXT;
        }
        
        // See if private certificate already exists
        if (zsys_file_exists(privateCertFileName.c_str()))
        {
            // Load existing local certificate
            localCertificate = zcert_load(privateCertFileName.c_str());
            
            if (localCertificate == nullptr)
                throw runtime_error("Failed to load local curve certificate, cannot initialize ZeroMQ security");
        }
        else
        {
            // Create a new full certificate (public + private)
            localCertificate = zcert_new();
            
            if (localCertificate == nullptr)
                throw runtime_error("Failed to create local curve certificate, cannot initialize ZeroMQ security");

            zcert_set_meta(localCertificate, "name", instanceName.c_str());
            zcert_set_meta(localCertificate, "id", instanceID.c_str());
            zcert_set_meta(localCertificate, "type", ServerMode() ? "server" : "client");
            
            // Persist certificates for future runs
            if (zcert_save_public(localCertificate, publicCertFileName.c_str()) != 0)
                throw runtime_error("Failed to save local curve public certificate, cannot initialize ZeroMQ security");
            
            if (zcert_save_secret(localCertificate, privateCertFileName.c_str()) != 0)
                throw runtime_error("Failed to save local curve private certificate, cannot initialize ZeroMQ security");
        }        
    }
    
    // Create new ZeroMQ engine instance
    if (ServerMode())
        m_instance = new ZeroMQServer(m_bufferReceivedCallback, SecurityEnabled(), InactiveClientTimeout(), VerboseOutput(), ConnectionID(), localCertificate);
    else
        m_instance = new ZeroMQClient(m_bufferReceivedCallback, SecurityEnabled(), InactiveClientTimeout(), VerboseOutput(), ConnectionID(), localCertificate);

    m_instance->Initialize(endPoint, instanceName, instanceID);

    log_info("\nEstablished ZeroMQ socket [%s]\n", ConnectionID().ToString().c_str());
}
示例#10
0
文件: qzcert.cpp 项目: diorcety/czmq
///
//  Set certificate metadata from formatted string.
void QZcert::setMeta (const QString &name, const QString &param)
{
    zcert_set_meta (self, name.toUtf8().data(), "%s", param.toUtf8().data());
    
}
示例#11
0
void
zcertstore_test (bool verbose)
{
    printf (" * zcertstore: ");
    if (verbose)
        printf ("\n");

    //  @selftest

    const char *SELFTEST_DIR_RW = "src/selftest-rw";

    const char *testbasedir  = ".test_zcertstore";
    const char *testfile = "mycert.txt";
    char *basedirpath = NULL;   // subdir in a test, under SELFTEST_DIR_RW
    char *filepath = NULL;      // pathname to testfile in a test, in dirpath

    basedirpath = zsys_sprintf ("%s/%s", SELFTEST_DIR_RW, testbasedir);
    assert (basedirpath);
    filepath = zsys_sprintf ("%s/%s", basedirpath, testfile);
    assert (filepath);

    // Make sure old aborted tests do not hinder us
    zdir_t *dir = zdir_new (basedirpath, NULL);
    if (dir) {
        zdir_remove (dir, true);
        zdir_destroy (&dir);
    }
    zsys_file_delete (filepath);
    zsys_dir_delete  (basedirpath);

    //  Create temporary directory for test files
    zsys_dir_create (basedirpath);

    //  Load certificate store from disk; it will be empty
    zcertstore_t *certstore = zcertstore_new (basedirpath);
    assert (certstore);

    //  Create a single new certificate and save to disk
    zcert_t *cert = zcert_new ();
    assert (cert);
    char *client_key = strdup (zcert_public_txt (cert));
    assert (client_key);
    zcert_set_meta (cert, "name", "John Doe");
    zcert_save (cert, filepath);
    zcert_destroy (&cert);

    //  Check that certificate store refreshes as expected
    cert = zcertstore_lookup (certstore, client_key);
    assert (cert);
    assert (streq (zcert_meta (cert, "name"), "John Doe"));

#ifdef CZMQ_BUILD_DRAFT_API
    //  DRAFT-API: Security
    // Iterate through certs
    zlistx_t *certs = zcertstore_certs(certstore);
    cert = (zcert_t *) zlistx_first(certs);
    int cert_count = 0;
    while (cert) {
        assert (streq (zcert_meta (cert, "name"), "John Doe"));
        cert = (zcert_t *) zlistx_next(certs);
        cert_count++;
    }
    assert(cert_count==1);
    zlistx_destroy(&certs);
#endif

    //  Test custom loader
    test_loader_state *state = (test_loader_state *) zmalloc (sizeof (test_loader_state));
    state->index = 0;
    zcertstore_set_loader (certstore, s_test_loader, s_test_destructor, (void *)state);
#if (ZMQ_VERSION_MAJOR >= 4)
    cert = zcertstore_lookup (certstore, client_key);
    assert (cert == NULL);
    cert = zcertstore_lookup (certstore, "abcdefghijklmnopqrstuvwxyzabcdefghijklmn");
    assert (cert);
#endif

    freen (client_key);

    if (verbose)
        zcertstore_print (certstore);
    zcertstore_destroy (&certstore);

    //  Delete all test files
    dir = zdir_new (basedirpath, NULL);
    assert (dir);
    zdir_remove (dir, true);
    zdir_destroy (&dir);

    zstr_free (&basedirpath);
    zstr_free (&filepath);

#if defined (__WINDOWS__)
    zsys_shutdown();
#endif
    //  @end
    printf ("OK\n");
}
示例#12
0
文件: ext_zmq.cpp 项目: Orvid/php-zmq
void HHVM_METHOD(ZMQCert, setMeta, const String& name, const String& fmt) {
  zcert_set_meta(Native::data<ZMQCert>(this_)->zcert, name.c_str(), fmt.c_str());
}
示例#13
0
void certificate::set_meta(const std::string& name, const std::string& value)
{
    zcert_set_meta(self_, name.c_str(), value.c_str());
}