|
From: | Tobias.Soder |
Subject: | [Help-gnutls] Using the gnutls_sign_callback_set method |
Date: | Fri, 15 May 2009 14:39:13 +0200 |
Hi everybody We’re trying to get gnutls to work with a
cryptographic token. Therefore I’ve had a look at the gnutls_sign_callback_set
method. What I don’t understand is: At which point is the method called
that I’m passing to gnutls_sign_callback_set? I’ve tried it out by doing this: char* testString; int custom_gnutls_sign(gnutls_session_t session, void
*userdata, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert,
const gnutls_datum_t * hash, gnutls_datum_t * signature) { testString
= "Changed!!\n"; } int main (void) { // … declarations testString = "Not changed!\n"; gnutls_global_init(); gnutls_certificate_allocate_credentials(&xcred);
gnutls_certificate_set_x509_trust_file(xcred,CAFILE,GNUTLS_X509_FMT_PEM);
gnutls_certificate_set_x509_key_file(xcred,CERTFILE,KEYFILE,GNUTLS_X509_FMT_PEM); /* initialize TLS session */ gnutls_init(&session, GNUTLS_CLIENT); /* for doc about gnutls_priority_init read the man
page */
ret=gnutls_priority_set_direct(session,"PERFORMANCE",&err); if (ret<0) { if
(ret==GNUTLS_E_INVALID_REQUEST) fprintf(stdout,"ERROR:
Syntax error at %s\n",err); exit(1); } gnutls_credentials_set(session,GNUTLS_CRD_CERTIFICATE,xcred); /* Setting Callback */ gnutls_sign_callback_set(session,
custom_gnutls_sign, NULL); /* connect to peer */ sd=tcp_connect();
gnutls_transport_set_ptr(session,(gnutls_transport_ptr_t)sd); /* perform handshake */ ret=gnutls_handshake(session); if(ret<0) { fprintf(stdout,"ERROR:
Handshake failed\n"); gnutls_perror(ret); goto end; } else printf("INFO: Handshake was
completed\n"); /* verify the server's certificate */ if(ret==0) { int rc; unsigned int status; /* abort if verification
fails */ rc =
gnutls_certificate_verify_peers2(session,&status); if(rc!=0 || status!=0) {
printf("ERROR: Verifying server certificate failed!\n");
exit(1); } printf("INFO: server
verified\n"); } printf("INFO: handshake and server verification
completed\n"); /* print TLS version */ tmp = gnutls_protocol_get_name
(gnutls_protocol_get_version (session)); printf ("INFO: TLS Protocol: %s\n", tmp); /* test the connection with a sample message */ gnutls_record_send(session,MSG,strlen(MSG)); ret=gnutls_record_recv(session,buffer,MAX_BUF); if(ret==0) { printf("INFO: Peer has
closed the connection\n"); goto end; } else if(ret<0) { fprintf(stdout,"ERROR:
%s\n",gnutls_strerror(ret)); goto end; } printf("INFO: Received %d bytes: ", ret); for(ii=0;ii<ret;ii++) fputc(buffer[ii],stdout); fputs("\n",stdout); gnutls_bye(session,GNUTLS_SHUT_RDWR); end: tcp_close(sd); gnutls_deinit(session); gnutls_certificate_free_credentials(xcred); gnutls_global_deinit(); printf(testString); return 0; } The client runs through without any problems. But the
testString is still “Not Changed!” at the last output. So it seems,
that my callback method is never called… What am I doing wrong? Any hints
appreciated! Greetings Tobias |
[Prev in Thread] | Current Thread | [Next in Thread] |