Götz Babin-Ebell's contributed "simplessl.c" example source code

2 files changed, 112 insertions, 1 deletions

diff --git a/docs/examples/Makefile.am b/docs/examples/Makefile.am
index 6414e7d1d..374fe95d6 100644
--- a/docs/examples/Makefile.am
+++ b/docs/examples/Makefile.am
@@ -6,7 +6,8 @@ AUTOMAKE_OPTIONS = foreign no-dependencies
 
 EXTRA_DIST = README curlgtk.c sepheaders.c simple.c postit.c postit2.c \
 	     win32sockets.c persistant.c ftpget.c Makefile.example \
-	     multithread.c getinmemory.c ftpupload.c httpput.c
+	     multithread.c getinmemory.c ftpupload.c httpput.c \
+	     simplessl.c
 
 all:
 	@echo "done"
diff --git a/docs/examples/simplessl.c b/docs/examples/simplessl.c
new file mode 100644
index 000000000..534fac849
--- /dev/null
+++ b/docs/examples/simplessl.c
@@ -0,0 +1,110 @@
+/*****************************************************************************
+ *                                  _   _ ____  _     
+ *  Project                     ___| | | |  _ \| |    
+ *                             / __| | | | |_) | |    
+ *                            | (__| |_| |  _ <| |___ 
+ *                             \___|\___/|_| \_\_____|
+ *
+ * $Id$
+ */
+
+#include <stdio.h>
+
+#include <curl/curl.h>
+#include <curl/types.h>
+#include <curl/easy.h>
+
+
+/* some requirements for this to work:
+   1.   set pCertFile to the file with the client certificate
+   2.   if the key is passphrase protected, set pPassphrase to the
+        passphrase you use
+   3.   if you are using a crypto engine:
+   3.1. set a #define USE_ENGINE
+   3.2. set pEngine to the name of the crypto engine you use
+   3.3. set pKeyName to the key identifier you want to use
+   4.   if you don't use a crypto engine:
+   4.1. set pKeyName to the file name of your client key
+   4.2. if the format of the key file is DER, set pKeyType to "DER"
+
+   !! verify of the server certificate is not implemented here !!
+*/
+
+int main(int argc, char **argv)
+{
+  CURL *curl;
+  CURLcode res;
+  FILE *headerfile;
+
+  const char *pCertFile = "testcert.pem";
+
+  const char *pKeyName;
+  const char *pKeyType;
+
+  const char *pEngine;
+
+#if USE_ENGINE
+  pKeyName  = "rsa_test";
+  pKeyType  = "ENG";
+  pEngine   = "chil";            /* for nChiper HSM... */
+#else
+  pKeyName  = "testkey.pem";
+  pKeyType  = "PEM";
+  pEngine   = NULL;
+#endif
+
+  const char *pPassphrase = NULL;
+
+  headerfile = fopen("dumpit", "w");
+
+  curl_global_init(CURL_GLOBAL_DEFAULT);
+
+  curl = curl_easy_init();
+  if(curl) {
+    /* what call to write: */
+    curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://curl.haxx.se");
+    curl_easy_setopt(curl, CURLOPT_WRITEHEADER, headerfile);
+
+    while(1)                    /* do some ugly short cut... */
+    {
+       if (pEngine)             /* use crypto engine */
+       {
+          if (curl_easy_setopt(curl, CURLOPT_SSLENGINE,pEngine) != CURLE_OK)
+          {                     /* load the crypto engine */
+             fprintf(stderr,"can't set crypto engine\n");
+             break;
+          }
+          if (curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT,1) != CURLE_OK)
+          {                     /* set the crypto engine as default */
+                                /* only needed for the first time you load
+                                   a engine in a curl object... */
+             fprintf(stderr,"can't set crypto engine as default\n");
+             break;
+          }
+       }
+                                /* cert is stored PEM coded in file... */
+                                /* since PEM is default, we needn't set it for PEM */
+       curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
+                                /* set the cert for client authentication */
+       curl_easy_setopt(curl,CURLOPT_SSLCERT,pCertFile);
+                                /* sorry, for engine we must set the passphrase
+                                   (if the key has one...) */
+       if (pPassphrase)
+          curl_easy_setopt(curl,CURLOPT_SSLKEYPASSWD,pPassphrase);
+                                /* if we use a key stored in a crypto engine,
+                                   we must set the key type to "ENG" */
+       curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,pKeyType);
+                                /* set the private key (file or ID in engine) */
+       curl_easy_setopt(curl,CURLOPT_SSLKEY,pKeyName);
+       
+       res = curl_easy_perform(curl);
+       break;                   /* we are done... */
+    }
+    /* always cleanup */
+    curl_easy_cleanup(curl);
+  }
+
+  curl_global_cleanup();
+
+  return 0;
+}