tlsclient

tlsclient.cr

require "libtls"

ca_file = "/tmp/ca.pem"
host = "www.example.com"
port = "443"

exit if LibTls.tls_init() == nil
exit unless ctx = LibTls.tls_client()
exit unless config = LibTls.tls_config_new()
exit if LibTls.tls_config_set_ca_file(config, ca_file) < 0
LibTls.tls_config_set_protocols(config, LibTls::TLS_PROTOCOL_TLSv1_2)
exit if LibTls.tls_config_set_ciphers(config, "CAMELLIA:AESGCM") < 0
exit if LibTls.tls_configure(ctx, config) < 0
exit if LibTls.tls_connect(ctx, host, port) < 0
exit if LibTls.tls_handshake(ctx) < 0

send_message = "GET / HTTP/1.1\r\nHost: #{host}\r\n\r\n"
exit if LibTls.tls_write(ctx, send_message, send_message.size) < 0

puts "---"
exit unless issuer = LibTls.tls_peer_cert_issuer(ctx)
puts "issuer: #{String.new(issuer)}"
exit unless subject = LibTls.tls_peer_cert_subject(ctx)
puts "subject: #{String.new(subject)}"
exit unless hash = LibTls.tls_peer_cert_hash(ctx)
puts "hash: #{String.new(hash)}"
exit unless cipher = LibTls.tls_conn_cipher(ctx)
puts "cipher: #{String.new(cipher)}"
exit unless version = LibTls.tls_conn_version(ctx)
puts "version: #{String.new(version)}"
exit if notbefore = LibTls.tls_peer_cert_notbefore(ctx) < 0
puts "notbefore: #{notbefore}"
exit if notafter = LibTls.tls_peer_cert_notafter(ctx) < 0
puts "notafter: #{notafter}"
puts "---"

buf = MemoryIO.new
len = LibTls.tls_read(ctx, buf.to_slice, 0xffff)
pointer = buf.to_slice.pointer(buf.size)
puts String.new(pointer.to_slice(len))

exit if LibTls.tls_close(ctx) < 0
LibTls.tls_config_free(config)
LibTls.tls_free(ctx)