path: root/manual/gnutls-guile/Anonymous-Authentication-Guile-Example.html

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<!-- This manual is last updated 5 March 2014 for version
3.4.0 of GnuTLS.

Copyright (C) 2001-2012, 2014 Free Software Foundation, Inc.

Permission is granted to copy, distribute and/or modify this document
under the terms of the GNU Free Documentation License, Version 1.3 or
any later version published by the Free Software Foundation; with no
Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.  A
copy of the license is included in the section entitled "GNU Free
Documentation License". -->
<!-- Created by GNU Texinfo 5.2, http://www.gnu.org/software/texinfo/ -->
<head>
<title>GnuTLS-Guile 3.4.0: Anonymous Authentication Guile Example</title>

<meta name="description" content="GnuTLS-Guile 3.4.0: Anonymous Authentication Guile Example">
<meta name="keywords" content="GnuTLS-Guile 3.4.0: Anonymous Authentication Guile Example">
<meta name="resource-type" content="document">
<meta name="distribution" content="global">
<meta name="Generator" content="makeinfo">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<link href="index.html#Top" rel="start" title="Top">
<link href="Procedure-Index.html#Procedure-Index" rel="index" title="Procedure Index">
<link href="index.html#SEC_Contents" rel="contents" title="Table of Contents">
<link href="Guile-Examples.html#Guile-Examples" rel="up" title="Guile Examples">
<link href="OpenPGP-Authentication-Guile-Example.html#OpenPGP-Authentication-Guile-Example" rel="next" title="OpenPGP Authentication Guile Example">
<link href="Guile-Examples.html#Guile-Examples" rel="prev" title="Guile Examples">
<style type="text/css">
<!--
a.summary-letter {text-decoration: none}
blockquote.smallquotation {font-size: smaller}
div.display {margin-left: 3.2em}
div.example {margin-left: 3.2em}
div.indentedblock {margin-left: 3.2em}
div.lisp {margin-left: 3.2em}
div.smalldisplay {margin-left: 3.2em}
div.smallexample {margin-left: 3.2em}
div.smallindentedblock {margin-left: 3.2em; font-size: smaller}
div.smalllisp {margin-left: 3.2em}
kbd {font-style:oblique}
pre.display {font-family: inherit}
pre.format {font-family: inherit}
pre.menu-comment {font-family: serif}
pre.menu-preformatted {font-family: serif}
pre.smalldisplay {font-family: inherit; font-size: smaller}
pre.smallexample {font-size: smaller}
pre.smallformat {font-family: inherit; font-size: smaller}
pre.smalllisp {font-size: smaller}
span.nocodebreak {white-space:nowrap}
span.nolinebreak {white-space:nowrap}
span.roman {font-family:serif; font-weight:normal}
span.sansserif {font-family:sans-serif; font-weight:normal}
ul.no-bullet {list-style: none}
-->
</style>


</head>

<body lang="en" bgcolor="#FFFFFF" text="#000000" link="#0000FF" vlink="#800080" alink="#FF0000">
<a name="Anonymous-Authentication-Guile-Example"></a>
<div class="header">
<p>
Next: <a href="OpenPGP-Authentication-Guile-Example.html#OpenPGP-Authentication-Guile-Example" accesskey="n" rel="next">OpenPGP Authentication Guile Example</a>, Up: <a href="Guile-Examples.html#Guile-Examples" accesskey="u" rel="up">Guile Examples</a> &nbsp; [<a href="index.html#SEC_Contents" title="Table of contents" rel="contents">Contents</a>][<a href="Procedure-Index.html#Procedure-Index" title="Index" rel="index">Index</a>]</p>
</div>
<hr>
<a name="Anonymous-Authentication-Guile-Example-1"></a>
<h3 class="section">4.1 Anonymous Authentication Guile Example</h3>

<p><em>Anonymous authentication</em> is very easy to use.  No certificates
are needed by the communicating parties.  Yet, it allows them to
benefit from end-to-end encryption and integrity checks.
</p>
<p>The client-side code would look like this (assuming <var>some-socket</var>
is bound to an open socket port):
</p>
<a name="index-connection_002dend_002fclient"></a>
<a name="index-kx_002fanon_002ddh"></a>
<a name="index-close_002drequest_002frdwr"></a>

<div class="example">
<pre class="example">;; Client-side.

(let ((client (make-session connection-end/client)))
  ;; Use the default settings.
  (set-session-default-priority! client)

  ;; Don't use certificate-based authentication.
  (set-session-certificate-type-priority! client '())

  ;; Request the &quot;anonymous Diffie-Hellman&quot; key exchange method.
  (set-session-kx-priority! client (list kx/anon-dh))

  ;; Specify the underlying socket.
  (set-session-transport-fd! client (fileno some-socket))

  ;; Create anonymous credentials.
  (set-session-credentials! client
                            (make-anonymous-client-credentials))

  ;; Perform the TLS handshake with the server.
  (handshake client)

  ;; Send data over the TLS record layer.
  (write &quot;hello, world!&quot; (session-record-port client))

  ;; Terminate the TLS session.
  (bye client close-request/rdwr))
</pre></div>

<p>The corresponding server would look like this (again, assuming
<var>some-socket</var> is bound to a socket port):
</p>
<a name="index-connection_002dend_002fserver"></a>

<div class="example">
<pre class="example">;; Server-side.

(let ((server (make-session connection-end/server)))
  (set-session-default-priority! server)
  (set-session-certificate-type-priority! server '())
  (set-session-kx-priority! server (list kx/anon-dh))

  ;; Specify the underlying transport socket.
  (set-session-transport-fd! server (fileno some-socket))

  ;; Create anonymous credentials.
  (let ((cred (make-anonymous-server-credentials))
        (dh-params (make-dh-parameters 1024)))
    ;; Note: DH parameter generation can take some time.
    (set-anonymous-server-dh-parameters! cred dh-params)
    (set-session-credentials! server cred))

  ;; Perform the TLS handshake with the client.
  (handshake server)

  ;; Receive data over the TLS record layer.
  (let ((message (read (session-record-port server))))
    (format #t &quot;received the following message: ~a~%&quot;
            message)

    (bye server close-request/rdwr)))
</pre></div>

<p>This is it!
</p>




</body>
</html>