HTTPS/Client-authenticated: Difference between revisions

← Older edit

HTTPS/Client-authenticated (view source)

Revision as of 10:14, 10 December 2023

2,542 bytes added , 5 months ago

m

→‎{{header|Wren}}: Another minor change

PureFox

9,476

edits

Revision as of 16:22, 19 January 2022 (view source) Petelomax (talk \| contribs) m (→‎{{header\|Phix}}: added syntax colouring, marked p2js incompatible) ← Older edit		Latest revision as of 10:14, 10 December 2023 (view source) PureFox (talk \| contribs) m (→‎{{header\|Wren}}: Another minor change)
(8 intermediate revisions by 5 users not shown)
Line 4: This task is in general useful for use with [[Creating a SOAP Client\|webservice client]]s as it offers a high level of assurance that the client is an acceptable counterparty for the server. For example, [http://aws.amazon.com/ Amazon Web Services] uses this style of authentication. =={{header\|Arturo}}== <syntaxhighlight lang="arturo">r: request.get.certificate:"mycert.pem" "https://www.example.com" ø</syntaxhighlight> =={{header\|C sharp\|C#}}== {{works with\|C sharp\|3.0}} <~~lang~~syntaxhighlight lang="csharp"> using System; using System.Net; Line 32 ⟶ 36: } } </syntaxhighlight> ~~</lang>~~ =={{header\|Go}}== <~~lang~~syntaxhighlight Golang="go">package main import ( Line 73 ⟶ 77: } </syntaxhighlight> ~~</lang>~~ =={{header\|Java}}== <syntaxhighlight lang="java"> import java.io.BufferedInputStream; import java.io.FileInputStream; import java.net.URI; import java.net.URL; import java.security.KeyStore; import java.util.Scanner; import javax.net.ssl.HttpsURLConnection; import javax.net.ssl.KeyManagerFactory; import javax.net.ssl.SSLContext; public final class HTTPSClientAuthenticated { public static void main(String[] aArgs) throws Exception { final String keyStorePath = "the/path/to/keystore"; // The key store contains the client's certificate final String keyStorePassword = "my-password"; SSLContext sslContext = getSSLContext(keyStorePath, keyStorePassword); URL url = new URI("https://somehost.com").toURL(); HttpsURLConnection connection = (HttpsURLConnection) url.openConnection(); connection.setSSLSocketFactory(sslContext.getSocketFactory()); // Obtain response from the url BufferedInputStream response = (BufferedInputStream) connection.getInputStream(); try ( Scanner scanner = new Scanner(response) ) { String responseBody = scanner.useDelimiter("\\A").next(); System.out.println(responseBody); } } private static SSLContext getSSLContext(String aPath, String aPassword) throws Exception { KeyStore keyStore = KeyStore.getInstance("pkcs12"); keyStore.load( new FileInputStream(aPath), aPassword.toCharArray()); KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance("PKIX"); keyManagerFactory.init(keyStore, aPassword.toCharArray()); SSLContext sslContext = SSLContext.getInstance("TLS"); sslContext.init(keyManagerFactory.getKeyManagers(), null, null); return sslContext; } } </syntaxhighlight> =={{header\|Julia}}== <~~lang~~syntaxhighlight lang="julia">using HTTP, MbedTLS conf = MbedTLS.SSLConfig(true, log_secrets="/utl/secret_key_log.log") Line 82 ⟶ 132: println(resp) </~~lang~~syntaxhighlight>{{output}}<pre> HTTP.Messages.Response: """ Line 102 ⟶ 152: =={{header\|Kotlin}}== <~~lang~~syntaxhighlight lang="scala">// version 1.2.0 import java.security.KeyStore Line 138 ⟶ 188: println(line) } }</~~lang~~syntaxhighlight> =={{header\|Lasso}}== <~~lang~~syntaxhighlight ~~Lasso~~lang="lasso">local(sslcert = file('myCert.pem')) local(x = curl('https://sourceforge.net')) #x->set(CURLOPT_SSLCERT, #sslcert->readstring) #sslcert->close #x->result->asString</~~lang~~syntaxhighlight> =={{header\|Mathematica}} / {{header\|Wolfram Language}}== <~~lang~~syntaxhighlight ~~Mathematica~~lang="mathematica">a = RunThrough["curl -E myCert.pem https://www.example.com", 1] For[ i=0, i < Length[a] , i++, SomeFunction[a]]</~~lang~~syntaxhighlight> =={{header\|Nim}}== <~~lang~~syntaxhighlight lang="nim">import httpclient, net var client = newHttpClient(sslContext = newContext(certFile = "mycert.pem")) var r = client.get("https://www.example.com")</~~lang~~syntaxhighlight> =={{header\|Perl}}== <~~lang~~syntaxhighlight ~~python~~lang="perl">#!/usr/bin/env perl -T use 5.018_002; use warnings; Line 178 ⟶ 228: else { say $res->status_line; }</~~lang~~syntaxhighlight> =={{header\|Phix}}== {{libheader\|Phix/libcurl}} Exactly the same as the HTTP#Phix task, except for the CURLOPT_SSLCERT part. <!--<~~lang~~syntaxhighlight ~~Phix~~lang="phix">(notonline)--> <span style="color: #008080;">without</span> <span style="color: #008080;">js</span> <span style="color: #008080;">include</span> <span style="color: #000000;">builtins</span><span style="color: #0000FF;">\</span><span style="color: #000000;">libcurl</span><span style="color: #0000FF;">.</span><span style="color: #000000;">e</span> Line 197 ⟶ 247: <span style="color: #7060A8;">puts</span><span style="color: #0000FF;">(</span><span style="color: #000000;">1</span><span style="color: #0000FF;">,</span><span style="color: #000000;">res</span><span style="color: #0000FF;">)</span> <!--</~~lang~~syntaxhighlight>--> =={{header\|PicoLisp}}== <~~lang~~syntaxhighlight ~~PicoLisp~~lang="picolisp">(in '(curl "-E" "myCert.pem" "https://www.example.com") (while (line) (doSomeProcessingWithLine @) ) )</~~lang~~syntaxhighlight> =={{header\|Python}}== <~~lang~~syntaxhighlight lang="python">import httplib connection = httplib.HTTPSConnection('www.example.com',cert_file='myCert.PEM') Line 211 ⟶ 261: response = connection.getresponse() data = response.read() </syntaxhighlight> ~~</lang>~~ =={{header\|Racket}}== Skeleton code to connect to a server: <~~lang~~syntaxhighlight lang="racket"> #lang racket (require openssl/mzssl) Line 223 ⟶ 273: (ssl-load-verify-root-certificates! ctx "my-cert.pem") (define-values [I O] (ssl-connect "www.example.com" 443 ctx)) </syntaxhighlight> ~~</lang>~~ =={{header\|Raku}}== (formerly Perl 6) <syntaxhighlight lang="raku" line> ~~<lang perl6>~~ # cert creation commands Line 256 ⟶ 306: $s.close; </syntaxhighlight> ~~</lang>~~ =={{header\|Ruby}}== <~~lang~~syntaxhighlight ~~Ruby~~lang="ruby">require 'uri' require 'net/http' Line 270 ⟶ 320: request = Net::HTTP::Get.new uri http.request request end</~~lang~~syntaxhighlight> =={{header\|Rust}}== {{works with\|Rust\|2021}} Line 278 ⟶ 328: Native (system) TLS libraries are used instead of Rustls, the Rust TLS implementation, because we use a PKCS#12 certificate which at the time of writing does not seem to be available on Rustls. A PKCS#12 certificate is used instead of its PEM equivalent because reading password-protected PEM files [https://docs.rs/reqwest/0.11.6/reqwest/tls/struct.Identity.html#method.from_pem does not seem to be available] either. <~~lang~~syntaxhighlight lang="toml">reqwest = {version = "0.11", features = ["native-tls", "blocking"]}</~~lang~~syntaxhighlight> ===src/main.rs=== <~~lang~~syntaxhighlight lang="rust">use std::fs::File; use std::io::Read; Line 307 ⟶ 357: Ok(()) }</~~lang~~syntaxhighlight> =={{header\|Scala}}== <~~lang~~syntaxhighlight ~~Scala~~lang="scala">import java.io.FileInputStream import java.net.URL import java.security.KeyStore Line 338 ⟶ 388: new BufferedSource(con.getInputStream).getLines.foreach(println(_)) }</~~lang~~syntaxhighlight> =={{header\|Tcl}}== Uses the [http://tls.sourceforge.net Tls] package. <~~lang~~syntaxhighlight lang="tcl">package require http package require tls Line 357 ⟶ 407: # Now as for conventional use of the “http” package set data [http::data $token] http::cleanup $token</~~lang~~syntaxhighlight> =={{header\|Wren}}== {{libheader\|libcurl}} An embedded program so we can ask the C host to communicate with libcurl for us. <~~lang~~syntaxhighlight ~~ecmascript~~lang="wren">/* ~~https_client~~HTTPS_Client-authenticated.wren / var CURLOPT_URL = 10002 Line 395 ⟶ 445: return } curl.easyCleanup()</~~lang~~syntaxhighlight> <br> We now embed this in the following C program, compile and run it. <~~lang~~syntaxhighlight lang="c">/ gcc ~~https_client~~HTTPS_Client-authenticated.c -o ~~https_client~~HTTPS_Client-authenticated -lcurl -lwren -lm / #include <stdio.h> Line 498 ⟶ 548: WrenVM vm = wrenNewVM(&config); const char* module = "main"; const char* fileName = "~~https_client~~HTTPS_Client-authenticated.wren"; char script = readFile(fileName); WrenInterpretResult result = wrenInterpret(vm, module, script); Line 514 ⟶ 564: free(script); return 0; }</~~lang~~syntaxhighlight> =={{header\|zkl}}== Uses libCurl. <~~lang~~syntaxhighlight lang="zkl">var CURL=Import("zklCurl"), c=CURL(); c.setOpt("SSLCERT","certFile.pem"); c.setOpt("SSLCERTTYPE","pem"); c.get("http://zenkinetic.com"); // lame example to show how to read</~~lang~~syntaxhighlight> {{omit from\|Batch File\|Does not have network access.}} {{omit from\|Brainf**}} {{omit from\|Commodore BASIC\|Does not have network access}} {{omit from\|EasyLang\|Has no internet functions}} {{omit from\|Inform 7\|Does not have network access.}} {{omit from\|Locomotive Basic\|Does not have network access.}}