#include <stdio.h>
#include <stdlib.h>
#include <memory>
#include "p6sax2contenthandler.h"
#include "cconsolestream.h"
#include "cwalkmessage2.h"
using namespace P6R;
namespace {
class CKmipExample14
{
public:
CKmipExample14(): m_pResponse( NULL ),
m_pWalk( NULL ),
m_port( 0 ),
m_pHostName( NULL ),
m_maxMsgSize( 8192 )
{ }
~CKmipExample14()
{
if (NULL != m_pHostName ) m_cpStr->wstrfree( m_pHostName );
if (NULL != m_cpStoreInit) m_cpStoreInit->close();
if (NULL != m_pResponse ) m_pResponse->release();
if (NULL != m_pWalk ) delete m_pWalk;
}
protected:
CWalkMessage2* m_pWalk;
};
{
{
if (
P6SUCCEEDED( err = cpKeyInit->initialize( P6CKF_NONE, m_cpRandom )))
{
{
}
}
}
return err;
}
{
*ppGenKeys = NULL;
{
if (
P6SUCCEEDED( err = cpGenKeys->initialize( P6GENKEY_NOFLAGS, m_cpRandom )))
{
}
}
return err;
}
{
*ppIface = NULL;
{
err = (*ppIface)->initialize( P6GENCERTS_NOFLAGS );
{
(*ppIface)->release();
*ppIface = NULL;
}
}
return err;
}
{
if (!pKeystore || !pszCertificateFile) return eInvalidArg;
if (
P6FAILED( err = m_cpStr->wstrlcat( certPath,
P6CNTOF(certPath), pszCertificateFile, NULL )))
return err;
err = cpSSLHelp->importTrustedRootCertFromPEMFile( certPath, NULL );
}
return err;
}
{
if (!pKeystore || !pszHostname || !pszPrivateKeyFile || !pszCertificateFile ) return eInvalidArg;
if (
P6FAILED( err = m_cpStr->wstrlcat( keyPath,
P6CNTOF(keyPath), pszPrivateKeyFile, NULL )))
return err;
if (
P6FAILED( err = m_cpStr->wstrlcat( certPath,
P6CNTOF(certPath), pszCertificateFile, NULL )))
return err;
err = cpSSLHelp->importCredentialsPEM(
P6TRUE, pszHostname, keyPath, certPath, NULL, NULL );
}
return err;
}
{
*ppInit = NULL;
*ppKeystore = NULL;
if (
P6FAILED( err = (*ppInit)->initialize( P6KEYSTORE_NOFLAGS, m_cpCrypto,
SH_SHA256, m_cpSignKey )))
{
if (NULL != (*ppKeystore)) (*ppKeystore)->release();
(*ppKeystore) = NULL;
(*ppInit)->release();
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = (*ppInit)->openSigned( NULL, pKeystoreName )))
{
if (NULL != (*ppKeystore)) (*ppKeystore)->release();
(*ppKeystore) = NULL;
(*ppInit)->release();
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = keystoreAddRootCertFromFile( (*ppKeystore), rootPEM )))
return err;
if (
P6FAILED( err = keystoreAddClientCertFromFile( (*ppKeystore), m_pHostName, privPEM, certPEM )))
return err;
return eOk;
}
{
{
if (
P6SUCCEEDED( err = cpSource->initialize( P6ENTROPY_HIGH )))
{
{
if (
P6SUCCEEDED( err = cpInit->initialize( P6RAND_NOFLAGS, cpSource ))) {
}
}
}
}
return err;
}
{
if (
P6FAILED( err = pRequest->
getBufPtr( &pRawBuffer, &dontCare, &bytesLeft )))
return err;
{
err = pSocket->
send( &pRawBuffer[offset], bytesLeft, &bytesSent, tTimeout );
bytesLeft -= bytesSent;
offset += bytesSent;
bytesSent = 0;
}
cBytesSent = offset;
return err;
}
{
m_port = 5696;
if (
P6FAILED( err = m_cpStr->wstrdup(
P6TEXT(
"fqdn.com"), &m_pHostName )))
return err;
if (
P6FAILED( err = cpDir->initialize()))
return err;
if (
P6FAILED( err = getRNG( m_cpRandom.addressof())))
return err;
{
err = cpGenKey->genSymmetricKey( m_cpSignKey.addressof(), 256,
P6FALSE );
}
}
if (
P6SUCCEEDED( err )) err = m_cpCrypto->setKey( cpKey );
if (
P6FAILED( err = m_cpStr->wstrlcat( dbPath,
P6CNTOF(dbPath),
P6TEXT(
"/db/KMIP12_keystore"), NULL )))
return err;
cpDir->unlink( dbPath );
if (
P6FAILED( err = m_cpStr->wstrlcat( dbPath,
P6CNTOF(dbPath),
P6TEXT(
"/db/KMIP12_keystore.sig"), NULL )))
return err;
cpDir->unlink( dbPath );
err = createKeystore(
P6TEXT(
"KMIP12_keystore"),
P6TEXT(
"RootCert.pem"),
P6TEXT(
"ClientCert.pem"),
P6TEXT(
"ClientPrivate.pem"), m_cpStoreInit.addressof(), m_cpKeystore.addressof());
if (
P6FAILED( err = m_cpIT->initialize()))
return err;
if (
P6FAILED( err = m_cpPool->initialize(
P6CTEXT(
"Buffer pool"), m_maxMsgSize, 2, 3, P6IOBF_NOFLAGS )))
return err;
if (
P6FAILED( err = m_cpPool->alloc( &m_pResponse )))
return err;
if (
P6FAILED( err = m_cpEncoder->initialize( P6KMIPENCODER_NOFLAGS, P6KMIP_VERSION_10, m_cpPool, &encodePrefs )))
return err;
if (
P6FAILED( err = m_cpDecoder->initialize( P6KMIPDECODER_NOFLAGS )))
return err;
if (NULL == (m_pWalk = new (std::nothrow) CWalkMessage2())) return eNoMemory;
if (
P6FAILED( err = m_pWalk->initialize( m_cpDecoder )))
return err;
return err;
}
{
P6NETADDR netAddress;
P6NETADDR hostAddr;
P6INTERVAL tTimeout = 0;
if (
P6FAILED( err = cpNetdb->initialize()))
return err;
if (
P6FAILED( err = cpNetdb->getHostByNameW( m_pHostName, &hostAddr )))
return err;
if (
P6FAILED( err = cpNetHelper->netAddrToWStr( &hostAddr, iphostName,
P6CNTOF(iphostName), NULL,
P6FALSE )))
return err;
pAddr = iphostName;
if (
P6FAILED( err = m_cpSocket->initialize( P6AF_INET, P6SF_SECURESSL )))
return err;
err = cpInitSSL->initSecureSocket( m_cpKeystore, m_cpPool, m_pHostName, NULL, (P6SSF_METHOD_NEGOTIATE | P6SSF_SECURE_CLIENT | P6SSF_SECURE_CLIENT_AUTH | P6SSF_LOG_X509SUBJECTLOOKUPS | P6SSF_SECURE_CLIENT | P6SF_SECURESSL));
ipPlusPort[0] = 0;
err = m_cpStr->wstrlcat( ipPlusPort, 100,
P6CTEXT(
"0.0.0.0:0"), NULL );
if (
P6FAILED( err = cpNetHelper->wStrToNetAddr( ipPlusPort, &netAddress )))
return err;
if (
P6FAILED( err = m_cpSocket->bind( &netAddress )))
return err;
if (
P6FAILED( err = m_cpStr->formatStringW( ipPlusPort,
P6CNTOF(ipPlusPort), NULL,
P6CTEXT(
"%1$:%2$"), args, 2 )))
return err;
if (
P6FAILED( err = cpNetHelper->wStrToNetAddr( ipPlusPort, &netAddress )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
return m_cpSocket->connect( &netAddress, tTimeout );
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pUniqueId->
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addDestroyRequest( *pUniqueId, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseResult( m_pResponse, KMIP_OP_DESTROY, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pUniqueId->
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addGetRequest( *pUniqueId, NULL, NULL, NULL, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseKeyMaterial( m_pResponse, &objId, pKeyMaterial, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pUniqueId->
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addAddAttributeRequest( *pUniqueId, *pAttribute, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseUniqueId( m_pResponse, KMIP_OP_ADDATTRIBUTE, pUniqueId, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
attributeList[0].
type = KMIP_ATTRIB_CRYPTOALGORITHM;
attributeList[0].
index = 0;
attributeList[1].
type = KMIP_ATTRIB_CRYPTOLENGTH;
attributeList[1].
index = 0;
attributeList[2].
type = KMIP_ATTRIB_CRYPTOUSAGEMASK;
attributeList[2].
index = 0;
attributeList[3].
type = KMIP_ATTRIB_EXTENSION;
attributeList[3].
index = 0;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addCreateRequest( attributes, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseUniqueId( m_pResponse, KMIP_OP_CREATE, pUniqueId, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pObjName || 0 == nameLength) return eFail;
attributeList[0].
type = KMIP_ATTRIB_OBJECTTYPE;
attributeList[0].
index = 0;
attributeList[1].
type = KMIP_ATTRIB_NAME;
attributeList[1].
index = 0;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addLocateRequest( NULL, NULL, NULL, 2, attributeList, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseUniqueId( m_pResponse, KMIP_OP_LOCATE, pUniqueId, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pQuery) return eFail;
queryFunctions[0] = KMIP_QUERY_OPERATIIONS;
queryFunctions[1] = KMIP_QUERY_OBJECTS;
queryFunctions[2] = KMIP_QUERY_SERVERINFORMATION;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addQueryRequest( 3, queryFunctions, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseQuery( m_pResponse, pQuery, &result );
}
}
}
if (KMIP_RESULT_SUCCESS != result.resultStatus) return eFail;
}
}
return err;
}
{
KMIP_QUERY queryResults;
P6BSTR keyMaterial = { NULL, 0 };
if (
P6FAILED( err = createTLSSession()))
return err;
m_cpStr->setMem( &queryResults, 0, sizeof( KMIP_QUERY ));
{
printf("\nStart Server Operations: %d\n", queryResults.countOps );
for(
P6UINT32 i=0; i < queryResults.countOps; i++ ) {
printf( "%x, ", queryResults.operations[i] );
}
printf("\nEnd Operations\n");
printf("\nStart Server Objects: %d\n", queryResults.countObjects );
for(
P6UINT32 j=0; j < queryResults.countObjects; j++ ) {
printf( "%x, ", queryResults.objects[j] );
}
printf("\nEnd Objects\n");
if (NULL != queryResults.serverInfo.pString) {
printf("\nVendorId: %s\n\n", queryResults.serverInfo.pString );
}
}
if (
P6FAILED( err = createKey( &uniqueId ))) {
printf( "\nFailed to create key on KMIP server %x\n", err );
return err;
}
else
{ printf(
"\nNew key's unique identifer [%s] %d\n\n", uniqueId.
pString, (
int)uniqueId.
length );
attribute.
type = KMIP_ATTRIB_NAME;
if (
P6FAILED( err = addAttribute( &uniqueId, &attribute ))) {
printf( "\nFailed to add a Name attribute to the key %x\n", err );
}
}
if (
P6FAILED( err = locateByName(
"A5B2CD83764F07764654", 20, KMIP_OBJECT_SYMMETRICKEY, &locateId ))) {
printf( "\nFailed to locate the key's by name 1 %x\n", err );
}
else
{
if (uniqueId.
length != locateId.
length) printf(
"\nFailed to locate the key's by name 2\n" );
printf( "\nFailed to locate the key's by name 3\n" );
break;
}
}
}
if (
P6SUCCEEDED( err = getKeyMaterial( &locateId, &keyMaterial )))
{
printf(
"\nStart key material: %d bytes\n", (
int)keyMaterial.
length );
printf(
"%x", keyMaterial.
pString[i] );
}
printf("\nEnd key material\n\n");
}
else printf( "\nFailed to Get key material from the KMIP server %x\n", err );
if (
P6FAILED( err = destroyObject( &uniqueId ))) {
printf( "\nFailed to Destroy key off the KMIP server %x\n", err );
}
return err;
}
{
CKmipExample14 example;
err = example.run( pDataStream );
}
}
}
int main(int argc,char *argv[])
{
{
{
KMIP_ManageKeys( cpDataStream );
}
else printf("ERROR: Failed to initialize the loader [ %x ]\n", err );
}
else printf( "ERROR: Failed to create CConsoleStream [ %x ]\n", err );
return err;
}