#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include "cconsolestream.h"
static p6ISafeString *m_pStr = NULL;
static p6IRandom *m_pRandom = NULL;
static p6ICryptoKey *m_pKey = NULL;
static p6ISymmetricCrypto *m_pCrypto = NULL;
static p6IKeystore *m_pKeystore = NULL;
static p6IKeystoreInit *m_pStoreInit = NULL;
static P6ERR getSafeString( p6ISafeString **ppStr )
{
printf( "getSafeString [ OK ]\n" );
else printf( "getSafeString [ FAILED ] %x\n", err );
return err;
}
static P6ERR getRNG( p6IRandom **ppRandom )
{
p6IEntropySource *pSource = NULL;
p6IRandomInit *pInit = NULL;
{
if (
P6SUCCEEDED( err = pSource->lpVtbl->initialize( pSource, P6ENTROPY_HIGH )))
{
{
if (
P6SUCCEEDED( err = pInit->lpVtbl->initialize( pInit, P6RAND_NOFLAGS, pSource ))) {
err = pInit->lpVtbl->queryInterface( pInit, &IID_p6IRandom, (
P6VOID**)ppRandom );
}
}
}
}
if (NULL != pSource) pSource->lpVtbl->release( pSource );
if (NULL != pInit ) pInit->lpVtbl->release( pInit );
return err;
}
P6ERR getIGenKeys( p6IGenKeys **ppGenKeys )
{
p6IGenKeys *pTempKeys = NULL;
*ppGenKeys = NULL;
{
if (
P6FAILED( err = pTempKeys->lpVtbl->initialize( pTempKeys, P6GENKEY_NOFLAGS, m_pRandom ))) {
pTempKeys->lpVtbl->release( pTempKeys );
}
else {
*ppGenKeys = pTempKeys;
}
}
return err;
}
P6ERR keystoreAddRootCertFromFile( p6IKeystore *pKeystore,
const P6WCHAR *pszCertificateFile )
{
p6IKeystoreSSL *pSSLHelp = NULL;
if (NULL == pKeystore || NULL == pszCertificateFile) return eInvalidArg;
if (
P6FAILED( err = m_pStr->lpVtbl->wstrlcat( m_pStr, certPath,
P6CNTOF(certPath), pszCertificateFile, NULL )))
return err;
if (
P6FAILED( err = pKeystore->lpVtbl->queryInterface( pKeystore, &IID_p6IKeystoreSSL, (
P6VOID**)&pSSLHelp )))
return err;
err = pSSLHelp->lpVtbl->importTrustedRootCertFromPEMFile( pSSLHelp, certPath, NULL );
pSSLHelp->lpVtbl->release( pSSLHelp );
return err;
}
P6ERR keystoreAddClientCertFromFile( p6IKeystore *pKeystore,
const P6WCHAR *pszHostname,
const P6WCHAR *pszPrivateKeyFile,
const P6WCHAR *pszCertificateFile )
{
p6IKeystoreSSL *pSSLHelp = NULL;
if (NULL == pKeystore || NULL == pszHostname || NULL == pszPrivateKeyFile || NULL == pszCertificateFile ) return eInvalidArg;
if (
P6FAILED( err = m_pStr->lpVtbl->wstrlcat( m_pStr, keyPath,
P6CNTOF(keyPath), pszPrivateKeyFile, NULL )))
return err;
if (
P6FAILED( err = m_pStr->lpVtbl->wstrlcat( m_pStr, certPath,
P6CNTOF(certPath), pszCertificateFile, NULL )))
return err;
if (
P6FAILED( err = pKeystore->lpVtbl->queryInterface( pKeystore, &IID_p6IKeystoreSSL, (
P6VOID**)&pSSLHelp )))
return err;
err = pSSLHelp->lpVtbl->importCredentialsPEM( pSSLHelp,
P6TRUE, pszHostname, keyPath, certPath, NULL, NULL );
pSSLHelp->lpVtbl->release( pSSLHelp );
return err;
}
p6IKeystoreInit** ppInit,
p6IKeystore** ppKeystore
)
{
*ppInit = NULL;
*ppKeystore = NULL;
err = (*ppInit)->lpVtbl->queryInterface( (*ppInit), &IID_p6IKeystore, (
P6VOID**)ppKeystore );
if (
P6FAILED( err = (*ppInit)->lpVtbl->initialize( (*ppInit), P6KEYSTORE_NOFLAGS, m_pCrypto,
SH_SHA256, m_pKey )))
{
if (NULL != (*ppKeystore)) (*ppKeystore)->lpVtbl->release( (*ppKeystore) );
(*ppKeystore) = NULL;
(*ppInit)->lpVtbl->release( (*ppInit) );
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = (*ppInit)->lpVtbl->openSigned( (*ppInit), NULL, pKeystoreName )))
{
if (NULL != (*ppKeystore)) (*ppKeystore)->lpVtbl->release( (*ppKeystore) );
(*ppKeystore) = NULL;
(*ppInit)->lpVtbl->release( (*ppInit) );
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = keystoreAddRootCertFromFile( (*ppKeystore), rootPEM )))
return err;
if (
P6FAILED( err = keystoreAddClientCertFromFile( (*ppKeystore), pszHostname, privPEM, certPEM )))
return err;
return eOk;
}
{
if (NULL != m_pStr ) m_pStr->lpVtbl->release( m_pStr );
if (NULL != m_pRandom ) m_pRandom->lpVtbl->release( m_pRandom );
if (NULL != m_pKey ) m_pKey->lpVtbl->release( m_pKey );
if (NULL != m_pCrypto ) m_pCrypto->lpVtbl->release( m_pCrypto );
if (NULL != m_pStoreInit) m_pStoreInit->lpVtbl->release( m_pStoreInit );
if (NULL != m_pKeystore ) m_pKeystore->lpVtbl->release( m_pKeystore );
}
P6ERR generateKMIPKeystore()
{
p6IGenKeys *pGenKey = NULL;
p6IDir *pDir = NULL;
if (
P6FAILED( err = getSafeString( &m_pStr )))
return err;
if (
P6FAILED( err = getRNG( &m_pRandom )))
return err;
if (
P6FAILED( err = pDir->lpVtbl->initialize( pDir ))) {
pDir->lpVtbl->release( pDir );
return err;
}
if (
P6FAILED( err = getIGenKeys( &pGenKey )))
return err;
err = pGenKey->lpVtbl->genSymmetricKey( pGenKey, &m_pKey, 256,
P6FALSE );
err = pGenKey->lpVtbl->release( pGenKey );
dbPath[0] = '\0';
pDir->lpVtbl->release( pDir );
return err;
}
pDir->lpVtbl->release( pDir );
return err;
}
pDir->lpVtbl->unlink( pDir, dbPath );
dbPath[0] = '\0';
pDir->lpVtbl->release( pDir );
return err;
}
if (
P6FAILED( err = m_pStr->lpVtbl->wstrlcat( m_pStr, dbPath,
P6CNTOF(dbPath), (
const P6WCHAR*)
P6TEXT(
"/db/KMIP12_keystore.sig"), NULL ))) {
pDir->lpVtbl->release( pDir );
return err;
}
pDir->lpVtbl->unlink( pDir, dbPath );
if (
P6SUCCEEDED( err )) err = m_pCrypto->lpVtbl->setKey( m_pCrypto, m_pKey );
dbPath[0] = '\0';
pDir->lpVtbl->release( pDir );
return err;
}
if (
P6FAILED( err = m_pStr->lpVtbl->wstrlcat( m_pStr, dbPath,
P6CNTOF(dbPath), (
const P6WCHAR*)
P6TEXT(
"/db/KMIP12_keystorekey.txt"), NULL ))) {
pDir->lpVtbl->release( pDir );
return err;
}
pDir->lpVtbl->unlink( pDir, dbPath );
if (
P6FAILED( err = m_pKey->lpVtbl->serializeToFile( m_pKey, dbPath )))
return err;
pDir->lpVtbl->release( pDir );
return err;
}
int main(int argc,char *argv[])
{
p6IDataStream *pDataStream = NULL;
if (
P6FAILED( err = createStream( &pDataStream ))) {
printf("ERROR: Failed to create a datastream [ %x ]\n", err );
return 1;
}
{
if (
P6FAILED( err = generateKMIPKeystore()))
printf( "Result of keystore generation: failure [ %x ]\n", err );
else printf( "Result of keystore generation: success\n" );
freeGlobals();
}
else printf("ERROR: Failed to initialize the loader [ %x ]\n", err );
return 0;
}