int KSI_HmacHasher_reset(KSI_HmacHasher *hasher) {
int res = KSI_UNKNOWN_ERROR;
if (hasher == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(hasher->ctx);
res = KSI_DataHasher_reset(hasher->dataHasher);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
/* Hash inner data. */
KSI_LOG_logBlob(hasher->ctx, KSI_LOG_DEBUG, "Adding ipad", hasher->ipadXORkey, hasher->blockSize);
res = KSI_DataHasher_add(hasher->dataHasher, hasher->ipadXORkey, hasher->blockSize);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
res = KSI_OK;
cleanup:
return res;
}
static int prepareRequest(
KSI_NetworkClient *client,
void *pdu,
int (*serialize)(void *, unsigned char **, unsigned *),
KSI_RequestHandle **handle,
char *url,
const char *desc) {
int res = KSI_UNKNOWN_ERROR;
KSI_HttpClient *http = (KSI_HttpClient *)client;
KSI_RequestHandle *tmp = NULL;
unsigned char *raw = NULL;
unsigned raw_len = 0;
if (client == NULL || pdu == NULL || handle == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(client->ctx);
res = serialize(pdu, &raw, &raw_len);
if (res != KSI_OK) {
KSI_pushError(client->ctx, res, NULL);
goto cleanup;
}
KSI_LOG_logBlob(client->ctx, KSI_LOG_DEBUG, desc, raw, raw_len);
/* Create a new request handle */
res = KSI_RequestHandle_new(client->ctx, raw, raw_len, &tmp);
if (res != KSI_OK) {
KSI_pushError(client->ctx, res, NULL);
goto cleanup;
}
if (http->sendRequest == NULL) {
KSI_pushError(client->ctx, res = KSI_UNKNOWN_ERROR, "Send request not initialized.");
goto cleanup;
}
res = http->sendRequest(client, tmp, url);
if (res != KSI_OK) {
KSI_pushError(client->ctx, res, NULL);
goto cleanup;
}
*handle = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_RequestHandle_free(tmp);
KSI_free(raw);
return res;
}
static void testReset(CuTest *tc) {
#define TEST_AGGR_RESPONSE_FILE "resource/tlv/ok-sig-2014-07-01.1-aggr_response.tlv"
int res = KSI_UNKNOWN_ERROR;
KSI_BlockSigner *bs = NULL;
KSI_DataHash *hsh = NULL;
KSI_BlockSignerHandle *h = NULL;
KSI_Signature *sig = NULL;
unsigned char *raw = NULL;
size_t len = 0;
res = KSI_CTX_setAggregator(ctx, getFullResourcePathUri(TEST_AGGR_RESPONSE_FILE), TEST_USER, TEST_PASS);
CuAssert(tc, "Unable to set aggregator file URI.", res == KSI_OK);
res = KSITest_DataHash_fromStr(ctx, "0111a700b0c8066c47ecba05ed37bc14dcadb238552d86c659342d1d7e87b8772d", &hsh);
CuAssert(tc, "Unable to create data hash.", res == KSI_OK && hsh != NULL);
res = KSI_BlockSigner_new(ctx, KSI_HASHALG_SHA1, NULL, NULL, &bs);
CuAssert(tc, "Unable to create block signer instance.", res == KSI_OK && bs != NULL);
/* Add the temporary leafs. */
res = KSI_BlockSigner_addLeaf(bs, hsh, 0, NULL, NULL);
CuAssert(tc, "Unable to add 1st mock hash to the blocksigner.", res == KSI_OK);
res = KSI_BlockSigner_addLeaf(bs, hsh, 0, NULL, NULL);
CuAssert(tc, "Unable to add 2nd hash to the blocksigner.", res == KSI_OK);
res = KSI_BlockSigner_addLeaf(bs, hsh, 0, NULL, NULL);
CuAssert(tc, "Unable to add 3rd hash to the blocksigner.", res == KSI_OK);
res = KSI_BlockSigner_reset(bs);
CuAssert(tc, "Unable to reset the block signer.", res == KSI_OK);
res = KSI_BlockSigner_addLeaf(bs, hsh, 0, NULL, &h);
CuAssert(tc, "Unable to add actual hash to the blocksigner.", res == KSI_OK && h != NULL);
res = KSI_BlockSigner_close(bs, NULL);
CuAssert(tc, "Unable to close blocksigner.", res == KSI_OK);
res = KSI_BlockSignerHandle_getSignature(h, &sig);
CuAssert(tc, "Unable to extract signature from the blocksigner.", res == KSI_OK && sig != NULL);
res = KSI_Signature_serialize(sig, &raw, &len);
CuAssert(tc, "Unable to serialize signature.", res == KSI_OK && raw != NULL && len > 0);
KSI_LOG_logBlob(ctx, KSI_LOG_DEBUG, "Serialized single signature from block signer.", raw, len);
KSI_BlockSignerHandle_free(h);
KSI_Signature_free(sig);
KSI_BlockSigner_free(bs);
KSI_DataHash_free(hsh);
KSI_free(raw);
#undef TEST_AGGR_RESPONSE_FILE
}
static void testMultiSerializeSignature(CuTest *tc) {
int res;
KSI_MultiSignature *ms = NULL;
unsigned char *buf = NULL;
size_t buf_len;
createMultiSignature(&ms);
res = KSI_MultiSignature_serialize(ms, &buf, &buf_len);
CuAssert(tc, "Unable to serialize multi signature container.", res == KSI_OK && buf_len > 0);
KSI_LOG_logBlob(ctx, KSI_LOG_DEBUG, "Multi signature", buf, buf_len);
KSI_MultiSignature_free(ms);
KSI_free(buf);
}
static void testSerialize(CuTest *tc) {
int res;
KSI_MultiSignature *ms = NULL;
unsigned char buf[0xffff]; /* Increase the size if more samples are added. */
size_t buf_len;
createMultiSignature(&ms);
res = KSI_MultiSignature_writeBytes(ms, buf, sizeof(buf), &buf_len, 0);
CuAssert(tc, "Unable to serialize multi signature container.", res == KSI_OK && buf_len > 0);
KSI_LOG_logBlob(ctx, KSI_LOG_DEBUG, "Multi signature", buf, buf_len);
KSI_MultiSignature_free(ms);
}
static int readResponse(KSI_RequestHandle *handle) {
int res;
TcpClientCtx *tcp = NULL;
KSI_TcpClient *client = NULL;
int sockfd = -1;
struct sockaddr_in serv_addr;
struct hostent *server = NULL;
size_t count;
unsigned char buffer[0xffff + 4];
KSI_FTLV ftlv;
#ifdef _WIN32
DWORD transferTimeout = 0;
#else
struct timeval transferTimeout;
#endif
if (handle == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(handle->ctx);
tcp = handle->implCtx;
client = handle->client->impl;
sockfd = (int)socket(AF_INET, SOCK_STREAM, 0);
if (sockfd < 0) {
KSI_pushError(handle->ctx, res = KSI_NETWORK_ERROR, "Unable to open socket.");
goto cleanup;
}
#ifdef _WIN32
transferTimeout = client->transferTimeoutSeconds * 1000;
#else
transferTimeout.tv_sec = client->transferTimeoutSeconds;
transferTimeout.tv_usec = 0;
#endif
/*Set socket options*/
setsockopt(sockfd, SOL_SOCKET, SO_RCVTIMEO, (void*)&transferTimeout, sizeof(transferTimeout));
setsockopt(sockfd, SOL_SOCKET, SO_SNDTIMEO, (void*)&transferTimeout, sizeof(transferTimeout));
server = gethostbyname(tcp->host);
if (server == NULL) {
KSI_pushError(handle->ctx, res = KSI_NETWORK_ERROR, "Unable to open host.");
goto cleanup;
}
memset((char *) &serv_addr, 0, sizeof(serv_addr));
serv_addr.sin_family = AF_INET;
memmove((char *)&serv_addr.sin_addr.s_addr, (char *)server->h_addr, server->h_length);
serv_addr.sin_port = htons(tcp->port);
if ((res = connect(sockfd, (struct sockaddr *) &serv_addr, sizeof(serv_addr))) < 0) {
KSI_ERR_push(handle->ctx, KSI_NETWORK_ERROR, res, __FILE__, __LINE__, "Unable to connect.");
res = KSI_NETWORK_ERROR;
goto cleanup;
}
KSI_LOG_logBlob(handle->ctx, KSI_LOG_DEBUG, "Sending request", handle->request, handle->request_length);
count = 0;
while (count < handle->request_length) {
int c;
#ifdef _WIN32
if (handle->request_length > INT_MAX) {
KSI_pushError(handle->ctx, res = KSI_BUFFER_OVERFLOW, "Unable to send more than MAX_INT bytes.");
goto cleanup;
}
c = send(sockfd, (char *) handle->request, (int) handle->request_length, 0);
#else
c = send(sockfd, (char *) handle->request, handle->request_length, 0);
#endif
if (c < 0) {
KSI_pushError(handle->ctx, res = KSI_NETWORK_ERROR, "Unable to write to socket.");
goto cleanup;
}
count += c;
}
res = KSI_FTLV_socketRead(sockfd, buffer, sizeof(buffer), &count, &ftlv);
if (res != KSI_OK || count == 0) {
KSI_pushError(handle->ctx, res = KSI_INVALID_ARGUMENT, "Unable to read TLV from socket.");
goto cleanup;
}
if(count > UINT_MAX){
KSI_pushError(handle->ctx, res = KSI_BUFFER_OVERFLOW, "Too much data read from socket.");
goto cleanup;
}
handle->response = KSI_malloc(count);
if (handle->response == NULL) {
KSI_pushError(handle->ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
memcpy(handle->response, buffer, count);
handle->response_length = count;
handle->completed = true;
res = KSI_OK;
cleanup:
if (sockfd >= 0) close(sockfd);
return res;
}
int KSI_HmacHasher_close(KSI_HmacHasher *hasher, KSI_DataHash **hmac) {
int res = KSI_UNKNOWN_ERROR;
KSI_DataHash *innerHash = NULL;
KSI_DataHash *outerHash = NULL;
const unsigned char *digest = NULL;
size_t digest_len = 0;
if (hasher == NULL || hmac == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(hasher->ctx);
KSI_LOG_debug(hasher->ctx, "Closing inner hasher");
res = KSI_DataHasher_close(hasher->dataHasher, &innerHash);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
/* Hash outer data. */
res = KSI_DataHasher_reset(hasher->dataHasher);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
KSI_LOG_logBlob(hasher->ctx, KSI_LOG_DEBUG, "Adding opad", hasher->opadXORkey, hasher->blockSize);
res = KSI_DataHasher_add(hasher->dataHasher, hasher->opadXORkey, hasher->blockSize);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
res = KSI_DataHash_extract(innerHash, NULL, &digest, &digest_len);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
KSI_LOG_logBlob(hasher->ctx, KSI_LOG_DEBUG, "Adding inner hash", digest, digest_len);
res = KSI_DataHasher_add(hasher->dataHasher, digest, digest_len);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
KSI_LOG_debug(hasher->ctx, "Closing outer hasher");
res = KSI_DataHasher_close(hasher->dataHasher, &outerHash);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
*hmac = KSI_DataHash_ref(outerHash);
res = KSI_OK;
cleanup:
KSI_DataHash_free(innerHash);
KSI_DataHash_free(outerHash);
return res;
}
