static int CurlNetHandleCtx_new(KSI_CTX *ctx, CurlNetHandleCtx **handleCtx) {
int res = KSI_UNKNOWN_ERROR;
CurlNetHandleCtx *tmp = NULL;
if (handleCtx == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
tmp = KSI_new(CurlNetHandleCtx);
if (tmp == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
tmp->ctx = ctx;
tmp->curl = NULL;
tmp->len = 0;
tmp->raw = NULL;
tmp->curlErr[0] = '\0';
tmp->httpHeaders = NULL;
*handleCtx = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
CurlNetHandleCtx_free(tmp);
return res;
}
int KSI_PublicationData_new(KSI_CTX *ctx, KSI_PublicationData **t) {
int res = KSI_UNKNOWN_ERROR;
KSI_PublicationData *tmp = NULL;
if (ctx == NULL || t == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
tmp = KSI_new(KSI_PublicationData);
if (tmp == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
tmp->ctx = ctx;
tmp->ref = 1;
tmp->time = NULL;
tmp->imprint = NULL;
tmp->baseTlv = NULL;
*t = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_PublicationData_free(tmp);
return res;
}
int KSI_PublicationRecord_new(KSI_CTX *ctx, KSI_PublicationRecord **t) {
int res = KSI_UNKNOWN_ERROR;
KSI_PublicationRecord *tmp = NULL;
if (ctx == NULL || t == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
tmp = KSI_new(KSI_PublicationRecord);
if (tmp == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
tmp->ctx = ctx;
tmp->ref = 1;
tmp->publishedData = NULL;
tmp->repositoryUriList = NULL;
tmp->publicationRef = NULL;
*t = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_PublicationRecord_free(tmp);
return res;
}
/*
* FIXME! At the moment the users may not create publications files, as there are
* missing functions to manipulate its contents.
*/
int KSI_PublicationsFile_new(KSI_CTX *ctx, KSI_PublicationsFile **t) {
int res = KSI_UNKNOWN_ERROR;
KSI_PublicationsFile *tmp = NULL;
tmp = KSI_new(KSI_PublicationsFile);
if (tmp == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
tmp->ctx = ctx;
tmp->ref = 1;
tmp->raw = NULL;
tmp->raw_len = 0;
tmp->header = NULL;
tmp->certificates = NULL;
tmp->publications = NULL;
tmp->signature = NULL;
tmp->certConstraints = NULL;
*t = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_PublicationsFile_free(tmp);
return res;
}
static int winhttpNetHandleCtx_new(winhttpNetHandleCtx **handleCtx){
winhttpNetHandleCtx *nhc = NULL;
int res = KSI_UNKNOWN_ERROR;
nhc = KSI_new(winhttpNetHandleCtx);
if (nhc == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
nhc->ctx = NULL;
nhc->session_handle = NULL;
nhc->connection_handle = NULL;
nhc->request_handle = NULL;
*handleCtx = nhc;
nhc = NULL;
res = KSI_OK;
cleanup:
winhttpNetHandleCtx_free(nhc);
return res;
}
int KSI_PKICertificate_new(KSI_CTX *ctx, const void *der, size_t der_len, KSI_PKICertificate **cert) {
int res = KSI_UNKNOWN_ERROR;
PCCERT_CONTEXT x509 = NULL;
KSI_PKICertificate *tmp = NULL;
char buf[1024];
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || der == NULL || der_len == 0 || cert == NULL){
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
if (der_len > UINT_MAX) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Length is more than MAX_INT.");
goto cleanup;
}
x509 = CertCreateCertificateContext(X509_ASN_ENCODING, der, (unsigned)der_len);
if (x509 == NULL) {
DWORD error = GetLastError();
const char *errmsg = getMSError(GetLastError(), buf, sizeof(buf));
KSI_LOG_debug(ctx, "%s", errmsg);
if (error == CRYPT_E_ASN1_EOD)
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Invalid PKI certificate. ASN.1 unexpected end of data.");
else if (error == CRYPT_E_ASN1_MEMORY )
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
else
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, errmsg);
goto cleanup;
}
tmp = KSI_new(KSI_PKICertificate);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->x509 = x509;
x509 = NULL;
*cert = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
if (x509 != NULL) CertFreeCertificateContext(x509);
KSI_PKICertificate_free(tmp);
return res;
}
static int sendRequest(KSI_NetworkClient *client, KSI_RequestHandle *handle, char *host, unsigned port) {
int res;
TcpClientCtx *tc = NULL;
if (handle == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(handle->ctx);
if (client == NULL || host == NULL) {
KSI_pushError(handle->ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
tc = KSI_new(TcpClientCtx);
if (tc == NULL) {
KSI_pushError(handle->ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tc->host = NULL;
tc->port = 0;
KSI_LOG_debug(handle->ctx, "Tcp: Sending request to: %s:%u", host, port);
res = KSI_strdup(host, &tc->host);
if (res != KSI_OK) {
KSI_pushError(handle->ctx, res, NULL);
goto cleanup;
}
tc->port = port;
handle->readResponse = readResponse;
handle->client = client;
res = KSI_RequestHandle_setImplContext(handle, tc, (void (*)(void *))TcpClientCtx_free);
if (res != KSI_OK) {
KSI_pushError(handle->ctx, res, NULL);
goto cleanup;
}
tc = NULL;
res = KSI_OK;
cleanup:
TcpClientCtx_free(tc);
return res;
}
int KSI_DataHash_fromDigest(KSI_CTX *ctx, KSI_HashAlgorithm algo_id, const unsigned char *digest, size_t digest_length, KSI_DataHash **hash) {
int res = KSI_UNKNOWN_ERROR;
KSI_DataHash *tmp_hash = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || digest == NULL || digest_length == 0 || hash == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
/* Make sure the algorithm is supported. */
if (!KSI_isHashAlgorithmSupported(algo_id)) {
KSI_pushError(ctx, res = KSI_UNAVAILABLE_HASH_ALGORITHM, "Hash algorithm not supported.");
goto cleanup;
}
/* Verify the length of the digest with the algorithm. */
if (KSI_getHashLength(algo_id) != digest_length) {
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "Digest length does not match with algorithm.");
goto cleanup;
}
/* Make sure it fits. */
if (digest_length > KSI_MAX_IMPRINT_LEN) {
KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, "Internal buffer too short to hold imprint");
goto cleanup;
}
tmp_hash = KSI_new(KSI_DataHash);
if (tmp_hash == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp_hash->ref = 1;
tmp_hash->ctx = ctx;
tmp_hash->imprint[0] = (unsigned char)algo_id;
memcpy(tmp_hash->imprint + 1, digest, digest_length);
tmp_hash->imprint_length = digest_length + 1;
*hash = tmp_hash;
tmp_hash = NULL;
res = KSI_OK;
cleanup:
KSI_DataHash_free(tmp_hash);
return res;
}
static int TcpClient_Endpoint_new(TcpClient_Endpoint **t) {
TcpClient_Endpoint *tmp = NULL;
if (t == NULL) return KSI_INVALID_ARGUMENT;
tmp = KSI_new(TcpClient_Endpoint);
if (tmp == NULL) return KSI_OUT_OF_MEMORY;
tmp->host = NULL;
tmp->port = 0;
*t = tmp;
return KSI_OK;
}
int KSI_Utf8String_new(KSI_CTX *ctx, const char *str, size_t len, KSI_Utf8String **o) {
int res = KSI_UNKNOWN_ERROR;
KSI_Utf8String *tmp = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || str == NULL || o == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
tmp = KSI_new(KSI_Utf8String);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->value = NULL;
tmp->ref = 1;
/* Verify that it is a null-terminated string. */
if (len == 0 || str[len - 1] != '\0') {
KSI_pushError(ctx, res = KSI_INVALID_FORMAT, "String value is not null-terminated.");
goto cleanup;
}
/* Verify correctness of utf-8 */
res = verifyUtf8((const unsigned char *)str, len);
if (res != KSI_OK) goto cleanup;
tmp->value = KSI_malloc(len);
if (tmp->value == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
memcpy(tmp->value, str, len);
tmp->len = len;
*o = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_Utf8String_free(tmp);
return res;
}
static int KSI_Signature_new(KSI_CTX *ctx, KSI_Signature **sig) {
int res = KSI_UNKNOWN_ERROR;
KSI_Signature *tmp = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || sig == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
tmp = KSI_new(KSI_Signature);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->ref = 1;
tmp->calendarChain = NULL;
tmp->baseTlv = NULL;
tmp->publication = NULL;
tmp->aggregationChainList = NULL;
tmp->aggregationAuthRec = NULL;
tmp->aggregationChainList = NULL;
tmp->calendarAuthRec = NULL;
tmp->rfc3161 = NULL;
tmp->publication = NULL;
tmp->replaceCalendarChain = replaceCalendarChain;
res = KSI_VerificationResult_init(&tmp->verificationResult, ctx);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
tmp->policyVerificationResult = NULL;
*sig = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_Signature_free(tmp);
return res;
}
int KSI_PKITruststore_new(KSI_CTX *ctx, int setDefaults, KSI_PKITruststore **trust) {
int res = KSI_UNKNOWN_ERROR;
KSI_PKITruststore *tmp = NULL;
HCERTSTORE collectionStore = NULL;
char buf[1024];
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || trust == NULL){
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
res = KSI_CTX_registerGlobals(ctx, cryptopapiGlobal_init, cryptopapiGlobal_cleanup);
if (res != KSI_OK){
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
//TODO: Will be removed
/*Open certificate store as collection of other stores*/
collectionStore = CertOpenStore(CERT_STORE_PROV_COLLECTION, PKCS_7_ASN_ENCODING | X509_ASN_ENCODING, 0, 0, NULL);
if (collectionStore == NULL) {
KSI_LOG_debug(ctx, "%s", getMSError(GetLastError(), buf, sizeof(buf)));
KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, NULL);
goto cleanup;
}
tmp = KSI_new(KSI_PKITruststore);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->collectionStore = collectionStore;
*trust = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_PKITruststore_free(tmp);
return res;
}
int KSI_PKISignature_new(KSI_CTX *ctx, const void *raw, unsigned raw_len, KSI_PKISignature **signature) {
int res = KSI_UNKNOWN_ERROR;
KSI_PKISignature *tmp = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || raw == NULL || raw_len == 0 || signature == NULL){
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
tmp = KSI_new(KSI_PKISignature);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->pkcs7.pbData = NULL;
tmp->pkcs7.cbData = 0;
if (raw_len > UINT_MAX) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Length is more than MAX_INT.");
goto cleanup;
}
tmp->pkcs7.pbData = KSI_malloc(raw_len);
if (tmp->pkcs7.pbData == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->pkcs7.cbData = raw_len;
memcpy(tmp->pkcs7.pbData, raw, raw_len);
*signature = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_PKISignature_free(tmp);
return res;
}
static int CRYPTO_HASH_CTX_new(CRYPTO_HASH_CTX **cryptoCTX){
CRYPTO_HASH_CTX *tmp_crypto_ctx = NULL;
int res = KSI_UNKNOWN_ERROR;
tmp_crypto_ctx = KSI_new(CRYPTO_HASH_CTX);
if (tmp_crypto_ctx == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
tmp_crypto_ctx->pt_CSP = 0;
tmp_crypto_ctx->pt_hHash = 0;
*cryptoCTX = tmp_crypto_ctx;
tmp_crypto_ctx = NULL;
res = KSI_OK;
cleanup:
CRYPTO_HASH_CTX_free(tmp_crypto_ctx);
return res;
}
int KSI_OctetString_new(KSI_CTX *ctx, const unsigned char *data, size_t data_len, KSI_OctetString **o) {
int res = KSI_UNKNOWN_ERROR;
KSI_OctetString *tmp = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || (data == NULL && data_len != 0) || o == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
tmp = KSI_new(KSI_OctetString);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->data = NULL;
tmp->data_len = data_len;
tmp->ref = 1;
if (data_len > 0) {
tmp->data = KSI_malloc(data_len);
if (tmp->data == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
memcpy(tmp->data, data, data_len);
}
*o = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_OctetString_free(tmp);
return res;
}
int KSI_DataHasher_close(KSI_DataHasher *hasher, KSI_DataHash **data_hash) {
int res = KSI_UNKNOWN_ERROR;
KSI_DataHash *hsh = NULL;
if (hasher == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(hasher->ctx);
hsh = KSI_new(KSI_DataHash);
if (hsh == NULL) {
KSI_pushError(hasher->ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
hsh->ref = 1;
hsh->ctx = hasher->ctx;
res = hasher->closeExisting(hasher, hsh);
if (res != KSI_OK) {
KSI_pushError(hasher->ctx, res, NULL);
goto cleanup;
}
if (data_hash != NULL) {
*data_hash = hsh;
hsh = NULL;
}
res = KSI_OK;
cleanup:
KSI_DataHash_free(hsh);
return res;
}
int KSI_SignatureBuilder_open(KSI_CTX *ctx, KSI_SignatureBuilder **builder) {
int res = KSI_UNKNOWN_ERROR;
KSI_SignatureBuilder *tmp = NULL;
if (ctx == NULL || builder == NULL) {
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
KSI_ERR_clearErrors(ctx);
tmp = KSI_new(KSI_SignatureBuilder);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->ctx = ctx;
tmp->noVerify = 0;
tmp->sig = NULL;
res = KSI_Signature_new(ctx, &tmp->sig);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
*builder = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_SignatureBuilder_free(tmp);
return res;
}
int KSI_Integer_new(KSI_CTX *ctx, KSI_uint64_t value, KSI_Integer **o) {
int res = KSI_UNKNOWN_ERROR;
KSI_Integer *tmp = NULL;
static size_t poolSize = sizeof(integerPool) / sizeof(KSI_Integer);
KSI_ERR_clearErrors(ctx);
if (o == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
if (value < poolSize) {
tmp = integerPool + value;
} else {
tmp = KSI_new(KSI_Integer);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp->staticAlloc = 0;
tmp->value = value;
tmp->ref = 1;
}
*o = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_Integer_free(tmp);
return res;
}
int KSI_HttpClient_new(KSI_CTX *ctx, KSI_HttpClient **http) {
int res = KSI_UNKNOWN_ERROR;
KSI_HttpClient *tmp = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || http == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
tmp = KSI_new(KSI_HttpClient);
if (tmp == NULL) {
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
goto cleanup;
}
res = KSI_HttpClient_init(ctx, tmp);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
*http = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
KSI_HttpClient_free(tmp);
return res;
}
int KSI_HmacHasher_open(KSI_CTX *ctx, KSI_HashAlgorithm algo_id, const char *key, KSI_HmacHasher **hasher) {
int res = KSI_UNKNOWN_ERROR;
KSI_HmacHasher *tmp_hasher = NULL;
KSI_DataHash *hashedKey = NULL;
unsigned blockSize = 0;
size_t key_len;
const unsigned char *bufKey = NULL;
size_t buf_len;
const unsigned char *digest = NULL;
size_t digest_len = 0;
size_t i;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || key == NULL || hasher == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
key_len = strlen(key);
if (key_len == 0 || key_len > 0xffff) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "Invalid key length.");
goto cleanup;
}
blockSize = KSI_HashAlgorithm_getBlockSize(algo_id);
if (blockSize == 0) {
KSI_pushError(ctx, res = KSI_UNKNOWN_ERROR, "Unknown buffer length for hash algorithm.");
goto cleanup;
}
if (KSI_getHashLength(algo_id) > MAX_BUF_LEN || blockSize > MAX_BUF_LEN) {
KSI_pushError(ctx, res = KSI_BUFFER_OVERFLOW, "Internal buffer too short to calculate HMAC.");
goto cleanup;
}
tmp_hasher = KSI_new(KSI_HmacHasher);
if (tmp_hasher == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
/* Open the data hasher. */
res = KSI_DataHasher_open(ctx, algo_id, &tmp_hasher->dataHasher);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
tmp_hasher->ctx = ctx;
tmp_hasher->blockSize = blockSize;
/* Prepare the key for hashing. */
/* If the key is longer than 64, hash it. If the key or its hash is shorter than 64 bit, append zeros. */
if (key_len > blockSize) {
res = KSI_DataHasher_add(tmp_hasher->dataHasher, key, key_len);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = KSI_DataHasher_close(tmp_hasher->dataHasher, &hashedKey);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = KSI_DataHash_extract(hashedKey, NULL, &digest, &digest_len);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
if (digest == NULL || digest_len > blockSize) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, "The hash of the key is invalid");
goto cleanup;
}
bufKey = digest;
buf_len = digest_len;
} else {
bufKey = (const unsigned char *) key;
buf_len = key_len;
}
for (i = 0; i < buf_len; i++) {
tmp_hasher->ipadXORkey[i] = 0x36 ^ bufKey[i];
tmp_hasher->opadXORkey[i] = 0x5c ^ bufKey[i];
}
for (; i < blockSize; i++) {
tmp_hasher->ipadXORkey[i] = 0x36;
tmp_hasher->opadXORkey[i] = 0x5c;
}
res = KSI_HmacHasher_reset(tmp_hasher);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
*hasher = tmp_hasher;
tmp_hasher = NULL;
res = KSI_OK;
cleanup:
KSI_DataHash_free(hashedKey);
KSI_HmacHasher_free(tmp_hasher);
return res;
}
int KSI_TcpClient_new(KSI_CTX *ctx, KSI_NetworkClient **tcp) {
int res;
KSI_NetworkClient *tmp = NULL;
KSI_TcpClient *t = NULL;
TcpClient_Endpoint *endp_aggr = NULL;
TcpClient_Endpoint *endp_ext = NULL;
TcpClient_Endpoint *endp_pub = NULL;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || tcp == NULL) {
KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL);
goto cleanup;
}
res = KSI_AbstractNetworkClient_new(ctx, &tmp);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
t = KSI_new(KSI_TcpClient);
if (tmp == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
t->sendRequest = sendRequest;
t->transferTimeoutSeconds = 10;
t->http = NULL;
res = KSI_HttpClient_new(ctx, &t->http);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
/* Create implementations for abstract endpoints. */
res = TcpClient_Endpoint_new(&endp_aggr);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = TcpClient_Endpoint_new(&endp_ext);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
res = TcpClient_Endpoint_new(&endp_pub);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
/* Set implementations for abstract endpoints. */
res = KSI_NetEndpoint_setImplContext(tmp->aggregator, endp_aggr, (void (*)(void*))TcpClient_Endpoint_free);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
endp_aggr = NULL;
res = KSI_NetEndpoint_setImplContext(tmp->extender, endp_ext, (void (*)(void*))TcpClient_Endpoint_free);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
endp_ext = NULL;
res = KSI_NetEndpoint_setImplContext(tmp->publicationsFile, endp_pub, (void (*)(void*))TcpClient_Endpoint_free);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
endp_pub = NULL;
tmp->sendExtendRequest = prepareExtendRequest;
tmp->sendSignRequest = prepareAggregationRequest;
tmp->sendPublicationRequest = sendPublicationRequest;
tmp->implFree = (void (*)(void *))tcpClient_free;
tmp->requestCount = 0;
tmp->impl = t;
t = NULL;
*tcp = tmp;
tmp = NULL;
res = KSI_OK;
cleanup:
tcpClient_free(t);
KSI_NetworkClient_free(tmp);
TcpClient_Endpoint_free(endp_aggr);
TcpClient_Endpoint_free(endp_ext);
TcpClient_Endpoint_free(endp_pub);
return res;
}
int KSI_CTX_new(KSI_CTX **context) {
int res = KSI_UNKNOWN_ERROR;
KSI_CTX *ctx = NULL;
KSI_NetworkClient *client = NULL;
ctx = KSI_new(KSI_CTX);
if (ctx == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
/* Init error stack */
ctx->errors_size = KSI_ERR_STACK_LEN;
ctx->errors = KSI_malloc(sizeof(KSI_ERR) * ctx->errors_size);
if (ctx->errors == NULL) {
res = KSI_OUT_OF_MEMORY;
goto cleanup;
}
ctx->errors_count = 0;
ctx->publicationsFile = NULL;
ctx->pkiTruststore = NULL;
ctx->netProvider = NULL;
ctx->publicationCertEmail_DEPRECATED = NULL;
ctx->loggerCB = NULL;
ctx->requestHeaderCB = NULL;
ctx->flags[KSI_CTX_FLAG_AGGR_PDU_VER] = KSI_AGGREGATION_PDU_VERSION;
ctx->flags[KSI_CTX_FLAG_EXT_PDU_VER] = KSI_EXTENDING_PDU_VERSION;
ctx->loggerCtx = NULL;
ctx->certConstraints = NULL;
ctx->freeCertConstraintsArray = freeCertConstraintsArray;
ctx->lastFailedSignature = NULL;
KSI_ERR_clearErrors(ctx);
/* Create global cleanup list as the first thing. */
res = KSI_List_new(NULL, &ctx->cleanupFnList);
if (res != KSI_OK) goto cleanup;
/* Create and set the logger. */
res = KSI_CTX_setLoggerCallback(ctx, KSI_LOG_StreamLogger, stdout);
if (res != KSI_OK) goto cleanup;
res = KSI_CTX_setLogLevel(ctx, KSI_LOG_NONE);
if (res != KSI_OK) goto cleanup;
res = KSI_UriClient_new(ctx, &client);
if (res != KSI_OK) goto cleanup;
res = KSI_CTX_setNetworkProvider(ctx, client);
if (res != KSI_OK) goto cleanup;
ctx->isCustomNetProvider = 0;
client = NULL;
/* Initialize truststore. */
res = KSI_PKITruststore_registerGlobals(ctx);
if (res != KSI_OK) goto cleanup;
/* Return the context. */
*context = ctx;
ctx = NULL;
res = KSI_OK;
cleanup:
KSI_NetworkClient_free(client);
KSI_CTX_free(ctx);
return res;
}
int KSI_DataHasher_open(KSI_CTX *ctx, KSI_HashAlgorithm algo_id, KSI_DataHasher **hasher) {
int res = KSI_UNKNOWN_ERROR;
KSI_DataHasher *tmp_hasher = NULL;
CRYPTO_HASH_CTX *tmp_cryptoCTX = NULL;
HCRYPTPROV tmp_CSP = 0;
KSI_ERR_clearErrors(ctx);
if (ctx == NULL || hasher == NULL){
res = KSI_INVALID_ARGUMENT;
goto cleanup;
}
/*Test if hash algorithm is valid*/
if (!KSI_isHashAlgorithmSupported(algo_id)) {
KSI_pushError(ctx, res = KSI_UNAVAILABLE_HASH_ALGORITHM, NULL);
goto cleanup;
}
/*Create new abstract data hasher object*/
tmp_hasher = KSI_new(KSI_DataHasher);
if (tmp_hasher == NULL) {
KSI_pushError(ctx, res = KSI_OUT_OF_MEMORY, NULL);
goto cleanup;
}
tmp_hasher->hashContext = NULL;
tmp_hasher->ctx = ctx;
tmp_hasher->algorithm = algo_id;
tmp_hasher->closeExisting = closeExisting;
/*Create new helper context for crypto api*/
res = CRYPTO_HASH_CTX_new(&tmp_cryptoCTX);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
/*Create new crypto service provider (CSP)*/
if (!CryptAcquireContext(&tmp_CSP, NULL, NULL, PROV_RSA_AES, CRYPT_VERIFYCONTEXT)){
char errm[1024];
KSI_snprintf(errm, sizeof(errm), "Wincrypt Error (%d)", GetLastError());
KSI_pushError(ctx, res = KSI_CRYPTO_FAILURE, errm);
goto cleanup;
}
/*Set CSP in helper struct*/
tmp_cryptoCTX->pt_CSP = tmp_CSP;
/*Set helper struct in abstract struct*/
tmp_hasher->hashContext = tmp_cryptoCTX;
res = KSI_DataHasher_reset(tmp_hasher);
if (res != KSI_OK) {
KSI_pushError(ctx, res, NULL);
goto cleanup;
}
*hasher = tmp_hasher;
tmp_hasher = NULL;
tmp_cryptoCTX = NULL;
tmp_CSP = 0;
res = KSI_OK;
cleanup:
KSI_DataHasher_free(tmp_hasher);
if (tmp_CSP) CryptReleaseContext(tmp_CSP, 0);
CRYPTO_HASH_CTX_free(tmp_cryptoCTX);
return res;
}
