static DWORD VmAfdSrvWriteRootToDisk( PCSTR pszCertificate, PCSTR pszCAPath, PCSTR pszFilename ) { DWORD dwError = 0; LONG maxIndex = -1; PSTR pszPath = NULL; PSTR pszAlias = NULL; FILE* pFile = NULL; size_t len = 0; size_t bytesToWrite = 0; BOOLEAN bCertOnDisk = FALSE; PCSTR pszCursor = NULL; dwError = VmAfdFindFileIndex(pszCAPath, pszFilename, &maxIndex); if (dwError != ERROR_FILE_NOT_FOUND) { BAIL_ON_VMAFD_ERROR(dwError); dwError = VecsComputeCertAliasA((PSTR)pszCertificate, &pszAlias); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdCheckCertOnDisk( pszAlias, pszCAPath, pszFilename, maxIndex, &bCertOnDisk); BAIL_ON_VMAFD_ERROR(dwError); if (bCertOnDisk) { goto cleanup; } } dwError = VmAfdAllocateStringPrintf( &pszPath, "%s%s%s.%ld", pszCAPath, VMAFD_PATH_SEPARATOR_STR, pszFilename, maxIndex+1); BAIL_ON_VMAFD_ERROR(dwError); dwError = VmAfdOpenFilePath(pszPath, "w", &pFile); BAIL_ON_VMAFD_ERROR(dwError); len = strlen(pszCertificate); bytesToWrite = len; pszCursor = pszCertificate; while (bytesToWrite > 0) { size_t bytesWritten = 0; if ((bytesWritten = fwrite(pszCursor, 1, len, pFile)) == 0) { #ifndef _WIN32 dwError = LwErrnoToWin32Error(errno); #else dwError = GetLastError(); #endif BAIL_ON_VMAFD_ERROR(dwError); } pszCursor += bytesWritten; bytesToWrite -= bytesWritten; } cleanup: if (pFile) { fclose(pFile); } VMAFD_SAFE_FREE_MEMORY(pszPath); VMAFD_SAFE_FREE_MEMORY(pszAlias); return dwError; error: goto cleanup; }
DWORD VecsCliAddEntryA( PVMAFD_SERVER pServer, PCSTR pszStoreName, PCSTR pszPassword, PCSTR pszAlias, PCSTR pszCertFilePath, PCSTR pszKeyFilePath, PCSTR pszKeyPassword ) { DWORD dwError = 0; PVECS_STORE pStore = NULL; PSTR pszCertificate = NULL; PSTR pszKey = NULL; PSTR pszAliasUsed = NULL; CERT_ENTRY_TYPE entryType = CERT_ENTRY_TYPE_UNKNOWN; if (IsNullOrEmptyString(pszStoreName)) { fprintf ( stderr, "Error: The store name [%s] is invalid \n", VMAFD_SAFE_STRING(pszStoreName) ); dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR (dwError); } if (pszCertFilePath) { dwError = VecsCliReadFromFile ( pszCertFilePath, &pszCertificate ); BAIL_ON_VMAFD_ERROR (dwError); } if (pszKeyFilePath) { dwError = VecsCliReadFromFile ( pszKeyFilePath, &pszKey ); BAIL_ON_VMAFD_ERROR (dwError); } dwError = VecsCliGetEntryType( pszCertificate, pszKey, &entryType ); BAIL_ON_VMAFD_ERROR (dwError); if (entryType == CERT_ENTRY_TYPE_SECRET_KEY && IsNullOrEmptyString (pszAlias) ) { fprintf( stderr, "Error: The alias [%s] is invalid \n", VMAFD_SAFE_STRING(pszAlias) ); dwError = ERROR_INVALID_PARAMETER; BAIL_ON_VMAFD_ERROR (dwError); } else if (IsNullOrEmptyString (pszAlias)) { dwError = VecsComputeCertAliasA( pszCertificate, &pszAliasUsed ); BAIL_ON_VECS_CLI_ERROR (dwError, "Could not generate alias from certificate"); } dwError = VecsOpenCertStoreHA( pServer, pszStoreName, pszPassword, &pStore ); BAIL_ON_VECS_CLI_ERROR (dwError, "Failed to open the store."); dwError = VecsAddEntryA ( pStore, entryType, IsNullOrEmptyString(pszAlias)?pszAliasUsed:pszAlias, pszCertificate, pszKey, pszKeyPassword, //PASSWORD 0 //AUTO_REFRESH ); BAIL_ON_VMAFD_ERROR (dwError); fprintf ( stdout, "Entry with alias [%s] in store [%s] was created successfully \n", IsNullOrEmptyString(pszAlias)? pszAliasUsed : pszAlias, pszStoreName ); cleanup: if (pStore) { VecsCloseCertStore (pStore); } VMAFD_SAFE_FREE_MEMORY (pszCertificate); VMAFD_SAFE_FREE_MEMORY (pszKey); VMAFD_SAFE_FREE_MEMORY (pszAliasUsed); return dwError; error: goto cleanup; }