// Read the certificate object X *ReadSecCertFromObject(SECURE *sec, SEC_OBJ *obj) { UINT size; X *x; UCHAR value[4096]; BUF *b; CK_ATTRIBUTE get[] = { {CKA_VALUE, value, sizeof(value)}, }; // Validate arguments if (sec == NULL) { return false; } if (sec->SessionCreated == false) { sec->Error = SEC_ERROR_NO_SESSION; return false; } if (sec->LoginFlag == false && obj->Private) { sec->Error = SEC_ERROR_NOT_LOGIN; return false; } if (obj->Type != SEC_X) { sec->Error = SEC_ERROR_BAD_PARAMETER; return false; } // Acquisition if (sec->Api->C_GetAttributeValue( sec->SessionId, obj->Object, get, sizeof(get) / sizeof(get[0])) != CKR_OK) { sec->Error = SEC_ERROR_HARDWARE_ERROR; return 0; } size = A_SIZE(get, 0); // Conversion b = NewBuf(); WriteBuf(b, value, size); SeekBuf(b, 0, 0); x = BufToX(b, false); if (x == NULL) { sec->Error = SEC_ERROR_INVALID_CERT; } FreeBuf(b); return x; }
// Read the configuration file bool NiLoadConfig(NAT *n, FOLDER *root) { FOLDER *host; BUF *b; // Validate arguments if (n == NULL || root == NULL) { return false; } host = CfgGetFolder(root, "VirtualHost"); if (host == NULL) { return false; } CfgGetByte(root, "HashedPassword", n->HashedPassword, sizeof(n->HashedPassword)); n->AdminPort = CfgGetInt(root, "AdminPort"); n->Online = CfgGetBool(root, "Online"); b = CfgGetBuf(root, "AdminCert"); if (b != NULL) { n->AdminX = BufToX(b, false); FreeBuf(b); } b = CfgGetBuf(root, "AdminKey"); if (b != NULL) { n->AdminK = BufToK(b, true, false, NULL); FreeBuf(b); } NiLoadVhOption(n, root); NiLoadClientData(n, root); return true; }
// Parse the packet bool WpcParsePacket(WPC_PACKET *packet, BUF *buf) { LIST *o; BUF *b; bool ret = false; UCHAR hash[SHA1_SIZE]; // Validate arguments if (packet == NULL || buf == NULL) { return false; } Zero(packet, sizeof(WPC_PACKET)); o = WpcParseDataEntry(buf); b = WpcDataEntryToBuf(WpcFindDataEntry(o, "PACK")); if (b != NULL) { HashSha1(hash, b->Buf, b->Size); packet->Pack = BufToPack(b); FreeBuf(b); if (packet->Pack != NULL) { BUF *b; ret = true; b = WpcDataEntryToBuf(WpcFindDataEntry(o, "HASH")); if (b != NULL) { if (b->Size != SHA1_SIZE || Cmp(b->Buf, hash, SHA1_SIZE) != 0) { ret = false; FreePack(packet->Pack); } else { BUF *b; Copy(packet->Hash, hash, SHA1_SIZE); b = WpcDataEntryToBuf(WpcFindDataEntry(o, "CERT")); if (b != NULL) { X *cert = BufToX(b, false); if (cert == NULL) { ret = false; FreePack(packet->Pack); } else { BUF *b = WpcDataEntryToBuf(WpcFindDataEntry(o, "SIGN")); if (b == NULL || (b->Size != 128)) { ret = false; FreeX(cert); FreePack(packet->Pack); } else { K *k = GetKFromX(cert); if (RsaVerify(hash, SHA1_SIZE, b->Buf, k) == false) { ret = false; FreeX(cert); FreePack(packet->Pack); } else { packet->Cert = cert; Copy(packet->Sign, b->Buf, 128); } FreeK(k); } FreeBuf(b); } FreeBuf(b); } } FreeBuf(b); } } } WpcFreeDataEntryList(o); return ret; }