// Read the certificate object
X *ReadSecCertFromObject(SECURE *sec, SEC_OBJ *obj)
{
UINT size;
X *x;
UCHAR value[4096];
BUF *b;
CK_ATTRIBUTE get[] =
{
{CKA_VALUE, value, sizeof(value)},
};
// Validate arguments
if (sec == NULL)
{
return false;
}
if (sec->SessionCreated == false)
{
sec->Error = SEC_ERROR_NO_SESSION;
return false;
}
if (sec->LoginFlag == false && obj->Private)
{
sec->Error = SEC_ERROR_NOT_LOGIN;
return false;
}
if (obj->Type != SEC_X)
{
sec->Error = SEC_ERROR_BAD_PARAMETER;
return false;
}
// Acquisition
if (sec->Api->C_GetAttributeValue(
sec->SessionId, obj->Object, get, sizeof(get) / sizeof(get[0])) != CKR_OK)
{
sec->Error = SEC_ERROR_HARDWARE_ERROR;
return 0;
}
size = A_SIZE(get, 0);
// Conversion
b = NewBuf();
WriteBuf(b, value, size);
SeekBuf(b, 0, 0);
x = BufToX(b, false);
if (x == NULL)
{
sec->Error = SEC_ERROR_INVALID_CERT;
}
FreeBuf(b);
return x;
}
// Read the configuration file
bool NiLoadConfig(NAT *n, FOLDER *root)
{
FOLDER *host;
BUF *b;
// Validate arguments
if (n == NULL || root == NULL)
{
return false;
}
host = CfgGetFolder(root, "VirtualHost");
if (host == NULL)
{
return false;
}
CfgGetByte(root, "HashedPassword", n->HashedPassword, sizeof(n->HashedPassword));
n->AdminPort = CfgGetInt(root, "AdminPort");
n->Online = CfgGetBool(root, "Online");
b = CfgGetBuf(root, "AdminCert");
if (b != NULL)
{
n->AdminX = BufToX(b, false);
FreeBuf(b);
}
b = CfgGetBuf(root, "AdminKey");
if (b != NULL)
{
n->AdminK = BufToK(b, true, false, NULL);
FreeBuf(b);
}
NiLoadVhOption(n, root);
NiLoadClientData(n, root);
return true;
}
// Parse the packet
bool WpcParsePacket(WPC_PACKET *packet, BUF *buf)
{
LIST *o;
BUF *b;
bool ret = false;
UCHAR hash[SHA1_SIZE];
// Validate arguments
if (packet == NULL || buf == NULL)
{
return false;
}
Zero(packet, sizeof(WPC_PACKET));
o = WpcParseDataEntry(buf);
b = WpcDataEntryToBuf(WpcFindDataEntry(o, "PACK"));
if (b != NULL)
{
HashSha1(hash, b->Buf, b->Size);
packet->Pack = BufToPack(b);
FreeBuf(b);
if (packet->Pack != NULL)
{
BUF *b;
ret = true;
b = WpcDataEntryToBuf(WpcFindDataEntry(o, "HASH"));
if (b != NULL)
{
if (b->Size != SHA1_SIZE || Cmp(b->Buf, hash, SHA1_SIZE) != 0)
{
ret = false;
FreePack(packet->Pack);
}
else
{
BUF *b;
Copy(packet->Hash, hash, SHA1_SIZE);
b = WpcDataEntryToBuf(WpcFindDataEntry(o, "CERT"));
if (b != NULL)
{
X *cert = BufToX(b, false);
if (cert == NULL)
{
ret = false;
FreePack(packet->Pack);
}
else
{
BUF *b = WpcDataEntryToBuf(WpcFindDataEntry(o, "SIGN"));
if (b == NULL || (b->Size != 128))
{
ret = false;
FreeX(cert);
FreePack(packet->Pack);
}
else
{
K *k = GetKFromX(cert);
if (RsaVerify(hash, SHA1_SIZE, b->Buf, k) == false)
{
ret = false;
FreeX(cert);
FreePack(packet->Pack);
}
else
{
packet->Cert = cert;
Copy(packet->Sign, b->Buf, 128);
}
FreeK(k);
}
FreeBuf(b);
}
FreeBuf(b);
}
}
FreeBuf(b);
}
}
}
WpcFreeDataEntryList(o);
return ret;
}
