DWORD
VecsCliCreateStoreA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName
)
{
DWORD dwError = 0;
if (IsNullOrEmptyString(pszStoreName))
{
fprintf(
stderr,
"Error : An invalid store name [%s] was specified \n",
VMAFD_SAFE_STRING(pszStoreName));
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VecsCreateCertStoreHA(
pServer,
pszStoreName,
NULL,
NULL);
BAIL_ON_VMAFD_ERROR(dwError);
fprintf(stdout, "Successfully created store [%s]\n", pszStoreName);
cleanup:
return dwError;
error:
goto cleanup;
}
static
DWORD
ProcessInfo(
int argc,
char* argv[]
)
{
DWORD dwError = 0;
PSTR pszDomain = NULL;
BOOLEAN bIsDC = FALSE;
dwError = VmAfdGetJoinStatus(&pszDomain, &bIsDC);
if (dwError == ERROR_NOT_JOINED)
{
dwError = ERROR_SUCCESS;
}
BAIL_ON_VMAFD_ERROR(dwError);
printf("Domain : %s\n", VMAFD_SAFE_STRING(pszDomain));
if (bIsDC)
{
printf("Domain controller : TRUE\n");
}
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszDomain);
return dwError;
error:
goto cleanup;
}
DWORD
VecsCliDeleteEntryA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword,
PCSTR pszAlias
)
{
DWORD dwError = 0;
PVECS_STORE pStore = NULL;
if (IsNullOrEmptyString(pszStoreName) ||
IsNullOrEmptyString(pszAlias)
)
{
fprintf(
stderr,
"Error : An invalid store name [%s] was specified\n ",
VMAFD_SAFE_STRING(pszStoreName));
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VecsOpenCertStoreHA(
pServer,
pszStoreName,
pszPassword,
&pStore);
BAIL_ON_VECS_CLI_ERROR (dwError, "Failed to open the store");
dwError = VecsDeleteEntryA(
pStore,
pszAlias
);
BAIL_ON_VMAFD_ERROR (dwError);
fprintf (
stdout,
"Deleted entry with alias [%s] in store [%s] successfully\n ",
pszAlias,
pszStoreName
);
cleanup:
if (pStore)
{
VecsCloseCertStore(pStore);
}
return dwError;
error:
goto cleanup;
}
DWORD
VecsCliDeleteStoreA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword
)
{
DWORD dwError = 0;
if (IsNullOrEmptyString(pszStoreName))
{
fprintf(
stderr,
"Error : An invalid store name [%s] was specified \n",
VMAFD_SAFE_STRING(pszStoreName));
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VecsDeleteCertStoreHA(
pServer,
pszStoreName);
if (dwError == ERROR_OBJECT_NOT_FOUND )
{
fprintf(stderr, "Error : Store [%s] does not exist\n", VMAFD_SAFE_STRING(pszStoreName));
BAIL_ON_VMAFD_ERROR(dwError);
}
BAIL_ON_VMAFD_ERROR(dwError);
fprintf(stdout, "Successfully deleted store [%s]\n", pszStoreName);
cleanup:
return dwError;
error:
goto cleanup;
}
DWORD VecsCliGetKeyA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword,
PCSTR pszAlias,
PCSTR pszOutputFilePath,
DWORD dwFormatAsText,
PCSTR pszKeyPassword
)
{
DWORD dwError = 0;
PVECS_STORE pStore = NULL;
PVECS_CERT_ENTRY_A pCertEntry = NULL;
PSTR pszKey = NULL;
FILE *stream = NULL;
if (IsNullOrEmptyString(pszStoreName) ||
IsNullOrEmptyString(pszAlias)
)
{
fprintf (
stderr,
"Error: The store name [%s] or the Alias [%s] is invalid \n",
VMAFD_SAFE_STRING(pszStoreName),
VMAFD_SAFE_STRING(pszAlias)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsOpenCertStoreHA(
pServer,
pszStoreName,
pszPassword,
&pStore
);
BAIL_ON_VECS_CLI_ERROR (dwError, "Failed to open the store.");
dwError = VecsGetEntryByAliasA(
pStore,
pszAlias,
ENTRY_INFO_LEVEL_1,
&pCertEntry
);
BAIL_ON_VMAFD_ERROR (dwError);
if (pCertEntry->entryType == CERT_ENTRY_TYPE_TRUSTED_CERT)
{
fprintf (
stderr,
"Error: No key was found for entry [%s] of type [%s]\n",
pszAlias,
VecsMapEntryType (CERT_ENTRY_TYPE_TRUSTED_CERT)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsGetKeyByAliasA(
pStore,
pszAlias,
pszKeyPassword,
&pszKey
);
BAIL_ON_VMAFD_ERROR (dwError);
if (!(IsNullOrEmptyString(pszOutputFilePath)))
{
dwError = VmAfdOpenFilePath(pszOutputFilePath, "w+", &stream, 0);
BAIL_ON_VMAFD_ERROR (dwError);
}
if (dwFormatAsText)
{
dwError = VecsCliPrintKey(pszKey);
BAIL_ON_VMAFD_ERROR (dwError);
}
if (stream)
{
fprintf(
stream,
"%s\n",
pszKey?pszKey:""
);
fclose(stream);
stream = NULL;
dwError = VmAfdRestrictFilePermissionToSelf(pszOutputFilePath);
BAIL_ON_VMAFD_ERROR(dwError);
}
else if (!dwFormatAsText)
{
fprintf (
stdout,
"%s\n",
pszKey?pszKey:""
);
}
cleanup:
VMAFD_SAFE_FREE_MEMORY(pszKey);
if (pStore)
{
VecsCloseCertStore (pStore);
}
return dwError;
error:
if (stream)
{
fclose(stream);
}
goto cleanup;
}
DWORD
VecsCliAddEntryA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword,
PCSTR pszAlias,
PCSTR pszCertFilePath,
PCSTR pszKeyFilePath,
PCSTR pszKeyPassword
)
{
DWORD dwError = 0;
PVECS_STORE pStore = NULL;
PSTR pszCertificate = NULL;
PSTR pszKey = NULL;
PSTR pszAliasUsed = NULL;
CERT_ENTRY_TYPE entryType = CERT_ENTRY_TYPE_UNKNOWN;
if (IsNullOrEmptyString(pszStoreName))
{
fprintf (
stderr,
"Error: The store name [%s] is invalid \n",
VMAFD_SAFE_STRING(pszStoreName)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
if (pszCertFilePath)
{
dwError = VecsCliReadFromFile (
pszCertFilePath,
&pszCertificate
);
BAIL_ON_VMAFD_ERROR (dwError);
}
if (pszKeyFilePath)
{
dwError = VecsCliReadFromFile (
pszKeyFilePath,
&pszKey
);
BAIL_ON_VMAFD_ERROR (dwError);
}
dwError = VecsCliGetEntryType(
pszCertificate,
pszKey,
&entryType
);
BAIL_ON_VMAFD_ERROR (dwError);
if (entryType == CERT_ENTRY_TYPE_SECRET_KEY &&
IsNullOrEmptyString (pszAlias)
)
{
fprintf(
stderr,
"Error: The alias [%s] is invalid \n",
VMAFD_SAFE_STRING(pszAlias)
);
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR (dwError);
}
else if (IsNullOrEmptyString (pszAlias))
{
dwError = VecsComputeCertAliasA(
pszCertificate,
&pszAliasUsed
);
BAIL_ON_VECS_CLI_ERROR (dwError, "Could not generate alias from certificate");
}
dwError = VecsOpenCertStoreHA(
pServer,
pszStoreName,
pszPassword,
&pStore
);
BAIL_ON_VECS_CLI_ERROR (dwError, "Failed to open the store.");
dwError = VecsAddEntryA (
pStore,
entryType,
IsNullOrEmptyString(pszAlias)?pszAliasUsed:pszAlias,
pszCertificate,
pszKey,
pszKeyPassword, //PASSWORD
0 //AUTO_REFRESH
);
BAIL_ON_VMAFD_ERROR (dwError);
fprintf (
stdout,
"Entry with alias [%s] in store [%s] was created successfully \n",
IsNullOrEmptyString(pszAlias)? pszAliasUsed : pszAlias,
pszStoreName
);
cleanup:
if (pStore)
{
VecsCloseCertStore (pStore);
}
VMAFD_SAFE_FREE_MEMORY (pszCertificate);
VMAFD_SAFE_FREE_MEMORY (pszKey);
VMAFD_SAFE_FREE_MEMORY (pszAliasUsed);
return dwError;
error:
goto cleanup;
}
DWORD
VecsCliListEntriesA(
PVMAFD_SERVER pServer,
PCSTR pszStoreName,
PCSTR pszPassword,
DWORD dwFormatAsText,
DWORD dwAliasesOnly
)
{
DWORD dwError = 0;
PVECS_STORE pStore = NULL;
PVECS_ENUM_CONTEXT pEnumContext = NULL;
PVECS_CERT_ENTRY_A pCertEntryArray = NULL;
DWORD dwEntryCount = 0;
DWORD dwEntriesInStore = 0;
if (IsNullOrEmptyString(pszStoreName))
{
fprintf(
stderr,
"Error : An invalid store name [%s] was specified \n",
VMAFD_SAFE_STRING(pszStoreName));
dwError = ERROR_INVALID_PARAMETER;
BAIL_ON_VMAFD_ERROR(dwError);
}
dwError = VecsOpenCertStoreHA(
pServer,
pszStoreName,
pszPassword,
&pStore);
BAIL_ON_VMAFD_ERROR(dwError);
dwError = VecsGetEntryCount(
pStore,
&dwEntriesInStore
);
BAIL_ON_VECS_CLI_ERROR (
dwError,
"Could not retrieve number of entries in store"
);
fprintf(
stdout,
"Number of entries in store :\t%d\n",
dwEntriesInStore
);
dwError = VecsBeginEnumEntries(
pStore,
1, /* max entry count */
ENTRY_INFO_LEVEL_2,
&pEnumContext);
BAIL_ON_VMAFD_ERROR(dwError);
do
{
DWORD iEntry = 0;
if (pCertEntryArray)
{
VecsFreeCertEntryArrayA(pCertEntryArray, dwEntryCount);
pCertEntryArray = NULL;
dwEntryCount = 0;
}
dwError = VecsEnumEntriesA(
pEnumContext,
&pCertEntryArray,
&dwEntryCount);
if (dwError == ERROR_NO_MORE_ITEMS)
{
dwError = 0;
}
BAIL_ON_VMAFD_ERROR(dwError);
for (; iEntry < dwEntryCount; iEntry++)
{
PVECS_CERT_ENTRY_A pEntry = &pCertEntryArray[iEntry];
if (dwAliasesOnly)
{
fprintf (stdout, "%s\n", pEntry->pszAlias);
}
else
{
fprintf(stdout, "Alias :\t%s\n", pEntry->pszAlias);
fprintf(
stdout,
"Entry type :\t%s\n",
VecsMapEntryType(pEntry->entryType));
if (pEntry->pszCertificate && dwFormatAsText)
{
dwError = VecsPrintCertificate(pEntry->pszCertificate);
BAIL_ON_VMAFD_ERROR (dwError);
}
else
{
fprintf(
stdout,
"Certificate :\t%s\n\n",
pEntry->pszCertificate ? pEntry->pszCertificate : "");
}
}
}
} while (dwEntryCount > 0);
cleanup:
if (pCertEntryArray)
{
VecsFreeCertEntryArrayA(pCertEntryArray, dwEntryCount);
}
if (pEnumContext)
{
VecsEndEnumEntries(pEnumContext);
}
if (pStore)
{
VecsCloseCertStore(pStore);
}
return dwError;
error:
goto cleanup;
}
