KEYPAIR request::CreateKeyPair(unsigned int KeyLength) const
{
PSTR pPrivateKey = NULL;
PSTR pPublicKey = NULL;
KEYPAIR result;
DWORD dwError = VMCACreatePrivateKey(NULL, KeyLength, &pPrivateKey, &pPublicKey);
BAIL_ON_ERROR(dwError);
result.privatekey.assign(pPrivateKey);
result.publickey.assign(pPublicKey);
error:
if (pPrivateKey != NULL) {
VMCAFreeKey(pPrivateKey);
}
if ( pPublicKey != NULL) {
VMCAFreeKey(pPublicKey);
}
THROW_IF_NEEDED(dwError);
return result;
}
std::string client::GetVersion()
{
PSTR pVersion = NULL;
DWORD dwError = 0;
std::string result;
dwError = VMCAGetServerVersionA(ServerName.c_str(), &pVersion);
BAIL_ON_ERROR(dwError);
result.assign (pVersion);
error :
if (pVersion != NULL) {
VMCAFreeKey(pVersion);
}
THROW_IF_NEEDED(dwError);
return result;
}
std::string VMCAClient::GetVersion()
{
PSTR pVersion = NULL;
DWORD dwError = 0;
std::string result;
dwError = VMCAGetServerVersionHA(
_pServerContext->getContext(),
_pServerContext->getNetworkAddress().c_str(),
&pVersion);
BAIL_ON_ERROR(dwError);
result.assign (pVersion);
error :
if (pVersion != NULL) {
VMCAFreeKey(pVersion);
}
THROW_IF_NEEDED(dwError);
return result;
}
std::string certificate::print()
{
DWORD dwError = 0;
PSTR pCertString = NULL;
std::string result;
dwError = VMCAGetCertificateAsStringA(
(PVMCA_CERTIFICATE)certString.c_str(),
&pCertString);
BAIL_ON_ERROR(dwError);
result.assign(pCertString);
error :
if(pCertString) {
// I know that this is not a KEY, But I just want to free a simple
// string and VMCAFreeKey is just a free String internally.
// TODO : Expose VMCA_SAFE_FREE_STRINGA from VMCA.h
VMCAFreeKey(pCertString);
}
THROW_IF_NEEDED(dwError);
return result;
}
DWORD
VMCASrvInitCA(
VOID
)
{
DWORD dwError = 0;
PVMCA_CERTIFICATE pRootCACert = NULL;
PVMCA_KEY pPrivateKey = NULL;
PSTR pszRootCertFile = NULL;
PSTR pszPrivateKeyFile = NULL;
PSTR pszPasswordFile = NULL;
PVMCA_X509_CA pCA = NULL;
DWORD dwCRLNumberCurrent = 0;
BOOL bIsHoldingMutex = FALSE;
dwError = VMCAGetRootCertificateFilePath(&pszRootCertFile);
BAIL_ON_VMCA_ERROR(dwError);
dwError = VMCAGetPrivateKeyPath(&pszPrivateKeyFile);
BAIL_ON_VMCA_ERROR(dwError);
dwError = VMCAGetPrivateKeyPasswordPath(&pszPasswordFile);
BAIL_ON_VMCA_ERROR(dwError);
dwError = VMCAReadCertificateChainFromFile(pszRootCertFile,&pRootCACert);
BAIL_ON_VMCA_ERROR(dwError);
//
// TODO : Support Passwords for private key
//
dwError = VMCAReadPrivateKeyFromFilePrivate(
pszPrivateKeyFile,
NULL,
&pPrivateKey);
BAIL_ON_VMCA_ERROR(dwError);
dwError = VMCAValidateCACertificatePrivate(
(LPSTR) pRootCACert,
NULL,
pPrivateKey);
BAIL_ON_VMCA_ERROR(dwError);
dwError = VMCACreateCA( pRootCACert, pPrivateKey, NULL, &pCA);
BAIL_ON_VMCA_ERROR(dwError);
if (BN_num_bits(pCA->pKey->pkey.rsa->n) < VMCA_MIN_CA_CERT_PRIV_KEY_LENGTH)
{
dwError = VMCA_ERROR_INVALID_KEY_LENGTH;
BAIL_ON_VMCA_ERROR(dwError);
}
dwError = VMCASrvSetCA(pCA);
BAIL_ON_VMCA_ERROR(dwError);
pthread_mutex_lock (&gVMCAServerGlobals.mutexCRL);
bIsHoldingMutex = TRUE;
dwError = VmcaDbGetCurrentCRLNumber(&dwCRLNumberCurrent);
if (dwError == ERROR_OBJECT_NOT_FOUND)
{
dwError = 0;
dwCRLNumberCurrent = 0;
}
BAIL_ON_VMCA_ERROR (dwError);
gVMCAServerGlobals.dwCurrentCRLNumber = dwCRLNumberCurrent;
pthread_mutex_unlock (&gVMCAServerGlobals.mutexCRL);
bIsHoldingMutex = FALSE;
error:
if ( pPrivateKey != NULL )
{
VMCAFreeKey(pPrivateKey);
}
if (pRootCACert != NULL)
{
VMCAFreeCertificate(pRootCACert);
}
if (bIsHoldingMutex)
{
pthread_mutex_unlock(&gVMCAServerGlobals.mutexCRL);
}
VMCA_SAFE_FREE_STRINGA(pszRootCertFile);
VMCA_SAFE_FREE_STRINGA(pszPrivateKeyFile);
VMCA_SAFE_FREE_STRINGA(pszPasswordFile);
if (pCA)
{
VMCAReleaseCA(pCA);
}
return dwError;
}