int KSI_sendExtendRequest(KSI_CTX *ctx, KSI_ExtendReq *request, KSI_RequestHandle **handle) { int res = KSI_UNKNOWN_ERROR; KSI_RequestHandle *tmp = NULL; KSI_NetworkClient *netProvider = NULL; KSI_ERR_clearErrors(ctx); if (ctx == NULL || request == NULL || handle == NULL) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL); goto cleanup; } netProvider = ctx->netProvider; res = KSI_NetworkClient_sendExtendRequest(netProvider, request, &tmp); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } *handle = tmp; tmp = NULL; res = KSI_OK; cleanup: KSI_RequestHandle_free(tmp); return res; }
int KSI_receivePublicationsFile(KSI_CTX *ctx, KSI_PublicationsFile **pubFile) { int res = KSI_UNKNOWN_ERROR; KSI_RequestHandle *handle = NULL; const unsigned char *raw = NULL; size_t raw_len = 0; KSI_PublicationsFile *tmp = NULL; KSI_ERR_clearErrors(ctx); if (ctx == NULL || pubFile == NULL) { KSI_pushError(ctx, res = KSI_INVALID_ARGUMENT, NULL); goto cleanup; } /* TODO! Implement mechanism for reloading (e.g cache timeout) */ if (ctx->publicationsFile == NULL) { KSI_LOG_debug(ctx, "Receiving publications file."); res = KSI_sendPublicationRequest(ctx, NULL, 0, &handle); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } res = KSI_RequestHandle_perform(handle); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } res = KSI_RequestHandle_getResponse(handle, &raw, &raw_len); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } res = KSI_PublicationsFile_parse(ctx, raw, raw_len, &tmp); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } ctx->publicationsFile = tmp; tmp = NULL; KSI_LOG_debug(ctx, "Publications file received."); } *pubFile = KSI_PublicationsFile_ref(ctx->publicationsFile); res = KSI_OK; cleanup: KSI_RequestHandle_free(handle); KSI_PublicationsFile_free(tmp); return res; }
static int prepareRequest( KSI_NetworkClient *client, void *pdu, int (*serialize)(void *, unsigned char **, unsigned *), KSI_RequestHandle **handle, char *url, const char *desc) { int res = KSI_UNKNOWN_ERROR; KSI_HttpClient *http = (KSI_HttpClient *)client; KSI_RequestHandle *tmp = NULL; unsigned char *raw = NULL; unsigned raw_len = 0; if (client == NULL || pdu == NULL || handle == NULL) { res = KSI_INVALID_ARGUMENT; goto cleanup; } KSI_ERR_clearErrors(client->ctx); res = serialize(pdu, &raw, &raw_len); if (res != KSI_OK) { KSI_pushError(client->ctx, res, NULL); goto cleanup; } KSI_LOG_logBlob(client->ctx, KSI_LOG_DEBUG, desc, raw, raw_len); /* Create a new request handle */ res = KSI_RequestHandle_new(client->ctx, raw, raw_len, &tmp); if (res != KSI_OK) { KSI_pushError(client->ctx, res, NULL); goto cleanup; } if (http->sendRequest == NULL) { KSI_pushError(client->ctx, res = KSI_UNKNOWN_ERROR, "Send request not initialized."); goto cleanup; } res = http->sendRequest(client, tmp, url); if (res != KSI_OK) { KSI_pushError(client->ctx, res, NULL); goto cleanup; } *handle = tmp; tmp = NULL; res = KSI_OK; cleanup: KSI_RequestHandle_free(tmp); KSI_free(raw); return res; }
static void getExtResponse(CuTest* tc, KSI_uint64_t id, KSI_uint64_t aggrTime, KSI_uint64_t pubTime, KSI_ExtendResp **response) { int res; KSI_ExtendReq *request = NULL; KSI_Integer *ID = NULL; KSI_Integer *aggr_time = NULL; KSI_Integer *pub_time = NULL; KSI_RequestHandle *handle = NULL; KSI_ExtendResp *tmp = NULL; KSI_ERR_clearErrors(ctx); /*Create objects*/ res = KSI_ExtendReq_new(ctx, &request); CuAssert(tc, "Unable to create extend request.", res == KSI_OK && request != NULL); res = KSI_Integer_new(ctx, id, &ID); CuAssert(tc, "Unable to create request ID.", res == KSI_OK && ID != NULL); res = KSI_Integer_new(ctx, aggrTime, &aggr_time); CuAssert(tc, "Unable to aggr time.", res == KSI_OK && aggr_time != NULL); res = KSI_Integer_new(ctx, pubTime, &pub_time); CuAssert(tc, "Unable to pub time.", res == KSI_OK && pub_time != NULL); /*Combine objects*/ res = KSI_ExtendReq_setRequestId(request, ID); CuAssert(tc, "Unable set request ID.", res == KSI_OK); ID = NULL; res = KSI_ExtendReq_setAggregationTime(request, aggr_time); CuAssert(tc, "Unable set aggre time.", res == KSI_OK); aggr_time = NULL; res = KSI_ExtendReq_setPublicationTime(request, pub_time); CuAssert(tc, "Unable set pub time.", res == KSI_OK); pub_time = NULL; /*Send request and get response*/ res = KSI_sendExtendRequest(ctx, request, &handle); CuAssert(tc, "Unable to send (prepare) sign request.", res == KSI_OK); res = KSI_RequestHandle_perform(handle); CuAssert(tc, "Unable to send perform (send) sign request.", res == KSI_OK); res = KSI_RequestHandle_getExtendResponse(handle, &tmp); CuAssert(tc, "Unable to get (send and get) sign request.", res == KSI_OK && tmp != NULL); *response = tmp; tmp = NULL; res = KSI_OK; KSI_ExtendReq_free(request); KSI_Integer_free(aggr_time); KSI_Integer_free(pub_time); KSI_Integer_free(ID); KSI_ExtendResp_free(tmp); KSI_RequestHandle_free(handle); }
static int verifyOnline(KSI_CTX *ctx, KSI_Signature *sig) { int res = KSI_UNKNOWN_ERROR; KSI_ExtendReq *req = NULL; KSI_Integer *start = NULL; KSI_Integer *end = NULL; KSI_RequestHandle *handle = NULL; KSI_DataHash *extHash = NULL; KSI_DataHash *calHash = NULL; KSI_ExtendResp *resp = NULL; KSI_Integer *status = NULL; KSI_CalendarHashChain *calChain = NULL; KSI_DataHash *rootHash = NULL; KSI_DataHash *pubHash = NULL; KSI_VerificationStep step = KSI_VERIFY_CALCHAIN_ONLINE; KSI_VerificationResult *info = &sig->verificationResult; KSI_LOG_info(sig->ctx, "Verifying signature online."); /* Extract start time */ res = KSI_CalendarHashChain_getAggregationTime(sig->calendarChain, &start); if (res != KSI_OK) goto cleanup; /* Clone the start time object */ KSI_Integer_ref(start); if (sig->verificationResult.useUserPublication) { /* Extract end time. */ res = KSI_PublicationData_getTime(sig->verificationResult.userPublication, &end); if (res != KSI_OK) goto cleanup; } res = KSI_createExtendRequest(sig->ctx, start, end, &req); if (res != KSI_OK) goto cleanup; res = KSI_sendExtendRequest(ctx, req, &handle); if (res != KSI_OK) goto cleanup; res = KSI_RequestHandle_perform(handle); if (res != KSI_OK) { KSI_pushError(ctx,res, NULL); goto cleanup; } res = KSI_RequestHandle_getExtendResponse(handle, &resp); if (res != KSI_OK) goto cleanup; /* Verify the correctness of the response. */ res = KSI_ExtendResp_verifyWithRequest(resp, req); if (res != KSI_OK) { KSI_pushError(ctx, res, NULL); goto cleanup; } res = KSI_ExtendResp_getStatus(resp, &status); if (res != KSI_OK) goto cleanup; /* Verify status. */ if (status != NULL && !KSI_Integer_equalsUInt(status, 0)) { KSI_Utf8String *respErr = NULL; char errm[1024]; res = KSI_ExtendResp_getErrorMsg(resp, &respErr); if (res != KSI_OK) goto cleanup; KSI_snprintf(errm, sizeof(errm), "Extend failure from server: '%s'", KSI_Utf8String_cstr(respErr)); res = KSI_VerificationResult_addFailure(info, step, errm); goto cleanup; } res = KSI_ExtendResp_getCalendarHashChain(resp, &calChain); if (res != KSI_OK) goto cleanup; res = KSI_CalendarHashChain_getInputHash(calChain, &extHash); if (res != KSI_OK) goto cleanup; res = KSI_CalendarHashChain_getInputHash(sig->calendarChain, &calHash); if (res != KSI_OK) goto cleanup; if (!KSI_DataHash_equals(extHash, calHash)) { res = KSI_VerificationResult_addFailure(info, step, "Extender returned different input hash for calendar hash chain."); goto cleanup; } if (sig->verificationResult.useUserPublication) { res = KSI_CalendarHashChain_aggregate(calChain, &rootHash); if (res != KSI_OK) goto cleanup; if (!KSI_DataHash_equals(rootHash, pubHash)) { res = KSI_VerificationResult_addFailure(info, step, "External publication imprint mismatch."); goto cleanup; } } res = KSI_VerificationResult_addSuccess(info, step, "Verified online."); cleanup: KSI_Integer_free(start); KSI_ExtendReq_free(req); KSI_RequestHandle_free(handle); KSI_ExtendResp_free(resp); return res; }