#include <stdio.h>
#include <stdlib.h>
#include <memory>
#include "cconsolestream.h"
#include "cwalkmessage.h"
using namespace P6R;
namespace {
class CKmipExample13
{
public:
CKmipExample13(): m_pResponse( NULL ),
m_pWalk( NULL ),
m_port( 0 ),
m_pHostName( NULL )
{ }
~CKmipExample13()
{
if (NULL != m_pHostName ) m_cpStr->wstrfree( m_pHostName );
if (NULL != m_cpStoreInit) m_cpStoreInit->close();
if (NULL != m_pResponse ) m_pResponse->release();
if (NULL != m_pWalk ) delete m_pWalk;
}
protected:
CWalkMessage* m_pWalk;
};
{
{
{
{
}
}
}
return err;
}
{
}
return err;
}
{
if (NULL == pwszFilename) return eInvalidArg;
{
{
{
{
{
if ( pBuffer )
{
{
{
keyBuffer.
length = cBytesRead;
err = createPKCS8Key( keyBuffer, keySize, ppNewKey );
}
}
}
else err = eIoError;
delete [] pBuffer;
}
else err = eNoMemory;
}
else {
err = eTooSmall;
}
}
}
}
return err;
}
{
*ppGenKeys = NULL;
{
{
}
}
return err;
}
{
*ppIface = NULL;
{
{
(*ppIface)->release();
*ppIface = NULL;
}
}
return err;
}
{
if (
P6FAILED( err = m_cpStr->wstrlcat( confPath,
P6CNTOF(confPath), pFilePath, NULL )))
return err;
{
{
err = pKeystore->
setCertificate( pNamespace, szHash, cpNewCert, NULL );
}
}
return err;
}
{
if (
P6FAILED( err = m_cpStr->wstrlcat( confPath,
P6CNTOF(confPath), pFilePath, NULL )))
return err;
{
err = pKeystore->
setCertificate( pNamespace, pName, cpNewCert, NULL );
}
return err;
}
{
if (
P6FAILED( err = m_cpStr->wstrlcat( confPath,
P6CNTOF(confPath), pFilePath, NULL )))
return err;
{
err = pKeystore->
setKey( pNamespace, pName, cpNewKey, NULL, 0, NULL );
}
return err;
}
{
*ppInit = NULL;
*ppKeystore = NULL;
{
if (NULL != (*ppKeystore)) (*ppKeystore)->release();
(*ppKeystore) = NULL;
(*ppInit)->release();
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = (*ppInit)->openSigned( NULL, pKeystoreName )))
{
if (NULL != (*ppKeystore)) (*ppKeystore)->release();
(*ppKeystore) = NULL;
(*ppInit)->release();
(*ppInit) = NULL;
return err;
}
if (
P6FAILED( err = saveRootCertInStore( (*ppKeystore),
P6TEXT(
"p6r.trustedroot"), rootPEM )))
return err;
if (
P6FAILED( err = saveClientCertInStore( (*ppKeystore),
P6TEXT(
"p6r.clientauth"), m_pHostName, certPEM )))
return err;
if (
P6FAILED( err = savePrivKeyInStore( (*ppKeystore),
P6TEXT(
"p6r.clientauth"), m_pHostName, privPEM, privSize )))
return err;
return eOk;
}
{
{
{
{
}
}
}
}
return err;
}
{
if (
P6FAILED( err = pRequest->
getBufPtr( &pRawBuffer, &dontCare, &bytesLeft )))
return err;
{
err = pSocket->
send( &pRawBuffer[offset], bytesLeft, &bytesSent, tTimeout );
bytesLeft -= bytesSent;
offset += bytesSent;
bytesSent = 0;
}
cBytesSent = offset;
return err;
}
{
m_port = 5696;
if (
P6FAILED( err = m_cpStr->wstrdup(
P6TEXT(
"fqdn.com"), &m_pHostName )))
return err;
if (
P6FAILED( err = getRNG( m_cpRandom.addressof())))
return err;
{
}
}
if (
P6SUCCEEDED( err )) err = m_cpCrypto->setKey( cpKey );
if (
P6FAILED( err = m_cpStr->wstrlcat( dbPath,
P6CNTOF(dbPath),
P6TEXT(
"/db/KMIP12_keystore"), NULL )))
return err;
if (
P6FAILED( err = m_cpStr->wstrlcat( dbPath,
P6CNTOF(dbPath),
P6TEXT(
"/db/KMIP12_keystore.sig"), NULL )))
return err;
err = createKeystore(
P6TEXT(
"KMIP12_keystore"),
P6TEXT(
"RootCert.pem"),
P6TEXT(
"ClientCert.pem"),
P6TEXT(
"ClientPrivate.pem"), 2048, m_cpStoreInit.addressof(), m_cpKeystore.addressof());
if (
P6FAILED( err = m_cpIT->initialize()))
return err;
if (
P6FAILED( err = m_cpPool->initialize(
P6CTEXT(
"Buffer pool"), 8192, 2, 3, P6IOBF_NOFLAGS )))
return err;
if (
P6FAILED( err = m_cpPool->alloc( &m_pResponse )))
return err;
if (NULL == (m_pWalk = new (std::nothrow) CWalkMessage())) return eNoMemory;
if (
P6FAILED( err = m_pWalk->initialize( m_cpDecoder )))
return err;
return err;
}
{
P6NETADDR netAddress;
P6NETADDR hostAddr;
P6INTERVAL tTimeout = 0;
pAddr = iphostName;
if (
P6FAILED( err = m_cpSocket->initialize( P6AF_INET, P6SF_SECURESSL )))
return err;
err = cpInitSSL->
initSecureSocket( m_cpKeystore, m_cpPool, m_pHostName, NULL, (P6SSF_METHOD_NEGOTIATE | P6SSF_SECURE_CLIENT | P6SSF_SECURE_CLIENT_AUTH | P6SSF_LOG_X509SUBJECTLOOKUPS | P6SSF_SECURE_CLIENT | P6SF_SECURESSL));
ipPlusPort[0] = 0;
err = m_cpStr->wstrlcat( ipPlusPort, 100,
P6CTEXT(
"0.0.0.0:0"), NULL );
if (
P6FAILED( err = m_cpSocket->bind( &netAddress )))
return err;
if (
P6FAILED( err = m_cpStr->formatStringW( ipPlusPort,
P6CNTOF(ipPlusPort), NULL,
P6CTEXT(
"%1$:%2$"), args, 2 )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
return m_cpSocket->connect( &netAddress, tTimeout );
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pUniqueId->
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addDestroyRequest( *pUniqueId, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
}
}
}
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == pUniqueId->
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addGetRequest( *pUniqueId, NULL, NULL, NULL, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseKeyMaterial( m_pResponse, &objId, pKeyMaterial, &result );
}
}
}
}
}
return err;
}
{
KMIPMSG_RESULT result = { 0, 0, {NULL, 0 }};
P6INTERVAL tTimeout = 0;
if (NULL == secretData.
pString)
return eFail;
if (
P6FAILED( err = m_cpRequest->startRequestMsg( params )))
return err;
if (
P6FAILED( err = m_cpRequest->addRegisterSecretDataRequest(
KMIP_SECRET_SEED, secretData, NULL, attributes, NULL )))
return err;
if (
P6FAILED( err = m_cpRequest->endRequestMsg()))
return err;
if (
P6FAILED( err = m_cpEncoder->getBufPtr( &pReqBuf )))
return err;
m_cpIT->milliSecondsToInterval( 10000, &tTimeout );
err = sendMessage( pReqBuf, m_cpSocket, tTimeout, cBytesSent );
pReqBuf = NULL;
{
if (
P6SUCCEEDED( err = m_pResponse->getBufPtr( &pBuffer, &bufSize, &bufUsed )))
{
if (
P6SUCCEEDED( err = m_cpSocket->recv( pBuffer, bufSize, &cBytesRead, tTimeout )))
{
if (
P6SUCCEEDED( err = m_pResponse->setUsed( cBytesRead )))
{
err = m_pWalk->getResponseUniqueId( m_pResponse,
KMIP_OP_REGISTER, pUniqueId, &result );
}
}
}
}
}
return err;
}
{
P6BSTR keyMaterial = { NULL, 0 };
const P6UCHAR fakeSecretData[] = { 0x53,0x65,0x63,0x72,0x65,0x82,0x74,0x50,0x02,0x61,0x73,0x73,0x77,0x6F,0x72,0x64 };
if (
P6FAILED( err = createTLSSession()))
return err;
secretData.
pString = fakeSecretData;
secretData.
length =
sizeof( fakeSecretData );
if (
P6FAILED( err = registerSecretData( secretData, &uniqueId ))) {
printf( "\nFailed to store secret data on KMIP server %x\n", err );
return err;
}
else printf(
"\nSecret Data's unique identifer [%s] %ld\n", uniqueId.
pString, (
P6ULONG)uniqueId.
length );
if (
P6SUCCEEDED( err = getSecretData( &uniqueId, &keyMaterial )))
{
if ( keyMaterial.
length !=
sizeof( fakeSecretData )) {
printf(
"\nSecret data size mismatch %ld %ld\n",
sizeof(fakeSecretData), (
P6ULONG)keyMaterial.
length );
}
else
{
if (fakeSecretData[i] != keyMaterial.
pString[i]) {
printf("\nSecret data value mismatch offset: %d\n", i );
break;
}
}
}
}
else printf( "\nFailed to Get Secret data from the server %x\n", err );
if (
P6FAILED( err = destroyObject( &uniqueId ))) {
printf( "\nFailed to Destroy Secret data off the server %x\n", err );
}
return err;
}
{
CKmipExample13 example;
err = example.run( pDataStream );
}
}
}
int main(int argc,char *argv[])
{
{
{
KMIP_SecretData( cpDataStream );
}
else printf("ERROR: Failed to initialize the loader [ %x ]\n", err );
}
else printf( "ERROR: Failed to create CConsoleStream [ %x ]\n", err );
return err;
}