2 * Copyright (c) 2012, JANET(UK)
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
9 * 1. Redistributions of source code must retain the above copyright
10 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of JANET(UK) nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
20 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
21 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
24 * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
25 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
26 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
27 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
29 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
30 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
31 * OF THE POSSIBILITY OF SUCH DAMAGE.
41 #include <trust_router/tid.h>
46 {0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
47 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F,
48 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
49 0x19, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F};
54 TIDC_INSTANCE *tidc_create ()
56 TIDC_INSTANCE *tidc = NULL;
58 if (tidc = malloc(sizeof(TIDC_INSTANCE)))
59 memset(tidc, 0, sizeof(TIDC_INSTANCE));
63 if (NULL == (tidc->priv_dh = tr_create_dh_params(NULL, 0))) {
68 fprintf(stderr, "TIDC DH Parameters:\n");
69 DHparams_print_fp(stdout, tidc->priv_dh);
70 fprintf(stderr, "\n");
75 void tidc_destroy (TIDC_INSTANCE *tidc)
81 int tidc_open_connection (TIDC_INSTANCE *tidc,
88 err = gsscon_connect(server, TID_PORT, &conn);
91 err = gsscon_active_authenticate(conn, NULL, "trustidentity", gssctx);
99 int tidc_send_request (TIDC_INSTANCE *tidc,
105 TIDC_RESP_FUNC *resp_handler,
110 char *req_buf = NULL;
111 char *resp_buf = NULL;
112 size_t resp_buflen = 0;
114 TID_REQ *tid_req = NULL;
115 TR_MSG *resp_msg = NULL;
117 unsigned char *c_keybuf = NULL;
120 /* Create and populate a TID msg structure */
121 if ((!(msg = malloc(sizeof(TR_MSG)))) ||
122 (!(tid_req = malloc(sizeof(TID_REQ)))))
125 memset(tid_req, 0, sizeof(tid_req));
127 msg->msg_type = TID_REQUEST;
129 msg->tid_req = tid_req;
131 tid_req->conn = conn;
133 /* TBD -- error handling */
134 tid_req->rp_realm = tr_new_name(rp_realm);
135 tid_req->realm = tr_new_name(realm);
136 tid_req->comm = tr_new_name(comm);
138 tid_req->tidc_dh = tidc->priv_dh;
140 tid_req->resp_func = resp_handler;
141 tid_req->cookie = cookie;
143 /* Encode the request into a json string */
144 if (!(req_buf = tr_msg_encode(msg))) {
145 printf("Error encoding TID request.\n");
149 printf ("Sending TID request:\n");
150 printf ("%s\n", req_buf);
152 /* Send the request over the connection */
153 if (err = gsscon_write_encrypted_token (conn, gssctx, req_buf,
155 fprintf(stderr, "Error sending request over connection.\n");
159 /* TBD -- should queue request on instance, resps read in separate thread */
160 /* Read the response from the connection */
162 if (err = gsscon_read_encrypted_token(conn, gssctx, &resp_buf, &resp_buflen)) {
168 fprintf(stdout, "Response Received (%d bytes).\n", resp_buflen);
169 fprintf(stdout, "%s\n", resp_buf);
171 if (NULL == (resp_msg = tr_msg_decode(resp_buf, resp_buflen))) {
172 fprintf(stderr, "Error decoding response.\n");
176 /* TBD -- Check if this is actually a valid response */
177 if (!resp_msg->tid_resp) {
178 fprintf(stderr, "Error: No response in the response!\n");
182 /* Call the caller's response function */
183 (*tid_req->resp_func)(tidc, tid_req, resp_msg->tid_resp, cookie);
186 /* Generate the client key -- TBD, handle more than one server */
187 if (TID_SUCCESS != resp_msg->tid_resp->result) {
188 fprintf(stderr, "Response is an error.\n");
192 if (!resp_msg->tid_resp->servers) {
193 fprintf(stderr, "Response does not contain server info.\n");
197 if (NULL == (c_keybuf = malloc(DH_size(tid_req->tidc_dh)))) {
198 fprintf (stderr, "Error: Can't allocate client keybuf, exiting.\n");
201 if (0 > (c_keylen = tr_compute_dh_key(c_keybuf,
202 DH_size(tid_req->tidc_dh),
203 resp_msg->tid_resp->servers->aaa_server_dh->pub_key,
204 tid_req->tidc_dh))) {
206 printf("Error computing client key.\n");
210 /* Print out the client key. */
211 printf("Client Key Generated (len = %d):\n", c_keylen);
212 for (i = 0; i < c_keylen; i++) {
213 printf("%x", c_keybuf[i]);
226 /* TBD -- free the decoded response */