1 #include "recordHandler.h"
4 #include <sys/socket.h>
5 #include <netinet/in.h>
12 #include <openssl/ssl.h>
16 #include "opensslBIO.h"
17 #include "remoteSigner.h"
18 #include "simpleOpensslSigner.h"
22 class RecordHandlerSession {
25 uint32_t lastCommandCount;
27 std::shared_ptr<TBSCertificate> tbs;
28 std::shared_ptr<SignedCertificate> result;
32 std::shared_ptr<OpensslBIOWrapper> io;
33 DefaultRecordHandler* parent;
34 std::shared_ptr<Signer> signer;
36 RecordHandlerSession( DefaultRecordHandler* parent, std::shared_ptr<Signer> signer, std::shared_ptr<SSL_CTX> ctx, std::shared_ptr<BIO> output ) :
37 tbs( new TBSCertificate() ) {
38 this->parent = parent;
39 this->signer = signer;
41 ssl = SSL_new( ctx.get() );
42 std::shared_ptr<BIO> bio(
43 BIO_new( BIO_f_ssl() ),
47 SSL_set_accept_state( ssl );
48 SSL_set_bio( ssl, output.get(), output.get() );
49 BIO_set_ssl( bio.get(), ssl, BIO_NOCLOSE );
50 io = std::shared_ptr<OpensslBIOWrapper>( new OpensslBIOWrapper( bio ) );
53 void respondCommand( RecordHeader::SignerResult res, std::string payload ) {
55 rh.command = ( uint16_t ) res;
57 rh.command_count = 0; // TODO i++
58 rh.totalLength = payload.size();
59 sendCommand( rh, payload, io );
63 std::cout << "done" << std::endl;
64 std::vector<char> buffer( 2048, 0 );
65 std::cout << "reading" << std::endl;
66 int res = io->read( buffer.data(), buffer.capacity() );
67 std::cout << "read" << std::endl;
74 std::string content( buffer.data(), res );
78 std::string payload = parseCommand( head, content );
79 execute( head, payload );
80 } catch( const char* msg ) {
81 std::cout << msg << std::endl;
87 void execute( RecordHeader& head, std::string data ) {
88 if( head.totalLength != head.payloadLength || head.offset != 0 ) {
89 throw "Error, chunking not supported yet";
92 switch( ( RecordHeader::SignerCommand ) head.command ) {
93 case RecordHeader::SignerCommand::SET_CSR: // setCSR
94 tbs->csr_content = data;
95 tbs->csr_type = "CSR";
96 std::cout << "CSR read" << std::endl;
99 case RecordHeader::SignerCommand::SET_SIGNATURE_TYPE:
103 case RecordHeader::SignerCommand::SET_PROFILE:
108 case RecordHeader::SignerCommand::ADD_SAN: {
109 size_t pos = data.find( "," );
111 if( pos == std::string::npos ) {
113 std::shared_ptr<SAN> san( new SAN() );
114 san->type = data.substr( 0, pos );
115 san->content = data.substr( pos + 1 );
116 tbs->SANs.push_back( san );
121 case RecordHeader::SignerCommand::ADD_AVA: {
122 size_t pos = data.find( "," );
124 if( pos == std::string::npos ) {
127 std::shared_ptr<AVA> ava( new AVA() );
128 ava->name = data.substr( 0, pos );
129 ava->value = data.substr( pos + 1 );
130 tbs->AVAs.push_back( ava );
135 case RecordHeader::SignerCommand::ADD_PROOF_LINE:
138 case RecordHeader::SignerCommand::SIGN:
139 result = signer->sign( tbs );
140 std::cout << "res: " << result->certificate << std::endl;
141 result->log = "I am a dummy log.\nI signed that thing ;-) \n";
142 respondCommand( RecordHeader::SignerResult::SAVE_LOG, result->log );
145 case RecordHeader::SignerCommand::LOG_SAVED:
147 respondCommand( RecordHeader::SignerResult::CERTIFICATE, result->certificate );
153 throw "Unimplemented";
158 DefaultRecordHandler::DefaultRecordHandler( std::shared_ptr<Signer> signer, std::shared_ptr<BIO> bio ) :
161 this->signer = signer;
163 ctx = generateSSLContext( true );
168 void DefaultRecordHandler::reset() {
169 currentSession = std::shared_ptr<RecordHandlerSession>();
172 void DefaultRecordHandler::handle() {
173 if( !currentSession ) {
174 std::cout << "session allocated" << std::endl;
175 currentSession = std::shared_ptr<RecordHandlerSession>( new RecordHandlerSession( this, signer, ctx, bio ) );
178 std::cout << "really allocated: " << currentSession << ";" << std::endl;
179 currentSession->work();
182 int handlermain( int argc, const char* argv[] ) {
186 std::shared_ptr<OpensslBIOWrapper> bio( new OpensslBIOWrapper( std::shared_ptr<BIO>( BIO_new_fd( 0, 0 ), BIO_free ) ) );
188 "-----BEGIN CERTIFICATE REQUEST-----\n"
189 "MIIBSzCBtQIBADAMMQowCAYDVQQDDAFhMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB\n"
190 "iQKBgQDerBEpIShJlx3zzl4AOS1NcwEg4iAWknQeTtI8B5dnk+l5HkOdTxqeehZn\n"
191 "iZnuIuYXA+JWmoECg/w69+N5zw2BabelgK3cSvRqycwPEU/gceGJZTaBfkkN0hBk\n"
192 "rpXDiLSlox5oeR150MrsHvVc+W2e+0jW1tuhz4QLzn8/uI/toQIDAQABoAAwDQYJ\n"
193 "KoZIhvcNAQELBQADgYEATQU5VrgQAkvpCvIwRUyjj9YAa9E014tNY0jMcBdv95fy\n"
194 "/f49zIcVtUJuZuEwY6uDZQqfAm+8CLNpOCICH/Qw7YOe+s/Yw7a8rk5VqLtgxR4M\n"
195 "z6DUeVL0zYFoLUxIje9yDU3pWmPvyVaBPdo0DguZwFMfiWwzhkUDeQgyeaiMvQA=\n"
196 "-----END CERTIFICATE REQUEST-----";
204 std::shared_ptr<int> ssl_lib = ssl_lib_ref;
207 std::shared_ptr<BIO> b = openSerial( "/dev/ttyUSB0" );
208 std::shared_ptr<BIO> slip1( BIO_new( toBio<SlipBIO>() ), BIO_free );
209 ( ( SlipBIO* )slip1->ptr )->setTarget( std::shared_ptr<OpensslBIO>( new OpensslBIOWrapper( b ) ) );
210 std::shared_ptr<RemoteSigner> sign( new RemoteSigner( slip1, generateSSLContext( false ) ) );
212 std::shared_ptr<TBSCertificate> cert( new TBSCertificate() );
213 cert->csr_type = "csr";
214 cert->csr_content = data;
217 std::shared_ptr<AVA> ava( new AVA() );
219 ava->value = "Dummy user certificates";
220 cert->AVAs.push_back( ava );
221 std::shared_ptr<SAN> san( new SAN() );
223 san->content = "n42.example.com";
224 cert->SANs.push_back( san );
226 auto res = sign->sign( cert );
227 std::cout << "log: " << res->log << std::endl;
228 std::cout << "cert things: " << res->certificate << std::endl;
232 std::shared_ptr<BIO> conn = openSerial( "/dev/ttyS0" );
233 std::shared_ptr<BIO> slip1( BIO_new( toBio<SlipBIO>() ), BIO_free );
235 ( ( SlipBIO* )slip1->ptr )->setTarget( std::shared_ptr<OpensslBIO>( new OpensslBIOWrapper( conn ) ) );
238 DefaultRecordHandler* dh = new DefaultRecordHandler( std::shared_ptr<Signer>( new SimpleOpensslSigner() ), slip1 );
243 } catch( char const* ch ) {
244 std::cout << "Exception: " << ch << std::endl;