Amebis/GEANTLink
Amebis/GEANTLink
1
1
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases 50 Wiki Activity

Credential saving to XML introduced to support pre-shared credentials

Browse Source
This commit is contained in:
Simon Rozman 2016-06-15 11:05:32 +02:00
parent e0460fa15b
commit 9cf80108b5
4 changed files with 70 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
lib/EAPBase/include/Credentials.h
View File

@ -158,22 +158,6 @@ namespace eap
/// ///
virtual bool empty() const; virtual bool empty() const;
/// \name XML credentials management
/// @{
///
/// Save credentials to XML document
///
/// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving credentials
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns Always returns \c ERROR_NOT_SUPPORTED, as credentials are non-exportable.
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
/// @}
/// \name Storage /// \name Storage
/// @{ /// @{
@ -357,6 +341,19 @@ namespace eap
/// \name XML configuration management /// \name XML configuration management
/// @{ /// @{
///
/// Save credentials to XML document
///
/// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving credentials
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
/// ///
/// Load credentials from XML document /// Load credentials from XML document
/// ///

38
lib/EAPBase/src/Credentials.cpp
View File

@ -83,17 +83,6 @@ bool eap::credentials::empty() const
} }
DWORD eap::credentials::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
UNREFERENCED_PARAMETER(pDoc);
UNREFERENCED_PARAMETER(pConfigRoot);
UNREFERENCED_PARAMETER(ppEapError);
// Yeah, right!? Credentials are non-exportable!
return ERROR_NOT_SUPPORTED;
}
DWORD eap::credentials::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const DWORD eap::credentials::encrypt(_In_ HCRYPTPROV hProv, _In_bytecount_(size) const void *data, _In_ size_t size, _Out_ std::vector<unsigned char> &enc, _Out_ EAP_ERROR **ppEapError, _Out_opt_ HCRYPTHASH hHash) const
{ {
assert(ppEapError); assert(ppEapError);
@ -195,6 +184,33 @@ bool eap::credentials_pass::empty() const
} }
DWORD eap::credentials_pass::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
// <UserName>
if (!m_identity.empty())
if ((dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"UserName"), bstrNamespace, bstr(m_identity))) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <UserName> element."), NULL);
return dwResult;
}
// <Password>
if (!m_password.empty()) {
bstr pass(m_password);
dwResult = eapxml::put_element_value(pDoc, pConfigRoot, bstr(L"Password"), bstrNamespace, pass);
SecureZeroMemory((BSTR)pass, sizeof(OLECHAR)*pass.length());
if (dwResult != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <Password> element."), NULL);
return dwResult;
}
}
return ERROR_SUCCESS;
}
DWORD eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) DWORD eap::credentials_pass::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{ {
assert(pConfigRoot); assert(pConfigRoot);

13
lib/TLS/include/Credentials.h
View File

@ -128,6 +128,19 @@ namespace eap
/// \name XML credentials management /// \name XML credentials management
/// @{ /// @{
///
/// Save credentials to XML document
///
/// \param[in] pDoc XML document
/// \param[in] pConfigRoot Suggested root element for saving credentials
/// \param[out] ppEapError Pointer to error descriptor in case of failure. Free using `module::free_error_memory()`.
///
/// \returns
/// - \c ERROR_SUCCESS if succeeded
/// - error code otherwise
///
virtual DWORD save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const;
/// ///
/// Load credentials from XML document /// Load credentials from XML document
/// ///

17
lib/TLS/src/Credentials.cpp
View File

@ -84,6 +84,23 @@ bool eap::credentials_tls::empty() const
DWORD eap::credentials_tls::save(_In_ IXMLDOMDocument *pDoc, _In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) const
{
const bstr bstrNamespace(L"urn:ietf:params:xml:ns:yang:ietf-eap-metadata");
DWORD dwResult;
// <CertHash>
if (!m_cert_hash.empty())
if ((dwResult = eapxml::put_element_hex(pDoc, pConfigRoot, bstr(L"CertHash"), bstrNamespace, m_cert_hash.data(), m_cert_hash.size())) != ERROR_SUCCESS) {
*ppEapError = m_module.make_error(dwResult, 0, NULL, NULL, NULL, _T(__FUNCTION__) _T(" Error creating <CertHash> element."), NULL);
return dwResult;
}
return ERROR_SUCCESS;
}
DWORD eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError) DWORD eap::credentials_tls::load(_In_ IXMLDOMNode *pConfigRoot, _Out_ EAP_ERROR **ppEapError)
{ {
assert(pConfigRoot); assert(pConfigRoot);