#ifdef WIN32
# include <windows.h>
#endif
#include <stdio.h>
#include "npki.h"
#include "pkierr.h"
NWRCODE GenerateCSR(void)
{
NWRCODE ccode = PKI_SUCCESS;
NPKIContext myPKI = NPKI_INVALID_CONTEXT;
nuint32 signatureAlgorithms;
nuint32 keyGenerationAlgorithms;
nuint32 caOperational;
nuint8 const *csr = NULL;
nuint32 maxSignKeySize;
nuint32 maxKeyEncryptKeySize;
nuint32 maxKeySize;
nuint32 csrSize = 0;
unicode myTree[] = {'T','E','S','T',0};
unicode myUser[] = {'A','d','m','i','n','.','n','o','v','e','l','l',0};
char password[] = {'t','e','s','t',0};
char* startIPAddress = "192.168.0.2";
unicode serverDN[] = {'T','e','s','t','5','1','.','n','o','v','e','l','l',0};
unicode myCSRCertificateName[] = {'E','x','t','e','r','n','a','l',0};
NPKI_Extension keyUsage;
nuint16 sslKeyUsage = X509_KEY_USAGE_DIGITAL_SIGNATURE | X509_KEY_USAGE_KEY_ENCIPHERMENT;
NPKI_Extension NovellAttr = {PKI_EXTENSION_DONT_INCLUDE,0};
ccode = NPKICreateContext(&myPKI);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
ccode = NPKISetTreeName(myPKI, myTree);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
ccode = NPKIConnectToIPAddress(myPKI, 0, 0, startIPAddress, NULL, NULL);
ccode = NPKIDSLogin(myPKI, myUser, password);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
ccode = NPKIGetServerInfo
(
myPKI,
serverDN,
PKI_SERVER_INFO,
&keyGenerationAlgorithms,
&signatureAlgorithms,
NULL,
NULL,
&caOperational,
NULL,
NULL,
NULL,
NULL
);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
if (!(keyGenerationAlgorithms & PKI_RSA_ALGORITHM))
{
ccode = PKI_E_ALGORITHM_NOT_SUPPORTED;
goto ERR_EXIT;
}
if (!(signatureAlgorithms & PKI_SIGN_WITH_RSA_AND_SHA1))
{
ccode = PKI_E_ALGORITHM_NOT_SUPPORTED;
goto ERR_EXIT;
}
ccode = NPKIGetAlgorithmInfo
(
myPKI,
PKI_RSA_ALGORITHM,
&maxKeyEncryptKeySize,
&maxSignKeySize,
NULL,
NULL,
NULL
);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
maxKeySize = maxSignKeySize;
if (maxKeyEncryptKeySize < maxKeySize)
maxKeySize = maxKeyEncryptKeySize;
#ifndef HI_LO_MACH_TYPE
{
nuint16 newValue = 0;
nuint8 *oldValuePtr = (nuint8 *)&sslKeyUsage;
nuint8 *newValuePtr = (nuint8 *)&newValue;
newValuePtr[0] = oldValuePtr[1];
newValuePtr[1] = oldValuePtr[0];
sslKeyUsage = newValue;
}
#endif
keyUsage.flags = PKI_EXTENSION_INCLUDE;
keyUsage.length = sizeof(sslKeyUsage);
keyUsage.value = (nuint8 *)&sslKeyUsage;
ccode = NPKICreateServerCertificate
(
myPKI,
serverDN,
NULL,
myCSRCertificateName,
PKI_RSA_ALGORITHM,
maxKeySize,
NULL,
PKI_SIGN_WITH_RSA_AND_SHA1,
DEFAULT_YEAR_ENCODING,
0,
0,
PUBLIC_KEY_EXTERNAL_CA,
PRIVATE_KEY,
&keyUsage,
NULL,
NULL,
&NovellAttr,
NULL,
NULL,
NULL
);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
ccode = NPKICSRInfo
(
myPKI,
&csrSize,
&csr
);
if (ccode != PKI_SUCCESS)
{
goto ERR_EXIT;
}
{
FILE *stream = NULL;
size_t size = 0;
stream = fopen("serverCSR.b64", "wb");
if (stream != NULL)
{
size = fwrite(csr, sizeof(char), csrSize, stream);
fclose(stream);
}
}
ERR_EXIT:
NPKIDSLogout(myPKI);
if (myPKI != NPKI_INVALID_CONTEXT)
NPKIFreeContext(myPKI);
return ccode;
}