/*************************************************************************** Copyright (c) 1998-2002 Novell, Inc. All Rights Reserved. THIS WORK IS SUBJECT TO U.S. AND INTERNATIONAL COPYRIGHT LAWS AND TREATIES. USE AND REDISTRIBUTION OF THIS WORK IS SUBJECT TO THE LICENSE AGREEMENT ACCOMPANYING THE SOFTWARE DEVELOPMENT KIT (SDK) THAT CONTAINS THIS WORK. Pursuant to the SDK License Agreement, Novell hereby grants to Developer a royalty-free, non-exclusive license to include the sample code AES.C and derivative binaries in its product. Novell grants to Developer worldwide distribution rights to market, distribute or sell the sample code AES.C and derivative binaries as a component of Developer's product(s). Novell shall have no obligations to Developer or Developer's customers with respect to this code. DISCLAIMER: Novell, Inc. makes no representations or warranties with respect to the contents or use of this code, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to revise this publication and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. Further, Novell, Inc. makes no representations or warranties with respect to any software, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Novell, Inc. reserves the right to make changes to any and all parts of the software, at any time, without obligation to notify any person or entity of such changes. ***************************************************************************/ #ifdef WIN32 # include <windows.h> #endif #include "npki.h" #include "npkikey.h" #include "pkierr.h" NWRCODE GetServerKey(void) { NWRCODE ccode = PKI_SUCCESS; NPKIContext myPKI = NPKI_INVALID_CONTEXT; nuint32 wrappedKeySize = 0; bool niciInit = true; NICI_CC_HANDLE ccsCtxt = NICI_H_INVALID; NICI_OBJECT_HANDLE pkiKeyHandle = NICI_H_INVALID; nuint8 const *wrappedKey = NULL; void* hinstDLL = &hinstDLL; // user/system infomation unicode myTree[] = {'T','E','S','T',0}; unicode myUser[] = {'A','d','m','i','n','.','n','o','v','e','l','l',0}; char password[] = {'t','e','s','t',0}; char* startIPAddress = "192.168.0.2"; unicode serverDN[] = {'T','e','s','t','5','1','.','n','o','v','e','l','l',0}; unicode certName[] = {'c','e','r','t','i','f','i','c','a','t','e',0}; ccode = NPKICreateContext(&myPKI); if (ccode != PKI_SUCCESS) { goto ERR_EXIT; } // Set the tree name, this is the tree we will make all calls to. ccode = NPKISetTreeName(myPKI, myTree); if (ccode != PKI_SUCCESS) { goto ERR_EXIT; } ccode = NPKIConnectToIPAddress(myPKI, 0, 0, startIPAddress, NULL, NULL); // Login in ccode = NPKIDSLogin(myPKI, myUser, password); if (ccode != PKI_SUCCESS) { goto ERR_EXIT; } /*---------------------------------------------------- Method to get the Wrapped Key ------------------------------------------------------*/ // Use this call to get the server key securely wrapped in the server's storage key ccode = NPKIGetWrappedServerKey(myPKI, serverDN, certName, &wrappedKeySize, &wrappedKey); if (ccode != PKI_SUCCESS) { goto ERR_EXIT; } // The wrapped key can only be unwrapped by NICI on the server /*---------------------------------------------------- Method to get a NICI handle to the Key ------------------------------------------------------*/ // Use the following calls to get a NICI handle to the server key. ccode = CCS_Init (&hinstDLL); if (ccode != NICI_E_OK) { goto ERR_EXIT; } ccode = CCS_CreateContext(0, &ccsCtxt); if (ccode != NICI_E_OK) { goto ERR_EXIT; } ccode = NPKIGetHandleToServerKey ( myPKI, serverDN, certName, ccsCtxt, &pkiKeyHandle ); if (ccode != PKI_SUCCESS) { goto ERR_EXIT; } ERR_EXIT: NPKIDSLogout(myPKI); if (myPKI != NPKI_INVALID_CONTEXT) NPKIFreeContext(myPKI); if (pkiKeyHandle != NICI_H_INVALID) CCS_DestroyObject(ccsCtxt, pkiKeyHandle); if (ccsCtxt != NICI_H_INVALID) CCS_DestroyContext(ccsCtxt); return ccode; }