Add additional debug messages.
Change-Id: I8f92f0b55a5ff2f3a3fa4a85a1687cc27d090e48
const unsigned char *ptr;
RawBuffer tmp;
+ LogDebug("Certificate to parse. Size: " << der.size());
+
if (DataFormat::FORM_DER_BASE64 == format) {
Base64Decoder base64;
base64.reset();
BIO *buff = BIO_new(BIO_s_mem());
BIO_write(buff, der.data(), der.size());
m_x509 = PEM_read_bio_X509(buff, NULL, NULL, NULL);
+ BIO_free_all(buff);
} else {
// TODO
LogError("Unknown certificate format");
if (!m_x509) {
// TODO
- LogError("Error in parsing certificate.");
+ LogError("Certificate could not be parsed.");
// ThrowMsg(Exception::OpensslInternalError,
// "Internal Openssl error in d2i_X509 function.");
}
CertificateImpl::CertificateImpl(CertificateImpl &&second) {
m_x509 = second.m_x509;
second.m_x509 = NULL;
+ LogDebug("Certificate moved: " << (void*)m_x509);
}
CertificateImpl& CertificateImpl::operator=(CertificateImpl &&second) {
X509_free(m_x509);
m_x509 = second.m_x509;
second.m_x509 = NULL;
+ LogDebug("Certificate moved: " << (void*)m_x509);
return *this;
}
int size = i2d_X509(m_x509, &rawDer);
if (!rawDer || size <= 0) {
// TODO
-// LogError("i2d_X509 failed");
+ LogError("i2d_X509 failed");
// ThrowMsg(Exception::OpensslInternalError,
// "i2d_X509 failed");
}
{
STACK_OF(X509) *untrusted = NULL;
+ LogDebug("Verfication with " << chainVector.size() << " untrusted certificates");
+
if (!untrustedVector.empty()) {
untrusted = sk_X509_new_null();
- for (auto &e : untrustedVector)
+ for (auto &e : untrustedVector) {
sk_X509_push(untrusted, e.getX509());
+ }
}
X509_STORE_CTX *csc = X509_STORE_CTX_new();
return CKM_API_ERROR_UNKNOWN;
}
+ LogDebug("Certificate for verfication ptr: " << (void*)cert.getX509());
+
if (0 == X509_STORE_CTX_init(csc, m_store, cert.getX509(), untrusted)) {
LogError("failed to X509_STORE_CTX_init");
return CKM_API_ERROR_UNKNOWN;
int result = X509_verify_cert(csc); // 1 == ok; 0 == fail; -1 == error
- LogDebug("Verification result: " << result);
+ LogDebug("Openssl verification result: " << result);
if (result > 0) {
STACK_OF(X509) *chain = X509_STORE_CTX_get_chain(csc);
}
handler.crypto.decryptRow(password, row);
- LogError("Datatype: " << (int) row.dataType);
-
return CKM_API_SUCCESS;
}
row.dataType = dataType;
}
- LogError("Sending dataType: " << (int)row.dataType);
-
MessageBuffer response;
Serialization::Serialize(response, static_cast<int>(LogicCommand::GET));
Serialization::Serialize(response, commandId);
for (auto &e: untrustedRawCertVector)
untrustedCertVector.push_back(CertificateImpl(e, DataFormat::FORM_DER));
+ LogDebug("Cert is empty: " << cert.empty());
+
int retCode = m_certStore.verifyCertificate(cert, untrustedCertVector, chainVector);
if (retCode == CKM_API_SUCCESS) {
Deserialization::Deserialize(buffer, command);
Deserialization::Deserialize(buffer, user);
+ LogDebug("Process control. Command: " << command);
+
cc = static_cast<ControlCommand>(command);
switch(cc) {
Deserialization::Deserialize(buffer, command);
Deserialization::Deserialize(buffer, commandId);
+ LogDebug("Process storage. Command: " << command);
+
switch(static_cast<LogicCommand>(command)) {
case LogicCommand::SAVE:
{