WA-SDK  3.0.4.0
WA-SDK
issacapi/va/sample_va_basic.c
#include <stdio.h>
#include "issacapi_bs.h"
#include "issacapi_va.h"
#include "issacapi_errorcode.h"
static const char *certB64 =
"MIIDOjCCAiSgAwIBAgIGAOjUpRAhMAsGCSqGSIb3DQEBCzA8MQswCQYDVQQGEwJLUjENMAsGA1UECgwEVEVTVDENMAsGA1UECwwEVEVTVDEPMA0G"
"A1UEAwwGVEVTVENBMB4XDTE4MTExMTE1MDAwMFoXDTE5MDIyMDE0NTk1OVowVjELMAkGA1UEBhMCS1IxDTALBgNVBAoMBFRFU1QxDTALBgNVBAsM"
"BFRFU1QxEDAOBgoJkiaJk/IsZAEZFgAxFzAVBgNVBAMMDjE5Mi4xNjguMjEuMjI1MEkwEwYHKoZIzj0CAQYIKoZIzj0DAQEDMgAEMv2XdC0mcCen"
"uMRmsOyDOD1Kn+7Jt/8z25bVeLk8+WaflsEfrgNoXA28C5i2XBdNo4IBBTCCAQEwYgYDVR0jBFswWYAUzDoinqM+0/wZ18YirsUGPeDJWPihPqQ8"
"MDoxCzAJBgNVBAYTAktSMQ0wCwYDVQQKDARURVNUMQ0wCwYDVQQLDARURVNUMQ0wCwYDVQQDDARURVNUggECMB0GA1UdDgQWBBQm1cQqp6uN/6l9"
"uEmWGBZ3xHM72DAOBgNVHQ8BAf8EBAMCB4AwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA8GA1UdEQQIMAaHBMCoFeEwPAYIKwYBBQUH"
"AQEEMDAuMCwGCCsGAQUFBzABhiBodHRwOi8vMTAuMC44MS42OjgwODAvT0NTUFNlcnZlcjALBgkqhkiG9w0BAQsDggEBADgaJ/ZQ5LABTw+HiPbb"
"V9ZrwgPMpkfoHF1j2vivNJZ/jnVaghQEOrsrIHcN9jKr1UVisSZjMc1SnCSa7VqNZcmsnXYbBkXY8iFa9O3PO+ZiYerEGxf6VbFhGFTbGT9LA2iz"
"eX/PGENL/jrRUFMmZBpaZk0/1xMJg1rx+fyvToFVzXHL0H00dxv/Stb96qBlYixUdCTfscSU3w6SMzqv2NWRRkgG37ZvL0HT+tPAZ7AZzUbMR7g6"
"5+PXsnJzavPLitdSBcDV/Oa14bfW4zlHH0EaMCr79QJm6n4YPM2P5SUT4pJlTg/jbJwNHcOoYa3bHuq4sbAo5PFBlFq+np0OorQ=";
static unsigned char certBytes[4096] = { 0, };
static int certBytesLen = 0;
static const char *issuerCertB64 =
"MIID5DCCAsygAwIBAgIBAjANBgkqhkiG9w0BAQsFADA6MQswCQYDVQQGEwJLUjENMAsGA1UECgwEVEVTVDENMAsGA1UECwwEVEVTVDENMAsGA1UE"
"AwwEVEVTVDAeFw0xODEwMTAwNzI0MzRaFw0yOTEwMTAwNzI0MzRaMDwxCzAJBgNVBAYTAktSMQ0wCwYDVQQKDARURVNUMQ0wCwYDVQQLDARURVNU"
"MQ8wDQYDVQQDDAZURVNUQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCQuar4BDageAAUPqgDhUiQMFGATvRz6SY8Rao8jnyr7ZgG"
"Y9ooO+BWCNPNw4h8+ajx59w0LtvYCiIfq7owVT08nvDCxygAdLW8F53gifvRMntkvzxTQnOxURYrT/rBBwrJ/x4zv+t3c7ObtsQOXNlG2CkuG5R/"
"//D9db5wZADJQ3a7J0NBDD5njXytErsLu/HjZXBqWhFs1+H+R2iQufZWhnsrGpg8JcgK5/Jg7ZBLV9gHQTLMXViey4zgk2IyTSprH+xtKoNzK1BQ"
"9xmXLHc0bVmT0sOAzsximlLM/HUx6ZTj7pgYWDQgv+QKrG1dcyRlylrdYRJ4zbT14LOYY84jAgMBAAGjgfIwge8wHQYDVR0OBBYEFMw6Ip6jPtP8"
"GdfGIq7FBj3gyVj4MGIGA1UdIwRbMFmAFKpLnpsr0JWpkKf6e1RlokozwyPdoT6kPDA6MQswCQYDVQQGEwJLUjENMAsGA1UECgwEVEVTVDENMAsG"
"A1UECwwEVEVTVDENMAsGA1UEAwwEVEVTVIIBATAOBgNVHQ8BAf8EBAMCAQYwEgYDVR0TAQH/BAgwBgEB/wIBADBGBgNVHR8EPzA9MDugOaA3hjVo"
"dHRwOi8vMTAuMC44MS41OjgwODAvY249VEVTVCxvdT1URVNULG89VEVTVCxjPUtSLmNybDANBgkqhkiG9w0BAQsFAAOCAQEAbS8GYh0QcWtJxolZ"
"825b3yckgpMg/slPwNUnfXRv5eAMlMowf1uzhU/5761NhsTDzU4fc4ZszUsgDdwls7VOGgUO0SAlwGaVntrrkLtsBJAVoWiYYw1L5evsVTVf1jhb"
"h83++f8NcEgLmifO1e2XZN0NunsHchn5dnYgZI0qQOvXn0T0bJC7htYuNcaGvwR5Lyg2IOEu2reZ7w2rA7fQgLGXJJZRENxR4LspqvnBdJ8Dzjmi"
"1klPjZVMb18eZhgZOhB+G7sZfwgqEIA2OTAaA2sjgUo5rR78svn5zJxHtFE3W1tx/EkSkFdUjpX4k2aM9C11uZyu+CfQdDuxu9yoBg==";
static unsigned char issuerCertBytes[4096] = { 0, };
static int issuerCertBytesLen = 0;
static int sample_setup() {
ISSAC_RETURN result;
result = ISSAC_Initialize();
if (result != ISSAC_SUCCESS) {
printf("[ERROR] %s\n", ISSAC_GetErrorMessage(result));
return 1;
}
result = ISSAC_BASE64_Decode(certBytes, &certBytesLen, sizeof(certBytes), certB64);
if (result != ISSAC_SUCCESS) {
printf("[ERROR] %s\n", ISSAC_GetErrorMessage(result));
return 1;
}
result = ISSAC_BASE64_Decode(issuerCertBytes, &issuerCertBytesLen, sizeof(issuerCertBytes), issuerCertB64);
if (result != ISSAC_SUCCESS) {
printf("[ERROR] %s\n", ISSAC_GetErrorMessage(result));
return 1;
}
return 0;
}
int sample_va_basic() {
ISSAC_RETURN result;
CERTIFICATE targetCert; // 검증하고자 하는 인증서
CERTIFICATES targetCerts; // 검증하고자 하는 인증서 목록
CERTIFICATE targetIssuerCert; // 검증하고자 하는 인증서의 발급자 인증서
CERTIFICATES targetIssuerCerts; // 검증하고자 하는 인증서의 발급자 인증서 목록
VACONTEXT info; // OCSP 서버 접속 정보
printf("sample_va_basic() => ");
// 구조체 생성
ISSAC_CERTIFICATE_Create(&targetCert);
ISSAC_CERTIFICATES_Create(&targetCerts);
ISSAC_CERTIFICATE_Create(&targetIssuerCert);
ISSAC_CERTIFICATES_Create(&targetIssuerCerts);
ISSAC_VA_VACONTEXT_Create(&info);
// 검증할 대상
result = ISSAC_CERTIFICATE_Read_Memory(&targetCert, certBytes, certBytesLen);
if (result == ISSAC_SUCCESS) {
result = ISSAC_CERTIFICATES_AddCertificate(&targetCerts, &targetCert);
}
// 검증할 대상의 발급자
if (result == ISSAC_SUCCESS) {
result = ISSAC_CERTIFICATE_Read_Memory(&targetIssuerCert,issuerCertBytes, issuerCertBytesLen);
}
if (result == ISSAC_SUCCESS) {
result = ISSAC_CERTIFICATES_AddCertificate(&targetIssuerCerts, &targetIssuerCert);
}
if (result == ISSAC_SUCCESS) {
// OCSP서버 정보 설정 (인증서에 AIA 가 있는 경우)
//result = ISSAC_VA_VACONTEXT_Set(&info, NULL, NULL, 0, NULL, &targetCert);
// OCSP서버 정보 설정 (인증서에 AIA 가 없는 경우 - http://10.0.81.6:8080/OCSPServer)
result = ISSAC_VA_VACONTEXT_Set(&info, "http", "10.0.81.6", 8080, "/OCSPServer", &targetCert);
}
if (result == ISSAC_SUCCESS) {
while (1) {
OCSPREQUEST ocspRequest;
OCSPRESPONSE ocspResponse;
ISSAC_VA_OCSPREQUEST_Create(&ocspRequest);
ISSAC_VA_OCSPRESPONSE_Create(&ocspResponse);
// 폐지정보 검증요청 메시지 생성
//result = ISSAC_VA_OCSPREQUEST_Make(&ocspRequest, &targetCerts, &targetIssuerCerts);
result = ISSAC_VA_OCSPREQUEST_Make_WithHashNid(&ocspRequest, &targetCerts, &targetIssuerCerts, 385);
// 폐지정보 검증 요청 메시지 OCSP 서버에 송신
if (result == ISSAC_SUCCESS) {
result = ISSAC_VA_OCSPREQUEST_SendToServer(&ocspRequest, &info);
}
// 서버로부터 인증서 상태 응답 정보 수신
if (result == ISSAC_SUCCESS) {
int nStatus; // ISSAC-API 에러코드(음수) 또는 서버에서 주는 Response 상태
nStatus = ISSAC_VA_OCSPRESPONSE_ReceiveFromServer(&ocspResponse, &info);
if (nStatus == RESPONSE_TRY_LATER) {
// 재시도 요청
ISSAC_VA_OCSPREQUEST_Delete(&ocspRequest);
ISSAC_VA_OCSPRESPONSE_Delete(&ocspResponse);
continue;
}
if (nStatus == RESPONSE_SUCCESS) {
// OCSP Request 에 맞는 OCSP Response 인지 확인
if (result == ISSAC_SUCCESS) {
result = ISSAC_VA_OCSPRESPONSE_CheckValid(&ocspResponse, &ocspRequest, 0);
}
// 검증 요청자의 인증서 가져오기 (필요 시)
if (result == ISSAC_SUCCESS) {
CERTIFICATE ownCertFromResponse;
result = ISSAC_CERTIFICATE_Create(&ownCertFromResponse);
if (result == ISSAC_SUCCESS) {
result = ISSAC_VA_OCSPRESPONSE_GetResponderCert(&ownCertFromResponse, &ocspResponse);
ISSAC_CERTIFICATE_Delete(&ownCertFromResponse);
}
}
// 인증서의 상태 확인
if (result == ISSAC_SUCCESS) {
// 인증서 폐지 정보 가져오기
CERTSTATUS certStatus;
result = ISSAC_VA_OCSPRESPONSE_GetCertStatus(&ocspResponse, &certStatus);
if (result == ISSAC_SUCCESS) {
CERTIFICATESTATUS singleStatus; // 인증서의 폐지정보 1: good 2: revoked 3: unknown
result = ISSAC_VA_CERTSTATUS_GetSingleStatus(&singleStatus, 0, &certStatus);
}
ISSAC_VA_CERTSTATUS_Delete(&certStatus);
}
} else {
result = nStatus;
}
}
ISSAC_VA_OCSPREQUEST_Delete(&ocspRequest);
ISSAC_VA_OCSPRESPONSE_Delete(&ocspResponse);
break;
}
}
// 구조체 삭제
ISSAC_CERTIFICATE_Delete(&targetCert);
ISSAC_CERTIFICATES_Delete(&targetCerts);
ISSAC_CERTIFICATE_Delete(&targetIssuerCert);
ISSAC_CERTIFICATES_Delete(&targetIssuerCerts);
ISSAC_VA_VACONTEXT_Delete(&info);
if (result == ISSAC_SUCCESS) {
printf("[OK]\n");
return 0;
} else {
printf("[ERROR] %s\n", ISSAC_GetErrorMessage(result));
return 1;
}
}
int main() {
int result;
result = sample_setup();
if (result != 0) {
return result;
}
return sample_va_basic();
}
ISSAC_CERTIFICATE_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATE_Delete(CERTIFICATE *cert)
CERTIFICATE 에 할당된 메모리를 해제한다.
ISSAC_CERTIFICATE_Create
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATE_Create(CERTIFICATE *cert)
CERTIFICATE 를 초기화한다.
ISSAC_CERTIFICATE_Read_Memory
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATE_Read_Memory(CERTIFICATE *cert, const void *buffer, int buffer_len)
인증서를 버퍼에서 읽어들인다. (DER, BASE64, PEM)
ISSAC_CERTIFICATES_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATES_Delete(CERTIFICATES *certs)
CERTIFICATES 에 할당된 메모리를 해제한다.
ISSAC_CERTIFICATES_Create
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATES_Create(CERTIFICATES *certs)
CERTIFICATES 를 초기화한다.
ISSAC_CERTIFICATES_AddCertificate
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_CERTIFICATES_AddCertificate(CERTIFICATES *certs, CERTIFICATE *cert)
인증서 집합에 인증서를 추가한다.
ISSAC_RETURN
unsigned int ISSAC_RETURN
ISSAC-API 실행 결과 [ ISSACAPI_BASIC_RETURN, ISSACAPI_ERRORS, ISSAC_LICENSE_ERR ]
Definition: issacapi_bs_definitions.h:32
CERTIFICATESTATUS
CERTIFICATESTATUS
인증서의 현재 상태 (OCSP)
Definition: issacapi_bs_definitions.h:95
ISSAC_SUCCESS
@ ISSAC_SUCCESS
(0) 성공
Definition: issacapi_bs_definitions.h:37
ISSAC_BASE64_Decode
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_BASE64_Decode(void *data, int *data_len, int data_alloc_len, const char *code)
입력한 BASE64 문자열을 바이너리 데이터로 디코딩한다.
ISSAC_Initialize
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_Initialize(void)
모듈을 초기화한다.
ISSAC_GetErrorMessage
WA_SDK_API const char *FUNCCALL ISSAC_GetErrorMessage(ISSAC_RETURN errorCode)
ISSAC-API 의 에러코드에 대한 에러메시지를 가져온다.
ISSAC_VA_VACONTEXT_Set
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_VACONTEXT_Set(VACONTEXT *info, const char *protocol, const char *ip, int port, const char *absPath, CERTIFICATE *own_cert)
VACONTEXT 에 OCSP 서버의 정보를 설정한다.
ISSAC_VA_VACONTEXT_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_VACONTEXT_Delete(VACONTEXT *info)
VACONTEXT 에 할당된 메모리를 해제한다.
ISSAC_VA_OCSPRESPONSE_GetCertStatus
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPRESPONSE_GetCertStatus(OCSPRESPONSE *ocsp_rsp, CERTSTATUS *cert_status)
OCSP Response 에서 CERTSTATUS 를 가져온다.
ISSAC_VA_OCSPREQUEST_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPREQUEST_Delete(OCSPREQUEST *ocsp_req)
OCSPREQUEST 에 할당된 메모리를 해제한다.
ISSAC_VA_CERTSTATUS_GetSingleStatus
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_CERTSTATUS_GetSingleStatus(CERTIFICATESTATUS *status, int nSeq, CERTSTATUS *cert_status)
CERTSTATUS 에서 인증서의 현재 상태를 가져온다.
ISSAC_VA_OCSPREQUEST_SendToServer
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPREQUEST_SendToServer(OCSPREQUEST *ocsp_req, VACONTEXT *info)
OCSP Request 메시지를 OCSP 서버로 전송한다.
ISSAC_VA_OCSPRESPONSE_GetResponderCert
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPRESPONSE_GetResponderCert(CERTIFICATE *rsp_cert, OCSPRESPONSE *ocsp_rsp)
OCSP Response 에서 ResponderCert를 가져온다.
ISSAC_VA_OCSPRESPONSE_CheckValid
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPRESPONSE_CheckValid(OCSPRESPONSE *ocsp_rsp, OCSPREQUEST *ocsp_req, time_t checktime)
OCSP 서버에 전송한 Request에 대한 Response 가 맞는지, 또 특정시점에 유효한지를 확인한다.
ISSAC_VA_VACONTEXT_Create
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_VACONTEXT_Create(VACONTEXT *info)
VACONTEXT 구조체를 초기화한다.
ISSAC_VA_OCSPRESPONSE_Create
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPRESPONSE_Create(OCSPRESPONSE *ocsp_rsp)
OCSPRESPONSE 구조체를 초기화한다.
ISSAC_VA_OCSPREQUEST_Create
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPREQUEST_Create(OCSPREQUEST *ocsp_req)
OCSPREQUEST 구조체를 초기화한다.
ISSAC_VA_OCSPRESPONSE_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPRESPONSE_Delete(OCSPRESPONSE *ocsp_rsp)
OCSPRESPONSE 에 할당된 메모리를 해제한다.
ISSAC_VA_OCSPREQUEST_Make_WithHashNid
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_OCSPREQUEST_Make_WithHashNid(OCSPREQUEST *ocsp_req, CERTIFICATES *tgt_certs, CERTIFICATES *tgt_issuer_cert, int hashNid)
인증서 검증을 위해 OCSP Request 메시지를 생성한다.
ISSAC_VA_CERTSTATUS_Delete
WA_SDK_API ISSAC_RETURN FUNCCALL ISSAC_VA_CERTSTATUS_Delete(CERTSTATUS *cert_status)
CERTSTATUS 에 할당된 메모리를 해제한다.
ISSAC_VA_OCSPRESPONSE_ReceiveFromServer
WA_SDK_API int FUNCCALL ISSAC_VA_OCSPRESPONSE_ReceiveFromServer(OCSPRESPONSE *ocsp_rsp, VACONTEXT *info)
OCSP Response 메시지를 OCSP 서버에서 받는다.
RESPONSE_SUCCESS
@ RESPONSE_SUCCESS
(0) Response has valid confirmations
Definition: issacapi_va.h:57
RESPONSE_TRY_LATER
@ RESPONSE_TRY_LATER
(3) Try again later
Definition: issacapi_va.h:60
issacapi_bs.h
issacapi_errorcode.h
issacapi_va.h
CERTIFICATE
인증서에 대한 컨텍스트
Definition: issacapi_bs_definitions.h:106
CERTIFICATES
인증서 집합에 대한 컨텍스트
Definition: issacapi_bs_definitions.h:114
CERTSTATUS
Definition: issacapi_va.h:50
OCSPREQUEST
OCSP Request 에 대한 컨텍스트
Definition: issacapi_va.h:19
OCSPRESPONSE
OCSP Response 에 대한 컨텍스트
Definition: issacapi_va.h:24
VACONTEXT
OCSP 서버 정보
Definition: issacapi_va.h:29