Wire Sysio Wire Sysion 1.0.0
Loading...
Searching...
No Matches
Macros | Functions | Variables
logs.c File Reference
#include <assert.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/evp.h>
#include "util.h"
#include <yubihsm.h>
Include dependency graph for logs.c:

Go to the source code of this file.

Macros

#define DEFAULT_CONNECTOR_URL   "http://127.0.0.1:12345"
 
#define N_OPERATIONS   5
 

Functions

int main (void)
 

Variables

const uint8_t password [] = "password"
 

Macro Definition Documentation

◆ DEFAULT_CONNECTOR_URL

#define DEFAULT_CONNECTOR_URL   "http://127.0.0.1:12345"

Definition at line 34 of file logs.c.

◆ N_OPERATIONS

#define N_OPERATIONS   5

Definition at line 37 of file logs.c.

Function Documentation

◆ main()

int main ( void )

Definition at line 41 of file logs.c.

41 {
42 yh_connector *connector = NULL;
43 yh_session *session = NULL;
44 yh_rc yrc = YHR_GENERIC_ERROR;
45
46 uint16_t authkey = 1;
47
48 const char *connector_url;
49
50 connector_url = getenv("DEFAULT_CONNECTOR_URL");
51 if (connector_url == NULL) {
52 connector_url = DEFAULT_CONNECTOR_URL;
53 }
54
55 yrc = yh_init();
56 assert(yrc == YHR_SUCCESS);
57
58 yrc = yh_init_connector(connector_url, &connector);
59 assert(yrc == YHR_SUCCESS);
60
61 yrc = yh_connect(connector, 0);
62 assert(yrc == YHR_SUCCESS);
63
64 yrc = yh_create_session_derived(connector, authkey, password,
65 sizeof(password), false, &session);
66 assert(yrc == YHR_SUCCESS);
67
68 yrc = yh_authenticate_session(session);
69 assert(yrc == YHR_SUCCESS);
70
71 uint8_t session_id;
72 yrc = yh_get_session_id(session, &session_id);
73 assert(yrc == YHR_SUCCESS);
74
75 printf("Successfully established session %02d\n", session_id);
76 printf("Flushing existing logs\n");
77
78 uint16_t unlogged_boot, unlogged_auth;
79 yh_log_entry logs[YH_MAX_LOG_ENTRIES];
80 size_t n_items = sizeof(logs) / sizeof(yh_log_entry);
81 yh_log_entry last_previous_log;
82 yh_log_entry *last_previous_log_ptr = &last_previous_log;
83
84 yrc = yh_util_get_log_entries(session, &unlogged_boot, &unlogged_auth, logs,
85 &n_items);
86 assert(yrc == YHR_SUCCESS);
87
88 if (n_items != 0) {
89 memcpy(&last_previous_log, logs + n_items - 1, sizeof(yh_log_entry));
90 } else {
91 last_previous_log_ptr = NULL;
92 }
93
94 uint16_t last_index = logs[n_items - 1].number;
95
96 yrc = yh_util_set_log_index(session, last_index);
97 assert(yrc == YHR_SUCCESS);
98
99 printf("Performing some operations\n");
100
101 for (uint16_t i = 0; i < N_OPERATIONS; i++) {
102 yh_object_descriptor descriptor;
103 yrc = yh_util_get_object_info(session, authkey, YH_AUTHENTICATION_KEY,
104 &descriptor);
105 assert(yrc == YHR_SUCCESS);
106 }
107
108 printf("Getting logs\n");
109
110 n_items = sizeof(logs) / sizeof(yh_log_entry);
111 yrc = yh_util_get_log_entries(session, &unlogged_boot, &unlogged_auth, logs,
112 &n_items);
113 assert(yrc == YHR_SUCCESS);
114
115 assert(n_items == N_OPERATIONS + 1);
116
117 fprintf(stdout, "%d unlogged boots found\n", unlogged_boot);
118 fprintf(stdout, "%d unlogged authentications found\n", unlogged_auth);
119
120 char digest_buf[(2 * YH_LOG_DIGEST_SIZE) + 1];
121
122 if (n_items == 0) {
123 fprintf(stdout, "No logs to extract\n");
124 return 0;
125 } else if (n_items == 1) {
126 fprintf(stdout, "Found 1 item\n");
127 } else {
128 fprintf(stdout, "Found %zu items\n", n_items);
129 }
130
131 for (uint16_t i = 0; i < n_items; i++) {
132 format_digest(logs[i].digest, digest_buf, YH_LOG_DIGEST_SIZE);
133 fprintf(stdout,
134 "item: %5u -- cmd: 0x%02x -- length: %4u -- session key: "
135 "0x%04x -- target key: 0x%04x -- second key: 0x%04x -- "
136 "result: 0x%02x -- tick: %lu -- hash: %s\n",
137 logs[i].number, logs[i].command, logs[i].length,
138 logs[i].session_key, logs[i].target_key, logs[i].second_key,
139 logs[i].result, (unsigned long) logs[i].systick, digest_buf);
140 }
141
142 bool ret = yh_verify_logs(logs, n_items, last_previous_log_ptr);
143 assert(ret == true);
144
145 printf("Logs correctly verified\n");
146
147 uint8_t option[128];
148 size_t option_len;
149
150 option[0] = YHC_SET_OPTION;
151 option[1] = 0x00;
152 option_len = 2;
153 yrc =
154 yh_util_set_option(session, YH_OPTION_COMMAND_AUDIT, option_len, option);
155 assert(yrc == YHR_SUCCESS);
156
157 option_len = sizeof(option);
158 yrc =
159 yh_util_get_option(session, YH_OPTION_COMMAND_AUDIT, option, &option_len);
160 assert(yrc == YHR_SUCCESS);
161
162 assert(option_len % 2 == 0);
163 bool option_found = false;
164 for (size_t i = 0; i < option_len; i += 2) {
165 if (option[i] == YHC_SET_OPTION) {
166 assert(option[i + 1] == 0);
167 option_found = true;
168 break;
169 }
170 }
171 assert(option_found == true);
172
173 option[0] = YHC_SET_OPTION;
174 option[1] = 0x01;
175 option_len = 2;
176 yrc =
177 yh_util_set_option(session, YH_OPTION_COMMAND_AUDIT, option_len, option);
178 assert(yrc == YHR_SUCCESS);
179
180 option_len = sizeof(option);
181 yrc =
182 yh_util_get_option(session, YH_OPTION_COMMAND_AUDIT, option, &option_len);
183 assert(yrc == YHR_SUCCESS);
184
185 assert(option_len % 2 == 0);
186 option_found = false;
187 for (size_t i = 0; i < option_len; i += 2) {
188 if (option[i] == YHC_SET_OPTION) {
189 assert(option[i + 1] == 1);
190 option_found = true;
191 break;
192 }
193 }
194 assert(option_found == true);
195
196 yrc = yh_util_close_session(session);
197 assert(yrc == YHR_SUCCESS);
198
199 yrc = yh_destroy_session(&session);
200 assert(yrc == YHR_SUCCESS);
201
202 yh_disconnect(connector);
203 assert(yrc == YHR_SUCCESS);
204
205 yrc = yh_exit();
206 assert(yrc == YHR_SUCCESS);
207
208 return EXIT_SUCCESS;
209}
session
CK_SESSION_HANDLE session
Definition ecdh_derive_test.c:45
DEFAULT_CONNECTOR_URL
#define DEFAULT_CONNECTOR_URL
Definition logs.c:34
N_OPERATIONS
#define N_OPERATIONS
Definition logs.c:37
Log::printf
LOGGING_API void printf(Category category, const char *format,...)
Definition Logging.cpp:30
uint16_t
unsigned short uint16_t
Definition stdint.h:125
uint8_t
unsigned char uint8_t
Definition stdint.h:124
yh_connector
Definition internal.h:37
yh_log_entry
Definition yubihsm.h:516
yh_log_entry::number
uint16_t number
Monotonically increasing index.
Definition yubihsm.h:518
yh_object_descriptor
Definition yubihsm.h:540
yh_session
Definition internal.h:25
format_digest
void format_digest(uint8_t *digest, char *str, uint16_t len)
Definition util.c:326
yh_verify_logs
bool yh_verify_logs(yh_log_entry *logs, size_t n_items, yh_log_entry *last_previous_log)
Definition yubihsm.c:4480
yh_util_get_option
yh_rc yh_util_get_option(yh_session *session, yh_option option, uint8_t *out, size_t *out_len)
Definition yubihsm.c:3584
yh_destroy_session
yh_rc yh_destroy_session(yh_session **session)
Definition yubihsm.c:890
yh_exit
yh_rc yh_exit(void)
Definition yubihsm.c:3910
yh_create_session_derived
yh_rc yh_create_session_derived(yh_connector *connector, uint16_t authkey_id, const uint8_t *password, size_t password_len, bool recreate, yh_session **session)
Definition yubihsm.c:593
yh_init
yh_rc yh_init(void)
Definition yubihsm.c:3857
yh_util_get_log_entries
yh_rc yh_util_get_log_entries(yh_session *session, uint16_t *unlogged_boot, uint16_t *unlogged_auth, yh_log_entry *out, size_t *n_items)
Definition yubihsm.c:2531
yh_util_close_session
yh_rc yh_util_close_session(yh_session *session)
Definition yubihsm.c:1257
yh_authenticate_session
yh_rc yh_authenticate_session(yh_session *session)
Definition yubihsm.c:2927
yh_util_get_object_info
yh_rc yh_util_get_object_info(yh_session *session, uint16_t id, yh_object_type type, yh_object_descriptor *object)
Definition yubihsm.c:1128
yh_util_set_option
yh_rc yh_util_set_option(yh_session *session, yh_option option, size_t len, uint8_t *val)
Definition yubihsm.c:3537
yh_init_connector
yh_rc yh_init_connector(const char *url, yh_connector **connector)
Definition yubihsm.c:4024
yh_util_set_log_index
yh_rc yh_util_set_log_index(yh_session *session, uint16_t index)
Definition yubihsm.c:2606
yh_connect
yh_rc yh_connect(yh_connector *connector, int timeout)
Definition yubihsm.c:4079
yh_disconnect
yh_rc yh_disconnect(yh_connector *connector)
Definition yubihsm.c:4097
yh_get_session_id
yh_rc yh_get_session_id(yh_session *session, uint8_t *sid)
Definition yubihsm.c:2915
option
yh_option option
Definition yubihsm.h:685
YH_LOG_DIGEST_SIZE
#define YH_LOG_DIGEST_SIZE
Size that the log digest is truncated to.
Definition yubihsm.h:127
YH_AUTHENTICATION_KEY
@ YH_AUTHENTICATION_KEY
Authentication Key is used to establish Sessions with a device.
Definition yubihsm.h:364
YH_OPTION_COMMAND_AUDIT
@ YH_OPTION_COMMAND_AUDIT
Enable/Disable logging of specific commands.
Definition yubihsm.h:494
YH_MAX_LOG_ENTRIES
#define YH_MAX_LOG_ENTRIES
Max log entries the device may hold.
Definition yubihsm.h:121
yh_rc
yh_rc
Definition yubihsm.h:170
YHR_GENERIC_ERROR
@ YHR_GENERIC_ERROR
Return value when encountering an unknown error.
Definition yubihsm.h:228
YHR_SUCCESS
@ YHR_SUCCESS
Returned value when function was successful.
Definition yubihsm.h:172
ret
CK_RV ret
Definition yubihsm_pkcs11.c:973
yrc
yh_rc yrc
Definition yubihsm_pkcs11.c:606
memcpy
memcpy((char *) pInfo->slotDescription, s, l)
Here is the call graph for this function:

Variable Documentation

◆ password

const uint8_t password[] = "password"

Definition at line 39 of file logs.c.