diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/Utilities.kt b/doorman/src/main/kotlin/com/r3/corda/doorman/Utilities.kt deleted file mode 100644 index 451996e532..0000000000 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/Utilities.kt +++ /dev/null @@ -1,54 +0,0 @@ -package com.r3.corda.doorman - -import com.typesafe.config.Config -import com.typesafe.config.ConfigFactory -import joptsimple.ArgumentAcceptingOptionSpec -import joptsimple.OptionParser -import net.corda.core.crypto.sha256 -import org.bouncycastle.cert.X509CertificateHolder -import java.io.ByteArrayInputStream -import java.security.PublicKey -import java.security.cert.CertPath -import java.security.cert.Certificate -import java.security.cert.CertificateFactory -import java.security.cert.X509Certificate - -/** - * Convert commandline arguments to [Config] object will allow us to use kotlin delegate with [ConfigHelper]. - */ -object OptionParserHelper { - fun Array.toConfigWithOptions(registerOptions: OptionParser.() -> Unit): Config { - val parser = OptionParser() - val helpOption = parser.acceptsAll(listOf("h", "?", "help"), "show help").forHelp(); - registerOptions(parser) - val optionSet = parser.parse(*this) - // Print help and exit on help option. - if (optionSet.has(helpOption)) { - throw ShowHelpException(parser) - } - // Convert all command line options to Config. - return ConfigFactory.parseMap(parser.recognizedOptions().mapValues { - val optionSpec = it.value - if (optionSpec is ArgumentAcceptingOptionSpec<*> && !optionSpec.requiresArgument() && optionSet.has(optionSpec)) null else optionSpec.value(optionSet) - }.filterValues { it != null }) - } -} - -class ShowHelpException(val parser: OptionParser) : Exception() - -object CertificateUtilities { - fun toX509Certificate(byteArray: ByteArray): X509Certificate { - return CertificateFactory.getInstance("X509").generateCertificate(ByteArrayInputStream(byteArray)) as X509Certificate - } -} - -fun X509CertificateHolder.toX509Certificate(): Certificate = CertificateUtilities.toX509Certificate(encoded) - -fun buildCertPath(vararg certificates: Certificate): CertPath { - return CertificateFactory.getInstance("X509").generateCertPath(certificates.asList()) -} - -fun buildCertPath(certPathBytes: ByteArray): CertPath = CertificateFactory.getInstance("X509").generateCertPath(certPathBytes.inputStream()) - -// TODO: replace this with Crypto.hash when its available. -fun PublicKey.hash() = encoded.sha256().toString() diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/JiraCertificateRequestStorage.kt b/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/JiraCertificateRequestStorage.kt deleted file mode 100644 index e69de29bb2..0000000000 diff --git a/doorman/build.gradle b/network-management/build.gradle similarity index 75% rename from doorman/build.gradle rename to network-management/build.gradle index a23d28b2f1..00cd79b861 100644 --- a/doorman/build.gradle +++ b/network-management/build.gradle @@ -6,6 +6,8 @@ ext { version "$corda_dependency_version" +description 'Network management module encapsulating components such as Doorman, HSM Signing Service and Network Map' + apply plugin: 'us.kirchmeier.capsule' apply plugin: 'kotlin' @@ -21,12 +23,12 @@ repositories { } } -configurations{ +configurations { integrationTestCompile.extendsFrom testCompile integrationTestRuntime.extendsFrom testRuntime } -sourceSets{ +sourceSets { integrationTest { kotlin { compileClasspath += main.output + test.output @@ -46,8 +48,8 @@ sourceSets{ task buildDoormanJAR(type: FatCapsule, dependsOn: 'jar') { group = 'build' - applicationClass 'com.r3.corda.doorman.MainKt' - + applicationClass 'com.r3.corda.networkmanage.doorman.MainKt' + archiveName "doorman-${version}-capsule.jar" capsuleManifest { applicationVersion = corda_dependency_version systemProperties['visualvm.display.name'] = 'Doorman' @@ -60,7 +62,29 @@ task buildDoormanJAR(type: FatCapsule, dependsOn: 'jar') { reallyExecutable { trampolining() } } +task buildHsmJAR(type: FatCapsule, dependsOn: 'jar') { + group = 'build' + applicationClass 'com.r3.corda.networkmanage.hsm.MainKt' + archiveName "hsm-${version}-capsule.jar" + capsuleManifest { + applicationVersion = corda_dependency_version + systemProperties['visualvm.display.name'] = 'HSM Signing Service' + minJavaVersion = '1.8.0' + jvmArgs = ['-XX:+UseG1GC'] + } + // Make the resulting JAR file directly executable on UNIX by prepending a shell script to it. + // This lets you run the file like so: ./corda.jar + // Other than being slightly less typing, this has one big advantage: Ctrl-C works properly in the terminal. + reallyExecutable { trampolining() } +} + +task integrationTest(type: Test) { + testClassesDirs = sourceSets.integrationTest.output.classesDirs + classpath = sourceSets.integrationTest.runtimeClasspath +} + dependencies { + compile fileTree(dir: 'libs', include: '*.jar') compile "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" compile "net.corda:corda-core:$corda_dependency_version" @@ -104,4 +128,4 @@ dependencies { } // Needed by jira rest client compile "com.atlassian.fugue:fugue:2.6.1" -} +} \ No newline at end of file diff --git a/signing-server/libs/CryptoServerCXI.jar b/network-management/libs/CryptoServerCXI.jar similarity index 100% rename from signing-server/libs/CryptoServerCXI.jar rename to network-management/libs/CryptoServerCXI.jar diff --git a/signing-server/libs/CryptoServerJCE.jar b/network-management/libs/CryptoServerJCE.jar similarity index 100% rename from signing-server/libs/CryptoServerJCE.jar rename to network-management/libs/CryptoServerJCE.jar diff --git a/doorman/src/integration-test/kotlin/com/r3/corda/doorman/DoormanIntegrationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt similarity index 94% rename from doorman/src/integration-test/kotlin/com/r3/corda/doorman/DoormanIntegrationTest.kt rename to network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt index 7110be32a7..7ae68c014e 100644 --- a/doorman/src/integration-test/kotlin/com/r3/corda/doorman/DoormanIntegrationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/doorman/DoormanIntegrationTest.kt @@ -1,8 +1,9 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.nhaarman.mockito_kotlin.whenever -import com.r3.corda.doorman.persistence.DoormanSchemaService -import com.r3.corda.doorman.signer.Signer +import com.r3.corda.networkmanage.common.persistence.SchemaService +import com.r3.corda.networkmanage.common.utils.toX509Certificate +import com.r3.corda.networkmanage.doorman.signer.Signer import net.corda.core.crypto.Crypto import net.corda.core.crypto.SecureHash import net.corda.core.identity.CordaX500Name @@ -36,7 +37,7 @@ class DoormanIntegrationTest { val database = configureDatabase(makeTestDataSourceProperties(), null, { // Identity service not needed doorman, corda persistence is not very generic. throw UnsupportedOperationException() - }, DoormanSchemaService()) + }, SchemaService()) val signer = Signer(intermediateCAKey, arrayOf(intermediateCACert.toX509Certificate(), rootCACert.toX509Certificate())) //Start doorman server diff --git a/signing-server/src/integration-test/kotlin/com/r3/corda/signing/DemoMain.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/DemoMain.kt similarity index 82% rename from signing-server/src/integration-test/kotlin/com/r3/corda/signing/DemoMain.kt rename to network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/DemoMain.kt index ff6a122ecc..cdae0c26b9 100644 --- a/signing-server/src/integration-test/kotlin/com/r3/corda/signing/DemoMain.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/DemoMain.kt @@ -1,10 +1,10 @@ -package com.r3.corda.signing +package com.r3.corda.networkmanage.hsm -import com.r3.corda.signing.configuration.Parameters +import com.r3.corda.networkmanage.hsm.SigningServiceIntegrationTest.Companion.DB_NAME +import com.r3.corda.networkmanage.hsm.SigningServiceIntegrationTest.Companion.H2_TCP_PORT +import com.r3.corda.networkmanage.hsm.SigningServiceIntegrationTest.Companion.HOST +import com.r3.corda.networkmanage.hsm.configuration.Parameters import java.util.* -import com.r3.corda.signing.SigningServiceIntegrationTest.Companion.DB_NAME -import com.r3.corda.signing.SigningServiceIntegrationTest.Companion.HOST -import com.r3.corda.signing.SigningServiceIntegrationTest.Companion.H2_TCP_PORT /** * The main method for an interactive HSM signing service test/demo. It is supposed to be executed with the diff --git a/signing-server/src/integration-test/kotlin/com/r3/corda/signing/SigningServiceIntegrationTest.kt b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt similarity index 87% rename from signing-server/src/integration-test/kotlin/com/r3/corda/signing/SigningServiceIntegrationTest.kt rename to network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt index e9e119223e..75df3582eb 100644 --- a/signing-server/src/integration-test/kotlin/com/r3/corda/signing/SigningServiceIntegrationTest.kt +++ b/network-management/src/integration-test/kotlin/com/r3/corda/networkmanage/hsm/SigningServiceIntegrationTest.kt @@ -1,17 +1,17 @@ -package com.r3.corda.signing +package com.r3.corda.networkmanage.hsm import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.verify import com.nhaarman.mockito_kotlin.whenever -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.persistence.DoormanSchemaService -import com.r3.corda.doorman.startDoorman -import com.r3.corda.doorman.toX509Certificate -import com.r3.corda.signing.hsm.HsmSigner -import com.r3.corda.signing.persistence.ApprovedCertificateRequestData -import com.r3.corda.signing.persistence.DBCertificateRequestStorage -import com.r3.corda.signing.persistence.SigningServerSchemaService +import com.r3.corda.networkmanage.common.persistence.SchemaService +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate +import com.r3.corda.networkmanage.doorman.startDoorman +import com.r3.corda.networkmanage.hsm.persistence.CertificateRequestData +import com.r3.corda.networkmanage.hsm.persistence.DBSignedCertificateRequestStorage +import com.r3.corda.networkmanage.hsm.persistence.SignedCertificateRequestStorage +import com.r3.corda.networkmanage.hsm.signer.HsmSigner import net.corda.core.crypto.Crypto import net.corda.core.identity.CordaX500Name import net.corda.core.utilities.NetworkHostAndPort @@ -58,7 +58,7 @@ class SigningServiceIntegrationTest { timer.cancel() } - private fun givenSignerSigningAllRequests(storage: DBCertificateRequestStorage): HsmSigner { + private fun givenSignerSigningAllRequests(storage: SignedCertificateRequestStorage): HsmSigner { // Create all certificates val rootCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) val rootCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(commonName = "Integration Test Corda Node Root CA", @@ -71,14 +71,14 @@ class SigningServiceIntegrationTest { return mock { on { sign(any()) }.then { @Suppress("UNCHECKED_CAST") - val toSign = it.arguments[0] as List + val toSign = it.arguments[0] as List toSign.forEach { JcaPKCS10CertificationRequest(it.request).run { val certificate = X509Utilities.createCertificate(CertificateType.TLS, intermediateCACert, intermediateCAKey, subject, publicKey).toX509Certificate() it.certPath = buildCertPath(certificate, rootCACert.toX509Certificate()) } } - storage.sign(toSign, listOf("TEST")) + storage.store(toSign, listOf("TEST")) } } } @@ -89,7 +89,7 @@ class SigningServiceIntegrationTest { val database = configureDatabase(makeTestDataSourceProperties(), null, { // Identity service not needed doorman, corda persistence is not very generic. throw UnsupportedOperationException() - }, DoormanSchemaService()) + }, SchemaService()) val doorman = startDoorman(NetworkHostAndPort(HOST, 0), database, approveAll = true) // Start Corda network registration. @@ -99,10 +99,10 @@ class SigningServiceIntegrationTest { whenever(it.certificateSigningService).thenReturn(URL("http://$HOST:${doorman.hostAndPort.port}")) } - val signingServiceStorage = DBCertificateRequestStorage(configureDatabase(makeTestDataSourceProperties(), makeNotInitialisingTestDatabaseProperties(), { + val signingServiceStorage = DBSignedCertificateRequestStorage(configureDatabase(makeTestDataSourceProperties(), makeNotInitialisingTestDatabaseProperties(), { // Identity service not needed doorman, corda persistence is not very generic. throw UnsupportedOperationException() - }, SigningServerSchemaService())) + }, SchemaService())) val hsmSigner = givenSignerSigningAllRequests(signingServiceStorage) // Poll the database for approved requests @@ -136,7 +136,7 @@ class SigningServiceIntegrationTest { val database = configureDatabase(makeTestDataSourceProperties(), null, { // Identity service not needed doorman, corda persistence is not very generic. throw UnsupportedOperationException() - }, SigningServerSchemaService()) + }, SchemaService()) val doorman = startDoorman(NetworkHostAndPort(HOST, 0), database, approveAll = true) thread(start = true, isDaemon = true) { diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/CertificationRequestStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/CertificationRequestStorage.kt similarity index 58% rename from doorman/src/main/kotlin/com/r3/corda/doorman/persistence/CertificationRequestStorage.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/CertificationRequestStorage.kt index e27bbbe7ee..500fe35062 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/CertificationRequestStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/CertificationRequestStorage.kt @@ -1,10 +1,7 @@ -package com.r3.corda.doorman.persistence +package com.r3.corda.networkmanage.common.persistence import org.bouncycastle.pkcs.PKCS10CertificationRequest -import org.hibernate.envers.Audited import java.security.cert.CertPath -import java.time.Instant -import javax.persistence.* /** * Provide certificate signing request storage for the certificate signing server. @@ -58,65 +55,6 @@ interface CertificationRequestStorage { fun putCertificatePath(requestId: String, certificates: CertPath, signedBy: List) } -@Entity -@Table(name = "certificate_signing_request", indexes = arrayOf(Index(name = "IDX_PUB_KEY_HASH", columnList = "public_key_hash"))) -class CertificateSigningRequest( - @Id - @Column(name = "request_id", length = 64) - var requestId: String = "", - - // TODO: Store X500Name with a proper schema. - @Column(name = "legal_name", length = 256) - var legalName: String = "", - - @Lob - @Column - var request: ByteArray = ByteArray(0), - - @Audited - @Column(name = "status") - @Enumerated(EnumType.STRING) - var status: RequestStatus = RequestStatus.New, - - @Audited - @Column(name = "modified_by", length = 512) - @ElementCollection(targetClass = String::class, fetch = FetchType.EAGER) - var modifiedBy: List = emptyList(), - - @Audited - @Column(name = "modified_at") - var modifiedAt: Instant? = Instant.now(), - - @Audited - @Column(name = "remark", length = 256, nullable = true) - var remark: String? = null, - - // TODO: The certificate data can have its own table. - @Embedded - var certificateData: CertificateData? = null -) - -@Embeddable -class CertificateData( - @Column(name = "public_key_hash", length = 64, nullable = true) - var publicKeyHash: String? = null, - - @Lob - @Column(nullable = true) - var certificatePath: ByteArray? = null, - - @Column(name = "certificate_status", nullable = true) - var certificateStatus: CertificateStatus? = null -) - -enum class CertificateStatus { - VALID, SUSPENDED, REVOKED -} - -enum class RequestStatus { - New, Approved, Rejected, Signed -} - sealed class CertificateResponse { object NotReady : CertificateResponse() data class Ready(val certificatePath: CertPath) : CertificateResponse() diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DBCertificateRequestStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorage.kt similarity index 98% rename from doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DBCertificateRequestStorage.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorage.kt index 63c4550423..20525d89bd 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DBCertificateRequestStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorage.kt @@ -1,7 +1,6 @@ -package com.r3.corda.doorman.persistence +package com.r3.corda.networkmanage.common.persistence -import com.r3.corda.doorman.hash -import com.r3.corda.doorman.persistence.RequestStatus.* +import com.r3.corda.networkmanage.common.persistence.RequestStatus.* import net.corda.core.crypto.SecureHash import net.corda.core.identity.CordaX500Name import net.corda.core.internal.x500Name diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/Entities.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/Entities.kt new file mode 100644 index 0000000000..b6f369ac09 --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/Entities.kt @@ -0,0 +1,87 @@ +package com.r3.corda.networkmanage.common.persistence + +import org.hibernate.envers.Audited +import java.time.Instant +import javax.persistence.* + +@Entity +@Table(name = "certificate_signing_request", indexes = arrayOf(Index(name = "IDX_PUB_KEY_HASH", columnList = "public_key_hash"))) +class CertificateSigningRequest( + @Id + @Column(name = "request_id", length = 64) + var requestId: String = "", + + // TODO: Store X500Name with a proper schema. + @Column(name = "legal_name", length = 256) + var legalName: String = "", + + @Lob + @Column + var request: ByteArray = ByteArray(0), + + @Audited + @Column(name = "status") + @Enumerated(EnumType.STRING) + var status: RequestStatus = RequestStatus.New, + + @Audited + @Column(name = "modified_by", length = 512) + @ElementCollection(targetClass = String::class, fetch = FetchType.EAGER) + var modifiedBy: List = emptyList(), + + @Audited + @Column(name = "modified_at") + var modifiedAt: Instant? = Instant.now(), + + @Audited + @Column(name = "remark", length = 256, nullable = true) + var remark: String? = null, + + // TODO: The certificate data can have its own table. + @Embedded + var certificateData: CertificateData? = null +) + +@Embeddable +class CertificateData( + @Column(name = "public_key_hash", length = 64, nullable = true) + var publicKeyHash: String? = null, + + @Lob + @Column(nullable = true) + var certificatePath: ByteArray? = null, + + @Column(name = "certificate_status", nullable = true) + var certificateStatus: CertificateStatus? = null +) + +enum class CertificateStatus { + VALID, SUSPENDED, REVOKED +} + +enum class RequestStatus { + New, Approved, Rejected, Signed +} + +@Entity +@Table(name = "node_info") +class NodeInfoEntity( + @Id + @Column(name = "node_info_hash", length = 64) + var nodeInfoHash: String = "", + + @Lob + @Column(name = "node_info") + var nodeInfo: ByteArray = ByteArray(0) +) + +@Entity +@Table(name = "public_key_node_info_link") +class PublicKeyNodeInfoLink( + @Id + @Column(name = "public_key_hash", length = 64) + var publicKeyHash: String = "", + + @Column(name = "node_info_hash", length = 64) + var nodeInfoHash: String = "" +) \ No newline at end of file diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/NodeInfoStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/NodeInfoStorage.kt similarity index 58% rename from doorman/src/main/kotlin/com/r3/corda/doorman/persistence/NodeInfoStorage.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/NodeInfoStorage.kt index bbdc7b0687..0272dc989e 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/NodeInfoStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/NodeInfoStorage.kt @@ -1,8 +1,7 @@ -package com.r3.corda.doorman.persistence +package com.r3.corda.networkmanage.common.persistence import net.corda.core.node.NodeInfo import java.security.cert.CertPath -import javax.persistence.* interface NodeInfoStorage { /** @@ -27,27 +26,4 @@ interface NodeInfoStorage { * The [nodeInfo] is keyed by the public key, old node info with the same public key will be replaced by the new node info. */ fun putNodeInfo(nodeInfo: NodeInfo) -} - -@Entity -@Table(name = "node_info") -class NodeInfoEntity( - @Id - @Column(name = "node_info_hash", length = 64) - var nodeInfoHash: String = "", - - @Lob - @Column(name = "node_info") - var nodeInfo: ByteArray = ByteArray(0) -) - -@Entity -@Table(name = "public_key_node_info_link") -class PublicKeyNodeInfoLink( - @Id - @Column(name = "public_key_hash", length = 64) - var publicKeyHash: String = "", - - @Column(name = "node_info_hash", length = 64) - var nodeInfoHash: String = "" -) \ No newline at end of file +} \ No newline at end of file diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/PersistenceNodeInfoStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorage.kt similarity index 96% rename from doorman/src/main/kotlin/com/r3/corda/doorman/persistence/PersistenceNodeInfoStorage.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorage.kt index 2365f501bd..85d2c284bd 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/PersistenceNodeInfoStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorage.kt @@ -1,7 +1,6 @@ -package com.r3.corda.doorman.persistence +package com.r3.corda.networkmanage.common.persistence -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.hash +import com.r3.corda.networkmanage.common.utils.buildCertPath import net.corda.core.crypto.sha256 import net.corda.core.node.NodeInfo import net.corda.core.serialization.deserialize diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceUtils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceUtils.kt new file mode 100644 index 0000000000..ef58a89c81 --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceUtils.kt @@ -0,0 +1,7 @@ +package com.r3.corda.networkmanage.common.persistence + +import net.corda.core.crypto.sha256 +import java.security.PublicKey + +// TODO: replace this with Crypto.hash when its available. +fun PublicKey.hash() = encoded.sha256().toString() diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DoormanSchemaService.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/SchemaService.kt similarity index 77% rename from doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DoormanSchemaService.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/SchemaService.kt index ee3f9a561f..958520bd11 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/persistence/DoormanSchemaService.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/persistence/SchemaService.kt @@ -1,15 +1,15 @@ -package com.r3.corda.doorman.persistence +package com.r3.corda.networkmanage.common.persistence import net.corda.core.contracts.ContractState import net.corda.core.schemas.MappedSchema import net.corda.core.schemas.PersistentState import net.corda.node.services.api.SchemaService -class DoormanSchemaService : SchemaService { +class SchemaService : SchemaService { // Entities for compulsory services - object DoormanServices + object SchemaServices - object DoormanServicesV1 : MappedSchema(schemaFamily = DoormanServices.javaClass, version = 1, + object DoormanServicesV1 : MappedSchema(schemaFamily = SchemaServices.javaClass, version = 1, mappedTypes = listOf(CertificateSigningRequest::class.java, NodeInfoEntity::class.java, PublicKeyNodeInfoLink::class.java)) override var schemaOptions: Map = mapOf(Pair(DoormanServicesV1, SchemaService.SchemaOptions())) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt new file mode 100644 index 0000000000..73defb601c --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/common/utils/Utils.kt @@ -0,0 +1,44 @@ +package com.r3.corda.networkmanage.common.utils + +import com.typesafe.config.Config +import com.typesafe.config.ConfigFactory +import joptsimple.ArgumentAcceptingOptionSpec +import joptsimple.OptionParser +import org.bouncycastle.cert.X509CertificateHolder +import java.io.ByteArrayInputStream +import java.security.cert.CertPath +import java.security.cert.Certificate +import java.security.cert.CertificateFactory +import java.security.cert.X509Certificate + +fun Array.toConfigWithOptions(registerOptions: OptionParser.() -> Unit): Config { + val parser = OptionParser() + val helpOption = parser.acceptsAll(listOf("h", "?", "help"), "show help").forHelp(); + registerOptions(parser) + val optionSet = parser.parse(*this) + // Print help and exit on help option. + if (optionSet.has(helpOption)) { + throw ShowHelpException(parser) + } + // Convert all command line options to Config. + return ConfigFactory.parseMap(parser.recognizedOptions().mapValues { + val optionSpec = it.value + if (optionSpec is ArgumentAcceptingOptionSpec<*> && !optionSpec.requiresArgument() && optionSet.has(optionSpec)) true else optionSpec.value(optionSet) + }.filterValues { it != null }) +} + +class ShowHelpException(val parser: OptionParser) : Exception() + +object CertificateUtilities { + fun toX509Certificate(byteArray: ByteArray): X509Certificate { + return CertificateFactory.getInstance("X509").generateCertificate(ByteArrayInputStream(byteArray)) as X509Certificate + } +} + +fun X509CertificateHolder.toX509Certificate(): Certificate = CertificateUtilities.toX509Certificate(encoded) + +fun buildCertPath(vararg certificates: Certificate): CertPath { + return CertificateFactory.getInstance("X509").generateCertPath(certificates.asList()) +} + +fun buildCertPath(certPathBytes: ByteArray): CertPath = CertificateFactory.getInstance("X509").generateCertPath(certPathBytes.inputStream()) \ No newline at end of file diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/DoormanParameters.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt similarity index 96% rename from doorman/src/main/kotlin/com/r3/corda/doorman/DoormanParameters.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt index 073f23f778..212294e8f0 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/DoormanParameters.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/DoormanParameters.kt @@ -1,6 +1,6 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman -import com.r3.corda.doorman.OptionParserHelper.toConfigWithOptions +import com.r3.corda.networkmanage.common.utils.toConfigWithOptions import com.typesafe.config.ConfigFactory import com.typesafe.config.ConfigParseOptions import net.corda.core.internal.div diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/JiraCient.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/JiraCient.kt similarity index 98% rename from doorman/src/main/kotlin/com/r3/corda/doorman/JiraCient.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/JiraCient.kt index def85565bb..35f339fb96 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/JiraCient.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/JiraCient.kt @@ -1,4 +1,4 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.atlassian.jira.rest.client.api.JiraRestClient import com.atlassian.jira.rest.client.api.domain.Field diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/Main.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt similarity index 92% rename from doorman/src/main/kotlin/com/r3/corda/doorman/Main.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt index 9fdfe9f76b..6620da26ed 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/Main.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/Main.kt @@ -1,17 +1,18 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.atlassian.jira.rest.client.internal.async.AsynchronousJiraRestClientFactory -import com.r3.corda.doorman.DoormanServer.Companion.logger -import com.r3.corda.doorman.persistence.CertificationRequestStorage -import com.r3.corda.doorman.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE -import com.r3.corda.doorman.persistence.DBCertificateRequestStorage -import com.r3.corda.doorman.persistence.DoormanSchemaService -import com.r3.corda.doorman.persistence.PersistenceNodeInfoStorage -import com.r3.corda.doorman.signer.DefaultCsrHandler -import com.r3.corda.doorman.signer.JiraCsrHandler -import com.r3.corda.doorman.signer.Signer -import com.r3.corda.doorman.webservice.NodeInfoWebService -import com.r3.corda.doorman.webservice.RegistrationWebService +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE +import com.r3.corda.networkmanage.common.persistence.DBCertificateRequestStorage +import com.r3.corda.networkmanage.common.persistence.PersistenceNodeInfoStorage +import com.r3.corda.networkmanage.common.persistence.SchemaService +import com.r3.corda.networkmanage.common.utils.ShowHelpException +import com.r3.corda.networkmanage.doorman.DoormanServer.Companion.logger +import com.r3.corda.networkmanage.doorman.signer.DefaultCsrHandler +import com.r3.corda.networkmanage.doorman.signer.JiraCsrHandler +import com.r3.corda.networkmanage.doorman.signer.Signer +import com.r3.corda.networkmanage.doorman.webservice.NodeInfoWebService +import com.r3.corda.networkmanage.doorman.webservice.RegistrationWebService import net.corda.core.crypto.Crypto import net.corda.core.identity.CordaX500Name import net.corda.core.internal.createDirectories @@ -238,7 +239,7 @@ fun main(args: Array) { keystorePassword, caPrivateKeyPassword) DoormanParameters.Mode.DOORMAN -> { - val database = configureDatabase(dataSourceProperties, databaseProperties, { throw UnsupportedOperationException() }, DoormanSchemaService()) + val database = configureDatabase(dataSourceProperties, databaseProperties, { throw UnsupportedOperationException() }, SchemaService()) val signer = buildLocalSigner(this) startDoorman(NetworkHostAndPort(host, port), database, approveAll, signer, jiraConfig) } diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/signer/CsrHandler.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/CsrHandler.kt similarity index 84% rename from doorman/src/main/kotlin/com/r3/corda/doorman/signer/CsrHandler.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/CsrHandler.kt index bd2a9bce05..4c899d7752 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/signer/CsrHandler.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/CsrHandler.kt @@ -1,11 +1,11 @@ -package com.r3.corda.doorman.signer +package com.r3.corda.networkmanage.doorman.signer -import com.r3.corda.doorman.JiraClient -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.persistence.CertificateResponse -import com.r3.corda.doorman.persistence.CertificationRequestStorage -import com.r3.corda.doorman.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE -import com.r3.corda.doorman.persistence.RequestStatus +import com.r3.corda.networkmanage.common.persistence.CertificateResponse +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE +import com.r3.corda.networkmanage.common.persistence.RequestStatus +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.doorman.JiraClient import org.bouncycastle.pkcs.PKCS10CertificationRequest interface CsrHandler { diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/signer/Signer.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/Signer.kt similarity index 92% rename from doorman/src/main/kotlin/com/r3/corda/doorman/signer/Signer.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/Signer.kt index a43abbbeea..8206f017bd 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/signer/Signer.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/signer/Signer.kt @@ -1,7 +1,7 @@ -package com.r3.corda.doorman.signer +package com.r3.corda.networkmanage.doorman.signer -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.toX509Certificate +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate import net.corda.core.identity.CordaX500Name import net.corda.core.internal.toX509CertHolder import net.corda.core.internal.x500Name diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/webservice/NodeInfoWebService.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NodeInfoWebService.kt similarity index 93% rename from doorman/src/main/kotlin/com/r3/corda/doorman/webservice/NodeInfoWebService.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NodeInfoWebService.kt index 1521956c2b..0c843456bc 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/webservice/NodeInfoWebService.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/NodeInfoWebService.kt @@ -1,7 +1,7 @@ -package com.r3.corda.doorman.webservice +package com.r3.corda.networkmanage.doorman.webservice -import com.r3.corda.doorman.persistence.NodeInfoStorage -import com.r3.corda.doorman.webservice.NodeInfoWebService.Companion.networkMapPath +import com.r3.corda.networkmanage.common.persistence.NodeInfoStorage +import com.r3.corda.networkmanage.doorman.webservice.NodeInfoWebService.Companion.networkMapPath import net.corda.core.crypto.Crypto import net.corda.core.crypto.SignedData import net.corda.core.node.NodeInfo @@ -25,6 +25,7 @@ class NodeInfoWebService(private val nodeInfoStorage: NodeInfoStorage) { companion object { const val networkMapPath = "network-map" } + @POST @Path("register") @Consumes(MediaType.APPLICATION_OCTET_STREAM) diff --git a/doorman/src/main/kotlin/com/r3/corda/doorman/webservice/RegistrationWebService.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/RegistrationWebService.kt similarity index 93% rename from doorman/src/main/kotlin/com/r3/corda/doorman/webservice/RegistrationWebService.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/RegistrationWebService.kt index 26e2a9ba0f..4cf69d6def 100644 --- a/doorman/src/main/kotlin/com/r3/corda/doorman/webservice/RegistrationWebService.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/doorman/webservice/RegistrationWebService.kt @@ -1,8 +1,8 @@ -package com.r3.corda.doorman.webservice +package com.r3.corda.networkmanage.doorman.webservice -import com.r3.corda.doorman.DoormanServerStatus -import com.r3.corda.doorman.persistence.CertificateResponse -import com.r3.corda.doorman.signer.CsrHandler +import com.r3.corda.networkmanage.common.persistence.CertificateResponse +import com.r3.corda.networkmanage.doorman.DoormanServerStatus +import com.r3.corda.networkmanage.doorman.signer.CsrHandler import net.corda.node.utilities.X509Utilities.CORDA_CLIENT_CA import net.corda.node.utilities.X509Utilities.CORDA_INTERMEDIATE_CA import net.corda.node.utilities.X509Utilities.CORDA_ROOT_CA diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/Main.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt similarity index 79% rename from signing-server/src/main/kotlin/com/r3/corda/signing/Main.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt index d5245bd954..5fb753ea3d 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/Main.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/Main.kt @@ -1,16 +1,16 @@ -package com.r3.corda.signing +package com.r3.corda.networkmanage.hsm -import com.r3.corda.signing.authentication.Authenticator -import com.r3.corda.signing.authentication.createProvider -import com.r3.corda.signing.configuration.Parameters -import com.r3.corda.signing.configuration.parseParameters -import com.r3.corda.signing.generator.KeyCertificateGenerator -import com.r3.corda.signing.hsm.HsmSigner -import com.r3.corda.signing.menu.Menu -import com.r3.corda.signing.persistence.ApprovedCertificateRequestData -import com.r3.corda.signing.persistence.DBCertificateRequestStorage -import com.r3.corda.signing.persistence.SigningServerSchemaService -import com.r3.corda.signing.utils.mapCryptoServerException +import com.r3.corda.networkmanage.common.persistence.SchemaService +import com.r3.corda.networkmanage.hsm.authentication.Authenticator +import com.r3.corda.networkmanage.hsm.authentication.createProvider +import com.r3.corda.networkmanage.hsm.configuration.Parameters +import com.r3.corda.networkmanage.hsm.configuration.parseParameters +import com.r3.corda.networkmanage.hsm.generator.KeyCertificateGenerator +import com.r3.corda.networkmanage.hsm.menu.Menu +import com.r3.corda.networkmanage.hsm.persistence.CertificateRequestData +import com.r3.corda.networkmanage.hsm.persistence.DBSignedCertificateRequestStorage +import com.r3.corda.networkmanage.hsm.signer.HsmSigner +import com.r3.corda.networkmanage.hsm.utils.mapCryptoServerException import net.corda.node.utilities.configureDatabase fun main(args: Array) { @@ -24,11 +24,11 @@ fun run(parameters: Parameters) { val database = configureDatabase(dataSourceProperties, databaseProperties, { // Identity service not needed throw UnsupportedOperationException() - }, SigningServerSchemaService()) + }, SchemaService()) - val storage = DBCertificateRequestStorage(database) + val storage = DBSignedCertificateRequestStorage(database) val provider = createProvider() - val sign: (List) -> Unit = { + val sign: (List) -> Unit = { val signer = HsmSigner( storage, certificateName, @@ -85,7 +85,7 @@ private fun processError(exception: Exception) { println("An error occured: ${processed.message}") } -private fun confirmedSign(selectedItems: List): Boolean { +private fun confirmedSign(selectedItems: List): Boolean { println("Are you sure you want to sign the following requests:") selectedItems.forEachIndexed { index, data -> println("${index + 1} ${data.request.subject}") @@ -102,7 +102,7 @@ private fun confirmedKeyGen(): Boolean { return result } -private fun getSelection(toSelect: List): List { +private fun getSelection(toSelect: List): List { print("CSRs to be signed (comma separated list): ") val line = readLine() if (line == null) { diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/authentication/AuthMode.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthMode.kt similarity index 64% rename from signing-server/src/main/kotlin/com/r3/corda/signing/authentication/AuthMode.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthMode.kt index 64504d80c9..5781f0d762 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/authentication/AuthMode.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthMode.kt @@ -1,4 +1,4 @@ -package com.r3.corda.signing.authentication +package com.r3.corda.networkmanage.hsm.authentication /* * Supported authentication modes diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/authentication/Authenticator.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/Authenticator.kt similarity index 97% rename from signing-server/src/main/kotlin/com/r3/corda/signing/authentication/Authenticator.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/Authenticator.kt index 1c9e36bc8b..6008e01847 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/authentication/Authenticator.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/authentication/Authenticator.kt @@ -1,7 +1,7 @@ -package com.r3.corda.signing.authentication +package com.r3.corda.networkmanage.hsm.authentication import CryptoServerJCE.CryptoServerProvider -import com.r3.corda.signing.configuration.Parameters +import com.r3.corda.networkmanage.hsm.configuration.Parameters import java.io.ByteArrayInputStream import java.io.ByteArrayOutputStream import java.io.Console diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/configuration/Configuration.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt similarity index 84% rename from signing-server/src/main/kotlin/com/r3/corda/signing/configuration/Configuration.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt index 834589d49d..e1f4ac78fd 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/configuration/Configuration.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/configuration/Configuration.kt @@ -1,36 +1,16 @@ -package com.r3.corda.signing.configuration +package com.r3.corda.networkmanage.hsm.configuration -import com.typesafe.config.Config +import com.r3.corda.networkmanage.common.utils.toConfigWithOptions +import com.r3.corda.networkmanage.hsm.authentication.AuthMode import com.typesafe.config.ConfigFactory import com.typesafe.config.ConfigParseOptions -import joptsimple.ArgumentAcceptingOptionSpec -import joptsimple.OptionParser import net.corda.core.internal.div import net.corda.node.utilities.X509Utilities import net.corda.nodeapi.config.parseAs -import com.r3.corda.signing.authentication.AuthMode import java.nio.file.Path import java.nio.file.Paths import java.util.* -class ShowHelpException(val parser: OptionParser) : Exception() - -fun Array.toConfigWithOptions(registerOptions: OptionParser.() -> Unit): Config { - val parser = OptionParser() - val helpOption = parser.acceptsAll(listOf("h", "?", "help"), "show help").forHelp(); - registerOptions(parser) - val optionSet = parser.parse(*this) - // Print help and exit on help option. - if (optionSet.has(helpOption)) { - throw ShowHelpException(parser) - } - // Convert all command line options to Config. - return ConfigFactory.parseMap(parser.recognizedOptions().mapValues { - val optionSpec = it.value - if (optionSpec is ArgumentAcceptingOptionSpec<*> && !optionSpec.requiresArgument() && optionSet.has(optionSpec)) true else optionSpec.value(optionSet) - }.filterValues { it != null }) -} - /** * Configuration parameters. */ diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/generator/KeyCertificateGenerator.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/generator/KeyCertificateGenerator.kt similarity index 90% rename from signing-server/src/main/kotlin/com/r3/corda/signing/generator/KeyCertificateGenerator.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/generator/KeyCertificateGenerator.kt index 623bfb88cb..b5566890c5 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/generator/KeyCertificateGenerator.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/generator/KeyCertificateGenerator.kt @@ -1,14 +1,14 @@ -package com.r3.corda.signing.generator +package com.r3.corda.networkmanage.hsm.generator import CryptoServerCXI.CryptoServerCXI import CryptoServerJCE.CryptoServerProvider +import com.r3.corda.networkmanage.hsm.authentication.Authenticator +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.createIntermediateCert +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.createSelfSignedCACert +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.getAndInitializeKeyStore +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.getCleanEcdsaKeyPair +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.retrieveCertificateAndKeys import net.corda.node.utilities.addOrReplaceKey -import com.r3.corda.signing.authentication.Authenticator -import com.r3.corda.signing.utils.X509Utilities.createIntermediateCert -import com.r3.corda.signing.utils.X509Utilities.createSelfSignedCACert -import com.r3.corda.signing.utils.X509Utilities.getAndInitializeKeyStore -import com.r3.corda.signing.utils.X509Utilities.getCleanEcdsaKeyPair -import com.r3.corda.signing.utils.X509Utilities.retrieveCertificateAndKeys import java.security.KeyPair import java.security.KeyStore import java.security.PrivateKey diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/menu/Menu.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/menu/Menu.kt similarity index 98% rename from signing-server/src/main/kotlin/com/r3/corda/signing/menu/Menu.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/menu/Menu.kt index 0c716cae44..6c85be6b27 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/menu/Menu.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/menu/Menu.kt @@ -1,4 +1,4 @@ -package com.r3.corda.signing.menu +package com.r3.corda.networkmanage.hsm.menu data class MenuItem(val key: String, val label: String, val action: () -> Unit, val isTerminating: Boolean = false) diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/DBSignedCertificateRequestStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/DBSignedCertificateRequestStorage.kt new file mode 100644 index 0000000000..6fde36cb5b --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/DBSignedCertificateRequestStorage.kt @@ -0,0 +1,27 @@ +package com.r3.corda.networkmanage.hsm.persistence + +import com.r3.corda.networkmanage.common.persistence.CertificateSigningRequest +import com.r3.corda.networkmanage.common.persistence.DBCertificateRequestStorage +import com.r3.corda.networkmanage.common.persistence.RequestStatus +import net.corda.node.utilities.CordaPersistence +import org.bouncycastle.pkcs.PKCS10CertificationRequest +import java.security.cert.CertPath + +data class CertificateRequestData(val requestId: String, val request: PKCS10CertificationRequest, var certPath: CertPath? = null) + +class DBSignedCertificateRequestStorage(database: CordaPersistence) : SignedCertificateRequestStorage { + + private val storage = DBCertificateRequestStorage(database) + + override fun store(requests: List, signers: List) { + for ((requestId, _, certPath) in requests) { + storage.putCertificatePath(requestId, certPath!!, signers) + } + } + + override fun getApprovedRequests(): List { + return storage.getRequests(RequestStatus.Approved).map { it.toRequestData() } + } + + private fun CertificateSigningRequest.toRequestData() = CertificateRequestData(requestId, PKCS10CertificationRequest(request)) +} \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/CertificateRequestStorage.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/SignedCertificateRequestStorage.kt similarity index 50% rename from signing-server/src/main/kotlin/com/r3/corda/signing/persistence/CertificateRequestStorage.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/SignedCertificateRequestStorage.kt index 29669dedb4..9b329712c7 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/CertificateRequestStorage.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/persistence/SignedCertificateRequestStorage.kt @@ -1,19 +1,20 @@ -package com.r3.corda.signing.persistence +package com.r3.corda.networkmanage.hsm.persistence /** - * Provides an API for database level manipulations of CSRs (Certificate Signing Requests). + * Provides an API for storing signed CSRs (Certificate Signing Requests). */ -interface CertificateRequestStorage { +interface SignedCertificateRequestStorage { + /** * Returns all certificate signing requests that have been approved for signing. */ - fun getApprovedRequests(): List + fun getApprovedRequests(): List /** * Marks the database CSR entries as signed. Also it persists the certificate and the signature in the database. * - * @param requests Requests that are to be marked as signed. + * @param requests Signed requests that are to be stored. * @param signers List of user names that signed those requests. To be specific, each request has been signed by all of those users. */ - fun sign(requests: List, signers: List) + fun store(requests: List, signers: List) } \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/hsm/HsmSigner.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/HsmSigner.kt similarity index 70% rename from signing-server/src/main/kotlin/com/r3/corda/signing/hsm/HsmSigner.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/HsmSigner.kt index 908875dd50..a48a4cd450 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/hsm/HsmSigner.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/HsmSigner.kt @@ -1,18 +1,18 @@ -package com.r3.corda.signing.hsm +package com.r3.corda.networkmanage.hsm.signer -import com.r3.corda.signing.authentication.Authenticator -import com.r3.corda.signing.authentication.readPassword -import com.r3.corda.signing.persistence.ApprovedCertificateRequestData -import com.r3.corda.signing.persistence.DBCertificateRequestStorage -import com.r3.corda.signing.utils.X509Utilities.buildCertPath -import com.r3.corda.signing.utils.X509Utilities.createClientCertificate -import com.r3.corda.signing.utils.X509Utilities.getAndInitializeKeyStore -import com.r3.corda.signing.utils.X509Utilities.retrieveCertificateAndKeys +import com.r3.corda.networkmanage.hsm.authentication.Authenticator +import com.r3.corda.networkmanage.hsm.authentication.readPassword +import com.r3.corda.networkmanage.hsm.persistence.CertificateRequestData +import com.r3.corda.networkmanage.hsm.persistence.SignedCertificateRequestStorage +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.buildCertPath +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.createClientCertificate +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.getAndInitializeKeyStore +import com.r3.corda.networkmanage.hsm.utils.X509Utilities.retrieveCertificateAndKeys /** * Encapsulates certificate signing logic */ -class HsmSigner(private val storage: DBCertificateRequestStorage, +class HsmSigner(private val storage: SignedCertificateRequestStorage, private val caCertificateName: String, private val caPrivateKeyPass: String?, private val caParentCertificateName: String, @@ -29,7 +29,7 @@ class HsmSigner(private val storage: DBCertificateRequestStorage, * and sets the certificate field with an appropriate value. * @param toSign list of approved certificates to be signed */ - override fun sign(toSign: List) { + override fun sign(toSign: List) { authenticator.connectAndAuthenticate { provider, signers -> val keyStore = getAndInitializeKeyStore(provider, keyStorePassword) // This should be changed once we allow for more certificates in the chain. Preferably we should use @@ -40,10 +40,10 @@ class HsmSigner(private val storage: DBCertificateRequestStorage, toSign.forEach { it.certPath = buildCertPath(createClientCertificate(caCertAndKey, it.request, validDays, provider), caParentCertificate) } - storage.sign(toSign, signers) + storage.store(toSign, signers) println("The following certificates have been signed by $signers:") toSign.forEachIndexed { index, data -> - println("${index+1} ${data.request.subject}") + println("${index + 1} ${data.request.subject}") } } } diff --git a/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/Signer.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/Signer.kt new file mode 100644 index 0000000000..4e9a824c6e --- /dev/null +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/signer/Signer.kt @@ -0,0 +1,15 @@ +package com.r3.corda.networkmanage.hsm.signer + +import com.r3.corda.networkmanage.hsm.persistence.CertificateRequestData + +/** + * Encapsulates the logic related to the certificate signing process. + */ +interface Signer { + + /** + * Signs the provided list of [CertificateRequestData] + */ + fun sign(toSign: List) + +} \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/utils/HsmErrors.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/HsmErrors.kt similarity index 95% rename from signing-server/src/main/kotlin/com/r3/corda/signing/utils/HsmErrors.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/HsmErrors.kt index 9427ea59c6..edcef86a25 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/utils/HsmErrors.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/HsmErrors.kt @@ -1,7 +1,7 @@ -package com.r3.corda.signing.utils +package com.r3.corda.networkmanage.hsm.utils import CryptoServerAPI.CryptoServerException -import java.util.HashMap +import java.util.* /** * CryptoServer error translator object. diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/utils/X509Utils.kt b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt similarity index 99% rename from signing-server/src/main/kotlin/com/r3/corda/signing/utils/X509Utils.kt rename to network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt index 13a6574514..5e8ca48f80 100644 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/utils/X509Utils.kt +++ b/network-management/src/main/kotlin/com/r3/corda/networkmanage/hsm/utils/X509Utils.kt @@ -1,4 +1,4 @@ -package com.r3.corda.signing.utils +package com.r3.corda.networkmanage.hsm.utils import CryptoServerJCE.CryptoServerProvider import net.corda.core.identity.CordaX500Name @@ -74,7 +74,7 @@ object X509Utilities { purposes.add(KeyPurposeId.id_kp_serverAuth) purposes.add(KeyPurposeId.id_kp_clientAuth) purposes.add(KeyPurposeId.anyExtendedKeyUsage) - builder.addExtension(Extension.extendedKeyUsage, false, DERSequence(purposes)) + builder.addExtension(Extension.extendedKeyUsage, false, DERSequence(purposes).toASN1Primitive()) val cert = signCertificate(builder, keyPair.private, provider) diff --git a/doorman/src/main/resources/reference.conf b/network-management/src/main/resources/doorman.conf similarity index 100% rename from doorman/src/main/resources/reference.conf rename to network-management/src/main/resources/doorman.conf diff --git a/signing-server/src/main/resources/reference.conf b/network-management/src/main/resources/hsm.conf similarity index 100% rename from signing-server/src/main/resources/reference.conf rename to network-management/src/main/resources/hsm.conf diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/DBCertificateRequestStorageTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorageTest.kt similarity index 95% rename from doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/DBCertificateRequestStorageTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorageTest.kt index ba8f23bd74..ce35c34bf4 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/DBCertificateRequestStorageTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/DBCertificateRequestStorageTest.kt @@ -1,11 +1,8 @@ -package com.r3.corda.doorman.internal.persistence +package com.r3.corda.networkmanage.common.persistence -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.persistence.CertificateSigningRequest -import com.r3.corda.doorman.persistence.DBCertificateRequestStorage -import com.r3.corda.doorman.persistence.DoormanSchemaService -import com.r3.corda.doorman.persistence.RequestStatus -import com.r3.corda.doorman.toX509Certificate +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate import net.corda.core.crypto.Crypto import net.corda.core.crypto.SecureHash import net.corda.core.identity.CordaX500Name @@ -24,7 +21,6 @@ import org.junit.Test import java.security.KeyPair import java.util.* import kotlin.test.* -import com.r3.corda.doorman.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE class DBCertificateRequestStorageTest { private lateinit var storage: DBCertificateRequestStorage @@ -32,7 +28,7 @@ class DBCertificateRequestStorageTest { @Before fun startDb() { - persistence = configureDatabase(makeTestDataSourceProperties(), makeTestDatabaseProperties(), { throw UnsupportedOperationException() }, DoormanSchemaService()) + persistence = configureDatabase(makeTestDataSourceProperties(), makeTestDatabaseProperties(), { throw UnsupportedOperationException() }, SchemaService()) storage = DBCertificateRequestStorage(persistence) } diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/PersistenceNodeInfoStorageTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorageTest.kt similarity index 95% rename from doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/PersistenceNodeInfoStorageTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorageTest.kt index 87ebe5e189..85ab83d0ac 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/internal/persistence/PersistenceNodeInfoStorageTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/common/persistence/PersistenceNodeInfoStorageTest.kt @@ -1,10 +1,8 @@ -package com.r3.corda.doorman.internal.persistence +package com.r3.corda.networkmanage.common.persistence -import com.r3.corda.doorman.buildCertPath -import com.r3.corda.doorman.hash -import com.r3.corda.doorman.persistence.* -import com.r3.corda.doorman.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE -import com.r3.corda.doorman.toX509Certificate +import com.r3.corda.networkmanage.common.persistence.CertificationRequestStorage.Companion.DOORMAN_SIGNATURE +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate import net.corda.core.crypto.Crypto import net.corda.core.crypto.sha256 import net.corda.core.identity.CordaX500Name @@ -59,7 +57,7 @@ class PersistenceNodeInfoStorageTest { @Before fun startDb() { - persistence = configureDatabase(makeTestDataSourceProperties(), makeTestDatabaseProperties(), { throw UnsupportedOperationException() }, DoormanSchemaService()) + persistence = configureDatabase(makeTestDataSourceProperties(), makeTestDatabaseProperties(), { throw UnsupportedOperationException() }, SchemaService()) nodeInfoStorage = PersistenceNodeInfoStorage(persistence) requestStorage = DBCertificateRequestStorage(persistence) } diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/DefaultRequestProcessorTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DefaultRequestProcessorTest.kt similarity index 90% rename from doorman/src/test/kotlin/com/r3/corda/doorman/DefaultRequestProcessorTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DefaultRequestProcessorTest.kt index 124a4b9c3c..4a2c8d7fb0 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/DefaultRequestProcessorTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DefaultRequestProcessorTest.kt @@ -1,12 +1,14 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.times import com.nhaarman.mockito_kotlin.verify -import com.r3.corda.doorman.persistence.* -import com.r3.corda.doorman.signer.DefaultCsrHandler -import com.r3.corda.doorman.signer.Signer +import com.r3.corda.networkmanage.common.persistence.* +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate +import com.r3.corda.networkmanage.doorman.signer.DefaultCsrHandler +import com.r3.corda.networkmanage.doorman.signer.Signer import net.corda.core.crypto.Crypto import net.corda.core.identity.CordaX500Name import net.corda.node.utilities.X509Utilities diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/DoormanParametersTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt similarity index 92% rename from doorman/src/test/kotlin/com/r3/corda/doorman/DoormanParametersTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt index f1f7288fc8..1166dcaeb3 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/DoormanParametersTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/DoormanParametersTest.kt @@ -1,4 +1,4 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.typesafe.config.ConfigException import org.junit.Test @@ -9,8 +9,8 @@ import kotlin.test.assertFailsWith class DoormanParametersTest { private val testDummyPath = ".${File.separator}testDummyPath.jks" - private val validConfigPath = File(javaClass.getResource("/node.conf").toURI()).absolutePath - private val invalidConfigPath = File(javaClass.getResource("/node_fail.conf").toURI()).absolutePath + private val validConfigPath = File(javaClass.getResource("/doorman.conf").toURI()).absolutePath + private val invalidConfigPath = File(javaClass.getResource("/doorman_fail.conf").toURI()).absolutePath @Test fun `parse mode flag arg correctly`() { diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/NodeInfoWebServiceTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt similarity index 96% rename from doorman/src/test/kotlin/com/r3/corda/doorman/NodeInfoWebServiceTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt index 4ab51a6e0a..0789f0f475 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/NodeInfoWebServiceTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/NodeInfoWebServiceTest.kt @@ -1,11 +1,13 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.nhaarman.mockito_kotlin.any import com.nhaarman.mockito_kotlin.mock import com.nhaarman.mockito_kotlin.times import com.nhaarman.mockito_kotlin.verify -import com.r3.corda.doorman.persistence.NodeInfoStorage -import com.r3.corda.doorman.webservice.NodeInfoWebService +import com.r3.corda.networkmanage.common.persistence.NodeInfoStorage +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate +import com.r3.corda.networkmanage.doorman.webservice.NodeInfoWebService import net.corda.core.crypto.* import net.corda.core.identity.CordaX500Name import net.corda.core.identity.PartyAndCertificate diff --git a/doorman/src/test/kotlin/com/r3/corda/doorman/RegistrationWebServiceTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/RegistrationWebServiceTest.kt similarity index 96% rename from doorman/src/test/kotlin/com/r3/corda/doorman/RegistrationWebServiceTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/RegistrationWebServiceTest.kt index 76860b2ad3..221e793772 100644 --- a/doorman/src/test/kotlin/com/r3/corda/doorman/RegistrationWebServiceTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/doorman/RegistrationWebServiceTest.kt @@ -1,9 +1,11 @@ -package com.r3.corda.doorman +package com.r3.corda.networkmanage.doorman import com.nhaarman.mockito_kotlin.* -import com.r3.corda.doorman.persistence.CertificateResponse -import com.r3.corda.doorman.signer.CsrHandler -import com.r3.corda.doorman.webservice.RegistrationWebService +import com.r3.corda.networkmanage.common.persistence.CertificateResponse +import com.r3.corda.networkmanage.common.utils.buildCertPath +import com.r3.corda.networkmanage.common.utils.toX509Certificate +import com.r3.corda.networkmanage.doorman.signer.CsrHandler +import com.r3.corda.networkmanage.doorman.webservice.RegistrationWebService import net.corda.core.crypto.Crypto import net.corda.core.crypto.SecureHash import net.corda.core.identity.CordaX500Name diff --git a/signing-server/src/test/kotlin/com/r3/corda/signing/authentication/AuthenticatorTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthenticatorTest.kt similarity index 98% rename from signing-server/src/test/kotlin/com/r3/corda/signing/authentication/AuthenticatorTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthenticatorTest.kt index 19a85299f1..78f1983981 100644 --- a/signing-server/src/test/kotlin/com/r3/corda/signing/authentication/AuthenticatorTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/authentication/AuthenticatorTest.kt @@ -1,4 +1,4 @@ -package com.r3.corda.signing.authentication +package com.r3.corda.networkmanage.hsm.authentication import CryptoServerCXI.CryptoServerCXI import CryptoServerJCE.CryptoServerProvider diff --git a/signing-server/src/test/kotlin/com/r3/corda/signing/configuration/ConfigurationTest.kt b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt similarity index 84% rename from signing-server/src/test/kotlin/com/r3/corda/signing/configuration/ConfigurationTest.kt rename to network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt index 7883e13ba7..9c9d4aaa4b 100644 --- a/signing-server/src/test/kotlin/com/r3/corda/signing/configuration/ConfigurationTest.kt +++ b/network-management/src/test/kotlin/com/r3/corda/networkmanage/hsm/configuration/ConfigurationTest.kt @@ -1,15 +1,15 @@ -package com.r3.corda.signing.configuration +package com.r3.corda.networkmanage.hsm.configuration +import com.r3.corda.networkmanage.hsm.authentication.AuthMode import com.typesafe.config.ConfigException -import com.r3.corda.signing.authentication.AuthMode import org.junit.Test import java.io.File import kotlin.test.assertEquals import kotlin.test.assertFailsWith class ConfigurationTest { - private val validConfigPath = File(javaClass.getResource("/signing_service.conf").toURI()).absolutePath - private val invalidConfigPath = File(javaClass.getResource("/signing_service_fail.conf").toURI()).absolutePath + private val validConfigPath = File(javaClass.getResource("/hsm.conf").toURI()).absolutePath + private val invalidConfigPath = File(javaClass.getResource("/hsm_fail.conf").toURI()).absolutePath @Test fun `authMode is parsed correctly`() { diff --git a/doorman/src/test/resources/node.conf b/network-management/src/test/resources/doorman.conf similarity index 100% rename from doorman/src/test/resources/node.conf rename to network-management/src/test/resources/doorman.conf diff --git a/doorman/src/test/resources/node_fail.conf b/network-management/src/test/resources/doorman_fail.conf similarity index 100% rename from doorman/src/test/resources/node_fail.conf rename to network-management/src/test/resources/doorman_fail.conf diff --git a/signing-server/src/test/resources/signing_service.conf b/network-management/src/test/resources/hsm.conf similarity index 100% rename from signing-server/src/test/resources/signing_service.conf rename to network-management/src/test/resources/hsm.conf diff --git a/signing-server/src/test/resources/signing_service_fail.conf b/network-management/src/test/resources/hsm_fail.conf similarity index 100% rename from signing-server/src/test/resources/signing_service_fail.conf rename to network-management/src/test/resources/hsm_fail.conf diff --git a/doorman/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker b/network-management/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker similarity index 100% rename from doorman/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker rename to network-management/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker diff --git a/settings.gradle b/settings.gradle index 910a4ee92f..c4bc173067 100644 --- a/settings.gradle +++ b/settings.gradle @@ -43,9 +43,8 @@ include 'samples:simm-valuation-demo' include 'samples:notary-demo' include 'samples:bank-of-corda-demo' include 'cordform-common' -include 'doorman' +include 'network-management' include 'verify-enclave' include 'sgx-jvm/hsm-tool' -include 'signing-server' include 'perftestcordapp' diff --git a/signing-server/build.gradle b/signing-server/build.gradle deleted file mode 100644 index ccf218dc3a..0000000000 --- a/signing-server/build.gradle +++ /dev/null @@ -1,91 +0,0 @@ -ext { - // We use Corda release artifact dependencies instead of project dependencies to make sure each doorman releases are - // align with the corresponding Corda release. - corda_dependency_version = '2.0-20171017.135310-6' -} - -version "$corda_dependency_version" - -apply plugin: 'us.kirchmeier.capsule' -apply plugin: 'kotlin' - -repositories { - mavenLocal() - mavenCentral() - maven { - url 'http://oss.sonatype.org/content/repositories/snapshots' - } - jcenter() - maven { - url 'http://ci-artifactory.corda.r3cev.com/artifactory/corda-dev' - } -} - -configurations{ - integrationTestCompile.extendsFrom testCompile - integrationTestRuntime.extendsFrom testRuntime -} - -sourceSets{ - integrationTest { - kotlin { - compileClasspath += main.output + test.output - runtimeClasspath += main.output + test.output - srcDir file('src/integration-test/kotlin') - } - java { - compileClasspath += main.output + test.output - runtimeClasspath += main.output + test.output - srcDir file('src/integration-test/java') - } - resources { - srcDir file('src/integration-test/resources') - } - } -} - -task buildSigningServerJAR(type: FatCapsule, dependsOn: 'jar') { - group = 'build' - applicationClass 'com.r3.corda.signing.MainKt' - - capsuleManifest { - applicationVersion = corda_dependency_version - systemProperties['visualvm.display.name'] = 'Signing Server' - minJavaVersion = '1.8.0' - jvmArgs = ['-XX:+UseG1GC'] - } - // Make the resulting JAR file directly executable on UNIX by prepending a shell script to it. - // This lets you run the file like so: ./corda.jar - // Other than being slightly less typing, this has one big advantage: Ctrl-C works properly in the terminal. - reallyExecutable { trampolining() } -} - -dependencies { - compile "org.jetbrains.kotlin:kotlin-stdlib:$kotlin_version" - - compile fileTree(dir: 'libs', include: '*.jar') - compile "net.corda:corda-core:$corda_dependency_version" - compile "net.corda:corda-node:$corda_dependency_version" - compile "net.corda:corda-node-api:$corda_dependency_version" - testCompile "net.corda:corda-test-utils:$corda_dependency_version" - testCompile "net.corda:corda-node-driver:$corda_dependency_version" - - // Log4J: logging framework (with SLF4J bindings) - compile "org.apache.logging.log4j:log4j-slf4j-impl:${log4j_version}" - compile "org.apache.logging.log4j:log4j-core:${log4j_version}" - compile "org.apache.logging.log4j:log4j-web:${log4j_version}" - - // JOpt: for command line flags. - compile "net.sf.jopt-simple:jopt-simple:5.0.2" - - // TypeSafe Config: for simple and human friendly config files. - compile "com.typesafe:config:1.3.0" - - // Hibernate audit plugin - compile "org.hibernate:hibernate-envers:5.2.11.Final" - - // Unit testing helpers. - testCompile 'junit:junit:4.12' - testCompile "org.assertj:assertj-core:${assertj_version}" - integrationTestCompile project(':doorman') -} \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/hsm/Signer.kt b/signing-server/src/main/kotlin/com/r3/corda/signing/hsm/Signer.kt deleted file mode 100644 index 1a9ef02981..0000000000 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/hsm/Signer.kt +++ /dev/null @@ -1,15 +0,0 @@ -package com.r3.corda.signing.hsm - -import com.r3.corda.signing.persistence.ApprovedCertificateRequestData - -/** - * Encapsulates the logic related to the certificate signing process. - */ -interface Signer { - - /** - * Signs the provided list of [ApprovedCertificateRequestData] - */ - fun sign(toSign: List) - -} \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorage.kt b/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorage.kt deleted file mode 100644 index f8ccbfc5a3..0000000000 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorage.kt +++ /dev/null @@ -1,102 +0,0 @@ -package com.r3.corda.signing.persistence - -import net.corda.node.utilities.CordaPersistence -import org.bouncycastle.pkcs.PKCS10CertificationRequest -import org.hibernate.envers.Audited -import java.security.cert.CertPath -import java.sql.Connection -import java.time.Instant -import javax.persistence.* -import javax.persistence.criteria.CriteriaBuilder -import javax.persistence.criteria.Path -import javax.persistence.criteria.Predicate - -data class ApprovedCertificateRequestData(val requestId: String, val request: PKCS10CertificationRequest, var certPath: CertPath? = null) - -class DBCertificateRequestStorage(private val database: CordaPersistence) : CertificateRequestStorage { - - enum class Status { - Approved, Signed - } - - @Entity - @Table(name = "certificate_signing_request") - class CertificateSigningRequest( - - @Id - @Column(name = "request_id", length = 64) - var requestId: String = "", - - @Lob - @Column - var request: ByteArray = ByteArray(0), - - @Lob - @Column(nullable = true) - var certificatePath: ByteArray? = null, - - @Audited - @Column(name = "status") - @Enumerated(EnumType.STRING) - var status: Status = Status.Approved, - - @Audited - @Column(name = "modified_by", length = 512) - @ElementCollection(targetClass = String::class, fetch = FetchType.EAGER) - var modifiedBy: List = emptyList(), - - @Audited - @Column(name = "modified_at") - var modifiedAt: Instant? = Instant.now() - ) - - override fun getApprovedRequests(): List { - return getRequestIdsByStatus(Status.Approved) - } - - override fun sign(requests: List, signers: List) { - requests.forEach { - database.transaction(Connection.TRANSACTION_SERIALIZABLE) { - val request = singleRequestWhere { builder, path -> - builder.and( - builder.equal(path.get(CertificateSigningRequest::requestId.name), it.requestId), - builder.equal(path.get(CertificateSigningRequest::status.name), Status.Approved) - ) - } - if (request != null) { - val now = Instant.now() - request.certificatePath = it.certPath?.encoded - request.status = Status.Signed - request.modifiedAt = now - request.modifiedBy = signers - session.update(request) - } - } - } - } - - private fun singleRequestWhere(predicate: (CriteriaBuilder, Path) -> Predicate): CertificateSigningRequest? { - return database.transaction { - val builder = session.criteriaBuilder - val criteriaQuery = builder.createQuery(CertificateSigningRequest::class.java) - val query = criteriaQuery.from(CertificateSigningRequest::class.java).run { - criteriaQuery.where(predicate(builder, this)) - } - session.createQuery(query).uniqueResultOptional().orElse(null) - } - } - - private fun getRequestIdsByStatus(status: Status): List { - return database.transaction { - val builder = session.criteriaBuilder - val query = builder.createQuery(CertificateSigningRequest::class.java).run { - from(CertificateSigningRequest::class.java).run { - where(builder.equal(get(CertificateSigningRequest::status.name), status)) - } - } - session.createQuery(query).setLockMode(LockModeType.PESSIMISTIC_WRITE).resultList.map { it.toRequestData() } - } - } - - private fun CertificateSigningRequest.toRequestData() = ApprovedCertificateRequestData(requestId, PKCS10CertificationRequest(request)) -} \ No newline at end of file diff --git a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/SigningServerSchemaService.kt b/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/SigningServerSchemaService.kt deleted file mode 100644 index b240d2bdb9..0000000000 --- a/signing-server/src/main/kotlin/com/r3/corda/signing/persistence/SigningServerSchemaService.kt +++ /dev/null @@ -1,20 +0,0 @@ -package com.r3.corda.signing.persistence - -import net.corda.core.contracts.ContractState -import net.corda.core.schemas.MappedSchema -import net.corda.core.schemas.PersistentState -import net.corda.node.services.api.SchemaService - -class SigningServerSchemaService: SchemaService { - // Entities for compulsory services - object SigningServerServices - - object SigningServerServicesV1 : MappedSchema(schemaFamily = SigningServerServices.javaClass, version = 1, - mappedTypes = listOf(DBCertificateRequestStorage.CertificateSigningRequest::class.java)) - - override val schemaOptions: Map = mapOf(Pair(SigningServerServicesV1, SchemaService.SchemaOptions())) - - override fun selectSchemas(state: ContractState): Iterable = setOf(SigningServerServicesV1) - - override fun generateMappedObject(state: ContractState, schema: MappedSchema): PersistentState = throw UnsupportedOperationException() -} \ No newline at end of file diff --git a/signing-server/src/main/resources/com/r3/corda/signing/utils/hsm_errors b/signing-server/src/main/resources/com/r3/corda/signing/utils/hsm_errors deleted file mode 100644 index 4b203b9309..0000000000 --- a/signing-server/src/main/resources/com/r3/corda/signing/utils/hsm_errors +++ /dev/null @@ -1,4462 +0,0 @@ -0xB000 -E_OS: CryptoServer module SMOS -0xB00001 -E_OS_SENS: SENS section -0xB0000100 -E_OS_SENS_WRITE_ERR: Sensory write error -0xB0000101 -E_OS_SENS_READ_ERR: Sensory read error -0xB0000102 -E_OS_SENS_BAD_TYPE: Bad info type -0xB0000103 -E_OS_SENS_MEM_ALLOC: Error during memory allocation -0xB0000104 -E_OS_SENS_IO_ERR: Sensory I/O error -0xB0000105 -E_OS_SENS_MK_CORR: Corrupted Master Key -0xB0000106 -E_OS_SENS_NACK: Sensory error answer -0xB0000107 -E_OS_SENS_NO_ALARM: CryptoServer not in alarm state -0xB0000108 -E_OS_SENS_READ_TIMEOUT: Sensory read timeout -0xB0000109 -E_OS_SENS_ALARM_PRESENT: Alarm still present, can't reset -0xB000010A -E_OS_SENS_MSP_TIMEOUT: Controller: read timeout -0xB000010B -E_OS_SENS_MSP_CMD: Controller: bad command -0xB000010C -E_OS_SENS_MSP_ADDR: Controller: bad address -0xB000010D -E_OS_SENS_MSP_DATA: Controller: bad data -0xB000010E -E_OS_SENS_MSP_CRC: Controller: bad CRC -0xB000010F -E_OS_SENS_BAD_CRC: Bad CRC in answer -0xB0000110 -E_OS_SENS_PARAM: Invalid parameter -0xB0000111 -E_OS_SENS_BUF_SIZE: Buffer size too small -0xB0000112 -E_OS_SENS_ANSW_LEN: Invalid length of answer data -0xB0000113 -E_OS_SENS_JOB_STATE: Invalid job state -0xB0000114 -E_OS_SENS_LOCKED: Sensory controller is locked -0xB000013 -E_OS_SENS_CTRL: Sensory Controller section -0xB0000130 -E_OS_SENS_CTRL_NACK: unknown error code -0xB0000131 -E_OS_SENS_CTRL_TIMEOUT: timeout -0xB0000132 -E_OS_SENS_CTRL_CMD: bad command -0xB0000133 -E_OS_SENS_CTRL_ADDR: bad address -0xB0000134 -E_OS_SENS_CTRL_DATA: bad data -0xB0000135 -E_OS_SENS_CTRL_CRC: bad CRC -0xB0000136 -E_OS_SENS_CTRL_I2C: I2C error -0xB0000137 -E_OS_SENS_CTRL_BUSY: currently busy -0xB00002 -E_OS_DEV: device section -0xB0000201 -E_OS_DEV_ERR: notifies if an error occurs during operation -0xB0000202 -E_OS_DEV_ALREADY_OPEN: device is used by an other session -0xB0000203 -E_OS_DEV_NAME_INVALID: illegal device name length or characterset -0xB0000204 -E_OS_DEV_MODE_INVALID: illegal mode of operation -0xB0000205 -E_OS_DEV_PARAMETER_INVALID: passed parameter illegal -0xB0000206 -E_OS_DEV_HDL_INVALID: session handle not allowed -0xB0000207 -E_OS_DEV_DATA_INVALID: corrupted data -0xB0000209 -E_OS_DEV_NO_MEM: can't allocate memory space -0xB000020A -E_OS_DEV_NO_SUCH_FUNCTION: no private module function -0xB000020B -E_OS_DEV_NO_DEVICE: no serial device available -0xB00003 -E_OS_DEV_SL: serial device section -0xB0000301 -E_OS_DEV_SL_BAD_HDL: bad handle -0xB0000302 -E_OS_DEV_SL_ALREADY_OPEN: device already open -0xB000030D -E_OS_DEV_SL_READ: read error on serial line -0xB000030E -E_OS_DEV_SL_INVALID_PARAM: parameter to be modified is invalid -0xB0000310 -E_OS_DEV_SL_PARAM_VAL: invalid parameter value to set control of SL -0xB0000311 -E_OS_DEV_SL_TIMEOUT: timeout while reading char from serial line -0xB0000312 -E_OS_DEV_SL_PARITY_ERR: parity error -0xB0000313 -E_OS_DEV_SL_OVERRUN: receiver over-run -0xB0000314 -E_OS_DEV_SL_FRAME: receiver frame error -0xB0000315 -E_OS_DEV_SL_NO_DATA: no data ready to read -0xB0000381 -E_OS_DEV_SL_TOOMANY: too many lines open -0xB0000382 -E_OS_DEV_SL_TCATTR: error setting line parameters -0xB0000383 -E_OS_DEV_SL_OPEN: can't open device -0xB0000384 -E_OS_DEV_SL_NOT_OPEN: handle not open -0xB0000385 -E_OS_DEV_SL_NO_VALID_HDL: invalid handle -0xB0000386 -E_OS_DEV_SL_NO_VALID_PARA_VALUE: invalid parameter value -0xB0000387 -E_OS_DEV_SL_NO_VALID_PARA_TYPE: invalid parameter type -0xB0000388 -E_OS_DEV_SL_READ_ERROR: error on read -0xB0000389 -E_OS_DEV_SL_READ_TIME_OUT: timeout on read -0xB000038A -E_OS_DEV_SL_WRITE_ERROR: error on write -0xB000038B -E_OS_DEV_SL_WRITE_TIME_OUT: timeout on write -0xB000038C -E_OS_DEV_SL_CTRL_ERROR: error on ioctl -0xB0000390 -E_OS_DEV_SL_NO_VALID_NAME: no valid device name -0xB0000391 -E_OS_DEV_SL_NO_VALID_BUF_SLCT: no valid Buffer selected -0xB0000392 -E_OS_DEV_SL_NO_VALID_LINE_STATE: line state parameter incorrect -0xB0000393 -E_OS_DEV_SL_NO_VALID_LINE_SLCT: line select parameter incorrect -0xB0000394 -E_OS_DEV_SL_COM_STATE: error in comunication driver -0xB0000395 -E_OS_DEV_SL_PARITY: Parity Error -0xB00004 -E_OS_DEV_I2C: i2c device section -0xB0000401 -E_OS_DEV_I2C_PARA_INV: one parameter is wrong -0xB0000402 -E_OS_DEV_I2C_NO_ACK: got no acknowledge after sending a byte -0xB0000403 -E_OS_DEV_I2C_BAD_DEVICE: bad device identifier -0xB0000404 -E_OS_DEV_I2C_NO_DEV: device does not exist -0xB00005 -E_OS_FILE: file section -0xB0000501 -E_OS_FILE_INIT: file system not initialized -0xB0000502 -E_OS_FILE_ALREADY_OPEN: the file is already opened -0xB0000503 -E_OS_FILE_ILL_NAME: file name is not allowed -0xB0000504 -E_OS_FILE_ILL_ATTRIB: invalid open mode -0xB0000505 -E_OS_FILE_NO_SUCH_PATH: the directory does not exist -0xB0000506 -E_OS_FILE_NO_SUCH_FILE: the file does not exist -0xB0000507 -E_OS_FILE_EXIST: the file doesn't / already exists -0xB0000508 -E_OS_FILE_ILL_PARAM: invalid parameter -0xB000050A -E_OS_FILE_NOT_OPEN: the file isn't open for access mode -0xB000050B -E_OS_FILE_ILL_POS: position offset not allowed -0xB000050C -E_OS_FILE_NO_MEM: no more memory space available -0xB000050D -E_OS_FILE_NO_TABLE: no bad block table -0xB000050E -E_OS_FILE_MAGIC: invalid magic tag -0xB0000510 -E_OS_FILE_FF_BUSY: flash file device is still busy -0xB0000511 -E_OS_FILE_FF_FAILED: flash file device replies an error -0xB0000513 -E_OS_FILE_FF_ADDRESS: illegal page address -0xB0000514 -E_OS_FILE_ECC: page parity error -0xB0000515 -E_OS_FILE_RDONLY: file system is read only -0xB0000516 -E_OS_FILE_HANDLE: bad file handle -0xB0000517 -E_OS_FILE_NO_SPACE: file system full -0xB0000518 -E_OS_FILE_TABLE_FULL: file table full -0xB0000519 -E_OS_FILE_CORR: file corrupted -0xB000051A -E_OS_FILE_EXDEV: different file systems -0xB000051B -E_OS_FILE_BAD_FSTYPE: bad file system type, can't mount -0xB000051C -E_OS_FILE_BAD_BAD: too many bad blocks, giving up -0xB000051D -E_OS_FILE_FF_BAD: detected bad block in flash file -0xB000051E -E_OS_FILE_GEOMETRY: bad flash page geometry -0xB000051F -E_OS_FILE_HDL_TOOMANY: too many open file handles -0xB00006 -E_OS_TASK: task section -0xB0000601 -E_OS_TASK_STACK_OVL: stack overflow -0xB0000602 -E_OS_TASK_STACK_CORR: stack corrupted -0xB0000603 -E_OS_TASK_BUFSIZE: buffer size to small -0xB0000604 -E_OS_TASK_MALLOC: memory allocation failed -0xB00007 -E_OS_AUDIT: AUDIT section -0xB0000700 -E_OS_AUDIT_EXIST: Audit file does not exist -0xB0000701 -E_OS_AUDIT_FULL: Audit files full -0xB0000702 -E_OS_AUDIT_FSFULL: File system full -0xB0000703 -E_OS_AUDIT_BUFF_TOO_SMALL: Buffer too small -0xB0000704 -E_OS_AUDIT_MALLOC: Memory allocation failed -0xB0000705 -E_OS_AUDIT_CFG_ITEM: Invalid configuration item -0xB0000706 -E_OS_AUDIT_CFG_RANGE: Configuration value out of range -0xB0000707 -E_OS_AUDIT_PARAM: Invalid parameter value -0xB0000708 -E_OS_AUDIT_INVALID_HANDLE: Invalid audit handle -0xB00008 -E_OS_MDL: MDL section -0xB0000801 -E_OS_MDL_MEM_ALLOC: Error during memory allocation -0xB0000802 -E_OS_MDL_PARA_INVALID: Invalid input parameter -0xB0000803 -E_OS_MDL_EXIST: module already exists -0xB0000804 -E_OS_MDL_TABLE: module table full -0xB0000805 -E_OS_MDL_PARAMETER: illegall parameter passed -0xB0000806 -E_OS_MDL_EVENT: event not reached -0xB0000807 -E_OS_MDL_NOT_FOUND: module not found -0xB0000808 -E_OS_MDL_WRITE: can't write module to SDRAM directory -0xB0000809 -E_OS_MDL_SLF_BAD: bad signed licence file -0xB000080A -E_OS_MDL_BL_INI: can't read bl_ini file -0xB000080B -E_OS_MDL_SLF_FOUND: SLF parameter not found -0xB000080C -E_OS_MDL_MTC_INV: invalid MTC file -0xB000080D -E_OS_MDL_MMC_INV: invalid MMC file -0xB000080E -E_OS_MDL_NO_MTC_SIG: No MTC signature present -0xB000080F -E_OS_MDL_CFG_FOUND: Config parameter not found -0xB0000810 -E_OS_MDL_HW_TYPE: Module does not match hardware type -0xB0000811 -E_OS_MDL_MSC_INV: invalid MSC file -0xB0000812 -E_OS_MDL_MSC_VERIFY_FAILED: MSC verification failed -0xB0000813 -E_OS_MDL_NOT_SUPP: Function not supported -0xB0000814 -E_OS_MDL_NOT_AVAILABLE: Function not available -0xB00009 -E_OS_MEM: memory section -0xB0000901 -E_OS_MEM_BAD_TYPE: illegal memory type -0xB0000902 -E_OS_MEM_CORR: corrupted memory structure -0xB0000903 -E_OS_MEM_BUF_SIZE: buffer size too small -0xB0000904 -E_OS_MEM_BAD_ADDR: bad memory address -0xB0000A -E_OS_STR: string section -0xB0000A01 -E_OS_STR_MALLOC: memory allocation failed -0xB0000B -E_OS_CFG: Config section -0xB0000B01 -E_OS_CFG_MALLOC: memory allocation failed -0xB0000B02 -E_OS_CFG_INVALID_PARAM: invalid parameter -0xB0000B03 -E_OS_CFG_INVALID_HDL: invalid handle -0xB0000B04 -E_OS_CFG_BAD: bad config file -0xB0000B05 -E_OS_CFG_SECT_NOT_FOUND: section not found -0xB0000B06 -E_OS_CFG_ITEM_NOT_FOUND: item not found -0xB00010 -E_OS_PCI: PCI section -0xB0001000 -E_OS_PCI_DMA_TMOUT: DMA timeout -0xB0001001 -E_OS_PCI_CANCEL: request canceled -0xB0001002 -E_OS_PCI_MBR_RD_TMOUT: MBR read timeout -0xB0001003 -E_OS_PCI_MBR_WR_TMOUT: MBR write timeout -0xB0001004 -E_OS_PCI_MBR_CMD: bad MBR command -0xB0001005 -E_OS_PCI_RX_CRC: rx crc error -0xB0001006 -E_OS_PCI_NOT_IMPL: function not implememted -0xB0001007 -E_OS_PCI_SHUTDOWN: shutdown request received -0xB0001008 -E_OS_PCI_MEM: memory allocation failed -0xB0001009 -E_OS_PCI_SEQCT: bad sequence counter -0xB000100A -E_OS_PCI_RD_TMOUT: read timeout -0xB000100B -E_OS_PCI_WR_TMOUT: write timeout -0xB000100C -E_OS_PCI_LENERR: block length error -0xB000100D -E_OS_PCI_SOCKET: socket error -0xB000100E -E_OS_PCI_STATE: bad state for receive -0xB00011 -E_OS_RTC: RTC section -0xB0001100 -E_OS_RTC_FAIL: RTC failed -0xB0001101 -E_OS_RTC_NOT_INIT: RTC not initialized -0xB0001102 -E_OS_RTC_PARAM: Bad parameter -0xB00013 -E_OS_CRYPT: CRYPT section -0xB0001301 -E_OS_CRYPT_MEM_ALLOC: Error during memory allocation -0xB0001302 -E_OS_CRYPT_PARA_INVALID: Invalid input parameter -0xB0001303 -E_OS_CRYPT_MK_READ: Error reading master key -0xB0001304 -E_OS_CRYPT_NO_MK: no internal access to CS2 master key -0xB0001305 -E_OS_CRYPT_MK_CORR: CS2 master key corrupted -0xB0001306 -E_OS_CRYPT_MK_WRITE: Error updating master key -0xB0001307 -E_OS_CRYPT_NOT_SUPP: Function not supported -0xB0001308 -E_OS_CRYPT_RND_FAIL: Random number generator failed -0xB0001309 -E_OS_CRYPT_SHA512_KAT: SHA-512 Known Answer Test failed -0xB0001310 -E_OS_CRYPT_RND_TMOUT: Random number generator timeout -0xB0001311 -E_OS_CRYPT_RND_KAT: Known answer test failed -0xB0001312 -E_OS_CRYPT_RND_INIT: Random Number Generator is not initialized -0xB0001313 -E_OS_CRYPT_RND_SEC_STRENGTH: Given security strength not supported -0xB0001314 -E_OS_CRYPT_RND_REQ: Max number of requested randombits per call exceeded -0xB0001315 -E_OS_CRYPT_RND_PRED_RESISTANCE: Prediction resistance not supported for current handle -0xB0001316 -E_OS_CRYPT_RND_RESEED: Random Number Generator needs to be reseeded -0xB0002 -E_OS_COFF: COFF section -0xB0002001 -E_OS_COFF_RELOC_LO16: relocation error (low 16 bits) -0xB0002002 -E_OS_COFF_RELOC_HI16: relocation error (high 16 bits) -0xB0002003 -E_OS_COFF_RELOC_PCR21: relocation error (PC relative) -0xB0002004 -E_OS_COFF_RELOC_LONG: relocation error (long) -0xB0002005 -E_OS_COFF_ALLOC: can't allocate memory -0xB0002006 -E_OS_COFF_BAD_NSCN: bad number of section headers -0xB0002007 -E_OS_COFF_2BSS: multiple BSS segments -0xB0002008 -E_OS_COFF_2CINIT: multiple CINIT segments -0xB0002009 -E_OS_COFF_NO_DATA: missing data in segment -0xB000200A -E_OS_COFF_BAD_ENTRY: bad entry function -0xB000200B -E_OS_COFF_NO_SYMTAB: missing symbol table -0xB000200C -E_OS_COFF_REL_DATA: bad relocation data -0xB000200D -E_OS_COFF_REL_SCN: bad section number in relocation data -0xB000200E -E_OS_COFF_REL_DISP: bad displacement in relocation data -0xB000200F -E_OS_COFF_REL_SYMIDX: bad symbol index in relocation data -0xB0002010 -E_OS_COFF_REL_TYPE: bad relocation type -0xB0002011 -E_OS_COFF_HEADER: bad coff file header -0xB0002012 -E_OS_COFF_MISS: missing information in coff file -0xB0002013 -E_OS_COFF_BSS_NEMPTY: BSS segment is not empty -0xB0002014 -E_OS_COFF_CINIT_NEMPTY: CINIT segment is not empty -0xB0002015 -E_OS_COFF_CPU_TYPE: module does not match CPU type -0xB0002016 -E_OS_COFF_REL_TARGET: bad relocation target address -0xB0002017 -E_OS_COFF_REL_STACKOVF: symbol stack overflow -0xB0002018 -E_OS_COFF_RELOC_USTFLD: relocation error (USTFLD) -0xB0002019 -E_OS_COFF_RELOC_XSTFLD: relocation error (XSTFLD) -0xB0003 -E_OS_USB: USB section -0xB0003001 -E_OS_USB_MALLOC: memory allocation failed -0xB0003002 -E_OS_USB_PARAM: invalid parameter -0xB0003003 -E_OS_USB_NOT_SUPPORTED: USB not supported -0xB0003004 -E_OS_USB_INIT_FAILED: initialization of host controller failed -0xB0003005 -E_OS_USB_DEVICE_CONNECT: device is not connected -0xB0003006 -E_OS_USB_DEVICE_STATE: invalid device state -0xB0003007 -E_OS_USB_TIMEOUT: timeout occured -0xB0003008 -E_OS_USB_NAK: NAK received -0xB0003009 -E_OS_USB_PROTOCOL: protocol error -0xB000300A -E_OS_USB_IDTAB_FULL: ID table is full -0xB000300B -E_OS_USB_NOT_FOUND: item not found -0xB000300C -E_OS_USB_DATA_LEN: invalid data length -0xB00031 -E_OS_USB_ERR: transaction error -0xB00032 -E_OS_USB_LIBUSB: libusb -0xB00050 -E_OS_PNC_0: panic message -0xB0005001 -E_OS_PNC_BL: Can't start bootloader (CRC) -0xB0005002 -E_OS_PNC_SDRAM: Can't start bootloader (SDRAM error) -0xB000500B -E_OS_PNC_PCI: PCI interface closed -0xB000500C -E_OS_PNC_MEMORY: memory corruption detected -0xB00053 -E_OS_PNC_3: shutdown message -0xB0005306 -E_OS_PNC_HIGH_TEMP: High temperature -0xB000530A -E_OS_PNC_RESET_ALARM: Alarm reseted -0xB000530E -E_OS_PNC_CLEAR: CryptoServer cleared -0xB0005344 -E_OS_PNC_HALT: CryptoServer halted -0xB001 -E_FIPS140: CryptoServer module FIPS140 -0xB0010001 -E_FIPS140_INVALID_MDL_VERSION: invalid module version -0xB0010002 -E_FIPS140_ILLEGAL_MDL: illegal firmware module in FIPS mode -0xB0010003 -E_FIPS140_MISSING_APPR_MDL: missing approved module -0xB0010004 -E_FIPS140_APPR_MDL_INIT_FAILED: approved module initialization failed -0xB0010010 -E_FIPS140_DES_KAT: known answer test of DES failed -0xB0010011 -E_FIPS140_RSA_KAT: known answer test of RSA failed -0xB0010012 -E_FIPS140_AES_KAT: known answer test of AES failed -0xB0010013 -E_FIPS140_ECDSA_PCT: pair-wise consistency test of ECDSA failed -0xB0010014 -E_FIPS140_HASH_KAT: known answer test of HASH failed -0xB0010020 -E_FIPS140_AES_ENC_KAT_FAILED: known answer test for AES encrypt/decrypt failed -0xB0010021 -E_FIPS140_AES_MAC_KAT_FAILED: known answer test for AES CBC-MAC failed -0xB0010022 -E_FIPS140_AES_CMAC_KAT_FAILED: known answer test for AES CMAC failed -0xB0010023 -E_FIPS140_AES_GCM_KAT_FAILED: known answer test for AES GCM failed -0xB0010024 -E_FIPS140_AES_OFB_KAT_FAILED: known answer test for AES OFB failed -0xB0010025 -E_FIPS140_AES_GMAC_KAT_FAILED: known answer test for AES GMAC failed -0xB0010030 -E_FIPS140_RSA_SIGN_KAT_FAILED: known answer test for RSA sign/verify failed -0xB0010031 -E_FIPS140_RSA_ENC_PCT_FAILED: pair-wise consistency test for RSA encrypt/decrypt failed -0xB0010040 -E_FIPS140_HMAC_KAT_FAILED: known answer test for HMAC failed -0xB0010050 -E_FIPS140_DSA_SIGN_PCT_FAILED: pair-wise consistency test for DSA sign/verify failed -0xB0010060 -E_FIPS140_ECC_CDH_KAT_FAILED: known answer test for ECC CDH failed -0xB0010070 -E_FIPS140_KDF_800108_KAT_FAILED: known answer test for KDF_800108 failed -0xB0010080 -E_FIPS150_UTL_TEST_FAILED: known answer tests for (internally used only) utility functions failed -0xB0010100 -E_FIPS140_CMD_LEN: bad command length -0xB0010200 -E_FIPS140_INVALID_PARAM: function called with invalid parameter -0xB006 -E_BL3: Bootloader -0xB0060000 -E_BL3_PARA_INV: invalid parameter -0xB0060001 -E_BL3_ITEM_NOT_FOUND: item not found -0xB0060002 -E_BL3_ITEM_LEN: invalid item length -0xB0060003 -E_BL3_BUF_SIZE: buffer size too small -0xB006001 -E_BL3_CMD: command section -0xB0060010 -E_BL3_CMD_FMT_LEN: bad length within format string -0xB0060011 -E_BL3_CMD_BAD_OUT: bad parameter structure -0xB0060012 -E_BL3_CMD_BAD_FMT: bad format string -0xB0060013 -E_BL3_CMD_BAD_CMD: bad format -0xB0060014 -E_BL3_CMD_TIMEOUT: timeout occured -0xB0060015 -E_BL3_CMD_PROHIBIT: command is not allowed -0xB0060016 -E_BL3_CMD_INVALID_HEADER: invalid command header -0xB0060017 -E_BL3_CMD_INVALID_LENGTH: invalid command length -0xB0060018 -E_BL3_CMD_INVALID_FC: invalid function code -0xB0060019 -E_BL3_CMD_INVALID_SFC: invalid sub-function code -0xB006001A -E_BL3_CMD_INVALID_CHALLENGE: invalid challenge -0xB006001B -E_BL3_CMD_FIPS_PROHIBIT: command is not allowed in FIPS mode -0xB006001C -E_BL3_CMD_SFC_DISABLED: command not available in current configuration -0xB006003 -E_BL3_MDL: module section -0xB0060031 -E_BL3_MDL_MTC_HDR_INV: invalid MTC Header -0xB0060032 -E_BL3_MDL_MTC_NO_SIG: no MTC signature present -0xB0060033 -E_BL3_MDL_MMC_HDR_INV: invalid MMC Header -0xB0060034 -E_BL3_MDL_MMC_NO_SIG: no MMC signature present -0xB0060035 -E_BL3_MDL_MMC_HASH: MMC hash compare failed -0xB0060036 -E_BL3_MDL_MSC_HDR_INV: invalid MSC Header -0xB0060037 -E_BL3_MDL_MSC_HASH: MSC hash compare failed -0xB0060038 -E_BL3_MDL_NO_INFO: no module info found -0xB006004 -E_BL3_COFF: coff section -0xB0060040 -E_BL3_COFF_NAME_INV: invalid coff name -0xB0060041 -E_BL3_COFF_HDR_INV: invalid coff header -0xB0060042 -E_BL3_COFF_OPT_HDR_MAGIC: invalid header magic -0xB0060043 -E_BL3_COFF_OPT_HDR_SIZE: invalid header size -0xB0060044 -E_BL3_COFF_SECT_INV: invalid section -0xB0060045 -E_BL3_COFF_SECT_RELOC_INV: invalid relocation of section -0xB0060046 -E_BL3_COFF_SECT_ADR_RUN_ALG: invalid run address -0xB0060047 -E_BL3_COFF_SECT_ADR_LOAD_ALG: invalid load address -0xB0060048 -E_BL3_COFF_SECT_MEM_INV: invalid section memory -0xB0060049 -E_BL3_COFF_OPT_HDR_INV: invalid opt header -0xB006004A -E_BL3_COFF_SIZE_INV: invalid size -0xB006004B -E_BL3_COFF_ADR_INV: invalid address -0xB006004C -E_BL3_COFF_MTC_INV: invalid MTC -0xB006004D -E_BL3_COFF_ENTRY_INV: invalid entry point -0xB006004E -E_BL3_COFF_CPU_TYPE: invalid CPU type -0xB006004F -E_BL3_COFF_INV: invalid coff file -0xB006005 -E_BL3_SIG: signature secture -0xB0060050 -E_BL3_SIG_PKCS1: invalid pkcs1 padding -0xB0060051 -E_BL3_SIG_HASH: hash compare failed -0xB006006 -E_BL3_RSA: RSA section -0xB0060060 -E_BL3_RSA_RES_OFLOW: rsa result overflow -0xB0060061 -E_BL3_RSA_DIV_OFLOW: modulus is zero -0xB0060062 -E_BL3_RSA_INP_GE_MOD: modulus is smaller than operand -0xB006007 -E_BL3_FILE: file section -0xB0060071 -E_BL3_FILE_FLASH_FORMAT: error formating flash file -0xB0060072 -E_BL3_FILE_AFTER_FORMAT_LOOP: flash file formated succesfully, now looping forever -0xB0060073 -E_BL3_FILE_INIT: Initialization of file system failed -0xB0060074 -E_BL3_FILE_EXIST: file already exists -0xB0060075 -E_BL3_FILE_NAME: invalid filename -0xB0060076 -E_BL3_FILE_TYPE: invalid file type -0xB0060077 -E_BL3_FILE_SIZE: invalid file size -0xB0060078 -E_BL3_FILE_NOT_FOUND: file not found -0xB006007A -E_BL3_FILE_OPEN: file open error -0xB006007B -E_BL3_FILE_READ: file read error -0xB006007C -E_BL3_FILE_WRITE: file write error -0xB006007D -E_BL3_FILE_CLOSE: file close error -0xB006008 -E_BL3_PCI: PCI section -0xB0060080 -E_BL3_PCI_TIMEOUT: timeout occured -0xB0060081 -E_BL3_PCI_PROTOCOL: protocol error -0xB0060082 -E_BL3_PCI_LENGTH: length error -0xB0060083 -E_BL3_PCI_CRC: crc error -0xB0060084 -E_BL3_PCI_BUFSIZE: buffer size too small -0xB0060085 -E_BL3_PCI_PARAM: invalid parameter -0xB006009 -E_BL3_UID: UID section -0xB0060090 -E_BL3_UID_CRC: bad CRC on UID -0xB0060091 -E_BL3_UID_NOT_FOUND: UID not found -0xB0060092 -E_BL3_UID_EXT_INV: Extended UID invalid -0xB00600A -E_BL3_SL: SL section -0xB00600A0 -E_BL3_SL_NAME_INV: invalid device name -0xB00600A1 -E_BL3_SL_HDL_INV: invalid handle value -0xB00600A2 -E_BL3_SL_NOT_OPEN: device is not open -0xB00600A3 -E_BL3_SL_INUSE: device is already in use -0xB00600A4 -E_BL3_SL_PARAM: invalid parameter -0xB00600A5 -E_BL3_SL_PARAM_VALUE: invalid parameter value -0xB00600A6 -E_BL3_SL_TIMEOUT: timeout -0xB00600A7 -E_BL3_SL_CRC: invalid crc -0xB00600A8 -E_BL3_SL_OVERRUN: overrun error -0xB00600A9 -E_BL3_SL_PARITY: parity error -0xB00600AA -E_BL3_SL_FRAME: framing error -0xB00600AB -E_BL3_SL_DATA_COMP: data compare failed -0xB00600B -E_BL3_MSP_BSL: MSP BSL section -0xB00600B1 -E_BL3_MSP_BSL_VERSION: get version failed -0xB00600B2 -E_BL3_MSP_BSL_SYNC: sync failed -0xB00600B3 -E_BL3_MSP_BSL_ERASE: erase failed -0xB00600B4 -E_BL3_MSP_BSL_LOGIN: login failed -0xB00600B5 -E_BL3_MSP_BSL_WRITE: write failed -0xB00600C -E_BL3_JTAG: JTAG section -0xB00600C0 -E_BL3_JTAG_STATE: invalid state -0xB00600C1 -E_BL3_JTAG_IDCODE: unexpected IDCODE -0xB00600D -E_BL3_FLASH: Flash section -0xB00600D0 -E_BL3_FLASH_TIMEOUT: timeout during flash operation -0xB00600D1 -E_BL3_FLASH_ID: error reading flash id -0xB00600D2 -E_BL3_FLASH_ERASE: erase failed -0xB00600D3 -E_BL3_FLASH_PAGE_READ: error reading flash page -0xB00600D4 -E_BL3_FLASH_PAGE_WRITE: error writing flash page -0xB00600D5 -E_BL3_FLASH_PAGE_DATA: bad page data -0xB00600D6 -E_BL3_FLASH_CRC: invalid CRC -0xB00600E -E_BL3_LOG: log section -0xB00600E0 -E_BL3_LOG_DOES_NOT_EXIST: log file does not exist -0xB00600F -E_BL3_SDRAM: SDRAM section -0xB00600F1 -E_BL3_SDRAM_BUS_DATA: data bus test failed -0xB00600F2 -E_BL3_SDRAM_BUS_ADR: address bus test failed -0xB00600F3 -E_BL3_SDRAM_BUS_DEV: device test failed -0xB006010 -E_BL3_USB: USB section -0xB0060100 -E_BL3_USB_NACK: NACK received -0xB0060101 -E_BL3_USB_TIMEOUT: timeout occured -0xB0060102 -E_BL3_USB_PROT: protocol error -0xB0060103 -E_BL3_USB_DEVICE: device error -0xB0060104 -E_BL3_USB_PARAM: invalid parameter -0xB0060105 -E_BL3_USB_NOT_SUPPORTED: function not supported -0xB0060106 -E_BL3_USB_INIT_FAILED: initialisation failed -0xB0060107 -E_BL3_USB_DEVICE_CONNECT: error connecting device -0xB0060108 -E_BL3_USB_DEVICE_STATE: error determining device state -0xB0060109 -E_BL3_USB_PROTOCOL: usb protocol error -0xB006011 -E_BL3_FF: flash file section -0xB0060111 -E_BL3_FF_NO_CONFIG: no config page -0xB0060112 -E_BL3_FF_CONFIG_SIZE: invalid flash size -0xB0060113 -E_BL3_FF_NO_BBT: no bad block table -0xB0060114 -E_BL3_FF_INVALID_BBT: invalid bad block table -0xB0060115 -E_BL3_FF_BBT_STORE: unable to store bad block -0xB0060116 -E_BL3_FF_NOT_BLANK: page is not blank -0xB006012 -E_BL3_I2C: i2c device section -0xB0060120 -E_BL3_I2C_PARA_INV: one parameter is wrong -0xB0060121 -E_BL3_I2C_NO_ACK: got no acknowledge after sending a byte -0xB0060122 -E_BL3_I2C_NO_DEV: device does not exist -0xB006013 -E_BL3_XSVF: XSVF section -0xB0060131 -E_BL3_XSVF_UNKNOWN: unknown error -0xB0060132 -E_BL3_XSVF_TDOMISMATCH: TDO mismatch -0xB0060133 -E_BL3_XSVF_MAXRETRIES: TDO mismatch after max retries -0xB0060134 -E_BL3_XSVF_ILLEGALCMD: illegal command -0xB0060135 -E_BL3_XSVF_ILLEGALSTATE: illegal state -0xB0060136 -E_BL3_XSVF_DATAOVERFLOW: buffer overflow -0xB006014 -E_BL3_SHA512: SHA512 section -0xB0060140 -E_BL3_SHA512_KAT: SHA512 known answer test failed -0xB006015 -E_BL3_NVRAM: NVRAM section -0xB0060150 -E_BL3_NVRAM_TIMEOUT: timeout during nvram operation -0xB0060151 -E_BL3_NVRAM_PAGE_READ: error reading nvram page -0xB0060152 -E_BL3_NVRAM_PAGE_WRITE: error writing nvram page -0xB0060153 -E_BL3_NVRAM_PAGE_DATA: bad page data -0xB0060154 -E_BL3_NVRAM_ID: error reading flash id -0xB0060155 -E_BL3_NVRAM_NOT_AVAILABLE: NVRAM not available in Bootloader mode -0xB00602 -E_BL3_MSP: MSP section -0xB0060201 -E_BL3_MSP_DATA_LEN: data len for communication with msp too large -0xB0060202 -E_BL3_MSP_IO_ERR: timeout occurred -0xB00602A5 -E_BL3_MSP_CMD: invalid command -0xB00602BD -E_BL3_MSP_ADDR: invalid address -0xB00602C3 -E_BL3_MSP_DATA: invalid data -0xB00602DB -E_BL3_MSP_CRC: invalid crc -0xB00603 -E_BL3_USB_ERR: SPI section -0xB0060401 -E_BL3_SPI_RD_TO: read timeout -0xB0060402 -E_BL3_SPI_XRDY_TO: timeout waiting for receiver ready -0xB0060403 -E_BL3_SPI_MSP_RDY_TO: timeout waiting for MSP ready -0xB0060404 -E_BL3_SPI_MSP_NRDY_TO: timeout waiting for MSP ready low -0xB0060405 -E_BL3_SPI_RRDY_TO: timeout waiting for RRDY -0xB0060500 -E_BL3_EXAR: EXAR section -0xB0060501 -E_BL3_EXAR_TIMEOUT: timeout during pci cfg operation -0xB0060502 -E_BL3_EXAR_DATA_TEST: wrong data read -0xB0060503 -E_BL3_EXAR_PCI_BUSY: pci interface for accelerator busy -0xB0060504 -E_BL3_EXAR_DETECT: no exar accelerator found -0xB0060511 -E_BL3_SCF_MALLOC: memory allocation failed -0xB0060512 -E_BL3_SCF_INVALID_PARAM: invalid parameter -0xB0060513 -E_BL3_SCF_INVALID_HDL: invalid handle -0xB0060514 -E_BL3_SCF_BAD: bad config file -0xB0060515 -E_BL3_SCF_SECT_NOT_FOUND: section not found -0xB0060516 -E_BL3_SCF_ITEM_NOT_FOUND: item not found -0xB007001F -E_BL_WRONG_FC: Wrong Function Code (included for backward compatibility) -0xB007001F -E_BL_WRONG_FC: Wrong Function Code (included for backward compatibility) -0xB00A -E_HCE: CryptoServer module HCE -0xB00A0001 -E_HCE_MEM: memory allocation failed -0xB00A0002 -E_HCE_PCI_MASTER: PCI master access error (DSP) -0xB00A0003 -E_HCE_KEY_SIZE: key size not supported -0xB00A0004 -E_HCE_EXP_SIZE: exponent greater modulus -0xB00A0005 -E_HCE_TIMEOUT: hardware engine timeout -0xB00A0006 -E_HCE_RESULT_SIZE: result too big for buffer -0xB00A0007 -E_HCE_PRIME_SIZE: illegal sizes of prime -0xB00A0008 -E_HCE_DATA_LEN: data size too big (greater than modulus) -0xB00A0009 -E_HCE_SELFTST_FAIL: Self-test failed -0xB00A000A -E_HCE_NO_LNA: Module LNA not found -0xB00A000B -E_HCE_DMA: PCI DMA master access error -0xB00A000C -E_HCE_NO_DRIVER: No driver module found -0xB00A000D -E_HCE_DRIVER_INCOMPATIBLE: Driver does not allow routing from HCE to driver. -0xB00A000E -E_HCE_PARAM_INVALID: invalid parameter -0xB00A000F -E_HCE_NOT_SUPPORTED: function is not supported -0xB00A0010 -E_HCE_VERIFY_FAILED: Signature verification failed -0xB00A80 -E_HCE_ENGN_ERR: hardware engine error -0xB00D -E_EXAR: CryptoServer module EXAR -0xB00D0001 -E_EXAR_NO_MARVEL: no Marvell bridge detected -0xB00D0002 -E_EXAR_NO_EXAR: no Exar chip detected -0xB00D0003 -E_EXAR_INVAL: invalid parameter -0xB00D0004 -E_EXAR_TIMEOUT: timeout -0xB00D0005 -E_EXAR_MALLOC: memory allocation failed -0xB00D0006 -E_EXAR_SELFTEST: selftest failed -0xB00D0007 -E_EXAR_BUF_SIZE: insufficient buffer size -0xB00D0008 -E_EXAR_STATE: invalid command state -0xB00D0009 -E_EXAR_PARAM_LEN: invalid parameter length -0xB00D000A -E_EXAR_SIGN_FAILED: sign failed -0xB00D000B -E_EXAR_VERIFY_FAILED: signature verification failed -0xB00D000C -E_EXAR_KEY_SIZE: key size not supported -0xB00D000D -E_EXAR_DATA_LEN: data size too big -0xB00D0010 -E_EXAR_ERR_ADDR: address error -0xB00D0011 -E_EXAR_ERR_ECC: ECC error -0xB00D0012 -E_EXAR_BUSY: all engines are busy -0xB00D0020 -E_EXAR_PCI_BUSY: PCI is busy -0xB00D0021 -E_EXAR_PCI_TIMEOUT: PCI timeout -0xB00D0022 -E_EXAR_PCI_ACCESS: PCI access error -0xB00E -E_BCM: CryptoServer module HCE -0xB00E0001 -E_BCM_MEM: memory allocation failed -0xB00E0002 -E_BCM_PCI_MASTER: PCI master access error (DSP) -0xB00E0003 -E_BCM_KEY_SIZE: key size not supported -0xB00E0004 -E_BCM_EXP_SIZE: exponent greater modulus -0xB00E0005 -E_BCM_TIMEOUT: hardware engine timeout -0xB00E0006 -E_BCM_RESULT_SIZE: result too big for buffer -0xB00E0007 -E_BCM_PRIME_SIZE: illegal sizes of prime -0xB00E0008 -E_BCM_DATA_LEN: data size too big (greater than modulus) -0xB00E0009 -E_BCM_SELFTST_FAIL: Self-test failed -0xB00E000A -E_BCM_NO_LNA: Module LNA not found -0xB00E000B -E_BCM_DMA: PCI DMA master access error -0xB00E80 -E_BCM_ENGN_ERR: hardware engine error -0xB050 -E_PK: CryptoServer module PK -0xB0500001 -E_PK_PARAMETER: invalid parameter -0xB0500002 -E_PK_MEMORY: memory allocation failed -0xB0500003 -E_PK_UNKNOWN_DN_TYPE: unknown distinguished name type -0xB0500004 -E_PK_INVALID_DN: invalid distinguished name (value or length) -0xB0500005 -E_PK_INVALID_TIME_FORMAT: invalid time format -0xB0500006 -E_PK_UNKNOWN_KEY_TYPE: unknown / unsupported key type -0xB0500007 -E_PK_UNKNOWN_SIGN_ALGO: unknown / unsupported signature algorithm -0xB0500008 -E_PK_UNKNOWN_HASH_ALGO: unknown / unsupported hash algorithm -0xB0500009 -E_PK_INVALID_VERSION: invalid / unsupported version -0xB050000A -E_PK_P7_UNKNOWN_CONTENT_TYPE: unknown / unsupported PKCS7 content type -0xB050000B -E_PK_P7_NO_VERSION_FOUND: no PKCS7 version found -0xB050000C -E_PK_P7_UNKNOWN_ELEM_TYPE: unknown PKCS7 element type -0xB050000D -E_PK_P7_ELEM_TYPE_SIGNATURE: element type SIGNATURE not found -0xB050000E -E_PK_P7_ELEM_TYPE_ENVELOPED: element type ENVELOPED not found -0xB050000F -E_PK_P7_ELEM_TYPE_CERT: element type CERT not found -0xB0500010 -E_PK_P7_ELEM_TYPE_AUTH_ATT: element type AUTH_ATT not found -0xB0500011 -E_PK_P7_ELEM_TYPE_UNAUTH_ATT: element type UNAUTH_ATT not found -0xB0500012 -E_PK_P7_ELEM_TYPE_SIG_TIME: element type SIG_TIME not found -0xB0500013 -E_PK_P7_ELEM_TYPE_DATA: element type DATA not found -0xB0500014 -E_PK_P7_SIGNER_CERTIFICATE: no signer certificate given -0xB0500015 -E_PK_P7_NO_DATA_OR_HASH: no data or hash given to perform sign / verify operation -0xB0500016 -E_PK_P7_INVALID_CONTENT_TYPE: invalid PKCS7 content type -0xB0500017 -E_PK_P7_NO_DIGEST_ALGORITHM: no digest algorithm in PKCS7 data found -0xB0500018 -E_PK_P7_NO_SIGNER_INFOS: no signer infos found -0xB0500019 -E_PK_P7_NO_ISSUER: no issuer / serial number found -0xB050001A -E_PK_P7_NO_OF_ELEM: number of PK_P7_ELEM too small -0xB050001B -E_PK_P7_SIGNER_REF: invalid signer reference -0xB050001C -E_PK_P7_CONTENT_TYPE_NOT_SD: content type is not SignedData -0xB050001D -E_PK_P7_CONTENT_TYPE_NOT_ENV: content type is not Enveloped -0xB050001E -E_PK_P7_KEY_TYPE_MISMATCH: digestEncryptionAlgorithm doesn't match signer certificate key type -0xB050001F -E_PK_P7_VERIFICATION: signature verfication failed -0xB0500020 -E_PK_P7_RECIPIENT_CERT: no recipient certificate given -0xB0500021 -E_PK_P7_UNKNOWN_ENC_KEY_TYPE: unknown / unsupported encryption key type -0xB0500022 -E_PK_P7_MULTIPLE_RCPTS: multiple recipients not supported -0xB0500023 -E_PK_P7_CERT_MISMATCH: given certificate doesn't match certificate in PKCS7 structure -0xB0500024 -E_PK_P7_KEK_ALGO: given key doesn't match key encryption algorithm -0xB0500025 -E_PK_P7_NO_ENC_KEY_ALGO: no key encryption algorithm identifier found -0xB0500026 -E_PK_P7_NO_CONTENT_TYPE: no content type found -0xB0500027 -E_PK_P7_NO_CONTENT_KEY_ALGO: no content encryption algorithm identifier found -0xB0500028 -E_PK_P7_ATTRIBUTE: invalid attribute structure -0xB0500029 -E_PK_P7_NEED_MORE_SPACE: given buffer / struct doesn't contain enough space for this operation -0xB0500030 -E_PK_AES_MODULE: Firmware module AES not loaded -0xB0500031 -E_PK_UNKNOWN_ATT_TYPE: unknown attribute type -0xB0500032 -E_PK_CRL_ISSUER_MISMATCH: CRL issuer doesn't match certificate's subject / issuer -0xB0500033 -E_PK_CRL_ATTR_NOT_AVAILABLE: requested attribute not available (optional) -0xB0500034 -E_PK_CRL_BAD_FORMAT: bad CRL format -0xB0500035 -E_PK_CRL_NOT_VALID: CRL is not yet valid -0xB0500036 -E_PK_CRL_INIT_NOT_CALLED: partial CRL verification not initialized -0xB0500037 -E_PK_CRL_HALGO_MISMATCH: algorithm oid of crl header and trailer differ -0xB0500040 -E_PK_UNSUPPORTED_TIME_FORMAT: unsupported time format -0xB0500041 -E_PK_UNSUPPORTED_CENTURY: given time format contains century < 2000 -0xB0500042 -E_PK_INDEF_LEN: indefinite length not supportet -0xB0500043 -E_PK_NO_ECDSA: Firmware module ECDSA not loaded -0xB0500050 -E_PK_P7_INVALID_SIGNER: invalid signer / invalid signer information -0xB0500051 -E_PK_P7_INVALID_SIGNER_STRUCT: invalid signer structure (ASN.1 error) -0xB061 -E_CTS: CryptoServer module CTS -0xB0610001 -E_CTS_CMD_LEN: Wrong command length -0xB0610002 -E_CTS_MEMORY: memory allocation error -0xB0610003 -E_CTS_INVALID_KEY_ID: Invalid key index -0xB0610004 -E_CTS_SIGNATURE_OID: Signature Algorithm unsupported (hash or signing) -0xB0610005 -E_CTS_DB_ENTRY_EXIST: key index already exists in database -0xB0610006 -E_CTS_KEY_NOT_ACTIVE: selected key is not enabled for signing -0xB0610007 -E_CTS_NO_ACCORDING_KEY: No key for the imported certificate available -0xB0610008 -E_CTS_DATE_EXPIRED: certification validity expired -0xB0610009 -E_CTS_DATE_NOT_YET_VALID: certificate is not yet valid -0xB061000A -E_CTS_PERMISSION_DENIED: permission denied -0xB061000B -E_CTS_NO_CERT_IMPORTED: No certificate to the according key imported -0xB061000C -E_CTS_MBK_NOT_FOUND: mbk from MBK module not found -0xB061000D -E_CTS_MBK_NOT_LOADED: MBK module not loaded -0xB061000E -E_CTS_INVALID_TOKEN_LEN: RSA key token length invalid -0xB061000F -E_CTS_INVALID_HASH: Calculated hash doesn't match given one -0xB0610010 -E_CTS_WRONG_DN_TYPE: Unknown DN component -0xB0610011 -E_CTS_DN_NO_STRUCT: Given ASN1_ITEM of a DN is no struct -0xB0610012 -E_CTS_DN_NOT_EQUAL: Issuer and Subject not the same -0xB0610013 -E_CTS_UNKNOWN_TAG: (ASN1) Tag unknown -0xB0610014 -E_CTS_NOT_FOUND: Given issuer / subject not found -0xB0610015 -E_CTS_CERT_EXIST: Certificate already exist -0xB0610016 -E_CTS_INVALID_TS_STRUCT: TimeStamp ASN.1 structure not correct -0xB0610017 -E_CTS_INVALID_CERTIFICATE: Given certificate not equal to the one in the database -0xB0610018 -E_CTS_INVALID_TIME_DELAY: Given delay to set the new time is too big -0xB0610019 -E_CTS_EXCEEDED_TIME_DELAY: Too many time adjustments on this day -0xB061001A -E_CTS_INVALID_TSA_NAME: TSA name contained in timestamp doesn't match signer name -0xB064 -E_PKCS11: CryptoServer module PKCS11 -0xB0640001 -E_PKCS11_OBJ_CORR: corrupted object data structure -0xB0640002 -E_PKCS11_BAD_ARG: bad arguments -0xB0640003 -E_PKCS11_OBJ_BIG: object has to many attributes -0xB0640004 -E_PKCS11_APP_COUNT: too many concurrent applications -0xB0640005 -E_PKCS11_APP_BAD: bad application reference -0xB0640006 -E_PKCS11_OBJHDL_OVL: object handle overflow -0xB0640007 -E_PKCS11_BAD_PUBEXP: bad public exponent -0xB0640008 -E_PKCS11_BAD_MODULUS: bad modulus -0xB0640009 -E_PKCS11_NO_AES: AES module not found -0xB064000A -E_PKCS11_NO_EC: ECA/ECDSA modules not found -0xB064000B -E_PKCS11_DENIED: access denied -0xB064000C -E_PKCS11_SLOT_CORR: corrupted slot data structure -0xB064000D -E_PKCS11_NO_MBK: MBK module not found -0xB064000E -E_PKCS11_NO_MBK_KEY: no MBK key loaded -0xB064000F -E_PKCS11_INV_BACKUP: invalid backup -0xB0640010 -E_PKCS11_SHUTDOWN: PKCS#11 service terminated -0xB0640011 -E_PKCS11_SLOT_NOT_EMPTY: slot not empty -0xB0640012 -E_PKCS11_NO_DSA: DSA module not found -0xB0640013 -E_PKCS11_APP_TIMEOUT: application timeout -0xB0640014 -E_PKCS11_VALIDITY_PERIOD: validity period has expired -0xB0648 -E_PKCS11_STD: PKCS#11 standard error -0xB068 -E_CXI: CryptoServer module CXI -0xB0680000 -E_CXI_MALLOC: memory allocation error -0xB0680001 -E_CXI_PERMISSION_DENIED: permission denied -0xB0680002 -E_CXI_BUF_SIZE: buffer size too small -0xB0680003 -E_CXI_NOT_SUPPORTED: function not supported -0xB0680004 -E_CXI_MBK_NOT_LOADED: MBK firmware module not loaded -0xB0680005 -E_CXI_INVALID_PARAM_TAG: invalid parameter tag -0xB0680006 -E_CXI_INVALID_PARAM_LEN: invalid parameter length -0xB0680007 -E_CXI_INVALID_PARAM_VAL: invalid parameter value -0xB0680008 -E_CXI_INVALID_FLAGS: invalid flags -0xB0680009 -E_CXI_SFC_RFU: SFC is reserved for further use -0xB068000A -E_CXI_INTERNAL: an internal error occured -0xB068000B -E_CXI_MBK_TYPE: invalid MBK key type -0xB068000C -E_CXI_VALIDITY_PERIOD: validity period has expired -0xB0680010 -E_CXI_PROP_ABSENT: property has to be absent -0xB0680011 -E_CXI_PROP_UNKNOWN: unknown property -0xB0680012 -E_CXI_PROP_NOT_FOUND: property not found -0xB0680013 -E_CXI_PROP_EXISTS: property already exists -0xB0680014 -E_CXI_PROP_READONLY: property is read-only -0xB0680015 -E_CXI_PROP_PROTECTED: property is protected -0xB0680016 -E_CXI_PROP_TAG: invalid property tag -0xB0680017 -E_CXI_PROP_VAL: invalid property value -0xB0680018 -E_CXI_PROP_LEN: invalid property length -0xB0680019 -E_CXI_PROP_SENSITIVE: property is sensitive -0xB068001A -E_CXI_PROP_COMPARE: property doesn't match given template -0xB068001B -E_CXI_PROP_LOCAL_ONLY: property only valid for objects in a group -0xB0680020 -E_CXI_KEY_INVALID_ALGO: invalid key algo -0xB0680021 -E_CXI_KEY_INVALID_SIZE: invalid key size -0xB0680022 -E_CXI_KEY_INVALID_TAG: invalid key tag -0xB0680023 -E_CXI_KEY_INVALID_COMP: invalid key component -0xB0680024 -E_CXI_KEY_BLOB_FORMAT: invalid format of key blob -0xB0680025 -E_CXI_KEY_TYPE: invalid key type -0xB0680026 -E_CXI_KEY_BLOB_MAC: invalid mac of key blob -0xB0680027 -E_CXI_KEY_INVALID_NAME: invalid key name -0xB0680028 -E_CXI_KEY_INVALID_TOKEN: invalid key token -0xB0680029 -E_CXI_KEY_MISSING_COMP: missing key component -0xB068002B -E_CXI_KEY_EXPORT_DENIED: key export is denied -0xB068002C -E_CXI_KEY_IMPORT_DENIED: key import is denied -0xB068002D -E_CXI_KEY_MECH_NOT_ALLOWED: mechanism not allowed -0xB068002E -E_CXI_KEY_INVALID_BLEN: invalid block length -0xB068002F -E_CXI_KEY_USAGE: illegal key usage -0xB0680030 -E_CXI_CRYPT_PADDING: invalid padding -0xB0680031 -E_CXI_CRYPT_MECH: invalid mechanism -0xB0680032 -E_CXI_CRYPT_IV_LEN: invalid IV length -0xB0680033 -E_CXI_CRYPT_SIGN_VERIFY: signature verification failed -0xB0680034 -E_CXI_CRYPT_DATA_LEN: invalid data length -0xB0680035 -E_CXI_CRYPT_MECH_PARA: invalid mechanism parameter -0xB0680040 -E_CXI_ITEM_NOT_FOUND: item not found -0xB0680041 -E_CXI_ITEM_TAG: invalid item tag -0xB0680042 -E_CXI_ITEM_LEN: invalid item length -0xB0680043 -E_CXI_ITEM_VAL: invalid item value -0xB0680044 -E_CXI_ITEM_COUNT: invalid number of items -0xB0680050 -E_CXI_FILE_SIZE: invalid file size -0xB0680060 -E_CXI_ABORT_ENUM: enumeration was aborted -0xB0680061 -E_CXI_INVALID_IN_PARAM: invalid input parameter -0xB06801 -E_CXI_FIPS: FIPS mode -0xB0680100 -E_CXI_FIPS_BLOCKED: function not available in FIPS mode -0xB0680101 -E_CXI_FIPS_MECH: mechanism not supported in FIPS mode -0xB0680102 -E_CXI_FIPS_OBJ_TYPE: object type not available in FIPS mode -0xB0680103 -E_CXI_FIPS_ALGO: algorithm not available in FIPS mode -0xB0680104 -E_CXI_FIPS_KEY_SIZE: key size not allowed in FIPS mode -0xB0680105 -E_CXI_FIPS_KEY_IMPORT: clear text key import not allowed in FIPS mode -0xB0680106 -E_CXI_FIPS_KEY_EXPORT: clear text key export not allowed in FIPS mode -0xB0680107 -E_CXI_FIPS_PROP: property not available in FIPS mode -0xB0680108 -E_CXI_NO_FIPS_CURVE: Curve not available in FIPS mode -0xB0680109 -E_CXI_FIPS_KEY_USAGE: Key usage is restricted in FIPS mode -0xB06802 -E_CXI_SECURE: SECURE -0xB0680200 -E_CXI_SECURE_PROP_DECRYPT: decrypt property true not allowed -0xB0680201 -E_CXI_SECURE_PROP_ENCRYPT: encrypt property true not allowed -0xB0680202 -E_CXI_SECURE_PROP_ALWAYS_SENSITIVE_FALSE: always sensitive property false not allowed -0xB0680203 -E_CXI_SECURE_PROP_SENSITIVE_FALSE: sensitive property false not allowed -0xB0680204 -E_CXI_SECURE_PROP_WRAP: wrap property true not allowed -0xB0680205 -E_CXI_SECURE_PUBLIC_WRAPPING: cannot use public keys for wrapping -0xB0680206 -E_CXI_SECURE_PROP_CHECK_VALUE: check value missing or invalid -0xB0800001 -E_FTEST_MALLOC: CryptoServer module VDES -0xB0810001 -E_VDES_DATA_LEN: length of data is not a multiple of 8 bytes -0xB0810002 -E_VDES_KEY_LEN: length of key is not 8, 16, or 24 -0xB0810003 -E_VDES_MEM: cannot allocate memory -0xB0810004 -E_VDES_WEAK: key is weak -0xB0810005 -E_VDES_SEMI_WEAK: key is semi-weak -0xB0810006 -E_VDES_SHORT_KEY: two of the 8byte key parts are identical -0xB0810007 -E_VDES_MODE: mode is unknown -0xB0810008 -E_VDES_READ_MASTER_KEY: could not get local Master Key -0xB0810009 -E_VDES_PAD_TYPE: unknown padding mechanism -0xB081000A -E_VDES_PAD: invalid padding -0xB081000B -E_VDES_PARAM: invalid parameter -0xB081000C -E_VDES_POSSIBLY_WEAK: key is possibly weak -0xB081000E -E_VDES_ZERO_LENGTH: Zero length not allowed -0xB082 -E_PP: CryptoServer module PP, PIN pad driver -0xB0820001 -E_PP_ABORT: operation aborted by user -0xB0820002 -E_PP_LEN: command block too long -0xB0820003 -E_PP_WRITE_TIMEOUT: timeout while writing to PIN pad -0xB0820004 -E_PP_BUFSIZE: answer buffer too small -0xB0820005 -E_PP_READ_TIMEOUT: timeout while reading from PIN pad -0xB0820006 -E_PP_IO: IO error -0xB0820007 -E_PP_NOT_OPEN: connection not open -0xB0820008 -E_PP_INVAL: invalid parameter -0xB0820009 -E_PP_BAD_RAPDU: bad RAPDU from smartcard -0xB082000A -E_PP_NO_CARD: no smartcard in reader -0xB082000B -E_PP_BAD_TYPE: bad PIN pad type specified -0xB082000C -E_PP_DATALEN: bad length of command block -0xB082000D -E_PP_PROT: protocol error -0xB082000E -E_PP_KEY_TIMEOUT: timeout while waiting for key input -0xB082000F -E_PP_RESET_TIMEOUT: timeout while waiting for card insertation -0xB0820010 -E_PP_PIN_REPETITION: bad repetition of PIN entry -0xB0820011 -E_PP_NOT_SUPPORTED: function is not supported -0xB0820012 -E_PP_PARAM: invalid parameter -0xB0820013 -E_PP_ACCESS_DENIED: access denied -0xB0820014 -E_PP_BAD_INPUT: bad input -0xB0820015 -E_PP_CARD_TIMEOUT: no response from smartcard -0xB0820016 -E_PP_READER_NOT_CONNECTED: no supported smartcard reader connected -0xB0820017 -E_PP_CC_BLOCKED: not allowed in CC Endorsed Mode -0xB08201 -E_PP_PPERR: PIN pad error -0xB08202 -E_PP_CCID: CCID Error -0xB083 -E_CMDS: CryptoServer module CMDS, Command scheduler -0xB0830001 -E_CMDS_DENIED: permission denied -0xB0830002 -E_CMDS_NO_MEM: can't alloc memory -0xB0830003 -E_CMDS_INVAL: invalid parameter -0xB0830004 -E_CMDS_IN_USE: module id already in use -0xB0830005 -E_CMDS_BAD_FC: bad function code (module ID) -0xB0830006 -E_CMDS_BAD_SFC: function doesn't exist -0xB0830007 -E_CMDS_BAD_NAME: invalid user name -0xB0830008 -E_CMDS_DATA_LEN: illegal length of command block -0xB0830009 -E_CMDS_TASK_ERR: can't create task -0xB083000A -E_CMDS_BAD_TAG: bad tag of command block -0xB083000B -E_CMDS_FMT_LEN: bad length within format string (scanf) -0xB083000C -E_CMDS_BAD_CMD: bad format of command block -0xB083000D -E_CMDS_BAD_OUT: bad parameter structure (scanf) -0xB083000E -E_CMDS_BAD_FMT: bad format string (scanf) -0xB083000F -E_CMDS_USER_EXISTS: user already exists -0xB0830010 -E_CMDS_BAD_MECH: invalid mechanism -0xB0830011 -E_CMDS_NO_DB: no DB module present -0xB0830012 -E_CMDS_BAD_AUTH_CMD: invalid AUTH layer command -0xB0830013 -E_CMDS_AUTH_FAILED: authentication failed -0xB0830014 -E_CMDS_NO_VRSA: no VRSA module present -0xB0830015 -E_CMDS_BAD_PERM: bad permission mask -0xB0830016 -E_CMDS_NO_USER: unknown user -0xB0830017 -E_CMDS_BAD_ATT: bad user attributes -0xB083001B -E_CMDS_LOGOFF_FAILED: logoff failed -0xB083001C -E_CMDS_USER_ACTIVE: logged in user can't be deleted -0xB083001D -E_CMDS_BAD_TOKEN: bad user token (key or password) -0xB083001E -E_CMDS_NO_VDES: no VDES module present -0xB083001F -E_CMDS_NO_UTIL: no UTIL module present -0xB0830020 -E_CMDS_NO_HASH: no HASH module present -0xB0830021 -E_CMDS_SM_FAILED: secure messaging failed -0xB0830022 -E_CMDS_SM_EXPIRED: secure messaging session expired -0xB0830023 -E_CMDS_SM_ID: invalid secure messaging ID -0xB0830024 -E_CMDS_BF_OVL: internal buffer overflow -0xB0830025 -E_CMDS_FIPS_INIT: FIPS140 initialization failed -0xB0830026 -E_CMDS_USER_MODE: mode does not match user -0xB0830027 -E_CMDS_BAD_MODE: invalid mode -0xB0830028 -E_CMDS_BAD_SIZE: illegal answer buffer size -0xB0830029 -E_CMDS_NO_MBK: no MBK module present -0xB083002A -E_CMDS_INVAL_BCK: invalid backup data -0xB083002B -E_CMDS_BAD_UDB_ENTRY: bad entry in user DB (internal error) -0xB083002C -E_CMDS_BUFF_SIZE: buffer size too small -0xB083002D -E_CMDS_NO_MBK_KEY: no MBK key found -0xB083002E -E_CMDS_MBK_TYPE: MBK type does not match -0xB083002F -E_CMDS_NO_AES: no AES module present -0xB0830030 -E_CMDS_NO_HMAC: no HMAC algorithm available -0xB0830031 -E_CMDS_NO_ECC: no ECC algorithm available -0xB0830032 -E_CMDS_ALARM: ALARM state -0xB0830033 -E_CMDS_BAD_INITKEY: bad file 'init.key' -0xB0830034 -E_CMDS_ADMIN_AMPUTATION: Administrator must remain -0xB0830035 -E_CMDS_USER_FLAG_NOT_ALLOWED: user flag not allowed -0xB0830036 -E_CMDS_SM_PERM_DIFF: permissions of users of same session must not differ -0xB0830037 -E_CMDS_NVRAM: error acessing NVRAM -0xB0830038 -E_CMDS_AUTH_FAIL_CNT_EXCEEDED: too many unsuccessful authentication tries -0xB0830039 -E_CMDS_PARAM_FIPS: parameter not valid in FIPS mode -0xB083003A -E_CMDS_DENIED_FIPS: authentication mandatory in FIPS mode -0xB083003B -E_CMDS_BAD_MECH_FIPS: mechanism not allowed in FIPS mode -0xB083003C -E_CMDS_BAD_ATT_FIPS: user attributes not allowed in FIPS mode -0xB083003D -E_CMDS_BAD_USER_FLAG_FIPS: user flag not allowed in FIPS mode -0xB083003E -E_CMDS_MAX_AUTH_USER_REACHED: maximum of logged in/authenticated users reached -0xB083003F -E_CMDS_SM_MISSING_FIPS: authentication without secure messaging not allowed in FIPS mode -0xB0830040 -E_CMDS_LOGIN_FIPS: static login not allowed in FIPS mode -0xB0830041 -E_CMDS_AUTH_FIPS_ESTATE: authentication not available in FIPS error state -0xB0830042 -E_CMDS_FIPS_BLOCKED: function not available in FIPS mode -0xB0830043 -E_CMDS_FIPS_ERROR_STATE: function not available in FIPS error state -0xB0830044 -E_CMDS_ADMIN_BAD_FUNC: function is blocked in Administration Mode -0xB0830046 -E_CMDS_MAX_AUTH_FAIL_READ: file for MaxAuthFailures corrupted -0xB0830050 -E_CMDS_LOGIN_CC: static login not allowed in CC mode -0xB0830051 -E_CMDS_AUTH_CC_ESTATE: authentication not available in CC error state -0xB0830052 -E_CMDS_CC_BLOCKED: function not available in CC mode -0xB0830053 -E_CMDS_CC_ERROR_STATE: function not available in CC error state -0xB0830054 -E_CMDS_CC_INIT: CC-CMS initialization failed -0xB0830055 -E_CMDS_BAD_PERM_CC: permissions must not overlap in CC mode -0xB0830056 -E_CMDS_CC_MISSING: cc-cms.msc module missing in flash -0xB0830057 -E_CMDS_BAD_TOKEN_CC: RSA token < 1024 bit not allowed in CC mode -0xB0830059 -E_CMDS_PARAM_CC: parameter not valid in CC mode -0xB083005A -E_CMDS_DENIED_CC: authentication mandatory in CC mode -0xB083005B -E_CMDS_BAD_MECH_CC: mechanism not allowed in CC mode -0xB083005C -E_CMDS_BAD_ATT_CC: user attributes not allowed in CC mode -0xB083005D -E_CMDS_BAD_USER_FLAG_CC: user flag not allowed in CC mode -0xB083005F -E_CMDS_SM_MISSING_CC: authentication without secure messaging not allowed in CC mode -0xB0830060 -E_CMDS_SM_DH_BAD_PARAM: DH parameter from host for sessionkey is weak -0xB0830061 -E_CMDS_SFC_DISABLED: This function is not available in this HSM configuration -0xB0830062 -E_CMDS_HASH_VERS: wrong version of HASH module -0xB0830063 -E_CMDS_CHALLENGE_LEN: illegal challenge length requested -0xB0830064 -E_CMDS_SM_MA_ALARM: Mutual Authentication not available in alarm state -0xB084 -E_VRSA: CryptoServer module VRSA -0xB0840001 -E_VRSA_MEM: cannot allocate memory -0xB0840002 -E_VRSA_BUFF_TOO_SMALL: buffer for result is to small -0xB0840003 -E_VRSA_BAD_DATA: bad raw data value -0xB0840004 -E_VRSA_BAD_MODULUS: modulus is not p * q -0xB0840006 -E_VRSA_P_GREATER_Q: p is greater or equal than q -0xB0840009 -E_VRSA_BAD_U: u is not (1/q) mod p -0xB084000A -E_VRSA_BAD_DP: dp is not d mod (p-1) -0xB084000B -E_VRSA_BAD_DQ: dq is not d mod (q-1) -0xB084000C -E_VRSA_NO_KEYTOKEN: byte string is not a keytoken -0xB084000D -E_VRSA_NO_COMP: component is not a member of this key token -0xB084000E -E_VRSA_DOUBLE_COMP: component is already a member of this key token -0xB084000F -E_VRSA_INVALID_FLAG: value for flags is invalid -0xB0840010 -E_VRSA_HASH_ALGO: Invalid hash algorithm -0xB0840011 -E_VRSA_VERIFY_FAILED: Signature verification failed -0xB0840012 -E_VRSA_KEY_TOO_SMALL: Key length too small -0xB0840014 -E_VRSA_MOD_TOO_SMALL: modulus to small -0xB0840015 -E_VRSA_BAD_KEY: bad key components P and Q -0xB0840016 -E_VRSA_DATA_LEN: data size too big (greater than modulus) -0xB0840017 -E_VRSA_MISS_COMP: missing component in key token -0xB0840018 -E_VRSA_INV_PARAM: invalid parameter -0xB0840019 -E_VRSA_BAD_PEXP: gcd(p-1,e) != 1 or gcd(q-1,e) != 1 -0xB084001A -E_VRSA_BAD_SEXP: d * e != 1 mod (p-1)(q-1) -0xB084001B -E_VRSA_OBSOLETE: function obsolete -0xB084001C -E_VRSA_KGEN_FAILED: key generation failed -0xB084001D -E_VRSA_BAD_BLINDING: invalid blinding value -0xB084001E -E_VRSA_BVGEN_FAILED: blinding value generation failed -0xB084001F -E_VRSA_DECRYPT_FAILED: PKCS#1 decryption failed -0xB0840020 -E_VRSA_INV_PEXP: invalid public exponent -0xB0840021 -E_VRSA_KEYT_LEN: bad length of key token -0xB0840022 -E_VRSA_ENCODING: PKCS#1 encoding error -0xB0840023 -E_VRSA_PAIRWISE_CONSISTENCY: The pairwise consistency test failed ! -0xB0840024 -E_VRSA_FUNC_NOT_AVAILABLE: Function is not available -0xB0840025 -E_VRSA_BAD_BLINDING_MECH: Blinding mechanism unknown -0xB0840100 -E_VRSA_BAD_KEYT: bad key token in command string -0xB0840101 -E_VRSA_RND_SYNC: random number request does not match (FIPS test) -0xB0840102 -E_VRSA_KEY_TOO_SMALL_FIPS: Key length too small (FIPS140) -0xB0840103 -E_VRSA_KEY_TOO_SMALL_CC: Key length too small (CC) -0xB085 -E_SC: CryptoServer Module SC -0xB0850001 -E_SC_APPL_NAME: Bad Length of Application Name -0xB0850002 -E_SC_APDU_SELECT: Card Error from "select" Command -0xB0850003 -E_SC_APDU_IAUTH: Card Error from "internal auth." Command -0xB0850004 -E_SC_BAD_KEY: Wrong SM Key -0xB0850005 -E_SC_APDU_VERPWD: Card Error from "ver. passw." Command -0xB0850006 -E_SC_APDU_MSE: Card Error from "mse" Command -0xB0850007 -E_SC_APDU_READREC: Card Error from "read record" Command -0xB0850008 -E_SC_RECLEN: Bad Record Length -0xB0850009 -E_SC_NO_RECORD: Record not Found -0xB085000A -E_SC_NO_FILE: File not Found -0xB085000B -E_SC_DENIED: Access Denid -0xB085000C -E_SC_BAD_PARAM: Bad Parameter: SFI, REC# -0xB085000D -E_SC_DATALEN: Bad Data Length -0xB085000E -E_SC_SM: Bad Tag for SM -0xB085000F -E_SC_APDU_UPDREC: Card Error from "update record" Command -0xB0850010 -E_SC_APDU_CHGPWD: Card Error from "chg. passw." Command -0xB0850011 -E_SC_NO_PWDFILE: Pasword File not Found -0xB0850012 -E_SC_BAD_PDATA: Bad Personalization Data -0xB0850013 -E_SC_APDU_PERS: Card Error while Personalizing -0xB0850014 -E_SC_APDU_GETSKEY: Card Error from "get sessionkey" Command -0xB0850015 -E_SC_NO_APPL: Application not Found -0xB0850016 -E_SC_APDU_READBIN: Card Error from "read binary" Command -0xB0850017 -E_SC_BAD_PIN_LEN: Bad PIN Length -0xB0850018 -E_SC_MEM: Memory Allocation Error -0xB0850019 -E_SC_APDU_PSO: Card Error from "pso" Command -0xB085001A -E_SC_BAD_CERT: Bad Certificate Format -0xB085001B -E_SC_APDU_GETDATA: Card Error from "get data" Command -0xB085001C -E_SC_BAD_APPLTYPE: Unknown Application Type -0xB085001D -E_SC_NOT_IMPLEMENTED: This Action is not Implmented on the Found Card Type -0xB085001E -E_SC_INVALID_PIN: Invalid Pin -0xB085001F -E_SC_NOT_SUPPORTED: Signing Supported until 48 Byte (Possible Hashes md5, ripemd160, sha1, sha224) -0xB0850020 -E_SC_WRONG_CARD_MODE: Wrong Command for Card Application -0xB0850021 -E_SC_HASH_SIZE: Hash Size Bigger than 40% of the Key Size -0xB0850022 -E_SC_NOPEN_OR_UNKNOWN: Card not Opened Before or Unknown Card -0xB086 -E_UTIL: CryptoServer module UTIL -0xB0860001 -E_UTIL_RTC_OPEN: Error opening RTC Device -0xB0860002 -E_UTIL_RTC_IOCTL: RTC: IOCTL Error -0xB0860003 -E_UTIL_RTC_READ: RTC: Read Error -0xB0860004 -E_UTIL_RTC_WRITE: RTC: Write Error -0xB0860005 -E_UTIL_RTC_CLOSE: Error closing RTC Device -0xB0860006 -E_UTIL_TIME_WRONG_FORMAT: Wrong Time Format -0xB0860007 -E_UTIL_TIME_NULL_POINTER: Null Pointer given -0xB0860008 -E_UTIL_FILE_OPEN: File Open Error -0xB0860009 -E_UTIL_FILE_READ: File Read Error -0xB086000A -E_UTIL_FILE_CLOSE: File Close Error -0xB086000B -E_UTIL_RND_NULL_POINTER: Null Pointer given -0xB086000C -E_UTIL_RND_FAILED: Random Number Generator failed -0xB086000D -E_UTIL_MALLOC: Error allocating Memory -0xB086000E -E_UTIL_INVAL: invalid argument -0xB086000F -E_UTIL_NOT_SUPPORTED: function not supported -0xB0860010 -E_UTIL_RND_KAT: Known answer test failed -0xB0860011 -E_UTIL_RND_INIT: Random Number Generator is not initialized -0xB0860012 -E_UTIL_RND_PARAMETER: Bad Parameter -0xB0860013 -E_UTIL_RND_SEC_STRENGTH: Given security strength not supported -0xB0860014 -E_UTIL_RND_REQ: Max number of requested randombits per call exceeded -0xB0860015 -E_UTIL_RND_PRED_RESISTANCE: prediction resistance not supported for current handle -0xB0860020 -E_UTIL_TIME_RTC_POWER_FAILED: RTC has lost power -0xB0860021 -E_UTIL_TIME_NOT_INIT: RTC is not initialized (RTC has to be set) -0xB086FC00 -E_UTIL_LINK_SMOS: SMOS Version does not match -0xB087 -E_ADM: CryptoServer module ADM -0xB0870001 -E_ADM_FILE_OPEN: file open error -0xB0870002 -E_ADM_FILE_READ: file read error -0xB0870003 -E_ADM_FILE_WRITE: file write error -0xB0870004 -E_ADM_FILE_CLOSE: file close error -0xB0870005 -E_ADM_FILE_MISSING: file (module) does not exist -0xB0870006 -E_ADM_WRONG_FILE_NAME: wrong filename syntax -0xB0870007 -E_ADM_NO_MDL_INFO: no module info found -0xB0870008 -E_ADM_FILE_NOT_FOUND: file not found -0xB087000A -E_ADM_MDL_VERSION_MISSING: no modules version found -0xB087000B -E_ADM_DATA_LEN: wrong command data length -0xB087000C -E_ADM_I2C_OPEN: unable to open i2c device -0xB087000D -E_ADM_I2C_READ: unable to read i2c device -0xB087000F -E_ADM_PERMISSION_DENIED: permission denied -0xB0870011 -E_ADM_FILE_SIZE_TOO_BIG: file size exceeds limit -0xB0870012 -E_ADM_BAD_SIGNATURE: bad signature -0xB0870013 -E_ADM_NO_UTIL: no UTIL module present -0xB0870014 -E_ADM_MALLOC: memory allocation error -0xB0870015 -E_ADM_NOT_SUPPORTED: function not supported -0xB0870016 -E_ADM_INVALID_CRC: invalid crc -0xB0870017 -E_ADM_INVALID_SIZE: invalid size -0xB0870018 -E_ADM_BAD_MMC: bad MMC format -0xB0870019 -E_ADM_NO_HASH: no HASH module present -0xB087001A -E_ADM_NO_VRSA: no VRSA module present -0xB087001B -E_ADM_NO_DB: no DB module present -0xB087001C -E_ADM_NO_AES: no AES module present -0xB087001D -E_ADM_MDL_DEC_FAIL: module decryption failed -0xB087001E -E_ADM_KEY_TYPE: invalid key type -0xB087001F -E_ADM_INVALID_PARAM: invalid parameter -0xB0870020 -E_ADM_FILE_TYPE: invalid file type -0xB0870021 -E_ADM_ITEM_LEN: invalid item length -0xB0870022 -E_ADM_ITEM_NOT_FOUND: item not found -0xB0870023 -E_ADM_NO_MBK: no MBK module present -0xB0870024 -E_ADM_NO_MBK_KEY: no MBK key available -0xB0870025 -E_ADM_MEM: cannot allocate memory -0xB0870026 -E_ADM_MEM_SEC: cannot allocate secure memory -0xB0870027 -E_ADM_MBK_DB_EXP: export of MBK database not allowed -0xB0870028 -E_ADM_MBK_TYPE: invalid MBK value (valid: 0 (DES), 1 (AES)) -0xB0870029 -E_ADM_MBK_DIFFER: given MBK type differs to stored MBK with the highest priority -0xB087002A -E_ADM_MAC: given MAC differs to calculated MAC -0xB087002B -E_ADM_KEY_INDEX: given DB index differs to original DB index -0xB087002C -E_ADM_SESSION_DB_IMP: import of database session.db not allowed -0xB087002D -E_ADM_SESSION_DB_EXP: export of database session.db not allowed -0xB087002E -E_ADM_MBK_DB_IMP: import of MBK database not allowed -0xB087003 -E_ADM_MDL: module section -0xB0870030 -E_ADM_MDL_MTC_HDR_INV: invalid MTC header -0xB0870031 -E_ADM_MDL_MMC_HDR_INV: invalid MMC header -0xB0870032 -E_ADM_MDL_MSC_HDR_INV: invalid MSC header -0xB0870033 -E_ADM_MDL_SIG_HDR_INV: invalid MSC header -0xB0870034 -E_ADM_MDL_SLF_HDR_INV: invalid SLF header -0xB0870035 -E_ADM_MDL_NO_INFO: no module info found -0xB0870036 -E_ADM_MDL_MTC_NO_SIG: MTC doesn't contain signature -0xB0870037 -E_ADM_MDL_MMC_HASH: invalid MMC hash -0xB0870038 -E_ADM_MDL_DECRYPT: can't decrypt firmware module -0xB0870039 -E_ADM_MDL_SCF_HDR_INV: invalid SCF header -0xB087004 -E_ADM_KEY: key section -0xB0870040 -E_ADM_KEY_CORRUPTED: key is corrupted -0xB087005 -E_ADM_CFG: cfg section -0xB0870051 -E_ADM_CFG_MDL_NOT_FOUND: could not retrieve version of requested module -0xB0870052 -E_ADM_CFG_MDL_TOO_OLD: requested module is too old, does not yet support cfg -0xB0870053 -E_ADM_CFG_MDL_UNKNOWN: unknown module, unknown how to cfg -0xB0870054 -E_ADM_CFG_AMSK_BLOCKED: loading of an Alternative Module Signature Key is blocked -0xB087006 -E_ADM_FIPS: FIPS section -0xB0870061 -E_ADM_FIPS_MDL: evaluation of FIPS mode has gone wrong -0xB0870062 -E_ADM_FIPS_RESTRICTED: virtual error code for restricted FIPS mode -0xB0870063 -E_ADM_FIPS_BLOCKED: function not available in FIPS mode -0xB0870064 -E_ADM_FIPS_ERROR_STATE: function not available in FIPS error state -0xB0870070 -E_ADM_CC_BLOCKED: not allowed in CC Endorsed Mode -0xB0870071 -E_ADM_CC_ERROR_STATE: not allowed in CC Error State -0xB0870080 -E_ADM_AUTH_KEY_DB_IMP: import of authentication key database not allowed -0xB0870081 -E_ADM_AUTH_KEY_DB_EXP: export of authentication key database not allowed -0xB088 -E_DB: CryptoServer Database Module -0xB0880001 -E_DB_NO_MEM: memory allocation failed -0xB0880002 -E_DB_BAD_MKEY: bad master encryption key -0xB0880003 -E_DB_NO_SPACE: no space in database -0xB0880004 -E_DB_NOT_FOUND: record not found -0xB0880005 -E_DB_EXISTS: record already exists -0xB0880006 -E_DB_NO_CACHE: no space in cache -0xB0880007 -E_DB_COR_FILE: corrupted database file -0xB0880008 -E_DB_REC_CRC: record CRC error -0xB0880009 -E_DB_BAD_NAME: bad database name -0xB088000A -E_DB_BAD_HANDLE: bad database handle -0xB088000B -E_DB_FILE_TYPE: bad file type of database file -0xB088000D -E_DB_BAD_INFO: bad info structure -0xB088000E -E_DB_IN_USE: database in use -0xB088000F -E_DB_LENGTH: bad data length -0xB0880011 -E_DB_HDL_CONF: database handle confused -0xB0880012 -E_DB_INCONS: internal inconsistency -0xB0880013 -E_DB_SMOSVER: SMOS version is too old -0xB0881000 -E_DB_DATALEN: bad length of command block -0xB0881001 -E_DB_FILE_ERR: io error on database file -0xB0881002 -E_DB_NOT_OPEN: test database not open -0xB0881003 -E_DB_CORR_HDL: db handle corrupted -0xB0881004 -E_DB_CORR_NODE: db node corrupted -0xB0881005 -E_DB_CORR_CACHE: db cache corrupted -0xB089 -E_HASH: CryptoServer module HASH -0xB0890001 -E_HASH_MEM: Memory Error -0xB0890002 -E_HASH_PARAMETER: Illegal Parameter -0xB0890003 -E_HASH_LEN: Illegal Length -0xB0890004 -E_HASH_MODE: Illegal Mode -0xB0890005 -E_HASH_FUNCTION: Function not supported -0xB0890006 -E_HASH_MODE_FIPS: Mode not permitted in FIPS mode -0xB08B -E_AES: CryptoServer module AES -0xB08B0001 -E_AES_DATA_LEN: length of data is not a multiple of 16 bytes -0xB08B0002 -E_AES_KEY_LEN: length of key is not 16, 24, or 32 -0xB08B0003 -E_AES_MEM: cannot allocate memory -0xB08B0004 -E_AES_MODE: mode is unknown -0xB08B0005 -E_AES_CFB1_DEC_MODE: For cfb1 decryption the key must always prepared for encryption -0xB08B0006 -E_AES_PAD_TYPE: unknown padding mechanism -0xB08B0007 -E_AES_PAD: invalid padding -0xB08B0008 -E_AES_PARAM: invalid parameter -0xB08B0009 -E_AES_READ_MASTER_KEY: could not get local Master Key -0xB08B000A -E_AES_MODE_MISMATCH: mode of prepared key does not match mode parameter -0xB08B000C -E_AES_ZERO_LEN: Zero data length is not allowed -0xB08B000D -E_AES_CTR_OVERFLOW: Overflow of block counter in CTR chaining mode -0xB08B000E -E_AES_TAG_VERIFICATION: Tag verification on CCM/GCM decrypt failed -0xB08D -E_DSA: CryptoServer module DSA -0xB08D0001 -E_DSA_MEM: cannot allocate memory -0xB08D0002 -E_DSA_P_TOO_SMALL: prime P is too small -0xB08D0003 -E_DSA_Q_TOO_SMALL: prime Q is too small -0xB08D0004 -E_DSA_GEN_FAILED: domain parameter generation failed -0xB08D0005 -E_DSA_BAD_G: invalid generator value G -0xB08D0006 -E_DSA_BAD_PRIMES: bad primes P and Q -0xB08D0007 -E_DSA_NO_KEYTOKEN: byte string is not a keytoken -0xB08D0008 -E_DSA_NO_COMP: component is not a member of this token -0xB08D0009 -E_DSA_DOUBLE_COMP: component is already a member of this token -0xB08D000A -E_DSA_INVALID_FLAG: value for flags is invalid -0xB08D000B -E_DSA_HASH_LEN: wrong hash value length -0xB08D000C -E_DSA_BAD_KEY: private and public key do not correspond -0xB08D000D -E_DSA_INV_PARAM: invalid parameter -0xB08D000E -E_DSA_BAD_PKEY: bad public key -0xB08D000F -E_DSA_BAD_SKEY: bad private key -0xB08D0010 -E_DSA_KEYT_LEN: bad length of key token -0xB08D0011 -E_DSA_VERIFY_FAILED: signature verification failed -0xB08D0012 -E_DSA_BAD_SIGN_FMT: bad format of signature -0xB08D0013 -E_DSA_NO_ASN1: no ASN.1 module loaded -0xB08D0014 -E_DSA_BUFF_TOO_SMALL: buffer for result is to small -0xB08D0015 -E_DSA_KEYGEN_TEST: pairwise consistency check failed on keygen -0xB08D0018 -E_DSA_ZERO_LEN: Zero length not allowed -0xB08D0030 -E_DSA_NOT_SUPPORTED: The function called is no longer supported -0xB08D0100 -E_DSA_BAD_KEYT: bad key token in command string -0xB08E -E_LNA: CryptoServer module LNA -0xB08E0001 -E_LNA_OVL: result overflow -0xB08E0002 -E_LNA_NEG: result negativ -0xB08E0003 -E_LNA_MOD_LEN: modulus too short -0xB08E0004 -E_LNA_DATA_LEN: data greater than modulus -0xB08E0005 -E_LNA_MEM: can't alloc memory -0xB08E0006 -E_LNA_EXP0: exponent is 0 -0xB08E0007 -E_LNA_DIV0: division by zero -0xB08E0008 -E_LNA_NUM_LEN: number too short -0xB08E0009 -E_LNA_PARAM: bad parameter -0xB08E000A -E_LNA_NOT_FOUND: no prime found -0xB08E000B -E_LNA_MOD_EVEN: modulus is even -0xB08E0100 -E_LNA_RESOVL: result overflow -0xB08E0101 -E_LNA_ARG_LEN: bad argument length -0xB08E0102 -E_LNA_INT: internal error while generating prime -0xB08F -E_ECA: CryptoServer module ECA -0xB08F0001 -E_ECA_MEM: can't alloc memory -0xB08F0002 -E_ECA_NOT_SUPP: not supported -0xB08F0003 -E_ECA_BAD_PARAM: bad parameter -0xB08F0004 -E_ECA_NOT_FOUND: curve not found -0xB08F0005 -E_ECA_EXISTS: curve already registered -0xB08F0006 -E_ECA_TOO_BIG: input number too big -0xB08F0007 -E_ECA_INFINITE: infinite result -0xB08F0008 -E_ECA_PCP_INCOMP: incompatible precalculated point -0xB08F0009 -E_ECA_LEN: bad length of argument -0xB08F000A -E_ECA_BAD_TAG: bad tag of point -0xB08F000B -E_ECA_NO_SQRT: no square root found -0xB08F000C -E_ECA_NO_NON_RESIDUE: non-residue could not be found -0xB08F000D -E_ECA_NO_ASN1: no ASN.1 module found -0xB08F000E -E_ECA_ECDP_DECODE: error decoding ASN.1 EC domain parameter -0xB08F000F -E_ECA_BAD_POINT: bad value of EC point -0xB08F0010 -E_ECA_BAD_VALUE: bad value of EC domain parameter -0xB08F0011 -E_ECA_ECDP_DIFFER: EC domain parameters differ -0xB08F0012 -E_ECA_BAD_DOMAIN_PARA: invalid domain parameter -0xB08F0013 -E_ECA_BAD_POLYNOM: invalid irreducible polynomial -0xB08F0014 -E_ECA_NO_FIPS_CURVE: curve not available in FIPS mode -0xB08F0015 -E_ECA_NO_FIPS_FUNCTION: function not available in FIPS mode -0xB08F0016 -E_ECA_NO_SECURE_CURVE: Curve not secure for CC standards -0xB08F0017 -E_ECA_BL_TBL: table of precalculated values empty/inconsistent -0xB08F0101 -E_ECA_ARG_LEN: bad argument length -0xB08F0102 -E_ECA_INT: internal error -0xB090 -E_TECA: CryptoServer module TECA -0xB0900001 -E_TECA_PERMISSION_DENIED: permission denied -0xB0900002 -E_TECA_PARAM: invalid parameter -0xB0900003 -E_TECA_PARAM_LEN: invalid parameter length -0xB0900004 -E_TECA_MALLOC: memory allocation failed -0xB0900005 -E_TECA_MODE: invalid mode -0xB0900006 -E_TECA_ITEM_NOT_FOUND: item not found -0xB0900007 -E_TECA_MODULE_DEP: unresolved module dependency -0xB0900008 -E_TECA_FILE_IO: file I/O error -0xB091 -E_ASN1: CryptoServer module ASN1 -0xB0910001 -E_ASN1_MEM: Memory Error -0xB0910002 -E_ASN1_FLAG: Parameter flag is incorrect -0xB0910003 -E_ASN1_TAB_OVL: ASN1_ITEM table overflow -0xB0910004 -E_ASN1_BAD_ZKA: bad ZKA format -0xB0910005 -E_ASN1_DATASIZE: ASN1 data overrun -0xB0910006 -E_ASN1_TAGSIZE: tag too big -0xB0910007 -E_ASN1_INDEF_LEN: indefinite length not supportet -0xB0910008 -E_ASN1_LENSIZE: lenght field too big -0xB0910009 -E_ASN1_STACK_OVL: internal stack overflow -0xB091000A -E_ASN1_NOT_FOUND: item not found -0xB091000B -E_ASN1_BUFF_OVL: ASN1 buffer overflow -0xB091000C -E_ASN1_ITEMCOUNT: bad value of 'nitems' in ITEM table -0xB091000D -E_ASN1_BADTAG: zero tag -0xB091000E -E_ASN1_BAD_PKCS1: bad PKCS#1 format -0xB091000F -E_ASN1_DECODE_ERR: decoding error -0xB0910010 -E_ASN1_SIZE_EXCEEDED: calculated size exceeds given datasize -0xB096 -E_MBK: CryptoServer module MBK -0xB0960001 -E_MBK_PARA: Parameter mismatch -0xB0960002 -E_MBK_DB_NO_SERVICE: MBK database is suspended -0xB0960003 -E_MBK_NULL_PTR: Unexpected null pointer -0xB0960004 -E_MBK_PERMISSION: Permission denied -0xB0960005 -E_MBK_ISO_HASH_FAIL: ISO hash check of key failed -0xB0960006 -E_MBK_IG_KEY_TYPES_NM: Key types do not match -0xB0960007 -E_MBK_IG_KEY_DATE_NM: Key generation date do not match -0xB0960008 -E_MBK_IG_KEY_TIME_NM: Key generation time do not match -0xB0960009 -E_MBK_IG_KEY_NAME_NM: Key names do not match -0xB096000A -E_MBK_EX_KEY_CHK_FAIL: Verify of existing master key failed -0xB096000B -E_MBK_SLOT_EMPTY: Slot is empty -0xB096000C -E_MBK_KEY_NO: Slot number not valid -0xB096000D -E_MBK_REC_NO: Record number not valid -0xB096000E -E_MBK_KEY_LB: Key length not valid -0xB096000F -E_MBK_TIME_WRONG_FORMAT: Wrong format in time structure detected -0xB0960010 -E_MBK_BCD_LB: BCD coded time length mismatch -0xB0960011 -E_MBK_KEY_NAME: No key name or NULL pointer for key name -0xB0960012 -E_MBK_ACTION_CANCELED: Action canceled by user -0xB0960013 -E_MBK_MODE_INV: Invalid mode for AES key passed -0xB0960014 -E_MBK_DB_VERSION: Both versions of the MBK database exists -0xB0960015 -E_MBK_EI_PARA_SET_EXT: External parameter already set from extern and overwrite flag is not set -0xB0960016 -E_MBK_AES_NA: The AES Module is not available -0xB0960017 -E_MBK_KEY_TYPE: Invalid key type -0xB0960018 -E_MBK_ALLOC: memory allocation failed -0xB0960019 -E_MBK_BAD_DB_FORMAT: bad database format -0xB096001A -E_MBK_RECORD_EMPTY: smartcard record is empty -0xB096001B -E_MBK_SC_EMPTY: smartcard only contains empty records -0xB096001C -E_MBK_SEMA_REQ: unable to require semaphore -0xB096001D -E_MBK_MAX_KEK: maximum numbers of key exchange keys reached -0xB096001E -E_MBK_FLAGS_INV: invalid flags value -0xB096001F -E_MBK_INFO_LB: info length not valid -0xB0960020 -E_MBK_KEY_EXISTS: key alread exists -0xB0960021 -E_MBK_SHARE_LB: invalid length of key share -0xB0960022 -E_MBK_SHARE_CNT: invalid number of key shares -0xB0960023 -E_MBK_ECA_NA: the ECA module is not available -0xB0960024 -E_MBK_IG_KEY_SHARE_CNT_NM: number of key shares doesn't match -0xB0960025 -E_MBK_KEY_ID_INV: invalid key ID -0xB0960026 -E_MBK_KEY_ID_SAME: multiple occurence of same key ID -0xB0960027 -E_MBK_KEK_NOT_FOUND: no kek found with given hash -0xB0960028 -E_MBK_NOT_SUPPORTED: function is not supported -0xB0960029 -E_MBK_NO_PP: no PIN pad module found -0xB096002A -E_MBK_NO_SC: no smartcard module found -0xB096002B -E_MBK_FIPS_BLOCKED: function not available in FIPS mode -0xB096002C -E_MBK_CC_BLOCKED: not allowed in CC Endorsed Mode -0xB096002D -E_MBK_DEPRECATED: function is deprecated -0xB099 -E_PIN: CryptoServer module PIN -0xB0990001 -E_PIN_BAD_FMT: bad PIN block format -0xB0990002 -E_PIN_BAD_PARA: bad parameter -0xB0990003 -E_PIN_NO_MEM: can't allocate memory -0xB0990004 -E_PIN_BAD_LENGTH: bad PIN length -0xB0990005 -E_PIN_LESS_DIGITS: not enaugh digits found -0xB0990006 -E_PIN_BAD_XTAB: bad translation table -0xB0990007 -E_PIN_BAD_COND: bad PIN conditions -0xB0990008 -E_PIN_REJECT: PIN does not meet conditions -0xB09A -E_NTP: CryptoServer module NTP -0xB09A0001 -E_NTP_CMD_LEN: NTP: Command with invalid data length -0xB09A0002 -E_NTP_INVALID_TIME_DELAY: NTP: requested time delay too big -0xB09A0003 -E_NTP_DAILY_TIME_DELAY_EXCEEDED: NTP: daily time delay exceeded -0xB09A0004 -E_NTP_DEPRECATED_FUNCTION_CALL: NTP: old function call; use new one -0xB09A0005 -E_NTP_NEGATIVE_TIME_SET: NTP: negative time set; use flag to set backward -0xB09A0006 -E_NTP_NOT_ACTIVATED: NTP: ntp module is not activated -0xB09A0007 -E_NTP_DB_ERROR: NTP: database error -0xB09A0008 -E_NTP_PERMISSION_DENIED: NTP: permission denied -0xB09C -E_ECDSA: CryptoServer module ECDSA -0xB09C0001 -E_ECDSA_MEM: cannot allocate memory -0xB09C0002 -E_ECDSA_R_S_IS_NULL: null component in signature (r,s) -0xB09C0003 -E_ECDSA_INV_FLAG: value for flags is invalid -0xB09C0004 -E_ECDSA_BAD_KEY: private and public key do not correspond -0xB09C0005 -E_ECDSA_BAD_PKEY: bad public key -0xB09C0006 -E_ECDSA_BAD_SKEY: bad private key -0xB09C0007 -E_ECDSA_VERIFY_FAILED: signature verification failed -0xB09C0008 -E_ECDSA_BAD_SIGN_FMT: bad format of signature -0xB09C0009 -E_ECDSA_NO_ASN1: no ASN.1 module loaded -0xB09C000A -E_ECDSA_BUFF_TOO_SMALL: buffer for result is to small -0xB09C000B -E_ECDSA_BAD_KEY_FMT: malformed ASN.1 coded key pair -0xB09C000C -E_ECDSA_ECIES_PARAM: bad parameter -0xB09C000D -E_ECDSA_ECIES_MAC_CHECK: mac check of ecies encrypted data failed -0xB09C000E -E_ECDSA_NO_AES: no AES module loaded -0xB09C000F -E_ECDSA_KEYGEN_TEST: pairwise consistency check failed on keygen -0xB09C0010 -E_ECDSA_ZERO_LEN: Zero length not allowed -0xB09C0011 -E_ECDSA_NO_SEC_MODE: secure mode of curve not available -0xB09C0012 -E_ECDSA_BULK_MAX: count of signatures per command exceeds limit -0xB900 -E_CSA: CryptoServer API -0xB90000 -E_CSA_CORE: CryptoServer API core functions -0xB9000000 -E_CSA_CORE_BAD_TAG: bad tag in data block -0xB9000001 -E_CSA_CORE_HANDLE: invalid handle -0xB9000002 -E_CSA_CORE_INVAL: invalid argument -0xB9000003 -E_CSA_CORE_MEM: can't alloc memory -0xB9000004 -E_CSA_CORE_STACK: malformed protocol stack -0xB9000005 -E_CSA_CORE_SIZE: data block too big -0xB9000007 -E_CSA_CORE_V24_DEV: bad V24 device -0xB9000008 -E_CSA_CORE_V24_PARAM: bad V24 parameter -0xB9000009 -E_CSA_CORE_BLK_LEN: can't calculate block length -0xB900000A -E_CSA_CORE_EMPTY: empty command block -0xB900000B -E_CSA_CORE_BAD_ANSW: malformed answer block from CSLAN -0xB900000C -E_CSA_CORE_V24_CTRL: can't set V24 device -0xB900000D -E_CSA_CORE_NO_V24: V24 mode not activated -0xB900000E -E_CSA_CORE_V24_CRC: V24 crc error on read -0xB9000010 -E_CSA_CORE_FMT_LEN: bad length within format string (scanf) -0xB9000011 -E_CSA_CORE_BAD_CMD: bad format of command block -0xB9000012 -E_CSA_CORE_BAD_OUT: bad parameter structure (scanf) -0xB9000013 -E_CSA_CORE_BAD_FMT: bad format string (scanf) -0xB9000014 -E_CSA_CORE_SCANF: cs_scanf not supported -0xB9000015 -E_CSA_CORE_HDL_IN_USE: CSAPI handle still in use -0xB90001 -E_CSA_KS: command layer for old KryptoServer -0xB9000100 -E_CSA_KS_ALEN: length error of answer block -0xB9000101 -E_CSA_KS_CLEN: bad length error of command data -0xB9000102 -E_CSA_KS_PARAM: missing parameter structure -0xB90002 -E_CSA_CMDS: command layer CMDS for CryptoServer -0xB9000200 -E_CSA_CMDS_ALEN: length error of answer block -0xB9000201 -E_CSA_CMDS_CLEN: bad length of command data -0xB9000202 -E_CSA_CMDS_PARAM: missing parameter structure -0xB9000203 -E_CSA_CMDS_TAG: bad tag of answer block -0xB90003 -E_CSA_CHNL: command layer CHNL for CryptoServer -0xB9000300 -E_CSA_CHNL_ALEN: length error of answer block -0xB9000301 -E_CSA_CHNL_TAG: bad tag of answer block -0xB90004 -E_CSA_AUTH: authentication layer for CryptoServer -0xB9000400 -E_CSA_AUTH_ALEN: length error of answer block -0xB9000401 -E_CSA_AUTH_BAD_FC: invalid function code -0xB9000402 -E_CSA_AUTH_BAD_ANSW: malformed answer block -0xB9000403 -E_CSA_AUTH_BAD_MECH: invalid authentication mechanism -0xB9000404 -E_CSA_AUTH_HASH_ERR: error in hash function -0xB9000405 -E_CSA_AUTH_SIGN_ERR: error in signature function -0xB9000406 -E_CSA_AUTH_HMAC_ERR: error in HMAC function -0xB90005 -E_CSA_BL: command layer BL for CryptoServer -0xB9000500 -E_CSA_BL_ALEN: length error of answer block -0xB9000501 -E_CSA_BL_CLEN: bad length error of command data -0xB9000502 -E_CSA_BL_PARAM: missing parameter structure -0xB9000503 -E_CSA_BL_TAG: bad tag of answer block -0xB90006 -E_CSA_SM: secure messaging layer for CryptoServer -0xB9000600 -E_CSA_SM_ALEN: length error of answer block -0xB9000601 -E_CSA_SM_BAD_ANSW: malformed answer block -0xB9000602 -E_CSA_SM_BAD_MECH: invalid SM mechanism -0xB9000603 -E_CSA_SM_NO_DATA: zero length data -0xB9000604 -E_CSA_SM_DES_ERR: en- / decryption / MAC error -0xB9000605 -E_CSA_SM_UNWRAP: secure messaging unwrap error -0xB9000A -E_CSA_CDI: command layer CDI for CryptoServer -0xB9000A00 -E_CSA_CDI_ALEN: length error of answer block -0xB9000A01 -E_CSA_CDI_CLEN: bad length error of command data -0xB9000A02 -E_CSA_CDI_PARAM: missing parameter structure -0xB9000A03 -E_CSA_CDI_TAG: bad tag of answer block -0xB9000C -E_CSA_TL: command layer TL for CryptoServer -0xB9000C00 -E_CSA_TL_ALEN: length error of answer block -0xB9000C01 -E_CSA_TL_TAG: bad tag of answer block -0xB9000E -E_CSA_DUMY: command layer DUMY for CryptoServer -0xB9000E00 -E_CSA_DUMY_ALEN: length error of answer block -0xB9000E01 -E_CSA_DUMY_CLEN: bad length error of command data -0xB9000E02 -E_CSA_DUMY_PARAM: missing parameter structure -0xB901 -E_CSA_LX: CryptoServer API LINUX -0xB9010001 -E_CSA_LX_PATH: path name too long -0xB9010002 -E_CSA_LX_PORT: bad port number -0xB9010003 -E_CSA_LX_ADDR: bad IP address -0xB9010004 -E_CSA_LX_HOSTNAME: bad host name -0xB9010005 -E_CSA_LX_TERM: connection terminated by remote host -0xB9010006 -E_CSA_LX_MEM: can't alloc memory -0xB9010007 -E_CSA_LX_TIMEOUT: timeout occured -0xB9010008 -E_CSA_LX_INVAL: invalid argument -0xB9010009 -E_CSA_LX_ADDRLEN: no space for sockaddr (internal error) -0xB901000A -E_CSA_LX_BLKSIZE: bad block size received -0xB901000B -E_CSA_LX_NOT_RDY: no ready message from CMDS -0xB901000C -E_CSA_LX_CRIT_TEMP: cs2 exceeds critical temperature -0xB901000D -E_CSA_LX_PROC: error on /proc file -0xB901000E -E_CSA_LX_DEV: can't stat device file -0xB901000F -E_CSA_LX_BUF_SIZE: buffer size too small -0xB9011 -E_CSA_LX_OPEN: can't open device -0xB9012 -E_CSA_LX_SOCKET: can't creat socket -0xB9013 -E_CSA_LX_CONNECT: can't get connection -0xB9014 -E_CSA_LX_POLL: error while polling -0xB9015 -E_CSA_LX_READ: read error -0xB9015701 -E_CSA_LX_READ_701: timeout -0xB9015706 -E_CSA_LX_READ_706: operation interruptet by reset -0xB9015707 -E_CSA_LX_READ_707: high temperature -0xB901570A -E_CSA_LX_READ_70A: CryptoServer halted -0xB901570B -E_CSA_LX_READ_70B: panic message from CryptoServer -0xB9016 -E_CSA_LX_WRITE: write error -0xB9016701 -E_CSA_LX_WRITE_701: timeout -0xB9016703 -E_CSA_LX_WRITE_703: request rejectet by CS2 -0xB9016706 -E_CSA_LX_WRITE_706: operation interruptet by reset -0xB9016707 -E_CSA_LX_WRITE_707: high temperature -0xB901670A -E_CSA_LX_WRITE_70A: CryptoServer halted -0xB901670B -E_CSA_LX_WRITE_70B: panic message from CryptoServer -0xB9017 -E_CSA_LX_IOCTL: ioctl error -0xB9017701 -E_CSA_LX_IOCTL_701: timeout -0xB9017706 -E_CSA_LX_IOCTL_706: operation interrupted by reset -0xB9017707 -E_CSA_LX_IOCTL_707: high temperature -0xB901770A -E_CSA_LX_IOCTL_70A: CryptoServer halted -0xB901770B -E_CSA_LX_IOCTL_70B: panic message from CryptoServer -0xB901773 -E_CSA_LX_IOCTL_73: reset of CryptoServer failed -0xB9018 -E_CSA_LX_LOCK: ioctl error (locking) -0xB9018706 -E_CSA_LX_LOCK_706: operation interruptet by reset -0xB9019 -E_CSA_LX_RECV: tcp receive error -0xB901A -E_CSA_LX_SEND: tcp send error -0xB902 -E_CSA_WIN: CryptoServer API Windows -0xB9020001 -E_CSA_WIN_PATH: path name too long -0xB9020002 -E_CSA_WIN_PORT: bad port number -0xB9020003 -E_CSA_WIN_ADDR: bad IP address -0xB9020004 -E_CSA_WIN_HOSTNAME: bad host name -0xB9020005 -E_CSA_WIN_TERM: connection terminated by remote host -0xB9020006 -E_CSA_WIN_MEM: can't alloc memory -0xB9020007 -E_CSA_WIN_TIMEOUT: timeout occured -0xB9020008 -E_CSA_WIN_INVAL: invalid argument -0xB9020009 -E_CSA_WIN_ADDRLEN: no space for sockaddr (internal error) -0xB902000A -E_CSA_WIN_BLKSIZE: bad block size received -0xB902000B -E_CSA_WIN_CMDS_NOT_RDY: no ready message from CMDS -0xB902000C -E_CSA_WIN_CRIT_TEMP: cs2 exceeds critical temperature -0xB9020010 -E_CSA_WIN_INVALID_PARAM: invalid parameter -0xB9020011 -E_CSA_WIN_INVALID_HANDLE: invalid handle value -0xB9020013 -E_CSA_WIN_CREATE_MUTEX: error creating mutex -0xB9020014 -E_CSA_WIN_LOCK: unable to set lock -0xB9020015 -E_CSA_WIN_LOCK_TIMEOUT: timeout while waiting for mutex -0xB9020016 -E_CSA_WIN_LOCK_HANDLE: no valid mutex object -0xB90201 -E_CSA_WIN_OPEN: tcp: can't open device -0xB90202 -E_CSA_WIN_SOCKET: tcp: can't create socket -0xB90203 -E_CSA_WIN_CONNECT: tcp: can't get connection -0xB90204 -E_CSA_WIN_POLL: tcp: error while polling -0xB90204F0 -E_CSA_WIN_CONNECT_FAIL: can't get connection -0xB90205 -E_CSA_WIN_READ: tcp: read error -0xB90206 -E_CSA_WIN_WRITE: tcp: write error -0xB90207 -E_CSA_WIN_INIT: tcp: init error -0xB90208 -E_CSA_WIN_IOCTL: tcp: ioctl error -0xB9021 -E_CSA_WIN_DCI_OPEN: dci: can't open device -0xB9022 -E_CSA_WIN_DCI_READ: read error -0xB9022001 -E_CSA_WIN_DCI_READ_RLEN: read returned wrong length -0xB90220B5 -E_CSA_WIN_DCI_READ_TMOUT: read timeout -0xB9022706 -E_CSA_WIN_DCI_READ_706: operation interruptet by reset -0xB9022707 -E_CSA_WIN_DCI_READ_707: high temperature -0xB902273 -E_CSA_WIN_DCI_READ_73: reset failed -0xB9023 -E_CSA_WIN_DCI_WRITE: dci: write error -0xB9023001 -E_CSA_WIN_DCI_WRITE_RLEN: write returned wrong length -0xB90230B5 -E_CSA_WIN_DCI_WRITE_TMOUT: write timeout -0xB9023706 -E_CSA_WIN_DCI_WRITE_706: operation interrupted by reset -0xB9023707 -E_CSA_WIN_DCI_WRITE_707: high temperature -0xB902373 -E_CSA_WIN_DCI_WRITE_73: reset failed -0xB9024 -E_CSA_WIN_DCI_IOCTL: dci: ioctl error -0xB9024001 -E_CSA_WIN_DCI_IOCTL_NOT_RDY: no ready message from CMDS -0xB90240B5 -E_CSA_WIN_DCI_IOCTL_TMOUT: ioctl timeout -0xB9024706 -E_CSA_WIN_DCI_IOCTL_706: operation interruptet by reset -0xB9024707 -E_CSA_WIN_DCI_IOCTL_707: high temperature -0xB902473 -E_CSA_WIN_DCI_IOCTL_73: reset failed -0xB9025 -E_CSA_WIN_MTX: mutex section -0xB9028 -E_CSA_WIN_TCP_STARTUP: tcp: startup error -0xB9029 -E_CSA_WIN_TCP_ADDR: tcp: address error -0xB902A -E_CSA_WIN_TCP_SOCKET: tcp: can't create socket -0xB902B -E_CSA_WIN_TCP_CONNECT: tcp: can't get connection -0xB902B03C -E_CSA_WIN_TCP_CONNECT_TIMEOUT: connection attempt timed out -0xB902B03D -E_CSA_WIN_TCP_CONNECT_REFUSED: connection attempt refused -0xB902C -E_CSA_WIN_TCP_SELECT: tcp: error on select -0xB902D -E_CSA_WIN_TCP_RECV: tcp: receive error -0xB902E -E_CSA_WIN_TCP_SEND: tcp: send error -0xB902F -E_CSA_WIN_TCP_IOCTL: tcp: ioctl error -0xB904 -E_YACL: yacl library -0xB90400 -E_YACL_DES: DES modul -0xB9040000 -E_YACL_DES_KEY_LEN: length of DES-Key is not 8, 16 or 24 byte -0xB9040001 -E_YACL_DES_DATA_LEN: length of input data is not a multiple of 8 -0xB9040013 -E_YACL_ECA_BAD_POLYNOM: invalid irreducible polynomial -0xB90401 -E_YACL_RSA: RSA modul -0xB9040100 -E_YACL_RSA_RESULT_TOO_LONG: effective length of result is greater -0xB9040101 -E_YACL_RSA_OPERAND_TOO_LONG: effective length of on input operand -0xB9040102 -E_YACL_RSA_RESULT_NEGATIV: result of subtraction would be negativ -0xB9040103 -E_YACL_RSA_DIVISOR_ZERO: divisor/modulus is zero with division -0xB9040104 -E_YACL_RSA_BAD_OPERAND: operand for 'esm' is greater than modulus -0xB90402 -E_YACL_LNA: Long Number Arithmetic -0xB9040201 -E_YACL_LNA_OVL: result overflow -0xB9040202 -E_YACL_LNA_NEG: result negativ -0xB9040203 -E_YACL_LNA_MOD_LEN: modulus too short -0xB9040204 -E_YACL_LNA_DATA_LEN: data greater than modulus -0xB9040205 -E_YACL_LNA_MEM: can't alloc memory -0xB9040206 -E_YACL_LNA_EXP0: exponent is 0 -0xB9040207 -E_YACL_LNA_DIV0: division by zero -0xB9040208 -E_YACL_LNA_NUM_LEN: number too short -0xB9040209 -E_YACL_LNA_PARAM: bad parameter -0xB904020A -E_YACL_LNA_NOT_FOUND: no prime found -0xB904020B -E_YACL_LNA_MOD_EVEN: modulus is even -0xB90403 -E_YACL_VRSA: RSA functions -0xB9040301 -E_YACL_VRSA_MEM: cannot allocate memory -0xB9040302 -E_YACL_VRSA_BUFF_TOO_SMALL: buffer for result is to small -0xB9040303 -E_YACL_VRSA_DATA_LEN: data size too big (greater than modulus) -0xB9040304 -E_YACL_VRSA_BAD_MODULUS: modulus is not p * q -0xB9040305 -E_YACL_VRSA_P_GREATER_Q: p is greater then q -0xB9040306 -E_YACL_VRSA_BAD_U: u is not (1/q) mod p -0xB9040307 -E_YACL_VRSA_BAD_DP: dp is not d mod (p-1) -0xB9040308 -E_YACL_VRSA_BAD_DQ: dq is not d mod (q-1) -0xB9040309 -E_YACL_VRSA_BAD_PEXP: gcd(p-1,e) != 1 or gcd(q-1,e) != 1 -0xB904030A -E_YACL_VRSA_BAD_SEXP: d * e != 1 mod (p-1)(q-1) -0xB904030B -E_YACL_VRSA_KEY_TOO_SMALL: Key length too small -0xB904030C -E_YACL_VRSA_MOD_TOO_SMALL: modulus to small -0xB904030D -E_YACL_VRSA_BAD_KEY: bad key components -0xB904030E -E_YACL_VRSA_INV_PARAM: invalid parameter -0xB904030F -E_YACL_VRSA_KGEN_FAILED: key generation failed -0xB9040310 -E_YACL_VRSA_HASH_ALGO: Invalid hash algorithm -0xB9040311 -E_YACL_VRSA_VERIFY_FAILED: Signature verification failed -0xB9040312 -E_YACL_VRSA_DECRYPT_FAILED: PKCS#1 decryption failed -0xB9040313 -E_YACL_VRSA_ENCODING: PKCS#1 encoding error -0xB9040314 -E_YACL_VRSA_INV_PEXP: invalid public exponent -0xB90404 -E_YACL_SAFER: SAFER module -0xB9040400 -E_YACL_SAFER_KEY_LEN: length of SAFER-Key is not 8 or 16 -0xB9040401 -E_YACL_SAFER_DATA_LEN: length of input data is not a multiple of 8 -0xB90405 -E_YACL_RND: Pseudo Random Number Generator -0xB9040501 -E_YACL_RND_NULL_POINTER: Null pointer in argument -0xB9040502 -E_YACL_RND_WRONG_SEED_LENGTH: Wrong length of seed -0xB9040503 -E_YACL_RND_AUTO_INIT: Can't auto initialize rnd generator -0xB90406 -E_YACL_AES: AES module -0xB9040600 -E_YACL_AES_KEY_LEN: length of AES-Key is not 16, 24 or 32 -0xB9040601 -E_YACL_AES_DATA_LEN: length of input data is not a multiple of 16 -0xB9040602 -E_YACL_AES_PARAM: bad input parameter (eg. NULL pointer not allowed) -0xB90408 -E_YACL_ASN1: ASN1 module -0xB9040821 -E_YACL_ASN1_MEM: Memory Error -0xB9040822 -E_YACL_ASN1_FLAG: Parameter flag is incorrect -0xB9040823 -E_YACL_ASN1_TAB_OVL: ASN1_ITEM table overflow -0xB9040824 -E_YACL_ASN1_COMP_FLAG: Component flag is not defined -0xB9040825 -E_YACL_ASN1_DATASIZE: ASN1 data overrun -0xB9040826 -E_YACL_ASN1_TAGSIZE: tag too big -0xB9040827 -E_YACL_ASN1_INDEF_LEN: indefinite length not supportet -0xB9040828 -E_YACL_ASN1_LENSIZE: lenght field too big -0xB904082A -E_YACL_ASN1_NOT_FOUND: item not found -0xB904082B -E_YACL_ASN1_BUFF_OVL: ASN1 buffer overflow -0xB904082C -E_YACL_ASN1_ITEMCOUNT: bad value of 'nitems' in ITEM table -0xB904082D -E_YACL_ASN1_BADTAG: zero tag -0xB904082F -E_YACL_ASN1_DECODE_ERR: decoding error -0xB9040830 -E_YACL_ASN1_SIZE_EXCEEDED: calculated size exceeds given datasize -0xB90409 -E_YACL_HASH: Hash module -0xB9040901 -E_YACL_HASH_MODE: Invalid hash mode -0xB9040902 -E_YACL_HASH_LEN: Invalid length -0xB9040903 -E_YACL_HASH_PARAM: Invalid parameter -0xB9040A -E_YACL_ECA: module ECA -0xB9040A01 -E_YACL_ECA_MEM: can't alloc memory -0xB9040A02 -E_YACL_ECA_NOT_SUPP: not supported -0xB9040A03 -E_YACL_ECA_BAD_PARAM: bad parameter -0xB9040A04 -E_YACL_ECA_NOT_FOUND: curve not found -0xB9040A05 -E_YACL_ECA_EXISTS: curve already registered -0xB9040A06 -E_YACL_ECA_TOO_BIG: input number too big -0xB9040A07 -E_YACL_ECA_INFINITE: infinite result -0xB9040A08 -E_YACL_ECA_PCP_INCOMP: incompatible precalculated point -0xB9040A09 -E_YACL_ECA_LEN: bad length of argument -0xB9040A0A -E_YACL_ECA_BAD_TAG: bad tag of point -0xB9040A0B -E_YACL_ECA_NO_SQRT: no square root found -0xB9040A0C -E_YACL_ECA_NO_NON_RESIDUE: non-residue could not be found -0xB9040A0D -E_YACL_ECA_NO_ASN1: no ASN.1 module found -0xB9040A0E -E_YACL_ECA_ECDP_DECODE: error decoding ASN.1 EC domain parameter -0xB9040A0F -E_YACL_ECA_BAD_POINT: bad value of EC point -0xB9040A10 -E_YACL_ECA_BAD_VALUE: bad value of EC domain parameter -0xB9040A11 -E_YACL_ECA_ECDP_DIFFER: EC domain parameters differ -0xB9040A12 -E_YACL_ECA_BAD_DOMAIN_PARA: invalid domain parameter -0xB9040B -E_YACL_ECDSA: module ECDSA -0xB9040B01 -E_YACL_ECDSA_MEM: cannot allocate memory -0xB9040B02 -E_YACL_ECDSA_R_S_IS_NULL: null component in signature (r,s) -0xB9040B03 -E_YACL_ECDSA_INV_FLAG: value for flags is invalid -0xB9040B04 -E_YACL_ECDSA_BAD_KEY: private and public key do not correspond -0xB9040B05 -E_YACL_ECDSA_BAD_PKEY: bad public key -0xB9040B06 -E_YACL_ECDSA_BAD_SKEY: bad private key -0xB9040B07 -E_YACL_ECDSA_VERIFY_FAILED: signature verification failed -0xB9040B08 -E_YACL_ECDSA_BAD_SIGN_FMT: bad format of signature -0xB9040B09 -E_YACL_ECDSA_NO_ASN1: no ASN.1 module loaded -0xB9040B0A -E_YACL_ECDSA_BUFF_TOO_SMALL: buffer for result is to small -0xB9040B0B -E_YACL_ECDSA_BAD_KEY_FMT: malformed ASN.1 coded key pair -0xB9040C -E_YACL_DSA: module DSA -0xB9040C01 -E_YACL_DSA_P_TOO_SMALL: prime P is too small -0xB9040C02 -E_YACL_DSA_Q_TOO_SMALL: prime Q is too small -0xB9040C03 -E_YACL_DSA_GEN_FAILED: domain parameter generation failed -0xB9040C04 -E_YACL_DSA_BAD_G: invalid generator value G -0xB9040C05 -E_YACL_DSA_BAD_PRIMES: bad primes P and Q -0xB9040C06 -E_YACL_DSA_HASH_LEN: hash value too long -0xB9040C07 -E_YACL_DSA_BAD_KEY: private and public key do not correspond -0xB9040C08 -E_YACL_DSA_INV_PARAM: invalid parameter -0xB9040C09 -E_YACL_DSA_BAD_PKEY: bad public key -0xB9040C0A -E_YACL_DSA_BAD_SKEY: bad private key -0xB9040C0B -E_YACL_DSA_VERIFY_FAILED: signature verification failed -0xB9040C0C -E_YACL_DSA_BAD_SIGN_FMT: bad format of signature -0xB9040C0D -E_YACL_DSA_BUFF_TOO_SMALL: buffer for result is to small -0xB9040D -E_YACL_PK: PK module -0xB9040D01 -E_YACL_PK_PARAMETER: invalid parameter -0xB9040D02 -E_YACL_PK_MEMORY: memory allocation failed -0xB9040D03 -E_YACL_PK_UNKNOWN_DN_TYPE: unknown distinguished name type -0xB9040D04 -E_YACL_PK_INVALID_DN: invalid distinguished name (value or length) -0xB9040D05 -E_YACL_PK_INVALID_TIME_FORMAT: invalid time format -0xB9040D06 -E_YACL_PK_UNKNOWN_KEY_TYPE: unknown / unsupported key type -0xB9040D07 -E_YACL_PK_UNKNOWN_SIGN_ALGO: unknown / unsupported signature algorithm -0xB9040D08 -E_YACL_PK_UNKNOWN_HASH_ALGO: unknown / unsupported hash algorithm -0xB9040D09 -E_YACL_PK_INVALID_VERSION: invalid / unsupported version -0xB9040D0A -E_YACL_PK_P7_UNKNOWN_CONTENT_TYPE: unknown / unsupported PKCS7 content type -0xB9040D0B -E_YACL_PK_P7_NO_VERSION_FOUND: no PKCS7 version found -0xB9040D0C -E_YACL_PK_P7_UNKNOWN_ELEM_TYPE: unknown PKCS7 element type -0xB9040D0D -E_YACL_PK_P7_ELEM_TYPE_SIGNATURE: element type SIGNATURE not found -0xB9040D0E -E_YACL_PK_P7_ELEM_TYPE_ENVELOPED: element type ENVELOPED not found -0xB9040D0F -E_YACL_PK_P7_ELEM_TYPE_CERT: element type CERT not found -0xB9040D10 -E_YACL_PK_P7_ELEM_TYPE_AUTH_ATT: element type AUTH_ATT not found -0xB9040D11 -E_YACL_PK_P7_ELEM_TYPE_UNAUTH_ATT: element type UNAUTH_ATT not found -0xB9040D12 -E_YACL_PK_P7_ELEM_TYPE_SIG_TIME: element type SIG_TIME not found -0xB9040D13 -E_YACL_PK_P7_ELEM_TYPE_DATA: element type DATA not found -0xB9040D14 -E_YACL_PK_P7_SIGNER_CERTIFICATE: no signer certificate given -0xB9040D15 -E_YACL_PK_P7_NO_DATA_OR_HASH: no data or hash given to perform sign / verify operation -0xB9040D16 -E_YACL_PK_P7_INVALID_CONTENT_TYPE: invalid PKCS7 content type -0xB9040D17 -E_YACL_PK_P7_NO_DIGEST_ALGORITHM: no digest algorithm in PKCS7 data found -0xB9040D18 -E_YACL_PK_P7_NO_SIGNER_INFOS: no signer infos found -0xB9040D19 -E_YACL_PK_P7_NO_ISSUER: no issuer / serial number found -0xB9040D1A -E_YACL_PK_P7_NO_OF_ELEM: number of PK_P7_ELEM too small -0xB9040D1B -E_YACL_PK_P7_SIGNER_REF: invalid signer reference -0xB9040D1C -E_YACL_PK_P7_CONTENT_TYPE_NOT_SD: content type is not SignedData -0xB9040D1D -E_YACL_PK_P7_CONTENT_TYPE_NOT_ENV: content type is not Enveloped -0xB9040D1E -E_YACL_PK_P7_KEY_TYPE_MISMATCH: digestEncryptionAlgorithm doesn't match signer certificate key type -0xB9040D1F -E_YACL_PK_P7_VERIFICATION: signature verfication failed -0xB9040D20 -E_YACL_PK_P7_RECIPIENT_CERT: no recipient certificate given -0xB9040D21 -E_YACL_PK_P7_UNKNOWN_ENC_KEY_TYPE: unknown / unsupported encryption key type -0xB9040D22 -E_YACL_PK_P7_MULTIPLE_RCPTS: multiple recipients not supported -0xB9040D23 -E_YACL_PK_P7_CERT_MISMATCH: given certificate doesn't match certificate in PKCS7 structure -0xB9040D24 -E_YACL_PK_P7_KEK_ALGO: given key doesn't match key encryption algorithm -0xB9040D25 -E_YACL_PK_P7_NO_ENC_KEY_ALGO: no key encryption algorithm identifier found -0xB9040D26 -E_YACL_PK_P7_NO_CONTENT_TYPE: no content type found -0xB9040D27 -E_YACL_PK_P7_NO_CONTENT_KEY_ALGO: no content encryption algorithm identifier found -0xB9040D28 -E_YACL_PK_P7_ATTRIBUTE: invalid attribute structure -0xB9040D29 -E_YACL_PK_P7_NEED_MORE_SPACE: given buffer / struct doesn't contain enough space for this operation -0xB9040D30 -E_YACL_PK_TIME_ERROR: Unable to retrieve system time / convert time; -0xB9040D31 -E_YACL_PK_UNKNOWN_ATT_TYPE: unknown attribute type -0xB9040D32 -E_YACL_PK_CRL_ISSUER_MISMATCH: CRL issuer doesn't match certificate's subject / issuer -0xB9040D33 -E_YACL_PK_CRL_ATTR_NOT_AVAILABLE: requested attribute not available (optional) -0xB9040D34 -E_YACL_PK_CRL_BAD_FORMAT: bad CRL format -0xB9040D35 -E_YACL_PK_CRL_NOT_VALID: CRL is not yet valid -0xB9040D36 -E_YACL_PK_CRL_INIT_NOT_CALLED: partial CRL verification not initialized -0xB9040D40 -E_YACL_PK_UNSUPPORTED_TIME_FORMAT: unsupported time format -0xB9040D41 -E_YACL_PK_UNSUPPORTED_CENTURY: given time format contains century < 1900 -0xB9040D42 -E_YACL_PK_INDEF_LEN: indefinite length not supportet -0xB9040D50 -E_YACL_PK_P7_INVALID_SIGNER: invalid signer / invalid signer information -0xB9040D51 -E_YACL_PK_P7_INVALID_SIGNER_STRUCT: invalid signer structure (ASN.1 error) -0xB9040E -E_YACL_CRYPT: crypt module -0xB9040E01 -E_YACL_OLD_CRYPT_VERSION: Old Crypt Version -0xB905 -E_SL: Serial Driver -0xB9050001 -E_SL_TOOMANY: too many lines open -0xB9050002 -E_SL_TCATTR: error setting line parameters -0xB9050003 -E_SL_OPEN: can't open device -0xB9050004 -E_SL_NOT_OPEN: handle not open -0xB9050005 -E_SL_NO_VALID_HDL: invalid handle -0xB9050006 -E_SL_NO_VALID_PARA_VALUE: invalid parameter value -0xB9050007 -E_SL_NO_VALID_PARA_TYPE: invalid parameter type -0xB9050008 -E_SL_READ_ERROR: error on read -0xB9050009 -E_SL_READ_TIME_OUT: timeout on read -0xB905000A -E_SL_WRITE_ERROR: error on write -0xB905000B -E_SL_WRITE_TIME_OUT: timeout on write -0xB905000C -E_SL_CTRL_ERROR: error on ioctl -0xB9050010 -E_SL_NO_VALID_NAME: no valid device name -0xB9050011 -E_SL_NO_VALID_BUF_SLCT: no valid Buffer selected -0xB9050012 -E_SL_NO_VALID_LINE_STATE: line state parameter incorrect -0xB9050013 -E_SL_NO_VALID_LINE_SLCT: line select parameter incorrect -0xB9050014 -E_SL_COM_STATE: error in comunication driver -0xB9050015 -E_SL_PARITY: Parity Error -0xB9050016 -E_SL_FRAME: Frame Error -0xB9050017 -E_SL_FLUSH_FAILED: Flush failed -0xB9050018 -E_SL_READ_EOF: EOF on read -0xB906 -E_CAL: CryptoServer admin library -0xB9060001 -E_CAL_BAD_MEM: malloc() failed -0xB9060002 -E_CAL_PPAPP_LIST: malformed PIN-Pad application list -0xB9061 -E_CAL_UTL: Utility Functions -0xB9061001 -E_CAL_UTL_FILE_OPEN: File Open Error -0xB9061002 -E_CAL_UTL_KEY_INIT: Key Structure has not been initialized -0xB9061003 -E_CAL_UTL_KEY_FILE_OPEN: unable to open Keyfile -0xB9061004 -E_CAL_UTL_KEY_FILE_TYPE: unknown Type of Keyfile -0xB9061005 -E_CAL_UTL_KEY_FILE_READ: Error reading Keyfile -0xB9061006 -E_CAL_UTL_KEY_FILE_WRITE: Error writing Keyfile -0xB9061007 -E_CAL_UTL_KEY_TOK_FORMAT: Wrong Keyfile Format in .tok file -0xB9061008 -E_CAL_UTL_KEY_ASC_FORMAT: Wrong Keyfile Format in .key file -0xB9061009 -E_CAL_UTL_KEY_WRONG_FILENAME: Wrong File Name -0xB906100A -E_CAL_UTL_KEY_SOURCE: invalid Key Source (file or smartcard) -0xB906100B -E_CAL_UTL_KEY_TYPE: invalid Key Type (private or public) -0xB906100C -E_CAL_UTL_KEY_INVALID_DATA_LEN: invalid Data Length -0xB906100D -E_CAL_UTL_KEY_INVALID_LEN: invalid Key Length -0xB906100E -E_CAL_UTL_KEY_DECRYPT: can't decrypt keyfile -0xB906100F -E_CAL_UTL_KEY_PASSFCT: no get_pass function specified (or twice) -0xB9061010 -E_CAL_UTL_TIME_WRONG_FORMAT: Wrong Time Format YYYYMMDDHHMMSS -0xB9061011 -E_CAL_UTL_FILE_NOT_FOUND: file not found -0xB9061012 -E_CAL_UTL_INVALID_PARAM: invalid parameter -0xB9061013 -E_CAL_UTL_NOT_SUPPORTED: function not supported -0xB9062 -E_CAL_BL: Bootloader Command Interface -0xB9062001 -E_CAL_BL_SHA1: Error calculating Hash with SHA1 -0xB9062002 -E_CAL_BL_RSA: error executing RSA -0xB9062003 -E_CAL_BL_NO_RND: no random value present -0xB9062004 -E_CAL_BL_INVALID_PARAM: invalid parameter -0xB9062005 -E_CAL_BL_INVALID_KEY: invalid key format -0xB9062006 -E_CAL_BL_FILE_OPEN: file open error -0xB9062007 -E_CAL_BL_FILE_READ: file read error -0xB9062008 -E_CAL_BL_MALLOC: memory allocation error -0xB9062009 -E_CAL_BL_RESPONSE_ERR: response error from Cryptoserver -0xB906200A -E_CAL_BL_WRONG_FILE_NAME: Module Name Syntax incorrect -0xB906200B -E_CAL_BL_WRONG_RSP_LENGTH: Wrong Response Length from CS2 -0xB906200C -E_CAL_BL_NO_FILE: file does not exist -0xB906200D -E_CAL_BL_TIME_CONVERT: unable to convert time -0xB906200E -E_CAL_BL_KEY_SIZE: invalid key size -0xB906200F -E_CAL_BL_NO_EXT_ERASE: no external erase prevailing -0xB9063 -E_CAL_ADM: Admin Module Command Interface -0xB9063001 -E_CAL_ADM_INVALID_PARAM: invalid Parameter -0xB9063002 -E_CAL_ADM_WRONG_NAME: File Name Syntax incorrect -0xB9063003 -E_CAL_ADM_FILE_OPEN: File Open Error -0xB9063004 -E_CAL_ADM_FILE_READ: File Read Error -0xB9063005 -E_CAL_ADM_WRONG_PATH: File Path incorrect -0xB9063006 -E_CAL_ADM_MALLOC: Memory Allocation Error -0xB9063007 -E_CAL_ADM_WRONG_RSP_LENGTH: wrong response length from CS2 -0xB9063008 -E_CAL_ADM_NO_FILE: file does not exist -0xB9063009 -E_CAL_ADM_BATT_STATE: unknown battery state -0xB906300A -E_CAL_ADM_TIME_CONVERT: unable to convert time -0xB906300B -E_CAL_ADM_AUDIT_BAD: malformed audit log file -0xB906300C -E_CAL_ADM_NO_EXT_ERASE: no external erase prevailing -0xB906300D -E_CAL_ADM_AUDITCFG_SVM: struct version mismatch (binary length) -0xB906300E -E_CAL_ADM_INVALID_NO_ARGS: invalid number of arguments returning -0xB906300F -E_CAL_ADM_MODEL_NOT_SUITABLE: file not suitable for cryptoserver model -0xB9063010 -E_CAL_ADM_FILE_WRITE: File Write Error -0xB9064 -E_CAL_MXC: MMC / MTC tools -0xB9064001 -E_CAL_MXC_MALLOC: Memory Allocation Error -0xB9064002 -E_CAL_MXC_FILE_OPEN: unable to open file -0xB9064003 -E_CAL_MXC_FILE_READ: Error reading file -0xB9064004 -E_CAL_MXC_FILE_WRITE: Error writing file -0xB9064005 -E_CAL_MXC_FILE_TYPE: unknown file type -0xB9064006 -E_CAL_MXC_INVALID_ENC_MODE: invalid encryption mode -0xB9064007 -E_CAL_MXC_NO_MDL_INFO: Module does not contain mdl_info -0xB9064008 -E_CAL_MXC_READ_MMC_HEADER: Error reading mmc-header -0xB9064009 -E_CAL_MXC_READ_MTC_HEADER: Error reading mtc-header -0xB906400A -E_CAL_MXC_DES_KEYGEN_DIV8: key length isn't divisible by 8 -0xB906400B -E_CAL_MXC_DES_DECRYPT: Error executing DES Decryption -0xB906400C -E_CAL_MXC_DES_ENCRYPT: Error executing DES Encryption -0xB906400D -E_CAL_MXC_HASH_SHA1: Error executing SHA1 Hash -0xB906400E -E_CAL_MXC_HASH_INVALID_ALGO: invalid Hash algo -0xB906400F -E_CAL_MXC_INVALID_SIG_KEY: invalid Signature Key -0xB9064010 -E_CAL_MXC_PARAM_NULL_POINTER: Null Pointer in Parameter -0xB9064011 -E_CAL_MXC_NO_SIG: Container is without Signature -0xB9064012 -E_CAL_MXC_NO_SIG_INFO: MTC is without Signature Info -0xB9064013 -E_CAL_MXC_INVALID_MMC_HDR: invalid MMC header -0xB9064014 -E_CAL_MXC_INVALID_MTC_HDR: invalid MTC header -0xB9064015 -E_CAL_MXC_INVALID_SIG_HDR: invalid signature header -0xB9064016 -E_CAL_MXC_ENC_NOT_SUPPORTED: encryption not supported -0xB9064017 -E_CAL_MXC_NO_CPU_INFO: unknown target CPU of Module -0xB9064018 -E_CAL_MXC_NO_FW_DEC_KEY: firmware decryption key required -0xB9064019 -E_CAL_MXC_NO_FW_DEC_ERR: error decrypting firmware module -0xB906401A -E_CAL_MXC_SIGN_TYPE: invalid sign type -0xB906401B -E_CAL_MXC_NO_DATA: write operation with zero data blocks -0xB9064020 -E_CAL_MXC_SIG_INVALID_ALGO: invalid signature algo -0xB9064021 -E_CAL_MXC_SIG_CMP_RESULT: calculated Hash doesn't match with decrypted Hash -0xB9064022 -E_CAL_MXC_SIG_INVALID_MODULUS: invalid RSA Modulus to en-/decrypt signature -0xB9064023 -E_CAL_MXC_SIG_INVALID_PUBEXP: invalid RSA Public Exponent to decrypt signature -0xB9064024 -E_CAL_MXC_SIG_INVALID_PRVEXP: invalid RSA Modulus Exponent to encrypt signature -0xB9064025 -E_CAL_MXC_SIG_RSA_DECRYPT: Error RSA-decryption signature -0xB9064026 -E_CAL_MXC_SIG_RSA_ENCRYPT: Error RSA-encrypting signature -0xB9064027 -E_CAL_MXC_SIG_READ_HEADER: Error reading header of signature -0xB9064028 -E_CAL_MXC_SIG_INVALID_HASH_ALGO: invlaid Hash algo for signature -0xB9064029 -E_CAL_MXC_SIG_INVALID_KEY_LEN: invalid Key Length -0xB906402A -E_CAL_MXC_SIG_INVALID_BTYPE: invalid block type -0xB906402B -E_CAL_MXC_SIG_INVALID_PKCS1: invalid pkcs#1 format -0xB906402C -E_CAL_MXC_SIG_BAD_HASH: bad hash value -0xB906402D -E_CAL_MXC_NO_HW_INFO: unknown target hardware of Module -0xB906402E -E_CAL_MXC_DOUBLE_SIGNED: cannot sign an already signed SCF file -0xB9064040 -E_CAL_MXC_PARSE: parse error found in licence file -0xB9064041 -E_CAL_MXC_NO_LICFILE: not a licence file -0xB9064050 -E_CAL_MXC_NO_FILES: package archive contains no files -0xB9066 -E_CAL_AUTH: Authentication / Session layer -0xB9066001 -E_CAL_AUTH_BAD_USERNAME: Bad user name -0xB9066002 -E_CAL_AUTH_BAD_MEM: malloc failed -0xB9066003 -E_CAL_AUTH_BAD_LIST: bad user list returned from CS2 -0xB9066004 -E_CAL_AUTH_ALEN: bad length of answer from CS2 -0xB9066006 -E_CAL_AUTH_KEY_SIZE: specified keysize does not match smartcard -0xB9066008 -E_CAL_AUTH_INVAL: invalid parameter -0xB9066009 -E_CAL_AUTH_USER_EXIST: user already exists -0xB906600A -E_CAL_AUTH_FILE_EXIST: file already exists -0xB906600B -E_CAL_AUTH_FILE_OPEN: file open error -0xB906600C -E_CAL_AUTH_FILE_READ: file read error -0xB906600D -E_CAL_AUTH_FILE_WRITE: file write error -0xB906600E -E_CAL_AUTH_BAD_BACKUP: bad user backup data -0xB906600F -E_CAL_AUTH_USER_SKIPPED: at least one user has been skipped -0xB9066010 -E_CAL_AUTH_NO_LONG_NAME: long username not supported -0xB9066011 -E_CAL_AUTH_NOT_SUPPORTED: function not supported -0xB9066012 -E_CAL_AUTH_BAD_HALGO: unknown hash algorithm -0xB9066013 -E_CAL_AUTH_RSA_MODE: only CRT sign supported -0xB9066014 -E_CAL_AUTH_SM_MECH: illegal SM mechanism -0xB9066015 -E_CAL_AUTH_DEC_SKEY: error decrypting session key -0xB9066016 -E_CAL_AUTH_SIG_BUFF: buffer too small for signature -0xB9066017 -E_CAL_AUTH_SMC_ID: too many concurrent SC authentications -0xB9066018 -E_CAL_AUTH_NO_PUBKEY: no public key found on smartcard -0xB9066019 -E_CAL_AUTH_SM_BAD_MODE: illegal SM mode -0xB906601A -E_CAL_AUTH_SM_BAD_SIGNATURE: CryptoServer's signature could not be verified -0xB906601B -E_CAL_AUTH_SM_BAD_KEY_FILE: illegal format in auth keys file -0xB906601C -E_CAL_AUTH_KEY_NOT_FOUND: auth keys file does not contain key for this CryptoServer -0xB906601D -E_CAL_AUTH_KEY_TYPE_UNSUPPORTED: HSM auth key type not supported -0xB906601E -E_CAL_AUTH_KEY_MODE_UNSUPPORTED: HSM auth key mode not supported -0xB9067 -E_CAL_CSL: CSL Command Interface -0xB9067001 -E_CAL_CSL_INVALID_REC_LEN: invalid record length returned -0xB9067002 -E_CAL_CSL_MALLOC: memory allocation error -0xB9067003 -E_CAL_CSL_INVALID_DATA_LEN: invalid data length returned -0xB9067004 -E_CAL_CSL_CRYPT: password encryption failed -0xB9067005 -E_CAL_CSL_INVAL_PARAM: invalid parameter -0xB9067006 -E_CAL_CSL_BFSIZE: buffer size too small -0xB9067007 -E_CAL_CSL_ANSW_DATA: invalid answer data -0xB9068 -E_CAL_PKG: PKG Command Interface -0xB9068001 -E_CAL_PKG_FOP: accessing directory failed -0xB9068002 -E_CAL_PKG_FNAME_LEN: filename too long -0xB9068003 -E_CAL_PKG_FOPEN: open file failed -0xB9068004 -E_CAL_PKG_FREAD: read file failed -0xB9068005 -E_CAL_PKG_FWRITE: write file failed/ -0xB9068006 -E_CAL_PKG_MEMORY: memory allocation failed -0xB9068007 -E_CAL_PKG_NO_FILES: directory contains no files -0xB9068008 -E_CAL_PKG_INVALID_FILE: invalid package file -0xB9068009 -E_CAL_PKG_INVALID_NAME: invalid package name -0xB906800A -E_CAL_PKG_DIR_EXISTS: directory already exist -0xB906800B -E_CAL_PKG_CREATE_DIR: creating directory failed -0xB906800C -E_CAL_PKG_PARAM: Invalid parameter -0xB906800D -E_CAL_PKG_KEY: No key specifier given -0xB906800E -E_CAL_PKG_SLF_NAME: Invalid SingedLicenseFile name -0xB9068010 -E_CAL_PKG_LOOP: Possible loop in state machine detected -0xB9068011 -E_CAL_PKG_LOAD_FILE: Load file failed -0xB9068012 -E_CAL_PKG_FW_CONFIG: different module names with the same id /abbrev - config mismatch -0xB9068013 -E_CAL_PKG_MDL_START_NOK: could not start firmware module(s) -0xB9068014 -E_CAL_PKG_MDL: CryptoServer firmware module(s) differs from archive content -0xB9068015 -E_CAL_PKG_FLAGS_BLCLEAR: Given flag forbids to perform a BLClear -0xB9068016 -E_CAL_PKG_BASE_FIRMWARE: base firmware is missing / incomplete -0xB9068017 -E_CAL_PKG_FW_NO_ARCHIVE: firmware module not contained in archive -0xB9068018 -E_CAL_PKG_FW_CPU_TYPE: firmware module is contained in archive but with different CPU type -0xB9068019 -E_CAL_PKG_ALARM: CryptoServer in alarm state -0xB906801A -E_CAL_PKG_UNDEF_STATE: cryptoserver remains in an undefined state -0xB906801B -E_CAL_PKG_TMP_DIR: creating temporary directory failed -0xB906801C -E_CAL_PKG_OLD_SDK: old CryptoServer SDK version not supported -0xB906801D -E_CAL_PKG_VERIFICATION: verification of firmware package failed -0xB9068020 -E_CAL_PKG_AUTH_PARAM: bad auth/sm parameter -0xB9068021 -E_CAL_PKG_SESSION: bad session -0xB9068022 -E_CAL_PKG_FLAGS: illegal flag parameter -0xB9068023 -E_CAL_PKG_MODEL: package loader <--> CryptoServer model mismatch -0xB9069 -E_CAL_MBK: MBK tools -0xB9069001 -E_CAL_MBK_PKCS1_FORMAT: bad pkcs1 format -0xB9069002 -E_CAL_MBK_BUF_SIZE: buffer size too small -0xB9069003 -E_CAL_MBK_RESP_LEN: invalid response length -0xB9069004 -E_CAL_MBK_ALLOC: memory allocation failed -0xB9069005 -E_CAL_MBK_FILE_OPEN: unable to open file -0xB9069006 -E_CAL_MBK_FILE_FORMAT: invalid file format -0xB9069007 -E_CAL_MBK_PARAM_INVAL: invalid parameter -0xB9069008 -E_CAL_MBK_ACTION_CANCELED: aborted by user -0xB9069009 -E_CAL_MBK_RESP_DATA: invalid answer data -0xB906900A -E_CAL_MBK_KEY_LEN: invalid key length -0xB906900B -E_CAL_MBK_NO_PWD: no password given -0xB906900C -E_CAL_MBK_NO_SESSION: no session -0xB9069010 -E_CAL_MBK_SC_ERR: smartcard responds error -0xB9069011 -E_CAL_MBK_SC_NO_RECORD: record not found -0xB9069012 -E_CAL_MBK_SC_NO_FILE: file not found -0xB9069013 -E_CAL_MBK_SC_DENIED: access denied -0xB9069014 -E_CAL_MBK_SC_SM: secure messaging failed -0xB9069015 -E_CAL_MBK_SC_RECLEN: invalid record length -0xB9069016 -E_CAL_MBK_SC_VERIFY_FAILED: password verification failed -0xB9069017 -E_CAL_MBK_SC_CARD_LOCKED: smartcard is locked -0xB9069018 -E_CAL_MBK_SC_PIN_REPETITION: bad pin repetition -0xB9069019 -E_CAL_MBK_SC_NULL_PIN: null pin still active -0xB906902 -E_CAL_MBK_SC_INVALID_PIN: invalid pin -0xB906A -E_CAL_SMC: cs2adm smartcard tools -0xB906A001 -E_CAL_SMC_ALLOC: memory allocation failed -0xB906A002 -E_CAL_SMC_BAD_DEV_NAME: bad device name -0xB906A003 -E_CAL_SMC_TOOMANY: too many open handles -0xB906A004 -E_CAL_SMC_ID_IN_USE: requested smc_id already in use -0xB906A005 -E_CAL_SMC_CHANNEL_NOT_OPEN: channel is not open -0xB906A006 -E_CAL_SMC_DATA_LEN: invalid data length -0xB906A007 -E_CAL_SMC_BUF_SIZE: buffer size too small -0xB906A008 -E_CAL_SMC_LOCKED: smartcard is locked -0xB906A009 -E_CAL_SMC_BAD_RESPONSE: bad response from smartcard -0xB906A00A -E_CAL_SMC_CARD_UNKNOWN: unknown smartcard -0xB906A00B -E_CAL_SMC_FCT_NOT_SUPP: function not supported for given cardtype -0xB906A00C -E_CAL_SMC_EXTD_APDU_N_SUPP: function not supported for given cardtype -0xB906A00D -E_CAL_SMC_PARAMETER: bad parameter given -0xB906A00E -E_CAL_SMC_LOGIN_MISS: login condition for this function not supplied -0xB906A00F -E_CAL_SMC_BAD_KEYSIZE: keylength not suitable for given card -0xB906A010 -E_CAL_SMC_PIN_LEN: invalid PIN length -0xB906A011 -E_CAL_SMC_FILE_NOT_FOUND: PIN file doesn't exist -0xB906A012 -E_CAL_SMC_NULLPIN: Null-PIN is still active -0xB906A01C -E_CAL_SMC_INVALID_PIN: PIN is invalid, no tries left -0xB906A01D -E_CAL_SMC_INVALID_PIN1: PIN is invalid, 1 try left -0xB906A01E -E_CAL_SMC_INVALID_PIN2: PIN is invalid, 2 tries left -0xB906A01F -E_CAL_SMC_INVALID_PIN3: PIN is invalid, 3 or more tries left -0xB906A020 -E_CAL_SMC_RECOVER_BAD_DATA: bad data from backup card -0xB906A021 -E_CAL_SMC_RECOVER_TOO_MANY: more keyhalfs given than existing -0xB906A022 -E_CAL_SMC_COS_BAD_DATA: bad data structure on Siemens CardOS card -0xB906B -E_CAL_NTP: NTP Module Command Interface -0xB906B001 -E_CAL_NTP_INVALID_PARAM: invalid Parameter -0xB906B002 -E_CAL_NTP_WRONG_RSP_LENGTH: wrong response length from CS2 -0xB906B003 -E_CAL_NTP_TIME_CONVERT: unable to convert time -0xB906C001 -E_CAL_CLONE_FILE_EMPTY: there are no database entries in the given file -0xB906F -E_CAL_CLONE: Clone Database Command Interface -0xB906F002 -E_CAL_CLONE_FILE_STRUCTURE: incorrect structure of backup file -0xB906F003 -E_CAL_CLONE_FILE_OPEN: unable to open backup file -0xB906F004 -E_CAL_CLONE_MALLOC: memory allocation failed -0xB906F005 -E_CAL_CLONE_FILE_LEN: incorrect length of backup file -0xB906F006 -E_CAL_CLONE_SEARCH_KEY1: cannot find search_key1 -0xB906F007 -E_CAL_CLONE_SEARCH_KEY2: cannot find search_key2 -0xB906F008 -E_CAL_CLONE_SNIPPET_LEN: invalid length of snippet -0xB908 -E_DSP: LCD Display module -0xB9080001 -E_DSP_DATALEN: string too long -0xB9080002 -E_DSP_MAXDSP: Cannot open another display -0xB9080003 -E_DSP_TIMEOUT: timeout reached -0xB9080004 -E_DSP_MEM: memory allocation failed -0xB9080005 -E_DSP_HDL: display not open -0xB9080006 -E_DSP_CANCEL: dsp_getexp cancelled -0xB9080007 -E_DSP_PARAM: parameter out of range -0xB90A -E_CSLAN: CSLAN -0xB90A01 -E_CSLAN_CTRL: CSLAN Control Module -0xB90A0101 -E_CSLAN_CTRL_BADCMD: wrong parameter -0xB90A0102 -E_CSLAN_CTRL_FAILED: system call failure -0xB90A0103 -E_CSLAN_CTRL_DENIED: wrong permission for file operations -0xB90A0104 -E_CSLAN_CTRL_NO_ROUTE: no relation between port and cs device -0xB90A0105 -E_CSLAN_CTRL_FILE: no such file -0xB90A0106 -E_CSLAN_CTRL_BADSIZE: length mismatch for vchar parameter -0xB90A0107 -E_CSLAN_CTRL_RESET: operation aborted because cs has been reset -0xB90A0108 -E_CSLAN_CTRL_AUTH: authentication failed -0xB90A0109 -E_CSLAN_CTRL_MEM: memory allocation failed -0xB90A010A -E_CSLAN_CTRL_NO_SER: no serial number available -0xB90A010B -E_CSLAN_CTRL_LOCKED: CryptoServer is locked -0xB90A010C -E_CSLAN_CTRL_ALREADY_LOCKED: CryptoServer is already locked -0xB90A010D -E_CSLAN_CTRL_LOCK_DENIED: CryptoServer lock denied (on loadbalancing ports) -0xB90A010E -E_CSLAN_CTRL_NO_SPACE: No space left on device for this operation -0xB90A010F -E_CSLAN_CTRL_TO_MANY_ROUTES: To many routes for the state device(s) -0xB90A0120 -E_CSLAN_CTRL_NO_KSAPI: ksapi compatibility listener not found -0xB90A0121 -E_CSLAN_CTRL_INVALID_SFC: nonexistent subfunction code -0xB90A0201 -E_CSLAN_CTRL_CONFIG: illegal configuration file -0xB90A0301 -E_CSLAN_QUEUE: queue full -0xB90A0302 -E_CSLAN_AVAIL: no cryptoserver online -0xB90A0303 -E_CSLAN_LEN_MISMATCH: mismatch between real packet length and data length -0xB90A0304 -E_CSLAN_NO_CONN: connection table full -0xB90A0305 -E_CSLAN_MAPPING: ksapi compatibility mapping not found -0xB90B -E_CSADM: csadm Tool -0xB90B0001 -E_CSADM_MEM: memory allocation failed -0xB90B0002 -E_CSADM_PWD_NULL: NULL passphrase -0xB90B0003 -E_CSADM_PWD_DIFF: passphrase repetition wrong -0xB90B0004 -E_CSADM_BUF_SIZE: buffer size to small -0xB90B0005 -E_CSADM_CMD_WRONGCALL: command wrongly called -0xB90B0010 -E_CSADM_ARG_CNT: invalid number of arguments -0xB90B0011 -E_CSADM_ARG_FMT: invalid argument format -0xB90B0012 -E_CSADM_ABORT: aborted by user -0xB90B0013 -E_CSADM_ARG_LEN: invalid argument length -0xB90B0014 -E_CSADM_RESP_LEN: invalid response length -0xB90B0015 -E_CSADM_RESP_DATA: invalid response data -0xB90B0020 -E_CSADM_KEY_PART_CNT: invalid number of key parts -0xB90C -E_CSXAPI: CSXAPI -0xB90C0001 -E_CSXAPI_ALLOC: memory allocation failed -0xB90C0002 -E_CSXAPI_DATA_LEN: invalid data length -0xB90C0003 -E_CSXAPI_RESP_LEN: invalid response length -0xB90C0004 -E_CSXAPI_BUF_SIZE: buffer size too small -0xB90C0005 -E_CSXAPI_PARAM: invalid parameter value -0xB90C0006 -E_CSXAPI_MAX_PIN: maximum number of cached pins reached -0xB90C0007 -E_CSXAPI_SESSION_INVALID: invalid session -0xB90C01 -E_CSXAPI_CLUSTER: Cluster API -0xB90C0101 -E_CSXAPI_CLUSTER_OPEN: unable to open any device -0xB90C0102 -E_CSXAPI_CLUSTER_LOGON: unable to logon to any device -0xB90C0103 -E_CSXAPI_CLUSTER_EXEC: unable to execute command on any device -0xB90C0104 -E_CSXAPI_CLUSTER_NAME: unknown device name -0xB90C0105 -E_CSXAPI_CLUSTER_CON_PARAM: invalid connection parameter -0xB90C0106 -E_CSXAPI_CLUSTER_HDL_IN_USE: handle still in use -0xB90C1 -E_CSXAPI_WIN: windows system error -0xB90C2 -E_CSXAPI_UNIX: unix system error -0xB90D -E_ULOG: ulog library -0xB90D0001 -E_ULOG_TMOUT: timeout reading socket -0xB90D1 -E_ULOG_SOCKET: socket failed -0xB90D2 -E_ULOG_BIND: bind failed -0xB90D3 -E_ULOG_SEND: send failed -0xB90D4 -E_ULOG_POLL: poll failed -0xB90D5 -E_ULOG_RECV: recv failed -0xB90E -E_SDB: Simple Database library -0xB90E0001 -E_SDB_NO_MEM: memory allocation failed -0xB90E0002 -E_SDB_NO_DB: database file does not exist -0xB90E0003 -E_SDB_NOT_FOUND: record not found -0xB90E0004 -E_SDB_EXISTS: record already exists -0xB90E0005 -E_SDB_COR_FILE: corrupted database file -0xB90E0006 -E_SDB_BAD_HANDLE: bad database handle -0xB90E0007 -E_SDB_BAD_INFO: bad info structure -0xB90E0008 -E_SDB_LENGTH: bad data length -0xB90E0009 -E_SDB_LOCK: locking failed -0xB90E000A -E_SDB_FILE_NAME: invalid file name -0xB90E1 -E_SDB_SYS_OPEN: open failed -0xB90E2 -E_SDB_SYS_CREAT: creat failed -0xB90E3 -E_SDB_SYS_SEEK: lseek failed -0xB90E4 -E_SDB_SYS_READ: read failed -0xB90E5 -E_SDB_SYS_WRITE: write failed -0xB90E6 -E_SDB_MTX_CREATE: creating mutex failed -0xB90E7 -E_SDB_MTX_LOCK: locking mutex failed -0xB90E8 -E_SDB_FILE_LOCK: locking file failed -0xB90F -E_P11ADM: P11 admin library -0xB90F0001 -E_P11ADM_ALLOC: memory allocation error -0xB90F0002 -E_P11ADM_PARAM: invalid parameter -0xB90F0003 -E_P11ADM_BUF_SIZE: insufficient buffer size -0xB90F0004 -E_P11ADM_KEY_TYPE: invalid key type -0xB90F0005 -E_P11ADM_FILE_OPEN: unable to open / create file -0xB90F0006 -E_P11ADM_MECHANISM: invalid mechanism -0xB90F0007 -E_P11ADM_KEY_LEN: invalid key length -0xB90F1 -E_P11ADM_OSSL: OpenSSL section -0xB90F2 -E_P11ADM_PKCS11: PKCS#11 section -0xB912 -E_HSD: Host Service Daemon -0xB9120001 -E_HSD_MALLOC: memory allocation error -0xB9120002 -E_HSD_WSASTARTUP: error on WSAStartup -0xB9120003 -E_HSD_WSACLEANUP: error on WSACleanup -0xB9120004 -E_HSD_CREATEMUTEX: err creating mutex -0xB9120005 -E_HSD_NO_DEVICES: error creating socket -0xB9120006 -E_HSD_CREATESOCKET: socket creating error -0xB9120007 -E_HSD_TIMEOUT: timeout -0xB9120008 -E_HSD_TERM: connection was terminated -0xB9120009 -E_HSD_INVALID_DATA_LEN: invalid cmds data length -0xB912000A -E_HSD_INVALID_HDR_LEN: invalid cmds header length -0xB912000B -E_HSD_INVALID_ARG: invalid argument -0xB912000C -E_HSD_BINDSOCKET: binding socket failed -0xB912000D -E_HSD_LISTEN: listen failed -0xB912000E -E_HSD_SETSOCKOPT: setsockopt failed -0xB912000F -E_HSD_BAD_CONFIG: bad configuration -0xB9120010 -E_HSD_PROTOCOL: protocol error -0xB9120011 -E_HSD_LOAD_LIBRARY: unable to load auxiliary library -0xB9120012 -E_HSD_MUTEX_CREATE: unable to create mutex -0xB9120013 -E_HSD_MUTEX_LOCK: unable to lock mutex -0xB9120014 -E_HSD_MUTEX_UNLOCK: unable to unlock mutex -0xB9120015 -E_HSD_MUTEX_LOCK_TIMEOUT: timeout while trying to lock mutex -0xB9121 -E_HSD_SELECT: select error -0xB9122 -E_HSD_RECV: receive error -0xB9123 -E_HSD_SEND: send error -0xB9124 -E_HSD_CTRL: control module -0xB9124001 -E_HSD_CTRL_WRONG_SFC: wrong subfunction code -0xB9124002 -E_HSD_CTRL_BADCMD: bad control command -0xB9124003 -E_HSD_CTRL_AUTH: authentication failed -0xB9124004 -E_HSD_CTRL_CS2_BAD_ANSW: bad CryptoServer answer -0xB9125 -E_HSD_INIT: init failed -0xB915 -E_DSPA: dsp_admin3 - DSP Daemon on CSLAN -0xB9150001 -E_DSPA_PARAM: wrong parameter or parameter usage -0xB9150002 -E_DSPA_TIME_CONV: some of the manyfold time conversions failed (w/o userinteraction) -0xB9150003 -E_DSPA_TIME_CONV_USER: some of the manyfold time conversions failed (w/ userinteraction) -0xB9150004 -E_DSPA_BUFFERSIZE: some provided buffer was too small -0xB9150042 -E_DSPA_INTERNAL_PARSE: some data struct could not be parsed internally -0xB91501 -E_DSPA_CS: CryptoServer Administration section -0xB9150101 -E_DSPA_CS_NO_ALARM: No Alarm prevailing -0xB9150102 -E_DSPA_CS_FNA_FIPS: Function not available in FIPS mode -0xB91502 -E_DSPA_LAN: CSLAN Administration section -0xB91503 -E_DSPA_LAN_UPDATE: CSLAN Administration - Update -0xB9150300 -E_DSPA_LAN_UPDATE_BASE: CSLAN Administration - Update - calcbase -0xB9150301 -E_DSPA_LAN_UPDATE_NOTGZ: Extraction of archive failed -0xB9150302 -E_DSPA_LAN_UPDATE_NOLANAR: Not a CSLAN OS archive file. -0xB9150303 -E_DSPA_LAN_UPDATE_NOINDI: Did not find expected indicator in archive. -0xB9150304 -E_DSPA_LAN_UPDATE_NOTARGPAR: Wrong/missing argument -0xB9150305 -E_DSPA_LAN_UPDATE_CANTMOUNT: Can't mount user1/user2 -0xB9150306 -E_DSPA_LAN_UPDATE_CANTTOUCH: Could not touch INIT-COPY-CONFIG ActionFile -0xB9150307 -E_DSPA_LAN_UPDATE_POSTUPSCR: Post update script returned error -0xB915037F -E_DSPA_LAN_UPDATE_SHNOTEXEC: sh could not be executed -0xB91503FF -E_DSPA_LAN_UPDATE_NO_TGZ_O: file was no .tar.gz (old msg) -0xB91504 -E_DSPA_LAN_ACTIONF: CSLAN Administration - ActionFiles -0xB9150400 -E_DSPA_LAN_ACTIONF_BASE: CSLAN Administration - ActionFiles - calcbase -0xB9150401 -E_DSPA_LAN_ACTIONF_COMMAND: Wrong/missing argument -0xB9150402 -E_DSPA_LAN_ACTIONF_ACTIONFLE: Wrong/missing argument -0xB9150403 -E_DSPA_LAN_ACTIONF_PARTITION: Wrong/missing argument -0xB9150404 -E_DSPA_LAN_ACTIONF_PREVAILIN: prevailing actionFile -0xB9150405 -E_DSPA_LAN_ACTIONF_MNTTARGET: can't mount target user1/user2 -0xB915047F -E_DSPA_LAN_ACTIONF_SHNOTEXEC: sh could not be executed -0xB91505 -E_DSPA_LAN_SNMP: CSLAN Administration - SNMP -0xB9150500 -E_DSPA_LAN_SNMP_BASE: CSLAN Administration - SNMP - calcbase -0xB9150501 -E_DSPA_LAN_SNMP_COMMAND: Wrong/missing argument -0xB9150502 -E_DSPA_LAN_SNMP_SYSCSNMPD: Failed to write /etc/sysconfig/snmpd -0xB9150503 -E_DSPA_LAN_SNMP_SYSCTRAPD: Failed to write /etc/sysconfig/trapd -0xB9150504 -E_DSPA_LAN_SNMP_ETCSNMPD: Failed to write /etc/snmp/snmpd.conf -0xB915057F -E_DSPA_LAN_SNMP_SHNOTEXEC: sh could not be executed -0xB91505FF -E_DSPA_LAN_SNMP_FORKFAILED: fork(2) failed -0xB91506 -E_DSPA_LINUXERROR: Error Code from Linux: -0xB916 -E_CTS_API: Host API CTS - Crypto Timestamp -0xB9164001 -E_CTS_API_DEVICE_ENV: Environment variable CRYPTOSERVER not set -0xB9164002 -E_CTS_API_DEVICE_TCP: Environment variable CRYPTOSERVER not configured for TCP -0xB9164003 -E_CTS_API_ARGS: Incorrect function arguments given -0xB9164004 -E_CTS_API_ASN_ENCODE: Error occurred while encoding the timestamp request -0xB9164005 -E_CTS_API_ASN_ENCODE_LEN: Given input buffer is too small to copy encoded data -0xB9164006 -E_CTS_API_RECV: Incorrect data received from TimestampServer -0xB9164007 -E_CTS_API_TS: Error returned from the TimestampServer -0xB9164008 -E_CTS_API_FOPEN: Cannot open file -0xB9164009 -E_CTS_API_PKCS7_INVALID_OBJECT: given data is not pkcs7 encoded -0xB916400A -E_CTS_API_PKCS7_UNSUPPORTED_TYPE: only signed and signedAndEnveloped PKCS7 types supported -0xB916400B -E_CTS_API_PKCS7_MULTIPLE_CERTS: given data contains more than one certificate -0xB916400C -E_CTS_API_PKCS7_NO_CERTS: given data contains no certificate -0xB916400D -E_CTS_API_X509_NO_CERT: given data contains no plain certificate -0xB916400E -E_CTS_API_INVALID_TS_STRUCT: Given TimeStamp structure is not a valid ASN.1 format -0xB916400F -E_CTS_API_HASH_ALGO: Unsupported hash algorithm -0xB9164010 -E_CTS_API_INVALID_HASH: Calculated hash value does not match with the hash value contained in the TimeStamp -0xB9164011 -E_CTS_API_OUT_OVL: given memory buffer too small or invalid length returned from the CSLAN -0xB9164012 -E_CTS_API_MALLOC: can't allocate memory -0xB9164013 -E_CTS_API_PKCS7_RW: Error while reading/writing PKCS7 data -0xB9164014 -E_CTS_API_ASN_NO_TS: Given timestamp contains no timestamp token (maybe error in request?) -0xB9164015 -E_CTS_API_HASH_LENGTH: invalid hash length -0xB9164016 -E_CTS_API_HTTP_BAD_RESP: invalid http response -0xB9164100 -E_CTS_API_TCP_INIT: tcp: init error -0xB9164101 -E_CTS_API_TCP_ADDR: tcp: incorrect IP address -0xB9164102 -E_CTS_API_TCP_HOSTNAME: tcp: incorrect hostname -0xB9164103 -E_CTS_API_TCP_PORT: tcp: incorrect port number -0xB9164104 -E_CTS_API_TCP_TIMEOUT: tcp: connection timeout -0xB9164105 -E_CTS_API_TCP_CLOSED: tcp: connection closed by remote host -0xB91642 -E_CTS_API_TCP_SOCKET: tcp: can't create socket -0xB91643 -E_CTS_API_TCP_CONNECT: tcp: can't get connection -0xB91644 -E_CTS_API_TCP_RECV: tcp: recv error -0xB91645 -E_CTS_API_TCP_SEND: tcp: send error -0xB91646 -E_CTS_API_TCP_SELECT: tcp: select error -0xB9164800 -E_CTS_API_HTTP: HTTP error -0xB9164990 -E_CTS_API_HTTP_BAD_REQUEST: HTTP error 400: Bad Request -0xB9164993 -E_CTS_API_HTTP_FORBIDDEN: HTTP error 403: Forbidden -0xB9164994 -E_CTS_API_HTTP_NOT_FOUND: HTTP error 404: Not Found -0xB9164995 -E_CTS_API_HTTP_METHOD_NOT_ALLOWED: HTTP error 405: Method not allowed -0xB91649F4 -E_CTS_API_HTTP_SERVER_ERROR: HTTP error 500: Server error -0xB91649F7 -E_CTS_API_HTTP_SERVICE_UNAVAIL: HTTP error 503: Service unavailable -0xB917 -E_CSPD: CryptoServer Protocol Daemon -0xB9170001 -E_CSPD_MALLOC: memory allocation error -0xB9170002 -E_CSPD_PARAM: invalid parameter -0xB9170003 -E_CSPD_BAD_CONFIG: bad configuration -0xB9170004 -E_CSPD_NO_DEVICE: can't open any device -0xB9170005 -E_CSPD_TIMEOUT: timeout -0xB9170006 -E_CSPD_TERM: connection was terminated -0xB9170007 -E_CSPD_INVALID_DATA_LEN: invalid command data length -0xB9170008 -E_CSPD_PROTOCOL: protocol error -0xB9170009 -E_CSPD_MAX_CONNECTIONS: maximum number of connections reached -0xB917000A -E_CSPD_FILE_OPEN: can't open file -0xB917000B -E_CSPD_BUF_SIZE: buffer size too small -0xB917001 -E_CSPD_MUTEX: mutex section -0xB9170012 -E_CSPD_MUTEX_CREATE: unable to create mutex -0xB9170013 -E_CSPD_MUTEX_DELETE: timeout while trying to lock mutex -0xB9170014 -E_CSPD_MUTEX_LOCK: unable to lock mutex -0xB9170015 -E_CSPD_MUTEX_LOCK_TIMEOUT: atempt to lock mutex timed out -0xB9170016 -E_CSPD_MUTEX_UNLOCK: unable to unlock mutex -0xB917002 -E_CSPD_CTRL: control module -0xB9170021 -E_CSPD_CTRL_WRONG_SFC: wrong subfunction code -0xB9170022 -E_CSPD_CTRL_BAD_CMD: bad control command -0xB9170023 -E_CSPD_CTRL_AUTH: authentication failed -0xB9170024 -E_CSPD_CTRL_BAD_ANSW: bad CryptoServer answer -0xB9170025 -E_CSPD_CTRL_PARAM: invalid parameter -0xB9171 -E_CSPD_TCP: TCP error -0xB9172 -E_CSPD_SYS: system error -0xB918 -E_PPD: CryptoServer Protocol Daemon -0xB9180001 -E_PPD_MALLOC: memory allocation error -0xB9180002 -E_PPD_PARAM: invalid parameter -0xB9180003 -E_PPD_BAD_CONFIG: bad configuration -0xB9180004 -E_PPD_NO_DEVICE: can't open any device -0xB9180005 -E_PPD_TIMEOUT: timeout -0xB9180006 -E_PPD_TERM: connection was terminated -0xB9180007 -E_PPD_INVALID_DATA_LEN: invalid command data length -0xB9180008 -E_PPD_PROTOCOL: protocol error -0xB9180009 -E_PPD_MAX_CONNECTIONS: maximum number of connections reached -0xB918000A -E_PPD_FILE_OPEN: can't open file -0xB918000B -E_PPD_BUF_SIZE: buffer size too small -0xB918000C -E_PPD_AUTH_FAILED: authentication failed -0xB9180010 -E_PPD_CMD_LEN: invalid command length -0xB9180011 -E_PPD_CMD_FC: invalid function code -0xB9180012 -E_PPD_CMD_SFC: invalid sub-function code -0xB918002 -E_PPD_MUTEX: mutex section -0xB9180022 -E_PPD_MUTEX_CREATE: unable to create mutex -0xB9180023 -E_PPD_MUTEX_DELETE: timeout while trying to lock mutex -0xB9180024 -E_PPD_MUTEX_LOCK: unable to lock mutex -0xB9180025 -E_PPD_MUTEX_LOCK_TIMEOUT: atempt to lock mutex timed out -0xB9180026 -E_PPD_MUTEX_UNLOCK: unable to unlock mutex -0xB9181 -E_PPD_TCP: TCP error -0xB9182 -E_PPD_SYS: system error -0xB91C -E_P11_API: CryptoServer PKCS11 API -0xB91C0000 -E_P11_CMD_SIZE: CryptoServer command size exceeded -0xB91C0001 -E_P11_AUTH_METHOD: Unknown authentication method -0xB91C0002 -E_P11_AUTH_CREDENTIALS: Invalid authentication credentials -0xB91C0003 -E_P11_HASH_ALGO: Unknown hash algorithm -0xB91C0004 -E_P11_ANSW: Malformed answer of CryptoServer -0xB91C0005 -E_P11_LOGIN_STRING_COUNT: Number of login strings < 2 -0xB91C0006 -E_P11_LOGIN_STRING: Login string too long -0xB91C0007 -E_P11_LOGIN_STRING_INVALID: Invalid login string -0xB91C0008 -E_P11_HANDLE_LOST: CryptoServer handle lost -0xB91D -E_PPA: PIN pad API -0xB91D0001 -E_PPA_ALLOC: memory allocation failed -0xB91D0002 -E_PPA_TYPE: invalid PIN pad type -0xB91D0003 -E_PPA_NO_DEVICE: no device found -0xB91D0004 -E_PPA_BAD_DEV_NAME: bad device name -0xB91D0005 -E_PPA_TOOMANY: too may open connections -0xB91D0006 -E_PPA_BAD_HANDLE: bad handle -0xB91D0007 -E_PPA_PARAM: invalid parameter -0xB91D0008 -E_PPA_NOT_SUPPORTED: requested feature is not supported -0xB91D0009 -E_PPA_NOT_OPEN: connection is not open -0xB91D000A -E_PPA_TIMEOUT: timeout occurred -0xB91D000B -E_PPA_ABORT: action canceled -0xB91D000C -E_PPA_DATA_LEN: invalid data length -0xB91D000D -E_PPA_PIN_REPETITION: bad PIN repetition -0xB91D000E -E_PPA_BUF_SIZE: invalid buffer size -0xB91D000F -E_PPA_PROTOCOL: protocol error -0xB91D0010 -E_PPA_ICC_STATE: bad ICC state -0xB91D0011 -E_PPA_ICC_DATA_LEN: bad data length returned from ICC -0xB91D0012 -E_PPA_ICC_BAD_RESPONSE: bad response recieved from ICC -0xB91D0013 -E_PPA_ICC_NO_CARD: no smartcard inserted -0xB91D0020 -E_PPA_USB_DRIVER: USB driver is not running -0xB91D0021 -E_PPA_USB_OPEN: USB open failed -0xB91D0022 -E_PPA_USB_WRITE: USB write failed -0xB91D0023 -E_PPA_USB_READ: USB read failed -0xB91D0024 -E_PPA_USB_NOT_AVAIL: USB is not available -0xB91D0030 -E_PPA_BAD_INPUT: bad input -0xB91D0031 -E_PPA_ACCESS_DENIED: access denied -0xB91D0032 -E_PPA_CONNECT: no reader connected -0xB91D0041 -E_PPA_JCOP_TIMEOUT: JCOP simulator send/receive timeout -0xB91D0044 -E_PPA_JCOP_OTHER: JCOP simulator unknown error -0xB91D1 -E_PPA_PCSC: PC/SC -0xB91D2 -E_PPA_MKT: MKT -0xB91D3 -E_PPA_CP8: CP8 -0xB91D4 -E_PPA_ACR80: ACR80 -0xB91D5 -E_PPA_LIBUSB: USB -0xB91D6 -E_PPA_CCID: CCID -0xB91D7 -E_PPA_CYBERJACK: cyberJack -0xB91D8 -E_PPA_JCOP: JCOP -0xB91E -E_COPA: copa Config Parser -0xB91E0000 -E_COPA_FILE: Cant open/access configuration file -0xB91E0100 -E_COPA_LINE_TO_LONG: line from input file to long -0xB91E0101 -E_COPA_NO_MATCHING_BRACKET: No matching ] found -0xB91E0102 -E_COPA_NO_EQUAL_FOUND: No = after variable found -0xB91E0103 -E_COPA_NO_VALUE_FOR_VAL_FOUND: No value for variable after = found -0xB91E0104 -E_COPA_NO_MATCHING_QUOTE: No Matching \" or' found -0xB91E0105 -E_COPA_INVALID_HEXNUMBER: No valid Hex Number after $ -0xB91E0106 -E_COPA_NO_TWO_BYTE_HEXNUMBER: not all hex codes are two byte -0xB91E0107 -E_COPA_NO_VALUES_IN_LIST: No Value in List found -0xB91E0108 -E_COPA_SECOND_CHAR_NO_HEX: second char after $ is no valid hex value -0xB91E0109 -E_COPA_LIST_NOT_IN_FILE: One of the list elements it not in the config file -0xB91E0110 -E_COPA_FILE_NOT_IN_LIST: One of the config file elements it not in the list -0xB91E0111 -E_COPA_VALUE_NOT_BOOL: Value is not a Boolean value -0xB91E0112 -E_COPA_INVALID_INTEGER: Value is not an Integer number -0xB91E0113 -E_COPA_NON_PRINTABLE_CHAR: Char in String is non printable -0xB91E0114 -E_COPA_LONG_DOESNT_FIT_IN_INT: strol returns long, the result does not fit in int -0xB91E0115 -E_COPA_OUT_OF_RANGE: strol returns variable is out of range -0xB920 -E_CXI_API: CryptoServer Core API Cxi -0xB9200001 -E_CXI_API_ALLOC: memory allocation failed -0xB9200002 -E_CXI_API_PARAM: invalid parameter -0xB9200003 -E_CXI_API_PARAM_LEN: invalid parameter length -0xB9200004 -E_CXI_API_PARAM_RANGE: parameter out of range -0xB9200005 -E_CXI_API_BUF_SIZE: buffer size too small -0xB9200006 -E_CXI_API_ANSW_LEN: invalid answer length -0xB9200007 -E_CXI_API_ANSW_DATA: invalid format of answer data -0xB9200008 -E_CXI_API_STRING_TERM: unterminated string -0xB9200009 -E_CXI_API_STRING_CONV: string conversion failed -0xB920000A -E_CXI_API_NOT_FOUND: object/item not found -0xB920000B -E_CXI_API_COMPARE: compare failed -0xB920000C -E_CXI_API_ALGO: invalid algorithm -0xB920000D -E_CXI_API_STATE: invalid state -0xB920000E -E_CXI_API_FILE: file error -0xB920000F -E_CXI_API_USER_NOT_FOUND: user does not exist -0xB9200010 -E_CXI_API_NOT_SUPPORTED: operation not supported -0xB9200011 -E_CXI_API_INVALID_KEY: invalid key -0xB9200012 -E_CXI_API_IO: I/O error -0xB9200013 -E_CXI_API_LOG: log access error -0xB9200014 -E_CXI_API_DB: database access error -0xB9200015 -E_CXI_API_ASN1_FORMAT: invalid ASN.1 format -0xB9200016 -E_CXI_API_MEM_CORR: memory corruption -0xB9200017 -E_CXI_API_MECHS_LENGTH: invalid number of mechs -0xB9201 -E_CXI_API_SYSTEM: system error -0xB921 -E_OSTESTTOOL: OS test tool -0xB9210001 -E_OSTESTTOOL_MALLOC: memory allocation failed -0xB9210002 -E_OSTESTTOOL_INVALID_PARAM: invalid parameter -0xB9210003 -E_OSTESTTOOL_ANSW_LEN: invalid length of answer data -0xB9210004 -E_OSTESTTOOL_ERROR_EXPECTED: actual error doesn't match expected error -0xB9210005 -E_OSTESTTOOL_DATA_COMPARE: data compare error -0xB9210006 -E_OSTESTTOOL_FILE: file error -0xB9210007 -E_OSTESTTOOL_RANGE: value exceeds expected range -0xB980 -E_JCSA: java CryptoServer API -0xB9800001 -E_JCSA_TERM: Connection terminated by remote host -0xB9800002 -E_JCSA_BLK_LEN: Bad block length received -0xB9800003 -E_JCSA_BAD_ANSW: Bad answer length -0xB9800004 -E_JCSA_BAD_TAG: Bad tag of answer block -0xB9800005 -E_JCSA_AUTH_MAX: Too many authentications -0xB9800006 -E_JCSA_PWD_LEN: Bad length of password -0xB9800007 -E_JCSA_TRANS_NAME: Can't translate user name -0xB9800008 -E_JCSA_JCE_ALGO: Hash algo not available -0xB9800009 -E_JCSA_GET_CH: Could not get challenge -0xB980000A -E_JCSA_JCE_PROV: JCE Provider not found -0xB980000B -E_JCSA_JCE_KEY: JCE Key Exception (Jurisdiction files installed?) -0xB980000C -E_JCSA_JCE_EXC: JCE Exception -0xB980000D -E_JCSA_SM_FAIL: Secure Messaging failed -0xB980000E -E_JCSA_SM_MODE: Unknown SM mode -0xB980000F -E_JCSA_SK_DEC: Bad session key decryption -0xB9800010 -E_JCSA_JNI_ERR: JNI Interface Error -0xB9800011 -E_JCSA_BAD_PARA: Bad parameter -0xB9800012 -E_JCSA_NO_AUTH: Missung authentication -0xB9800013 -E_JCSA_CHARSET: Unsupported encoding -0xB9800014 -E_JCSA_DATALEN: Invalid data length -0xB9800015 -E_JCSA_KEY_DECRYPT: Can't decrypt key file -0xB9800016 -E_JCSA_IO: I/O Error -0xB9800017 -E_JCSA_NO_DEV: No device specified -0xB9800018 -E_JCSA_AUTH_MECH: Invalid authentication mechanism -0xB980002 -E_JCSA_CLUSTER: CryptoServer Cluster API -0xB9800021 -E_JCSA_CLUSTER_OPEN: Unable to open any CryptoServer -0xB9800022 -E_JCSA_CLUSTER_LOGON: Unable to logon to any CryptoServer -0xB9800023 -E_JCSA_CLUSTER_EXEC: Unable to execute command on any CryptoServer -0xB98001 -E_JCSA_KEY: RSA Key class -0xB9800101 -E_JCSA_KEY_BAD_FILE: Malformed RSA Key file -0xB9800102 -E_JCSA_KEY_DEC: Decryption failed -0xB98002 -E_JCSA_SMC: CryptoServer Smartcard API -0xB9800200 -E_JCSA_SMC_STATUS: Smartcard returned error status -0xB9800201 -E_JCSA_SMC_PADDING: bad padding -0xB9800202 -E_JCSA_SMC_SPEC: invalid specifier -0xB98003 -E_JCSA_DB: CryptoServer Database API -0xB9800300 -E_JCSA_DB_JNI_ERR: JNI Interface Error -0xB981 -E_JCXI: Java CryptoServer API CXI -0xB9810000 -E_JCXI_PARAM: invalid parameter -0xB9810001 -E_JCXI_BAD_NAME: bad key name -0xB9810002 -E_JCXI_NAME_REQ: key name required for internal storage -0xB9810003 -E_JCXI_CHARSET: internal charset converting error -0xB9810004 -E_JCXI_BAD_KTOK: bad key token -0xB9810005 -E_JCXI_BAD_ANSW: malformed answer block of CryptoServer -0xB9810006 -E_JCXI_KEY_ATTR: bad key attributes from CryptoServer -0xB9810007 -E_JCXI_BAD_ALGO: bad algorithm -0xB9810008 -E_JCXI_USER_NAME: bad user name -0xB9810009 -E_JCXI_NO_DEVICE: missing device entry -0xB981000A -E_JCXI_NO_KEY_COMP: key component not found -0xB981000B -E_JCXI_NO_KEY: key not found -0xB981000C -E_JCXI_CSA_VERSION: version of CryptoServerAPI too small -0xB981000D -E_JCXI_NO_EC_PARAM: no EC parameter data available -0xB981000E -E_JCXI_NO_IV_OUT: no output IV available -0xB981000F -E_JCXI_FW_VER: firmware version too small -0xB9810010 -E_JCXI_ASN1_DECODE: ASN.1 decoding error -0xB9810011 -E_JCXI_AES_DECRYPT: JCE AES decrypt error -0xB9810020 -E_JCXI_ECC_PARAM: bad ECC parameter -0xB9810030 -E_JCXI_CONFIG: config item missing -0xB9810040 -E_JCXI_DATA_LENGTH: invalid data length -0xB9810050 -E_JCXI_MECHS_LENGTH: invalid number of mechs -0xB982 -E_JSDB: Database API Java -0xB9820000 -E_JSDB_JNI_ERR: JNI Interface Error -0xB983 -E_JPPA: PinPad API Java -0xB9830000 -E_JPPA_JNI_ERR: JNI Interface Error -0xB9830001 -E_JPPA_SPEC: invalid specifier -0xB984 -E_JCE: JCA/JCE provider -0xB9840002 -E_JCE_MISSING_KEYSTOREPATH: KeyStorePath -0xB985 -E_CSAN: CryptoServerAPI.NET -0xB9850001 -E_CSAN_PARAM: Invalid parameter -0xB9850002 -E_CSAN_AUTH_MECH: Invalid authentication mechanism -0xB985002 -E_CSAN_CLUSTER: CryptoServer Cluster API -0xB9850021 -E_CSAN_CLUSTER_OPEN: Unable to open any CryptoServer -0xB9850022 -E_CSAN_CLUSTER_LOGON: Unable to logon to any CryptoServer -0xB9850023 -E_CSAN_CLUSTER_EXEC: Unable to execute command on any CryptoServer -0xB986 -E_CXIN: CryptoServer API CXI.NET -0xB9860000 -E_CXIN_PARAM: invalid parameter -0xB9860001 -E_CXIN_MALLOC: memory allocation failed -0xB9860002 -E_CXIN_STATE: invalid state -0xB9860005 -E_CXIN_BAD_ANSW: malformed answer block of CryptoServer -0xB986000B -E_CXIN_NO_KEY: key not found -0xB986000E -E_CXIN_NO_IV_OUT: no output IV available -0xB9860030 -E_CXIN_CONFIG: config item missing diff --git a/signing-server/src/test/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorageTest.kt b/signing-server/src/test/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorageTest.kt deleted file mode 100644 index 404a97286e..0000000000 --- a/signing-server/src/test/kotlin/com/r3/corda/signing/persistence/DBCertificateRequestStorageTest.kt +++ /dev/null @@ -1,172 +0,0 @@ -package com.r3.corda.signing.persistence - -import com.r3.corda.signing.persistence.DBCertificateRequestStorage.CertificateSigningRequest -import com.r3.corda.signing.persistence.DBCertificateRequestStorage.Status -import com.r3.corda.signing.utils.X509Utilities.buildCertPath -import net.corda.core.crypto.Crypto -import net.corda.core.crypto.SecureHash -import net.corda.core.identity.CordaX500Name -import net.corda.node.utilities.CertificateType -import net.corda.node.utilities.CordaPersistence -import net.corda.node.utilities.X509Utilities -import net.corda.node.utilities.configureDatabase -import org.bouncycastle.asn1.x509.GeneralName -import org.bouncycastle.asn1.x509.GeneralSubtree -import org.bouncycastle.asn1.x509.NameConstraints -import org.bouncycastle.cert.X509CertificateHolder -import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest -import org.junit.After -import org.junit.Before -import org.junit.Test -import java.io.ByteArrayInputStream -import java.security.cert.Certificate -import java.security.cert.CertificateFactory -import java.security.cert.X509Certificate -import java.util.* -import javax.persistence.criteria.CriteriaBuilder -import javax.persistence.criteria.Path -import javax.persistence.criteria.Predicate -import kotlin.test.assertEquals -import kotlin.test.assertNotNull - -class DBCertificateRequestStorageTest { - private val intermediateCAKey = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - private val intermediateCACert = X509Utilities.createSelfSignedCACertificate(CordaX500Name(commonName = "Corda Node Intermediate CA", organisation = "R3 Ltd", locality = "London", country = "GB"), intermediateCAKey) - private lateinit var storage: DBCertificateRequestStorage - private lateinit var persistence: CordaPersistence - - @Before - fun startDb() { - persistence = configureDatabase(makeTestDataSourceProperties(), makeTestDatabaseProperties(), { throw UnsupportedOperationException() }, SigningServerSchemaService()) - storage = DBCertificateRequestStorage(persistence) - } - - @After - fun closeDb() { - persistence.close() - } - - @Test - fun `getApprovedRequests returns only requests with status APPROVED`() { - // given - (1..10).forEach { - createAndPersistRequest("Bank$it", Status.Approved) - } - (11..15).forEach { - createAndPersistRequest("Bank$it", Status.Signed) - } - // when - val result = storage.getApprovedRequests() - - // then - assertEquals(10, result.size) - result.forEach { - val request = getRequestById(it.requestId) - assertNotNull(request) - assertEquals(Status.Approved, request?.status) - } - } - - @Test - fun `sign changes the status of requests to SIGNED`() { - // given - (1..10).map { - createAndPersistRequest("Bank$it") - } - val requests = storage.getApprovedRequests() - - // Create a signed certificate - requests.forEach { certifyAndSign(it) } - - val signers = listOf("TestUserA", "TestUserB") - - // when - storage.sign(requests, signers) - - // then - requests.forEach { - val request = getRequestById(it.requestId) - assertNotNull(request) - assertEquals(Status.Signed, request?.status) - assertEquals(signers.toString(), request?.modifiedBy.toString()) - assertNotNull(request?.certificatePath) - } - } - - private fun certifyAndSign(approvedRequestData: ApprovedCertificateRequestData) { - JcaPKCS10CertificationRequest(approvedRequestData.request).run { - val nameConstraints = NameConstraints(arrayOf(GeneralSubtree(GeneralName(GeneralName.directoryName, subject))), arrayOf()) - approvedRequestData.certPath = buildCertPath( - X509Utilities.createCertificate( - CertificateType.CLIENT_CA, - intermediateCACert, - intermediateCAKey, - subject, - publicKey, - nameConstraints = nameConstraints).toX509Certificate()) - } - - } - - private fun getRequestById(requestId: String): CertificateSigningRequest? { - return persistence.transaction { - singleRequestWhere { builder, path -> - builder.equal(path.get(CertificateSigningRequest::requestId.name), requestId) - } - } - } - - private fun singleRequestWhere(predicate: (CriteriaBuilder, Path) -> Predicate): CertificateSigningRequest? { - return persistence.transaction { - val builder = session.criteriaBuilder - val criteriaQuery = builder.createQuery(CertificateSigningRequest::class.java) - val query = criteriaQuery.from(CertificateSigningRequest::class.java).run { - criteriaQuery.where(predicate(builder, this)) - } - session.createQuery(query).uniqueResultOptional().orElse(null) - } - } - - private fun createAndPersistRequest(legalName: String, status: Status = Status.Approved): String { - val requestId = SecureHash.randomSHA256().toString() - persistence.transaction { - val keyPair = Crypto.generateKeyPair(X509Utilities.DEFAULT_TLS_SIGNATURE_SCHEME) - val x500Name = CordaX500Name(organisation = legalName, locality = "London", country = "GB") - session.save(CertificateSigningRequest( - requestId = requestId, - status = status, - request = X509Utilities.createCertificateSigningRequest(x500Name, "my@mail.com", keyPair).encoded - )) - } - return requestId - } - - private fun makeTestDataSourceProperties(nodeName: String = SecureHash.randomSHA256().toString()): Properties { - val props = Properties() - props.setProperty("dataSourceClassName", "org.h2.jdbcx.JdbcDataSource") - props.setProperty("dataSource.url", "jdbc:h2:mem:${nodeName}_persistence;LOCK_TIMEOUT=10000;DB_CLOSE_ON_EXIT=FALSE") - props.setProperty("dataSource.user", "sa") - props.setProperty("dataSource.password", "") - return props - } - - private fun makeTestDatabaseProperties(key: String? = null, value: String? = null): Properties { - val props = Properties() - props.setProperty("transactionIsolationLevel", "repeatableRead") //for other possible values see net.corda.node.utilities.CordaPeristence.parserTransactionIsolationLevel(String) - if (key != null) { - props.setProperty(key, value) - } - return props - } -} - -private object CertificateUtilities { - fun toX509Certificate(byteArray: ByteArray): X509Certificate { - return CertificateFactory.getInstance("X509").generateCertificate(ByteArrayInputStream(byteArray)) as X509Certificate - } -} - -/** - * Converts [X509CertificateHolder] to standard Java [Certificate] - */ -private fun X509CertificateHolder.toX509Certificate(): Certificate = CertificateUtilities.toX509Certificate(encoded) \ No newline at end of file diff --git a/signing-server/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker b/signing-server/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker deleted file mode 100644 index ca6ee9cea8..0000000000 --- a/signing-server/src/test/resources/mockito-extensions/org.mockito.plugins.MockMaker +++ /dev/null @@ -1 +0,0 @@ -mock-maker-inline \ No newline at end of file