MiniTLS.cpp

00001 /*
00002 MiniTLS - A super trimmed down TLS/SSL Library for embedded devices
00003 Author: Donatien Garnier
00004 Copyright (C) 2013-2014 AppNearMe Ltd
00005 
00006 This program is free software; you can redistribute it and/or
00007 modify it under the terms of the GNU General Public License
00008 as published by the Free Software Foundation; either version 2
00009 of the License, or (at your option) any later version.
00010 
00011 This program is distributed in the hope that it will be useful,
00012 but WITHOUT ANY WARRANTY; without even the implied warranty of
00013 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00014 GNU General Public License for more details.
00015 
00016 You should have received a copy of the GNU General Public License
00017 along with this program; if not, write to the Free Software
00018 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
00019 *//**
00020  * \file MiniTLS.cpp
00021  * \copyright Copyright (c) AppNearMe Ltd 2013
00022  * \author Donatien Garnier
00023  */
00024 
00025 #define __DEBUG__ 0//4
00026 #ifndef __MODULE__
00027 #define __MODULE__ "MiniTLS.cpp"
00028 #endif
00029 
00030 #include "MiniTLS.h"
00031 
00032 #include "core/fwk.h"
00033 
00034 #include "inc/minitls_config.h"
00035 #include "tls/minitls.h"
00036 #include "crypto/crypto_prng.h"
00037 #include "crypto/crypto_ecc.h"
00038 #include "crypto/crypto_rsa.h"
00039 
00040 /** Create MiniTLS instance
00041  *
00042  * */
00043 MiniTLS::MiniTLS()
00044 {
00045 
00046 }
00047 
00048 MiniTLS::~MiniTLS()
00049 {
00050 
00051 }
00052 
00053 /** Initialize MiniTLS library
00054  * This function will initialize the Pseudo Random Number Generator and the MiniTLS library
00055  */
00056 void MiniTLS::init()
00057 {
00058   crypto_prng_init(&m_prng, NULL); //TODO add mutex support
00059   minitls_init(&m_minitls, &m_prng);
00060 }
00061 
00062 /** Feed the Pseudo Random Number Generator with random seed data
00063  * \param buffer data to feed
00064  * \param length the buffer's length
00065  */
00066 void MiniTLS::feedPRNG(uint8_t* buffer, size_t length)
00067 {
00068   crypto_prng_feed(&m_prng, buffer, length);
00069 }
00070 
00071 /** Add a public certificate
00072  * The certificate must be x509-formatted
00073  * The key must be x963-formatted (ECC) or PKCS1-formatted (RSA)
00074  *  \param cert certificate
00075  *  \param certSize size of the certificate in bytes
00076  *  \param pubKey public key (can point within the certificate)
00077  *  \param pubKeySize public key's size
00078  *  \return MINITLS_OK on success, MINITLS_ERR_* error code otherwise
00079  *  \note only one certificate supported at the moment
00080  */
00081 minitls_err_t MiniTLS::addCertificate(const uint8_t* cert, size_t certSize, const uint8_t* pubKey, size_t pubKeySize)
00082 {
00083   
00084   minitls_err_t ret;
00085 #if CRYPTO_ECC  
00086   const crypto_ecc_curve_t* curve;
00087   ret = crypto_ecc_curve_get(&curve, secp192r1);
00088   if(ret)
00089   {
00090     ERR("Unsupported elliptic curve");
00091     return ret;
00092   }
00093 
00094   ret = crypto_ecc_ansi_x963_import(&m_cert.public_key.ecc, curve, pubKey, pubKeySize);
00095   if(ret)
00096   {
00097     ERR("Error %d while decoding key", ret);
00098     return ret;
00099   }
00100 #elif CRYPTO_RSA
00101   ret = crypto_rsa_pkcs1_import(&m_cert.public_key.rsa, pubKey, pubKeySize);
00102   if(ret)
00103   {
00104     ERR("Error %d while decoding key", ret);
00105     return ret;
00106   }
00107 #else
00108 #error
00109 #endif
00110 
00111   m_cert.certificate = cert;
00112   m_cert.certificate_size = certSize;
00113 
00114   ret = minitls_certificate_add(&m_minitls, &m_cert);
00115   if(ret)
00116   {
00117     ERR("Error %d while registering certificate", ret);
00118     return ret;
00119   }
00120 
00121   return MINITLS_OK;
00122 }
00123 
00124