Jim Carver
Simulated product dispenser
Fork of
mbed-cloud-workshop-connect-HTS221
by 
Jim Carver
Embed:
(wiki syntax)
Show/hide line numbers
cs_utils.c
00001 // ---------------------------------------------------------------------------- 00002 // Copyright 2016-2017 ARM Ltd. 00003 // 00004 // Licensed under the Apache License, Version 2.0 (the "License"); 00005 // you may not use this file except in compliance with the License. 00006 // You may obtain a copy of the License at 00007 // 00008 // http://www.apache.org/licenses/LICENSE-2.0 00009 // 00010 // Unless required by applicable law or agreed to in writing, software 00011 // distributed under the License is distributed on an "AS IS" BASIS, 00012 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 // See the License for the specific language governing permissions and 00014 // limitations under the License. 00015 // ---------------------------------------------------------------------------- 00016 #include <stdio.h> 00017 #include "pv_log.h" 00018 #include "cs_hash.h" 00019 #include "cs_der_keys_and_csrs.h" 00020 #include "cs_der_certs.h" 00021 #include "pal_Crypto.h" 00022 #include "pal_errors.h" 00023 #include "pv_error_handling.h" 00024 #include "kcm_internal.h" 00025 00026 00027 kcm_status_e cs_error_handler(palStatus_t pal_status) 00028 { 00029 switch (pal_status) { 00030 case PAL_SUCCESS: 00031 return KCM_STATUS_SUCCESS; 00032 case PAL_ERR_NOT_SUPPORTED_CURVE: 00033 return KCM_CRYPTO_STATUS_UNSUPPORTED_CURVE; 00034 case PAL_ERR_INVALID_ARGUMENT : 00035 return KCM_STATUS_INVALID_PARAMETER; 00036 case PAL_ERR_CREATION_FAILED : 00037 return KCM_STATUS_OUT_OF_MEMORY; 00038 case PAL_ERR_CERT_PARSING_FAILED: 00039 return KCM_CRYPTO_STATUS_PARSING_DER_CERT; 00040 case PAL_ERR_X509_BADCERT_EXPIRED: 00041 return KCM_CRYPTO_STATUS_CERT_EXPIRED; 00042 case PAL_ERR_X509_BADCERT_FUTURE: 00043 return KCM_CRYPTO_STATUS_CERT_FUTURE; 00044 case PAL_ERR_X509_BADCERT_BAD_MD: 00045 return KCM_CRYPTO_STATUS_CERT_MD_ALG; 00046 case PAL_ERR_X509_BADCERT_BAD_PK: 00047 return KCM_CRYPTO_STATUS_CERT_PUB_KEY_TYPE; 00048 case PAL_ERR_X509_BADCERT_NOT_TRUSTED: 00049 return KCM_CRYPTO_STATUS_CERT_NOT_TRUSTED; 00050 case PAL_ERR_X509_BADCERT_BAD_KEY: 00051 return KCM_CRYPTO_STATUS_CERT_PUB_KEY; 00052 case PAL_ERR_PARSING_PUBLIC_KEY: 00053 return KCM_CRYPTO_STATUS_PARSING_DER_PUBLIC_KEY; 00054 case PAL_ERR_PARSING_PRIVATE_KEY: 00055 return KCM_CRYPTO_STATUS_PARSING_DER_PRIVATE_KEY; 00056 case PAL_ERR_PRIVATE_KEY_VARIFICATION_FAILED: 00057 return KCM_CRYPTO_STATUS_PRIVATE_KEY_VERIFICATION_FAILED; 00058 case PAL_ERR_PUBLIC_KEY_VARIFICATION_FAILED: 00059 return KCM_CRYPTO_STATUS_PUBLIC_KEY_VERIFICATION_FAILED; 00060 case PAL_ERR_PK_UNKNOWN_PK_ALG: 00061 return KCM_CRYPTO_STATUS_PK_UNKNOWN_PK_ALG; 00062 case PAL_ERR_PK_KEY_INVALID_FORMAT: 00063 return KCM_CRYPTO_STATUS_PK_KEY_INVALID_FORMAT; 00064 case PAL_ERR_PK_INVALID_PUBKEY_AND_ASN1_LEN_MISMATCH: 00065 return KCM_CRYPTO_STATUS_INVALID_PK_PUBKEY; 00066 case PAL_ERR_ECP_INVALID_KEY: 00067 return KCM_CRYPTO_STATUS_ECP_INVALID_KEY; 00068 case PAL_ERR_PK_KEY_INVALID_VERSION: 00069 return KCM_CRYPTO_STATUS_PK_KEY_INVALID_VERSION; 00070 case PAL_ERR_PK_PASSWORD_REQUIRED: 00071 return KCM_CRYPTO_STATUS_PK_PASSWORD_REQUIRED; 00072 case PAL_ERR_NO_MEMORY : 00073 return KCM_STATUS_OUT_OF_MEMORY; 00074 case PAL_ERR_BUFFER_TOO_SMALL : 00075 return KCM_STATUS_INSUFFICIENT_BUFFER; 00076 case PAL_ERR_INVALID_X509_ATTR: 00077 return KCM_CRYPTO_STATUS_INVALID_X509_ATTR; 00078 case PAL_ERR_PK_SIG_VERIFY_FAILED: 00079 return KCM_CRYPTO_STATUS_VERIFY_SIGNATURE_FAILED; 00080 case PAL_ERR_FAILED_TO_COPY_KEYPAIR: 00081 return KCM_CRYPTO_STATUS_ECP_INVALID_KEY; 00082 case PAL_ERR_FAILED_TO_COPY_GROUP: 00083 return KCM_CRYPTO_STATUS_UNSUPPORTED_CURVE; 00084 case PAL_ERR_INVALID_MD_TYPE: 00085 return KCM_CRYPTO_STATUS_INVALID_MD_TYPE; 00086 case PAL_ERR_FAILED_TO_WRITE_SIGNATURE: 00087 return KCM_CRYPTO_STATUS_FAILED_TO_WRITE_SIGNATURE; 00088 case PAL_ERR_FAILED_TO_WRITE_PRIVATE_KEY: 00089 return KCM_CRYPTO_STATUS_FAILED_TO_WRITE_PRIVATE_KEY; 00090 case PAL_ERR_FAILED_TO_WRITE_PUBLIC_KEY: 00091 return KCM_CRYPTO_STATUS_FAILED_TO_WRITE_PUBLIC_KEY; 00092 case PAL_ERR_CSR_WRITE_DER_FAILED: 00093 return KCM_CRYPTO_STATUS_FAILED_TO_WRITE_CSR; 00094 case PAL_ERR_X509_UNKNOWN_OID: 00095 return KCM_CRYPTO_STATUS_INVALID_OID; 00096 case PAL_ERR_X509_INVALID_NAME: 00097 return KCM_CRYPTO_STATUS_INVALID_NAME_FORMAT; 00098 default: 00099 return KCM_STATUS_ERROR; 00100 } 00101 } 00102 00103 /* The function checks private and certificate's public key correlation 00104 */ 00105 kcm_status_e cs_check_certifcate_public_key(palX509Handle_t x509_cert, const uint8_t *private_key_data, size_t size_of_private_key_data) 00106 { 00107 kcm_status_e kcm_status = KCM_STATUS_SUCCESS; 00108 uint8_t out_sign[KCM_ECDSA_SECP256R1_MAX_SIGNATURE_SIZE_IN_BYTES] = { 0 }; 00109 size_t size_of_sign = sizeof(out_sign); 00110 size_t act_size_of_sign = 0; 00111 const uint8_t hash_digest[] = 00112 { 0x34, 0x70, 0xCD, 0x54, 0x7B, 0x0A, 0x11, 0x5F, 0xE0, 0x5C, 0xEB, 0xBC, 0x07, 0xBA, 0x91, 0x88, 00113 0x27, 0x20, 0x25, 0x6B, 0xB2, 0x7A, 0x66, 0x89, 0x1A, 0x4B, 0xB7, 0x17, 0x11, 0x04, 0x86, 0x6F }; 00114 00115 SA_PV_LOG_TRACE_FUNC_ENTER_NO_ARGS(); 00116 00117 kcm_status = cs_ecdsa_sign(private_key_data, size_of_private_key_data, hash_digest, sizeof(hash_digest), out_sign, size_of_sign, &act_size_of_sign); 00118 SA_PV_ERR_RECOVERABLE_RETURN_IF((kcm_status != KCM_STATUS_SUCCESS), kcm_status, "cs_ecdsa_sign failed"); 00119 00120 kcm_status = cs_x509_cert_verify_signature(x509_cert, hash_digest, sizeof(hash_digest), out_sign, act_size_of_sign); 00121 SA_PV_ERR_RECOVERABLE_RETURN_IF((kcm_status != KCM_STATUS_SUCCESS), kcm_status, "cs_x509_cert_verify_signature failed"); 00122 00123 SA_PV_LOG_TRACE_FUNC_EXIT_NO_ARGS(); 00124 return kcm_status; 00125 }
Generated on Tue Jul 12 2022 19:12:12 by
1.7.2