Simulated product dispenser

Dependencies:   HTS221

Fork of mbed-cloud-workshop-connect-HTS221 by Jim Carver

Embed: (wiki syntax)

« Back to documentation index

Show/hide line numbers fcc_bundle_certificate_utils.c Source File

fcc_bundle_certificate_utils.c

00001 // ----------------------------------------------------------------------------
00002 // Copyright 2016-2017 ARM Ltd.
00003 //  
00004 // Licensed under the Apache License, Version 2.0 (the "License");
00005 // you may not use this file except in compliance with the License.
00006 // You may obtain a copy of the License at
00007 //  
00008 //     http://www.apache.org/licenses/LICENSE-2.0
00009 //  
00010 // Unless required by applicable law or agreed to in writing, software
00011 // distributed under the License is distributed on an "AS IS" BASIS,
00012 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
00013 // See the License for the specific language governing permissions and
00014 // limitations under the License.
00015 // ----------------------------------------------------------------------------
00016 #ifndef USE_TINY_CBOR
00017 #include "fcc_bundle_handler.h"
00018 #include "cn-cbor.h"
00019 #include "pv_error_handling.h"
00020 #include "fcc_bundle_utils.h"
00021 #include "key_config_manager.h"
00022 #include "fcc_output_info_handler.h"
00023 #include "fcc_time_profiling.h"
00024 #include "fcc_utils.h"
00025 
00026 
00027 /** Processes  certificate list.
00028 * The function extracts data parameters for each certificate and stores it.
00029 *
00030 * @param certs_list_cb[in]   The cbor structure with certificate list.
00031 *
00032 * @return
00033 *     true for success, false otherwise.
00034 */
00035 fcc_status_e  fcc_bundle_process_certificates(const cn_cbor *certs_list_cb)
00036 {
00037     bool status = false;
00038     fcc_status_e  fcc_status = FCC_STATUS_SUCCESS;
00039     fcc_status_e  output_info_fcc_status = FCC_STATUS_SUCCESS;
00040     kcm_status_e  kcm_result =  KCM_STATUS_SUCCESS;
00041     uint32_t cert_index = 0;
00042     cn_cbor *cert_cb;
00043     fcc_bundle_data_param_s certificate;
00044 
00045     SA_PV_LOG_TRACE_FUNC_ENTER_NO_ARGS();
00046     SA_PV_ERR_RECOVERABLE_RETURN_IF((certs_list_cb == NULL), fcc_status = FCC_STATUS_INVALID_PARAMETER, "Invalid certs_list_cb pointer");
00047 
00048     //Initialize data struct
00049     memset(&certificate, 0, sizeof(fcc_bundle_data_param_s));
00050 
00051     for (cert_index = 0; cert_index < (uint32_t)certs_list_cb->length; cert_index++) {
00052 
00053         FCC_SET_START_TIMER(fcc_certificate_timer);
00054 
00055         //fcc_bundle_clean_and_free_data_param(&certificate);
00056 
00057         //Get key CBOR struct at index key_index
00058         cert_cb = cn_cbor_index(certs_list_cb, cert_index);
00059         SA_PV_ERR_RECOVERABLE_RETURN_IF((cert_cb == NULL), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Failed to get certificate at index (%" PRIu32 ") ", cert_index);
00060         SA_PV_ERR_RECOVERABLE_RETURN_IF((cert_cb->type != CN_CBOR_MAP), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Wrong type of certificate CBOR struct at index (%" PRIu32 ") ", cert_index);
00061 
00062         status = fcc_bundle_get_data_param(cert_cb, &certificate);
00063         SA_PV_ERR_RECOVERABLE_RETURN_IF((status != true), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Failed to get certificate data at index (%" PRIu32 ") ", cert_index);
00064 
00065         //If private key name was passed with the certificate - the certificate is self-generated and we need to verify it agains given private key
00066         if (certificate.private_key_name != NULL) {
00067             //Try to retrieve the private key from the device and verify the certificate against key data
00068             kcm_result = kcm_certificate_verify_with_private_key(
00069                 certificate.data,
00070                 certificate.data_size,
00071                 certificate.private_key_name,
00072                 certificate.private_key_name_len);
00073             SA_PV_ERR_RECOVERABLE_GOTO_IF((kcm_result != KCM_STATUS_SUCCESS), fcc_status = FCC_STATUS_CERTIFICATE_PUBLIC_KEY_CORRELATION_ERROR, exit, "Failed to verify certificate against given private key (%" PRIu32 ") ", cert_index);
00074         }
00075 
00076         kcm_result = kcm_item_store(certificate.name, certificate.name_len, KCM_CERTIFICATE_ITEM, true, certificate.data, certificate.data_size, certificate.acl);
00077         FCC_END_TIMER((char*)certificate.name, certificate.name_len,fcc_certificate_timer);
00078         SA_PV_ERR_RECOVERABLE_GOTO_IF((kcm_result != KCM_STATUS_SUCCESS), fcc_status = fcc_convert_kcm_to_fcc_status(kcm_result), exit,"Failed to store certificate at index (%" PRIu32 ") ", cert_index);
00079 
00080     }
00081 
00082 exit:
00083     if (kcm_result != KCM_STATUS_SUCCESS) {
00084         //FCC_STATUS_ITEM_NOT_EXIST returned only if private key of self-generate certificate is missing. In this case we need to return name of missing item
00085         if (kcm_result == KCM_STATUS_ITEM_NOT_FOUND) {
00086             output_info_fcc_status = fcc_bundle_store_error_info(certificate.private_key_name, certificate.private_key_name_len, kcm_result);
00087         }
00088         else {
00089             output_info_fcc_status = fcc_bundle_store_error_info(certificate.name, certificate.name_len, kcm_result);
00090         }
00091 
00092 
00093         SA_PV_ERR_RECOVERABLE_RETURN_IF((output_info_fcc_status != FCC_STATUS_SUCCESS),
00094                                         fcc_status = FCC_STATUS_OUTPUT_INFO_ERROR, 
00095                                         "Failed to create output kcm_status error %d", kcm_result);
00096     }
00097     fcc_bundle_clean_and_free_data_param(&certificate);
00098     SA_PV_LOG_TRACE_FUNC_EXIT_NO_ARGS();
00099     return fcc_status;
00100 }
00101 #endif