Simulated product dispenser
Fork of mbed-cloud-workshop-connect-HTS221 by
fcc_bundle_certificate_utils.c
00001 // ---------------------------------------------------------------------------- 00002 // Copyright 2016-2017 ARM Ltd. 00003 // 00004 // Licensed under the Apache License, Version 2.0 (the "License"); 00005 // you may not use this file except in compliance with the License. 00006 // You may obtain a copy of the License at 00007 // 00008 // http://www.apache.org/licenses/LICENSE-2.0 00009 // 00010 // Unless required by applicable law or agreed to in writing, software 00011 // distributed under the License is distributed on an "AS IS" BASIS, 00012 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 // See the License for the specific language governing permissions and 00014 // limitations under the License. 00015 // ---------------------------------------------------------------------------- 00016 #ifndef USE_TINY_CBOR 00017 #include "fcc_bundle_handler.h" 00018 #include "cn-cbor.h" 00019 #include "pv_error_handling.h" 00020 #include "fcc_bundle_utils.h" 00021 #include "key_config_manager.h" 00022 #include "fcc_output_info_handler.h" 00023 #include "fcc_time_profiling.h" 00024 #include "fcc_utils.h" 00025 00026 00027 /** Processes certificate list. 00028 * The function extracts data parameters for each certificate and stores it. 00029 * 00030 * @param certs_list_cb[in] The cbor structure with certificate list. 00031 * 00032 * @return 00033 * true for success, false otherwise. 00034 */ 00035 fcc_status_e fcc_bundle_process_certificates(const cn_cbor *certs_list_cb) 00036 { 00037 bool status = false; 00038 fcc_status_e fcc_status = FCC_STATUS_SUCCESS; 00039 fcc_status_e output_info_fcc_status = FCC_STATUS_SUCCESS; 00040 kcm_status_e kcm_result = KCM_STATUS_SUCCESS; 00041 uint32_t cert_index = 0; 00042 cn_cbor *cert_cb; 00043 fcc_bundle_data_param_s certificate; 00044 00045 SA_PV_LOG_TRACE_FUNC_ENTER_NO_ARGS(); 00046 SA_PV_ERR_RECOVERABLE_RETURN_IF((certs_list_cb == NULL), fcc_status = FCC_STATUS_INVALID_PARAMETER, "Invalid certs_list_cb pointer"); 00047 00048 //Initialize data struct 00049 memset(&certificate, 0, sizeof(fcc_bundle_data_param_s)); 00050 00051 for (cert_index = 0; cert_index < (uint32_t)certs_list_cb->length; cert_index++) { 00052 00053 FCC_SET_START_TIMER(fcc_certificate_timer); 00054 00055 //fcc_bundle_clean_and_free_data_param(&certificate); 00056 00057 //Get key CBOR struct at index key_index 00058 cert_cb = cn_cbor_index(certs_list_cb, cert_index); 00059 SA_PV_ERR_RECOVERABLE_RETURN_IF((cert_cb == NULL), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Failed to get certificate at index (%" PRIu32 ") ", cert_index); 00060 SA_PV_ERR_RECOVERABLE_RETURN_IF((cert_cb->type != CN_CBOR_MAP), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Wrong type of certificate CBOR struct at index (%" PRIu32 ") ", cert_index); 00061 00062 status = fcc_bundle_get_data_param(cert_cb, &certificate); 00063 SA_PV_ERR_RECOVERABLE_RETURN_IF((status != true), fcc_status = FCC_STATUS_BUNDLE_ERROR, "Failed to get certificate data at index (%" PRIu32 ") ", cert_index); 00064 00065 //If private key name was passed with the certificate - the certificate is self-generated and we need to verify it agains given private key 00066 if (certificate.private_key_name != NULL) { 00067 //Try to retrieve the private key from the device and verify the certificate against key data 00068 kcm_result = kcm_certificate_verify_with_private_key( 00069 certificate.data, 00070 certificate.data_size, 00071 certificate.private_key_name, 00072 certificate.private_key_name_len); 00073 SA_PV_ERR_RECOVERABLE_GOTO_IF((kcm_result != KCM_STATUS_SUCCESS), fcc_status = FCC_STATUS_CERTIFICATE_PUBLIC_KEY_CORRELATION_ERROR, exit, "Failed to verify certificate against given private key (%" PRIu32 ") ", cert_index); 00074 } 00075 00076 kcm_result = kcm_item_store(certificate.name, certificate.name_len, KCM_CERTIFICATE_ITEM, true, certificate.data, certificate.data_size, certificate.acl); 00077 FCC_END_TIMER((char*)certificate.name, certificate.name_len,fcc_certificate_timer); 00078 SA_PV_ERR_RECOVERABLE_GOTO_IF((kcm_result != KCM_STATUS_SUCCESS), fcc_status = fcc_convert_kcm_to_fcc_status(kcm_result), exit,"Failed to store certificate at index (%" PRIu32 ") ", cert_index); 00079 00080 } 00081 00082 exit: 00083 if (kcm_result != KCM_STATUS_SUCCESS) { 00084 //FCC_STATUS_ITEM_NOT_EXIST returned only if private key of self-generate certificate is missing. In this case we need to return name of missing item 00085 if (kcm_result == KCM_STATUS_ITEM_NOT_FOUND) { 00086 output_info_fcc_status = fcc_bundle_store_error_info(certificate.private_key_name, certificate.private_key_name_len, kcm_result); 00087 } 00088 else { 00089 output_info_fcc_status = fcc_bundle_store_error_info(certificate.name, certificate.name_len, kcm_result); 00090 } 00091 00092 00093 SA_PV_ERR_RECOVERABLE_RETURN_IF((output_info_fcc_status != FCC_STATUS_SUCCESS), 00094 fcc_status = FCC_STATUS_OUTPUT_INFO_ERROR, 00095 "Failed to create output kcm_status error %d", kcm_result); 00096 } 00097 fcc_bundle_clean_and_free_data_param(&certificate); 00098 SA_PV_LOG_TRACE_FUNC_EXIT_NO_ARGS(); 00099 return fcc_status; 00100 } 00101 #endif
Generated on Tue Jul 12 2022 19:12:12 by 1.7.2