leo hendrickson
/
example-Ethernet-mbed-Cloud-connect
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
simple-mbed-cloud-client/mbed-cloud-client/source/CloudClientStorage.c@0:8f0bb79ddd48, 2021-05-04 (annotated)
- Committer:
- leothedragon
- Date:
- Tue May 04 08:55:12 2021 +0000
- Revision:
- 0:8f0bb79ddd48
nmn
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| leothedragon | 0:8f0bb79ddd48 | 1 | // ---------------------------------------------------------------------------- |
| leothedragon | 0:8f0bb79ddd48 | 2 | // Copyright 2016-2017 ARM Ltd. |
| leothedragon | 0:8f0bb79ddd48 | 3 | // |
| leothedragon | 0:8f0bb79ddd48 | 4 | // SPDX-License-Identifier: Apache-2.0 |
| leothedragon | 0:8f0bb79ddd48 | 5 | // |
| leothedragon | 0:8f0bb79ddd48 | 6 | // Licensed under the Apache License, Version 2.0 (the "License"); |
| leothedragon | 0:8f0bb79ddd48 | 7 | // you may not use this file except in compliance with the License. |
| leothedragon | 0:8f0bb79ddd48 | 8 | // You may obtain a copy of the License at |
| leothedragon | 0:8f0bb79ddd48 | 9 | // |
| leothedragon | 0:8f0bb79ddd48 | 10 | // http://www.apache.org/licenses/LICENSE-2.0 |
| leothedragon | 0:8f0bb79ddd48 | 11 | // |
| leothedragon | 0:8f0bb79ddd48 | 12 | // Unless required by applicable law or agreed to in writing, software |
| leothedragon | 0:8f0bb79ddd48 | 13 | // distributed under the License is distributed on an "AS IS" BASIS, |
| leothedragon | 0:8f0bb79ddd48 | 14 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| leothedragon | 0:8f0bb79ddd48 | 15 | // See the License for the specific language governing permissions and |
| leothedragon | 0:8f0bb79ddd48 | 16 | // limitations under the License. |
| leothedragon | 0:8f0bb79ddd48 | 17 | // ---------------------------------------------------------------------------- |
| leothedragon | 0:8f0bb79ddd48 | 18 | |
| leothedragon | 0:8f0bb79ddd48 | 19 | #include <string.h> |
| leothedragon | 0:8f0bb79ddd48 | 20 | #include <assert.h> |
| leothedragon | 0:8f0bb79ddd48 | 21 | #include "key_config_manager.h" |
| leothedragon | 0:8f0bb79ddd48 | 22 | #include "CloudClientStorage.h" |
| leothedragon | 0:8f0bb79ddd48 | 23 | #include "mbed-trace/mbed_trace.h" |
| leothedragon | 0:8f0bb79ddd48 | 24 | #include "mbed-client-libservice/common_functions.h" |
| leothedragon | 0:8f0bb79ddd48 | 25 | |
| leothedragon | 0:8f0bb79ddd48 | 26 | #define TRACE_GROUP "mClt" |
| leothedragon | 0:8f0bb79ddd48 | 27 | |
| leothedragon | 0:8f0bb79ddd48 | 28 | ccs_status_e uninitialize_storage(void) |
| leothedragon | 0:8f0bb79ddd48 | 29 | { |
| leothedragon | 0:8f0bb79ddd48 | 30 | tr_debug("CloudClientStorage::uninitialize_storage"); |
| leothedragon | 0:8f0bb79ddd48 | 31 | |
| leothedragon | 0:8f0bb79ddd48 | 32 | kcm_status_e status = kcm_finalize(); |
| leothedragon | 0:8f0bb79ddd48 | 33 | if(status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 34 | tr_error("CloudClientStorage::uninitialize_storage - error %d", status); |
| leothedragon | 0:8f0bb79ddd48 | 35 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 36 | } |
| leothedragon | 0:8f0bb79ddd48 | 37 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 38 | } |
| leothedragon | 0:8f0bb79ddd48 | 39 | |
| leothedragon | 0:8f0bb79ddd48 | 40 | ccs_status_e initialize_storage(void) |
| leothedragon | 0:8f0bb79ddd48 | 41 | { |
| leothedragon | 0:8f0bb79ddd48 | 42 | tr_debug("CloudClientStorage::initialize_storage"); |
| leothedragon | 0:8f0bb79ddd48 | 43 | kcm_status_e status = kcm_init(); |
| leothedragon | 0:8f0bb79ddd48 | 44 | if(status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 45 | tr_error("CloudClientStorage::::initialize_storage - error %d", status); |
| leothedragon | 0:8f0bb79ddd48 | 46 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 47 | } |
| leothedragon | 0:8f0bb79ddd48 | 48 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 49 | } |
| leothedragon | 0:8f0bb79ddd48 | 50 | |
| leothedragon | 0:8f0bb79ddd48 | 51 | ccs_status_e ccs_get_string_item(const char* key, |
| leothedragon | 0:8f0bb79ddd48 | 52 | uint8_t *buffer, |
| leothedragon | 0:8f0bb79ddd48 | 53 | const size_t buffer_size, |
| leothedragon | 0:8f0bb79ddd48 | 54 | ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 55 | { |
| leothedragon | 0:8f0bb79ddd48 | 56 | size_t len = 0; |
| leothedragon | 0:8f0bb79ddd48 | 57 | ccs_status_e status = ccs_get_item(key, buffer, buffer_size - 1, &len, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 58 | |
| leothedragon | 0:8f0bb79ddd48 | 59 | if (status == CCS_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 60 | // Null terminate after buffer value |
| leothedragon | 0:8f0bb79ddd48 | 61 | buffer[len] = 0; |
| leothedragon | 0:8f0bb79ddd48 | 62 | } |
| leothedragon | 0:8f0bb79ddd48 | 63 | |
| leothedragon | 0:8f0bb79ddd48 | 64 | return status; |
| leothedragon | 0:8f0bb79ddd48 | 65 | } |
| leothedragon | 0:8f0bb79ddd48 | 66 | |
| leothedragon | 0:8f0bb79ddd48 | 67 | ccs_status_e ccs_check_item(const char* key, ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 68 | { |
| leothedragon | 0:8f0bb79ddd48 | 69 | if (key == NULL) { |
| leothedragon | 0:8f0bb79ddd48 | 70 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 71 | } |
| leothedragon | 0:8f0bb79ddd48 | 72 | |
| leothedragon | 0:8f0bb79ddd48 | 73 | size_t real_size = 0; |
| leothedragon | 0:8f0bb79ddd48 | 74 | kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key, strlen(key), (kcm_item_type_e)item_type, &real_size); |
| leothedragon | 0:8f0bb79ddd48 | 75 | if (kcm_status == KCM_STATUS_ITEM_NOT_FOUND) { |
| leothedragon | 0:8f0bb79ddd48 | 76 | return CCS_STATUS_KEY_DOESNT_EXIST; |
| leothedragon | 0:8f0bb79ddd48 | 77 | } |
| leothedragon | 0:8f0bb79ddd48 | 78 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 79 | } |
| leothedragon | 0:8f0bb79ddd48 | 80 | |
| leothedragon | 0:8f0bb79ddd48 | 81 | ccs_status_e ccs_delete_item(const char* key, ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 82 | { |
| leothedragon | 0:8f0bb79ddd48 | 83 | if (key == NULL) { |
| leothedragon | 0:8f0bb79ddd48 | 84 | tr_error("CloudClientStorage::ccs_delete_item error, invalid parameters"); |
| leothedragon | 0:8f0bb79ddd48 | 85 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 86 | } |
| leothedragon | 0:8f0bb79ddd48 | 87 | |
| leothedragon | 0:8f0bb79ddd48 | 88 | ccs_status_e status = ccs_check_item(key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 89 | if (status == CCS_STATUS_KEY_DOESNT_EXIST) { |
| leothedragon | 0:8f0bb79ddd48 | 90 | // No need to call delete as item does not exist. |
| leothedragon | 0:8f0bb79ddd48 | 91 | tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] does not exist. Not deleting anything.", key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 92 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 93 | } else if (status == CCS_STATUS_ERROR) { |
| leothedragon | 0:8f0bb79ddd48 | 94 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 95 | } |
| leothedragon | 0:8f0bb79ddd48 | 96 | |
| leothedragon | 0:8f0bb79ddd48 | 97 | // Delete parameter from storage |
| leothedragon | 0:8f0bb79ddd48 | 98 | tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] ", key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 99 | kcm_status_e kcm_status = kcm_item_delete((const uint8_t*)key, |
| leothedragon | 0:8f0bb79ddd48 | 100 | strlen(key), |
| leothedragon | 0:8f0bb79ddd48 | 101 | (kcm_item_type_e)item_type); |
| leothedragon | 0:8f0bb79ddd48 | 102 | |
| leothedragon | 0:8f0bb79ddd48 | 103 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 104 | tr_debug("CloudClientStorage::ccs_delete_item [%s] kcm error %d", key, kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 105 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 106 | } |
| leothedragon | 0:8f0bb79ddd48 | 107 | |
| leothedragon | 0:8f0bb79ddd48 | 108 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 109 | } |
| leothedragon | 0:8f0bb79ddd48 | 110 | |
| leothedragon | 0:8f0bb79ddd48 | 111 | ccs_status_e ccs_item_size(const char* key, size_t* size_out, ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 112 | { |
| leothedragon | 0:8f0bb79ddd48 | 113 | if (key == NULL) { |
| leothedragon | 0:8f0bb79ddd48 | 114 | tr_error("CloudClientStorage::ccs_item_size error, invalid parameters"); |
| leothedragon | 0:8f0bb79ddd48 | 115 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 116 | } |
| leothedragon | 0:8f0bb79ddd48 | 117 | |
| leothedragon | 0:8f0bb79ddd48 | 118 | tr_debug("CloudClientStorage::ccs_item_size [%s], item [%d]", key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 119 | |
| leothedragon | 0:8f0bb79ddd48 | 120 | // Get kcm item size |
| leothedragon | 0:8f0bb79ddd48 | 121 | kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key, |
| leothedragon | 0:8f0bb79ddd48 | 122 | strlen(key), |
| leothedragon | 0:8f0bb79ddd48 | 123 | (kcm_item_type_e)item_type, |
| leothedragon | 0:8f0bb79ddd48 | 124 | size_out); |
| leothedragon | 0:8f0bb79ddd48 | 125 | |
| leothedragon | 0:8f0bb79ddd48 | 126 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 127 | tr_debug("CloudClientStorage::ccs_item_size [%s] kcm error %d", key, kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 128 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 129 | } |
| leothedragon | 0:8f0bb79ddd48 | 130 | |
| leothedragon | 0:8f0bb79ddd48 | 131 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 132 | } |
| leothedragon | 0:8f0bb79ddd48 | 133 | |
| leothedragon | 0:8f0bb79ddd48 | 134 | ccs_status_e ccs_get_item(const char* key, |
| leothedragon | 0:8f0bb79ddd48 | 135 | uint8_t *buffer, |
| leothedragon | 0:8f0bb79ddd48 | 136 | const size_t buffer_size, |
| leothedragon | 0:8f0bb79ddd48 | 137 | size_t *value_length, |
| leothedragon | 0:8f0bb79ddd48 | 138 | ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 139 | { |
| leothedragon | 0:8f0bb79ddd48 | 140 | if (key == NULL || buffer == NULL || buffer_size == 0) { |
| leothedragon | 0:8f0bb79ddd48 | 141 | tr_error("CloudClientStorage::ccs_get_item error, invalid parameters"); |
| leothedragon | 0:8f0bb79ddd48 | 142 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 143 | } |
| leothedragon | 0:8f0bb79ddd48 | 144 | |
| leothedragon | 0:8f0bb79ddd48 | 145 | tr_debug("CloudClientStorage::ccs_get_item [%s], type [%d]", key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 146 | |
| leothedragon | 0:8f0bb79ddd48 | 147 | kcm_status_e kcm_status = kcm_item_get_data((const uint8_t*)key, |
| leothedragon | 0:8f0bb79ddd48 | 148 | strlen(key), |
| leothedragon | 0:8f0bb79ddd48 | 149 | (kcm_item_type_e)item_type, |
| leothedragon | 0:8f0bb79ddd48 | 150 | buffer, |
| leothedragon | 0:8f0bb79ddd48 | 151 | buffer_size, |
| leothedragon | 0:8f0bb79ddd48 | 152 | value_length); |
| leothedragon | 0:8f0bb79ddd48 | 153 | |
| leothedragon | 0:8f0bb79ddd48 | 154 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 155 | tr_debug("CloudClientStorage::ccs_get_item [%s] kcm error %d", key, kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 156 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 157 | } |
| leothedragon | 0:8f0bb79ddd48 | 158 | |
| leothedragon | 0:8f0bb79ddd48 | 159 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 160 | } |
| leothedragon | 0:8f0bb79ddd48 | 161 | |
| leothedragon | 0:8f0bb79ddd48 | 162 | ccs_status_e ccs_set_item(const char* key, |
| leothedragon | 0:8f0bb79ddd48 | 163 | const uint8_t *buffer, |
| leothedragon | 0:8f0bb79ddd48 | 164 | const size_t buffer_size, |
| leothedragon | 0:8f0bb79ddd48 | 165 | ccs_item_type_e item_type) |
| leothedragon | 0:8f0bb79ddd48 | 166 | { |
| leothedragon | 0:8f0bb79ddd48 | 167 | if (key == NULL || buffer == NULL || buffer_size == 0) { |
| leothedragon | 0:8f0bb79ddd48 | 168 | tr_error("CloudClientStorage::ccs_set_item error, invalid parameters"); |
| leothedragon | 0:8f0bb79ddd48 | 169 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 170 | } |
| leothedragon | 0:8f0bb79ddd48 | 171 | |
| leothedragon | 0:8f0bb79ddd48 | 172 | tr_debug("CloudClientStorage::ccs_set_item kcm [%s], type [%d]", key, item_type); |
| leothedragon | 0:8f0bb79ddd48 | 173 | |
| leothedragon | 0:8f0bb79ddd48 | 174 | kcm_status_e kcm_status = kcm_item_store((const uint8_t*)key, |
| leothedragon | 0:8f0bb79ddd48 | 175 | strlen(key), |
| leothedragon | 0:8f0bb79ddd48 | 176 | (kcm_item_type_e)item_type, |
| leothedragon | 0:8f0bb79ddd48 | 177 | false, |
| leothedragon | 0:8f0bb79ddd48 | 178 | buffer, |
| leothedragon | 0:8f0bb79ddd48 | 179 | buffer_size, |
| leothedragon | 0:8f0bb79ddd48 | 180 | NULL); |
| leothedragon | 0:8f0bb79ddd48 | 181 | |
| leothedragon | 0:8f0bb79ddd48 | 182 | if (kcm_status == KCM_CRYPTO_STATUS_PRIVATE_KEY_VERIFICATION_FAILED) { |
| leothedragon | 0:8f0bb79ddd48 | 183 | tr_error("CloudClientStorage::ccs_set_item kcm validation error"); |
| leothedragon | 0:8f0bb79ddd48 | 184 | return CCS_STATUS_VALIDATION_FAIL; |
| leothedragon | 0:8f0bb79ddd48 | 185 | } |
| leothedragon | 0:8f0bb79ddd48 | 186 | else if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 187 | tr_debug("CloudClientStorage::ccs_set_item kcm [%s] error %d", key, kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 188 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 189 | } |
| leothedragon | 0:8f0bb79ddd48 | 190 | |
| leothedragon | 0:8f0bb79ddd48 | 191 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 192 | } |
| leothedragon | 0:8f0bb79ddd48 | 193 | |
| leothedragon | 0:8f0bb79ddd48 | 194 | void *ccs_create_certificate_chain(const char *chain_file_name, size_t chain_len) |
| leothedragon | 0:8f0bb79ddd48 | 195 | { |
| leothedragon | 0:8f0bb79ddd48 | 196 | kcm_status_e kcm_status; |
| leothedragon | 0:8f0bb79ddd48 | 197 | kcm_cert_chain_handle chain_handle; |
| leothedragon | 0:8f0bb79ddd48 | 198 | |
| leothedragon | 0:8f0bb79ddd48 | 199 | kcm_status = kcm_cert_chain_create(&chain_handle, |
| leothedragon | 0:8f0bb79ddd48 | 200 | (uint8_t*)chain_file_name, |
| leothedragon | 0:8f0bb79ddd48 | 201 | strlen(chain_file_name), |
| leothedragon | 0:8f0bb79ddd48 | 202 | chain_len, |
| leothedragon | 0:8f0bb79ddd48 | 203 | false); |
| leothedragon | 0:8f0bb79ddd48 | 204 | |
| leothedragon | 0:8f0bb79ddd48 | 205 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 206 | tr_error("CloudClientStorage::ccs_create_certificate_chain - error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 207 | return NULL; |
| leothedragon | 0:8f0bb79ddd48 | 208 | } else { |
| leothedragon | 0:8f0bb79ddd48 | 209 | return (void*)chain_handle; |
| leothedragon | 0:8f0bb79ddd48 | 210 | } |
| leothedragon | 0:8f0bb79ddd48 | 211 | } |
| leothedragon | 0:8f0bb79ddd48 | 212 | |
| leothedragon | 0:8f0bb79ddd48 | 213 | void *ccs_open_certificate_chain(const char *chain_file_name, size_t *chain_size) |
| leothedragon | 0:8f0bb79ddd48 | 214 | { |
| leothedragon | 0:8f0bb79ddd48 | 215 | kcm_status_e kcm_status; |
| leothedragon | 0:8f0bb79ddd48 | 216 | kcm_cert_chain_handle handle; |
| leothedragon | 0:8f0bb79ddd48 | 217 | |
| leothedragon | 0:8f0bb79ddd48 | 218 | kcm_status = kcm_cert_chain_open(&handle, |
| leothedragon | 0:8f0bb79ddd48 | 219 | (uint8_t*)chain_file_name, |
| leothedragon | 0:8f0bb79ddd48 | 220 | strlen(chain_file_name), |
| leothedragon | 0:8f0bb79ddd48 | 221 | chain_size); |
| leothedragon | 0:8f0bb79ddd48 | 222 | |
| leothedragon | 0:8f0bb79ddd48 | 223 | if (kcm_status == KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 224 | return (void*)handle; |
| leothedragon | 0:8f0bb79ddd48 | 225 | } else { |
| leothedragon | 0:8f0bb79ddd48 | 226 | tr_error("CloudClientStorage::ccs_open_certificate_chain - error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 227 | return NULL; |
| leothedragon | 0:8f0bb79ddd48 | 228 | } |
| leothedragon | 0:8f0bb79ddd48 | 229 | } |
| leothedragon | 0:8f0bb79ddd48 | 230 | |
| leothedragon | 0:8f0bb79ddd48 | 231 | ccs_status_e ccs_get_next_cert_chain(void *chain_handle, void *cert_data, size_t *data_size) |
| leothedragon | 0:8f0bb79ddd48 | 232 | { |
| leothedragon | 0:8f0bb79ddd48 | 233 | kcm_status_e kcm_status; |
| leothedragon | 0:8f0bb79ddd48 | 234 | size_t max_size = 1024; |
| leothedragon | 0:8f0bb79ddd48 | 235 | |
| leothedragon | 0:8f0bb79ddd48 | 236 | kcm_status = kcm_cert_chain_get_next_size((kcm_cert_chain_handle *) chain_handle, data_size); |
| leothedragon | 0:8f0bb79ddd48 | 237 | |
| leothedragon | 0:8f0bb79ddd48 | 238 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 239 | tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_size error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 240 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 241 | } |
| leothedragon | 0:8f0bb79ddd48 | 242 | |
| leothedragon | 0:8f0bb79ddd48 | 243 | |
| leothedragon | 0:8f0bb79ddd48 | 244 | kcm_status = kcm_cert_chain_get_next_data((kcm_cert_chain_handle *) chain_handle, (uint8_t*)cert_data, max_size, data_size); |
| leothedragon | 0:8f0bb79ddd48 | 245 | |
| leothedragon | 0:8f0bb79ddd48 | 246 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 247 | tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_data error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 248 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 249 | } else { |
| leothedragon | 0:8f0bb79ddd48 | 250 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 251 | } |
| leothedragon | 0:8f0bb79ddd48 | 252 | } |
| leothedragon | 0:8f0bb79ddd48 | 253 | |
| leothedragon | 0:8f0bb79ddd48 | 254 | ccs_status_e ccs_close_certificate_chain(void *chain_handle) |
| leothedragon | 0:8f0bb79ddd48 | 255 | { |
| leothedragon | 0:8f0bb79ddd48 | 256 | kcm_status_e kcm_status; |
| leothedragon | 0:8f0bb79ddd48 | 257 | kcm_cert_chain_handle *handle = (kcm_cert_chain_handle *) chain_handle; |
| leothedragon | 0:8f0bb79ddd48 | 258 | kcm_status = kcm_cert_chain_close(handle); |
| leothedragon | 0:8f0bb79ddd48 | 259 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 260 | tr_error("CloudClientStorage::ccs_close_certificate_chain - error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 261 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 262 | } else { |
| leothedragon | 0:8f0bb79ddd48 | 263 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 264 | } |
| leothedragon | 0:8f0bb79ddd48 | 265 | } |
| leothedragon | 0:8f0bb79ddd48 | 266 | |
| leothedragon | 0:8f0bb79ddd48 | 267 | ccs_status_e ccs_add_next_cert_chain(void *chain_handle, const uint8_t *cert_data, size_t data_size) |
| leothedragon | 0:8f0bb79ddd48 | 268 | { |
| leothedragon | 0:8f0bb79ddd48 | 269 | kcm_status_e kcm_status; |
| leothedragon | 0:8f0bb79ddd48 | 270 | kcm_status = kcm_cert_chain_add_next((kcm_cert_chain_handle *) chain_handle, cert_data, data_size); |
| leothedragon | 0:8f0bb79ddd48 | 271 | |
| leothedragon | 0:8f0bb79ddd48 | 272 | if (kcm_status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 273 | tr_error("CloudClientStorage::ccs_add_next_cert_chain - error %d", kcm_status); |
| leothedragon | 0:8f0bb79ddd48 | 274 | return CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 275 | } else { |
| leothedragon | 0:8f0bb79ddd48 | 276 | return CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 277 | } |
| leothedragon | 0:8f0bb79ddd48 | 278 | } |
| leothedragon | 0:8f0bb79ddd48 | 279 | |
| leothedragon | 0:8f0bb79ddd48 | 280 | ccs_status_e ccs_parse_cert_chain_and_store(const uint8_t *cert_chain_name, |
| leothedragon | 0:8f0bb79ddd48 | 281 | const size_t cert_chain_name_len, |
| leothedragon | 0:8f0bb79ddd48 | 282 | const uint8_t *cert_chain_data, |
| leothedragon | 0:8f0bb79ddd48 | 283 | const uint16_t cert_chain_data_len) |
| leothedragon | 0:8f0bb79ddd48 | 284 | { |
| leothedragon | 0:8f0bb79ddd48 | 285 | assert(cert_chain_data); |
| leothedragon | 0:8f0bb79ddd48 | 286 | assert(cert_chain_data_len > 0); |
| leothedragon | 0:8f0bb79ddd48 | 287 | |
| leothedragon | 0:8f0bb79ddd48 | 288 | const uint8_t *ptr = cert_chain_data; |
| leothedragon | 0:8f0bb79ddd48 | 289 | uint8_t version = *ptr++; |
| leothedragon | 0:8f0bb79ddd48 | 290 | uint8_t chain_length = *ptr++; |
| leothedragon | 0:8f0bb79ddd48 | 291 | ccs_status_e success = CCS_STATUS_SUCCESS; |
| leothedragon | 0:8f0bb79ddd48 | 292 | kcm_cert_chain_handle chain_handle; |
| leothedragon | 0:8f0bb79ddd48 | 293 | kcm_status_e status; |
| leothedragon | 0:8f0bb79ddd48 | 294 | |
| leothedragon | 0:8f0bb79ddd48 | 295 | // Check overflow |
| leothedragon | 0:8f0bb79ddd48 | 296 | if (ptr - cert_chain_data > cert_chain_data_len) { |
| leothedragon | 0:8f0bb79ddd48 | 297 | success = CCS_STATUS_VALIDATION_FAIL; |
| leothedragon | 0:8f0bb79ddd48 | 298 | } |
| leothedragon | 0:8f0bb79ddd48 | 299 | |
| leothedragon | 0:8f0bb79ddd48 | 300 | // Check version is correct and there are certs in the chain |
| leothedragon | 0:8f0bb79ddd48 | 301 | if (version != 1 || chain_length == 0) { |
| leothedragon | 0:8f0bb79ddd48 | 302 | success = CCS_STATUS_VALIDATION_FAIL; |
| leothedragon | 0:8f0bb79ddd48 | 303 | } |
| leothedragon | 0:8f0bb79ddd48 | 304 | |
| leothedragon | 0:8f0bb79ddd48 | 305 | // Create KCM cert chain |
| leothedragon | 0:8f0bb79ddd48 | 306 | if (success == CCS_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 307 | status = kcm_cert_chain_create(&chain_handle, |
| leothedragon | 0:8f0bb79ddd48 | 308 | cert_chain_name, |
| leothedragon | 0:8f0bb79ddd48 | 309 | cert_chain_name_len, |
| leothedragon | 0:8f0bb79ddd48 | 310 | chain_length, |
| leothedragon | 0:8f0bb79ddd48 | 311 | false); |
| leothedragon | 0:8f0bb79ddd48 | 312 | tr_debug("Cert chain create %d", status); |
| leothedragon | 0:8f0bb79ddd48 | 313 | if (status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 314 | success = CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 315 | } |
| leothedragon | 0:8f0bb79ddd48 | 316 | } |
| leothedragon | 0:8f0bb79ddd48 | 317 | |
| leothedragon | 0:8f0bb79ddd48 | 318 | if (success == CCS_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 319 | for (uint8_t i = 0; i < chain_length; i++) { |
| leothedragon | 0:8f0bb79ddd48 | 320 | // Parse certificate length (2 bytes) |
| leothedragon | 0:8f0bb79ddd48 | 321 | uint16_t cert_len = common_read_16_bit(ptr); |
| leothedragon | 0:8f0bb79ddd48 | 322 | ptr += 2; |
| leothedragon | 0:8f0bb79ddd48 | 323 | // Check overflow |
| leothedragon | 0:8f0bb79ddd48 | 324 | if (ptr - cert_chain_data > cert_chain_data_len) { |
| leothedragon | 0:8f0bb79ddd48 | 325 | success = CCS_STATUS_VALIDATION_FAIL; |
| leothedragon | 0:8f0bb79ddd48 | 326 | break; |
| leothedragon | 0:8f0bb79ddd48 | 327 | } |
| leothedragon | 0:8f0bb79ddd48 | 328 | |
| leothedragon | 0:8f0bb79ddd48 | 329 | // Store certificate |
| leothedragon | 0:8f0bb79ddd48 | 330 | tr_debug("Storing cert\r\n%s", tr_array(ptr, cert_len)); |
| leothedragon | 0:8f0bb79ddd48 | 331 | status = kcm_cert_chain_add_next(chain_handle, ptr, cert_len); |
| leothedragon | 0:8f0bb79ddd48 | 332 | if (status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 333 | success = CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 334 | break; |
| leothedragon | 0:8f0bb79ddd48 | 335 | } |
| leothedragon | 0:8f0bb79ddd48 | 336 | |
| leothedragon | 0:8f0bb79ddd48 | 337 | ptr += cert_len; |
| leothedragon | 0:8f0bb79ddd48 | 338 | |
| leothedragon | 0:8f0bb79ddd48 | 339 | // Check overflow |
| leothedragon | 0:8f0bb79ddd48 | 340 | if (ptr - cert_chain_data > cert_chain_data_len) { |
| leothedragon | 0:8f0bb79ddd48 | 341 | success = CCS_STATUS_VALIDATION_FAIL; |
| leothedragon | 0:8f0bb79ddd48 | 342 | break; |
| leothedragon | 0:8f0bb79ddd48 | 343 | } |
| leothedragon | 0:8f0bb79ddd48 | 344 | } |
| leothedragon | 0:8f0bb79ddd48 | 345 | |
| leothedragon | 0:8f0bb79ddd48 | 346 | status = kcm_cert_chain_close(chain_handle); |
| leothedragon | 0:8f0bb79ddd48 | 347 | if (status != KCM_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 348 | success = CCS_STATUS_ERROR; |
| leothedragon | 0:8f0bb79ddd48 | 349 | } |
| leothedragon | 0:8f0bb79ddd48 | 350 | } |
| leothedragon | 0:8f0bb79ddd48 | 351 | |
| leothedragon | 0:8f0bb79ddd48 | 352 | if (success != CCS_STATUS_SUCCESS) { |
| leothedragon | 0:8f0bb79ddd48 | 353 | kcm_cert_chain_delete(cert_chain_name, cert_chain_name_len); |
| leothedragon | 0:8f0bb79ddd48 | 354 | } |
| leothedragon | 0:8f0bb79ddd48 | 355 | |
| leothedragon | 0:8f0bb79ddd48 | 356 | return success; |
| leothedragon | 0:8f0bb79ddd48 | 357 | } |