leo hendrickson / Mbed OS example-Ethernet-mbed-Cloud-connect

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

simple-mbed-cloud-client/mbed-cloud-client/certificate-enrollment-client/source/CertificateRenewalData.cpp@0:8f0bb79ddd48, 2021-05-04 (annotated)

Committer:
leothedragon
Date:
Tue May 04 08:55:12 2021 +0000
Revision:
0:8f0bb79ddd48
nmn

Who changed what in which revision?

UserRevisionLine numberNew contents of line
leothedragon 0:8f0bb79ddd48 1 // ----------------------------------------------------------------------------
leothedragon 0:8f0bb79ddd48 2 // Copyright 2018 ARM Ltd.
leothedragon 0:8f0bb79ddd48 3 //
leothedragon 0:8f0bb79ddd48 4 // Licensed under the Apache License, Version 2.0 (the "License");
leothedragon 0:8f0bb79ddd48 5 // you may not use this file except in compliance with the License.
leothedragon 0:8f0bb79ddd48 6 // You may obtain a copy of the License at
leothedragon 0:8f0bb79ddd48 7 //
leothedragon 0:8f0bb79ddd48 8 // http://www.apache.org/licenses/LICENSE-2.0
leothedragon 0:8f0bb79ddd48 9 //
leothedragon 0:8f0bb79ddd48 10 // Unless required by applicable law or agreed to in writing, software
leothedragon 0:8f0bb79ddd48 11 // distributed under the License is distributed on an "AS IS" BASIS,
leothedragon 0:8f0bb79ddd48 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
leothedragon 0:8f0bb79ddd48 13 // See the License for the specific language governing permissions and
leothedragon 0:8f0bb79ddd48 14 // limitations under the License.
leothedragon 0:8f0bb79ddd48 15 // ----------------------------------------------------------------------------
leothedragon 0:8f0bb79ddd48 16
leothedragon 0:8f0bb79ddd48 17 #include "ce_tlv.h"
leothedragon 0:8f0bb79ddd48 18 #include "CertificateEnrollmentClientCommon.h"
leothedragon 0:8f0bb79ddd48 19 #include "CertificateRenewalData.h"
leothedragon 0:8f0bb79ddd48 20 #include "key_config_manager.h"
leothedragon 0:8f0bb79ddd48 21 #include "cs_der_keys_and_csrs.h"
leothedragon 0:8f0bb79ddd48 22 #include "pv_log.h"
leothedragon 0:8f0bb79ddd48 23
leothedragon 0:8f0bb79ddd48 24
leothedragon 0:8f0bb79ddd48 25 #include <string.h>
leothedragon 0:8f0bb79ddd48 26 #include <stdio.h>
leothedragon 0:8f0bb79ddd48 27
leothedragon 0:8f0bb79ddd48 28 namespace CertificateEnrollmentClient {
leothedragon 0:8f0bb79ddd48 29
leothedragon 0:8f0bb79ddd48 30 // Base class constructor - Allocate raw data so that it remains persistent
leothedragon 0:8f0bb79ddd48 31 CertificateRenewalDataBase::CertificateRenewalDataBase(const uint8_t *raw_data, size_t raw_data_size)
leothedragon 0:8f0bb79ddd48 32 {
leothedragon 0:8f0bb79ddd48 33 _raw_data_size = raw_data_size;
leothedragon 0:8f0bb79ddd48 34 cert_name = NULL;
leothedragon 0:8f0bb79ddd48 35 csr = NULL;
leothedragon 0:8f0bb79ddd48 36 csr_size = 0;
leothedragon 0:8f0bb79ddd48 37 est_data = NULL;
leothedragon 0:8f0bb79ddd48 38 key_handle = 0;
leothedragon 0:8f0bb79ddd48 39 _raw_data = (uint8_t *)malloc(raw_data_size);
leothedragon 0:8f0bb79ddd48 40 memcpy(_raw_data, raw_data, _raw_data_size);
leothedragon 0:8f0bb79ddd48 41 }
leothedragon 0:8f0bb79ddd48 42
leothedragon 0:8f0bb79ddd48 43 // Free _raw_data, private_key, public_key (base destructor is called implicitly after derived destructor),
leothedragon 0:8f0bb79ddd48 44 CertificateRenewalDataBase::~CertificateRenewalDataBase()
leothedragon 0:8f0bb79ddd48 45 {
leothedragon 0:8f0bb79ddd48 46 kcm_status_e kcm_status;
leothedragon 0:8f0bb79ddd48 47 ce_status_e ce_status;
leothedragon 0:8f0bb79ddd48 48
leothedragon 0:8f0bb79ddd48 49 free(_raw_data);
leothedragon 0:8f0bb79ddd48 50 free(csr);
leothedragon 0:8f0bb79ddd48 51
leothedragon 0:8f0bb79ddd48 52 // Release the key handle, this shouldn't fail...
leothedragon 0:8f0bb79ddd48 53 kcm_status = cs_ec_key_free(&key_handle);
leothedragon 0:8f0bb79ddd48 54 ce_status = ce_error_handler(kcm_status);
leothedragon 0:8f0bb79ddd48 55
leothedragon 0:8f0bb79ddd48 56 if (ce_status != CE_STATUS_SUCCESS) {
leothedragon 0:8f0bb79ddd48 57 SA_PV_LOG_ERR("Failed releasing CSR's key handle (status %u)\n", kcm_status);
leothedragon 0:8f0bb79ddd48 58 }
leothedragon 0:8f0bb79ddd48 59 }
leothedragon 0:8f0bb79ddd48 60
leothedragon 0:8f0bb79ddd48 61 CertificateRenewalDataFromServer::CertificateRenewalDataFromServer(const uint8_t *raw_data, size_t raw_data_size) :
leothedragon 0:8f0bb79ddd48 62 CertificateRenewalDataBase(raw_data, raw_data_size)
leothedragon 0:8f0bb79ddd48 63 {
leothedragon 0:8f0bb79ddd48 64 }
leothedragon 0:8f0bb79ddd48 65
leothedragon 0:8f0bb79ddd48 66 CertificateRenewalDataFromServer::~CertificateRenewalDataFromServer()
leothedragon 0:8f0bb79ddd48 67 {
leothedragon 0:8f0bb79ddd48 68 }
leothedragon 0:8f0bb79ddd48 69
leothedragon 0:8f0bb79ddd48 70 // Parse the CertificateRenewalDataFromServer::data as a CBOR and retrieve the cert name and size
leothedragon 0:8f0bb79ddd48 71 ce_status_e CertificateRenewalDataFromServer::parse()
leothedragon 0:8f0bb79ddd48 72 {
leothedragon 0:8f0bb79ddd48 73 // NOTE: We should treat the TLV's VALUE according to the given type
leothedragon 0:8f0bb79ddd48 74 // since there is only one type at the moment no parsing is needed.
leothedragon 0:8f0bb79ddd48 75
leothedragon 0:8f0bb79ddd48 76 ce_tlv_status_e status;
leothedragon 0:8f0bb79ddd48 77 ce_tlv_element_s element;
leothedragon 0:8f0bb79ddd48 78
leothedragon 0:8f0bb79ddd48 79 cert_name = NULL;
leothedragon 0:8f0bb79ddd48 80
leothedragon 0:8f0bb79ddd48 81 if (ce_tlv_parser_init(_raw_data, _raw_data_size, &element) != CE_TLV_STATUS_SUCCESS) {
leothedragon 0:8f0bb79ddd48 82 return CE_STATUS_BAD_INPUT_FROM_SERVER;
leothedragon 0:8f0bb79ddd48 83 }
leothedragon 0:8f0bb79ddd48 84
leothedragon 0:8f0bb79ddd48 85 while ((status = ce_tlv_parse_next(&element)) != CE_TLV_STATUS_END) {
leothedragon 0:8f0bb79ddd48 86 if (status != CE_TLV_STATUS_SUCCESS) {
leothedragon 0:8f0bb79ddd48 87 // something got wrong while parsing
leothedragon 0:8f0bb79ddd48 88 return CE_STATUS_BAD_INPUT_FROM_SERVER;
leothedragon 0:8f0bb79ddd48 89 }
leothedragon 0:8f0bb79ddd48 90
leothedragon 0:8f0bb79ddd48 91 // element parsed successfully - check if type supported
leothedragon 0:8f0bb79ddd48 92
leothedragon 0:8f0bb79ddd48 93 if ((element.type != CE_TLV_TYPE_CERT_NAME) && (is_required(&element))) {
leothedragon 0:8f0bb79ddd48 94 return CE_STATUS_BAD_INPUT_FROM_SERVER;
leothedragon 0:8f0bb79ddd48 95 } else if ((element.type != CE_TLV_TYPE_CERT_NAME) && (!is_required(&element))) {
leothedragon 0:8f0bb79ddd48 96 // unsupported type but optional - ignored
leothedragon 0:8f0bb79ddd48 97 continue;
leothedragon 0:8f0bb79ddd48 98 }
leothedragon 0:8f0bb79ddd48 99
leothedragon 0:8f0bb79ddd48 100 cert_name = element.val.text;
leothedragon 0:8f0bb79ddd48 101 SA_PV_LOG_INFO("\nParsed certificate to be updated is %s\n", (char *)element.val.text);
leothedragon 0:8f0bb79ddd48 102 }
leothedragon 0:8f0bb79ddd48 103
leothedragon 0:8f0bb79ddd48 104 if (cert_name == NULL) {
leothedragon 0:8f0bb79ddd48 105 // parsing succeeded however we haven't got a concrete certificate name
leothedragon 0:8f0bb79ddd48 106 return CE_STATUS_BAD_INPUT_FROM_SERVER;
leothedragon 0:8f0bb79ddd48 107 }
leothedragon 0:8f0bb79ddd48 108
leothedragon 0:8f0bb79ddd48 109 return CE_STATUS_SUCCESS;
leothedragon 0:8f0bb79ddd48 110 };
leothedragon 0:8f0bb79ddd48 111
leothedragon 0:8f0bb79ddd48 112 // call the user callback and send message to the cloud
leothedragon 0:8f0bb79ddd48 113 void CertificateRenewalDataFromServer::finish(ce_status_e status)
leothedragon 0:8f0bb79ddd48 114 {
leothedragon 0:8f0bb79ddd48 115 SA_PV_LOG_INFO("sending delayed response, status: %d\n", (int)status);
leothedragon 0:8f0bb79ddd48 116 g_cert_enroll_lwm2m_resource->set_value((int64_t)status);
leothedragon 0:8f0bb79ddd48 117 g_cert_enroll_lwm2m_resource->send_delayed_post_response();
leothedragon 0:8f0bb79ddd48 118
leothedragon 0:8f0bb79ddd48 119 // Call the user callback after setting the resource so that the user may delete the MCC object from the CB.
leothedragon 0:8f0bb79ddd48 120 // If we had called the CB prior to setting the resource value, this would result in writing to unallocated memory.
leothedragon 0:8f0bb79ddd48 121 call_user_cert_renewal_cb(cert_name, status, CE_INITIATOR_SERVER);
leothedragon 0:8f0bb79ddd48 122 };
leothedragon 0:8f0bb79ddd48 123
leothedragon 0:8f0bb79ddd48 124 CertificateRenewalDataFromDevice::CertificateRenewalDataFromDevice(const char *raw_data) :
leothedragon 0:8f0bb79ddd48 125 CertificateRenewalDataBase((uint8_t *)raw_data, (strlen(raw_data) + 1))
leothedragon 0:8f0bb79ddd48 126 {
leothedragon 0:8f0bb79ddd48 127 }
leothedragon 0:8f0bb79ddd48 128
leothedragon 0:8f0bb79ddd48 129 CertificateRenewalDataFromDevice::~CertificateRenewalDataFromDevice()
leothedragon 0:8f0bb79ddd48 130 {
leothedragon 0:8f0bb79ddd48 131 }
leothedragon 0:8f0bb79ddd48 132
leothedragon 0:8f0bb79ddd48 133 // Nothing to do other than set the cert_name field
leothedragon 0:8f0bb79ddd48 134 ce_status_e CertificateRenewalDataFromDevice::parse()
leothedragon 0:8f0bb79ddd48 135 {
leothedragon 0:8f0bb79ddd48 136 cert_name = (const char *)_raw_data;
leothedragon 0:8f0bb79ddd48 137 return CE_STATUS_SUCCESS;
leothedragon 0:8f0bb79ddd48 138 }
leothedragon 0:8f0bb79ddd48 139
leothedragon 0:8f0bb79ddd48 140 // Call the user callback but do not send anything to the server
leothedragon 0:8f0bb79ddd48 141 void CertificateRenewalDataFromDevice::finish(ce_status_e status)
leothedragon 0:8f0bb79ddd48 142 {
leothedragon 0:8f0bb79ddd48 143 call_user_cert_renewal_cb(cert_name, status, CE_INITIATOR_DEVICE);
leothedragon 0:8f0bb79ddd48 144 }
leothedragon 0:8f0bb79ddd48 145
leothedragon 0:8f0bb79ddd48 146 }