Mayank Gupta / Mbed OS pelion-example-frdm

Example

Dependencies:   FXAS21002 FXOS8700Q

simple-mbed-cloud-client/mbed-cloud-client/certificate-enrollment-client/source/CertificateRenewalData.cpp@0:11cc2b7889af, 2019-11-19 (annotated)

Committer:
maygup01
Date:
Tue Nov 19 09:49:38 2019 +0000
Revision:
0:11cc2b7889af
Example

Who changed what in which revision?

UserRevisionLine numberNew contents of line
maygup01 0:11cc2b7889af 1 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 2 // Copyright 2018 ARM Ltd.
maygup01 0:11cc2b7889af 3 //
maygup01 0:11cc2b7889af 4 // Licensed under the Apache License, Version 2.0 (the "License");
maygup01 0:11cc2b7889af 5 // you may not use this file except in compliance with the License.
maygup01 0:11cc2b7889af 6 // You may obtain a copy of the License at
maygup01 0:11cc2b7889af 7 //
maygup01 0:11cc2b7889af 8 // http://www.apache.org/licenses/LICENSE-2.0
maygup01 0:11cc2b7889af 9 //
maygup01 0:11cc2b7889af 10 // Unless required by applicable law or agreed to in writing, software
maygup01 0:11cc2b7889af 11 // distributed under the License is distributed on an "AS IS" BASIS,
maygup01 0:11cc2b7889af 12 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
maygup01 0:11cc2b7889af 13 // See the License for the specific language governing permissions and
maygup01 0:11cc2b7889af 14 // limitations under the License.
maygup01 0:11cc2b7889af 15 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 16
maygup01 0:11cc2b7889af 17 #include "ce_tlv.h"
maygup01 0:11cc2b7889af 18 #include "CertificateEnrollmentClientCommon.h"
maygup01 0:11cc2b7889af 19 #include "CertificateRenewalData.h"
maygup01 0:11cc2b7889af 20 #include "key_config_manager.h"
maygup01 0:11cc2b7889af 21 #include "cs_der_keys_and_csrs.h"
maygup01 0:11cc2b7889af 22 #include "pv_log.h"
maygup01 0:11cc2b7889af 23
maygup01 0:11cc2b7889af 24
maygup01 0:11cc2b7889af 25 #include <string.h>
maygup01 0:11cc2b7889af 26 #include <stdio.h>
maygup01 0:11cc2b7889af 27
maygup01 0:11cc2b7889af 28 namespace CertificateEnrollmentClient {
maygup01 0:11cc2b7889af 29
maygup01 0:11cc2b7889af 30 // Base class constructor - Allocate raw data so that it remains persistent
maygup01 0:11cc2b7889af 31 CertificateRenewalDataBase::CertificateRenewalDataBase(const uint8_t *raw_data, size_t raw_data_size)
maygup01 0:11cc2b7889af 32 {
maygup01 0:11cc2b7889af 33 _raw_data_size = raw_data_size;
maygup01 0:11cc2b7889af 34 cert_name = NULL;
maygup01 0:11cc2b7889af 35 csr = NULL;
maygup01 0:11cc2b7889af 36 csr_size = 0;
maygup01 0:11cc2b7889af 37 est_data = NULL;
maygup01 0:11cc2b7889af 38 key_handle = 0;
maygup01 0:11cc2b7889af 39 _raw_data = (uint8_t *)malloc(raw_data_size);
maygup01 0:11cc2b7889af 40 memcpy(_raw_data, raw_data, _raw_data_size);
maygup01 0:11cc2b7889af 41 }
maygup01 0:11cc2b7889af 42
maygup01 0:11cc2b7889af 43 // Free _raw_data, private_key, public_key (base destructor is called implicitly after derived destructor),
maygup01 0:11cc2b7889af 44 CertificateRenewalDataBase::~CertificateRenewalDataBase()
maygup01 0:11cc2b7889af 45 {
maygup01 0:11cc2b7889af 46 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 47 ce_status_e ce_status;
maygup01 0:11cc2b7889af 48
maygup01 0:11cc2b7889af 49 free(_raw_data);
maygup01 0:11cc2b7889af 50 free(csr);
maygup01 0:11cc2b7889af 51
maygup01 0:11cc2b7889af 52 // Release the key handle, this shouldn't fail...
maygup01 0:11cc2b7889af 53 kcm_status = cs_ec_key_free(&key_handle);
maygup01 0:11cc2b7889af 54 ce_status = ce_error_handler(kcm_status);
maygup01 0:11cc2b7889af 55
maygup01 0:11cc2b7889af 56 if (ce_status != CE_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 57 SA_PV_LOG_ERR("Failed releasing CSR's key handle (status %u)\n", kcm_status);
maygup01 0:11cc2b7889af 58 }
maygup01 0:11cc2b7889af 59 }
maygup01 0:11cc2b7889af 60
maygup01 0:11cc2b7889af 61 CertificateRenewalDataFromServer::CertificateRenewalDataFromServer(const uint8_t *raw_data, size_t raw_data_size) :
maygup01 0:11cc2b7889af 62 CertificateRenewalDataBase(raw_data, raw_data_size)
maygup01 0:11cc2b7889af 63 {
maygup01 0:11cc2b7889af 64 }
maygup01 0:11cc2b7889af 65
maygup01 0:11cc2b7889af 66 CertificateRenewalDataFromServer::~CertificateRenewalDataFromServer()
maygup01 0:11cc2b7889af 67 {
maygup01 0:11cc2b7889af 68 }
maygup01 0:11cc2b7889af 69
maygup01 0:11cc2b7889af 70 // Parse the CertificateRenewalDataFromServer::data as a CBOR and retrieve the cert name and size
maygup01 0:11cc2b7889af 71 ce_status_e CertificateRenewalDataFromServer::parse()
maygup01 0:11cc2b7889af 72 {
maygup01 0:11cc2b7889af 73 // NOTE: We should treat the TLV's VALUE according to the given type
maygup01 0:11cc2b7889af 74 // since there is only one type at the moment no parsing is needed.
maygup01 0:11cc2b7889af 75
maygup01 0:11cc2b7889af 76 ce_tlv_status_e status;
maygup01 0:11cc2b7889af 77 ce_tlv_element_s element;
maygup01 0:11cc2b7889af 78
maygup01 0:11cc2b7889af 79 cert_name = NULL;
maygup01 0:11cc2b7889af 80
maygup01 0:11cc2b7889af 81 if (ce_tlv_parser_init(_raw_data, _raw_data_size, &element) != CE_TLV_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 82 return CE_STATUS_BAD_INPUT_FROM_SERVER;
maygup01 0:11cc2b7889af 83 }
maygup01 0:11cc2b7889af 84
maygup01 0:11cc2b7889af 85 while ((status = ce_tlv_parse_next(&element)) != CE_TLV_STATUS_END) {
maygup01 0:11cc2b7889af 86 if (status != CE_TLV_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 87 // something got wrong while parsing
maygup01 0:11cc2b7889af 88 return CE_STATUS_BAD_INPUT_FROM_SERVER;
maygup01 0:11cc2b7889af 89 }
maygup01 0:11cc2b7889af 90
maygup01 0:11cc2b7889af 91 // element parsed successfully - check if type supported
maygup01 0:11cc2b7889af 92
maygup01 0:11cc2b7889af 93 if ((element.type != CE_TLV_TYPE_CERT_NAME) && (is_required(&element))) {
maygup01 0:11cc2b7889af 94 return CE_STATUS_BAD_INPUT_FROM_SERVER;
maygup01 0:11cc2b7889af 95 } else if ((element.type != CE_TLV_TYPE_CERT_NAME) && (!is_required(&element))) {
maygup01 0:11cc2b7889af 96 // unsupported type but optional - ignored
maygup01 0:11cc2b7889af 97 continue;
maygup01 0:11cc2b7889af 98 }
maygup01 0:11cc2b7889af 99
maygup01 0:11cc2b7889af 100 cert_name = element.val.text;
maygup01 0:11cc2b7889af 101 SA_PV_LOG_INFO("\nParsed certificate to be updated is %s\n", (char *)element.val.text);
maygup01 0:11cc2b7889af 102 }
maygup01 0:11cc2b7889af 103
maygup01 0:11cc2b7889af 104 if (cert_name == NULL) {
maygup01 0:11cc2b7889af 105 // parsing succeeded however we haven't got a concrete certificate name
maygup01 0:11cc2b7889af 106 return CE_STATUS_BAD_INPUT_FROM_SERVER;
maygup01 0:11cc2b7889af 107 }
maygup01 0:11cc2b7889af 108
maygup01 0:11cc2b7889af 109 return CE_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 110 };
maygup01 0:11cc2b7889af 111
maygup01 0:11cc2b7889af 112 // call the user callback and send message to the cloud
maygup01 0:11cc2b7889af 113 void CertificateRenewalDataFromServer::finish(ce_status_e status)
maygup01 0:11cc2b7889af 114 {
maygup01 0:11cc2b7889af 115 SA_PV_LOG_INFO("sending delayed response, status: %d\n", (int)status);
maygup01 0:11cc2b7889af 116 g_cert_enroll_lwm2m_resource->set_value((int64_t)status);
maygup01 0:11cc2b7889af 117 g_cert_enroll_lwm2m_resource->send_delayed_post_response();
maygup01 0:11cc2b7889af 118
maygup01 0:11cc2b7889af 119 // Call the user callback after setting the resource so that the user may delete the MCC object from the CB.
maygup01 0:11cc2b7889af 120 // If we had called the CB prior to setting the resource value, this would result in writing to unallocated memory.
maygup01 0:11cc2b7889af 121 call_user_cert_renewal_cb(cert_name, status, CE_INITIATOR_SERVER);
maygup01 0:11cc2b7889af 122 };
maygup01 0:11cc2b7889af 123
maygup01 0:11cc2b7889af 124 CertificateRenewalDataFromDevice::CertificateRenewalDataFromDevice(const char *raw_data) :
maygup01 0:11cc2b7889af 125 CertificateRenewalDataBase((uint8_t *)raw_data, (strlen(raw_data) + 1))
maygup01 0:11cc2b7889af 126 {
maygup01 0:11cc2b7889af 127 }
maygup01 0:11cc2b7889af 128
maygup01 0:11cc2b7889af 129 CertificateRenewalDataFromDevice::~CertificateRenewalDataFromDevice()
maygup01 0:11cc2b7889af 130 {
maygup01 0:11cc2b7889af 131 }
maygup01 0:11cc2b7889af 132
maygup01 0:11cc2b7889af 133 // Nothing to do other than set the cert_name field
maygup01 0:11cc2b7889af 134 ce_status_e CertificateRenewalDataFromDevice::parse()
maygup01 0:11cc2b7889af 135 {
maygup01 0:11cc2b7889af 136 cert_name = (const char *)_raw_data;
maygup01 0:11cc2b7889af 137 return CE_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 138 }
maygup01 0:11cc2b7889af 139
maygup01 0:11cc2b7889af 140 // Call the user callback but do not send anything to the server
maygup01 0:11cc2b7889af 141 void CertificateRenewalDataFromDevice::finish(ce_status_e status)
maygup01 0:11cc2b7889af 142 {
maygup01 0:11cc2b7889af 143 call_user_cert_renewal_cb(cert_name, status, CE_INITIATOR_DEVICE);
maygup01 0:11cc2b7889af 144 }
maygup01 0:11cc2b7889af 145
maygup01 0:11cc2b7889af 146 }