Mayank Gupta / Mbed OS pelion-example-frdm

Example

Dependencies:   FXAS21002 FXOS8700Q

simple-mbed-cloud-client/mbed-cloud-client/source/CloudClientStorage.c@0:11cc2b7889af, 2019-11-19 (annotated)

Committer:
maygup01
Date:
Tue Nov 19 09:49:38 2019 +0000
Revision:
0:11cc2b7889af
Example

Who changed what in which revision?

UserRevisionLine numberNew contents of line
maygup01 0:11cc2b7889af 1 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 2 // Copyright 2016-2017 ARM Ltd.
maygup01 0:11cc2b7889af 3 //
maygup01 0:11cc2b7889af 4 // SPDX-License-Identifier: Apache-2.0
maygup01 0:11cc2b7889af 5 //
maygup01 0:11cc2b7889af 6 // Licensed under the Apache License, Version 2.0 (the "License");
maygup01 0:11cc2b7889af 7 // you may not use this file except in compliance with the License.
maygup01 0:11cc2b7889af 8 // You may obtain a copy of the License at
maygup01 0:11cc2b7889af 9 //
maygup01 0:11cc2b7889af 10 // http://www.apache.org/licenses/LICENSE-2.0
maygup01 0:11cc2b7889af 11 //
maygup01 0:11cc2b7889af 12 // Unless required by applicable law or agreed to in writing, software
maygup01 0:11cc2b7889af 13 // distributed under the License is distributed on an "AS IS" BASIS,
maygup01 0:11cc2b7889af 14 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
maygup01 0:11cc2b7889af 15 // See the License for the specific language governing permissions and
maygup01 0:11cc2b7889af 16 // limitations under the License.
maygup01 0:11cc2b7889af 17 // ----------------------------------------------------------------------------
maygup01 0:11cc2b7889af 18
maygup01 0:11cc2b7889af 19 #include <string.h>
maygup01 0:11cc2b7889af 20 #include <assert.h>
maygup01 0:11cc2b7889af 21 #include "key_config_manager.h"
maygup01 0:11cc2b7889af 22 #include "CloudClientStorage.h"
maygup01 0:11cc2b7889af 23 #include "mbed-trace/mbed_trace.h"
maygup01 0:11cc2b7889af 24 #include "mbed-client-libservice/common_functions.h"
maygup01 0:11cc2b7889af 25
maygup01 0:11cc2b7889af 26 #define TRACE_GROUP "mClt"
maygup01 0:11cc2b7889af 27
maygup01 0:11cc2b7889af 28 ccs_status_e uninitialize_storage(void)
maygup01 0:11cc2b7889af 29 {
maygup01 0:11cc2b7889af 30 tr_debug("CloudClientStorage::uninitialize_storage");
maygup01 0:11cc2b7889af 31
maygup01 0:11cc2b7889af 32 kcm_status_e status = kcm_finalize();
maygup01 0:11cc2b7889af 33 if(status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 34 tr_error("CloudClientStorage::uninitialize_storage - error %d", status);
maygup01 0:11cc2b7889af 35 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 36 }
maygup01 0:11cc2b7889af 37 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 38 }
maygup01 0:11cc2b7889af 39
maygup01 0:11cc2b7889af 40 ccs_status_e initialize_storage(void)
maygup01 0:11cc2b7889af 41 {
maygup01 0:11cc2b7889af 42 tr_debug("CloudClientStorage::initialize_storage");
maygup01 0:11cc2b7889af 43 kcm_status_e status = kcm_init();
maygup01 0:11cc2b7889af 44 if(status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 45 tr_error("CloudClientStorage::::initialize_storage - error %d", status);
maygup01 0:11cc2b7889af 46 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 47 }
maygup01 0:11cc2b7889af 48 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 49 }
maygup01 0:11cc2b7889af 50
maygup01 0:11cc2b7889af 51 ccs_status_e ccs_get_string_item(const char* key,
maygup01 0:11cc2b7889af 52 uint8_t *buffer,
maygup01 0:11cc2b7889af 53 const size_t buffer_size,
maygup01 0:11cc2b7889af 54 ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 55 {
maygup01 0:11cc2b7889af 56 size_t len = 0;
maygup01 0:11cc2b7889af 57 ccs_status_e status = ccs_get_item(key, buffer, buffer_size - 1, &len, item_type);
maygup01 0:11cc2b7889af 58
maygup01 0:11cc2b7889af 59 if (status == CCS_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 60 // Null terminate after buffer value
maygup01 0:11cc2b7889af 61 buffer[len] = 0;
maygup01 0:11cc2b7889af 62 }
maygup01 0:11cc2b7889af 63
maygup01 0:11cc2b7889af 64 return status;
maygup01 0:11cc2b7889af 65 }
maygup01 0:11cc2b7889af 66
maygup01 0:11cc2b7889af 67 ccs_status_e ccs_check_item(const char* key, ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 68 {
maygup01 0:11cc2b7889af 69 if (key == NULL) {
maygup01 0:11cc2b7889af 70 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 71 }
maygup01 0:11cc2b7889af 72
maygup01 0:11cc2b7889af 73 size_t real_size = 0;
maygup01 0:11cc2b7889af 74 kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key, strlen(key), (kcm_item_type_e)item_type, &real_size);
maygup01 0:11cc2b7889af 75 if (kcm_status == KCM_STATUS_ITEM_NOT_FOUND) {
maygup01 0:11cc2b7889af 76 return CCS_STATUS_KEY_DOESNT_EXIST;
maygup01 0:11cc2b7889af 77 }
maygup01 0:11cc2b7889af 78 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 79 }
maygup01 0:11cc2b7889af 80
maygup01 0:11cc2b7889af 81 ccs_status_e ccs_delete_item(const char* key, ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 82 {
maygup01 0:11cc2b7889af 83 if (key == NULL) {
maygup01 0:11cc2b7889af 84 tr_error("CloudClientStorage::ccs_delete_item error, invalid parameters");
maygup01 0:11cc2b7889af 85 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 86 }
maygup01 0:11cc2b7889af 87
maygup01 0:11cc2b7889af 88 ccs_status_e status = ccs_check_item(key, item_type);
maygup01 0:11cc2b7889af 89 if (status == CCS_STATUS_KEY_DOESNT_EXIST) {
maygup01 0:11cc2b7889af 90 // No need to call delete as item does not exist.
maygup01 0:11cc2b7889af 91 tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] does not exist. Not deleting anything.", key, item_type);
maygup01 0:11cc2b7889af 92 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 93 } else if (status == CCS_STATUS_ERROR) {
maygup01 0:11cc2b7889af 94 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 95 }
maygup01 0:11cc2b7889af 96
maygup01 0:11cc2b7889af 97 // Delete parameter from storage
maygup01 0:11cc2b7889af 98 tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] ", key, item_type);
maygup01 0:11cc2b7889af 99 kcm_status_e kcm_status = kcm_item_delete((const uint8_t*)key,
maygup01 0:11cc2b7889af 100 strlen(key),
maygup01 0:11cc2b7889af 101 (kcm_item_type_e)item_type);
maygup01 0:11cc2b7889af 102
maygup01 0:11cc2b7889af 103 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 104 tr_debug("CloudClientStorage::ccs_delete_item [%s] kcm error %d", key, kcm_status);
maygup01 0:11cc2b7889af 105 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 106 }
maygup01 0:11cc2b7889af 107
maygup01 0:11cc2b7889af 108 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 109 }
maygup01 0:11cc2b7889af 110
maygup01 0:11cc2b7889af 111 ccs_status_e ccs_item_size(const char* key, size_t* size_out, ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 112 {
maygup01 0:11cc2b7889af 113 if (key == NULL) {
maygup01 0:11cc2b7889af 114 tr_error("CloudClientStorage::ccs_item_size error, invalid parameters");
maygup01 0:11cc2b7889af 115 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 116 }
maygup01 0:11cc2b7889af 117
maygup01 0:11cc2b7889af 118 tr_debug("CloudClientStorage::ccs_item_size [%s], item [%d]", key, item_type);
maygup01 0:11cc2b7889af 119
maygup01 0:11cc2b7889af 120 // Get kcm item size
maygup01 0:11cc2b7889af 121 kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key,
maygup01 0:11cc2b7889af 122 strlen(key),
maygup01 0:11cc2b7889af 123 (kcm_item_type_e)item_type,
maygup01 0:11cc2b7889af 124 size_out);
maygup01 0:11cc2b7889af 125
maygup01 0:11cc2b7889af 126 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 127 tr_debug("CloudClientStorage::ccs_item_size [%s] kcm error %d", key, kcm_status);
maygup01 0:11cc2b7889af 128 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 129 }
maygup01 0:11cc2b7889af 130
maygup01 0:11cc2b7889af 131 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 132 }
maygup01 0:11cc2b7889af 133
maygup01 0:11cc2b7889af 134 ccs_status_e ccs_get_item(const char* key,
maygup01 0:11cc2b7889af 135 uint8_t *buffer,
maygup01 0:11cc2b7889af 136 const size_t buffer_size,
maygup01 0:11cc2b7889af 137 size_t *value_length,
maygup01 0:11cc2b7889af 138 ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 139 {
maygup01 0:11cc2b7889af 140 if (key == NULL || buffer == NULL || buffer_size == 0) {
maygup01 0:11cc2b7889af 141 tr_error("CloudClientStorage::ccs_get_item error, invalid parameters");
maygup01 0:11cc2b7889af 142 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 143 }
maygup01 0:11cc2b7889af 144
maygup01 0:11cc2b7889af 145 tr_debug("CloudClientStorage::ccs_get_item [%s], type [%d]", key, item_type);
maygup01 0:11cc2b7889af 146
maygup01 0:11cc2b7889af 147 kcm_status_e kcm_status = kcm_item_get_data((const uint8_t*)key,
maygup01 0:11cc2b7889af 148 strlen(key),
maygup01 0:11cc2b7889af 149 (kcm_item_type_e)item_type,
maygup01 0:11cc2b7889af 150 buffer,
maygup01 0:11cc2b7889af 151 buffer_size,
maygup01 0:11cc2b7889af 152 value_length);
maygup01 0:11cc2b7889af 153
maygup01 0:11cc2b7889af 154 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 155 tr_debug("CloudClientStorage::ccs_get_item [%s] kcm error %d", key, kcm_status);
maygup01 0:11cc2b7889af 156 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 157 }
maygup01 0:11cc2b7889af 158
maygup01 0:11cc2b7889af 159 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 160 }
maygup01 0:11cc2b7889af 161
maygup01 0:11cc2b7889af 162 ccs_status_e ccs_set_item(const char* key,
maygup01 0:11cc2b7889af 163 const uint8_t *buffer,
maygup01 0:11cc2b7889af 164 const size_t buffer_size,
maygup01 0:11cc2b7889af 165 ccs_item_type_e item_type)
maygup01 0:11cc2b7889af 166 {
maygup01 0:11cc2b7889af 167 if (key == NULL || buffer == NULL || buffer_size == 0) {
maygup01 0:11cc2b7889af 168 tr_error("CloudClientStorage::ccs_set_item error, invalid parameters");
maygup01 0:11cc2b7889af 169 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 170 }
maygup01 0:11cc2b7889af 171
maygup01 0:11cc2b7889af 172 tr_debug("CloudClientStorage::ccs_set_item kcm [%s], type [%d]", key, item_type);
maygup01 0:11cc2b7889af 173
maygup01 0:11cc2b7889af 174 kcm_status_e kcm_status = kcm_item_store((const uint8_t*)key,
maygup01 0:11cc2b7889af 175 strlen(key),
maygup01 0:11cc2b7889af 176 (kcm_item_type_e)item_type,
maygup01 0:11cc2b7889af 177 false,
maygup01 0:11cc2b7889af 178 buffer,
maygup01 0:11cc2b7889af 179 buffer_size,
maygup01 0:11cc2b7889af 180 NULL);
maygup01 0:11cc2b7889af 181
maygup01 0:11cc2b7889af 182 if (kcm_status == KCM_CRYPTO_STATUS_PRIVATE_KEY_VERIFICATION_FAILED) {
maygup01 0:11cc2b7889af 183 tr_error("CloudClientStorage::ccs_set_item kcm validation error");
maygup01 0:11cc2b7889af 184 return CCS_STATUS_VALIDATION_FAIL;
maygup01 0:11cc2b7889af 185 }
maygup01 0:11cc2b7889af 186 else if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 187 tr_debug("CloudClientStorage::ccs_set_item kcm [%s] error %d", key, kcm_status);
maygup01 0:11cc2b7889af 188 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 189 }
maygup01 0:11cc2b7889af 190
maygup01 0:11cc2b7889af 191 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 192 }
maygup01 0:11cc2b7889af 193
maygup01 0:11cc2b7889af 194 void *ccs_create_certificate_chain(const char *chain_file_name, size_t chain_len)
maygup01 0:11cc2b7889af 195 {
maygup01 0:11cc2b7889af 196 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 197 kcm_cert_chain_handle chain_handle;
maygup01 0:11cc2b7889af 198
maygup01 0:11cc2b7889af 199 kcm_status = kcm_cert_chain_create(&chain_handle,
maygup01 0:11cc2b7889af 200 (uint8_t*)chain_file_name,
maygup01 0:11cc2b7889af 201 strlen(chain_file_name),
maygup01 0:11cc2b7889af 202 chain_len,
maygup01 0:11cc2b7889af 203 false);
maygup01 0:11cc2b7889af 204
maygup01 0:11cc2b7889af 205 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 206 tr_error("CloudClientStorage::ccs_create_certificate_chain - error %d", kcm_status);
maygup01 0:11cc2b7889af 207 return NULL;
maygup01 0:11cc2b7889af 208 } else {
maygup01 0:11cc2b7889af 209 return (void*)chain_handle;
maygup01 0:11cc2b7889af 210 }
maygup01 0:11cc2b7889af 211 }
maygup01 0:11cc2b7889af 212
maygup01 0:11cc2b7889af 213 void *ccs_open_certificate_chain(const char *chain_file_name, size_t *chain_size)
maygup01 0:11cc2b7889af 214 {
maygup01 0:11cc2b7889af 215 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 216 kcm_cert_chain_handle handle;
maygup01 0:11cc2b7889af 217
maygup01 0:11cc2b7889af 218 kcm_status = kcm_cert_chain_open(&handle,
maygup01 0:11cc2b7889af 219 (uint8_t*)chain_file_name,
maygup01 0:11cc2b7889af 220 strlen(chain_file_name),
maygup01 0:11cc2b7889af 221 chain_size);
maygup01 0:11cc2b7889af 222
maygup01 0:11cc2b7889af 223 if (kcm_status == KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 224 return (void*)handle;
maygup01 0:11cc2b7889af 225 } else {
maygup01 0:11cc2b7889af 226 tr_error("CloudClientStorage::ccs_open_certificate_chain - error %d", kcm_status);
maygup01 0:11cc2b7889af 227 return NULL;
maygup01 0:11cc2b7889af 228 }
maygup01 0:11cc2b7889af 229 }
maygup01 0:11cc2b7889af 230
maygup01 0:11cc2b7889af 231 ccs_status_e ccs_get_next_cert_chain(void *chain_handle, void *cert_data, size_t *data_size)
maygup01 0:11cc2b7889af 232 {
maygup01 0:11cc2b7889af 233 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 234 size_t max_size = 1024;
maygup01 0:11cc2b7889af 235
maygup01 0:11cc2b7889af 236 kcm_status = kcm_cert_chain_get_next_size((kcm_cert_chain_handle *) chain_handle, data_size);
maygup01 0:11cc2b7889af 237
maygup01 0:11cc2b7889af 238 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 239 tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_size error %d", kcm_status);
maygup01 0:11cc2b7889af 240 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 241 }
maygup01 0:11cc2b7889af 242
maygup01 0:11cc2b7889af 243
maygup01 0:11cc2b7889af 244 kcm_status = kcm_cert_chain_get_next_data((kcm_cert_chain_handle *) chain_handle, (uint8_t*)cert_data, max_size, data_size);
maygup01 0:11cc2b7889af 245
maygup01 0:11cc2b7889af 246 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 247 tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_data error %d", kcm_status);
maygup01 0:11cc2b7889af 248 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 249 } else {
maygup01 0:11cc2b7889af 250 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 251 }
maygup01 0:11cc2b7889af 252 }
maygup01 0:11cc2b7889af 253
maygup01 0:11cc2b7889af 254 ccs_status_e ccs_close_certificate_chain(void *chain_handle)
maygup01 0:11cc2b7889af 255 {
maygup01 0:11cc2b7889af 256 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 257 kcm_cert_chain_handle *handle = (kcm_cert_chain_handle *) chain_handle;
maygup01 0:11cc2b7889af 258 kcm_status = kcm_cert_chain_close(handle);
maygup01 0:11cc2b7889af 259 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 260 tr_error("CloudClientStorage::ccs_close_certificate_chain - error %d", kcm_status);
maygup01 0:11cc2b7889af 261 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 262 } else {
maygup01 0:11cc2b7889af 263 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 264 }
maygup01 0:11cc2b7889af 265 }
maygup01 0:11cc2b7889af 266
maygup01 0:11cc2b7889af 267 ccs_status_e ccs_add_next_cert_chain(void *chain_handle, const uint8_t *cert_data, size_t data_size)
maygup01 0:11cc2b7889af 268 {
maygup01 0:11cc2b7889af 269 kcm_status_e kcm_status;
maygup01 0:11cc2b7889af 270 kcm_status = kcm_cert_chain_add_next((kcm_cert_chain_handle *) chain_handle, cert_data, data_size);
maygup01 0:11cc2b7889af 271
maygup01 0:11cc2b7889af 272 if (kcm_status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 273 tr_error("CloudClientStorage::ccs_add_next_cert_chain - error %d", kcm_status);
maygup01 0:11cc2b7889af 274 return CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 275 } else {
maygup01 0:11cc2b7889af 276 return CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 277 }
maygup01 0:11cc2b7889af 278 }
maygup01 0:11cc2b7889af 279
maygup01 0:11cc2b7889af 280 ccs_status_e ccs_parse_cert_chain_and_store(const uint8_t *cert_chain_name,
maygup01 0:11cc2b7889af 281 const size_t cert_chain_name_len,
maygup01 0:11cc2b7889af 282 const uint8_t *cert_chain_data,
maygup01 0:11cc2b7889af 283 const uint16_t cert_chain_data_len)
maygup01 0:11cc2b7889af 284 {
maygup01 0:11cc2b7889af 285 assert(cert_chain_data);
maygup01 0:11cc2b7889af 286 assert(cert_chain_data_len > 0);
maygup01 0:11cc2b7889af 287
maygup01 0:11cc2b7889af 288 const uint8_t *ptr = cert_chain_data;
maygup01 0:11cc2b7889af 289 uint8_t version = *ptr++;
maygup01 0:11cc2b7889af 290 uint8_t chain_length = *ptr++;
maygup01 0:11cc2b7889af 291 ccs_status_e success = CCS_STATUS_SUCCESS;
maygup01 0:11cc2b7889af 292 kcm_cert_chain_handle chain_handle;
maygup01 0:11cc2b7889af 293 kcm_status_e status;
maygup01 0:11cc2b7889af 294
maygup01 0:11cc2b7889af 295 // Check overflow
maygup01 0:11cc2b7889af 296 if (ptr - cert_chain_data > cert_chain_data_len) {
maygup01 0:11cc2b7889af 297 success = CCS_STATUS_VALIDATION_FAIL;
maygup01 0:11cc2b7889af 298 }
maygup01 0:11cc2b7889af 299
maygup01 0:11cc2b7889af 300 // Check version is correct and there are certs in the chain
maygup01 0:11cc2b7889af 301 if (version != 1 || chain_length == 0) {
maygup01 0:11cc2b7889af 302 success = CCS_STATUS_VALIDATION_FAIL;
maygup01 0:11cc2b7889af 303 }
maygup01 0:11cc2b7889af 304
maygup01 0:11cc2b7889af 305 // Create KCM cert chain
maygup01 0:11cc2b7889af 306 if (success == CCS_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 307 status = kcm_cert_chain_create(&chain_handle,
maygup01 0:11cc2b7889af 308 cert_chain_name,
maygup01 0:11cc2b7889af 309 cert_chain_name_len,
maygup01 0:11cc2b7889af 310 chain_length,
maygup01 0:11cc2b7889af 311 false);
maygup01 0:11cc2b7889af 312 tr_debug("Cert chain create %d", status);
maygup01 0:11cc2b7889af 313 if (status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 314 success = CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 315 }
maygup01 0:11cc2b7889af 316 }
maygup01 0:11cc2b7889af 317
maygup01 0:11cc2b7889af 318 if (success == CCS_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 319 for (uint8_t i = 0; i < chain_length; i++) {
maygup01 0:11cc2b7889af 320 // Parse certificate length (2 bytes)
maygup01 0:11cc2b7889af 321 uint16_t cert_len = common_read_16_bit(ptr);
maygup01 0:11cc2b7889af 322 ptr += 2;
maygup01 0:11cc2b7889af 323 // Check overflow
maygup01 0:11cc2b7889af 324 if (ptr - cert_chain_data > cert_chain_data_len) {
maygup01 0:11cc2b7889af 325 success = CCS_STATUS_VALIDATION_FAIL;
maygup01 0:11cc2b7889af 326 break;
maygup01 0:11cc2b7889af 327 }
maygup01 0:11cc2b7889af 328
maygup01 0:11cc2b7889af 329 // Store certificate
maygup01 0:11cc2b7889af 330 tr_debug("Storing cert\r\n%s", tr_array(ptr, cert_len));
maygup01 0:11cc2b7889af 331 status = kcm_cert_chain_add_next(chain_handle, ptr, cert_len);
maygup01 0:11cc2b7889af 332 if (status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 333 success = CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 334 break;
maygup01 0:11cc2b7889af 335 }
maygup01 0:11cc2b7889af 336
maygup01 0:11cc2b7889af 337 ptr += cert_len;
maygup01 0:11cc2b7889af 338
maygup01 0:11cc2b7889af 339 // Check overflow
maygup01 0:11cc2b7889af 340 if (ptr - cert_chain_data > cert_chain_data_len) {
maygup01 0:11cc2b7889af 341 success = CCS_STATUS_VALIDATION_FAIL;
maygup01 0:11cc2b7889af 342 break;
maygup01 0:11cc2b7889af 343 }
maygup01 0:11cc2b7889af 344 }
maygup01 0:11cc2b7889af 345
maygup01 0:11cc2b7889af 346 status = kcm_cert_chain_close(chain_handle);
maygup01 0:11cc2b7889af 347 if (status != KCM_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 348 success = CCS_STATUS_ERROR;
maygup01 0:11cc2b7889af 349 }
maygup01 0:11cc2b7889af 350 }
maygup01 0:11cc2b7889af 351
maygup01 0:11cc2b7889af 352 if (success != CCS_STATUS_SUCCESS) {
maygup01 0:11cc2b7889af 353 kcm_cert_chain_delete(cert_chain_name, cert_chain_name_len);
maygup01 0:11cc2b7889af 354 }
maygup01 0:11cc2b7889af 355
maygup01 0:11cc2b7889af 356 return success;
maygup01 0:11cc2b7889af 357 }