Example
Dependencies: FXAS21002 FXOS8700Q
simple-mbed-cloud-client/mbed-cloud-client/source/CloudClientStorage.c@0:11cc2b7889af, 2019-11-19 (annotated)
- Committer:
- maygup01
- Date:
- Tue Nov 19 09:49:38 2019 +0000
- Revision:
- 0:11cc2b7889af
Example
Who changed what in which revision?
User | Revision | Line number | New contents of line |
---|---|---|---|
maygup01 | 0:11cc2b7889af | 1 | // ---------------------------------------------------------------------------- |
maygup01 | 0:11cc2b7889af | 2 | // Copyright 2016-2017 ARM Ltd. |
maygup01 | 0:11cc2b7889af | 3 | // |
maygup01 | 0:11cc2b7889af | 4 | // SPDX-License-Identifier: Apache-2.0 |
maygup01 | 0:11cc2b7889af | 5 | // |
maygup01 | 0:11cc2b7889af | 6 | // Licensed under the Apache License, Version 2.0 (the "License"); |
maygup01 | 0:11cc2b7889af | 7 | // you may not use this file except in compliance with the License. |
maygup01 | 0:11cc2b7889af | 8 | // You may obtain a copy of the License at |
maygup01 | 0:11cc2b7889af | 9 | // |
maygup01 | 0:11cc2b7889af | 10 | // http://www.apache.org/licenses/LICENSE-2.0 |
maygup01 | 0:11cc2b7889af | 11 | // |
maygup01 | 0:11cc2b7889af | 12 | // Unless required by applicable law or agreed to in writing, software |
maygup01 | 0:11cc2b7889af | 13 | // distributed under the License is distributed on an "AS IS" BASIS, |
maygup01 | 0:11cc2b7889af | 14 | // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
maygup01 | 0:11cc2b7889af | 15 | // See the License for the specific language governing permissions and |
maygup01 | 0:11cc2b7889af | 16 | // limitations under the License. |
maygup01 | 0:11cc2b7889af | 17 | // ---------------------------------------------------------------------------- |
maygup01 | 0:11cc2b7889af | 18 | |
maygup01 | 0:11cc2b7889af | 19 | #include <string.h> |
maygup01 | 0:11cc2b7889af | 20 | #include <assert.h> |
maygup01 | 0:11cc2b7889af | 21 | #include "key_config_manager.h" |
maygup01 | 0:11cc2b7889af | 22 | #include "CloudClientStorage.h" |
maygup01 | 0:11cc2b7889af | 23 | #include "mbed-trace/mbed_trace.h" |
maygup01 | 0:11cc2b7889af | 24 | #include "mbed-client-libservice/common_functions.h" |
maygup01 | 0:11cc2b7889af | 25 | |
maygup01 | 0:11cc2b7889af | 26 | #define TRACE_GROUP "mClt" |
maygup01 | 0:11cc2b7889af | 27 | |
maygup01 | 0:11cc2b7889af | 28 | ccs_status_e uninitialize_storage(void) |
maygup01 | 0:11cc2b7889af | 29 | { |
maygup01 | 0:11cc2b7889af | 30 | tr_debug("CloudClientStorage::uninitialize_storage"); |
maygup01 | 0:11cc2b7889af | 31 | |
maygup01 | 0:11cc2b7889af | 32 | kcm_status_e status = kcm_finalize(); |
maygup01 | 0:11cc2b7889af | 33 | if(status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 34 | tr_error("CloudClientStorage::uninitialize_storage - error %d", status); |
maygup01 | 0:11cc2b7889af | 35 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 36 | } |
maygup01 | 0:11cc2b7889af | 37 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 38 | } |
maygup01 | 0:11cc2b7889af | 39 | |
maygup01 | 0:11cc2b7889af | 40 | ccs_status_e initialize_storage(void) |
maygup01 | 0:11cc2b7889af | 41 | { |
maygup01 | 0:11cc2b7889af | 42 | tr_debug("CloudClientStorage::initialize_storage"); |
maygup01 | 0:11cc2b7889af | 43 | kcm_status_e status = kcm_init(); |
maygup01 | 0:11cc2b7889af | 44 | if(status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 45 | tr_error("CloudClientStorage::::initialize_storage - error %d", status); |
maygup01 | 0:11cc2b7889af | 46 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 47 | } |
maygup01 | 0:11cc2b7889af | 48 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 49 | } |
maygup01 | 0:11cc2b7889af | 50 | |
maygup01 | 0:11cc2b7889af | 51 | ccs_status_e ccs_get_string_item(const char* key, |
maygup01 | 0:11cc2b7889af | 52 | uint8_t *buffer, |
maygup01 | 0:11cc2b7889af | 53 | const size_t buffer_size, |
maygup01 | 0:11cc2b7889af | 54 | ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 55 | { |
maygup01 | 0:11cc2b7889af | 56 | size_t len = 0; |
maygup01 | 0:11cc2b7889af | 57 | ccs_status_e status = ccs_get_item(key, buffer, buffer_size - 1, &len, item_type); |
maygup01 | 0:11cc2b7889af | 58 | |
maygup01 | 0:11cc2b7889af | 59 | if (status == CCS_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 60 | // Null terminate after buffer value |
maygup01 | 0:11cc2b7889af | 61 | buffer[len] = 0; |
maygup01 | 0:11cc2b7889af | 62 | } |
maygup01 | 0:11cc2b7889af | 63 | |
maygup01 | 0:11cc2b7889af | 64 | return status; |
maygup01 | 0:11cc2b7889af | 65 | } |
maygup01 | 0:11cc2b7889af | 66 | |
maygup01 | 0:11cc2b7889af | 67 | ccs_status_e ccs_check_item(const char* key, ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 68 | { |
maygup01 | 0:11cc2b7889af | 69 | if (key == NULL) { |
maygup01 | 0:11cc2b7889af | 70 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 71 | } |
maygup01 | 0:11cc2b7889af | 72 | |
maygup01 | 0:11cc2b7889af | 73 | size_t real_size = 0; |
maygup01 | 0:11cc2b7889af | 74 | kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key, strlen(key), (kcm_item_type_e)item_type, &real_size); |
maygup01 | 0:11cc2b7889af | 75 | if (kcm_status == KCM_STATUS_ITEM_NOT_FOUND) { |
maygup01 | 0:11cc2b7889af | 76 | return CCS_STATUS_KEY_DOESNT_EXIST; |
maygup01 | 0:11cc2b7889af | 77 | } |
maygup01 | 0:11cc2b7889af | 78 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 79 | } |
maygup01 | 0:11cc2b7889af | 80 | |
maygup01 | 0:11cc2b7889af | 81 | ccs_status_e ccs_delete_item(const char* key, ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 82 | { |
maygup01 | 0:11cc2b7889af | 83 | if (key == NULL) { |
maygup01 | 0:11cc2b7889af | 84 | tr_error("CloudClientStorage::ccs_delete_item error, invalid parameters"); |
maygup01 | 0:11cc2b7889af | 85 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 86 | } |
maygup01 | 0:11cc2b7889af | 87 | |
maygup01 | 0:11cc2b7889af | 88 | ccs_status_e status = ccs_check_item(key, item_type); |
maygup01 | 0:11cc2b7889af | 89 | if (status == CCS_STATUS_KEY_DOESNT_EXIST) { |
maygup01 | 0:11cc2b7889af | 90 | // No need to call delete as item does not exist. |
maygup01 | 0:11cc2b7889af | 91 | tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] does not exist. Not deleting anything.", key, item_type); |
maygup01 | 0:11cc2b7889af | 92 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 93 | } else if (status == CCS_STATUS_ERROR) { |
maygup01 | 0:11cc2b7889af | 94 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 95 | } |
maygup01 | 0:11cc2b7889af | 96 | |
maygup01 | 0:11cc2b7889af | 97 | // Delete parameter from storage |
maygup01 | 0:11cc2b7889af | 98 | tr_debug("CloudClientStorage::ccs_delete_item [%s], type [%d] ", key, item_type); |
maygup01 | 0:11cc2b7889af | 99 | kcm_status_e kcm_status = kcm_item_delete((const uint8_t*)key, |
maygup01 | 0:11cc2b7889af | 100 | strlen(key), |
maygup01 | 0:11cc2b7889af | 101 | (kcm_item_type_e)item_type); |
maygup01 | 0:11cc2b7889af | 102 | |
maygup01 | 0:11cc2b7889af | 103 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 104 | tr_debug("CloudClientStorage::ccs_delete_item [%s] kcm error %d", key, kcm_status); |
maygup01 | 0:11cc2b7889af | 105 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 106 | } |
maygup01 | 0:11cc2b7889af | 107 | |
maygup01 | 0:11cc2b7889af | 108 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 109 | } |
maygup01 | 0:11cc2b7889af | 110 | |
maygup01 | 0:11cc2b7889af | 111 | ccs_status_e ccs_item_size(const char* key, size_t* size_out, ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 112 | { |
maygup01 | 0:11cc2b7889af | 113 | if (key == NULL) { |
maygup01 | 0:11cc2b7889af | 114 | tr_error("CloudClientStorage::ccs_item_size error, invalid parameters"); |
maygup01 | 0:11cc2b7889af | 115 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 116 | } |
maygup01 | 0:11cc2b7889af | 117 | |
maygup01 | 0:11cc2b7889af | 118 | tr_debug("CloudClientStorage::ccs_item_size [%s], item [%d]", key, item_type); |
maygup01 | 0:11cc2b7889af | 119 | |
maygup01 | 0:11cc2b7889af | 120 | // Get kcm item size |
maygup01 | 0:11cc2b7889af | 121 | kcm_status_e kcm_status = kcm_item_get_data_size((const uint8_t*)key, |
maygup01 | 0:11cc2b7889af | 122 | strlen(key), |
maygup01 | 0:11cc2b7889af | 123 | (kcm_item_type_e)item_type, |
maygup01 | 0:11cc2b7889af | 124 | size_out); |
maygup01 | 0:11cc2b7889af | 125 | |
maygup01 | 0:11cc2b7889af | 126 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 127 | tr_debug("CloudClientStorage::ccs_item_size [%s] kcm error %d", key, kcm_status); |
maygup01 | 0:11cc2b7889af | 128 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 129 | } |
maygup01 | 0:11cc2b7889af | 130 | |
maygup01 | 0:11cc2b7889af | 131 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 132 | } |
maygup01 | 0:11cc2b7889af | 133 | |
maygup01 | 0:11cc2b7889af | 134 | ccs_status_e ccs_get_item(const char* key, |
maygup01 | 0:11cc2b7889af | 135 | uint8_t *buffer, |
maygup01 | 0:11cc2b7889af | 136 | const size_t buffer_size, |
maygup01 | 0:11cc2b7889af | 137 | size_t *value_length, |
maygup01 | 0:11cc2b7889af | 138 | ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 139 | { |
maygup01 | 0:11cc2b7889af | 140 | if (key == NULL || buffer == NULL || buffer_size == 0) { |
maygup01 | 0:11cc2b7889af | 141 | tr_error("CloudClientStorage::ccs_get_item error, invalid parameters"); |
maygup01 | 0:11cc2b7889af | 142 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 143 | } |
maygup01 | 0:11cc2b7889af | 144 | |
maygup01 | 0:11cc2b7889af | 145 | tr_debug("CloudClientStorage::ccs_get_item [%s], type [%d]", key, item_type); |
maygup01 | 0:11cc2b7889af | 146 | |
maygup01 | 0:11cc2b7889af | 147 | kcm_status_e kcm_status = kcm_item_get_data((const uint8_t*)key, |
maygup01 | 0:11cc2b7889af | 148 | strlen(key), |
maygup01 | 0:11cc2b7889af | 149 | (kcm_item_type_e)item_type, |
maygup01 | 0:11cc2b7889af | 150 | buffer, |
maygup01 | 0:11cc2b7889af | 151 | buffer_size, |
maygup01 | 0:11cc2b7889af | 152 | value_length); |
maygup01 | 0:11cc2b7889af | 153 | |
maygup01 | 0:11cc2b7889af | 154 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 155 | tr_debug("CloudClientStorage::ccs_get_item [%s] kcm error %d", key, kcm_status); |
maygup01 | 0:11cc2b7889af | 156 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 157 | } |
maygup01 | 0:11cc2b7889af | 158 | |
maygup01 | 0:11cc2b7889af | 159 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 160 | } |
maygup01 | 0:11cc2b7889af | 161 | |
maygup01 | 0:11cc2b7889af | 162 | ccs_status_e ccs_set_item(const char* key, |
maygup01 | 0:11cc2b7889af | 163 | const uint8_t *buffer, |
maygup01 | 0:11cc2b7889af | 164 | const size_t buffer_size, |
maygup01 | 0:11cc2b7889af | 165 | ccs_item_type_e item_type) |
maygup01 | 0:11cc2b7889af | 166 | { |
maygup01 | 0:11cc2b7889af | 167 | if (key == NULL || buffer == NULL || buffer_size == 0) { |
maygup01 | 0:11cc2b7889af | 168 | tr_error("CloudClientStorage::ccs_set_item error, invalid parameters"); |
maygup01 | 0:11cc2b7889af | 169 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 170 | } |
maygup01 | 0:11cc2b7889af | 171 | |
maygup01 | 0:11cc2b7889af | 172 | tr_debug("CloudClientStorage::ccs_set_item kcm [%s], type [%d]", key, item_type); |
maygup01 | 0:11cc2b7889af | 173 | |
maygup01 | 0:11cc2b7889af | 174 | kcm_status_e kcm_status = kcm_item_store((const uint8_t*)key, |
maygup01 | 0:11cc2b7889af | 175 | strlen(key), |
maygup01 | 0:11cc2b7889af | 176 | (kcm_item_type_e)item_type, |
maygup01 | 0:11cc2b7889af | 177 | false, |
maygup01 | 0:11cc2b7889af | 178 | buffer, |
maygup01 | 0:11cc2b7889af | 179 | buffer_size, |
maygup01 | 0:11cc2b7889af | 180 | NULL); |
maygup01 | 0:11cc2b7889af | 181 | |
maygup01 | 0:11cc2b7889af | 182 | if (kcm_status == KCM_CRYPTO_STATUS_PRIVATE_KEY_VERIFICATION_FAILED) { |
maygup01 | 0:11cc2b7889af | 183 | tr_error("CloudClientStorage::ccs_set_item kcm validation error"); |
maygup01 | 0:11cc2b7889af | 184 | return CCS_STATUS_VALIDATION_FAIL; |
maygup01 | 0:11cc2b7889af | 185 | } |
maygup01 | 0:11cc2b7889af | 186 | else if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 187 | tr_debug("CloudClientStorage::ccs_set_item kcm [%s] error %d", key, kcm_status); |
maygup01 | 0:11cc2b7889af | 188 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 189 | } |
maygup01 | 0:11cc2b7889af | 190 | |
maygup01 | 0:11cc2b7889af | 191 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 192 | } |
maygup01 | 0:11cc2b7889af | 193 | |
maygup01 | 0:11cc2b7889af | 194 | void *ccs_create_certificate_chain(const char *chain_file_name, size_t chain_len) |
maygup01 | 0:11cc2b7889af | 195 | { |
maygup01 | 0:11cc2b7889af | 196 | kcm_status_e kcm_status; |
maygup01 | 0:11cc2b7889af | 197 | kcm_cert_chain_handle chain_handle; |
maygup01 | 0:11cc2b7889af | 198 | |
maygup01 | 0:11cc2b7889af | 199 | kcm_status = kcm_cert_chain_create(&chain_handle, |
maygup01 | 0:11cc2b7889af | 200 | (uint8_t*)chain_file_name, |
maygup01 | 0:11cc2b7889af | 201 | strlen(chain_file_name), |
maygup01 | 0:11cc2b7889af | 202 | chain_len, |
maygup01 | 0:11cc2b7889af | 203 | false); |
maygup01 | 0:11cc2b7889af | 204 | |
maygup01 | 0:11cc2b7889af | 205 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 206 | tr_error("CloudClientStorage::ccs_create_certificate_chain - error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 207 | return NULL; |
maygup01 | 0:11cc2b7889af | 208 | } else { |
maygup01 | 0:11cc2b7889af | 209 | return (void*)chain_handle; |
maygup01 | 0:11cc2b7889af | 210 | } |
maygup01 | 0:11cc2b7889af | 211 | } |
maygup01 | 0:11cc2b7889af | 212 | |
maygup01 | 0:11cc2b7889af | 213 | void *ccs_open_certificate_chain(const char *chain_file_name, size_t *chain_size) |
maygup01 | 0:11cc2b7889af | 214 | { |
maygup01 | 0:11cc2b7889af | 215 | kcm_status_e kcm_status; |
maygup01 | 0:11cc2b7889af | 216 | kcm_cert_chain_handle handle; |
maygup01 | 0:11cc2b7889af | 217 | |
maygup01 | 0:11cc2b7889af | 218 | kcm_status = kcm_cert_chain_open(&handle, |
maygup01 | 0:11cc2b7889af | 219 | (uint8_t*)chain_file_name, |
maygup01 | 0:11cc2b7889af | 220 | strlen(chain_file_name), |
maygup01 | 0:11cc2b7889af | 221 | chain_size); |
maygup01 | 0:11cc2b7889af | 222 | |
maygup01 | 0:11cc2b7889af | 223 | if (kcm_status == KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 224 | return (void*)handle; |
maygup01 | 0:11cc2b7889af | 225 | } else { |
maygup01 | 0:11cc2b7889af | 226 | tr_error("CloudClientStorage::ccs_open_certificate_chain - error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 227 | return NULL; |
maygup01 | 0:11cc2b7889af | 228 | } |
maygup01 | 0:11cc2b7889af | 229 | } |
maygup01 | 0:11cc2b7889af | 230 | |
maygup01 | 0:11cc2b7889af | 231 | ccs_status_e ccs_get_next_cert_chain(void *chain_handle, void *cert_data, size_t *data_size) |
maygup01 | 0:11cc2b7889af | 232 | { |
maygup01 | 0:11cc2b7889af | 233 | kcm_status_e kcm_status; |
maygup01 | 0:11cc2b7889af | 234 | size_t max_size = 1024; |
maygup01 | 0:11cc2b7889af | 235 | |
maygup01 | 0:11cc2b7889af | 236 | kcm_status = kcm_cert_chain_get_next_size((kcm_cert_chain_handle *) chain_handle, data_size); |
maygup01 | 0:11cc2b7889af | 237 | |
maygup01 | 0:11cc2b7889af | 238 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 239 | tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_size error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 240 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 241 | } |
maygup01 | 0:11cc2b7889af | 242 | |
maygup01 | 0:11cc2b7889af | 243 | |
maygup01 | 0:11cc2b7889af | 244 | kcm_status = kcm_cert_chain_get_next_data((kcm_cert_chain_handle *) chain_handle, (uint8_t*)cert_data, max_size, data_size); |
maygup01 | 0:11cc2b7889af | 245 | |
maygup01 | 0:11cc2b7889af | 246 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 247 | tr_error("CloudClientStorage::ccs_get_next_cert_chain - get_next_data error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 248 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 249 | } else { |
maygup01 | 0:11cc2b7889af | 250 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 251 | } |
maygup01 | 0:11cc2b7889af | 252 | } |
maygup01 | 0:11cc2b7889af | 253 | |
maygup01 | 0:11cc2b7889af | 254 | ccs_status_e ccs_close_certificate_chain(void *chain_handle) |
maygup01 | 0:11cc2b7889af | 255 | { |
maygup01 | 0:11cc2b7889af | 256 | kcm_status_e kcm_status; |
maygup01 | 0:11cc2b7889af | 257 | kcm_cert_chain_handle *handle = (kcm_cert_chain_handle *) chain_handle; |
maygup01 | 0:11cc2b7889af | 258 | kcm_status = kcm_cert_chain_close(handle); |
maygup01 | 0:11cc2b7889af | 259 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 260 | tr_error("CloudClientStorage::ccs_close_certificate_chain - error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 261 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 262 | } else { |
maygup01 | 0:11cc2b7889af | 263 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 264 | } |
maygup01 | 0:11cc2b7889af | 265 | } |
maygup01 | 0:11cc2b7889af | 266 | |
maygup01 | 0:11cc2b7889af | 267 | ccs_status_e ccs_add_next_cert_chain(void *chain_handle, const uint8_t *cert_data, size_t data_size) |
maygup01 | 0:11cc2b7889af | 268 | { |
maygup01 | 0:11cc2b7889af | 269 | kcm_status_e kcm_status; |
maygup01 | 0:11cc2b7889af | 270 | kcm_status = kcm_cert_chain_add_next((kcm_cert_chain_handle *) chain_handle, cert_data, data_size); |
maygup01 | 0:11cc2b7889af | 271 | |
maygup01 | 0:11cc2b7889af | 272 | if (kcm_status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 273 | tr_error("CloudClientStorage::ccs_add_next_cert_chain - error %d", kcm_status); |
maygup01 | 0:11cc2b7889af | 274 | return CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 275 | } else { |
maygup01 | 0:11cc2b7889af | 276 | return CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 277 | } |
maygup01 | 0:11cc2b7889af | 278 | } |
maygup01 | 0:11cc2b7889af | 279 | |
maygup01 | 0:11cc2b7889af | 280 | ccs_status_e ccs_parse_cert_chain_and_store(const uint8_t *cert_chain_name, |
maygup01 | 0:11cc2b7889af | 281 | const size_t cert_chain_name_len, |
maygup01 | 0:11cc2b7889af | 282 | const uint8_t *cert_chain_data, |
maygup01 | 0:11cc2b7889af | 283 | const uint16_t cert_chain_data_len) |
maygup01 | 0:11cc2b7889af | 284 | { |
maygup01 | 0:11cc2b7889af | 285 | assert(cert_chain_data); |
maygup01 | 0:11cc2b7889af | 286 | assert(cert_chain_data_len > 0); |
maygup01 | 0:11cc2b7889af | 287 | |
maygup01 | 0:11cc2b7889af | 288 | const uint8_t *ptr = cert_chain_data; |
maygup01 | 0:11cc2b7889af | 289 | uint8_t version = *ptr++; |
maygup01 | 0:11cc2b7889af | 290 | uint8_t chain_length = *ptr++; |
maygup01 | 0:11cc2b7889af | 291 | ccs_status_e success = CCS_STATUS_SUCCESS; |
maygup01 | 0:11cc2b7889af | 292 | kcm_cert_chain_handle chain_handle; |
maygup01 | 0:11cc2b7889af | 293 | kcm_status_e status; |
maygup01 | 0:11cc2b7889af | 294 | |
maygup01 | 0:11cc2b7889af | 295 | // Check overflow |
maygup01 | 0:11cc2b7889af | 296 | if (ptr - cert_chain_data > cert_chain_data_len) { |
maygup01 | 0:11cc2b7889af | 297 | success = CCS_STATUS_VALIDATION_FAIL; |
maygup01 | 0:11cc2b7889af | 298 | } |
maygup01 | 0:11cc2b7889af | 299 | |
maygup01 | 0:11cc2b7889af | 300 | // Check version is correct and there are certs in the chain |
maygup01 | 0:11cc2b7889af | 301 | if (version != 1 || chain_length == 0) { |
maygup01 | 0:11cc2b7889af | 302 | success = CCS_STATUS_VALIDATION_FAIL; |
maygup01 | 0:11cc2b7889af | 303 | } |
maygup01 | 0:11cc2b7889af | 304 | |
maygup01 | 0:11cc2b7889af | 305 | // Create KCM cert chain |
maygup01 | 0:11cc2b7889af | 306 | if (success == CCS_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 307 | status = kcm_cert_chain_create(&chain_handle, |
maygup01 | 0:11cc2b7889af | 308 | cert_chain_name, |
maygup01 | 0:11cc2b7889af | 309 | cert_chain_name_len, |
maygup01 | 0:11cc2b7889af | 310 | chain_length, |
maygup01 | 0:11cc2b7889af | 311 | false); |
maygup01 | 0:11cc2b7889af | 312 | tr_debug("Cert chain create %d", status); |
maygup01 | 0:11cc2b7889af | 313 | if (status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 314 | success = CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 315 | } |
maygup01 | 0:11cc2b7889af | 316 | } |
maygup01 | 0:11cc2b7889af | 317 | |
maygup01 | 0:11cc2b7889af | 318 | if (success == CCS_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 319 | for (uint8_t i = 0; i < chain_length; i++) { |
maygup01 | 0:11cc2b7889af | 320 | // Parse certificate length (2 bytes) |
maygup01 | 0:11cc2b7889af | 321 | uint16_t cert_len = common_read_16_bit(ptr); |
maygup01 | 0:11cc2b7889af | 322 | ptr += 2; |
maygup01 | 0:11cc2b7889af | 323 | // Check overflow |
maygup01 | 0:11cc2b7889af | 324 | if (ptr - cert_chain_data > cert_chain_data_len) { |
maygup01 | 0:11cc2b7889af | 325 | success = CCS_STATUS_VALIDATION_FAIL; |
maygup01 | 0:11cc2b7889af | 326 | break; |
maygup01 | 0:11cc2b7889af | 327 | } |
maygup01 | 0:11cc2b7889af | 328 | |
maygup01 | 0:11cc2b7889af | 329 | // Store certificate |
maygup01 | 0:11cc2b7889af | 330 | tr_debug("Storing cert\r\n%s", tr_array(ptr, cert_len)); |
maygup01 | 0:11cc2b7889af | 331 | status = kcm_cert_chain_add_next(chain_handle, ptr, cert_len); |
maygup01 | 0:11cc2b7889af | 332 | if (status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 333 | success = CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 334 | break; |
maygup01 | 0:11cc2b7889af | 335 | } |
maygup01 | 0:11cc2b7889af | 336 | |
maygup01 | 0:11cc2b7889af | 337 | ptr += cert_len; |
maygup01 | 0:11cc2b7889af | 338 | |
maygup01 | 0:11cc2b7889af | 339 | // Check overflow |
maygup01 | 0:11cc2b7889af | 340 | if (ptr - cert_chain_data > cert_chain_data_len) { |
maygup01 | 0:11cc2b7889af | 341 | success = CCS_STATUS_VALIDATION_FAIL; |
maygup01 | 0:11cc2b7889af | 342 | break; |
maygup01 | 0:11cc2b7889af | 343 | } |
maygup01 | 0:11cc2b7889af | 344 | } |
maygup01 | 0:11cc2b7889af | 345 | |
maygup01 | 0:11cc2b7889af | 346 | status = kcm_cert_chain_close(chain_handle); |
maygup01 | 0:11cc2b7889af | 347 | if (status != KCM_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 348 | success = CCS_STATUS_ERROR; |
maygup01 | 0:11cc2b7889af | 349 | } |
maygup01 | 0:11cc2b7889af | 350 | } |
maygup01 | 0:11cc2b7889af | 351 | |
maygup01 | 0:11cc2b7889af | 352 | if (success != CCS_STATUS_SUCCESS) { |
maygup01 | 0:11cc2b7889af | 353 | kcm_cert_chain_delete(cert_chain_name, cert_chain_name_len); |
maygup01 | 0:11cc2b7889af | 354 | } |
maygup01 | 0:11cc2b7889af | 355 | |
maygup01 | 0:11cc2b7889af | 356 | return success; |
maygup01 | 0:11cc2b7889af | 357 | } |