Mayank Gupta
/
pelion-example-frdm
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: FXAS21002 FXOS8700Q
Embed:
(wiki syntax)
Show/hide line numbers
storage.h
00001 // ---------------------------------------------------------------------------- 00002 // Copyright 2016-2017 ARM Ltd. 00003 // 00004 // Licensed under the Apache License, Version 2.0 (the "License"); 00005 // you may not use this file except in compliance with the License. 00006 // You may obtain a copy of the License at 00007 // 00008 // http://www.apache.org/licenses/LICENSE-2.0 00009 // 00010 // Unless required by applicable law or agreed to in writing, software 00011 // distributed under the License is distributed on an "AS IS" BASIS, 00012 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 // See the License for the specific language governing permissions and 00014 // limitations under the License. 00015 // ---------------------------------------------------------------------------- 00016 #ifndef __STORAGE_H__ 00017 #define __STORAGE_H__ 00018 00019 #include <inttypes.h> 00020 #include "key_config_manager.h" 00021 #include "kcm_defs.h" 00022 #include "cs_hash.h" 00023 #include "cs_der_keys_and_csrs.h" 00024 #include "storage_esfs.h" 00025 #include "pal.h" 00026 00027 #ifdef __cplusplus 00028 extern "C" { 00029 #endif 00030 00031 #ifdef MBED_CONF_MBED_CLOUD_CLIENT_EXTERNAL_SST_SUPPORT 00032 #define STORAGE_FACTORY_RESET_IN_PROGRESS_ITEM "FR_ON" 00033 //The complete name of kcm items will be build from pelion prefix and working or backup(for factory) acronyms : "pelion_w" or "pelion_b" for factory kcm items. 00034 //Pelion prefix 00035 #define STORAGE_PELION_PREFIX "pelion_" 00036 //Defines of working and backup acronyms 00037 #define STORAGE_WORKING_ACRONYM "w" 00038 #define STORAGE_BACKUP_ACRONYM "b" 00039 #define STORAGE_WORKING STORAGE_PELION_PREFIX STORAGE_WORKING_ACRONYM// "pelion_w" 00040 #define STORAGE_BACKUP STORAGE_PELION_PREFIX STORAGE_BACKUP_ACRONYM // "pelion_b" 00041 typedef struct kcm_chain_cert_name_info_ { 00042 uint32_t certificate_index; 00043 bool is_last_certificate; 00044 } kcm_chain_cert_name_info_s; 00045 #endif 00046 00047 /* === Definitions and Prototypes === */ 00048 00049 /* === FCC data Defines === */ 00050 #define FCC_ENTROPY_SIZE 48 00051 #define FCC_ROT_SIZE 16 00052 #define FCC_CA_IDENTIFICATION_SIZE 33 00053 #define FCC_TIME_SIZE sizeof(uint64_t) 00054 // Size of factory disabled flag in SOTP - internal use only. 00055 #define FCC_FACTORY_DISABLE_FLAG_SIZE sizeof(int64_t) 00056 00057 /** 00058 * KCM file prefixes defines 00059 */ 00060 #define KCM_FILE_PREFIX_PRIVATE_KEY "PrvKey_" 00061 #define KCM_FILE_PREFIX_PUBLIC_KEY "PubKey_" 00062 #define KCM_FILE_PREFIX_SYMMETRIC_KEY "SymKey_" 00063 #define KCM_FILE_PREFIX_CONFIG_PARAM "CfgParam_" 00064 00065 /** 00066 * KCM file prefixes defines for backup items 00067 */ 00068 #define KCM_RENEWAL_FILE_PREFIX_PRIVATE_KEY "bPvKey_" 00069 #define KCM_RENEWAL_FILE_PREFIX_PUBLIC_KEY "bPbKey_" 00070 #define KCM_RENEWAL_FILE_PREFIX_SYMMETRIC_KEY "bSmKey_" 00071 #define KCM_RENEWAL_FILE_PREFIX_CONFIG_PARAM "mCfgParm_" 00072 00073 #ifndef MBED_CONF_MBED_CLOUD_CLIENT_EXTERNAL_SST_SUPPORT 00074 #define KCM_FILE_PREFIX_CERTIFICATE "Cert_" 00075 #define KCM_FILE_PREFIX_CERT_CHAIN_0 KCM_FILE_PREFIX_CERTIFICATE 00076 #define KCM_FILE_PREFIX_CERT_CHAIN_X "Crt1_" // must be same length as KCM_FILE_PREFIX_CERT_CHAIN_0 00077 #define KCM_FILE_PREFIX_CERT_CHAIN_X_OFFSET 3 00078 #define KCM_RENEWAL_FILE_PREFIX_CERTIFICATE "bCrt_" 00079 #define KCM_RENEWAL_FILE_PREFIX_CERT_CHAIN_0 KCM_RENEWAL_FILE_PREFIX_CERTIFICATE 00080 #define KCM_RENEWAL_FILE_PREFIX_CERT_CHAIN_X "bCt1_" // must be same length as KCM_RENEWAL_FILE_PREFIX_CERT_CHAIN_0 00081 #define KCM_RENEWAL_FILE_PREFIX_CERT_CHAIN_X_OFFSET 3 00082 #else 00083 00084 /** 00085 * KCM file prefixes defines 00086 */ 00087 #define KCM_FILE_PREFIX_CERTIFICATE "Crtae_" 00088 #define KCM_FILE_PREFIX_FIRST_CHAIN_CERTIFICATE "Crta__" 00089 /** 00090 * KCM file prefixes defines for backup items 00091 */ 00092 #define KCM_RENEWAL_FILE_PREFIX_CERTIFICATE "bCtae_" 00093 #define KCM_RENEWAL_FILE_PREFIX_CONFIG_PARAM "mCfgParm_" 00094 #define KCM_RENEWAL_FILE_PREFIX_FIRST_CHAIN_CERTIFICATE "bCta__" 00095 #endif 00096 00097 00098 /** 00099 * KCM internal item types 00100 */ 00101 typedef enum { 00102 KCM_ORIGINAL_ITEM, //!< KCM original data type 00103 KCM_BACKUP_ITEM, //!< KCM backup data type - added prefix "b" 00104 KCM_SOURCE_TYPE_LAST_ITEM //!< KCM not defined item type. 00105 } kcm_data_source_type_e; 00106 00107 00108 typedef enum { 00109 KCM_CHAIN_OP_TYPE_CREATE = 1, 00110 KCM_CHAIN_OP_TYPE_OPEN, 00111 KCM_CHAIN_OP_TYPE_MAX 00112 } kcm_chain_operation_type_e; 00113 00114 00115 /* 00116 * Structure containing all necessary data of a child X509 Certificate to be validated with its signers public key 00117 */ 00118 typedef struct kcm_cert_chain_prev_params_int_ { 00119 uint8_t signature[KCM_ECDSA_SECP256R1_MAX_SIGNATURE_SIZE_IN_BYTES]; //!< The signature of certificate. 00120 size_t signature_actual_size; //!< The size of signature. 00121 uint8_t htbs[CS_SHA256_SIZE]; //!< The hash of certificate's tbs. 00122 size_t htbs_actual_size; //!< The size of hash digest. 00123 } kcm_cert_chain_prev_params_int_s; 00124 00125 00126 /** The chain context used internally only and should not be changed by user. 00127 */ 00128 00129 typedef struct kcm_cert_chain_context_int_ { 00130 uint8_t *chain_name; //!< The name of certificate chain. 00131 size_t chain_name_len; //!< The size of certificate chain name. 00132 size_t num_of_certificates_in_chain; //!< The number of certificate in the chain. 00133 #ifndef MBED_CONF_MBED_CLOUD_CLIENT_EXTERNAL_SST_SUPPORT 00134 kcm_ctx_s current_kcm_ctx; //!< Current KCM operation context. 00135 #endif 00136 00137 00138 uint32_t current_cert_index; //!< Current certificate iterator. 00139 kcm_chain_operation_type_e operation_type;//!< Type of Current operation. 00140 bool chain_is_factory; //!< Is chain is a factory item, otherwise false. 00141 kcm_cert_chain_prev_params_int_s prev_cert_params; //!< Saved params of previous parsed certificate. used only in create operation 00142 bool is_meta_data; //!< Is this a single certificate or chain with one certificate. 00143 #ifdef MBED_CONF_MBED_CLOUD_CLIENT_EXTERNAL_SST_SUPPORT 00144 size_t certificates_info[KCM_MAX_NUMBER_OF_CERTITICATES_IN_CHAIN]; 00145 #endif 00146 } kcm_cert_chain_context_int_s; 00147 00148 00149 //TODO: when kvstore chain implemented remove this to esfs defines 00150 // Make sure that pointer_to_complete_name points to a type of size 1 (char or uint8_t) so that arithmetic works correctly 00151 #define KCM_FILE_BASENAME(pointer_to_complete_name, prefix_define) (pointer_to_complete_name + sizeof(prefix_define) - 1) 00152 // Complete name is the prefix+name (without '/0') 00153 #define KCM_FILE_BASENAME_LEN(complete_name_size, prefix_define) (complete_name_size - (sizeof(prefix_define) - 1)) 00154 00155 00156 00157 //Protected data names 00158 #define MAX_SOTP_BUFFER_SIZE FCC_ENTROPY_SIZE 00159 #define STORAGE_RBP_FACTORY_DONE_NAME "factory_done" 00160 #define STORAGE_RBP_RANDOM_SEED_NAME "entropy" 00161 #define STORAGE_RBP_SAVED_TIME_NAME "saved_time" 00162 #define STORAGE_RBP_LAST_TIME_BACK_NAME "last_time_back" 00163 #define STORAGE_RBP_ROT_NAME "rot" 00164 #define STORAGE_RBP_TRUSTED_TIME_SRV_ID_NAME "time_srv_id" 00165 #define STORAGE_RBP_EXECUTION_MODE_NAME "execution_mode" 00166 #define STORAGE_RBP_OEM_TRANSFER_MODE_ENABLED_NAME "oem_transfer_mode" 00167 #define STORAGE_RBP_MIN_FW_VERSION_NAME "min_fw_version" 00168 00169 00170 /* === Roll back protected data Operations === */ 00171 /** Reads a rollback protected data from the storage 00172 * 00173 * @param[in] item_name A string name of the rollback protected item 00174 * @param[in/out] buffer A pointer to memory buffer where the data will be read. 00175 * @param[in] buffer_size The data buffer size in bytes. 00176 * @param[out] buffer_actual_size_out The effective bytes size read. 00177 * @returns 00178 * PAL_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00179 */ 00180 palStatus_t storage_rbp_read( 00181 const char *item_name, 00182 uint8_t *buffer, 00183 size_t buffer_size, 00184 size_t *buffer_actual_size_out); 00185 00186 /** Writes a rollback protected data to the storage 00187 * 00188 * @param[in] item_name A string name of the rollback protected item 00189 * @param[in] data Buffer containing data (must be aligned to a 32 bit boundary). 00190 * @param[in] data_length The data length in bytes. Can be 0 if we wish to write an empty file. 00191 * @param[in] is_write_once Write once flag. 00192 * @returns 00193 * PAL_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00194 */ 00195 palStatus_t storage_rbp_write( 00196 const char *item_name, 00197 const uint8_t *data, 00198 size_t data_size, 00199 bool is_write_once); 00200 00201 00202 #ifdef RBP_TESTING 00203 /** Removes a rollback protected data from the storage. 00204 * For testing purposes only. 00205 * For "write once" items the behavior is different: In SOTP implementation - deletion allowed 00206 * In SST implementation - PAL_ERR_ITEM_EXIST error returned 00207 * 00208 * 00209 * @param[in] item_name A string name of the rollback protected item 00210 * @returns 00211 * PAL_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00212 */ 00213 palStatus_t storage_rbp_delete(const char *item_name); 00214 #endif 00215 00216 /** FCC initiated operation, writes a rollback protected data. 00217 * 00218 * @param[in] item_name A string name of the rollback protected item 00219 * @param[in] data A pointer to memory with the data to write into the storage. Can be NULL if data_length is 0. 00220 * @param[in] data_size The data length in bytes. Can be 0 if we wish to write an empty file. 00221 * @param[in] is_write_once Write once flag. 00222 * @returns 00223 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00224 */ 00225 kcm_status_e storage_fcc_rbp_write( 00226 const char *item_name, 00227 const uint8_t *data, 00228 size_t data_size, 00229 bool is_write_once); 00230 /** FCC initiated operation, writes a rollback protected data. 00231 * 00232 * @param[in] item_name A string name of the rollback protected item 00233 * @param[in] data A pointer to memory with the data to write into the storage. Can be NULL if data_length is 0. 00234 * @param[in] data_size The data length in bytes. Can be 0 if we wish to write an empty file. 00235 * @param[in] is_write_once Write once flag. 00236 * @returns 00237 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00238 */ 00239 kcm_status_e storage_fcc_rbp_read( 00240 const char *item_name, 00241 uint8_t *data, 00242 size_t data_size, 00243 size_t *data_actual_lenght_out); 00244 /* === Initialization and Finalization === */ 00245 00246 /** Initializes storage so that it can be used. 00247 * Must be called once after boot. 00248 * Existing data in storage would not compromised. 00249 * 00250 * @returns 00251 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00252 */ 00253 kcm_status_e storage_init(void); 00254 00255 /** Finalize storage. 00256 * Must be called once to close all storage resources. 00257 * 00258 * @returns 00259 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00260 */ 00261 kcm_status_e storage_finalize(void); 00262 00263 /** Resets storage to an empty state. 00264 * 00265 * @returns 00266 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00267 */ 00268 kcm_status_e storage_reset(void); 00269 00270 00271 /** Resets storage to a factory state. 00272 * 00273 * @returns 00274 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00275 */ 00276 kcm_status_e storage_factory_reset(void); 00277 00278 /** 00279 * The function returns prefix, according to kcm type and data source type 00280 * @param[in] kcm_item_type type of KCM item. 00281 * @param[in] item_source_type type of source type (original or backup) 00282 * @param[out] prefix returned prefix 00283 * @returns 00284 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00285 */ 00286 kcm_status_e storage_item_name_get_prefix(kcm_item_type_e kcm_item_type, kcm_data_source_type_e item_source_type, const char** prefix); 00287 00288 /* === Data Operations === */ 00289 /** Writes a new item to storage 00290 * 00291 * @param[in] kcm_item_name KCM item name. 00292 * @param[in] kcm_item_name_len KCM item name length. 00293 * @param[in] kcm_item_type KCM item type as defined in `::kcm_item_type_e` 00294 * @param[in] kcm_item_is_factory True if the KCM item is a factory item, otherwise false. 00295 * @param[in] data_source_type KCM item data source (original or backup). 00296 * @param[in] kcm_item_data KCM item data buffer. Can be NULL if `kcm_item_data_size` is 0. 00297 * @param[in] kcm_item_data_size KCM item data buffer size in bytes. Can be 0 if you wish to 00298 * store an empty file. 00299 * 00300 * @returns 00301 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise.*/ 00302 kcm_status_e storage_data_write(const uint8_t * kcm_item_name, 00303 size_t kcm_item_name_len, 00304 kcm_item_type_e kcm_item_type, 00305 bool kcm_item_is_factory, 00306 kcm_data_source_type_e data_source_type, 00307 const uint8_t * kcm_item_data, 00308 size_t kcm_item_data_size); 00309 00310 kcm_status_e storage_data_write_impl(const uint8_t * kcm_item_name, 00311 size_t kcm_item_name_len, 00312 kcm_item_type_e kcm_item_type, 00313 bool kcm_item_is_factory, 00314 bool kcm_item_is_encrypted, 00315 kcm_data_source_type_e data_source_type, 00316 const uint8_t * kcm_item_data, 00317 size_t kcm_item_data_size); 00318 00319 00320 /** Reads data size from the storage. 00321 * 00322 * @param[in] kcm_item_name KCM item name. 00323 * @param[in] kcm_item_name_len KCM item name length. 00324 * @param[in] kcm_item_type KCM item type as defined in `::kcm_item_type_e` 00325 * @param[in] data_source_type KCM data source type as defined in `::kcm_data_source_type_e` 00326 * @param[out] kcm_item_data_size_out KCM item data size in bytes. 00327 * 00328 * @returns 00329 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise.*/ 00330 kcm_status_e storage_data_size_read( 00331 const uint8_t * kcm_item_name, 00332 size_t kcm_item_name_len, 00333 kcm_item_type_e kcm_item_type, 00334 kcm_data_source_type_e data_source_type, 00335 size_t * kcm_item_data_size_out); 00336 00337 /** Reads data item from the storage. 00338 * 00339 * @param[in] kcm_item_name KCM item name. 00340 * @param[in] kcm_item_name_len KCM item name length. 00341 * @param[in] kcm_item_type KCM item type as defined in `::kcm_item_type_e` 00342 * @param[in] data_source_type KCM data source type as defined in `::kcm_data_source_type_e` 00343 * @param[in/out] kcm_item_data_out KCM item data output buffer. Can be NULL if `kcm_item_data_size` is 0. 00344 * @param[in] kcm_item_data_max_size The maximum size of the KCM item data output buffer in bytes. 00345 * @param[out] kcm_item_data_act_size_out Actual KCM item data output buffer size in bytes. 00346 * 00347 * @returns 00348 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00349 */ 00350 kcm_status_e storage_data_read( 00351 const uint8_t * kcm_item_name, 00352 size_t kcm_item_name_len, 00353 kcm_item_type_e kcm_item_type, 00354 kcm_data_source_type_e data_source_type, 00355 uint8_t *kcm_item_data_out, 00356 size_t kcm_item_data_max_size, 00357 size_t *kcm_item_data_act_size_out); 00358 00359 /** Deletes data item from the storage. 00360 * 00361 * 00362 * @param[in] kcm_item_name KCM item name. 00363 * @param[in] kcm_item_name_len KCM item name length. 00364 * @param[in] kcm_item_type KCM item type as defined in `::kcm_item_type_e` 00365 * @param[in] data_source_type KCM data source type as defined in `::kcm_data_source_type_e` 00366 * 00367 * @returns 00368 * KCM_STATUS_SUCCESS in case of success otherwise one of kcm_status_e errors 00369 */ 00370 kcm_status_e storage_data_delete( 00371 const uint8_t * kcm_item_name, 00372 size_t kcm_item_name_len, 00373 kcm_item_type_e kcm_item_type, 00374 kcm_data_source_type_e data_source_type); 00375 00376 /* === Certificates chain APIs === */ 00377 00378 /** The API initializes chain context for write chain operation, 00379 * This API should be called prior to ::kcm_cert_chain_add_next API. 00380 * 00381 * @param[out] kcm_chain_handle pointer to certificate chain handle. 00382 * @param[in] kcm_chain_name pointer to certificate chain name. 00383 * @param[in] kcm_chain_name_len length of certificate name buffer. 00384 * @param[in] kcm_chain_len number of certificates in the chain. 00385 * @param[in] kcm_chain_is_factory True if the KCM chain is a factory item, otherwise false. 00386 * @param[in] data_source_type The name of the certificate created according to data source type `::kcm_data_source_type_e`. 00387 * 00388 * @returns 00389 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00390 */ 00391 kcm_status_e storage_cert_chain_create( 00392 kcm_cert_chain_handle *kcm_chain_handle, 00393 const uint8_t *kcm_chain_name, 00394 size_t kcm_chain_name_len, 00395 size_t kcm_chain_len, 00396 bool kcm_chain_is_factory, 00397 kcm_data_source_type_e data_source_type); 00398 00399 /** The API initializes chain context for read chain operation. 00400 * This API should be called prior to ::kcm_cert_chain_get_next_size and ::kcm_cert_chain_get_next_data APIs 00401 * 00402 * @param[out] kcm_chain_handle pointer to certificate chain handle. 00403 * @param[in] kcm_chain_name pointer to certificate chain name. 00404 * @param[in] kcm_chain_name_len size of certificate name buffer. 00405 * @param[in] data_source_type The name of the certificate created according to data source type `::kcm_data_source_type_e`. 00406 * @param[out] kcm_chain_len length of certificate chain. 00407 * 00408 * @returns 00409 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00410 */ 00411 kcm_status_e storage_cert_chain_open(kcm_cert_chain_handle * kcm_chain_handle, 00412 const uint8_t *kcm_chain_name, 00413 size_t kcm_chain_name_len, 00414 kcm_data_source_type_e data_source_type, 00415 size_t *kcm_chain_len_out); 00416 00417 /** The API deletes all certificates of the chain from the storage, the certificate chain name created according to data source type(original or backup). 00418 * 00419 * @param[in] kcm_chain_name pointer to certificate chain name. 00420 * @param[in] kcm_chain_name_len length of certificate chain name. 00421 * @param[in] data_source_type certificate source type as defined in `::kcm_data_source_type_e`. 00422 * 00423 * @returns 00424 * KCM_STATUS_SUCCESS in case of success or one of the `::kcm_status_e` errors otherwise. 00425 */ 00426 kcm_status_e storage_cert_chain_delete(const uint8_t *kcm_chain_name, 00427 size_t kcm_chain_name_len, 00428 kcm_data_source_type_e data_source_type); 00429 00430 /** This API adds next certificate of chain to the storage, the certificate added with prefix according to data source type(original/backup). 00431 * 00432 * @param[in] kcm_chain_handle certificate chain handle. 00433 * @param[in] kcm_cert_data pointer to certificate data in DER format. 00434 * @param[in] kcm_cert_data_size size of certificate data buffer. 00435 * @param[in] data_source_type certificate source type as defined in `::kcm_data_source_type_e`. 00436 * 00437 * @returns 00438 * KCM_STATUS_SUCCESS in case of success. 00439 * KCM_STATUS_CERTIFICATE_CHAIN_VERIFICATION_FAILED in case that one of the certificate in the chain failed to verify its predecessor 00440 * In other casese - one of the `::kcm_status_e` errors. 00441 * 00442 */ 00443 kcm_status_e storage_chain_add_next(kcm_cert_chain_handle kcm_chain_handle, 00444 const uint8_t *kcm_cert_data, 00445 size_t kcm_cert_data_size, 00446 kcm_data_source_type_e data_source_type); 00447 00448 /** The API returns size of the next certificate in the chain, the certificate chain name created according to data source type(original or backup). 00449 * This API should be called prior to ::kcm_cert_chain_get_next_data. 00450 * This operation does not increase chain's context iterator. 00451 * 00452 * @param[in] kcm_chain_handle certificate chain handle. 00453 * @param[in] data_source_type certificate source type as defined in `::kcm_data_source_type_e. 00454 * @param[out] kcm_cert_data_size pointer size of next certificate. 00455 * 00456 * @returns 00457 * KCM_STATUS_SUCCESS in case of success. 00458 * KCM_STATUS_INVALID_NUM_OF_CERT_IN_CHAIN in case we reached the end of the chain 00459 * Otherwise one of the `::kcm_status_e` errors. 00460 */ 00461 kcm_status_e storage_cert_chain_get_next_size( 00462 kcm_cert_chain_handle *kcm_chain_handle, 00463 kcm_data_source_type_e data_source_type, 00464 size_t *kcm_out_cert_data_size); 00465 /** The API returns data of the next certificate in the chain, the certificate chain name created according to data source type(original or backup). 00466 * To get exact size of a next certificate use ::kcm_cert_chain_get_next_size. 00467 * In the end of get data operation, chain context points to the next certificate of current chain. 00468 * 00469 * @param[in] kcm_chain_handle certificate chain handle. 00470 * @param[in/out] kcm_cert_data pointer to certificate data in DER format. 00471 * @param[in] kcm_max_cert_data_size max size of certificate data buffer. 00472 * @param[in] data_source_type certificate source type as defined in `::kcm_data_source_type_e. 00473 * @param[out] kcm_actual_cert_data_size actual size of certificate data. 00474 * 00475 * @returns 00476 * KCM_STATUS_SUCCESS in case of success. 00477 * KCM_STATUS_INVALID_NUM_OF_CERT_IN_CHAIN in case we reached the end of the chain 00478 * Otherwise one of the `::kcm_status_e` errors. 00479 */ 00480 kcm_status_e storage_cert_chain_get_next_data( 00481 kcm_cert_chain_handle *kcm_chain_handle, 00482 uint8_t *kcm_cert_data, 00483 size_t kcm_max_cert_data_size, 00484 kcm_data_source_type_e data_source_type, 00485 size_t *kcm_actual_cert_data_size); 00486 00487 /** The API releases the context and frees allocated resources, the certificate chain name created according to data source type(original or backup). 00488 * When operation type is creation--> if total number of added/stored certificates is not equal to number 00489 * of certificates in the chain, the API will return an error. 00490 * 00491 * @param[in] kcm_chain_handle certificate chain handle. 00492 * @param[in] data_source_type certificate chain source type as defined in `::kcm_data_source_type_e. 00493 * 00494 * @returns 00495 * KCM_STATUS_SUCCESS in case of success. 00496 * KCM_STATUS_CLOSE_INCOMPLETE_CHAIN in case of not all certificates were saved. In this case the chain will be deleted. 00497 * Otherwise one of the `::kcm_status_e` errors. 00498 */ 00499 kcm_status_e storage_cert_chain_close( 00500 kcm_cert_chain_handle kcm_chain_handle, 00501 kcm_data_source_type_e data_source_type); 00502 00503 00504 #ifdef __cplusplus 00505 } 00506 #endif 00507 00508 #endif //__STORAGE_H__
Generated on Tue Jul 12 2022 20:21:03 by
1.7.2