ARMmbed
diff --git a/‎source/Security/protocols/sec_prot.h
Lines changed: 18 additions & 0 deletions b/‎source/Security/protocols/sec_prot.h
Lines changed: 18 additions & 0 deletions
diff --git a/‎source/Security/protocols/sec_prot_certs.c
Lines changed: 168 additions & 0 deletions b/‎source/Security/protocols/sec_prot_certs.c
Lines changed: 168 additions & 0 deletions
@@ -31,6 +31,7 @@ typedef enum {
     SEC_RESULT_OK = 0,
     SEC_RESULT_ERR_NO_MEM = -1,
     SEC_RESULT_TIMEOUT = -2,
+    SEC_RESULT_ERROR = -3
 } sec_prot_result_e;
 
 typedef enum {
@@ -43,6 +44,11 @@ typedef enum {
     SEC_STATE_FIRST
 } sec_prot_state_e;
 
+typedef enum {
+    SEC_PROT_TYPE_EAP_TLS = 0,
+    SEC_PROT_TYPE_TLS
+} sec_prot_type_e;
+
 /**
  * sec_prot_create_request KMP-CREATE.request to security protocol
  *
@@ -181,6 +187,17 @@ typedef void sec_prot_timer_timeout(sec_prot_t *prot, uint16_t ticks);
  */
 typedef void sec_prot_eui64_addr_get(sec_prot_t *prot, uint8_t *local_eui64, uint8_t *remote_eui64);
 
+/**
+ * sec_prot_by_type_get gets security protocol
+ *
+ * \param prot protocol
+ * \param type security protocol type
+ *
+ * \return security protocol or NULL
+ *
+ */
+typedef sec_prot_t *sec_prot_by_type_get(sec_prot_t *prot, uint8_t type);
+
 // Security protocol data
 struct sec_prot_s {
     sec_prot_create_request       *create_req;           /**< Create request */
@@ -204,6 +221,7 @@ struct sec_prot_s {
     sec_prot_timer_timeout        *timer_timeout;        /**< Timer timeout */
 
     sec_prot_eui64_addr_get       *addr_get;             /**< Gets EUI-64 addresses */
+    sec_prot_by_type_get          *type_get;             /**< Gets security protocol by type */
 
     sec_prot_keys_t               *sec_keys;             /**< Security keys storage pointer */
     uint8_t                       header_size;           /**< Header size */
 
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 2016-2018, Arm Limited and affiliates.
+ * SPDX-License-Identifier: Apache-2.0
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#include "nsconfig.h"
+#include <string.h>
+#include "ns_types.h"
+#include "ns_list.h"
+#include "ns_trace.h"
+#include "nsdynmemLIB.h"
+#include "NWK_INTERFACE/Include/protocol.h"
+#include "Common_Protocols/ipv6_constants.h"
+#include "socket_api.h"
+#include "6LoWPAN/ws/ws_config.h"
+#include "Security/protocols/sec_prot_certs.h"
+#include "Security/protocols/sec_prot_keys.h"
+
+#ifdef HAVE_WS
+
+#define TRACE_GROUP "spce"
+
+int8_t sec_prot_certs_init(sec_prot_certs_t *certs)
+{
+    if (!certs) {
+        return -1;
+    }
+
+    sec_prot_certs_chain_entry_init(&certs->own_cert_chain);
+    ns_list_init(&certs->trusted_cert_chain_list);
+    ns_list_init(&certs->cert_revocat_lists);
+
+    return 0;
+}
+
+cert_chain_entry_t *sec_prot_certs_chain_entry_create(void)
+{
+    cert_chain_entry_t *entry = ns_dyn_mem_alloc(sizeof(cert_chain_entry_t));
+    if (!entry) {
+        return NULL;
+    }
+    sec_prot_certs_chain_entry_init(entry);
+    return entry;
+}
+
+void sec_prot_certs_chain_entry_init(cert_chain_entry_t *entry)
+{
+    memset(entry, 0, sizeof(cert_chain_entry_t));
+}
+
+int8_t sec_prot_certs_cert_set(cert_chain_entry_t *entry, uint8_t index, uint8_t *cert, uint16_t cert_len)
+{
+    if (!entry || index >= SEC_PROT_CERT_CHAIN_DEPTH) {
+        return -1;
+    }
+
+    entry->cert[index] = cert;
+    entry->cert_len[index] = cert_len;
+
+    return 0;
+}
+
+uint8_t *sec_prot_certs_cert_get(const cert_chain_entry_t *entry, uint8_t index, uint16_t *cert_len)
+{
+    if (!entry || index >= SEC_PROT_CERT_CHAIN_DEPTH || !entry->cert[index]) {
+        return NULL;
+    }
+
+    *cert_len = entry->cert_len[index];
+    return entry->cert[index];
+}
+
+int8_t sec_prot_certs_priv_key_set(cert_chain_entry_t *entry, uint8_t *key, uint8_t key_len)
+{
+    if (!entry) {
+        return -1;
+    }
+
+    entry->key = key;
+    entry->key_len = key_len;
+
+    return 0;
+}
+
+uint8_t *sec_prot_certs_priv_key_get(const cert_chain_entry_t *entry, uint8_t *key_len)
+{
+    if (!entry) {
+        return NULL;
+    }
+    *key_len = entry->key_len;
+    return entry->key;
+}
+
+void sec_prot_certs_chain_list_add(cert_chain_list_t *cert_chain_list, cert_chain_entry_t *entry)
+{
+    ns_list_add_to_end(cert_chain_list, entry);
+}
+
+void sec_prot_certs_chain_list_delete(cert_chain_list_t *chain_list)
+{
+    ns_list_foreach_safe(cert_chain_entry_t, entry, chain_list) {
+        ns_list_remove(chain_list, entry);
+        ns_dyn_mem_free(entry);
+    }
+}
+
+cert_revocat_list_entry_t *sec_prot_certs_revocat_list_entry_create(void)
+{
+    cert_revocat_list_entry_t *entry = ns_dyn_mem_alloc(sizeof(cert_revocat_list_entry_t));
+    if (!entry) {
+        return NULL;
+    }
+    sec_prot_certs_revocat_list_entry_init(entry);
+    return entry;
+}
+
+void sec_prot_certs_revocat_list_entry_init(cert_revocat_list_entry_t *entry)
+{
+    memset(entry, 0, sizeof(cert_revocat_list_entry_t));
+}
+
+int8_t sec_prot_certs_revocat_list_set(cert_revocat_list_entry_t *entry, uint8_t *crl, uint16_t crl_len)
+{
+    if (!entry) {
+        return -1;
+    }
+
+    entry->crl = crl;
+    entry->crl_len = crl_len;
+
+    return 0;
+}
+
+uint8_t *sec_prot_certs_revocat_list_get(const cert_revocat_list_entry_t *entry, uint16_t *crl_len)
+{
+    if (!entry) {
+        return NULL;
+    }
+    *crl_len = entry->crl_len;
+    return entry->crl;
+}
+
+void sec_prot_certs_revocat_lists_add(cert_revocat_lists_t *cert_revocat_lists, cert_revocat_list_entry_t *entry)
+{
+    ns_list_add_to_end(cert_revocat_lists, entry);
+}
+
+void sec_prot_certs_revocat_lists_delete(cert_revocat_lists_t *cert_revocat_lists)
+{
+    ns_list_foreach_safe(cert_revocat_list_entry_t, entry, cert_revocat_lists) {
+        ns_list_remove(cert_revocat_lists, entry);
+        ns_dyn_mem_free(entry);
+    }
+}
+
+#endif /* HAVE_WS */