Google Git
Sign in
nest-open-source / nest-cam / 4320010 / weave / 98da47118421336e041701c465a19c1cb6ee6577 / . / weave / src / device-manager / cocoa / NLWeaveKeyExportSupport.mm
blob: 5910910ba000a60b81fb2f747712e338bad943cb [file] [log] [blame]
/*
*
* Copyright (c) 2016-2017 Nest Labs, Inc.
* All rights reserved.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/**
* @file
* This file defines a Wrapper for C++ utility functions for testing key export
* functionality (needed for keyStore in mobileiOS tree).
*
*/
#import "NLWeaveKeyExportSupport.h"
#include <Weave/Core/WeaveCore.h>
#include <Weave/Core/WeaveKeyIds.h>
#include <Weave/Support/CodeUtils.h>
#include <Weave/Profiles/security/WeaveKeyExportClient.h>
using namespace nl::Weave::Profiles::Security::KeyExport;
NSString *const NLWeaveKeyExportSupportErrorDomain = @"NLWeaveKeyExportSupprtErrorDomain";
@implementation NLWeaveKeyExportSupport
static UInt32 const kMaxPubKeySize = (((WEAVE_CONFIG_MAX_EC_BITS + 7) / 8) + 1) * 2;
static UInt32 const kMaxECDSASigSize = kMaxPubKeySize;
+ (nullable NSData *) simulateDeviceKeyExport: (NSData *) keyExportReq
deviceCert: (NSData *) deviceCert
devicePrivKey: (NSData *) devicePrivKey
trustRootCert: (NSData *) trustRootCert
isReconfig: (BOOL *) isReconfigOut
error: (NSError **) errOut {
WEAVE_ERROR err = WEAVE_NO_ERROR;
uint16_t exportRespLen = 0;
bool isReconfig = false;
if (keyExportReq == nil || deviceCert == nil || devicePrivKey == nil ||
trustRootCert == nil || isReconfigOut == nil) {
if (errOut) {
*errOut = [NSError errorWithDomain: NLWeaveKeyExportSupportErrorDomain
code: NLWeaveKeyExportSupportErrorDomainInvalidArgument
userInfo: nil];
}
return nil;
}
size_t exportRespBufSize =
7 // Key export response header size // TODO: adjust this
+ kMaxPubKeySize // Ephemeral public key size
+ kMaxECDSASigSize // Size of bare signature field
+ [deviceCert length] // Size equal to at least the total size of the device certificate
+ 1024; // Space for additional signature fields plus encoding overhead
NSMutableData * exportRespBuff = [[NSMutableData alloc] initWithLength:exportRespBufSize];
err = SimulateDeviceKeyExport((unsigned char *) [deviceCert bytes],
[deviceCert length],
(unsigned char *) [devicePrivKey bytes],
[devicePrivKey length],
(unsigned char *) [trustRootCert bytes],
[trustRootCert length],
(unsigned char *) [keyExportReq bytes],
[keyExportReq length],
(unsigned char *) [exportRespBuff mutableBytes],
[exportRespBuff length],
exportRespLen,
isReconfig);
if (err != WEAVE_NO_ERROR) {
if (errOut) {
NSString *failureReason = [NSString stringWithFormat:NSLocalizedString(
@"SimulateDeviceKeyExport error: %d", @""), err];
NSDictionary *userInfo = @{ NSLocalizedFailureReasonErrorKey: failureReason };
*errOut = [NSError errorWithDomain:NLWeaveKeyExportSupportErrorDomain
code:NLWeaveKeyExportSupportErrorDomainSimulateKeyExportFailure userInfo: userInfo];
}
return nil;
}
*isReconfigOut = isReconfig? true: false;
[exportRespBuff setLength: exportRespLen];
return exportRespBuff;
}
@end