weave/src/test-apps/CASEOptions.h

/*
 *
 *    Copyright (c) 2013-2017 Nest Labs, Inc.
 *    All rights reserved.
 *
 *    Licensed under the Apache License, Version 2.0 (the "License");
 *    you may not use this file except in compliance with the License.
 *    You may obtain a copy of the License at
 *
 *        http://www.apache.org/licenses/LICENSE-2.0
 *
 *    Unless required by applicable law or agreed to in writing, software
 *    distributed under the License is distributed on an "AS IS" BASIS,
 *    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *    See the License for the specific language governing permissions and
 *    limitations under the License.
 */

/**
 *    @file
 *      Implementation of CASEOptions class, which handles CASE-specific command line options
 *      and provides an implementation of the WeaveCASEAuthDelegate interface for use in
 *      test applications.
 *
 */

#ifndef CASEOPTIONS_H_
#define CASEOPTIONS_H_

#include <Weave/Core/WeaveCore.h>
#include <Weave/Profiles/security/WeaveSecurity.h>
#include <Weave/Profiles/security/WeavePASE.h>

#include "ToolCommonOptions.h"

using namespace nl::Weave::Profiles::Security;
using namespace nl::Weave::Profiles::Security::CASE;

class CASEOptions : public WeaveCASEAuthDelegate, public OptionSetBase
{
public:
    uint32_t InitiatorCASEConfig;

    uint8_t AllowedCASEConfigs;

    const uint8_t *NodeCert;
    uint16_t NodeCertLength;

    const uint8_t *NodePrivateKey;
    uint16_t NodePrivateKeyLength;

    const uint8_t *NodeIntermediateCert;
    uint16_t NodeIntermediateCertLength;

    const uint8_t *ServiceConfig;
    uint16_t ServiceConfigLength;

    const uint8_t *NodePayload;
    uint16_t NodePayloadLength;

    bool Debug;

#if WEAVE_CONFIG_SECURITY_TEST_MODE
    bool UseKnownECDHKey;
#endif

    CASEOptions();

    // Get the CASE Certificate Information structure for the local node.
    virtual WEAVE_ERROR GetNodeCertInfo(bool isInitiator, uint8_t *buf, uint16_t bufSize, uint16_t& certInfoLen);

    // Get the local node's private key.
    virtual WEAVE_ERROR GetNodePrivateKey(bool isInitiator, const uint8_t *& weavePrivKey, uint16_t& weavePrivKeyLen);

    // Called when the CASE engine is done with the buffer returned by GetNodePrivateKey().
    virtual WEAVE_ERROR ReleaseNodePrivateKey(const uint8_t *weavePrivKey);

    // Get payload information, if any, to be included in the message to the peer.
    virtual WEAVE_ERROR GetNodePayload(bool isInitiator, uint8_t *buf, uint16_t bufSize, uint16_t& payloadLen);

    // Prepare the supplied certificate set and validation context for use in validating the certificate of a peer.
    // This method is responsible for loading the trust anchors into the certificate set.
    virtual WEAVE_ERROR BeginCertValidation(bool isInitiator, WeaveCertificateSet& certSet, ValidationContext& validContext);

    // Called with the results of validating the peer's certificate.
    virtual WEAVE_ERROR HandleCertValidationResult(bool isInitiator, WEAVE_ERROR& validRes, WeaveCertificateData *peerCert,
            uint64_t peerNodeId, WeaveCertificateSet& certSet, ValidationContext& validContext);

    // Called when peer certificate validation is complete.
    virtual WEAVE_ERROR EndCertValidation(WeaveCertificateSet& certSet, ValidationContext& validContext);

    virtual bool HandleOption(const char *progName, OptionSet *optSet, int id, const char *name, const char *arg);

    static bool ReadCertFile(const char *fileName, uint8_t *& certBuf, uint16_t& certLen);
    static bool ReadPrivateKeyFile(const char *fileName, uint8_t *& keyBuf, uint16_t& keyLen);
};

extern CASEOptions gCASEOptions;

#endif /* CASEOPTIONS_H_ */