Remove mbedtls dependency from daemon

Input validation was done on client side,
mbedtls error code replaced with system error.

Change-Id: Ie1bb4fd09079c37387a70cbcef897496c4644793

diff --git a/dcm-daemon/CMakeLists.txt b/dcm-daemon/CMakeLists.txt
index e29baab7f3d0dbee710d730dc4437e9f24a4e4a4..e1b684ed3a1fdd45acf31a5a0ca56417aa8d1df0 100644 (file)
--- a/dcm-daemon/CMakeLists.txt
+++ b/dcm-daemon/CMakeLists.txt
@@ -66,9 +66,6 @@ target_link_libraries(device-certificate-managerd
        ${Boost_PROGRAM_OPTIONS_LIBRARY}
        ${Boost_SYSTEM_LIBRARY}
        ${CMAKE_THREAD_LIBS_INIT}
-       ${MBEDTLS_LIB}
-       ${MBEDCRYPTO_LIB}
-       ${MBEDX509_LIB}
        device-certificate-manager
        dl)
 

diff --git a/dcm-daemon/dcmsession.cpp b/dcm-daemon/dcmsession.cpp
index b175a85b90773635c9de6990887a600d7b3daaff..4d04ed4751fa8c5049c71ac02910ce0a6b048932 100644 (file)
--- a/dcm-daemon/dcmsession.cpp
+++ b/dcm-daemon/dcmsession.cpp
@@ -23,9 +23,6 @@
 #include "exception_translator.h"
 #include "dcmserver.h"
 
-#include <mbedtls/error.h>
-#include <mbedtls/md.h>
-#include <mbedtls/pk.h>
 #include <iostream>
 #include <cassert>
 #include <map>
@@ -396,7 +393,7 @@ void dcm_session::handle_cert_chain(const RequestCertificateChain& message)
                        !memcmp(sPEMHeader.c_str(), cert_chain.c_str(), sPEMHeader.size()) &&
                        cert_chain[cert_chain.size() - 1] != '\0')
        {
-               // Add missing 0 for mbedtls
+               // Add missing 0
                cert_chain.push_back(0);
        }
 
@@ -416,47 +413,24 @@ void dcm_session::handle_sign_request(const SignRequest& message)
 
        if(message.context_cookie() != fCookie) {
                BOOST_LOG_SEV(dcm_logger::get(), log_severity::error) << "Received unknown context cookie";
-               signingResponse->set_result(MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+               signingResponse->set_result(-EINVAL);
                reply(msg);
                return;
        }
 
        if(!fBackendContext) {
                BOOST_LOG_SEV(dcm_logger::get(), log_severity::error) << "Context not associated with connection";
-               signingResponse->set_result(MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+               signingResponse->set_result(-EINVAL);
                reply(msg);
                return;
        }
 
        if(message.data_to_sign().size() == 0) {
                BOOST_LOG_SEV(dcm_logger::get(), log_severity::error) << "Data to sign is empty and hash type is NONE";
-               signingResponse->set_result(MBEDTLS_ERR_PK_BAD_INPUT_DATA);
+               signingResponse->set_result(-EINVAL);
                return;
        }
 
-       mbedtls_md_type_t mdType = static_cast<mbedtls_md_type_t>(message.digest_type());
-
-       if(mdType != MBEDTLS_MD_NONE) {
-               const mbedtls_md_info_t * md_info = mbedtls_md_info_from_type(mdType);
-
-               if(!md_info) {
-                       BOOST_LOG_SEV(dcm_logger::get(), log_severity::error) << "Can't find MD algorithm specified by caller";
-                       signingResponse->set_result(MBEDTLS_ERR_PK_BAD_INPUT_DATA);
-                       reply(msg);
-                       return;
-               }
-
-               if(message.data_to_sign().size() != mbedtls_md_get_size(md_info)) {
-                       BOOST_LOG_SEV(dcm_logger::get(), log_severity::error) <<
-                                       "Input hash length mismatch. It is " <<
-                                       message.data_to_sign().size() << " but should be " <<
-                                       mbedtls_md_get_size(md_info);
-                       signingResponse->set_result(MBEDTLS_ERR_PK_BAD_INPUT_DATA);
-                       reply(msg);
-                       return;
-               }
-       }
-
        int error = 0;
        bool loaded = fSoResolver->ensure_loaded();
        if (loaded) {