*/
#define MAX_CONNECTION_COUNTS 500
+#define COAP_TCP_MAX_BUFFER_CHUNK_SIZE 65530 //64kb - 6 (coap+tcp max header size)
+
/**
* Thread pool.
*/
svritem->tlsLen = 0;
#endif
svritem->totalLen = 0;
+ svritem->bufLen = 0;
svritem->protocol = UNKNOWN;
}
}
// copy 1 byte to parse coap header length
memcpy(svritem->data, inBuffer, 1);
svritem->len = 1;
+ svritem->bufLen = COAP_MAX_HEADER_SIZE;
inBuffer++;
inLen--;
}
//calculate CoAP message length
svritem->totalLen = CAGetTotalLengthFromHeader(svritem->data);
-
- // allocate required memory
- unsigned char *buffer = OICRealloc(svritem->data, svritem->totalLen);
- if (NULL == buffer)
- {
- OIC_LOG(ERROR, TAG, "OICRealloc - out of memory");
- return CA_MEMORY_ALLOC_FAILED;
- }
- svritem->data = buffer;
}
// PAYLOAD
if (inLen > 0)
{
- // read required bytes to have full CoAP payload
+ // Calculate length of data to be copied.
copyLen = svritem->totalLen - svritem->len;
if (inLen < copyLen)
{
copyLen = inLen;
}
- //read required bytes to have full CoAP header
+ // Is buffer not big enough for remaining data ?
+ if (svritem->len + copyLen > svritem->bufLen)
+ {
+ // Resize buffer to accommodate enough space
+ size_t extLen = svritem->totalLen - svritem->bufLen;
+ if (extLen > COAP_TCP_MAX_BUFFER_CHUNK_SIZE)
+ {
+ extLen = COAP_TCP_MAX_BUFFER_CHUNK_SIZE;
+ }
+
+ // Allocate required memory
+ unsigned char *buffer = OICRealloc(svritem->data, svritem->bufLen + extLen);
+ if (NULL == buffer)
+ {
+ OIC_LOG(ERROR, TAG, "OICRealloc - out of memory");
+ return CA_MEMORY_ALLOC_FAILED;
+ }
+
+ svritem->data = buffer;
+ svritem->bufLen += extLen;
+ }
+
+ // Read required bytes to have full CoAP payload
memcpy(svritem->data + svritem->len, inBuffer, copyLen);
svritem->len += copyLen;
inBuffer += copyLen;
#include "srmresourcestrings.h"
#include "casecurityinterface.h"
#include "logger.h"
-#ifdef __TIZENRT__
+#include "base64.h"
#include "oic_malloc.h"
-#endif
+
+#define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----"
+#define PEM_END_CRT "-----END CERTIFICATE-----"
#define TAG "OIC_SRM_PKIX_INTERFACE"
OIC_LOG_BUFFER(INFO, TAG, crtBuf, *crtBufLen);
mbedtls_x509_crt deviceCert;
+ mbedtls_x509_crt_init(&deviceCert);
int ret = 0;
+ uint8_t *derCrtBuf = NULL;
+ size_t *derCrtBufLen = NULL;
+
+ uint8_t *derCrtBufTmp = NULL;
+ size_t derCrtBufLenTmp = 0;
+
// check only first(i.e., device) certificate
if (crtBuf[0] == 0x30 && crtBuf[1] == 0x82)
{
+ derCrtBuf = crtBuf;
+ derCrtBufLen = crtBufLen;
+ }
+ else
+ {
+ uint8_t * begin = (uint8_t *)memmem(crtBuf, *crtBufLen,
+ PEM_BEGIN_CRT, sizeof(PEM_BEGIN_CRT) - 1);
+ if (NULL != begin)
+ {
+ uint8_t * end = (uint8_t *)memmem(crtBuf, *crtBufLen,
+ PEM_END_CRT, sizeof(PEM_END_CRT) - 1);
+ if (NULL != end)
+ {
+ uint32_t idx = 0;
+ uint32_t count = 0;
+ uint32_t decodedLen = 0;
+ begin += sizeof(PEM_BEGIN_CRT) - 1;
+ size_t certLen = (size_t)(end - begin);
+ size_t outBufSize = B64DECODE_OUT_SAFESIZE(certLen + 1);
+
+ uint8_t * certCopy = (uint8_t *)OICCalloc(certLen, 1);
+ if(NULL == certCopy)
+ {
+ OIC_LOG (ERROR, TAG, "Failed to allocate memory.");
+ goto exit;
+ }
+ for (idx = 0; idx < certLen; idx++)
+ {
+ if (begin[idx] != '\r' && begin[idx] != '\n')
+ {
+ certCopy[count] = begin[idx];
+ count++;
+ }
+ }
+ certLen = count;
+
+ derCrtBufTmp = (uint8_t *)OICCalloc(outBufSize, 1);
+ if(NULL == derCrtBufTmp)
+ {
+ OIC_LOG (ERROR, TAG, "Failed to allocate memory.");
+ goto exit;
+ }
+
+ if (B64_OK != b64Decode((char *)certCopy, certLen, derCrtBufTmp, outBufSize, &decodedLen))
+ {
+ OICFree(certCopy);
+ goto exit;
+ }
+ OICFree(certCopy);
+
+ derCrtBuf = derCrtBufTmp;
+ derCrtBufLenTmp = decodedLen;
+ derCrtBufLen = &derCrtBufLenTmp;
+ }
+ }
+ else
+ {
+ goto exit;
+ }
+ }
+
+ if (NULL != derCrtBuf && NULL != derCrtBufLen && 0 != *derCrtBufLen)
+ {
uint8_t *sign_ptr = NULL;
/**
* structure of r_buf & s_buf
uint32_t removed_total = 0;
size_t org_len = 0;
- mbedtls_x509_crt_init(&deviceCert);
-
- unsigned char * tmp = (unsigned char *)crtBuf + 1;
- if ( 0 != mbedtls_asn1_get_len(&tmp, crtBuf + *crtBufLen, &org_len))
+ unsigned char * tmp = (unsigned char *)derCrtBuf + 1;
+ if ( 0 != mbedtls_asn1_get_len(&tmp, derCrtBuf + *derCrtBufLen, &org_len))
{
OIC_LOG(ERROR, TAG, "Invalid parsed length");
goto exit;
}
- if (org_len < *crtBufLen)
+ if (org_len < *derCrtBufLen)
{
- ret = mbedtls_x509_crt_parse_der(&deviceCert, crtBuf, org_len + 4);
+ ret = mbedtls_x509_crt_parse_der(&deviceCert, derCrtBuf, org_len + 4);
if (0 != ret)
{
OIC_LOG_V(ERROR, TAG, "mbedtls_x509_crt_parse_der returned -0x%04x", -(ret));
if (removed_total > 0)
{
// if length of signature is incorrect.
- OIC_LOG_V(INFO, TAG, "Cert Length (Before) : %lu", *crtBufLen);
+ OIC_LOG_V(INFO, TAG, "Cert Length (Before) : %lu", *derCrtBufLen);
OIC_LOG(INFO, TAG, "Invalid length of signature is dectected.");
OIC_LOG(INFO, TAG, "Update signature...");
}
org_len += 4; // include header and length field
- size_t remained_len = (*crtBufLen - org_len);
- memcpy(crtBuf, deviceCert.raw.p, crt_len);
- memcpy(crtBuf + crt_len, crtBuf + org_len, remained_len);
- *crtBufLen = (size_t)crt_len + remained_len;
+ size_t remained_len = (*derCrtBufLen - org_len);
+ memcpy(derCrtBuf, deviceCert.raw.p, crt_len);
+ memcpy(derCrtBuf + crt_len, derCrtBuf + org_len, remained_len);
+ *derCrtBufLen = (size_t)crt_len + remained_len;
mbedtls_x509_crt_free(&crt_cpy);
OIC_LOG_V(INFO, TAG, "Dev cert : %lu -> %lu", org_len, crt_len);
exit:
mbedtls_x509_crt_free(&deviceCert);
+ OICFree(derCrtBufTmp);
OIC_LOG_V(DEBUG, TAG, "Cert chain length = %d", *crtBufLen);
OIC_LOG_V(DEBUG, TAG, "Out %s", __func__);
}
OIC_LOG(INFO, TAG,"Get server request with token");
OIC_LOG_BUFFER(INFO, TAG, (const uint8_t *)token, tokenLength);
- OIC_LOG(INFO, TAG,"Found token");
+ OIC_LOG(INFO, TAG, "Found token");
LL_FOREACH (serverRequestList, out)
{
- OIC_LOG_BUFFER(INFO, TAG, (const uint8_t *)out->requestToken, tokenLength);
- if(memcmp(out->requestToken, token, tokenLength) == 0)
+ if(out)
{
- return out;
+ OIC_LOG_BUFFER(INFO, TAG, (const uint8_t *)out->requestToken, out->tokenLength);
+ if((tokenLength == out->tokenLength) &&
+ memcmp(out->requestToken, token, tokenLength) == 0)
+ {
+ return out;
+ }
}
}
OIC_LOG(INFO, TAG, "Server Request not found!!");