projects / platform / upstream / iotivity.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Imported Upstream version 1.1.0
[platform/upstream/iotivity.git] / resource / csdk / security / provisioning / ck_manager / src / ckm_info.c
1 /******************************************************************
2  *
3  * Copyright 2015 Samsung Electronics All Rights Reserved.
4  *
5  *
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  *      LICENSE-2.0" target="_blank">http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  *
19
20  ******************************************************************/
21
22
23 #include "ckm_info.h"
24 #include "ocstack.h"
25 #include "oic_malloc.h"
26 #include "cJSON.h"
27 #include "base64.h"
28 #include "psinterface.h"
29 #include "srmresourcestrings.h"
30 #include "crlresource.h"
31 #include "crl_generator.h"
32
33 #ifdef __unix__
34 #include <sys/stat.h>
35 #endif // __unix__
36
37 //constants used in ckmInfo
38 #define CKM_INFO_IS_NOT_LOADED                       (0)
39 #define CKM_INFO_IS_LOADED                           (1)
40 #define CA_PRIVATE_KEY_IS_NOT_SET                    (0)
41 #define CA_PRIVATE_KEY_IS_SET                        (1)
42 #define CA_PRIVATE_KEY_DEFAULT_VALUE                 (0)
43 #define CA_PUBLIC_KEY_IS_NOT_SET                     (0)
44 #define CA_PUBLIC_KEY_IS_SET                         (1)
45 #define CA_PUBLIC_KEY_DEFAULT_VALUE                  (0)
46 #define CA_CERTIFICATE_CHAIN_IS_NOT_SET              (0)
47 #define CA_CERTIFICATE_CHAIN_MEMORY_IS_NOT_ALLOCATED (0)
48 #define CA_NAME_IS_NOT_SET                           (0)
49 #define CA_NAME_DEFAULT_VALUE                        (0)
50 #define CERTIFICATE_SN_INITIAL_VALUE                 (1)
51 #define CRL_SN_INITIAL_VALUE                         (1)
52 #define NUMBER_OF_REVOKED_CERTIFICATES_INITIAL_VALUE (0)
53
54 //constants used in crlInfo
55 #define CRL_IS_NOT_SET                               (0)
56 #define CRL_MEMORY_IS_NOT_ALLOCATED                  (0)
57
58 static CKMInfo_t g_ckmInfo = {CKM_INFO_IS_NOT_LOADED,
59                              CA_PRIVATE_KEY_IS_NOT_SET, {CA_PRIVATE_KEY_DEFAULT_VALUE},
60                              CA_PUBLIC_KEY_IS_NOT_SET, {CA_PUBLIC_KEY_DEFAULT_VALUE},
61                              CA_CERTIFICATE_CHAIN_IS_NOT_SET,
62                              CA_CERTIFICATE_CHAIN_MEMORY_IS_NOT_ALLOCATED,
63                              CA_NAME_IS_NOT_SET, {CA_NAME_DEFAULT_VALUE},
64                              CERTIFICATE_SN_INITIAL_VALUE, CRL_SN_INITIAL_VALUE,
65                              NUMBER_OF_REVOKED_CERTIFICATES_INITIAL_VALUE};
66
67 static OicSecCrl_t g_crlInfo = {CRL_IS_NOT_SET,
68                                   BYTE_ARRAY_INITIALIZER, BYTE_ARRAY_INITIALIZER};
69
70 //General functions
71
72 PKIError InitCKMInfo(void)
73 {
74     FUNCTION_INIT();
75     FILE *filePointer = NULL;
76     int count = 1;
77     int objectsRead = 0;
78     int objectsWrote = 0;
79
80     if (!g_ckmInfo.CKMInfoIsLoaded)
81     {
82         filePointer = fopen(CA_STORAGE_FILE, "rb");
83         if (filePointer) //read existing storage
84         {
85             objectsRead = fread(&g_ckmInfo, sizeof(CKMInfo_t), count, filePointer);
86             g_ckmInfo.CACertificateChain = CA_CERTIFICATE_CHAIN_MEMORY_IS_NOT_ALLOCATED;
87             CHECK_EQUAL(objectsRead, count, ISSUER_CA_STORAGE_FILE_READ_ERROR);
88         }
89         else ////create new storage
90         {
91 #ifdef __unix__
92             struct stat st;
93             if (0 == lstat(CA_STORAGE_FILE, &st))
94             {
95                 CHECK_COND(S_ISREG(st.st_mode), ISSUER_FILE_WRITE_ERROR);
96                 CHECK_COND(!S_ISLNK(st.st_mode), ISSUER_FILE_WRITE_ERROR);
97             }
98 #endif
99             filePointer = fopen(CA_STORAGE_FILE, "wb");
100             CHECK_NULL(filePointer, ISSUER_CA_STORAGE_FILE_WRITE_ERROR);
101             objectsWrote = fwrite(&g_ckmInfo, sizeof(CKMInfo_t), count, filePointer);
102             CHECK_EQUAL(objectsWrote, count, ISSUER_CA_STORAGE_FILE_WRITE_ERROR);
103         }
104         CHECK_CALL(InitCRL);
105         CHECK_CALL(InitCRT);
106         g_ckmInfo.CKMInfoIsLoaded = CKM_INFO_IS_LOADED;
107     }
108     FUNCTION_CLEAR(
109         if (filePointer)
110         {
111             fclose(filePointer);
112             filePointer = NULL;
113         }
114     );
115 }
116
117 PKIError SaveCKMInfo(void)
118 {
119     FUNCTION_INIT();
120     FILE *filePointer = NULL;
121     int count = 1;
122     int objectsWrote = 0;
123 #ifdef __unix__
124     struct stat st;
125 #endif
126
127     CHECK_COND(g_ckmInfo.CKMInfoIsLoaded, CKM_INFO_IS_NOT_INIT);
128 #ifdef __unix__
129     if (0 == lstat(CA_STORAGE_FILE, &st))
130     {
131         CHECK_COND(S_ISREG(st.st_mode), ISSUER_FILE_WRITE_ERROR);
132         CHECK_COND(!S_ISLNK(st.st_mode), ISSUER_FILE_WRITE_ERROR);
133     }
134 #endif
135     filePointer = fopen(CA_STORAGE_FILE, "wb");
136     CHECK_NULL(filePointer, ISSUER_CA_STORAGE_FILE_WRITE_ERROR);
137     objectsWrote = fwrite(&g_ckmInfo, sizeof(CKMInfo_t), count, filePointer);
138     CHECK_EQUAL(objectsWrote, count, ISSUER_CA_STORAGE_FILE_WRITE_ERROR);
139     if ((g_crlInfo.CrlData.data)&&(g_crlInfo.CrlData.len))
140     {
141         CHECK_CALL(SaveCRL);
142     }
143     if (g_ckmInfo.CAChainLength)
144     {
145         CHECK_CALL(SaveCRT);
146     }
147     FUNCTION_CLEAR(
148         if (filePointer)
149         {
150             fclose(filePointer);
151             filePointer = NULL;
152         }
153     );
154 }
155
156 PKIError CloseCKMInfo(void)
157 {
158     FUNCTION_INIT();
159     CHECK_CALL(SaveCKMInfo);
160     OICFree(g_crlInfo.CrlData.data);
161     g_crlInfo.CrlData.data = CRL_MEMORY_IS_NOT_ALLOCATED;
162     OICFree(g_crlInfo.ThisUpdate.data);
163     g_crlInfo.ThisUpdate.data = CRL_MEMORY_IS_NOT_ALLOCATED;
164     OICFree(g_ckmInfo.CACertificateChain);
165     g_ckmInfo.CACertificateChain = CA_CERTIFICATE_CHAIN_MEMORY_IS_NOT_ALLOCATED;
166     g_ckmInfo.CKMInfoIsLoaded = CKM_INFO_IS_NOT_LOADED;
167     g_crlInfo.CrlId = CRL_IS_NOT_SET;
168     FUNCTION_CLEAR();
169 }
170
171 PKIError SetCKMInfo (const long nextSN, const long CRLSerialNumber,
172                      const ByteArray *CAPrivateKey, const ByteArray *CAPublicKey,
173                      const ByteArray *CAName)
174 {
175     FUNCTION_INIT();
176     if (nextSN)
177         CHECK_CALL(SetNextSerialNumber, nextSN);
178     if (CRLSerialNumber)
179         CHECK_CALL(SetCRLSerialNumber, CRLSerialNumber);
180     if (CAPrivateKey)
181         CHECK_CALL(SetCAPrivateKey, CAPrivateKey);
182     if (CAPublicKey)
183         CHECK_CALL(SetCAPublicKey, CAPublicKey);
184     if (CAName)
185         CHECK_CALL(SetCAName, CAName);
186
187     FUNCTION_CLEAR();
188 }
189
190 PKIError GetCKMInfo (long *nextSN, long *CRLSerialNumber,
191                      ByteArray *CAPrivateKey, ByteArray *CAPublicKey,
192                      ByteArray *CAName)
193 {
194     FUNCTION_INIT();
195     if (nextSN)
196         CHECK_CALL(GetNextSerialNumber, nextSN);
197     if (CRLSerialNumber)
198         CHECK_CALL(GetCRLSerialNumber, CRLSerialNumber);
199     if (CAPrivateKey)
200         CHECK_CALL(GetCAPrivateKey, CAPrivateKey);
201     if (CAPublicKey)
202         CHECK_CALL(GetCAPublicKey, CAPublicKey);
203     if (CAName)
204         CHECK_CALL(GetCAName, CAName);
205
206     FUNCTION_CLEAR();
207 }
208
209 /*Private Key*/
210 PKIError SetCAPrivateKey (const ByteArray *CAPrivateKey)
211 {
212     FUNCTION_INIT();
213     CHECK_NULL_BYTE_ARRAY_PTR(CAPrivateKey, ISSUER_CA_STORAGE_NULL_PASSED);
214     CHECK_EQUAL(CAPrivateKey->len, PRIVATE_KEY_SIZE, ISSUER_CA_STORAGE_WRONG_PRIVATE_KEY_LEN);
215     memcpy(g_ckmInfo.CAPrivateKey, CAPrivateKey->data, PRIVATE_KEY_SIZE);
216     g_ckmInfo.CAPrivateKeyIsSet = CA_PRIVATE_KEY_IS_SET;
217
218     FUNCTION_CLEAR();
219 }
220
221 PKIError GetCAPrivateKey (ByteArray *CAPrivateKey)
222 {
223     FUNCTION_INIT();
224     CHECK_COND(g_ckmInfo.CAPrivateKeyIsSet, ISSUER_CA_STORAGE_PRIVATE_KEY_UNDEFINED);
225     CHECK_NULL_BYTE_ARRAY_PTR(CAPrivateKey, ISSUER_CA_STORAGE_NULL_PASSED);
226     memcpy(CAPrivateKey->data, g_ckmInfo.CAPrivateKey, PRIVATE_KEY_SIZE);
227     CAPrivateKey->len = PRIVATE_KEY_SIZE;
228
229     FUNCTION_CLEAR();
230 }
231
232 /*Public Key*/
233 PKIError SetCAPublicKey (const ByteArray *CAPublicKey)
234 {
235     FUNCTION_INIT();
236     CHECK_NULL_BYTE_ARRAY_PTR(CAPublicKey, ISSUER_CA_STORAGE_NULL_PASSED);
237     CHECK_EQUAL(CAPublicKey->len, PUBLIC_KEY_SIZE, ISSUER_CA_STORAGE_WRONG_PUBLIC_KEY_LEN);
238     memcpy(g_ckmInfo.CAPublicKey, CAPublicKey->data, PUBLIC_KEY_SIZE);
239     g_ckmInfo.CAPublicKeyIsSet = CA_PUBLIC_KEY_IS_SET;
240
241     FUNCTION_CLEAR();
242 }
243
244 PKIError GetCAPublicKey (ByteArray *CAPublicKey)
245 {
246     FUNCTION_INIT();
247     CHECK_COND(g_ckmInfo.CAPublicKeyIsSet, ISSUER_CA_STORAGE_PUBLIC_KEY_UNDEFINED);
248     CHECK_NULL_BYTE_ARRAY_PTR(CAPublicKey, ISSUER_CA_STORAGE_NULL_PASSED);
249     memcpy(CAPublicKey->data, g_ckmInfo.CAPublicKey, PUBLIC_KEY_SIZE);
250     CAPublicKey->len = PUBLIC_KEY_SIZE;
251
252     FUNCTION_CLEAR();
253 }
254
255 /*CAName*/
256 PKIError SetCAName (const ByteArray *CAName)
257 {
258     FUNCTION_INIT();
259     CHECK_NULL_BYTE_ARRAY_PTR(CAName, ISSUER_CA_STORAGE_NULL_PASSED);
260     CHECK_LESS_EQUAL(CAName->len, ISSUER_MAX_NAME_SIZE, ISSUER_CA_STORAGE_WRONG_CA_NAME_LEN);
261     memcpy(g_ckmInfo.CAName, CAName->data, CAName->len);
262     g_ckmInfo.CANameSize = (uint32_t)CAName->len;
263
264     FUNCTION_CLEAR();
265 }
266
267 PKIError GetCAName (ByteArray *CAName)
268 {
269     FUNCTION_INIT();
270     CHECK_COND(g_ckmInfo.CANameSize, ISSUER_CA_STORAGE_CA_NAME_UNDEFINED);
271     CHECK_NULL_BYTE_ARRAY_PTR(CAName, ISSUER_CA_STORAGE_NULL_PASSED);
272     memcpy(CAName->data, g_ckmInfo.CAName, g_ckmInfo.CANameSize);
273     CAName->len = g_ckmInfo.CANameSize;
274
275     FUNCTION_CLEAR();
276 }
277
278 //Certificate-related functions
279
280 #define CERT_LEN_PREFIX (3)
281 #define BYTE_SIZE (8) //bits
282
283 static void WriteCertPrefix(uint8_t *prefix, uint32_t certLen)
284 {
285     for (size_t i = 0; i < CERT_LEN_PREFIX; ++i)
286     {
287         prefix[i] = (certLen >> (BYTE_SIZE * (CERT_LEN_PREFIX - 1 - i))) & 0xFF;
288     }
289 }
290
291 static uint32_t ParseCertPrefix(uint8_t *prefix)
292 {
293     uint32_t res = 0;
294     if(NULL != prefix)
295     {
296         for(int i=0; i < CERT_LEN_PREFIX; ++i)
297         {
298             res |= (((uint32_t) prefix[i]) << ((CERT_LEN_PREFIX - 1 -i) * BYTE_SIZE));
299         }
300     }
301     return res;
302 }
303
304 PKIError InitCRT(void)
305 {
306     FUNCTION_INIT();
307     FILE *filePointer = NULL;
308     uint32_t objectsRead = 0;
309     uint8_t prefix[CERT_LEN_PREFIX] = {0};
310
311     if (g_ckmInfo.CAChainLength)
312     {
313         filePointer = fopen(CA_STORAGE_CRT_FILE, "rb");
314         CHECK_NULL(filePointer, ISSUER_CA_STORAGE_CRT_READ_ERROR);
315
316         g_ckmInfo.CACertificateChain =
317                     (ByteArray *)OICMalloc(sizeof(ByteArray) * g_ckmInfo.CAChainLength);
318         CHECK_NULL(g_ckmInfo.CACertificateChain, ISSUER_CA_STORAGE_MEMORY_ALLOC_FAILED);
319
320         for (int i = 0; i < g_ckmInfo.CAChainLength; i++)
321         {
322             objectsRead = (uint32_t)fread(prefix, sizeof(uint8_t), CERT_LEN_PREFIX, filePointer);
323             CHECK_EQUAL(objectsRead, CERT_LEN_PREFIX, ISSUER_CA_STORAGE_CRT_READ_ERROR);
324             g_ckmInfo.CACertificateChain[i].len = ParseCertPrefix(prefix);
325
326             g_ckmInfo.CACertificateChain[i].data =
327                             (uint8_t *)OICMalloc(g_ckmInfo.CACertificateChain[i].len);
328             CHECK_NULL(g_ckmInfo.CACertificateChain[i].data,
329                        ISSUER_CA_STORAGE_MEMORY_ALLOC_FAILED);
330             objectsRead = (uint32_t)fread(g_ckmInfo.CACertificateChain[i].data, sizeof(uint8_t),
331                                 g_ckmInfo.CACertificateChain[i].len, filePointer);
332             CHECK_EQUAL(objectsRead, g_ckmInfo.CACertificateChain[i].len,
333                         ISSUER_CA_STORAGE_CRT_READ_ERROR);
334         }
335     }
336     FUNCTION_CLEAR(
337         if (filePointer)
338         {
339             fclose(filePointer);
340             filePointer = NULL;
341         }
342     );
343 }
344
345 PKIError SaveCRT(void)
346 {
347     FUNCTION_INIT();
348     FILE *filePointer = NULL;
349     uint32_t objectsWrote = 0;
350     uint8_t prefix[CERT_LEN_PREFIX] = {0};
351 #ifdef __unix__
352     struct stat st;
353     if (0 == lstat(CA_STORAGE_CRT_FILE, &st))
354     {
355         CHECK_COND(S_ISREG(st.st_mode), ISSUER_FILE_WRITE_ERROR);
356         CHECK_COND(!S_ISLNK(st.st_mode), ISSUER_FILE_WRITE_ERROR);
357     }
358 #endif
359     filePointer = fopen(CA_STORAGE_CRT_FILE, "wb");
360     CHECK_NULL(filePointer, ISSUER_CA_STORAGE_CRT_WRITE_ERROR);
361
362     for (int i = 0; i < g_ckmInfo.CAChainLength; i++)
363     {
364         WriteCertPrefix(prefix, g_ckmInfo.CACertificateChain[i].len);
365         objectsWrote = (uint32_t)fwrite(prefix, sizeof(uint8_t), CERT_LEN_PREFIX, filePointer);
366         CHECK_EQUAL(objectsWrote, CERT_LEN_PREFIX, ISSUER_CA_STORAGE_CRT_WRITE_ERROR);
367         objectsWrote = (uint32_t)fwrite(g_ckmInfo.CACertificateChain[i].data, sizeof(uint8_t),
368                               g_ckmInfo.CACertificateChain[i].len, filePointer);
369         CHECK_EQUAL(objectsWrote, g_ckmInfo.CACertificateChain[i].len,
370                     ISSUER_CA_STORAGE_CRT_WRITE_ERROR);
371     }
372
373     FUNCTION_CLEAR(
374         if (filePointer)
375         {
376             fclose(filePointer);
377             filePointer = NULL;
378         }
379     );
380 }
381
382 /*Serial Number*/
383 PKIError SetNextSerialNumber (const long nextSN)
384 {
385     FUNCTION_INIT();
386     CHECK_LESS_EQUAL(0, nextSN, ISSUER_CA_STORAGE_WRONG_SERIAL_NUMBER);
387     g_ckmInfo.nextSerialNumber = nextSN;
388
389     FUNCTION_CLEAR();
390 }
391
392 PKIError GetNextSerialNumber (long *nextSN)
393 {
394     FUNCTION_INIT();
395     CHECK_NULL(nextSN, ISSUER_CA_STORAGE_NULL_PASSED);
396     CHECK_NULL(g_ckmInfo.nextSerialNumber, ISSUER_CA_STORAGE_SN_UNDEFINED);
397     *nextSN = g_ckmInfo.nextSerialNumber;
398
399     FUNCTION_CLEAR();
400 }
401
402 /*CA Certificate Chain*/
403 PKIError SetCAChain (const uint8_t CAChainLength, const ByteArray *CAChain)
404 {
405     FUNCTION_INIT();
406     CHECK_NULL_BYTE_ARRAY_PTR(CAChain, ISSUER_CA_STORAGE_NULL_PASSED);
407     CHECK_NULL(CAChainLength, ISSUER_CA_STORAGE_NULL_PASSED);
408
409     OICFree(g_ckmInfo.CACertificateChain);
410     g_ckmInfo.CACertificateChain = NULL;
411     g_ckmInfo.CACertificateChain = (ByteArray *)OICMalloc(sizeof(ByteArray) * CAChainLength);
412     CHECK_NULL(g_ckmInfo.CACertificateChain, ISSUER_CA_STORAGE_MEMORY_ALLOC_FAILED);
413
414     for (int i = 0; i < CAChainLength; i++)
415     {
416         g_ckmInfo.CACertificateChain[i].data = (uint8_t *)OICMalloc(CAChain[i].len);
417         CHECK_NULL(g_ckmInfo.CACertificateChain[i].data, ISSUER_CA_STORAGE_MEMORY_ALLOC_FAILED);
418         memcpy(g_ckmInfo.CACertificateChain[i].data, CAChain[i].data, CAChain[i].len);
419         g_ckmInfo.CACertificateChain[i].len = CAChain[i].len;
420     }
421     g_ckmInfo.CAChainLength = CAChainLength;
422
423     FUNCTION_CLEAR();
424 }
425
426 PKIError GetCAChain (uint8_t* CAChainLength, ByteArray *CAChain)
427 {
428     FUNCTION_INIT();
429     CHECK_COND(g_ckmInfo.CAChainLength, ISSUER_CA_STORAGE_CA_CHAIN_LENGTH_UNDEFINED);
430     CHECK_NULL_BYTE_ARRAY_PTR(CAChain, ISSUER_CA_STORAGE_NULL_PASSED);
431     CHECK_NULL(CAChainLength, PKI_NULL_PASSED);
432
433     for (int i = 0; i < g_ckmInfo.CAChainLength; i++)
434     {
435         CHECK_LESS_EQUAL(g_ckmInfo.CACertificateChain[i].len, CAChain[i].len,
436                          ISSUER_CA_STORAGE_WRONG_BYTE_ARRAY_LEN);
437         memcpy(CAChain[i].data, g_ckmInfo.CACertificateChain[i].data,
438                g_ckmInfo.CACertificateChain[i].len);
439         CAChain[i].len = g_ckmInfo.CACertificateChain[i].len;
440     }
441
442     *CAChainLength = g_ckmInfo.CAChainLength;
443
444     FUNCTION_CLEAR();
445 }
446
447 /*Certificate*/
448 PKIError SetCACertificate (const ByteArray *CACertificate)
449 {
450     FUNCTION_INIT();
451     CHECK_NULL_BYTE_ARRAY_PTR(CACertificate, ISSUER_CA_STORAGE_NULL_PASSED);
452     CHECK_CALL(SetCAChain, 1, CACertificate);
453
454     FUNCTION_CLEAR();
455 }
456
457 PKIError GetCACertificate (ByteArray *CACertificate)
458 {
459     FUNCTION_INIT();
460     uint8_t i;
461     CHECK_NULL_BYTE_ARRAY_PTR(CACertificate, ISSUER_CA_STORAGE_NULL_PASSED);
462     CHECK_CALL(GetCAChain, &i, CACertificate);
463
464     FUNCTION_CLEAR();
465 }
466 //CRL-related functions
467
468 PKIError InitCRL(void)
469 {
470     FUNCTION_INIT();
471     g_crlInfo = *(OicSecCrl_t *)GetCRLResource();
472     CHECK_NULL(g_crlInfo.CrlData.data, ISSUER_CA_STORAGE_NULL_PASSED);
473     CHECK_NULL(g_crlInfo.ThisUpdate.data, ISSUER_CA_STORAGE_NULL_PASSED);
474
475     FUNCTION_CLEAR();
476 }
477
478 PKIError SaveCRL(void)
479 {
480     FUNCTION_INIT();
481
482     CHECK_EQUAL(UpdateCRLResource(&g_crlInfo),
483                 OC_STACK_OK, ISSUER_CA_STORAGE_CRL_WRITE_ERROR);
484     FUNCTION_CLEAR();
485 }
486
487 /*CRL Serial Number*/
488 PKIError SetCRLSerialNumber (const long CRLSerialNumber)
489 {
490     FUNCTION_INIT();
491     CHECK_LESS_EQUAL(0, CRLSerialNumber, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER);
492     g_ckmInfo.CRLSerialNumber = CRLSerialNumber;
493
494     FUNCTION_CLEAR();
495 }
496
497 PKIError GetCRLSerialNumber (long *CRLSerialNumber)
498 {
499     FUNCTION_INIT();
500     CHECK_NULL(CRLSerialNumber, ISSUER_CA_STORAGE_NULL_PASSED);
501     CHECK_NULL(g_ckmInfo.CRLSerialNumber, ISSUER_CA_STORAGE_CRL_SN_UNDEFINED);
502     *CRLSerialNumber = g_ckmInfo.CRLSerialNumber;
503
504     FUNCTION_CLEAR();
505 }
506
507 /*Revocation List*/
508 PKIError SetCertificateRevocationList (const ByteArray *certificateRevocationList)
509 {
510     FUNCTION_INIT();
511     CHECK_NULL_BYTE_ARRAY_PTR(certificateRevocationList, ISSUER_CA_STORAGE_NULL_PASSED);
512
513     OICFree(g_crlInfo.CrlData.data);
514     g_crlInfo.CrlData.data = CRL_MEMORY_IS_NOT_ALLOCATED;
515     g_crlInfo.CrlData.data = (uint8_t *)OICMalloc(certificateRevocationList->len + 1);
516     CHECK_NULL(g_crlInfo.CrlData.data, ISSUER_CA_STORAGE_MEMORY_ALLOC_FAILED);
517     memcpy(g_crlInfo.CrlData.data, certificateRevocationList->data, certificateRevocationList->len);
518     g_crlInfo.CrlData.len = certificateRevocationList->len;
519
520     g_crlInfo.CrlId ++;
521     CHECK_CALL(SaveCRL);
522
523     FUNCTION_CLEAR();
524 }
525
526 PKIError GetCertificateRevocationList (ByteArray *certificateRevocationList)
527 {
528     FUNCTION_INIT(
529         OicSecCrl_t *tmpCRL = NULL;
530     );
531     CHECK_COND(g_crlInfo.CrlData.data, ISSUER_CA_STORAGE_CRL_UNDEFINED);
532     CHECK_NULL_BYTE_ARRAY_PTR(certificateRevocationList, ISSUER_CA_STORAGE_NULL_PASSED);
533     tmpCRL = (OicSecCrl_t *)GetCRLResource();
534     CHECK_NULL(tmpCRL, ISSUER_CA_STORAGE_NULL_PASSED);
535     g_crlInfo.CrlId = tmpCRL->CrlId;
536     g_crlInfo.CrlData = tmpCRL->CrlData;
537     g_crlInfo.ThisUpdate = tmpCRL->ThisUpdate;
538
539     CHECK_LESS_EQUAL(g_crlInfo.CrlData.len, certificateRevocationList->len,
540                      ISSUER_WRONG_BYTE_ARRAY_LEN);
541     memcpy(certificateRevocationList->data, g_crlInfo.CrlData.data, g_crlInfo.CrlData.len);
542     certificateRevocationList->len = g_crlInfo.CrlData.len;
543
544     FUNCTION_CLEAR(
545         OICFree(tmpCRL);
546     );
547 }
548
549 PKIError SetNumberOfRevoked (const long numberOfRevoked)
550 {
551     FUNCTION_INIT();
552     CHECK_LESS_EQUAL(0, numberOfRevoked, ISSUER_CA_STORAGE_WRONG_CRL_SERIAL_NUMBER);
553     g_ckmInfo.numberOfRevoked = numberOfRevoked;
554
555     FUNCTION_CLEAR();
556 }
557 PKIError GetNumberOfRevoked (long *numberOfRevoked)
558 {
559     FUNCTION_INIT();
560     CHECK_NULL(numberOfRevoked, ISSUER_CA_STORAGE_NULL_PASSED);
561     CHECK_NULL(g_ckmInfo.numberOfRevoked, ISSUER_CA_STORAGE_CRL_SN_UNDEFINED);
562     *numberOfRevoked = g_ckmInfo.numberOfRevoked;
563
564     FUNCTION_CLEAR();
565 }
Domain: Network & Connectivity / IoT Connectivity;