security_handler.c
Go to the documentation of this file.
1 /*!**********************************************************************
2  *
3  * @copyright Copyright (C) 2016 Siemens Aktiengesellschaft.\n
4  * All rights reserved.
5  *
6  *************************************************************************
7  *
8  * @file security_handler.c
9  * @date Jun 27, 2016
10  * @brief Security handler module implementation file.
11  *
12  ************************************************************************/
13 
14 #include "security_handler.h"
15 #include "security.h"
16 #include "base64.h"
17 #include "hmac.h"
18 #include "definitions.h"
19 #include "memory.h"
20 #include "random.h"
21 #include "log_util.h"
22 
24 {
25  DEBUG_ENTRY("security_handler_t **security_handler = <%p>", security_handler)
26 
27  // Create security handler.
28  MCL_NEW(*security_handler);
29  ASSERT_CODE_MESSAGE(MCL_NULL != *security_handler, MCL_OUT_OF_MEMORY, "Memory can not be allocated for security handler.");
30 
31  // Memory for members of security_handler_t will be allocated by the key generator function.
32  (*security_handler)->authentication_key = MCL_NULL;
33  (*security_handler)->onboarding_key = MCL_NULL;
34  (*security_handler)->hmac_key = MCL_NULL;
35  (*security_handler)->rsa.private_key = MCL_NULL;
36  (*security_handler)->rsa.public_key = MCL_NULL;
37  (*security_handler)->rsa.session_key = MCL_NULL;
38  (*security_handler)->authentication_key_size = 0;
39  (*security_handler)->last_token_time = MCL_NULL;
40  (*security_handler)->access_token = MCL_NULL;
41  (*security_handler)->registration_access_token = MCL_NULL;
42  (*security_handler)->client_secret = MCL_NULL;
43  (*security_handler)->registration_client_uri = MCL_NULL;
44  (*security_handler)->client_id = MCL_NULL;
45 
46  DEBUG_LEAVE("retVal = <%d>", MCL_OK);
47  return MCL_OK;
48 }
49 
51 {
52  DEBUG_ENTRY("string_t **jti = <%p>", jti)
53 
55 
56  DEBUG_LEAVE("retVal = <%d>", code);
57  return code;
58 }
59 
61 {
62  DEBUG_ENTRY("const mcl_uint8_t *data = <%p>, mcl_size_t data_size = <%u>, mcl_uint8_t **hash = <%p>, mcl_size_t *hash_size = <%p>", data, data_size, hash, hash_size)
63 
64  E_MCL_ERROR_CODE code = security_hash_sha256(data, data_size, hash, hash_size);
65  if (MCL_OK == code)
66  {
67  MCL_DEBUG("SHA256 calculation succeeded: hash = <%p>, hash_size = <%u>", *hash, *hash_size);
68  }
69  else
70  {
71  MCL_ERROR("SHA256 calculation failed!");
72  }
73 
74  DEBUG_LEAVE("retVal = <%d>", code);
75  return code;
76 }
77 
79 {
80  DEBUG_ENTRY("security_handler_t *security_handler = <%p>, const mcl_uint8_t *data = <%p>, mcl_size_t data_size = <%u>, mcl_uint8_t **hash = <%p>, mcl_size_t *hash_size = <%p>",
81  security_handler, data, data_size, hash, hash_size)
82 
83  E_MCL_ERROR_CODE code = hmac_sha256((const mcl_uint8_t*)data, data_size, (const mcl_uint8_t*)security_handler->client_secret->buffer, security_handler->client_secret->length, hash, hash_size);
84  if (MCL_OK == code)
85  {
86  MCL_DEBUG("HMAC SHA256 calculation succeeded: hash = <%p>, hash_size = <%u>", *hash, *hash_size);
87  }
88  else
89  {
90  MCL_ERROR("HMAC SHA256 calculation failed!");
91  }
92 
93  DEBUG_LEAVE("retVal = <%d>", code);
94  return code;
95 }
96 
98 {
99  DEBUG_ENTRY("const mcl_uint8_t *data = <%p>, mcl_size_t data_size = <%u>, string_t **encoded_data = <%p>", data, data_size, encoded_data)
100 
101  E_MCL_ERROR_CODE code = base64_encode(data, data_size, encoded_data);
102  if (MCL_OK == code)
103  {
104  MCL_DEBUG("Base64 encoding succeeded: encoded_data = <%s>, length encoded_data = <%u>", (*encoded_data)->buffer, (*encoded_data)->length);
105  }
106  else
107  {
108  MCL_ERROR("Base64 encoding failed!");
109  }
110 
111  DEBUG_LEAVE("retVal = <%d>", code);
112  return code;
113 }
114 
115 E_MCL_ERROR_CODE security_handler_base64_decode(const string_t *encoded_data, mcl_uint8_t **decoded_data, mcl_size_t *decoded_data_size)
116 {
117  DEBUG_ENTRY("const string_t *encoded_data = <%p>, mcl_uint8_t **decoded_data = <%p>, mcl_size_t *decoded_data_size = <%p>", encoded_data, decoded_data, decoded_data_size)
118 
119  E_MCL_ERROR_CODE code = base64_decode(encoded_data, decoded_data, decoded_data_size);
120 
121  DEBUG_LEAVE("retVal = <%d>", code);
122  return code;
123 }
124 
126 {
127  DEBUG_ENTRY("const mcl_uint8_t *data = <%p>, mcl_size_t data_size = <%u>, string_t **encoded_data = <%p>", data, data_size, encoded_data)
128 
129  E_MCL_ERROR_CODE code = base64_url_encode(data, data_size, encoded_data);
130  if (MCL_OK == code)
131  {
132  MCL_DEBUG("Base64 URL encoding succeeded: encoded_data = <%s>, length encoded_data = <%u>", (*encoded_data)->buffer, (*encoded_data)->length);
133  }
134  else
135  {
136  MCL_ERROR("Base64 encoding failed!");
137  }
138 
139  DEBUG_LEAVE("retVal = <%d>", code);
140  return code;
141 }
142 
144 {
145  DEBUG_ENTRY("security_handler_t *security_handler = <%p>", security_handler)
146 
147  E_MCL_ERROR_CODE code = security_generate_rsa_key(&security_handler->rsa.public_key, &security_handler->rsa.private_key);
148 
149  DEBUG_LEAVE("retVal = <%d>", code);
150  return code;
151 }
152 
153 E_MCL_ERROR_CODE security_handler_rsa_sign(char *rsa_key, char *data, mcl_size_t data_size, mcl_uint8_t **signature, mcl_size_t *signature_size)
154 {
155  DEBUG_ENTRY("char *rsa_key = <%s>, char *data = <%s>, mcl_size_t data_size = <%u>, mcl_uint8_t **signature = <%p>, mcl_size_t *signature_size = <%p>", rsa_key, data,
156  data_size, signature, signature_size)
157 
158  E_MCL_ERROR_CODE code = security_rsa_sign(rsa_key, data, data_size, signature, signature_size);
159 
160  DEBUG_LEAVE("retVal = <%d>", code);
161  return code;
162 }
163 
165 {
166  DEBUG_ENTRY("security_handler_t **security_handler = <%p>", security_handler)
167 
168  if (MCL_NULL != *security_handler)
169  {
170  // Free security handler with its members.
171  string_destroy(&(*security_handler)->access_token);
172  string_destroy(&(*security_handler)->registration_access_token);
173  string_destroy(&(*security_handler)->client_secret);
174  string_destroy(&(*security_handler)->registration_client_uri);
175  string_destroy(&(*security_handler)->client_id);
176  string_destroy(&(*security_handler)->last_token_time);
177 
178  MCL_FREE((*security_handler)->hmac_key);
179  MCL_FREE((*security_handler)->rsa.private_key);
180  MCL_FREE((*security_handler)->rsa.public_key);
181  MCL_FREE((*security_handler)->rsa.session_key);
182  MCL_FREE(*security_handler);
183 
184  MCL_DEBUG("Security handler is destroyed.");
185  }
186  else
187  {
188  MCL_DEBUG("Security handler is already NULL.");
189  }
190 
191  DEBUG_LEAVE("retVal = void");
192 }
void string_destroy(string_t **string)
Destroys the allocated resources of the string.
Definition: string_type.c:326
E_MCL_ERROR_CODE security_handler_hmac_sha256(security_handler_t *security_handler, const mcl_uint8_t *data, mcl_size_t data_size, mcl_uint8_t **hash, mcl_size_t *hash_size)
Memory module header file.
E_MCL_ERROR_CODE security_handler_generate_rsa_key(security_handler_t *security_handler)
To be used to generate the RSA public/private key pairs.
#define DEBUG_LEAVE(...)
Definition: log_util.h:81
E_MCL_ERROR_CODE security_handler_initialize(security_handler_t **security_handler)
Initializer of security handler.
E_MCL_ERROR_CODE base64_url_encode(const mcl_uint8_t *data, mcl_size_t data_size, string_t **encoded_data)
Definition: base64.c:112
#define DEBUG_ENTRY(...)
Definition: log_util.h:80
#define MCL_NEW(p)
Definition: memory.h:121
char * buffer
Buffer of string handle.
Definition: string_type.h:45
E_MCL_ERROR_CODE security_handler_generate_jti(string_t **jti)
To be used to generate the jti nonce.
#define MCL_DEBUG(...)
Definition: log_util.h:70
E_MCL_ERROR_CODE security_handler_base64_url_encode(const mcl_uint8_t *data, mcl_size_t data_size, string_t **encoded_data)
To be used to encode the given data in base64 URL encoding format.
Log utility module header file.
E_MCL_ERROR_CODE
MCL Error code definitions. Every function returning an error code uses this enum values...
Definition: mcl_common.h:137
E_MCL_ERROR_CODE security_handler_hash_sha256(const mcl_uint8_t *data, mcl_size_t data_size, mcl_uint8_t **hash, mcl_size_t *hash_size)
To be used to generate the sha256 hash of the given data.
E_MCL_ERROR_CODE hmac_sha256(const mcl_uint8_t *data, mcl_size_t data_size, const mcl_uint8_t *key, mcl_size_t key_size, mcl_uint8_t **hash, mcl_size_t *hash_size)
Definition: hmac.c:27
#define MCL_FREE(p)
Definition: memory.h:125
HMAC module header file.
E_MCL_ERROR_CODE security_hash_sha256(const mcl_uint8_t *data, mcl_size_t data_size, mcl_uint8_t **hash, mcl_size_t *hash_size)
void security_handler_destroy(security_handler_t **security_handler)
To destroy the Security Handler.
char * public_key
Public key.
uint8_t mcl_uint8_t
Definition: mcl_common.h:43
E_MCL_ERROR_CODE security_handler_base64_decode(const string_t *encoded_data, mcl_uint8_t **decoded_data, mcl_size_t *decoded_data_size)
E_MCL_ERROR_CODE security_handler_rsa_sign(char *rsa_key, char *data, mcl_size_t data_size, mcl_uint8_t **signature, mcl_size_t *signature_size)
To be used to sign data with RSA key.
string_t * client_secret
Client secret.
E_MCL_ERROR_CODE random_generate_guid(string_t **guid)
Generates random guid.
Definition: random.c:86
char * private_key
Private key.
#define ASSERT_CODE_MESSAGE(condition, return_code,...)
Definition: definitions.h:105
E_MCL_ERROR_CODE security_handler_base64_encode(const mcl_uint8_t *data, mcl_size_t data_size, string_t **encoded_data)
To be used to encode the given data in base64 encoding format.
Definitions module header file.
rsa_t rsa
Rsa handle.
mcl_size_t length
Length of buffer.
Definition: string_type.h:46
E_MCL_ERROR_CODE base64_encode(const mcl_uint8_t *data, mcl_size_t data_size, string_t **encoded_data)
Definition: base64.c:102
Base64 module header file.
size_t mcl_size_t
Definition: mcl_common.h:38
E_MCL_ERROR_CODE base64_decode(const string_t *encoded_data, mcl_uint8_t **decoded_data, mcl_size_t *decoded_data_size)
Definition: base64.c:82
Success.
Definition: mcl_common.h:140
Handle struct for security_handler module.
#define MCL_ERROR(...)
Definition: log_util.h:97
Security module header file.Inner security interface. Contains security related functions like hashin...
E_MCL_ERROR_CODE security_rsa_sign(char *rsa_key, char *data, mcl_size_t data_size, mcl_uint8_t **signature, mcl_size_t *signature_size)
To be used to sign data with RSA key.
Random module header file.
Memory allocation fail.
Definition: mcl_common.h:143
#define MCL_NULL
Definition: definitions.h:24
Security handler module header file.
E_MCL_ERROR_CODE security_generate_rsa_key(char **public_key, char **private_key)
To be used to generate the RSA public/private keys.