| /* |
| * |
| * Copyright (c) 2016-2017 Nest Labs, Inc. |
| * All rights reserved. |
| * |
| * Licensed under the Apache License, Version 2.0 (the "License"); |
| * you may not use this file except in compliance with the License. |
| * You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| |
| /** |
| * @file |
| * This file defines a Wrapper for C++ utility functions for testing key export |
| * functionality (needed for keyStore in mobileiOS tree). |
| * |
| */ |
| |
| #import "NLWeaveKeyExportSupport.h" |
| |
| #include <Weave/Core/WeaveCore.h> |
| #include <Weave/Core/WeaveKeyIds.h> |
| #include <Weave/Support/CodeUtils.h> |
| #include <Weave/Profiles/security/WeaveKeyExportClient.h> |
| |
| using namespace nl::Weave::Profiles::Security::KeyExport; |
| |
| NSString * const NLWeaveKeyExportSupportErrorDomain = @"NLWeaveKeyExportSupprtErrorDomain"; |
| |
| @implementation NLWeaveKeyExportSupport |
| |
| static UInt32 const kMaxPubKeySize = (((WEAVE_CONFIG_MAX_EC_BITS + 7) / 8) + 1) * 2; |
| static UInt32 const kMaxECDSASigSize = kMaxPubKeySize; |
| |
| + (nullable NSData *)simulateDeviceKeyExport:(NSData *)keyExportReq |
| deviceCert:(NSData *)deviceCert |
| devicePrivKey:(NSData *)devicePrivKey |
| trustRootCert:(NSData *)trustRootCert |
| isReconfig:(BOOL *)isReconfigOut |
| error:(NSError **)errOut |
| { |
| |
| WEAVE_ERROR err = WEAVE_NO_ERROR; |
| uint16_t exportRespLen = 0; |
| bool isReconfig = false; |
| |
| if (keyExportReq == nil || deviceCert == nil || devicePrivKey == nil || trustRootCert == nil || isReconfigOut == nil) { |
| if (errOut) { |
| *errOut = [NSError errorWithDomain:NLWeaveKeyExportSupportErrorDomain |
| code:NLWeaveKeyExportSupportErrorDomainInvalidArgument |
| userInfo:nil]; |
| } |
| |
| return nil; |
| } |
| |
| size_t exportRespBufSize = 7 // Key export response header size // TODO: adjust this |
| + kMaxPubKeySize // Ephemeral public key size |
| + kMaxECDSASigSize // Size of bare signature field |
| + [deviceCert length] // Size equal to at least the total size of the device certificate |
| + 1024; // Space for additional signature fields plus encoding overhead |
| |
| NSMutableData * exportRespBuff = [[NSMutableData alloc] initWithLength:exportRespBufSize]; |
| |
| err = SimulateDeviceKeyExport((unsigned char *) [deviceCert bytes], [deviceCert length], |
| (unsigned char *) [devicePrivKey bytes], [devicePrivKey length], (unsigned char *) [trustRootCert bytes], |
| [trustRootCert length], (unsigned char *) [keyExportReq bytes], [keyExportReq length], |
| (unsigned char *) [exportRespBuff mutableBytes], [exportRespBuff length], exportRespLen, isReconfig); |
| |
| if (err != WEAVE_NO_ERROR) { |
| if (errOut) { |
| NSString * failureReason = |
| [NSString stringWithFormat:NSLocalizedString(@"SimulateDeviceKeyExport error: %d", @""), err]; |
| NSDictionary * userInfo = @{ NSLocalizedFailureReasonErrorKey : failureReason }; |
| *errOut = [NSError errorWithDomain:NLWeaveKeyExportSupportErrorDomain |
| code:NLWeaveKeyExportSupportErrorDomainSimulateKeyExportFailure |
| userInfo:userInfo]; |
| } |
| |
| return nil; |
| } |
| |
| *isReconfigOut = isReconfig ? true : false; |
| |
| [exportRespBuff setLength:exportRespLen]; |
| return exportRespBuff; |
| } |
| |
| @end |