Ace updates (#62)
Deal with the changes that are needed to get mbed-cli to correctly build the system. These include adding a .mbedignore and allowing for creating an Encrypt object directly from the tree rather than from a byte sting
diff --git a/.mbedignore b/.mbedignore
new file mode 100644
index 0000000..658827d
--- /dev/null
+++ b/.mbedignore
@@ -0,0 +1,4 @@
+dumper/*
+test/*
+cmake/*
+Coverity_Model.c
diff --git a/CMakeLists.txt b/CMakeLists.txt
index 1867068..679ee0c 100644
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@@ -174,6 +174,7 @@
## include the parts
add_subdirectory(src)
+add_subdirectory(include)
add_subdirectory(test)
add_subdirectory(dumper)
diff --git a/include/CMakeLists.txt b/include/CMakeLists.txt
new file mode 100644
index 0000000..898676a
--- /dev/null
+++ b/include/CMakeLists.txt
@@ -0,0 +1,2 @@
+install ( DIRECTORY ../include DESTINATION .
+ PATTERN CMakeLists.txt EXCLUDE )
diff --git a/src/cose.h b/include/cose.h
similarity index 97%
rename from src/cose.h
rename to include/cose.h
index 5f0a414..0b2ef02 100644
--- a/src/cose.h
+++ b/include/cose.h
@@ -1,5 +1,10 @@
#include <cn-cbor/cn-cbor.h>
#include "configure.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
typedef unsigned char byte;
typedef struct _cose * HCOSE;
@@ -241,12 +246,13 @@
bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT cose, const byte * rgbContent, size_t cbContent, cose_errback * errp);
-byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT cose, size_t * pcbContent, cose_errback * errp);
+const byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT cose, size_t * pcbContent, cose_errback * errp);
bool COSE_Encrypt_SetExternal(HCOSE_ENCRYPT hcose, const byte * pbExternalData, size_t cbExternalData, cose_errback * perr);
bool COSE_Encrypt_encrypt(HCOSE_ENCRYPT cose, const byte * pbKey, size_t cbKey, cose_errback * perror);
bool COSE_Encrypt_decrypt(HCOSE_ENCRYPT, const byte * pbKey, size_t cbKey, cose_errback * perr);
+HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor * cbor, CBOR_CONTEXT_COMMA cose_errback * perr);
//
//
@@ -338,3 +344,7 @@
extern cn_cbor * cn_cbor_bool_create(int boolValue, CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
extern cn_cbor * cn_cbor_null_create(CBOR_CONTEXT_COMMA cn_cbor_errback * errp);
+#ifdef __cplusplus
+}
+#endif
+
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 095270c..8e7ba3e 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -31,6 +31,7 @@
target_include_directories ( cose-c PRIVATE ${OPENSSL_INCLUDE_DIR} )
target_include_directories ( cose-c PUBLIC ${dist_dir}/include )
+target_include_directories ( cose-c PUBLIC ../include )
target_include_directories ( cose-c PRIVATE ../src )
target_link_libraries ( cose-c PRIVATE ${OPENSSL_LIBRARIES} )
diff --git a/src/Cose.c b/src/Cose.c
index 5e86c71..1e4d3cc 100644
--- a/src/Cose.c
+++ b/src/Cose.c
@@ -1,5 +1,7 @@
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include "cose.h"
#include "cose_int.h"
diff --git a/src/Encrypt.c b/src/Encrypt.c
index 04f4645..5967245 100644
--- a/src/Encrypt.c
+++ b/src/Encrypt.c
@@ -3,7 +3,11 @@
*/
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#else
+#include <stddef.h>
+#endif
#include <stdio.h>
#include <assert.h>
@@ -300,6 +304,7 @@
CHECK_CONDITION(cbKeyIn == cbitKey / 8, COSE_ERR_INVALID_PARAMETER);
pbKey = pbKeyIn;
}
+#ifdef INCLUDE_ENCRYPT
else {
// Allocate the key if we have not already done so
@@ -332,6 +337,7 @@
CHECK_CONDITION(pRecip != NULL, COSE_ERR_NO_RECIPIENT_FOUND);
}
}
+#endif // INCLUDE_ENCRYPT
// Build authenticated data
@@ -539,6 +545,7 @@
pbKey = pbKeyIn;
cbKey = cbKeyIn;
}
+#ifdef INCLUDE_ENCRYPT
else {
// If we are doing direct encryption - then recipient generates the key
@@ -566,12 +573,14 @@
}
pbKey = pbKeyNew;
}
+#endif // INCLUDE_ENCRYPT
// Build protected headers
const cn_cbor * cbProtected = _COSE_encode_protected(&pcose->m_message, perr);
if (cbProtected == NULL) goto errorReturn;
+
#ifdef USE_COUNTER_SIGNATURES
// Setup Counter Signatures
if (!_COSE_CountSign_create(&pcose->m_message, NULL, CBOR_CONTEXT_PARAM_COMMA perr)) {
@@ -655,9 +664,11 @@
FAIL_CONDITION(COSE_ERR_UNKNOWN_ALGORITHM);
}
+#ifdef INCLUDE_ENCRYPT
for (pri = pcose->m_recipientFirst; pri != NULL; pri = pri->m_recipientNext) {
if (!_COSE_Recipient_encrypt(pri, pbKey, cbKey, perr)) goto errorReturn;
}
+#endif // INCLUDE_ENCRYPT
// Figure out the clean up
@@ -854,6 +865,18 @@
*ppbAAD = pbAuthData;
*pcbAAD = cbAuthData;
+#if 0
+ {
+ printf("Encrypt* AAD = ");
+ int iX;
+ for (iX=0; iX < cbAuthData; iX++) {
+ printf("%02x ", pbAuthData[iX]);
+ }
+ printf("\n");
+ }
+#endif
+
+
return true;
errorReturn:
diff --git a/src/Encrypt0.c b/src/Encrypt0.c
index b6a85ec..189bbc7 100644
--- a/src/Encrypt0.c
+++ b/src/Encrypt0.c
@@ -3,7 +3,9 @@
*/
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include <stdio.h>
#include <assert.h>
@@ -63,6 +65,36 @@
#endif
#if INCLUDE_ENCRYPT0
+HCOSE_ENCRYPT COSE_Encrypt_Init_From_Object(cn_cbor * cbor, CBOR_CONTEXT_COMMA cose_errback * perr)
+{
+ COSE_Encrypt * pobj;
+
+ cose_errback error = { 0 };
+ if (perr == NULL) perr = &error;
+
+ pobj = (COSE_Encrypt *) COSE_CALLOC(1, sizeof(COSE_Encrypt), context);
+ if (pobj == NULL) {
+ perr->err = COSE_ERR_OUT_OF_MEMORY;
+ errorReturn:
+ if (pobj != NULL) {
+ _COSE_Encrypt_Release(pobj);
+ COSE_FREE(pobj, context);
+ }
+ return NULL;
+ }
+
+ if (!_COSE_Init_From_Object(&pobj->m_message, cbor, CBOR_CONTEXT_PARAM_COMMA perr)) {
+ goto errorReturn;
+ }
+
+ _COSE_InsertInList(&EncryptRoot, &pobj->m_message);
+
+ return(HCOSE_ENCRYPT) pobj;
+
+}
+#endif
+
+#if INCLUDE_ENCRYPT0
HCOSE_ENCRYPT _COSE_Encrypt_Init_From_Object(cn_cbor * cbor, COSE_Encrypt * pIn, CBOR_CONTEXT_COMMA cose_errback * perr)
{
COSE_Encrypt * pobj = pIn;
@@ -151,6 +183,19 @@
return false;
}
+const byte * COSE_Encrypt_GetContent(HCOSE_ENCRYPT h, size_t * pcbContent, cose_errback * perror)
+{
+ COSE_Encrypt * cose = (COSE_Encrypt *) h;
+ if (!IsValidEncryptHandle(h) || (pcbContent == NULL)) {
+ if (perror != NULL) perror->err = COSE_ERR_INVALID_PARAMETER;
+ return false;
+ }
+
+ *pcbContent = cose->cbContent;
+ return cose->pbContent;
+}
+
+
bool COSE_Encrypt_SetContent(HCOSE_ENCRYPT h, const byte * rgb, size_t cb, cose_errback * perror)
{
if (!IsValidEncryptHandle(h) || (rgb == NULL)) {
diff --git a/src/MacMessage.c b/src/MacMessage.c
index c0d5695..62be761 100644
--- a/src/MacMessage.c
+++ b/src/MacMessage.c
@@ -3,7 +3,9 @@
*/
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include <stdio.h>
#include <assert.h>
#include <string.h>
diff --git a/src/MacMessage0.c b/src/MacMessage0.c
index f8e25f0..47ed015 100644
--- a/src/MacMessage0.c
+++ b/src/MacMessage0.c
@@ -3,7 +3,9 @@
*/
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include <stdio.h>
#include <assert.h>
#include <string.h>
diff --git a/src/Recipient.c b/src/Recipient.c
index a89a707..7ada624 100644
--- a/src/Recipient.c
+++ b/src/Recipient.c
@@ -1,5 +1,7 @@
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include "cose.h"
#include "cose_int.h"
diff --git a/src/SignerInfo.c b/src/SignerInfo.c
index 60c928f..0f7d7b3 100644
--- a/src/SignerInfo.c
+++ b/src/SignerInfo.c
@@ -3,7 +3,9 @@
*/
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include "cose.h"
#include "cose_int.h"
diff --git a/src/cbor.c b/src/cbor.c
index 8cac226..abaf47c 100644
--- a/src/cbor.c
+++ b/src/cbor.c
@@ -1,6 +1,8 @@
#include "cn-cbor/cn-cbor.h"
#include <stdlib.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#define INIT_CB(v) \
if (errp) {errp->err = CN_CBOR_NO_ERROR;} \
diff --git a/src/cose_int.h b/src/cose_int.h
index 129b7da..2cd8a6b 100644
--- a/src/cose_int.h
+++ b/src/cose_int.h
@@ -1,3 +1,5 @@
+#ifndef __COSE_INT_H__
+#define __COSE_INT_H__
#include <assert.h>
// These definitions are here because they aren't required for the public
@@ -280,3 +282,4 @@
#define COSE_CounterSign_object 1000
+#endif // __COSE_INT_H__
diff --git a/src/mbedtls.c b/src/mbedtls.c
index f4a6e0d..2180f61 100644
--- a/src/mbedtls.c
+++ b/src/mbedtls.c
@@ -4,7 +4,9 @@
#include "crypto.h"
#include <assert.h>
+#ifndef __MBED__
#include <memory.h>
+#endif
#include <stdlib.h>
#ifdef USE_MBED_TLS
diff --git a/test/encrypt.c b/test/encrypt.c
index cf3a283..20c9a3e 100644
--- a/test/encrypt.c
+++ b/test/encrypt.c
@@ -361,7 +361,8 @@
/********************************************/
#if INCLUDE_ENCRYPT0
-int _ValidateEncrypt(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded)
+
+int _ValidateEncrypt(const cn_cbor * pControl, const byte * pbEncoded, size_t cbEncoded, cn_cbor * pcnEncoded)
{
const cn_cbor * pInput = cn_cbor_mapget_string(pControl, "input");
const cn_cbor * pFail;
@@ -387,8 +388,14 @@
pRecipients = pRecipients->first_child;
- hEnc = (HCOSE_ENCRYPT)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_encrypt_object, CBOR_CONTEXT_PARAM_COMMA NULL);
- if (hEnc == NULL) { if (fFailBody) return 0; else goto returnError; }
+ if (pcnEncoded == NULL) {
+ hEnc = (HCOSE_ENCRYPT)COSE_Decode(pbEncoded, cbEncoded, &type, COSE_encrypt_object, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEnc == NULL) { if (fFailBody) return 0; else goto returnError; }
+ }
+ else {
+ hEnc = COSE_Encrypt_Init_From_Object(pcnEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (hEnc == NULL) { if (fFailBody) return 0; else goto returnError; }
+ }
if (!SetReceivingAttributes((HCOSE)hEnc, pEncrypt, Attributes_Encrypt_protected)) goto returnError;
@@ -415,6 +422,10 @@
fAlgSupport = false;
}
else if ((pFail != NULL) && (pFail->type != CN_CBOR_TRUE)) fFail = true;
+
+ size_t cb;
+ byte * pb;
+ pb = COSE_Encrypt_GetContent(hEnc, &cb, NULL);
}
else {
if (fAlgSupport) {
@@ -450,8 +461,15 @@
{
int cbEncoded;
byte * pbEncoded = GetCBOREncoding(pControl, &cbEncoded);
+ int fRet;
- return _ValidateEncrypt(pControl, pbEncoded, cbEncoded);
+ fRet = _ValidateEncrypt(pControl, pbEncoded, cbEncoded, NULL);
+ if (!fRet) return fRet;
+
+ cn_cbor * cbor = cn_cbor_decode(pbEncoded, cbEncoded, CBOR_CONTEXT_PARAM_COMMA NULL);
+ if (cbor == NULL) return false;
+
+ return _ValidateEncrypt(pControl, NULL, 0, cbor);
}
int BuildEncryptMessage(const cn_cbor * pControl)
@@ -497,7 +515,7 @@
COSE_Encrypt_Free(hEncObj);
- int f = _ValidateEncrypt(pControl, rgb, cb);
+ int f = _ValidateEncrypt(pControl, rgb, cb, NULL);
free(rgb);
return f;