1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Datagram Transport Layer Security (DTLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25 #include "nx_secure_dtls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_dtls_server_local_certificate_remove PORTABLE C */
32 /* 6.2.1 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function removes a local server identity certificate from a */
40 /* DTLS server instance, either using the Common Name or the */
41 /* certificate id ("cert_id" parameter) assigned when the certificate */
42 /* was added. */
43 /* */
44 /* INPUT */
45 /* */
46 /* server_ptr DTLS server control block */
47 /* common_name Certificate Common Name */
48 /* common_name_length Length of Common Name */
49 /* cert_id Numeric ID for certificate */
50 /* */
51 /* OUTPUT */
52 /* */
53 /* status Completion status */
54 /* */
55 /* CALLS */
56 /* */
57 /* _nx_secure_tls_server_certificate_remove */
58 /* Remove certificate using ID */
59 /* _nx_secure_tls_local_certificate_remove */
60 /* Remove certificate using CN */
61 /* */
62 /* CALLED BY */
63 /* */
64 /* Application Code */
65 /* */
66 /* RELEASE HISTORY */
67 /* */
68 /* DATE NAME DESCRIPTION */
69 /* */
70 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
71 /* 09-30-2020 Timothy Stapko Modified comment(s), and */
72 /* fixed compiler warnings, */
73 /* resulting in version 6.1 */
74 /* 03-08-2023 Yanwu Cai Modified comment(s), */
75 /* fixed compiler errors when */
76 /* x509 is disabled, */
77 /* resulting in version 6.2.1 */
78 /* */
79 /**************************************************************************/
_nx_secure_dtls_server_local_certificate_remove(NX_SECURE_DTLS_SERVER * server_ptr,UCHAR * common_name,UINT common_name_length,UINT cert_id)80 UINT _nx_secure_dtls_server_local_certificate_remove(NX_SECURE_DTLS_SERVER *server_ptr,
81 UCHAR *common_name, UINT common_name_length, UINT cert_id)
82 {
83 #if defined(NX_SECURE_ENABLE_DTLS) && !defined(NX_SECURE_DISABLE_X509)
84 UINT status;
85 UINT i;
86 NX_SECURE_DTLS_SESSION *current_session;
87 NX_SECURE_TLS_SESSION *tls_session;
88 NX_SECURE_X509_CERT *list_head = NX_NULL;
89 UINT num_sessions;
90
91 /* Figure out number of sessions. */
92 num_sessions = server_ptr -> nx_dtls_server_sessions_count;
93
94 /* Remove certificate from the first session. */
95 if (num_sessions > 0)
96 {
97 /* Get the first session. */
98 current_session = &(server_ptr -> nx_dtls_server_sessions[0]);
99
100 /* Get the internal TLS session instance. */
101 tls_session = &(current_session -> nx_secure_dtls_tls_session);
102
103 if(cert_id > 0)
104 {
105 /* Remove the server certificate with the provided ID. */
106 status = _nx_secure_tls_server_certificate_remove(tls_session, cert_id);
107 }
108 else
109 {
110 /* Remove the server certificate with the provided CN. */
111 status = _nx_secure_tls_local_certificate_remove(tls_session, common_name, common_name_length);
112 }
113
114 if(status != NX_SUCCESS)
115 {
116 return(status);
117 }
118
119 /* Store the certificates list head for other sessions. */
120 list_head = tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store.nx_secure_x509_local_certificates;
121 }
122
123 /* Remove certificate from the remaining sessions. */
124 for(i = 1; i < num_sessions; ++i)
125 {
126 /* Get the current session. */
127 current_session = &(server_ptr -> nx_dtls_server_sessions[i]);
128
129 /* Get the internal TLS session instance. */
130 tls_session = &(current_session -> nx_secure_dtls_tls_session);
131
132 /* Set the local certificates list to the same as the first session. */
133 tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store.nx_secure_x509_local_certificates = list_head;
134 }
135
136 return(NX_SUCCESS);
137 #else
138 NX_PARAMETER_NOT_USED(server_ptr);
139 NX_PARAMETER_NOT_USED(common_name);
140 NX_PARAMETER_NOT_USED(common_name_length);
141 NX_PARAMETER_NOT_USED(cert_id);
142
143 return(NX_NOT_SUPPORTED);
144 #endif /* NX_SECURE_ENABLE_DTLS && !NX_SECURE_DISABLE_X509 */
145 }
146
147
