1 /**************************************************************************/
2 /*                                                                        */
3 /*       Copyright (c) Microsoft Corporation. All rights reserved.        */
4 /*                                                                        */
5 /*       This software is licensed under the Microsoft Software License   */
6 /*       Terms for Microsoft Azure RTOS. Full text of the license can be  */
7 /*       found in the LICENSE file at https://aka.ms/AzureRTOS_EULA       */
8 /*       and in the root directory of this software.                      */
9 /*                                                                        */
10 /**************************************************************************/
11 
12 
13 /**************************************************************************/
14 /**************************************************************************/
15 /**                                                                       */
16 /** NetX Secure Component                                                 */
17 /**                                                                       */
18 /**    Transport Layer Security (TLS)                                     */
19 /**                                                                       */
20 /**************************************************************************/
21 /**************************************************************************/
22 
23 #define NX_SECURE_SOURCE_CODE
24 
25 
26 /* Include necessary system files.  */
27 
28 #include "nx_secure_tls.h"
29 
30 /**************************************************************************/
31 /*                                                                        */
32 /*  FUNCTION                                               RELEASE        */
33 /*                                                                        */
34 /*    _nx_secure_tls_local_certificate_find               PORTABLE C      */
35 /*                                                           6.2.1        */
36 /*  AUTHOR                                                                */
37 /*                                                                        */
38 /*    Timothy Stapko, Microsoft Corporation                               */
39 /*                                                                        */
40 /*  DESCRIPTION                                                           */
41 /*                                                                        */
42 /*    This function finds a local certificate based upon its Common Name  */
43 /*    field in the certificate's Subject section.                         */
44 /*                                                                        */
45 /*  INPUT                                                                 */
46 /*                                                                        */
47 /*    tls_session                           Pointer to TLS Session        */
48 /*    certificate                           Return certificate pointer    */
49 /*    common_name                           Certificate Common Name       */
50 /*    name_length                           Length of Common Name         */
51 /*                                                                        */
52 /*  OUTPUT                                                                */
53 /*                                                                        */
54 /*    status                                Completion status             */
55 /*                                                                        */
56 /*  CALLS                                                                 */
57 /*                                                                        */
58 /*    _nx_secure_x509_certificate_list_find                               */
59 /*                                          Find certificate in local     */
60 /*                                            store by name               */
61 /*                                                                        */
62 /*  CALLED BY                                                             */
63 /*                                                                        */
64 /*    Application Code                                                    */
65 /*                                                                        */
66 /*  RELEASE HISTORY                                                       */
67 /*                                                                        */
68 /*    DATE              NAME                      DESCRIPTION             */
69 /*                                                                        */
70 /*  05-19-2020     Timothy Stapko           Initial Version 6.0           */
71 /*  09-30-2020     Timothy Stapko           Modified comment(s),          */
72 /*                                            resulting in version 6.1    */
73 /*  04-02-2021     Timothy Stapko           Modified comment(s),          */
74 /*                                            updated X.509 return value, */
75 /*                                            resulting in version 6.1.6  */
76 /*  03-08-2023     Yanwu Cai                Modified comment(s),          */
77 /*                                            fixed compiler errors when  */
78 /*                                            x509 is disabled,           */
79 /*                                            resulting in version 6.2.1  */
80 /*                                                                        */
81 /**************************************************************************/
_nx_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION * tls_session,NX_SECURE_X509_CERT ** certificate,UCHAR * common_name,UINT name_length)82 UINT  _nx_secure_tls_local_certificate_find(NX_SECURE_TLS_SESSION *tls_session,
83                                             NX_SECURE_X509_CERT **certificate, UCHAR *common_name,
84                                             UINT name_length)
85 {
86 #ifndef NX_SECURE_DISABLE_X509
87 UINT                              status;
88 NX_SECURE_X509_CERT              *list_head;
89 NX_SECURE_X509_CERTIFICATE_STORE *store;
90 NX_SECURE_X509_DISTINGUISHED_NAME name;
91 
92     /* Get the remote certificate store from our TLS session. */
93     store = &tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store;
94 
95     /* Get the first certificate in the local store. */
96     list_head = store -> nx_secure_x509_local_certificates;
97 
98     /* Set up the distinguished name - the find call below only uses the Common Name field to match
99        certificates so it's ok if we only fill in the Common Name here. Also, the Distinguished Name
100        is only used in this function's context, so it should be OK that we are assigning the pointer
101        common_name instead of copying the string data. */
102     name.nx_secure_x509_common_name = common_name;
103     name.nx_secure_x509_common_name_length = (USHORT)name_length;
104 
105     /* Find the certificate using it's name. */
106     status = _nx_secure_x509_certificate_list_find(&list_head, &name, 0, certificate);
107 
108     /* Translate some X.509 return values into TLS return values. */
109     if (status == NX_SECURE_X509_CERTIFICATE_NOT_FOUND)
110     {
111         return(NX_SECURE_TLS_CERTIFICATE_NOT_FOUND);
112     }
113 
114     /* Return completion status.  */
115     return(status);
116 #else
117     NX_PARAMETER_NOT_USED(tls_session);
118     NX_PARAMETER_NOT_USED(certificate);
119     NX_PARAMETER_NOT_USED(common_name);
120     NX_PARAMETER_NOT_USED(name_length);
121 
122     return(NX_NOT_SUPPORTED);
123 #endif
124 }
125 
126