1 /**************************************************************************/
2 /* */
3 /* Copyright (c) Microsoft Corporation. All rights reserved. */
4 /* */
5 /* This software is licensed under the Microsoft Software License */
6 /* Terms for Microsoft Azure RTOS. Full text of the license can be */
7 /* found in the LICENSE file at https://aka.ms/AzureRTOS_EULA */
8 /* and in the root directory of this software. */
9 /* */
10 /**************************************************************************/
11
12
13 /**************************************************************************/
14 /**************************************************************************/
15 /** */
16 /** NetX Secure Component */
17 /** */
18 /** Datagram Transport Layer Security (DTLS) */
19 /** */
20 /**************************************************************************/
21 /**************************************************************************/
22
23 #define NX_SECURE_SOURCE_CODE
24
25 #include "nx_secure_dtls.h"
26
27 /**************************************************************************/
28 /* */
29 /* FUNCTION RELEASE */
30 /* */
31 /* _nx_secure_dtls_server_local_certificate_add PORTABLE C */
32 /* 6.2.1 */
33 /* AUTHOR */
34 /* */
35 /* Timothy Stapko, Microsoft Corporation */
36 /* */
37 /* DESCRIPTION */
38 /* */
39 /* This function adds a local identity certificate to a DTLS server */
40 /* instance. The certificate added is shared by all DTLS sessions */
41 /* allocated to the DTLS server and is used to identify the server to */
42 /* remote clients during the DTLS handshake. Multiple server */
43 /* certificates may be added as long as they have unique certificate */
44 /* identifiers (the "cert_id" parameter). */
45 /* */
46 /* INPUT */
47 /* */
48 /* server_ptr DTLS server control block */
49 /* certificate Pointer to identity cert */
50 /* cert_id Numeric ID for cert */
51 /* */
52 /* OUTPUT */
53 /* */
54 /* status Completion status */
55 /* */
56 /* CALLS */
57 /* */
58 /* _nx_secure_tls_server_certificate_add Add certificate to TLS */
59 /* */
60 /* CALLED BY */
61 /* */
62 /* Application Code */
63 /* */
64 /* RELEASE HISTORY */
65 /* */
66 /* DATE NAME DESCRIPTION */
67 /* */
68 /* 05-19-2020 Timothy Stapko Initial Version 6.0 */
69 /* 09-30-2020 Timothy Stapko Modified comment(s), and */
70 /* fixed compiler warnings, */
71 /* resulting in version 6.1 */
72 /* 03-08-2023 Yanwu Cai Modified comment(s), */
73 /* fixed compiler errors when */
74 /* x509 is disabled, */
75 /* resulting in version 6.2.1 */
76 /* */
77 /**************************************************************************/
_nx_secure_dtls_server_local_certificate_add(NX_SECURE_DTLS_SERVER * server_ptr,NX_SECURE_X509_CERT * certificate,UINT cert_id)78 UINT _nx_secure_dtls_server_local_certificate_add(NX_SECURE_DTLS_SERVER *server_ptr,
79 NX_SECURE_X509_CERT *certificate, UINT cert_id)
80 {
81 #if defined(NX_SECURE_ENABLE_DTLS) && !defined(NX_SECURE_DISABLE_X509)
82 UINT status;
83 UINT i;
84 NX_SECURE_DTLS_SESSION *current_session;
85 NX_SECURE_TLS_SESSION *tls_session;
86 NX_SECURE_X509_CERT *list_head = NX_NULL;
87 UINT num_sessions;
88
89 /* Figure out number of sessions. */
90 num_sessions = server_ptr -> nx_dtls_server_sessions_count;
91
92 /* Add certificate to the first session. */
93 if (num_sessions > 0)
94 {
95 /* Get the first session. */
96 current_session = &(server_ptr -> nx_dtls_server_sessions[0]);
97
98 /* Get the internal TLS session instance. */
99 tls_session = &(current_session -> nx_secure_dtls_tls_session);
100
101 /* Add the server certificate with the provided ID. */
102 status = _nx_secure_tls_server_certificate_add(tls_session, certificate, cert_id);
103
104 if(status != NX_SUCCESS)
105 {
106 return(status);
107 }
108
109 /* Store the certificates list head for other sessions. */
110 list_head = tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store.nx_secure_x509_local_certificates;
111 }
112
113 /* Add certificate to the remaining sessions. */
114 for(i = 1; i < num_sessions; ++i)
115 {
116 /* Get the current session. */
117 current_session = &(server_ptr->nx_dtls_server_sessions[i]);
118
119 /* Get the internal TLS session instance. */
120 tls_session = &(current_session -> nx_secure_dtls_tls_session);
121
122 /* Set the local certificates list to the same as the first session. */
123 tls_session -> nx_secure_tls_credentials.nx_secure_tls_certificate_store.nx_secure_x509_local_certificates = list_head;
124 }
125
126 return(NX_SUCCESS);
127 #else
128 NX_PARAMETER_NOT_USED(server_ptr);
129 NX_PARAMETER_NOT_USED(certificate);
130 NX_PARAMETER_NOT_USED(cert_id);
131
132 return(NX_NOT_SUPPORTED);
133 #endif /* NX_SECURE_ENABLE_DTLS && !NX_SECURE_DISABLE_X509 */
134 }
135
136
