1 /***************************************************************************
2  * Copyright (c) 2024 Microsoft Corporation
3  *
4  * This program and the accompanying materials are made available under the
5  * terms of the MIT License which is available at
6  * https://opensource.org/licenses/MIT.
7  *
8  * SPDX-License-Identifier: MIT
9  **************************************************************************/
10 
11 
12 /**************************************************************************/
13 /**************************************************************************/
14 /**                                                                       */
15 /** NetX Secure Component                                                 */
16 /**                                                                       */
17 /**    X.509 Digital Certificates                                         */
18 /**                                                                       */
19 /**************************************************************************/
20 /**************************************************************************/
21 
22 #define NX_SECURE_SOURCE_CODE
23 
24 #include "nx_secure_x509.h"
25 
26 /**************************************************************************/
27 /*                                                                        */
28 /*  FUNCTION                                               RELEASE        */
29 /*                                                                        */
30 /*    _nx_secure_x509_store_certificate_remove            PORTABLE C      */
31 /*                                                           6.1.6        */
32 /*  AUTHOR                                                                */
33 /*                                                                        */
34 /*    Timothy Stapko, Microsoft Corporation                               */
35 /*                                                                        */
36 /*  DESCRIPTION                                                           */
37 /*                                                                        */
38 /*    This function removes a certificate from an X509 certificate store  */
39 /*    in a caller-specified position (local device certificates, remote   */
40 /*    certs, or the trusted store).                                       */
41 /*                                                                        */
42 /*  INPUT                                                                 */
43 /*                                                                        */
44 /*    store                                 Pointer to certificate store  */
45 /*    name                                  Name for cert matching        */
46 /*    location                              Location of certificate       */
47 /*    cert_id                               ID for cert match.            */
48 /*                                                                        */
49 /*  OUTPUT                                                                */
50 /*                                                                        */
51 /*    status                                Completion status             */
52 /*                                                                        */
53 /*  CALLS                                                                 */
54 /*                                                                        */
55 /*    _nx_secure_x509_certificate_list_remove                             */
56 /*                                          Remove certificate from list  */
57 /*                                                                        */
58 /*  CALLED BY                                                             */
59 /*                                                                        */
60 /*    _nx_secure_tls_local_certificate_remove                             */
61 /*                                          Remove certificate from TLS   */
62 /*                                           local store                  */
63 /*    _nx_secure_tls_remote_certificate_free                              */
64 /*                                          Free remote certificate       */
65 /*    _nx_secure_tls_server_certificate_remove                            */
66 /*                                          Remove certificate from TLS   */
67 /*                                           server store                 */
68 /*    _nx_secure_tls_trusted_certificate_remove                           */
69 /*                                          Remove certificate from TLS   */
70 /*                                           trusted store                */
71 /*                                                                        */
72 /*  RELEASE HISTORY                                                       */
73 /*                                                                        */
74 /*    DATE              NAME                      DESCRIPTION             */
75 /*                                                                        */
76 /*  05-19-2020     Timothy Stapko           Initial Version 6.0           */
77 /*  09-30-2020     Timothy Stapko           Modified comment(s),          */
78 /*                                            resulting in version 6.1    */
79 /*  04-02-2021     Timothy Stapko           Modified comment(s),          */
80 /*                                            removed dependency on TLS,  */
81 /*                                            resulting in version 6.1.6  */
82 /*                                                                        */
83 /**************************************************************************/
_nx_secure_x509_store_certificate_remove(NX_SECURE_X509_CERTIFICATE_STORE * store,NX_SECURE_X509_DISTINGUISHED_NAME * name,UINT location,UINT cert_id)84 UINT _nx_secure_x509_store_certificate_remove(NX_SECURE_X509_CERTIFICATE_STORE *store,
85                                               NX_SECURE_X509_DISTINGUISHED_NAME *name,
86                                               UINT location, UINT cert_id)
87 {
88 UINT                  status;
89 NX_SECURE_X509_CERT **store_ptr = NX_CRYPTO_NULL;
90 
91     /* Store must be non-NULL. */
92     if (store == NX_CRYPTO_NULL)
93     {
94 #ifdef NX_CRYPTO_STANDALONE_ENABLE
95         return(NX_CRYPTO_PTR_ERROR);
96 #else
97         return(NX_PTR_ERROR);
98 #endif /* NX_CRYPTO_STANDALONE_ENABLE */
99     }
100 
101     status = NX_SECURE_X509_SUCCESS;
102 
103     /* Pick our store based on location. */
104     switch (location)
105     {
106     case NX_SECURE_X509_CERT_LOCATION_LOCAL:
107         store_ptr = &store -> nx_secure_x509_local_certificates;
108         break;
109     case NX_SECURE_X509_CERT_LOCATION_REMOTE:
110         store_ptr = &store -> nx_secure_x509_remote_certificates;
111         break;
112     case NX_SECURE_X509_CERT_LOCATION_TRUSTED:
113         store_ptr = &store -> nx_secure_x509_trusted_certificates;
114         break;
115     case NX_SECURE_X509_CERT_LOCATION_EXCEPTIONS:
116         store_ptr = &store -> nx_secure_x509_certificate_exceptions;
117         break;
118     case NX_SECURE_X509_CERT_LOCATION_NONE:     /* Deliberate fall-through. */
119     default:
120 #ifdef NX_CRYPTO_STANDALONE_ENABLE
121         status = NX_CRYPTO_INVALID_PARAMETER;
122 #else
123         status = NX_INVALID_PARAMETERS;
124 #endif /* NX_CRYPTO_STANDALONE_ENABLE */
125         break;
126     }
127 
128     /* Invalid certificate location or other issue. */
129     if (status)
130     {
131         return(status);
132     }
133 
134     /* Remove the certificate from the selected store. */
135     status = _nx_secure_x509_certificate_list_remove(store_ptr, name, cert_id);
136 
137     return(status);
138 }
139 
140