Documentation

Mistake on this page? Email us
pt_certificate_api.h
Go to the documentation of this file.
1 /*
2  * ----------------------------------------------------------------------------
3  * Copyright 2019 ARM Ltd.
4  *
5  * SPDX-License-Identifier: Apache-2.0
6  *
7  * Licensed under the Apache License, Version 2.0 (the "License");
8  * you may not use this file except in compliance with the License.
9  * You may obtain a copy of the License at
10  *
11  * http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing, software
14  * distributed under the License is distributed on an "AS IS" BASIS,
15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16  * See the License for the specific language governing permissions and
17  * limitations under the License.
18  * ----------------------------------------------------------------------------
19  */
20 
21 #ifndef PT_API_VERSION
22 #define PT_API_VERSION 2
23 #endif
24 #if PT_API_VERSION != 2
25 #error "Including mixed versions of Protocol API"
26 #endif
27 
28 #ifndef PT_CERTIFICATE_API_H_
29 #define PT_CERTIFICATE_API_H_
30 
31 #include <stddef.h>
32 #include <stdbool.h>
33 #include "pt-client-2/pt_common_api.h"
34 
40 #define CE_STATUS_RANGE_BASE 0x0500
41 #define CE_STATUS_RANGE_END 0x0600
42 
43 typedef enum {
44  CE_STATUS_SUCCESS = 0,
45  CE_STATUS_ERROR = CE_STATUS_RANGE_BASE,
46  CE_STATUS_INVALID_PARAMETER,
47  CE_STATUS_INSUFFICIENT_BUFFER,
48  CE_STATUS_OUT_OF_MEMORY,
49  CE_STATUS_ITEM_NOT_FOUND,
50  CE_STATUS_DEVICE_BUSY,
51  CE_STATUS_BAD_INPUT_FROM_SERVER,
52  CE_STATUS_EST_ERROR,
53  CE_STATUS_STORAGE_ERROR,
54  CE_STATUS_RENEWAL_ITEM_VALIDATION_ERROR,
55  CE_STATUS_BACKUP_ITEM_ERROR,
56  CE_STATUS_ORIGINAL_ITEM_ERROR,
57  CE_STATUS_RESTORE_BACKUP_ERROR,
58  CE_STATUS_RENEWAL_STATUS_ERROR,
59  CE_STATUS_FORBIDDEN_REQUEST,
60  CE_STATUS_ITEM_IS_EMPTY,
61  CE_STATUS_NOT_INITIALIZED,
62  CE_STATUS_INIT_FAILED,
63  CE_STATUS_PENDING = 0x5ff,
64  CE_MAX_STATUS = CE_STATUS_RANGE_END
65 } pt_ce_status_e;
66 
85 struct pt_certificate_list;
86 typedef struct pt_certificate_list pt_certificate_list_t;
87 
94 struct cert_context_s {
95  uint16_t cert_length;
96  uint8_t *cert;
97  struct cert_context_s *next;
98 };
99 
105 struct cert_chain_context_s {
106  uint8_t chain_length;
107  struct cert_context_s *certs;
108 };
109 
123 typedef void (*pt_certificate_renewal_notification_handler)(const connection_id_t connection_id,
124  const char *name,
125  int32_t initiator,
126  int32_t status,
127  const char *description,
128  void *userdata);
129 
144 typedef void (*pt_device_certificate_renew_response_handler)(const connection_id_t connection_id,
145  const char *device_id,
146  const char *name,
147  int32_t status,
148  struct cert_chain_context_s *cert_chain,
149  void *userdata);
150 
164 typedef pt_status_t (*pt_device_certificate_renew_request_handler)(const connection_id_t connection_id,
165  const char *device_id,
166  const char *name,
167  void *userdata);
168 
174 typedef void (*pt_certificates_set_response_handler)(const connection_id_t connection_id, void *userdata);
175 
179 typedef void (*pt_certificate_renew_response_handler)(const connection_id_t connection_id, void *userdata);
180 
185 pt_certificate_list_t *pt_certificate_list_create();
186 
191 void pt_certificate_list_destroy(pt_certificate_list_t *list);
192 
200 pt_status_t pt_certificate_list_add(pt_certificate_list_t *list, const char *name);
201 
212 pt_status_t pt_certificate_renewal_list_set(const connection_id_t connection_id,
213  pt_certificate_list_t *list,
214  pt_certificates_set_response_handler success_handler,
215  pt_certificates_set_response_handler failure_handler,
216  void *userdata);
217 
228 pt_status_t pt_certificate_renew(const connection_id_t connection_id,
229  const char *name,
230  pt_certificate_renew_response_handler success_handler,
231  pt_certificate_renew_response_handler failure_handler,
232  void *userdata);
233 
248 pt_status_t pt_device_certificate_renew(const connection_id_t connection_id,
249  const char *device_id,
250  const char *name,
251  const char *csr,
252  const size_t csr_length,
253  pt_device_certificate_renew_response_handler success_handler,
254  pt_device_certificate_renew_response_handler failure_handler,
255  void *userdata);
256 
266 pt_status_t pt_device_certificate_renew_request_finish(const connection_id_t connection_id,
267  const char *device_id,
268  const pt_ce_status_e status);
269 
274 void pt_free_certificate_chain_context(struct cert_chain_context_s *context);
275 
281 #endif /* PT_CERTIFICATE_API_H_ */
282 
pt_device_certificate_renew_request_finish
pt_status_t pt_device_certificate_renew_request_finish(const connection_id_t connection_id, const char *device_id, const pt_ce_status_e status)
Finish device certificate renewal request.
CE_STATUS_OUT_OF_MEMORY
An out-of-memory condition occurred.
Definition: pt_certificate_api.h:48
CE_STATUS_STORAGE_ERROR
The storage operation ended with an error.
Definition: pt_certificate_api.h:53
cert_context_s
Definition: pt_certificate_api.h:94
CE_STATUS_RESTORE_BACKUP_ERROR
Operation failed to restore backup items.
Definition: pt_certificate_api.h:57
pt_ce_status_e
pt_ce_status_e
Definition: pt_certificate_api.h:43
CE_STATUS_ITEM_IS_EMPTY
The item was found in the storage but its length is zero.
Definition: pt_certificate_api.h:60
CE_STATUS_DEVICE_BUSY
The device is processing too many certificate renewals.
Definition: pt_certificate_api.h:50
pt_certificates_set_response_handler
void(* pt_certificates_set_response_handler)(const connection_id_t connection_id, void *userdata)
Type definition for pt_certificate_renewal_list_set response success and failure handlers.
Definition: pt_certificate_api.h:174
pt_certificate_renewal_notification_handler
void(* pt_certificate_renewal_notification_handler)(const connection_id_t connection_id, const char *name, int32_t initiator, int32_t status, const char *description, void *userdata)
Type definition for certificate renewal notification. This callback will be called to notify the stat...
Definition: pt_certificate_api.h:123
CE_STATUS_ERROR
Operation ended with an unspecified error.
Definition: pt_certificate_api.h:45
CE_STATUS_INIT_FAILED
Initialization of the Certificate Enrollment module has failed. This error may be passed into MbedClo...
Definition: pt_certificate_api.h:62
pt_device_certificate_renew
pt_status_t pt_device_certificate_renew(const connection_id_t connection_id, const char *device_id, const char *name, const char *csr, const size_t csr_length, pt_device_certificate_renew_response_handler success_handler, pt_device_certificate_renew_response_handler failure_handler, void *userdata)
Requests the renewal of the certificate specified by the name parameter using the certificate signing...
CE_STATUS_BACKUP_ITEM_ERROR
Operation failed to create/read/validate backup items.
Definition: pt_certificate_api.h:55
CE_STATUS_PENDING
Operation will be complete asynchronously.
Definition: pt_certificate_api.h:63
CE_STATUS_ITEM_NOT_FOUND
The item was not found in the storage.
Definition: pt_certificate_api.h:49
pt_common_api.h
Contains common structures and definitions for the protocol translator client.
CE_STATUS_EST_ERROR
An error during enrollment over secure transport (EST) occurred.
Definition: pt_certificate_api.h:52
CE_STATUS_NOT_INITIALIZED
Called CertificateEnrollmentClient API before the initialization of the module.
Definition: pt_certificate_api.h:61
CE_STATUS_BAD_INPUT_FROM_SERVER
The server sent a TLV that is either unsupported or malformed.
Definition: pt_certificate_api.h:51
CE_STATUS_INSUFFICIENT_BUFFER
The provided buffer size was insufficient for the required output.
Definition: pt_certificate_api.h:47
cert_chain_context_s
Definition: pt_certificate_api.h:105
pt_device_certificate_renew_request_handler
pt_status_t(* pt_device_certificate_renew_request_handler)(const connection_id_t connection_id, const char *device_id, const char *name, void *userdata)
Type definition for certificate renewal request handler for device certificate. This callback will be...
Definition: pt_certificate_api.h:164
pt_free_certificate_chain_context
void pt_free_certificate_chain_context(struct cert_chain_context_s *context)
Free a cert_chain_context_s structure passed to the certificate renewal notification callback...
CE_STATUS_FORBIDDEN_REQUEST
The server asked for a forbidden operation (for example: the server is not allowed to renew the devic...
Definition: pt_certificate_api.h:59
CE_STATUS_SUCCESS
Operation completed successfully.
Definition: pt_certificate_api.h:44
pt_certificate_renew_response_handler
void(* pt_certificate_renew_response_handler)(const connection_id_t connection_id, void *userdata)
Type definition for pt_certificate_renew response success and failure handlers.
Definition: pt_certificate_api.h:179
pt_certificate_list_add
pt_status_t pt_certificate_list_add(pt_certificate_list_t *list, const char *name)
Adds a certificate to certificate list.
CE_STATUS_RENEWAL_ITEM_VALIDATION_ERROR
Operation failed to validate renewal items.
Definition: pt_certificate_api.h:54
pt_certificate_list_create
pt_certificate_list_t * pt_certificate_list_create()
Creates a certificate list.
CE_STATUS_ORIGINAL_ITEM_ERROR
Operation failed to create/read/validate original items.
Definition: pt_certificate_api.h:56
pt_status_t
pt_status_t
Enumeration containing the possible return status codes for Protocol API functions.
Definition: pt_common_api.h:51
pt_certificate_list_destroy
void pt_certificate_list_destroy(pt_certificate_list_t *list)
Destroys the certificate list. Frees all the certificates added to the list.
pt_certificate_renew
pt_status_t pt_certificate_renew(const connection_id_t connection_id, const char *name, pt_certificate_renew_response_handler success_handler, pt_certificate_renew_response_handler failure_handler, void *userdata)
Requests the renewal of the certificate specified by the name parameter.
CE_STATUS_INVALID_PARAMETER
A parameter provided to the function was invalid.
Definition: pt_certificate_api.h:46
pt_device_certificate_renew_response_handler
void(* pt_device_certificate_renew_response_handler)(const connection_id_t connection_id, const char *device_id, const char *name, int32_t status, struct cert_chain_context_s *cert_chain, void *userdata)
Type definition for certificate renewal notification for device certificate. This callback will be ca...
Definition: pt_certificate_api.h:144
pt_certificate_renewal_list_set
pt_status_t pt_certificate_renewal_list_set(const connection_id_t connection_id, pt_certificate_list_t *list, pt_certificates_set_response_handler success_handler, pt_certificates_set_response_handler failure_handler, void *userdata)
Sends the certificate list to Edge, triggering renewal subscriptions of the certificates in the list...
CE_STATUS_RENEWAL_STATUS_ERROR
Operation failed to create/validate/delete the renewal status file.
Definition: pt_certificate_api.h:58