Commit 946c29d0 authored by Kishen Maloor's avatar Kishen Maloor

Add logging, mbedtls error codes, cleanup

Change-Id: Ibe38b439c8376b26bb6ee1de19119e1e04d1f451
Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
parent df77854c
......@@ -107,7 +107,7 @@ pong_received_handler(oc_client_response_t *data)
oc_connectivity_end_session(data->endpoint);
} else {
ping_timeout <<= 1;
printf("PING send again.[retry: %d, time: %u]\n", ping_count,
printf("PING send again.[retry: %zd, time: %u]\n", ping_count,
ping_timeout);
send_ping(ping_timeout);
}
......
......@@ -292,7 +292,7 @@ main(void)
size_t i;
for (i = 0; i < device_num; i++) {
oc_endpoint_t *ep = oc_connectivity_get_endpoints(i);
printf("=== device(%d) endpoint info. ===\n", i);
printf("=== device(%zd) endpoint info. ===\n", i);
while (ep) {
oc_string_t ep_str;
if (oc_endpoint_to_string(ep, &ep_str) == 0) {
......
......@@ -358,7 +358,7 @@ void
random_pin_cb(const unsigned char *pin, size_t pin_len, void *data)
{
(void)data;
PRINT("\n\nRandom PIN: %.*s\n\n", pin_len, pin);
PRINT("\n\nRandom PIN: %.*s\n\n", (int)pin_len, pin);
}
#endif /* OC_SECURITY */
......@@ -417,7 +417,7 @@ factory_presets_cb(size_t device, void *data)
}
char key[4096];
size_t key_len = 8192;
size_t key_len = 4096;
if (read_pem("../../apps/pki_certs/key.pem", key, &key_len) < 0) {
PRINT("ERROR: unable to read private key");
return;
......
......@@ -395,7 +395,7 @@ void
random_pin_cb(const unsigned char *pin, size_t pin_len, void *data)
{
(void)data;
PRINT("\n\nRandom PIN: %.*s\n\n", pin_len, pin);
PRINT("\n\nRandom PIN: %.*s\n\n", (int)pin_len, pin);
}
#endif /* OC_SECURITY */
......
......@@ -1277,7 +1277,7 @@ factory_presets_cb(size_t device, void *data)
}
char key[4096];
size_t key_len = 8192;
size_t key_len = 4096;
if (read_pem("../../apps/pki_certs/key.pem", key, &key_len) < 0) {
PRINT("ERROR: unable to read private key");
return;
......
......@@ -942,7 +942,7 @@ network_event_thread(void *data)
common:
#ifdef OC_DEBUG
PRINT("Incoming message of size %d bytes from ", message->length);
PRINT("Incoming message of size %zd bytes from ", message->length);
PRINTipaddr(message->endpoint);
PRINT("\n\n");
#endif /* OC_DEBUG */
......@@ -1042,7 +1042,7 @@ int
oc_send_buffer(oc_message_t *message)
{
#ifdef OC_DEBUG
PRINT("Outgoing message of size %d bytes to ", message->length);
PRINT("Outgoing message of size %zd bytes to ", message->length);
PRINTipaddr(message->endpoint);
PRINT("\n\n");
#endif /* OC_DEBUG */
......@@ -1289,7 +1289,7 @@ handle_session_event_callback(const oc_endpoint_t *endpoint,
static int
connectivity_ipv4_init(ip_context_t *dev)
{
OC_DBG("Initializing IPv4 connectivity for device %d", dev->device);
OC_DBG("Initializing IPv4 connectivity for device %zd", dev->device);
memset(&dev->mcast4, 0, sizeof(struct sockaddr_storage));
memset(&dev->server4, 0, sizeof(struct sockaddr_storage));
......@@ -1398,7 +1398,7 @@ connectivity_ipv4_init(ip_context_t *dev)
dev->dtls4_port = ntohs(sm->sin_port);
#endif /* OC_SECURITY */
OC_DBG("Successfully initialized IPv4 connectivity for device %d",
OC_DBG("Successfully initialized IPv4 connectivity for device %zd",
dev->device);
return 0;
......@@ -1408,7 +1408,7 @@ connectivity_ipv4_init(ip_context_t *dev)
int
oc_connectivity_init(size_t device)
{
OC_DBG("Initializing connectivity for device %d", device);
OC_DBG("Initializing connectivity for device %zd", device);
ip_context_t *dev = (ip_context_t *)oc_memb_alloc(&ip_context_s);
if (!dev) {
......@@ -1597,7 +1597,7 @@ oc_connectivity_init(size_t device)
return -1;
}
OC_DBG("Successfully initialized connectivity for device %d", device);
OC_DBG("Successfully initialized connectivity for device %zd", device);
return 0;
}
......@@ -1640,7 +1640,7 @@ oc_connectivity_shutdown(size_t device)
oc_list_remove(ip_contexts, dev);
oc_memb_free(&ip_context_s, dev);
OC_DBG("oc_connectivity_shutdown for device %d", device);
OC_DBG("oc_connectivity_shutdown for device %zd", device);
}
#ifdef OC_TCP
......
......@@ -603,7 +603,7 @@ oc_tcp_send_buffer(ip_context_t *dev, oc_message_t *message,
bytes_sent += send_len;
} while (bytes_sent < message->length);
OC_DBG("Sent %d bytes", bytes_sent);
OC_DBG("Sent %zd bytes", bytes_sent);
oc_tcp_send_buffer_done:
pthread_mutex_unlock(&dev->tcp.mutex);
......@@ -618,7 +618,7 @@ oc_tcp_send_buffer_done:
static int
tcp_connectivity_ipv4_init(ip_context_t *dev)
{
OC_DBG("Initializing TCP adapter IPv4 for device %d", dev->device);
OC_DBG("Initializing TCP adapter IPv4 for device %zd", dev->device);
memset(&dev->tcp.server4, 0, sizeof(struct sockaddr_storage));
struct sockaddr_in *l = (struct sockaddr_in *)&dev->tcp.server4;
......@@ -674,7 +674,7 @@ tcp_connectivity_ipv4_init(ip_context_t *dev)
ntohs(((struct sockaddr_in *)&dev->tcp.secure4)->sin_port);
#endif /* OC_SECURITY */
OC_DBG("Successfully initialized TCP adapter IPv4 for device %d",
OC_DBG("Successfully initialized TCP adapter IPv4 for device %zd",
dev->device);
return 0;
......@@ -684,7 +684,7 @@ tcp_connectivity_ipv4_init(ip_context_t *dev)
int
oc_tcp_connectivity_init(ip_context_t *dev)
{
OC_DBG("Initializing TCP adapter for device %d", dev->device);
OC_DBG("Initializing TCP adapter for device %zd", dev->device);
if (pthread_mutex_init(&dev->tcp.mutex, NULL) != 0) {
oc_abort("error initializing TCP adapter mutex");
......@@ -765,7 +765,7 @@ oc_tcp_connectivity_init(ip_context_t *dev)
#endif
#endif
OC_DBG("Successfully initialized TCP adapter for device %d", dev->device);
OC_DBG("Successfully initialized TCP adapter for device %zd", dev->device);
return 0;
}
......@@ -800,7 +800,7 @@ oc_tcp_connectivity_shutdown(ip_context_t *dev)
pthread_mutex_destroy(&dev->tcp.mutex);
OC_DBG("oc_tcp_connectivity_shutdown for device %d", dev->device);
OC_DBG("oc_tcp_connectivity_shutdown for device %zd", dev->device);
}
tcp_csm_state_t
......
......@@ -41,7 +41,7 @@ oc_certs_generate_serial_number(mbedtls_x509write_cert *crt)
mbedtls_entropy_context entropy;
mbedtls_entropy_init(&entropy);
#define PERSONALIZATION_DATA "IoTivity-Lite-Ceriticate_Serial_Number"
#define PERSONALIZATION_DATA "IoTivity-Lite-Certificate_Serial_Number"
int ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
(const unsigned char *)PERSONALIZATION_DATA,
......@@ -50,6 +50,7 @@ oc_certs_generate_serial_number(mbedtls_x509write_cert *crt)
#undef PERSONALIZATION_DATA
if (ret < 0) {
OC_ERR("error initializing RNG %d", ret);
return -1;
}
......@@ -59,6 +60,7 @@ oc_certs_generate_serial_number(mbedtls_x509write_cert *crt)
&ctr_drbg);
if (ret < 0) {
OC_ERR("error generating random serial number for certificate %d", ret);
return -1;
}
......@@ -81,7 +83,7 @@ oc_certs_parse_public_key(const unsigned char *cert, size_t cert_size,
int ret = mbedtls_x509_crt_parse(&crt, cert, cert_size);
if (ret < 0) {
OC_ERR("could not parse the provided cert");
OC_ERR("could not parse the provided cert %d", ret);
return -1;
}
......@@ -89,7 +91,7 @@ oc_certs_parse_public_key(const unsigned char *cert, size_t cert_size,
if (ret < 0) {
mbedtls_x509_crt_free(&crt);
OC_ERR("could not extract public key from cert");
OC_ERR("could not extract public key from cert %d", ret);
return -1;
}
......@@ -131,7 +133,7 @@ oc_certs_parse_role_certificate(const unsigned char *role_certificate,
&mbedtls_x509_crt_profile_default,
NULL, &flags, NULL, NULL);
if (ret != 0 || flags != 0) {
OC_ERR("error verifying role certificate");
OC_ERR("error verifying role certificate %d", ret);
goto exit_parse_role_cert;
}
......@@ -735,21 +737,21 @@ oc_certs_validate_csr(const unsigned char *csr, size_t csr_len,
ret = mbedtls_md(mbedtls_md_info_from_type(MBEDTLS_MD_SHA256), c.cri.p,
c.cri.len, CertificationRequestInfo_SHA256);
if (ret < 0) {
OC_ERR("unable to hash CertificationRequestInfo in CSR");
OC_ERR("unable to hash CertificationRequestInfo in CSR %d", ret);
goto exit_csr;
}
ret =
mbedtls_pk_verify((mbedtls_pk_context *)&c.pk, MBEDTLS_MD_SHA256,
CertificationRequestInfo_SHA256, 0, c.sig.p, c.sig.len);
if (ret < 0) {
OC_ERR("unable to verify signature in CSR");
OC_ERR("unable to verify signature in CSR %d", ret);
goto exit_csr;
}
char DN[512];
ret = mbedtls_x509_dn_gets(DN, 512, &c.subject);
if (ret < 0) {
OC_ERR("unable to retrieve subject from CSR");
OC_ERR("unable to retrieve subject from CSR %d", ret);
goto exit_csr;
}
......@@ -757,6 +759,9 @@ oc_certs_validate_csr(const unsigned char *csr, size_t csr_len,
ret = mbedtls_pk_write_pubkey_der((mbedtls_pk_context *)&c.pk, public_key,
OC_KEYPAIR_PUBKEY_SIZE);
if (ret < 0) {
OC_ERR("unable to read public key from CSR %d", ret);
}
}
exit_csr:
......@@ -808,7 +813,7 @@ oc_certs_generate_csr(size_t device, unsigned char *csr, size_t csr_len)
ret = mbedtls_pk_parse_key(&pk, kp->private_key, kp->private_key_size, 0, 0);
if (ret != 0) {
OC_ERR("could not parse private key for device %zd", device);
OC_ERR("could not parse private key for device %zd %d", device, ret);
goto generate_csr_error;
}
......@@ -821,7 +826,7 @@ oc_certs_generate_csr(size_t device, unsigned char *csr, size_t csr_len)
#undef PERSONALIZATION_DATA
if (ret < 0) {
OC_ERR("error initializing source of entropy");
OC_ERR("error initializing RNG %d", ret);
goto generate_csr_error;
}
......@@ -833,7 +838,8 @@ oc_certs_generate_csr(size_t device, unsigned char *csr, size_t csr_len)
ret = mbedtls_x509write_csr_set_subject_name(&request, subject);
if (ret != 0) {
OC_ERR("could not write subject name into CSR for device %zd", device);
OC_ERR("could not write subject name into CSR for device %zd %d", device,
ret);
goto generate_csr_error;
}
......@@ -843,7 +849,7 @@ oc_certs_generate_csr(size_t device, unsigned char *csr, size_t csr_len)
mbedtls_ctr_drbg_random, &ctr_drbg);
if (ret != 0) {
OC_ERR("could not write CSR for device %zd into buffer", device);
OC_ERR("could not write CSR for device %zd into buffer %d", device, ret);
goto generate_csr_error;
}
......
......@@ -117,10 +117,9 @@ oc_sec_encode_ecdsa_keypair(size_t device)
}
int
oc_generate_ecdsa_keypair(uint8_t *public_key, uint8_t public_key_buf_size,
uint8_t *public_key_size, uint8_t *private_key,
uint8_t private_key_buf_size,
uint8_t *private_key_size)
oc_generate_ecdsa_keypair(uint8_t *public_key, size_t public_key_buf_size,
size_t *public_key_size, uint8_t *private_key,
size_t private_key_buf_size, size_t *private_key_size)
{
mbedtls_pk_context pk;
mbedtls_entropy_context entropy;
......@@ -170,7 +169,7 @@ oc_generate_ecdsa_keypair(uint8_t *public_key, uint8_t public_key_buf_size,
OC_ERR("error writing EC public key to internal structure");
goto generate_ecdsa_keypair_error;
}
*public_key_size = ret;
*public_key_size = (size_t)ret;
mbedtls_entropy_free(&entropy);
mbedtls_ctr_drbg_free(&ctr_drbg);
......@@ -195,7 +194,7 @@ oc_generate_ecdsa_keypair_for_device(size_t device)
}
}
uint8_t public_key_size = 0;
size_t public_key_size = 0;
if (oc_generate_ecdsa_keypair(
kp->public_key, OC_KEYPAIR_PUBKEY_SIZE, &public_key_size,
kp->private_key, OC_KEYPAIR_PRIVKEY_SIZE, &kp->private_key_size) < 0) {
......
......@@ -34,15 +34,15 @@ typedef struct oc_ecdsa_keypair_t
size_t device;
uint8_t public_key[OC_KEYPAIR_PUBKEY_SIZE];
uint8_t private_key[OC_KEYPAIR_PRIVKEY_SIZE];
uint8_t private_key_size;
size_t private_key_size;
} oc_ecdsa_keypair_t;
bool oc_sec_decode_ecdsa_keypair(oc_rep_t *rep, size_t device);
bool oc_sec_encode_ecdsa_keypair(size_t device);
int oc_generate_ecdsa_keypair(uint8_t *public_key, uint8_t public_key_buf_size,
uint8_t *public_key_size, uint8_t *private_key,
uint8_t private_key_buf_size,
uint8_t *private_key_size);
int oc_generate_ecdsa_keypair(uint8_t *public_key, size_t public_key_buf_size,
size_t *public_key_size, uint8_t *private_key,
size_t private_key_buf_size,
size_t *private_key_size);
int oc_generate_ecdsa_keypair_for_device(size_t device);
oc_ecdsa_keypair_t *oc_sec_get_ecdsa_keypair(size_t device);
void oc_free_ecdsa_keypairs(void);
......
......@@ -60,11 +60,11 @@ OC_LIST(oc_cache);
/* Persisted state */
static int id = 1000;
/* Public/Private key-pair for root of trust */
/* Public/Private key-pair for the local domain's root of trust */
#ifdef OC_PKI
const char *root_subject = "C=US, O=OCF, CN=IoTivity-Lite OBT Root";
uint8_t private_key[OC_KEYPAIR_PRIVKEY_SIZE];
uint8_t private_key_size;
size_t private_key_size;
int root_cert_credid;
#endif /* OC_PKI */
......@@ -1933,7 +1933,7 @@ oc_obt_init(void)
#ifdef OC_PKI
uint8_t public_key[OC_KEYPAIR_PUBKEY_SIZE];
uint8_t public_key_size = 0;
size_t public_key_size = 0;
if (oc_generate_ecdsa_keypair(
public_key, OC_KEYPAIR_PUBKEY_SIZE, &public_key_size, private_key,
OC_KEYPAIR_PRIVKEY_SIZE, &private_key_size) < 0) {
......
......@@ -33,10 +33,10 @@
int
oc_obt_generate_role_cert(oc_role_t *roles, const char *subject_name,
const uint8_t *subject_public_key,
const uint8_t subject_public_key_size,
const size_t subject_public_key_size,
const char *issuer_name,
const uint8_t *issuer_private_key,
const uint8_t issuer_private_key_size,
const size_t issuer_private_key_size,
oc_string_t *role_cert)
{
int ret = 0;
......@@ -281,10 +281,10 @@ exit:
int
oc_obt_generate_identity_cert(const char *subject_name,
const uint8_t *subject_public_key,
const uint8_t subject_public_key_size,
const size_t subject_public_key_size,
const char *issuer_name,
const uint8_t *issuer_private_key,
const uint8_t issuer_private_key_size,
const size_t issuer_private_key_size,
oc_string_t *id_cert)
{
int ret = 0;
......@@ -475,9 +475,9 @@ exit:
int
oc_obt_generate_self_signed_root_cert(const char *subject_name,
const uint8_t *public_key,
const uint8_t public_key_size,
const size_t public_key_size,
const uint8_t *private_key,
const uint8_t private_key_size)
const size_t private_key_size)
{
int ret = 0;
......
......@@ -138,22 +138,22 @@ bool oc_obt_is_otm_ctx_valid(oc_otm_ctx_t *ctx);
int oc_obt_generate_self_signed_root_cert(const char *subject_name,
const uint8_t *public_key,
const uint8_t public_key_size,
const size_t public_key_size,
const uint8_t *private_key,
const uint8_t private_key_size);
const size_t private_key_size);
int oc_obt_generate_identity_cert(const char *subject_name,
const uint8_t *subject_public_key,
const uint8_t subject_public_key_size,
const size_t subject_public_key_size,
const char *issuer_name,
const uint8_t *issuer_private_key,
const uint8_t issuer_private_key_size,
const size_t issuer_private_key_size,
oc_string_t *id_cert);
int oc_obt_generate_role_cert(oc_role_t *roles, const char *subject_name,
const uint8_t *subject_public_key,
const uint8_t subject_public_key_size,
const size_t subject_public_key_size,
const char *issuer_name,
const uint8_t *issuer_private_key,
const uint8_t issuer_private_key_size,
const size_t issuer_private_key_size,
oc_string_t *role_cert);
#ifdef __cplusplus
}
......
......@@ -53,7 +53,7 @@ pki_add_intermediate_cert(size_t device, int credid, const unsigned char *cert,
ret = mbedtls_x509_crt_parse(&int_ca, (const unsigned char *)cert_copy,
cert_size);
if (ret < 0) {
OC_ERR("could not parse intermediate cert");
OC_ERR("could not parse intermediate cert %d", ret);
return -1;
}
OC_DBG("parsed intermediate CA cert");
......@@ -67,7 +67,8 @@ pki_add_intermediate_cert(size_t device, int credid, const unsigned char *cert,
oc_string_len(c->publicdata.data) + 1);
if (ret < 0) {
OC_ERR("could not parse existing identity cert that chains to this "
"intermediate cert");
"intermediate cert %d",
ret);
mbedtls_x509_crt_free(&int_ca);
return -1;
}
......@@ -149,7 +150,7 @@ pki_add_identity_cert(size_t device, const unsigned char *cert,
int ret = mbedtls_pk_parse_key(&pkey, (const unsigned char *)key_copy,
key_size, NULL, 0);
if (ret != 0) {
OC_ERR("could not parse identity cert's private key");
OC_ERR("could not parse identity cert's private key %d", ret);
return -1;
}
OC_DBG("parsed the provided identity cert's private key");
......@@ -161,7 +162,7 @@ pki_add_identity_cert(size_t device, const unsigned char *cert,
mbedtls_pk_free(&pkey);
if (ret < 0) {
OC_ERR("could not write identity cert's private key to DER");
OC_ERR("could not write identity cert's DER encoded private key %d", ret);
return -1;
}
......@@ -296,6 +297,7 @@ pki_add_trust_anchor(size_t device, const unsigned char *cert, size_t cert_size,
&cert2, (const unsigned char *)oc_string(c->publicdata.data),
oc_string_len(c->publicdata.data) + 1);
if (ret < 0) {
OC_ERR("could not parse stored certificate %d", ret);
mbedtls_x509_crt_free(&cert2);
continue;
}
......
......@@ -869,7 +869,6 @@ static void
oc_tls_set_ciphersuites(mbedtls_ssl_config *conf, oc_endpoint_t *endpoint)
{
(void)endpoint;
(void)anon_ecdh_priority;
#ifdef OC_PKI
mbedtls_ssl_conf_ca_chain(conf, &trust_anchors, NULL);
#ifdef OC_CLIENT
......@@ -1212,6 +1211,7 @@ oc_tls_init_context(void)
if (mbedtls_ctr_drbg_seed(&ctr_drbg_ctx, mbedtls_entropy_func, &entropy_ctx,
(const unsigned char *)PERSONALIZATION_DATA,
strlen(PERSONALIZATION_DATA)) != 0) {
OC_ERR("error initializing RNG");
goto dtls_init_err;
}
if (mbedtls_ssl_cookie_setup(&cookie_ctx, mbedtls_ctr_drbg_random,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment