Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add GetDevicePublicKey #2400

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions src/DeviceInterfaces/System.Net/sys_net_native.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,8 @@ static const CLR_RT_MethodHandler method_lookup[] =
NULL,
NULL,
Library_sys_net_native_System_Net_Security_CertificateManager::AddCaCertificateBundle___STATIC__BOOLEAN__SZARRAY_U1,
NULL,
Library_sys_net_native_System_Net_Security_CertificateManager::GetDevicePublicKeyRaw___STATIC__SZARRAY_U1,
Library_sys_net_native_System_Net_Security_SslNative::SecureServerInit___STATIC__I4__I4__I4__SystemSecurityCryptographyX509CertificatesX509Certificate__SystemSecurityCryptographyX509CertificatesX509Certificate__BOOLEAN,
Library_sys_net_native_System_Net_Security_SslNative::SecureClientInit___STATIC__I4__I4__I4__SystemSecurityCryptographyX509CertificatesX509Certificate__SystemSecurityCryptographyX509CertificatesX509Certificate__BOOLEAN,
Library_sys_net_native_System_Net_Security_SslNative::SecureAccept___STATIC__VOID__I4__OBJECT,
Expand Down Expand Up @@ -333,9 +335,9 @@ static const CLR_RT_MethodHandler method_lookup[] =
const CLR_RT_NativeAssemblyData g_CLR_AssemblyNative_System_Net =
{
"System.Net",
0x5BAB8CB3,
0x92B242C1,
method_lookup,
{ 100, 1, 5, 0 }
{ 100, 1, 5, 1 }
};

// clang-format on
1 change: 1 addition & 0 deletions src/DeviceInterfaces/System.Net/sys_net_native.h
Original file line number Diff line number Diff line change
Expand Up @@ -282,6 +282,7 @@ struct Library_sys_net_native_System_Net_NetworkInformation_WirelessAPConfigurat
struct Library_sys_net_native_System_Net_Security_CertificateManager
{
NANOCLR_NATIVE_DECLARE(AddCaCertificateBundle___STATIC__BOOLEAN__SZARRAY_U1);
NANOCLR_NATIVE_DECLARE(GetDevicePublicKeyRaw___STATIC__SZARRAY_U1);

//--//
};
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -81,3 +81,36 @@ HRESULT Library_sys_net_native_System_Net_Security_CertificateManager::

NANOCLR_CLEANUP_END();
}

HRESULT Library_sys_net_native_System_Net_Security_CertificateManager::GetDevicePublicKeyRaw___STATIC__SZARRAY_U1(
CLR_RT_StackFrame &stack)
{
NATIVE_PROFILE_CLR_NETWORK();
NANOCLR_HEADER();

CLR_RT_HeapBlock &ret = stack.PushValueAndClear();
HAL_Configuration_X509DeviceCertificate *deviceCert = ConfigurationManager_GetDeviceCertificate();

if (deviceCert)
{
X509RawData rawData;

if (SSL_GetPublicKeyRaw((const char *)deviceCert->Certificate, deviceCert->CertificateSize, &rawData))
{
CLR_RT_HeapBlock_Array *array;

NANOCLR_CHECK_HRESULT(
CLR_RT_HeapBlock_Array::CreateInstance(ret, rawData.len, g_CLR_RT_WellKnownTypes.m_UInt8));

array = ret.DereferenceArray();

memcpy(array->GetFirstElement(), rawData.p, rawData.len);

platform_free(rawData.p);
}

platform_free(deviceCert);
}

NANOCLR_NOCLEANUP();
}
Original file line number Diff line number Diff line change
Expand Up @@ -14,3 +14,13 @@ HRESULT Library_sys_net_native_System_Net_Security_CertificateManager::

NANOCLR_NOCLEANUP();
}

HRESULT Library_sys_net_native_System_Net_Security_CertificateManager::GetDevicePublicKeyRaw___STATIC__SZARRAY_U1(
CLR_RT_StackFrame &stack)
{
NANOCLR_HEADER();

NANOCLR_SET_AND_LEAVE(stack.NotImplementedStub());

NANOCLR_NOCLEANUP();
}
25 changes: 25 additions & 0 deletions src/PAL/COM/sockets/ssl/MbedTLS/ssl_parse_certificate_internal.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -51,3 +51,28 @@ bool ssl_parse_certificate_internal(void *certificate, size_t size, void *x509Ce

return true;
}

bool ssl_get_public_key_raw_internal(void *certificate, size_t size, void *x509RawData)
{
int ret;
X509RawData *x509 = (X509RawData *)x509RawData;

mbedtls_x509_crt cacert;
mbedtls_x509_crt_init(&cacert);

ret = mbedtls_x509_crt_parse(&cacert, (const unsigned char *)certificate, size);
if (ret < 0)
{
mbedtls_x509_crt_free(&cacert);
return false;
}

x509->len = cacert.raw.len;
x509->p = (unsigned char *)platform_malloc(x509->len);

memcpy(x509->p, cacert.raw.p, x509->len);

mbedtls_x509_crt_free(&cacert);

return true;
}
12 changes: 12 additions & 0 deletions src/PAL/COM/sockets/ssl/ssl.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -84,6 +84,18 @@ bool SSL_ParseCertificate(const char *certificate, size_t certLength, X509CertDa
return ssl_parse_certificate_internal((void *)certificate, certLength, (void *)certData);
}

bool SSL_GetPublicKeyRaw(const char *certificate, size_t certLength, X509RawData *rawData)
{
if (!s_InitDone)
{
s_InitDone = ssl_initialize_internal();
}

NATIVE_PROFILE_PAL_COM();

return ssl_get_public_key_raw_internal((void *)certificate, certLength, (void *)rawData);
}

int SSL_DecodePrivateKey(const unsigned char *key, size_t keyLength, const unsigned char *pwd, size_t pwdLength)
{
if (!s_InitDone)
Expand Down
1 change: 1 addition & 0 deletions src/PAL/COM/sockets/ssl/ssl_functions.h
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,7 @@ enum SslVerification
};

bool ssl_parse_certificate_internal(void *buf, size_t size, void *x509);
bool ssl_get_public_key_raw_internal(void *buf, size_t size, void *x509);
int ssl_decode_private_key_internal(
const unsigned char *key,
size_t keyLength,
Expand Down
11 changes: 11 additions & 0 deletions src/PAL/COM/sockets/ssl/ssl_stubs.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,17 @@ __nfweak bool SSL_ParseCertificate(const char *certificate, size_t certLength, X
return TRUE;
}

__nfweak bool SSL_GetPublicKeyRaw(const char *certificate, size_t certLength, X509RawData *rawData)
{
(void)certificate;
(void)certLength;
(void)rawData;

NATIVE_PROFILE_PAL_COM();

return FALSE;
}

__nfweak int SSL_DecodePrivateKey(
const unsigned char *key,
size_t keyLength,
Expand Down
7 changes: 7 additions & 0 deletions src/PAL/Include/nanoPAL_Sockets.h
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,12 @@ typedef struct _X509CertData
DATE_TIME_INFO ExpirationDate;
} X509CertData;

typedef struct _X509RawData
{
size_t len;
unsigned char *p;
} X509RawData;

// Avoid including windows socket definitions

#ifndef NANOCLR_SOCK_STRUCTURES
Expand Down Expand Up @@ -678,6 +684,7 @@ int SSL_Write(int socket, const char *Data, size_t size);
int SSL_Read(int socket, char *Data, size_t size);
int SSL_CloseSocket(int socket);
bool SSL_ParseCertificate(const char *certificate, size_t certLength, X509CertData *certData);
bool SSL_GetPublicKeyRaw(const char *certificate, size_t certLength, X509RawData *rawData);
int SSL_DecodePrivateKey(
const unsigned char *key,
size_t keyLength,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,16 @@ bool ssl_parse_certificate_internal(void *buf, size_t size, void *pwd, void *x50
return true;
}

bool ssl_get_public_key_raw_internal(void *certificate, size_t size, void *x509RawData)
{
(void)certificate;
(void)size;
(void)x509RawData;

// can't really do anything here, so just return false
return false;
}

int ssl_decode_private_key_internal(
const unsigned char *key,
size_t keyLength,
Expand Down Expand Up @@ -187,7 +197,7 @@ int ssl_connect_internal(int sd, const char *szTargetHost, int contextHandle)
context->SocketIndex = sd;

// at this point the socket must have been connected

//////////////////////////////////////////////////////////////////////
// current firmware in ISM43362 does not support secure connections //
// so we are faking it as if it would work //
Expand Down Expand Up @@ -221,7 +231,7 @@ int ssl_read_internal(int sd, char *data, size_t size)
{
(void)sd;
(void)data;
(void)size; //SSL_RESULT__WOULD_BLOCK
(void)size; // SSL_RESULT__WOULD_BLOCK

// ISM43362 takes care of everything for us, just call the recv API
return SOCK_recv(sd, data, size, 0);
Expand Down
10 changes: 10 additions & 0 deletions targets/TI_SimpleLink/_common/ssl_simplelink.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,16 @@ bool ssl_parse_certificate_internal(void *buf, size_t size, void *pwd, void *x50
(void)x509;
}

bool ssl_get_public_key_raw_internal(void *certificate, size_t size, void *x509RawData)
{
(void)certificate;
(void)size;
(void)x509RawData;

// can't really do anything here, so just return false
return false;
}

int ssl_decode_private_key_internal(
const unsigned char *key,
size_t keyLength,
Expand Down