Skip to content

Commit b8abc8b

Browse files
kmaloorkmaloor
committed
Templete/IoTivity-Lite:PKI chain install+chk errs
Signed-off-by: Kishen Maloor <[email protected]>
1 parent 88106f1 commit b8abc8b

File tree

1 file changed

+35
-16
lines changed

1 file changed

+35
-16
lines changed

src/templates/IOTivity-lite/simpleserver.c.jinja2

Lines changed: 35 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -658,6 +658,38 @@ random_pin_cb(const unsigned char *pin, size_t pin_len, void *data)
658658
}
659659
#endif /* OC_SECURITY */
660660

661+
void
662+
factory_presets_cb(size_t device, void *data)
663+
{
664+
(void)device;
665+
(void)data;
666+
#if defined(OC_SECURITY) && defined(OC_PKI)
667+
/* code to include an pki certificate and root trust anchor */
668+
#include "oc_pki.h"
669+
#include "pki_certs.h"
670+
int credid =
671+
oc_pki_add_mfg_cert(0, (const unsigned char *)my_cert, strlen(my_cert), (const unsigned char *)my_key, strlen(my_key));
672+
if (credid < 0) {
673+
PRINT("ERROR installing manufacturer certificate\n");
674+
} else {
675+
PRINT("Successfully installed manufacturer certificate\n");
676+
}
677+
678+
if (oc_pki_add_mfg_intermediate_cert(0, credid, (const unsigned char *)int_ca, strlen(int_ca)) < 0) {
679+
PRINT("ERROR installing intermediate CA certificate\n");
680+
} else {
681+
PRINT("Successfully installed intermediate CA certificate\n");
682+
}
683+
684+
if (oc_pki_add_mfg_trust_anchor(0, (const unsigned char *)root_ca, strlen(root_ca)) < 0) {
685+
PRINT("ERROR installing root certificate\n");
686+
} else {
687+
PRINT("Successfully installed root certificate\n");
688+
}
689+
690+
oc_pki_set_security_profile(0, OC_SP_BLACK, OC_SP_BLACK, credid);
691+
#endif /* OC_SECURITY && OC_PKI */
692+
}
661693

662694
/**
663695
* main application.
@@ -774,29 +806,16 @@ int init;
774806
oc_set_random_pin_callback(random_pin_cb, NULL);
775807
#endif /* OC_SECURITY */
776808

809+
oc_set_factory_presets_cb(factory_presets_cb, NULL);
810+
777811
/* start the stack */
778812
init = oc_main_init(&handler);
779-
780-
#if defined(OC_SECURITY) && defined(OC_PKI)
781-
/* code to include an pki certificate and root trust anchor */
782-
#include "oc_pki.h"
783-
#include "pki_certs.h"
784-
int credid =
785-
oc_pki_add_mfg_cert(0, my_cert, sizeof(my_cert), my_key, sizeof(my_key));
786813

787-
oc_pki_add_mfg_intermediate_cert(0, credid, int_ca, sizeof(int_ca));
788-
789-
oc_pki_add_mfg_trust_anchor(0, root_ca, sizeof(root_ca));
790-
791-
oc_pki_set_security_profile(0, OC_SP_BLACK, OC_SP_BLACK, credid);
792-
#endif /* OC_SECURITY && OC_PKI */
793-
794-
795814
if (init < 0)
796815
return init;
797816

798817
PRINT("OCF server \"{{json_data['info']['title']}}\" running, waiting on incoming connections.\n");
799-
818+
800819
#ifdef WIN32
801820
/* windows specific loop */
802821
while (quit != 1) {

0 commit comments

Comments
 (0)