alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Protocomm : Added new APIs for opening and closing secure sessions

Browse Source 
New APIs:
* protocomm_open_session()
* protocomm_close_session()

This allows external applications using protocomm to manually create and close sessions.

These internally call the new_transport_session() and close_transport_session() APIs implemented by the security scheme in use.

Updated unit tests with usage of new APIs
This commit is contained in:
Anurag Kar 2019-04-15 18:36:09 +05:30
parent cccf829366
commit 86e9acc2c9
3 changed files with 108 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
components/protocomm/include/common/protocomm.h
View File

@ -114,6 +114,39 @@ esp_err_t protocomm_add_endpoint(protocomm_t *pc, const char *ep_name,
*/ */
esp_err_t protocomm_remove_endpoint(protocomm_t *pc, const char *ep_name); esp_err_t protocomm_remove_endpoint(protocomm_t *pc, const char *ep_name);
/**
* @brief Allocates internal resources for new transport session
*
* @note
* - An endpoint must be bound to a valid protocomm instance,
* created using `protocomm_new()`.
*
* @param[in] pc Pointer to the protocomm instance
* @param[in] session_id Unique ID for a communication session
*
* @return
* - ESP_OK : Request handled successfully
* - ESP_ERR_NO_MEM : Error allocating internal resource
* - ESP_ERR_INVALID_ARG : Null instance/name arguments
*/
esp_err_t protocomm_open_session(protocomm_t *pc, uint32_t session_id);
/**
* @brief Frees internal resources used by a transport session
*
* @note
* - An endpoint must be bound to a valid protocomm instance,
* created using `protocomm_new()`.
*
* @param[in] pc Pointer to the protocomm instance
* @param[in] session_id Unique ID for a communication session
*
* @return
* - ESP_OK : Request handled successfully
* - ESP_ERR_INVALID_ARG : Null instance/name arguments
*/
esp_err_t protocomm_close_session(protocomm_t *pc, uint32_t session_id);
/** /**
* @brief Calls the registered handler of an endpoint session * @brief Calls the registered handler of an endpoint session
* for processing incoming data and generating the response * for processing incoming data and generating the response

32
components/protocomm/src/common/protocomm.c
View File

@ -149,6 +149,38 @@ esp_err_t protocomm_remove_endpoint(protocomm_t *pc, const char *ep_name)
return ESP_ERR_NOT_FOUND; return ESP_ERR_NOT_FOUND;
} }
esp_err_t protocomm_open_session(protocomm_t *pc, uint32_t session_id)
{
if (!pc) {
return ESP_ERR_INVALID_ARG;
}
if (pc->sec && pc->sec->new_transport_session) {
esp_err_t ret = pc->sec->new_transport_session(pc->sec_inst, session_id);
if (ret != ESP_OK) {
ESP_LOGE(TAG, "Failed to launch new session with ID: %d", session_id);
return ret;
}
}
return ESP_OK;
}
esp_err_t protocomm_close_session(protocomm_t *pc, uint32_t session_id)
{
if (!pc) {
return ESP_ERR_INVALID_ARG;
}
if (pc->sec && pc->sec->close_transport_session) {
esp_err_t ret = pc->sec->close_transport_session(pc->sec_inst, session_id);
if (ret != ESP_OK) {
ESP_LOGE(TAG, "Error while closing session with ID: %d", session_id);
return ret;
}
}
return ESP_OK;
}
esp_err_t protocomm_req_handle(protocomm_t *pc, const char *ep_name, uint32_t session_id, esp_err_t protocomm_req_handle(protocomm_t *pc, const char *ep_name, uint32_t session_id,
const uint8_t *inbuf, ssize_t inlen, const uint8_t *inbuf, ssize_t inlen,
uint8_t **outbuf, ssize_t *outlen) uint8_t **outbuf, ssize_t *outlen)

45
components/protocomm/test/test_protocomm.c
View File

@ -71,6 +71,7 @@ static const char *TAG = "protocomm_test";
static protocomm_t *test_pc = NULL; static protocomm_t *test_pc = NULL;
static const protocomm_security_t *test_sec = NULL; static const protocomm_security_t *test_sec = NULL;
protocomm_security_handle_t sec_inst = NULL;
static uint32_t test_priv_data = 1234; static uint32_t test_priv_data = 1234;
static void flip_endian(uint8_t *data, size_t len) static void flip_endian(uint8_t *data, size_t len)
@ -320,15 +321,37 @@ static esp_err_t test_new_session(session_t *session)
return ESP_OK; return ESP_OK;
} }
if (!test_sec || !test_sec->new_transport_session) { if (!test_sec) {
return ESP_ERR_INVALID_STATE; return ESP_ERR_INVALID_STATE;
} }
if (test_sec->init && (test_sec->init(&sec_inst) != ESP_OK)) {
return ESP_ERR_NO_MEM;
}
uint32_t session_id = session->id; uint32_t session_id = session->id;
if (test_sec->new_transport_session(session_id) != ESP_OK) { if (test_sec->new_transport_session &&
(test_sec->new_transport_session(sec_inst, session_id) != ESP_OK)) {
ESP_LOGE(TAG, "Failed to launch new transport session"); ESP_LOGE(TAG, "Failed to launch new transport session");
return ESP_FAIL; return ESP_FAIL;
} }
if (protocomm_open_session(test_pc, session_id) != ESP_OK) {
ESP_LOGE(TAG, "Failed to open new protocomm session");
return ESP_FAIL;
}
return ESP_OK;
}
static esp_err_t test_delete_session(session_t *session)
{
if (!test_sec) {
return ESP_ERR_INVALID_STATE;
}
if (test_sec->cleanup && (test_sec->cleanup(sec_inst) != ESP_OK)) {
return ESP_FAIL;
}
return ESP_OK; return ESP_OK;
} }
@ -484,9 +507,11 @@ static esp_err_t test_sec_endpoint(session_t *session)
mbedtls_ecdh_free(&session->ctx_client); mbedtls_ecdh_free(&session->ctx_client);
mbedtls_ctr_drbg_free(&session->ctr_drbg); mbedtls_ctr_drbg_free(&session->ctr_drbg);
mbedtls_entropy_free(&session->entropy); mbedtls_entropy_free(&session->entropy);
return ESP_OK; return ESP_OK;
abort_test_sec_endpoint: abort_test_sec_endpoint:
mbedtls_ecdh_free(&session->ctx_client); mbedtls_ecdh_free(&session->ctx_client);
mbedtls_ctr_drbg_free(&session->ctr_drbg); mbedtls_ctr_drbg_free(&session->ctr_drbg);
mbedtls_entropy_free(&session->entropy); mbedtls_entropy_free(&session->entropy);
@ -684,6 +709,7 @@ static esp_err_t test_security1_no_encryption (void)
// Perform 25519 security handshake to set public keys // Perform 25519 security handshake to set public keys
if (test_sec_endpoint(session) != ESP_OK) { if (test_sec_endpoint(session) != ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
return ESP_FAIL; return ESP_FAIL;
@ -697,11 +723,15 @@ static esp_err_t test_security1_no_encryption (void)
// data to not match that which was sent, hence failing. // data to not match that which was sent, hence failing.
if (test_req_endpoint(session) == ESP_OK) { if (test_req_endpoint(session) == ESP_OK) {
ESP_LOGE(TAG, "Error testing request endpoint"); ESP_LOGE(TAG, "Error testing request endpoint");
session->sec_ver = 1;
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
return ESP_FAIL; return ESP_FAIL;
} }
session->sec_ver = 1;
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
ESP_LOGI(TAG, "Protocomm test successful"); ESP_LOGI(TAG, "Protocomm test successful");
@ -759,6 +789,7 @@ static esp_err_t test_security1_session_overflow (void)
// Perform 25519 security handshake to set public keys // Perform 25519 security handshake to set public keys
if (test_sec_endpoint(session1) != ESP_OK) { if (test_sec_endpoint(session1) != ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session1);
stop_test_service(); stop_test_service();
free(session1); free(session1);
free(session2); free(session2);
@ -769,12 +800,14 @@ static esp_err_t test_security1_session_overflow (void)
// session ID without registering new session, hence failing // session ID without registering new session, hence failing
if (test_sec_endpoint(session2) == ESP_OK) { if (test_sec_endpoint(session2) == ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session1);
stop_test_service(); stop_test_service();
free(session1); free(session1);
free(session2); free(session2);
return ESP_FAIL; return ESP_FAIL;
} }
test_delete_session(session1);
stop_test_service(); stop_test_service();
free(session1); free(session1);
free(session2); free(session2);
@ -831,11 +864,13 @@ static esp_err_t test_security1_wrong_pop (void)
// wrong pop, hence failing // wrong pop, hence failing
if (test_sec_endpoint(session) == ESP_OK) { if (test_sec_endpoint(session) == ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
return ESP_FAIL; return ESP_FAIL;
} }
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
@ -935,6 +970,7 @@ static esp_err_t test_security1_weak_session (void)
// client public key, hence failing // client public key, hence failing
if (test_sec_endpoint(session) == ESP_OK) { if (test_sec_endpoint(session) == ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
return ESP_FAIL; return ESP_FAIL;
@ -944,11 +980,13 @@ static esp_err_t test_security1_weak_session (void)
// public keys on both client and server side should fail // public keys on both client and server side should fail
if (test_req_endpoint(session) == ESP_OK) { if (test_req_endpoint(session) == ESP_OK) {
ESP_LOGE(TAG, "Error testing request endpoint"); ESP_LOGE(TAG, "Error testing request endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
return ESP_FAIL; return ESP_FAIL;
} }
test_delete_session(session);
stop_test_service(); stop_test_service();
free(session); free(session);
@ -983,6 +1021,7 @@ static esp_err_t test_protocomm (session_t *session)
// Perform 25519 security handshake to set public keys // Perform 25519 security handshake to set public keys
if (test_sec_endpoint(session) != ESP_OK) { if (test_sec_endpoint(session) != ESP_OK) {
ESP_LOGE(TAG, "Error testing security endpoint"); ESP_LOGE(TAG, "Error testing security endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
return ESP_FAIL; return ESP_FAIL;
} }
@ -991,11 +1030,13 @@ static esp_err_t test_protocomm (session_t *session)
// the set public keys on both client and server side // the set public keys on both client and server side
if (test_req_endpoint(session) != ESP_OK) { if (test_req_endpoint(session) != ESP_OK) {
ESP_LOGE(TAG, "Error testing request endpoint"); ESP_LOGE(TAG, "Error testing request endpoint");
test_delete_session(session);
stop_test_service(); stop_test_service();
return ESP_FAIL; return ESP_FAIL;
} }
// Stop protocomm service // Stop protocomm service
test_delete_session(session);
stop_test_service(); stop_test_service();
ESP_LOGI(TAG, "Protocomm test successful"); ESP_LOGI(TAG, "Protocomm test successful");
return ESP_OK; return ESP_OK;