MHEG5_19_3_0_api/html/mh5tls_8c_source.html

 /*******************************************************************************
  * Copyright � 2014 The DTVKit Open Software Foundation Ltd (www.dtvkit.org)
  * Copyright � 2010 Ocean Blue Software Ltd
  *
  * This file is part of a DTVKit Software Component
  * You are permitted to copy, modify or distribute this file subject to the terms
  * of the DTVKit 1.0 Licence which can be found in licence.txt or at www.dtvkit.org
  *
  * THIS CODE AND INFORMATION ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND,
  * EITHER EXPRESSED OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES
  * OF MERCHANTABILITY AND/OR FITNESS FOR A PARTICULAR PURPOSE.
  *
  * If you or your organisation is not a member of DTVKit then you have access
  * to this source code outside of the terms of the licence agreement
  * and you are expected to delete this and any associated files immediately.
  * Further information on DTVKit, membership and terms can be found at www.dtvkit.org
  *******************************************************************************/
 /*---includes for this file--------------------------------------------------*/
 #include <stdlib.h>
 #include <string.h>
 #include <stdio.h>

 #include "mh5profile.h"
 #include "mh5tls.h"
 #include "mh5memory.h"
 #include "http_interface.h"
 #include "mh5fileorm.h"
 #include "stb_os.h"

 /*---constant definitions for this file--------------------------------------*/
 #define TLS_CERT_TIMEOUT        (24 * 60 * 60 * 1000)
 #define MAX_TLS_CERT_NAME       (22)
 #define MAX_CALLBACKS           (5)

 /*#define TLS_DEBUG_PRINT*/

 #ifdef TLS_DEBUG_PRINT
 #define PRINT(x) DBG_PRINTF x
 #else
 #define PRINT(x)
 #endif


 /*---local typedef structs for this file-------------------------------------*/
 /* Enumerated type to tell the state of the TLS certificate refresh process */
 typedef enum
 {
    TLS_CERT_STATE_SYNC,
    TLS_CERT_STATE_ASYNC,
    TLS_CERT_STATE_VALID,
    TLS_CERT_STATE_INVALID
 } TlsCertRefreshState;

 /*---local (static) variable declarations for this file----------------------*/
 static void(*tlsCallback[MAX_CALLBACKS]) (void);
 static U16BIT callbackCount = 0;
 static U32BIT lastCertStoreUpdate = 0;
 static MHEG5Int lastRequestNumber = 0;
 static MHEG5Bool lastRequestFailed = MHEG5FALSE;
 static TlsCertRefreshState certRequestState = TLS_CERT_STATE_VALID;


 /*---local function prototypes for this file---------------------------------*/
 static MHEG5Bool IsTimeToUpdate(void);
 static void ClearTlsCertStore(void);
 static void TlsCertRetrieved( void *userData, S_CONTENT *content );
 static void AddCertificates( U8BIT *certData, U32BIT certLen );
 static void TlsCertRetrievalFailed( void *userData );
 static void NotifyTlsReady(void);

 /*---global function definitions---------------------------------------------*/

 void MHEG5ClearTlsCertStore(void)
 {
    ClearTlsCertStore();
 }

 void MHEG5InvalidateTlsCertStore(void)
 {
    ClearTlsCertStore();

    if (certRequestState == TLS_CERT_STATE_ASYNC)
    {
       /* A certificate has been requested - need to make sure it doesn't
        * actually get used
        */
       certRequestState = TLS_CERT_STATE_INVALID;
    }
 }

 U32BIT MHEG5GetTlsCertStoreCount(void)
 {
    U32BIT count;

    count = httpGetTlsCertStoreCount();

    return count;
 }

 MHEG5TlsCertRequestStatus MHEG5GetNextTlsCertificate(void)
 {
    MHEG5TlsCertRequestStatus status;
    MHEG5Int currentRequestNumber;
    char name[MAX_TLS_CERT_NAME];
    MHEG5String requestName;

    status = MHEG5_TLS_CERT_REQUEST_PENDING;

    if (lastRequestFailed)
    {
       /* Certificate store is still valid, no point in trying again */
       status = MHEG5_TLS_CERT_REQUEST_FAILURE;
    }

    if (certRequestState == TLS_CERT_STATE_VALID)
    {
       if (IsTimeToUpdate())
       {
          ClearTlsCertStore();
       }

       if (!lastRequestFailed)
       {
          certRequestState = TLS_CERT_STATE_SYNC;

          currentRequestNumber = lastRequestNumber;
          sprintf(name, "DSM://auth.tls.%ld", lastRequestNumber + 1);
          requestName.data = (U8BIT *)name;
          requestName.len = strlen(name);
          (void)MHEG5FileOrmGet( requestName, FRP_CERT | FRP_CACHE_DEFAULT, NULL,
             TlsCertRetrieved, TlsCertRetrievalFailed);

          if (certRequestState == TLS_CERT_STATE_VALID)
          {
             if (currentRequestNumber == lastRequestNumber)
             {
                /* No new certificates, request failed */
                status = MHEG5_TLS_CERT_REQUEST_FAILURE;
             }
             else
             {
                /* Something new to test, request succeeded */
                status = MHEG5_TLS_CERT_REQUEST_SUCCESS;
             }
          }
          else
          {
             /* The request is not valid, so it was asynchronous */
             certRequestState = TLS_CERT_STATE_ASYNC;
          }
       }
    }

    return status;
 }

 void MHEG5AddTlsCertificateCallback(void (*loadCallback)(void))
 {
    if (callbackCount < MAX_CALLBACKS)
    {
       tlsCallback[callbackCount] = loadCallback;
       callbackCount++;
    }
 }

 /*---local function definitions----------------------------------------------*/


 static MHEG5Bool IsTimeToUpdate(void)
 {
    MHEG5Bool timeToUpdate;
    U32BIT currentTime;

    timeToUpdate = FALSE;

    /* Check if TLS certificates should be updated */
    currentTime = STB_OSGetClockMilliseconds();
    if (lastCertStoreUpdate == 0)
    {
       timeToUpdate = TRUE;
    }
    else if ((currentTime > lastCertStoreUpdate) &&
             (currentTime - lastCertStoreUpdate) > TLS_CERT_TIMEOUT)
    {
       timeToUpdate = TRUE;
    }
    else if (currentTime < lastCertStoreUpdate)
    {
       /* overflow */
       timeToUpdate = TRUE;
    }

    return timeToUpdate;
 }

 static void ClearTlsCertStore(void)
 {
    httpClearTlsCertStore();
    lastCertStoreUpdate = 0;
    lastRequestNumber = 0;
    lastRequestFailed = MHEG5FALSE;
 }

 static void TlsCertRetrieved( void *userData, S_CONTENT *content )
 {
    USE_UNWANTED_PARAM(userData);

    if (certRequestState == TLS_CERT_STATE_INVALID)
    {
       /* Certificate store has been invalidated - ignore the file and
        * call the TLS callback
        */
       certRequestState = TLS_CERT_STATE_VALID;
       NotifyTlsReady();
    }
    else if (certRequestState != TLS_CERT_STATE_VALID)
    {
       /* Request is still active, update HTTP module */
       AddCertificates( content->data, content->size );

       /* Update state */
       ++lastRequestNumber;

       /* Call TLS callback, but only if response was asynchronous */
       if (certRequestState == TLS_CERT_STATE_ASYNC)
       {
          NotifyTlsReady();
       }

       certRequestState = TLS_CERT_STATE_VALID;
    }
 }

 static void AddCertificates(U8BIT *certData, U32BIT certLen)
 {
    U32BIT size;
    U16BIT count;

    count = 0;
    if (certLen > 2)
    {
       count = certData[0] << 8 | certData[1];
    }

    /* TLS certificate files should only contain a single certificate */
    if (count == 1)
    {
       if (certLen >= 5)
       {
          size = (certData[2] << 16 | certData[3] << 8 | certData[4]);
          if (size + 5 == certLen)
          {
             httpAddTlsCertToStore(certData + 5, size);
          }
          else
          {
             /* invalid size */
 #ifdef TLS_DEBUG
             DBG_PRINTF("Invalid certificate size\n");
 #endif
          }
       }
       else
       {
          /* invalid certificate file length */
 #ifdef TLS_DEBUG
          DBG_PRINTF("Invalid certificate file length\n");
 #endif
       }
    }

    if (lastRequestNumber == 0)
    {
       /* First request, remember update time (even if invalid certificate) */
       lastCertStoreUpdate = STB_OSGetClockMilliseconds();
    }
 }

 void TlsCertRetrievalFailed(void *userData)
 {
    USE_UNWANTED_PARAM(userData);

    if (certRequestState == TLS_CERT_STATE_INVALID)
    {
       /* Certificate store has been invalidated - ignore the file and
        * call the TLS callback
        */
       certRequestState = TLS_CERT_STATE_VALID;
       NotifyTlsReady();
    }
    else
    {
       lastRequestFailed = MHEG5TRUE;
       if (lastCertStoreUpdate == 0)
       {
          /* First attempt failed - no certificates */
          lastCertStoreUpdate = STB_OSGetClockMilliseconds();
       }

       /* Call TLS callback, but only if response was asynchronous */
       if (certRequestState == TLS_CERT_STATE_ASYNC)
       {
          NotifyTlsReady();
       }
    }

    certRequestState = TLS_CERT_STATE_VALID;
 }

 static void NotifyTlsReady(void)
 {
    U16BIT i;

    for (i = 0; i < callbackCount; i++)
    {
       if (tlsCallback[i] != NULL)
       {
          tlsCallback[i]();
       }
    }
 }

STB_OSGetClockMilliseconds
U32BIT STB_OSGetClockMilliseconds(void)
Get Current Computer Clock Time.

http_interface.h
Manages the interface between MHEG5 Engine and the HTTP component.

MHEG5GetNextTlsCertificate
MHEG5TlsCertRequestStatus MHEG5GetNextTlsCertificate(void)
Issues a request to load the next TLS certificate from the DSM-CC object carousel.
Definition: mh5tls.c:126

sMHEG5String
Definition: mh5base.h:82

MHEG5InvalidateTlsCertStore
void MHEG5InvalidateTlsCertStore(void)
Invalidate the TLS certificate store.
Definition: mh5tls.c:95

s_content
Definition: fs_types.h:52

MHEG5AddTlsCertificateCallback
void MHEG5AddTlsCertificateCallback(void(*loadCallback)(void))
Add a callback function to be called when pending requests are resolved.
Definition: mh5tls.c:189

MHEG5FileOrmGet
void * MHEG5FileOrmGet(MHEG5String name, U16BIT priority, void *userData, F_CB_Good cbGood, F_CB_Fail cbFail)
Get a file. The file will be loaded and one of the callback functions called when request is resolved...
Definition: mh5fileorm.c:1179

MHEG5ClearTlsCertStore
void MHEG5ClearTlsCertStore(void)
Clear the TLS certificate store.
Definition: mh5tls.c:86

mh5profile.h
This file defines the profile for the MHEG engine.

httpClearTlsCertStore
void httpClearTlsCertStore(void)
Clear TLS certificate store.

mh5fileorm.h
File interface functions to DSMCC component.

mh5memory.h
redirection include

mh5tls.h
Functions relating to TLS certificate store.

httpAddTlsCertToStore
void httpAddTlsCertToStore(U8BIT *certData, U32BIT certLen)
Add TLS certificate to store.

MHEG5GetTlsCertStoreCount
U32BIT MHEG5GetTlsCertStoreCount(void)
Return number of TLS certificates in the TLS certificate store.
Definition: mh5tls.c:112

httpGetTlsCertStoreCount
U32BIT httpGetTlsCertStoreCount(void)
Return number of TLS certificate in the certificate store.

stb_os.h
Header file - Function prototypes for operating system.