Merge branch 'develop' of https://github.com/kaaproject/kaa into KAA-…

…1146

Conflicts:
	server/node/src/main/java/org/kaaproject/kaa/server/admin/client/mvp/data/DataSource.java
	server/node/src/main/java/org/kaaproject/kaa/server/admin/controller/KaaAdminController.java
	server/node/src/main/java/org/kaaproject/kaa/server/admin/services/KaaAdminServiceImpl.java
	server/node/src/main/java/org/kaaproject/kaa/server/admin/shared/services/KaaAdminService.java
	server/node/src/test/java/org/kaaproject/kaa/server/control/ControlServerEventClassFamilyIT.java

client/client-multi/client-c/CMakeLists.txt

@@ -166,6 +166,7 @@ set(KAA_SOURCE_FILES
         ${KAA_SRC_FOLDER}/avro_src/io.c
         ${KAA_SRC_FOLDER}/avro_src/encoding_binary.c
         ${KAA_SRC_FOLDER}/collections/kaa_list.c
+        ${KAA_SRC_FOLDER}/utilities/kaa_aes_rsa.c
         ${KAA_SRC_FOLDER}/utilities/kaa_log.c
         ${KAA_SRC_FOLDER}/utilities/kaa_mem.c
         ${KAA_SRC_FOLDER}/utilities/kaa_buffer.c
@@ -177,23 +178,6 @@ set(KAA_SOURCE_FILES
         ${KAA_SRC_FOLDER}/kaa.c
         ${KAA_SRC_FOLDER}/kaa_extension.c
         ${KAA_SRC_FOLDER}/platform-impl/common/kaa_htonll.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/aes.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/asn1parse.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/asn1write.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/bignum.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/ctr_drbg.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/entropy.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/entropy_poll.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/md.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/md_wrap.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/oid.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/pk.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/pkwrite.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/pk_wrap.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/rsa.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/sha256.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/pkparse.c
-        ${CMAKE_CURRENT_LIST_DIR}/thirdparty/mbedtls/sha1.c
   )
 
 
@@ -216,8 +200,6 @@ add_library(kaac ${KAA_SOURCE_FILES})
 target_include_directories(kaac PUBLIC ${KAA_INCLUDE_DIRS})
 target_link_libraries(kaac PRIVATE ${KAA_THIRDPARTY_LIBRARIES})
 
-add_dependencies(kaac kaa_rsa_keygen)
-
 message("BOOTSTRAP ENABLED")
 include(${CMAKE_CURRENT_LIST_DIR}/src/extensions/bootstrap/CMakeLists.txt)
 target_link_libraries(kaac PUBLIC extension_bootstrap)
@@ -278,7 +260,7 @@ endif()
 
 if(WITH_ENCRYPTION)
     message("ENCRYPTION ENABLED")
-
+    target_link_libraries(kaac PUBLIC rsa_keygen)
     add_definitions(-DKAA_ENCRYPTION)
 endif()
 
@@ -292,10 +274,23 @@ add_subdirectory(Modules/doxygen)
 
 add_subdirectory(Modules/cppcheck)
 
-externalproject_add(kaa_rsa_keygen SOURCE_DIR "${CMAKE_CURRENT_LIST_DIR}/tools/kaa_encryption"
-                    INSTALL_COMMAND  "./generate_rsa_keys" COMMENT "Generating RSA headers"
-                    BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/kaa_keys)
-
-externalproject_add_step(kaa_rsa_keygen "Copying generated files"
-                         COMMAND mv -f "${CMAKE_CURRENT_BINARY_DIR}/kaa_keys/kaa_keys_gen.h"
-                         "${KAA_SRC_FOLDER}/gen" DEPENDEES install)
+#Set key pair generation parameter for posix platform
+#Use application for another platform
+if(${KAA_PLATFORM} STREQUAL "posix")
+    option(KAA_RUNTIME_KEY_GENERATION "Enable RSA key generation at runtime" ON)
+    if(${KAA_RUNTIME_KEY_GENERATION})
+        add_definitions(-DKAA_RUNTIME_KEY_GENERATION)
+    endif()
+    add_subdirectory(tools/kaa_encryption/rsa_key_gen)
+    target_link_libraries(kaac PUBLIC rsa_keygen)
+else()
+    add_dependencies(kaac kaa_rsa_keygen)
+    externalproject_add(kaa_rsa_keygen SOURCE_DIR "${CMAKE_CURRENT_LIST_DIR}/tools/kaa_encryption"
+                        INSTALL_COMMAND  "./generate_rsa_keys" COMMENT "Generating RSA headers"
+                        CMAKE_ARGS -DKAA_SDK_DIR=${KAA_SDK_DIR}
+                        BINARY_DIR ${CMAKE_CURRENT_BINARY_DIR}/kaa_keys)
+
+    externalproject_add_step(kaa_rsa_keygen "Copying generated files"
+                             COMMAND mv -f "${CMAKE_CURRENT_BINARY_DIR}/kaa_keys/kaa_keys_gen.h"
+                             "${KAA_SRC_FOLDER}/gen" DEPENDEES install)
+endif()

client/client-multi/client-c/listfiles/platform/cc32xx/CMakeLists.txt

@@ -25,7 +25,7 @@ set(KAA_SOURCE_FILES
         ${KAA_SRC_FOLDER}/platform-impl/cc32xx/configuration_persistence.c
         ${KAA_SRC_FOLDER}/platform-impl/cc32xx/time.c
         ${KAA_SRC_FOLDER}/platform-impl/cc32xx/reboot.c
-        ${KAA_SRC_FOLDER}/platform-impl/common/common_key_utils.c
+        ${KAA_SRC_FOLDER}/platform-impl/common/key_utils.c
         ${KAA_SRC_FOLDER}/platform-impl/common/ext_log_storage_memory.c
         ${KAA_SRC_FOLDER}/platform-impl/common/ext_log_upload_strategies.c
         )

client/client-multi/client-c/listfiles/platform/esp8266/CMakeLists.txt

@@ -28,7 +28,7 @@ set(ESP8266_SRC
     ${ESP8266_SRC_FOLDER}/status.c
     ${ESP8266_SRC_FOLDER}/tcp_utils.c
     ${ESP8266_SRC_FOLDER}/time.c
-    ${KAA_SRC_FOLDER}/platform-impl/common/common_key_utils.c
+    ${KAA_SRC_FOLDER}/platform-impl/common/key_utils.c
     ${ESP8266_SRC_FOLDER}/exit.c
     ${ESP8266_SRC_FOLDER}/snprintf.c
     ${KAA_SRC_FOLDER}/platform-impl/common/sha.c

client/client-multi/client-c/listfiles/platform/posix/CMakeLists.txt

@@ -17,12 +17,12 @@
 set(KAA_SOURCE_FILES
         ${KAA_SOURCE_FILES}
         ${KAA_SRC_FOLDER}/platform-impl/posix/kaa_client.c
+        ${KAA_SRC_FOLDER}/platform-impl/posix/key_utils.c
         ${KAA_SRC_FOLDER}/platform-impl/posix/logger.c
         ${KAA_SRC_FOLDER}/platform-impl/posix/file_utils.c
         ${KAA_SRC_FOLDER}/platform-impl/posix/status.c
         ${KAA_SRC_FOLDER}/platform-impl/posix/configuration_persistence.c
         ${KAA_SRC_FOLDER}/platform-impl/common/sha.c
-        ${KAA_SRC_FOLDER}/platform-impl/common/common_key_utils.c
         ${KAA_SRC_FOLDER}/platform-impl/common/kaa_failover_strategy.c
         ${KAA_SRC_FOLDER}/platform-impl/common/ext_log_storage_memory.c
         ${KAA_SRC_FOLDER}/platform-impl/common/ext_log_upload_strategies.c

client/client-multi/client-c/pom.xml

@@ -85,7 +85,6 @@
                         <exclude>thirdparty/</exclude>
                         <exclude>nix/astyle/max_indent.patch</exclude>
 
-                        <exclude>src/kaa/gen/kaa_keys_gen.h</exclude>
                         <!-- Temporary build files -->
                         <exclude>build-*/</exclude>
                         <exclude>Makefile</exclude>

client/client-multi/client-c/src/extensions/profile/test/test_kaa_profile.c

@@ -302,15 +302,23 @@ void test_profile_sync_serialize(void **state)
         ASSERT_EQUAL(error_code, KAA_ERR_NONE);
     }
 
-    network_order_32 = KAA_HTONS(TEST_PUB_KEY_SIZE) << 16 | PUB_KEY_VALUE;
-    error_code = kaa_platform_message_write(manual_writer, &network_order_32, sizeof(uint32_t));
+    uint16_t  network_order_16 = KAA_HTONS(PUB_KEY_VALUE  << 8);
+    error_code = kaa_platform_message_write(manual_writer, &network_order_16, sizeof(network_order_16));
+    ASSERT_EQUAL(error_code, KAA_ERR_NONE);
+
+    network_order_16 = KAA_HTONS(TEST_PUB_KEY_SIZE);
+    error_code = kaa_platform_message_write(manual_writer, &network_order_16, sizeof(network_order_16));
     ASSERT_EQUAL(error_code, KAA_ERR_NONE);
 
     error_code = kaa_platform_message_write_aligned(manual_writer, test_ep_key, TEST_PUB_KEY_SIZE);
     ASSERT_EQUAL(error_code, KAA_ERR_NONE);
 
-    network_order_32 = KAA_HTONS(access_token_size) << 16 | ACCESS_TOKEN_VALUE;
-    error_code = kaa_platform_message_write(manual_writer, &network_order_32, sizeof(uint32_t));
+    network_order_16 = KAA_HTONS(ACCESS_TOKEN_VALUE << 8);
+    error_code = kaa_platform_message_write(manual_writer, &network_order_16, sizeof(network_order_16));
+    ASSERT_EQUAL(error_code, KAA_ERR_NONE);
+
+    network_order_16 = KAA_HTONS(access_token_size);
+    error_code = kaa_platform_message_write(manual_writer, &network_order_16, sizeof(network_order_16));
     ASSERT_EQUAL(error_code, KAA_ERR_NONE);
 
     error_code = kaa_platform_message_write_aligned(manual_writer, access_token, access_token_size);

client/client-multi/client-c/src/kaa/kaa.c

@@ -128,7 +128,6 @@ kaa_error_t kaa_init(kaa_context_t **kaa_context_p)
     error = kaa_context_create(kaa_context_p, logger);
     if (error) {
         KAA_LOG_FATAL(logger, error, "Failed to create Kaa context");
-        kaa_log_destroy(logger);
         *kaa_context_p = NULL;
         return error;
     }
@@ -140,8 +139,6 @@ kaa_error_t kaa_init(kaa_context_t **kaa_context_p)
     error = kaa_init_keys();
     if (error) {
         KAA_LOG_ERROR(logger, error, "Failed to initialize keys");
-        kaa_context_destroy(*kaa_context_p);
-        kaa_log_destroy(logger);
         return error;
     }
 

client/client-multi/client-c/src/kaa/platform-impl/common/kaa_tcp_channel.c

@@ -1169,7 +1169,7 @@ kaa_error_t kaa_tcp_channel_authorize(kaa_tcp_channel_t *self)
     }
 
 #ifdef KAA_ENCRYPTION
-    /* TODO: Rework the solution to cipher without additional allocations */
+    /* TODO(KAA-1246): Rework the solution to cipher without additional allocations */
     error_code = kaa_tcp_channel_encrypt(self, (uint8_t **)&sync_buffer, &sync_size);
     if (error_code) {
         KAA_FREE(sync_buffer);
@@ -1576,7 +1576,7 @@ kaa_error_t kaa_tcp_channel_write_pending_services(kaa_tcp_channel_t *self,
     }
 
 #ifdef KAA_ENCRYPTION
-    /* TODO: Rework the solution to cipher without additional allocations */
+    /* TODO(KAA-1246): Rework the solution to cipher without additional allocations */
     bool encrypted = true;
     error_code = kaa_tcp_channel_encrypt(self,(uint8_t **) &sync_buffer, &sync_size);
     if (error_code) {

client/client-multi/client-c/src/kaa/platform-impl/common/common_key_utils.c → client/client-multi/client-c/src/kaa/platform-impl/common/key_utils.c

@@ -14,14 +14,14 @@
  *  limitations under the License.
  */
 
-
 #include <stdbool.h>
 #include <stddef.h>
 #include <stdint.h>
 #include <sys/stat.h>
 #include <string.h>
 #include <platform/ext_key_utils.h>
 #include <utilities/kaa_mem.h>
+#include <utilities/kaa_aes_rsa.h>
 #include <kaa_common.h>
 #include <kaa_error.h>
 #include <mbedtls/pk.h>
@@ -56,12 +56,7 @@ static endpoint_keys_t keys;
 static mbedtls_pk_context pk_context_;
 
 /* Some forward declarations of helpers */
-static int init_aes_key(unsigned char *key, size_t bytes);
 static kaa_error_t set_rsa_public_key(mbedtls_pk_context *pk, const uint8_t *key, size_t key_size);
-static kaa_error_t aes_encrypt_decrypt(int mode, const uint8_t *input, size_t input_size,
-        uint8_t *output, const uint8_t *key);
-static int rsa_sign(mbedtls_pk_context *pk, const uint8_t *input, size_t input_size,
-        uint8_t *output, size_t *output_size);
 static int rsa_encrypt(mbedtls_pk_context *pk, const uint8_t *input,
         size_t input_len, uint8_t *output);
 
@@ -230,99 +225,6 @@ kaa_error_t ext_get_signature(const uint8_t *input, size_t input_size,
     return KAA_ERR_NONE;
 }
 
-/*
- * Generates AES Key.
- *
- * bytes The size of the key.
- * key   Generated AES Key.
- *
- */
-static int init_aes_key(unsigned char *key, size_t bytes)
-{
-    mbedtls_ctr_drbg_context ctr_drbg;
-    mbedtls_entropy_context entropy;
-
-    const uint8_t pers[] = "aes_generate_key";
-    int ret;
-
-    mbedtls_entropy_init(&entropy);
-    mbedtls_ctr_drbg_init(&ctr_drbg);
-
-    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
-            pers, sizeof(pers) - 1)) == 0) {
-        ret = mbedtls_ctr_drbg_random(&ctr_drbg, key, bytes);
-    }
-
-    mbedtls_ctr_drbg_free(&ctr_drbg);
-    mbedtls_entropy_free(&entropy);
-
-    return ret;
-}
-
-static kaa_error_t aes_encrypt_decrypt(int mode, const uint8_t *input, size_t input_size,
-        uint8_t *output, const uint8_t *key)
-{
-    if ((input_size % 16) != 0 || !input) {
-        return KAA_ERR_BADPARAM;
-    }
-
-    if (mode != MBEDTLS_AES_ENCRYPT && mode != MBEDTLS_AES_DECRYPT) {
-        return KAA_ERR_BADPARAM;
-    }
-
-    static bool initialized = false;
-    static mbedtls_aes_context aes_ctx;
-
-    if (!initialized) {
-        mbedtls_aes_init(&aes_ctx);
-        initialized = true;
-    }
-
-    if (mode == MBEDTLS_AES_ENCRYPT) {
-        mbedtls_aes_setkey_enc(&aes_ctx, key, KAA_SESSION_KEY_LENGTH * 8);
-        mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_ENCRYPT, input, output);
-    } else if (mode == MBEDTLS_AES_DECRYPT) {
-        mbedtls_aes_setkey_dec(&aes_ctx, key, KAA_SESSION_KEY_LENGTH * 8);
-        mbedtls_aes_crypt_ecb(&aes_ctx, MBEDTLS_AES_DECRYPT, input, output);
-    }
-
-    return KAA_ERR_NONE;
-}
-
-static int rsa_sign(mbedtls_pk_context *pk, const uint8_t *input,
-        size_t input_size, uint8_t *output, size_t *output_size)
-{
-    int ret = 0;
-    uint8_t hash[32];
-    mbedtls_entropy_context entropy;
-    mbedtls_ctr_drbg_context ctr_drbg;
-    const uint8_t pers[] = "mbedtls_pk_sign";
-
-    mbedtls_entropy_init(&entropy);
-    mbedtls_ctr_drbg_init(&ctr_drbg);
-
-
-    if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy,
-            pers,sizeof(pers) - 1)) != 0) {
-        goto exit;
-    }
-
-    const mbedtls_md_info_t *info = mbedtls_md_info_from_type(MBEDTLS_MD_SHA1);
-
-    if ((ret = mbedtls_md(info, input, input_size, hash)) != 0) {
-        goto exit;
-    }
-
-    ret = mbedtls_pk_sign(pk, MBEDTLS_MD_SHA1, hash, 0, output, output_size,
-            mbedtls_ctr_drbg_random, &ctr_drbg);
-
-exit:
-    mbedtls_ctr_drbg_free(&ctr_drbg);
-    mbedtls_entropy_free(&entropy);
-
-    return ret;
-}
-
 static kaa_error_t set_rsa_public_key(mbedtls_pk_context *pk, const uint8_t *key, size_t key_size)
 {
     if (!pk || !key || !key_size) {
@@ -369,11 +271,12 @@ void ext_get_sha1_public(uint8_t **sha1, size_t *length)
     *length = KAA_SHA1_PUB_LEN;
 }
 
-void ext_get_sha1_base64_public(uint8_t **sha1, size_t *length)
+kaa_error_t ext_get_sha1_base64_public(const uint8_t **sha1, size_t *length)
 {
     if (!sha1 || !length) {
-        return;
+        return KAA_ERR_BADPARAM;
     }
     *sha1 = (uint8_t *)KAA_SHA1_PUB_BASE64;
     *length = KAA_SHA1_PUB_BASE64_LEN;
+    return KAA_ERR_NONE;
 }