From 80f123cf7f73d1e85060a92c8240e61da5f01086 Mon Sep 17 00:00:00 2001 From: Sri Teja T Date: Mon, 16 Dec 2024 18:32:48 +0530 Subject: [PATCH] chore: address review comments --- packages/atauth/CMakeLists.txt | 3 - .../atauth/include/atauth/atauth_constants.h | 21 ++-- packages/atauth/src/atactivate.c | 8 +- packages/atauth/src/auth_cli.c | 14 +-- packages/atauth/src/enc_test.c | 100 ------------------ packages/atclient/src/atclient.c | 1 - packages/atcommons/include/atcommons/cjson.h | 10 -- 7 files changed, 21 insertions(+), 136 deletions(-) delete mode 100644 packages/atauth/src/enc_test.c delete mode 100644 packages/atcommons/include/atcommons/cjson.h diff --git a/packages/atauth/CMakeLists.txt b/packages/atauth/CMakeLists.txt index dcb96462..54da6a7f 100644 --- a/packages/atauth/CMakeLists.txt +++ b/packages/atauth/CMakeLists.txt @@ -12,9 +12,6 @@ set( ${CMAKE_CURRENT_LIST_DIR}/src/auth_cli.c ${CMAKE_CURRENT_LIST_DIR}/src/atauth_build_atkeys_file_path.c ${CMAKE_CURRENT_LIST_DIR}/src/atauth_fetch_home_dir.c - ../../examples/desktop/at_talk/src/main.c - ../../examples/desktop/connection_hooks/main.c - ../../examples/desktop/crud/delete.c ) # Project setup diff --git a/packages/atauth/include/atauth/atauth_constants.h b/packages/atauth/include/atauth/atauth_constants.h index 15612e30..06106ab3 100644 --- a/packages/atauth/include/atauth/atauth_constants.h +++ b/packages/atauth/include/atauth/atauth_constants.h @@ -1,13 +1,12 @@ -#define DEFAULT_FIRST_APP_NAME "firstApp" -#define DEFAULT_FIRST_DEVICE_NAME "firstDevice" -#define AES_256_KEY_BYTES 32 -#define RSA_2048_PRIVKEY_BYTES 1300 // in PKCS#8 format includes padding +#define ATAUTH_DEFAULT_FIRST_APP_NAME "firstApp" +#define ATAUTH_DEFAULT_FIRST_DEVICE_NAME "firstDevice" +#define ATAUTH_AES_256_KEY_BYTES 32 +#define ATAUTH_RSA_2048_PRIVKEY_BYTES 1300 // in PKCS#8 format includes padding -#define DEFAULT_APKAM_RETRY_INTERVAL 10 // seconds -#define MAX_APKAM_AUTH_RETRY_ATTMEPTS 10 -#define ENROLLMENT_DENIED_ERR_CODE "error:AT0025" -#define ENROLLMENT_PENDING_ERR_CODE "error:AT0026" +#define ATAUTH_DEFAULT_APKAM_RETRY_INTERVAL 10 // seconds +#define ATAUTH_MAX_APKAM_AUTH_RETRY_ATTMEPTS 10 +#define ATAUTH_ENROLLMENT_DENIED_ERR_CODE "error:AT0025" +#define ATAUTH_ENROLLMENT_PENDING_ERR_CODE "error:AT0026" - -#define ENCRYPTED_DEFAULT_ENC_PRIVKEY_NAME "default_enc_private_key" -#define ENCRYPTED_SELF_ENC_KEY_NAME "default_self_enc_key" \ No newline at end of file +#define ATAUTH_ENCRYPTED_DEFAULT_ENC_PRIVKEY_NAME "default_enc_private_key" +#define ATAUTH_ENCRYPTED_SELF_ENC_KEY_NAME "default_self_enc_key" \ No newline at end of file diff --git a/packages/atauth/src/atactivate.c b/packages/atauth/src/atactivate.c index 70732024..645835f5 100644 --- a/packages/atauth/src/atactivate.c +++ b/packages/atauth/src/atactivate.c @@ -29,7 +29,7 @@ int main(int argc, char *argv[]) { // initialize apkam symmetric key and self encryption key (bytes) unsigned char *self_encryption_key_bytes, *apkam_symmetric_key_bytes; - size_t aes256_key_unsigned_char_bytes_size = sizeof(unsigned char) * AES_256_KEY_BYTES; + size_t aes256_key_unsigned_char_bytes_size = sizeof(unsigned char) * ATAUTH_AES_256_KEY_BYTES; self_encryption_key_bytes = malloc(aes256_key_unsigned_char_bytes_size); apkam_symmetric_key_bytes = malloc(aes256_key_unsigned_char_bytes_size); @@ -40,7 +40,7 @@ int main(int argc, char *argv[]) { unsigned char *apkam_symmetric_key_base64 = malloc(aes256_key_unsigned_char_base64_size); // intialize encrypted APKAM symmetric Key and encrypted default encryption private key (bytes) - const size_t rsa_2048_privkey_base64_len = atchops_base64_encoded_size(RSA_2048_PRIVKEY_BYTES); + const size_t rsa_2048_privkey_base64_len = atchops_base64_encoded_size(ATAUTH_RSA_2048_PRIVKEY_BYTES); const size_t aes256_encrypted_rsa_privkey_size = atchops_aes_ctr_ciphertext_size( rsa_2048_privkey_base64_len); // size for an AES256 encrypted RSA2048 privkey in bytes const size_t aes256_encrypted_rsa_privkey_unsigned_char_size = @@ -295,8 +295,8 @@ int main(int argc, char *argv[]) { // 4.3 Initialize enrollment params atcommons_enroll_params_init(ep); - ep->app_name = DEFAULT_FIRST_APP_NAME; - ep->device_name = DEFAULT_FIRST_DEVICE_NAME; + ep->app_name = ATAUTH_DEFAULT_FIRST_APP_NAME; + ep->device_name = ATAUTH_DEFAULT_FIRST_DEVICE_NAME; ep->apkam_public_key = (unsigned char *)atkeys.pkam_public_key_base64; ep->encrypted_default_encryption_private_key = encrypted_default_encryption_private_key_base64; ep->encrypted_self_encryption_key = encrypted_self_encryption_key_base64; diff --git a/packages/atauth/src/auth_cli.c b/packages/atauth/src/auth_cli.c index 547a19de..170709b0 100644 --- a/packages/atauth/src/auth_cli.c +++ b/packages/atauth/src/auth_cli.c @@ -35,7 +35,7 @@ int main(int argc, char *argv[]) { char status[ATCOMMONS_ENROLL_STATUS_STRING_MAX_LEN]; // initialize apkam symmetric key buffer (bytes) - size_t aes256_key_unsigned_char_bytes_size = sizeof(unsigned char) * AES_256_KEY_BYTES; + size_t aes256_key_unsigned_char_bytes_size = sizeof(unsigned char) * ATAUTH_AES_256_KEY_BYTES; unsigned char apkam_symmetric_key_bytes[aes256_key_unsigned_char_bytes_size]; // initialize apkam symmetric key buffer (base64) @@ -242,7 +242,7 @@ int main(int argc, char *argv[]) { char *encrypted_default_self_encryption_key = NULL; // 4.1.1 Fetch encrypted default encryption private key - if ((ret = get_apkam_key(&encrypted_default_encryption_private_key, ENCRYPTED_DEFAULT_ENC_PRIVKEY_NAME, + if ((ret = get_apkam_key(&encrypted_default_encryption_private_key, ATAUTH_ENCRYPTED_DEFAULT_ENC_PRIVKEY_NAME, &at_client.atserver_connection, enrollment_id, atsign)) != 0) { atlogger_log(TAG, ATLOGGER_LOGGING_LEVEL_ERROR, "Failed fetching def_encryption_privkey | get_apkam_key: %d\n", ret); @@ -251,7 +251,7 @@ int main(int argc, char *argv[]) { } // 4.1.2 Fetch encrypted self encryption key - if ((ret = get_apkam_key(&encrypted_default_self_encryption_key, ENCRYPTED_SELF_ENC_KEY_NAME, + if ((ret = get_apkam_key(&encrypted_default_self_encryption_key, ATAUTH_ENCRYPTED_SELF_ENC_KEY_NAME, &at_client.atserver_connection, enrollment_id, atsign)) != 0) { atlogger_log(TAG, ATLOGGER_LOGGING_LEVEL_ERROR, "Failed fetching def_encryption_privkey | get_apkam_key: %d\n", ret); @@ -417,7 +417,7 @@ exit: { } // retries APKAM auth using the set of atkeys provided until the authentication succeeds -// sleeps `DEFAULT_APKAM_RETRY_INTERVAL` seconds after each attempt +// sleeps `ATAUTH_DEFAULT_APKAM_RETRY_INTERVAL` seconds after each attempt int retry_pkam_auth_until_success(atclient *ctx, const char *atsign, const atclient_atkeys *atkeys, const atclient_authenticate_options *opts) { int ret = 1; @@ -437,8 +437,8 @@ int retry_pkam_auth_until_success(atclient *ctx, const char *atsign, const atcli return ret; } atlogger_log(TAG, ATLOGGER_LOGGING_LEVEL_ERROR, "APKAM auth failed. Retrying in %d secs\n", - DEFAULT_APKAM_RETRY_INTERVAL); - sleep(DEFAULT_APKAM_RETRY_INTERVAL); + ATAUTH_DEFAULT_APKAM_RETRY_INTERVAL); + sleep(ATAUTH_DEFAULT_APKAM_RETRY_INTERVAL); } } @@ -498,7 +498,7 @@ exit: { // returns 1 if the error_message contains the ENROLLMENT_DENIED error code, otherwise 0 int is_enrollment_denied(const char *err_msg) { - return strncmp(err_msg, ENROLLMENT_DENIED_ERR_CODE, strlen(ENROLLMENT_DENIED_ERR_CODE)) == 0 ? 1 : 0; + return strncmp(err_msg, ATAUTH_ENROLLMENT_DENIED_ERR_CODE, strlen(ATAUTH_ENROLLMENT_DENIED_ERR_CODE)) == 0 ? 1 : 0; } int create_new_atserver_connection(atclient *ctx, const char *atsign, const atclient_authenticate_options *options) { diff --git a/packages/atauth/src/enc_test.c b/packages/atauth/src/enc_test.c deleted file mode 100644 index f99dca00..00000000 --- a/packages/atauth/src/enc_test.c +++ /dev/null @@ -1,100 +0,0 @@ -#include -#include -#include -#include -#include -#include -#include - -#define ENCODED_ENCRYPTED_AES_KEY "1xxewcGwphrpyFkDlfwgIjtHxvpqj1Y7v7vDemJgw8Pj7ewUIByzQwnxsfq6FGO" -#define AES_KEY "A6jZvnt89Cj1RuNuHUyUdbFCOjGiY99zGSLaQ5aQ7sI=" - -int main() { - atlogger_set_logging_level(ATLOGGER_LOGGING_LEVEL_DEBUG); - - // Decode the encrypted AES key - size_t encoded_len = strlen(ENCODED_ENCRYPTED_AES_KEY); - size_t ciph_decoded_len = 0; - size_t ciph_decoded_size = atchops_base64_decoded_size(encoded_len); - unsigned char *decoded_encrypted_aes_key = malloc(ciph_decoded_size); - - if (!decoded_encrypted_aes_key || - atchops_base64_decode(ENCODED_ENCRYPTED_AES_KEY, encoded_len, decoded_encrypted_aes_key, ciph_decoded_size, &ciph_decoded_len) != 0) { - fprintf(stderr, "Base64 decoding failed\n"); - free(decoded_encrypted_aes_key); - return 1; - } - - printf("Decoded encrypted AES key size: %lu\n", ciph_decoded_size); - printf("Decoded encrypted AES key length: %lu\n", ciph_decoded_len); - - for (size_t i = 0; i < ciph_decoded_len; i++) { - printf("%d\t", decoded_encrypted_aes_key[i]); - } - printf("\n"); - - // Decode the AES key - encoded_len = strlen(AES_KEY); - size_t decoded_size = atchops_base64_decoded_size(encoded_len); - size_t decoded_len = 0; - unsigned char *aes_key_bytes = malloc(decoded_size); - - if (!aes_key_bytes || - atchops_base64_decode(AES_KEY, encoded_len, aes_key_bytes, decoded_size, &decoded_len) != 0) { - fprintf(stderr, "Base64 decoding of AES key failed\n"); - free(decoded_encrypted_aes_key); - free(aes_key_bytes); - return 2; - } - - printf("Decoded AES key length: %lu\n", decoded_len); - - // Initialize IV - unsigned char *iv = malloc(ATCHOPS_IV_BUFFER_SIZE); - if (!iv) { - fprintf(stderr, "Memory allocation for IV failed\n"); - free(decoded_encrypted_aes_key); - free(aes_key_bytes); - return 3; - } - - // Decrypt the self-encrypted key - size_t decrypted_size = atchops_aes_ctr_plaintext_size(ciph_decoded_len); - printf("Decrypted self-encrypted key szie: %lu\n", decrypted_size); - unsigned char *decrypted_self_enc_key = malloc(decrypted_size); - size_t decrypted_len = 0; - - if (!decrypted_self_enc_key) { - fprintf(stderr, "Memory allocation for decrypted key failed\n"); - free(decoded_encrypted_aes_key); - free(aes_key_bytes); - free(iv); - return 4; - } - memset(decrypted_self_enc_key, 0, decrypted_size); - - if (atchops_aes_ctr_decrypt(aes_key_bytes, ATCHOPS_AES_256, iv, decoded_encrypted_aes_key, ciph_decoded_len, - decrypted_self_enc_key, decrypted_size, &decrypted_len) != 0) { - fprintf(stderr, "AES decryption failed\n"); - free(decoded_encrypted_aes_key); - free(aes_key_bytes); - free(iv); - free(decrypted_self_enc_key); - return 5; - } - - printf("Decrypted self-encrypted key length: %lu\n", decrypted_len); - - for (size_t i = 0; i < decrypted_len; i++) { - printf("%d\t", decrypted_self_enc_key[i]); - } - printf("\n"); - - // Cleanup - free(decoded_encrypted_aes_key); - free(aes_key_bytes); - free(iv); - free(decrypted_self_enc_key); - - return 0; -} diff --git a/packages/atclient/src/atclient.c b/packages/atclient/src/atclient.c index 80d71ca9..f241628b 100755 --- a/packages/atclient/src/atclient.c +++ b/packages/atclient/src/atclient.c @@ -673,7 +673,6 @@ int atclient_send_heartbeat(atclient *heartbeat_conn) { memset(recv, 0, sizeof(unsigned char) * recvsize); } size_t recv_len = 0; - char *ptr = (char *)recv; if ((ret = atclient_connection_send(&heartbeat_conn->atserver_connection, (unsigned char *)noop_cmd, noop_cmd_len, recv, recvsize, &recv_len)) != 0) { diff --git a/packages/atcommons/include/atcommons/cjson.h b/packages/atcommons/include/atcommons/cjson.h deleted file mode 100644 index 249e1f84..00000000 --- a/packages/atcommons/include/atcommons/cjson.h +++ /dev/null @@ -1,10 +0,0 @@ -#ifndef ATCOMMONS_CJSON_H -#define ATCOMMONS_CJSON_H - -#if defined(CONFIG_IDF_TARGET_ESP32) -#include -#else -#include "cJSON.h" -#endif - -#endif