in provisioning_client/src/iothub_auth_client.c [122:242]
IOTHUB_SECURITY_HANDLE iothub_device_auth_create()
{
IOTHUB_SECURITY_INFO* result;
IOTHUB_SECURITY_TYPE iothub_security_t = iothub_security_type();
if ((result = (IOTHUB_SECURITY_INFO*)malloc(sizeof(IOTHUB_SECURITY_INFO))) == NULL)
{
LogError("Failed allocating IOTHUB_SECURITY_INFO.");
}
else
{
memset(result, 0, sizeof(IOTHUB_SECURITY_INFO) );
#if defined(HSM_TYPE_SAS_TOKEN) || defined(HSM_AUTH_TYPE_CUSTOM)
if (iothub_security_t == IOTHUB_SECURITY_TYPE_SAS)
{
result->cred_type = AUTH_TYPE_SAS;
result->base64_encode_signature = true;
result->urlencode_token_scope = false;
const HSM_CLIENT_TPM_INTERFACE* tpm_interface = hsm_client_tpm_interface();
if ((tpm_interface == NULL) ||
((result->hsm_client_create = tpm_interface->hsm_client_tpm_create) == NULL) ||
((result->hsm_client_destroy = tpm_interface->hsm_client_tpm_destroy) == NULL) ||
((result->hsm_client_sign_data = tpm_interface->hsm_client_sign_with_identity) == NULL)
)
{
LogError("Invalid secure device interface");
free(result);
result = NULL;
}
}
#endif
#if defined(HSM_TYPE_X509) || defined(HSM_TYPE_RIOT) || defined(HSM_AUTH_TYPE_CUSTOM)
if (result != NULL && iothub_security_t == IOTHUB_SECURITY_TYPE_X509)
{
result->cred_type = AUTH_TYPE_X509;
result->base64_encode_signature = true;
result->urlencode_token_scope = false;
const HSM_CLIENT_X509_INTERFACE* x509_interface = hsm_client_x509_interface();
if ((x509_interface == NULL) ||
((result->hsm_client_create = x509_interface->hsm_client_x509_create) == NULL) ||
((result->hsm_client_destroy = x509_interface->hsm_client_x509_destroy) == NULL) ||
((result->hsm_client_get_cert = x509_interface->hsm_client_get_cert) == NULL) ||
((result->hsm_client_get_alias_key = x509_interface->hsm_client_get_key) == NULL)
)
{
LogError("Invalid handle parameter: DEVICE_AUTH_CREATION_INFO is NULL");
free(result);
result = NULL;
}
}
#endif
#if defined(HSM_TYPE_SYMM_KEY) || defined(HSM_AUTH_TYPE_CUSTOM)
if (result != NULL && iothub_security_t == IOTHUB_SECURITY_TYPE_SYMMETRIC_KEY)
{
result->cred_type = AUTH_TYPE_SYMM_KEY;
result->base64_encode_signature = true;
result->urlencode_token_scope = false;
const HSM_CLIENT_KEY_INTERFACE* key_interface = hsm_client_key_interface();
if ((key_interface == NULL) ||
((result->hsm_client_create = key_interface->hsm_client_key_create) == NULL) ||
((result->hsm_client_destroy = key_interface->hsm_client_key_destroy) == NULL) ||
((result->hsm_client_get_symm_key = key_interface->hsm_client_get_symm_key) == NULL) ||
((result->hsm_client_set_symm_key_info = key_interface->hsm_client_set_symm_key_info) == NULL)
)
{
LogError("Invalid x509 secure device interface was specified");
free(result);
result = NULL;
}
}
#endif
#ifdef HSM_TYPE_HTTP_EDGE
if (result != NULL && iothub_security_t == IOTHUB_SECURITY_TYPE_HTTP_EDGE)
{
result->cred_type = AUTH_TYPE_SAS;
// Because HTTP_edge operates over HTTP, the server has already base64 encoded signature its returning to us.
result->base64_encode_signature = false;
result->urlencode_token_scope = true;
const HSM_CLIENT_HTTP_EDGE_INTERFACE* http_edge_interface = hsm_client_http_edge_interface();
if ((http_edge_interface == NULL) ||
((result->hsm_client_create = http_edge_interface->hsm_client_http_edge_create) == NULL) ||
((result->hsm_client_destroy = http_edge_interface->hsm_client_http_edge_destroy) == NULL) ||
((result->hsm_client_sign_data = http_edge_interface->hsm_client_sign_with_identity) == NULL) ||
((result->hsm_client_get_trust_bundle = http_edge_interface->hsm_client_get_trust_bundle) == NULL))
{
LogError("Invalid secure device interface");
free(result);
result = NULL;
}
}
#endif
if (result == NULL)
{
LogError("Error allocating result or else unsupported security type %d", iothub_security_t);
}
else if (result->hsm_client_create == NULL)
{
LogError("hsm_client_create is not a valid address");
free(result);
result = NULL;
}
else
{
if ((result->hsm_client_handle = result->hsm_client_create()) == NULL)
{
LogError("failed create device auth module.");
free(result);
result = NULL;
}
else if (result->cred_type == AUTH_TYPE_SYMM_KEY && result->hsm_client_set_symm_key_info(result->hsm_client_handle, iothub_security_get_symm_registration_name(), iothub_security_get_symmetric_key()) != 0)
{
LogError("Invalid x509 secure device interface was specified");
result->hsm_client_destroy(result->hsm_client_handle);
free(result);
result = NULL;
}
}
}
return result;
}