Certificates on Flash (rm_cert)

Functions
int	RM_CERT_DeleteAll (void)
	Delete all the certificates stored in the flash memory. More...
rm_cert_err_t	RM_CERT_Write (rm_cert_module_t module, rm_cert_type_t type, rm_cert_format_t format, uint8_t *in, size_t inlen)
	Write the certificate specified by module and type to the flash memory. More...
rm_cert_err_t	RM_CERT_Read (rm_cert_module_t module, rm_cert_type_t type, rm_cert_format_t *format, uint8_t *out, size_t *outlen)
	Read the certificate specified by module and type from the flash memory. More...
rm_cert_err_t	RM_CERT_Delete (rm_cert_module_t module, rm_cert_type_t type)
	Delete the certificate specified by module and type from the flash memory. More...
int	RM_CERT_IsExistCert (rm_cert_module_t module, rm_cert_type_t type)
	Check whether the certificate specified by module and type exists or not in the flash memory. More...
rm_cert_module_t	RM_CERT_GetModule (uint32_t flash_addr)
	Get module ID from specific flash memory address. More...
rm_cert_type_t	RM_CERT_GetType (uint32_t flash_addr)
	Get certificate type from specific flash memory address. More...
int	RM_CERT_IsPemFormat (const char *buf)
	Check whether the certificate is pem format or not. More...

Detailed Description

Overview

This module reads/writes/deletes certificates from/to flash memory.

Features

• Writing certificates to flash memory.
• Reading certificates from flash memory.
• Deleting certificates from flash memory.

Configuration

This module is generated with Virtual EEPROM on Flash (rm_vee_flash_w). This module has no configurations.

Clock Configuration

There is no clock configuration for the rm_cert module.

Pin Configuration

This module does not use I/O pins.

Examples

Basic Example

This is a basic example of minimal use of the RM_CERT module in an application.

#include "rm_cert.h"

static void error_handler ();
void rm_cert_example ();

#define EXAMPLE_ROOTCA                                                 \
    "-----BEGIN CERTIFICATE-----\n"                                      \
    "MIIDUTCCAjkCFE5zJ+Pa9oKE1/+wPkASd2rm53KHMA0GCSqGSIb3DQEBCwUAMGUx\n" \
    "CzAJBgNVBAYTAmpwMQ4wDAYDVQQIDAVPc2FrYTESMBAGA1UEBwwJT3Nha2Etc2hp\n" \
    "MRYwFAYDVQQKDA0iRXhhbXBsZSBJbmMiMQwwCgYDVQQLDANGb28xDDAKBgNVBAMM\n" \
    "A3RlazAeFw0yNDA5MTAyMjI0NTBaFw0yNTA5MTAyMjI0NTBaMGUxCzAJBgNVBAYT\n" \
    "AmpwMQ4wDAYDVQQIDAVPc2FrYTESMBAGA1UEBwwJT3Nha2Etc2hpMRYwFAYDVQQK\n" \
    "DA0iRXhhbXBsZSBJbmMiMQwwCgYDVQQLDANGb28xDDAKBgNVBAMMA3RlazCCASIw\n" \
    "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANJbt7+igiNpXlquBLnbn2urT9sz\n" \
    "g5NKG7vL6JckAYm9Am/M/KGrcN3U7z6AKQI0Zt0uigN4b5QF3aeVqbwKXJO8lYCS\n" \
    "LeRpyl64pXwIuSQa0x21SNFqojDLl7Bk520DqD76mG1MLq/HZirR6R5+VIJV182x\n" \
    "c5ZqhskWLPQJ+ASdkYxYbma2FWeLClfJIdo6L6q1om6OB9jIc3wWqfE9ZFo7JHH2\n" \
    "5fJAErRAF4jgVGFZOsXW8eVxjT5uTXHT7NKIqGmMjRjUlO/n5IBcsD+PE/jJh/Br\n" \
    "gy+wU3cgfYudmirzueuoQipgrmCTBg5TCiXYrXQchwjenRjm3+PG1JLU/UcCAwEA\n" \
    "ATANBgkqhkiG9w0BAQsFAAOCAQEAHTeQqLy6aB+GqDEfs6tE3p3kZOkjSw29hZDg\n" \
    "CBnbGsh4BrGO/GBesTuRIV6Gl2g8tsGVeHMSnYw50hMtoLeDIjWL2jOElDlV/xxG\n" \
    "6DOYGNYQ3W3uqsu4oEBZyoPTXEikeSB9i5AQUlqvH6vRxj35TD/U61Yd6sibT1OY\n" \
    "jzk0NC1VmhHao3XcAsvJxxrkwj+vjMfairl6AYrSUqm0YImnxSnymF1f72rR+ZbP\n" \
    "TEh6ddww5+UjlYt3arWx7EtZ1GGBTL1WJQXcdVKYn6/AUbqdhXWghO47KDjy8cAM\n" \
    "k7+DzGzGV4OTzGjLKCZYKveYCIPCTaacnv/yALJG+p9qvi26UQ==\n"             \
    "-----END CERTIFICATE-----\n"

const char * p_root_ca;
uint32_t     root_ca_size;

static void error_handler ()
{
}

void rm_cert_example ()
{
    rm_cert_err_t    status;
    rm_cert_format_t format               = RM_CERT_FORMAT_NONE;
    unsigned char    buf[CERT_MAX_LENGTH] = {};
    size_t           buflen               = CERT_MAX_LENGTH;

    p_root_ca    = EXAMPLE_ROOTCA;
    root_ca_size = sizeof(EXAMPLE_ROOTCA);

    status = RM_CERT_Write(RM_CERT_GetModule(SF_TLS_CERT_MQTT_CLI_CA_ADDR),
                           RM_CERT_GetType(SF_TLS_CERT_MQTT_CLI_CA_ADDR), RM_CERT_FORMAT_PEM,
                           (unsigned char *)p_root_ca, root_ca_size);

    if (RM_CERT_ERR_OK != status)
    {
        error_handler();
    }

    status = RM_CERT_Read(RM_CERT_GetModule(SF_TLS_CERT_MQTT_CLI_CA_ADDR),
                          RM_CERT_GetType(SF_TLS_CERT_MQTT_CLI_CA_ADDR), &format,
                          buf, &buflen);

    if (RM_CERT_ERR_OK != status)
    {
        error_handler();
    }

    if (pdTRUE == RM_CERT_IsExistCert(RM_CERT_MODULE_MQTT, RM_CERT_TYPE_CA_CERT))
    {
        status = RM_CERT_Delete(RM_CERT_GetModule(SF_TLS_CERT_MQTT_CLI_CA_ADDR),
                                RM_CERT_GetType(SF_TLS_CERT_MQTT_CLI_CA_ADDR));

        if (RM_CERT_ERR_OK != status)
        {
            error_handler();
        }
    }
}

Enumerations
enum	rm_cert_err_t
enum	rm_cert_module_t
enum	rm_cert_type_t
enum	rm_cert_format_t

Enumeration Type Documentation

rm_cert_err_t

enum rm_cert_err_t

Error codes for rm_cert

Enumerator
RM_CERT_ERR_OK	The operation succeeded.
RM_CERT_ERR_NOK	The operation failed.
RM_CERT_ERR_INVALID_MODULE	Invalid module.
RM_CERT_ERR_INVALID_TYPE	Invalid type.
RM_CERT_ERR_INVALID_FORMAT	Invalid format.
RM_CERT_ERR_INVALID_LENGTH	Invalid length.
RM_CERT_ERR_INVALID_FLASH_ADDR	Failed to get flash memory.
RM_CERT_ERR_INVALID_PARAMS	Invalid certificate.
RM_CERT_ERR_FOPEN_FAILED	Failed to open.
RM_CERT_ERR_MEM_FAILED	Failed to allocate memory.
RM_CERT_ERR_EMPTY_CERTIFICATE	No certificate.

rm_cert_module_t

enum rm_cert_module_t

Module ID

Enumerator
RM_CERT_MODULE_NONE	Invalid module.
RM_CERT_MODULE_MQTT	MQTT.
RM_CERT_MODULE_HTTPS_CLIENT	HTTPS client.
RM_CERT_MODULE_WPA_ENTERPRISE	WPA enterprise.
RM_CERT_MODULE_OTA	OTA.
RM_CERT_MODULE_HTTPS_SERVER	HTTPS server.
RM_CERT_MODULE_ATCMD	AT command.
RM_CERT_MODULE_AWS	AWS.
RM_CERT_MODULE_MATTER	Matter/Connectedhomeip.
RM_CERT_MODULE_MISC1	Miscellaneous Application 1.
RM_CERT_MODULE_MISC2	Miscellaneous Application 2.
RM_CERT_MODULE_MISC3	Miscellaneous Application 3.
RM_CERT_MODULE_MISC4	Miscellaneous Application 4.
RM_CERT_MODULE_MISC5	Miscellaneous Application 5.
RM_CERT_MODULE_MISC6	Miscellaneous Application 6.
RM_CERT_MODULE_MISC7	Miscellaneous Application 7.
RM_CERT_MODULE_MISC8	Miscellaneous Application 8.

rm_cert_type_t

enum rm_cert_type_t

Certificate type

Enumerator
RM_CERT_TYPE_NONE	Invalid type.
RM_CERT_TYPE_CA_CERT	CA certificate.
RM_CERT_TYPE_CERT	Certificate.
RM_CERT_TYPE_PRIVATE_KEY	Private key.
RM_CERT_TYPE_DH_PARAMS	DH params.
RM_CERT_TYPE_INITIAL_CERT	AWS Initial Certificate.
RM_CERT_TYPE_INITIAL_PRIV_KEY	AWS Initial Private key.
RM_CERT_TYPE_UNIQUE_CERT	AWS Unique Certificate.
RM_CERT_TYPE_UNIQUE_PRIV_KEY	AWS Unique Private key.
RM_CERT_TYPE_EXCHANGE	Any negotiation parameter used.
RM_CERT_TYPE_CD	Matter Certificate Declaration.
RM_CERT_TYPE_DAC_CERT	Matter DAC Certificate.
RM_CERT_TYPE_PAI_CERT	Matter PAI Certificate.
RM_CERT_TYPE_DAC_PRIV_KEY	Matter DAC Private Key.
RM_CERT_TYPE_DAC_PUB_KEY	Matter DAC Public Key.

rm_cert_format_t

enum rm_cert_format_t

Certificate format

Enumerator
RM_CERT_FORMAT_NONE	Invalid format.
RM_CERT_FORMAT_DER	DER format.
RM_CERT_FORMAT_PEM	PEM format.

Function Documentation

RM_CERT_DeleteAll()

int RM_CERT_DeleteAll

(

void

)

Delete all the certificates stored in the flash memory.

Return values

RM_CERT_ERR_OK	The operation succeeded.
RM_CERT_ERR_NOK	Failed to erase data.
RM_CERT_ERR_INVALID_MODULE	Invaild module.
RM_CERT_ERR_INVALID_TYPE	Invaild type.
RM_CERT_ERR_INVALID_FLASH_ADDR	Failed to get flash memory.

RM_CERT_Write()

rm_cert_err_t RM_CERT_Write	(	rm_cert_module_t	module,
		rm_cert_type_t	type,
		rm_cert_format_t	format,
		uint8_t *	in,
		size_t	inlen
	)

Write the certificate specified by module and type to the flash memory.

Parameters

[in]	module	Module ID.
[in]	type	Certificate type.
[in]	format	Certificate format.
[in]	in	Pointer to write certificate.
[in]	inlen	Length of certificate.

Return values

RM_CERT_ERR_OK	The operation succeeded.
RM_CERT_ERR_NOK	The operation failed.
RM_CERT_ERR_INVALID_MODULE	Invaild module.
RM_CERT_ERR_INVALID_TYPE	Invaild type.
RM_CERT_ERR_INVALID_FORMAT	Invaild format.
RM_CERT_ERR_INVALID_LENGTH	Invaild length.
RM_CERT_ERR_INVALID_FLASH_ADDR	Failed to get flash memory.
RM_CERT_ERR_INVALID_PARAMS	Invalid certificate.
RM_CERT_ERR_MEM_FAILED	Failed to allocate memory.

RM_CERT_Read()

rm_cert_err_t RM_CERT_Read	(	rm_cert_module_t	module,
		rm_cert_type_t	type,
		rm_cert_format_t *	format,
		uint8_t *	out,
		size_t *	outlen
	)

Read the certificate specified by module and type from the flash memory.

Parameters

[in]	module	Module ID.
[in]	type	Certificate type.
[out]	format	Certificate format.
[out]	out	Pointer to read certificate.
[out]	outlen	Length of certificate.

Return values

RM_CERT_ERR_OK	The operation succeeded.
RM_CERT_ERR_INVALID_MODULE	Invaild module.
RM_CERT_ERR_INVALID_TYPE	Invaild type.
RM_CERT_ERR_INVALID_LENGTH	Not enough space.
RM_CERT_ERR_INVALID_FLASH_ADDR	Failed to get flash memory.
RM_CERT_ERR_MEM_FAILED	Failed to allocate memory.
RM_CERT_ERR_EMPTY_CERTIFICATE	No certificate.

RM_CERT_Delete()

rm_cert_err_t RM_CERT_Delete	(	rm_cert_module_t	module,
		rm_cert_type_t	type
	)

Delete the certificate specified by module and type from the flash memory.

Parameters

[in]	module	Module ID.
[in]	type	Certificate type.

Return values

RM_CERT_ERR_OK	The operation succeeded.
RM_CERT_ERR_NOK	Failed to erase data.
RM_CERT_ERR_INVALID_MODULE	Invaild module.
RM_CERT_ERR_INVALID_TYPE	Invaild type.
RM_CERT_ERR_INVALID_FLASH_ADDR	Failed to get flash memory.

RM_CERT_IsExistCert()

int RM_CERT_IsExistCert	(	rm_cert_module_t	module,
		rm_cert_type_t	type
	)

Check whether the certificate specified by module and type exists or not in the flash memory.

Parameters

[in]	module	Module ID.
[in]	type	Certificate type.

Return values

true	The certificate exists.
false	The certificate does not exist.

RM_CERT_GetModule()

rm_cert_module_t RM_CERT_GetModule

(

uint32_t

flash_addr

)

Get module ID from specific flash memory address.

Parameters

[in]

flash_addr

Specific flash memory address to get module ID.

Returns

Module ID. See rm_cert_module_t.

RM_CERT_GetType()

rm_cert_type_t RM_CERT_GetType

(

uint32_t

flash_addr

)

Get certificate type from specific flash memory address.

Parameters

[in]

flash_addr

Specific flash memory address to get certificate type.

Returns

Certificate type. See rm_cert_type_t.

RM_CERT_IsPemFormat()

int RM_CERT_IsPemFormat

(

const char *

buf

)

Check whether the certificate is pem format or not.

Parameters

[in]

buf

Pointer to the buffer of certificate.

Return values

true	PEM format.
false	Other format.