Fixes in Crypto/Security managers

There was added InitCertExpTime function in crypto manager
to set certificate expired data to some initial value because
in case of no certificate it will not be inited and contain
invalid data. Also in this case IsCertificateUpdateRequired
sometimes returns wrong result because of not inited certificate
data.
In crypto manager were added/updated debug logs for better
understanding of it initialization process.
Also added function IsPolicyCertificateDataEmpty function for
getting information regarding policy certificate presence.

4 files changed, 65 insertions, 9 deletions

diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
index 4daf58b004..4e48858e5c 100644
--- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h
+++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
@@ -137,6 +137,11 @@ class CryptoManagerImpl : public CryptoManager {
   int pull_number_from_buf(char* buf, int* idx);
   void asn1_time_to_tm(ASN1_TIME* time);
 
+  /**
+   * @brief Sets initial certificate datetime
+   */
+  void InitCertExpTime();
+
   const utils::SharedPtr<const CryptoManagerSettings> settings_;
   SSL_CTX* context_;
   mutable struct tm expiration_time_;
diff --git a/src/components/security_manager/include/security_manager/security_manager_impl.h b/src/components/security_manager/include/security_manager/security_manager_impl.h
index d4231ffaa0..469b97d1e1 100644
--- a/src/components/security_manager/include/security_manager/security_manager_impl.h
+++ b/src/components/security_manager/include/security_manager/security_manager_impl.h
@@ -141,6 +141,12 @@ class SecurityManagerImpl : public SecurityManager,
   void StartHandshake(uint32_t connection_key) OVERRIDE;
 
   /**
+   * @brief Checks whether certificate should be updated
+   * @return true if certificate should be updated otherwise false
+   */
+  bool IsCertificateUpdateRequired() OVERRIDE;
+
+  /**
    * \brief Add/Remove for SecurityManagerListener
    */
   void AddListener(SecurityManagerListener* const listener) OVERRIDE;
@@ -158,7 +164,19 @@ class SecurityManagerImpl : public SecurityManager,
    * @brief Notifiers for listeners.
    * Allows to notify that certificate should be updated
    */
-  void NotifyOnCertififcateUpdateRequired();
+  DEPRECATED void NotifyOnCertififcateUpdateRequired();
+
+  /**
+   * @brief Notifiers for listeners.
+   * Allows to notify that certificate should be updated
+   */
+  void NotifyOnCertificateUpdateRequired() OVERRIDE;
+
+  /**
+   * @brief Check is policy certificate data is empty
+   * @return true if policy certificate data is not empty otherwise false
+   */
+  bool IsPolicyCertificateDataEmpty() OVERRIDE;
 
   /**
    * @brief SecurityConfigSection
diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc
index 00fcb1385a..cdafc509c1 100644
--- a/src/components/security_manager/src/crypto_manager_impl.cc
+++ b/src/components/security_manager/src/crypto_manager_impl.cc
@@ -93,6 +93,7 @@ CryptoManagerImpl::CryptoManagerImpl(
     OpenSSL_add_all_algorithms();
     SSL_library_init();
   }
+  InitCertExpTime();
 }
 
 CryptoManagerImpl::~CryptoManagerImpl() {
@@ -295,6 +296,8 @@ const CryptoManagerSettings& CryptoManagerImpl::get_settings() const {
 }
 
 bool CryptoManagerImpl::set_certificate(const std::string& cert_data) {
+  LOG4CXX_AUTO_TRACE(logger_);
+
   if (cert_data.empty()) {
     LOG4CXX_WARN(logger_, "Empty certificate");
     return false;
@@ -324,20 +327,23 @@ bool CryptoManagerImpl::set_certificate(const std::string& cert_data) {
   }
 
   if (!SSL_CTX_use_certificate(context_, cert)) {
-    LOG4CXX_WARN(logger_, "Could not use certificate");
+    LOG4CXX_WARN(logger_, "Could not use certificate: " << LastError());
     return false;
   }
 
   asn1_time_to_tm(X509_get_notAfter(cert));
 
   if (!SSL_CTX_use_PrivateKey(context_, pkey)) {
-    LOG4CXX_ERROR(logger_, "Could not use key");
+    LOG4CXX_ERROR(logger_, "Could not use key: " << LastError());
     return false;
   }
+
   if (!SSL_CTX_check_private_key(context_)) {
-    LOG4CXX_ERROR(logger_, "Could not use certificate ");
+    LOG4CXX_ERROR(logger_, "Could not use certificate: " << LastError());
     return false;
   }
+
+  LOG4CXX_DEBUG(logger_, "Certificate and key successfully updated");
   return true;
 }
 
@@ -384,4 +390,8 @@ void CryptoManagerImpl::asn1_time_to_tm(ASN1_TIME* time) {
   }
 }
 
+void CryptoManagerImpl::InitCertExpTime() {
+  strptime("1 Jan 1970 00:00:00", "%d %b %Y %H:%M:%S", &expiration_time_);
+}
+
 }  // namespace security_manager
diff --git a/src/components/security_manager/src/security_manager_impl.cc b/src/components/security_manager/src/security_manager_impl.cc
index 556cc291d1..1853b218b4 100644
--- a/src/components/security_manager/src/security_manager_impl.cc
+++ b/src/components/security_manager/src/security_manager_impl.cc
@@ -188,10 +188,6 @@ void SecurityManagerImpl::StartHandshake(uint32_t connection_key) {
     return;
   }
 
-  if (crypto_manager_->IsCertificateUpdateRequired()) {
-    NotifyOnCertififcateUpdateRequired();
-  }
-
   if (ssl_context->IsInitCompleted()) {
     NotifyListenersOnHandshakeDone(connection_key,
                                    SSLContext::Handshake_Result_Success);
@@ -219,14 +215,22 @@ void SecurityManagerImpl::StartHandshake(uint32_t connection_key) {
     SendHandshakeBinData(connection_key, data, data_size);
   }
 }
+
+bool SecurityManagerImpl::IsCertificateUpdateRequired() {
+  LOG4CXX_AUTO_TRACE(logger_);
+  return crypto_manager_->IsCertificateUpdateRequired();
+}
+
 void SecurityManagerImpl::AddListener(SecurityManagerListener* const listener) {
   if (!listener) {
     LOG4CXX_ERROR(logger_,
                   "Invalid (NULL) pointer to SecurityManagerListener.");
     return;
   }
+  LOG4CXX_DEBUG(logger_, "Adding listener " << listener);
   listeners_.push_back(listener);
 }
+
 void SecurityManagerImpl::RemoveListener(
     SecurityManagerListener* const listener) {
   if (!listener) {
@@ -236,13 +240,15 @@ void SecurityManagerImpl::RemoveListener(
   }
   listeners_.remove(listener);
 }
+
 void SecurityManagerImpl::NotifyListenersOnHandshakeDone(
     const uint32_t& connection_key, SSLContext::HandshakeResult error) {
   LOG4CXX_AUTO_TRACE(logger_);
   std::list<SecurityManagerListener*>::iterator it = listeners_.begin();
   while (it != listeners_.end()) {
     if ((*it)->OnHandshakeDone(connection_key, error)) {
-      // On get notification remove listener
+      LOG4CXX_DEBUG(logger_, "Destroying listener: " << *it);
+      delete (*it);
       it = listeners_.erase(it);
     } else {
       ++it;
@@ -251,6 +257,10 @@ void SecurityManagerImpl::NotifyListenersOnHandshakeDone(
 }
 
 void SecurityManagerImpl::NotifyOnCertififcateUpdateRequired() {
+  NotifyOnCertificateUpdateRequired();
+}
+
+void SecurityManagerImpl::NotifyOnCertificateUpdateRequired() {
   LOG4CXX_AUTO_TRACE(logger_);
   std::list<SecurityManagerListener*>::iterator it = listeners_.begin();
   while (it != listeners_.end()) {
@@ -259,6 +269,19 @@ void SecurityManagerImpl::NotifyOnCertififcateUpdateRequired() {
   }
 }
 
+bool SecurityManagerImpl::IsPolicyCertificateDataEmpty() {
+  LOG4CXX_AUTO_TRACE(logger_);
+
+  std::string certificate_data;
+  for (auto it = listeners_.begin(); it != listeners_.end(); ++it) {
+    if ((*it)->GetPolicyCertificateData(certificate_data)) {
+      LOG4CXX_DEBUG(logger_, "Certificate data received from listener");
+      return certificate_data.empty();
+    }
+  }
+  return false;
+}
+
 bool SecurityManagerImpl::ProccessHandshakeData(
     const SecurityMessage& inMessage) {
   LOG4CXX_INFO(logger_, "SendHandshakeData processing");