diff options
author | ShobhitAd <adlakhashobhit@gmail.com> | 2020-09-02 14:15:17 -0400 |
---|---|---|
committer | ShobhitAd <adlakhashobhit@gmail.com> | 2020-09-02 14:15:17 -0400 |
commit | 945a34ea61759ed25a99a7c1b947202847c289e4 (patch) | |
tree | 443be59ade2219ff6f43b9ec0f538485440a46c1 | |
parent | 1a9c6f0008150a0d0e75e98acde5f2434ed8afd4 (diff) | |
download | sdl_core-feature/protocol_nak_reason_param.tar.gz |
Add more details to the invalid cert nak reasonfeature/protocol_nak_reason_param
-rw-r--r-- | src/components/protocol_handler/include/protocol_handler/handshake_handler.h | 5 | ||||
-rw-r--r-- | src/components/protocol_handler/src/handshake_handler.cc | 46 |
2 files changed, 41 insertions, 10 deletions
diff --git a/src/components/protocol_handler/include/protocol_handler/handshake_handler.h b/src/components/protocol_handler/include/protocol_handler/handshake_handler.h index 9552d4c420..a9a5997493 100644 --- a/src/components/protocol_handler/include/protocol_handler/handshake_handler.h +++ b/src/components/protocol_handler/include/protocol_handler/handshake_handler.h @@ -130,8 +130,11 @@ class HandshakeHandler : public security_manager::SecurityManagerListener { * @brief Performs related actions if handshake was failed * @param params set of params used in bson part of message * @param service_status - service status to be sent to HMI + * @param err_reason - Optional error description */ - void ProcessFailedHandshake(BsonObject& params, ServiceStatus service_status); + void ProcessFailedHandshake(BsonObject& params, + ServiceStatus service_status, + std::string err_reason = std::string()); /** * @brief Determines whether service can be protected diff --git a/src/components/protocol_handler/src/handshake_handler.cc b/src/components/protocol_handler/src/handshake_handler.cc index a227e9f3d6..4d306fd330 100644 --- a/src/components/protocol_handler/src/handshake_handler.cc +++ b/src/components/protocol_handler/src/handshake_handler.cc @@ -86,7 +86,9 @@ void HandshakeHandler::OnCertificateUpdateRequired() { bool HandshakeHandler::OnCertDecryptFailed() { SDL_LOG_AUTO_TRACE(); if (payload_) { - ProcessFailedHandshake(*payload_, ServiceStatus::CERT_INVALID); + ProcessFailedHandshake(*payload_, + ServiceStatus::CERT_INVALID, + "Failed to decrypt the certificate"); } return true; @@ -136,11 +138,34 @@ bool HandshakeHandler::OnHandshakeDone( const bool success = result == security_manager::SSLContext::Handshake_Result_Success; + auto getInvalidCertReason = + [](const security_manager::SSLContext::HandshakeResult& result) { + switch (result) { + case security_manager::SSLContext::Handshake_Result_CertExpired: + return "Certificate already expired"; + case security_manager::SSLContext::Handshake_Result_NotYetValid: + return "Certificate is not yet valid"; + case security_manager::SSLContext::Handshake_Result_CertNotSigned: + return "Certificate is not signed"; + case security_manager::SSLContext::Handshake_Result_AppIDMismatch: + return "Trying to run handshake with wrong app id"; + case security_manager::SSLContext::Handshake_Result_AppNameMismatch: + return "Trying to run handshake with wrong app name"; + case security_manager::SSLContext::Handshake_Result_AbnormalFail: + return "Error occurred during handshake"; + case security_manager::SSLContext::Handshake_Result_Fail: + return ""; + default: + return ""; + } + }; + if (payload_) { if (success) { ProcessSuccessfulHandshake(connection_key, *payload_); } else { - ProcessFailedHandshake(*payload_, ServiceStatus::CERT_INVALID); + ProcessFailedHandshake( + *payload_, ServiceStatus::CERT_INVALID, getInvalidCertReason(result)); } } else { BsonObject params; @@ -148,7 +173,8 @@ bool HandshakeHandler::OnHandshakeDone( if (success) { ProcessSuccessfulHandshake(connection_key, params); } else { - ProcessFailedHandshake(params, ServiceStatus::CERT_INVALID); + ProcessFailedHandshake( + params, ServiceStatus::CERT_INVALID, getInvalidCertReason(result)); } bson_object_deinitialize(¶ms); } @@ -211,7 +237,8 @@ void HandshakeHandler::ProcessSuccessfulHandshake(const uint32_t connection_key, } void HandshakeHandler::ProcessFailedHandshake(BsonObject& params, - ServiceStatus service_status) { + ServiceStatus service_status, + std::string err_reason) { SDL_LOG_AUTO_TRACE(); SDL_LOG_DEBUG("Handshake failed"); const std::vector<int>& force_protected = @@ -252,11 +279,12 @@ void HandshakeHandler::ProcessFailedHandshake(BsonObject& params, ? "Failed to get system time" : "Unknown cause of failure"; - protocol_handler_.SendStartSessionNAck(context_.connection_id_, - context_.new_session_id_, - protocol_version_, - context_.service_type_, - reason_msg); + protocol_handler_.SendStartSessionNAck( + context_.connection_id_, + context_.new_session_id_, + protocol_version_, + context_.service_type_, + reason_msg + (err_reason.empty() ? "" : ": " + err_reason)); } } |