Adjustments after resolving merge conflictsfix/fix_ssl_handshake_flow_integration_branch_final

Conflicts:
	src/components/protocol_handler/src/protocol_handler_impl.cc

8 files changed, 43 insertions, 104 deletions

diff --git a/src/components/policy/policy_external/src/policy_manager_impl.cc b/src/components/policy/policy_external/src/policy_manager_impl.cc
index ced747ac25..172e218e0e 100644
--- a/src/components/policy/policy_external/src/policy_manager_impl.cc
+++ b/src/components/policy/policy_external/src/policy_manager_impl.cc
@@ -613,8 +613,7 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
     policy_table::FunctionalGroupings functional_groupings;
     cache_->GetFunctionalGroupings(functional_groupings);
 
-    policy_table::Strings app_groups =
-        GetGroupsNames(app_group_permissions);
+    policy_table::Strings app_groups = GetGroupsNames(app_group_permissions);
 
     // Undefined groups (without user consent) disallowed by default, since
     // OnPermissionsChange notification has no "undefined" section
@@ -646,8 +645,7 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
   }
 
   const bool known_rpc = rpc_permissions.end() != rpc_permissions.find(rpc);
-  LOG4CXX_DEBUG(logger_, "Is known rpc " <<
-                (known_rpc ? "true" : "false"));
+  LOG4CXX_DEBUG(logger_, "Is known rpc " << (known_rpc ? "true" : "false"));
   if (!known_rpc) {
     // RPC not found in list == disallowed by backend
     result.hmi_level_permitted = kRpcDisallowed;
@@ -669,7 +667,9 @@ void PolicyManagerImpl::CheckPermissions(const PTString& app_id,
              rpc_permissions[rpc].hmi_permissions[kUserDisallowedKey].find(
                  hmi_level)) {
     // RPC found in allowed == allowed by backend, but disallowed by user
-    LOG4CXX_DEBUG(logger_, "RPC found in allowed == allowed by backend, but disallowed by user");
+    LOG4CXX_DEBUG(
+        logger_,
+        "RPC found in allowed == allowed by backend, but disallowed by user");
     result.hmi_level_permitted = kRpcUserDisallowed;
   } else {
     LOG4CXX_DEBUG(logger_,
@@ -1009,7 +1009,6 @@ void PolicyManagerImpl::SetUserConsentForApp(
     const PermissionConsent& permissions, const NotificationMode mode) {
   LOG4CXX_AUTO_TRACE(logger_);
 
-
   cache_->ResetCalculatedPermissions();
   PermissionConsent verified_permissions =
       EnsureCorrectPermissionConsent(permissions);
diff --git a/src/components/policy/policy_regular/src/policy_manager_impl.cc b/src/components/policy/policy_regular/src/policy_manager_impl.cc
index 915965f569..8687501b2f 100644
--- a/src/components/policy/policy_regular/src/policy_manager_impl.cc
+++ b/src/components/policy/policy_regular/src/policy_manager_impl.cc
@@ -1073,13 +1073,6 @@ StatusNotifier PolicyManagerImpl::AddApplication(
                                                device_consent);
   } else {
     PromoteExistedApplication(application_id, device_consent);
-    const policy_table::AppHMIType type = policy_table::AHT_NAVIGATION;
-    if (helpers::in_range(hmi_types,
-                          (rpc::Enum<policy_table::AppHMIType>)type) &&
-        !HasCertificate()) {
-      LOG4CXX_DEBUG(logger_, "Certificate does not exist, scheduling update.");
-      update_status_manager_.ScheduleUpdate();
-    }
     return utils::MakeShared<utils::CallNothing>();
   }
 }
diff --git a/src/components/protocol_handler/src/protocol_handler_impl.cc b/src/components/protocol_handler/src/protocol_handler_impl.cc
index 35992e4573..8d8cf3e3ce 100644
--- a/src/components/protocol_handler/src/protocol_handler_impl.cc
+++ b/src/components/protocol_handler/src/protocol_handler_impl.cc
@@ -149,7 +149,6 @@ ProtocolHandlerImpl::~ProtocolHandlerImpl() {
                  "Not all observers have unsubscribed"
                  " from ProtocolHandlerImpl");
   }
-  handshake_handlers_.clear();
 }
 
 void ProtocolHandlerImpl::AddProtocolObserver(ProtocolObserver* observer) {
@@ -843,6 +842,11 @@ void ProtocolHandlerImpl::OnTMMessageSendFailed(
                                    << "Error_text: " << error.text());
 }
 
+void ProtocolHandlerImpl::NotifyOnFailedHandshake() {
+  LOG4CXX_AUTO_TRACE(logger_);
+  security_manager_->NotifyListenersOnHandshakeFailed();
+}
+
 void ProtocolHandlerImpl::OnConnectionEstablished(
     const transport_manager::DeviceInfo& device_info,
     const transport_manager::ConnectionUID connection_id) {
@@ -1530,7 +1534,10 @@ void ProtocolHandlerImpl::NotifySessionStarted(
                                            start_session_ack_params);
 
     security_manager::SSLContext* ssl_context =
-        security_manager_->CreateSSLContext(connection_key);
+        security_manager_->CreateSSLContext(
+            connection_key,
+            security_manager::SecurityManager::ContextCreationStrategy::
+                kUseExisting);
     if (!ssl_context) {
       const std::string error("CreateSSLContext failed");
       LOG4CXX_ERROR(logger_, error);
diff --git a/src/components/protocol_handler/test/protocol_handler_tm_test.cc b/src/components/protocol_handler/test/protocol_handler_tm_test.cc
index 075b332345..177fbaec01 100644
--- a/src/components/protocol_handler/test/protocol_handler_tm_test.cc
+++ b/src/components/protocol_handler/test/protocol_handler_tm_test.cc
@@ -623,6 +623,21 @@ TEST_F(ProtocolHandlerImplTest,
   const ::transport_manager::ConnectionUID connection_id2 = 0xBu;
   const uint8_t session_id2 = 2u;
 
+  TestAsyncWaiter waiter;
+  uint32_t times = 0;
+
+#ifdef ENABLE_SECURITY
+  AddSecurityManager();
+
+  EXPECT_CALL(session_observer_mock, KeyFromPair(connection_id2, session_id2))
+      .WillOnce(Return(connection_key));
+
+  EXPECT_CALL(session_observer_mock,
+              GetSSLContext(connection_key, start_service))
+      .Times(2)
+      .WillRepeatedly(ReturnNull());
+#endif  // ENABLE_SECURITY
+
   EXPECT_CALL(session_observer_mock, IsHeartBeatSupported(connection_id1, _))
       .WillRepeatedly(Return(false));
   EXPECT_CALL(session_observer_mock, IsHeartBeatSupported(connection_id2, _))
@@ -640,9 +655,6 @@ TEST_F(ProtocolHandlerImplTest,
                                                   std::string("BTMAC")),
                                        connection_id2);
 
-  TestAsyncWaiter waiter;
-  uint32_t times = 0;
-
   BsonObject bson_params1;
   bson_object_initialize_default(&bson_params1);
   bson_object_put_string(&bson_params1,
diff --git a/src/components/security_manager/include/security_manager/crypto_manager_impl.h b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
index 40f15f2e46..aa3be0f430 100644
--- a/src/components/security_manager/include/security_manager/crypto_manager_impl.h
+++ b/src/components/security_manager/include/security_manager/crypto_manager_impl.h
@@ -162,14 +162,6 @@ class CryptoManagerImpl : public CryptoManager {
    */
   bool SaveCertificateData(const std::string& cert_data) const;
 
-  int pull_number_from_buf(char* buf, int* idx) const;
-  void asn1_time_to_tm(ASN1_TIME* time) const;
-
-  /**
-   * @brief Sets initial certificate datetime
-   */
-  void InitCertExpTime();
-
   /**
    * @brief Updates certificate and private key for the current SSL context
    * @param certificate new certificate to update
diff --git a/src/components/security_manager/src/crypto_manager_impl.cc b/src/components/security_manager/src/crypto_manager_impl.cc
index 4adb21646b..84c5db7c0e 100644
--- a/src/components/security_manager/src/crypto_manager_impl.cc
+++ b/src/components/security_manager/src/crypto_manager_impl.cc
@@ -386,8 +386,6 @@ bool CryptoManagerImpl::SaveCertificateData(
   utils::ScopeGuard cert_guard = utils::MakeGuard(X509_free, cert);
   UNUSED(cert_guard);
 
-  asn1_time_to_tm(X509_get_notAfter(cert));
-
   if (1 != BIO_reset(bio_cert)) {
     LOG4CXX_WARN(logger_,
                  "Unabled to reset BIO in order to read private key, "
@@ -406,53 +404,6 @@ bool CryptoManagerImpl::SaveCertificateData(
   return SaveModuleCertificateToFile(cert) && SaveModuleKeyToFile(pkey);
 }
 
-int CryptoManagerImpl::pull_number_from_buf(char* buf, int* idx) const {
-  if (!idx) {
-    return 0;
-  }
-  const int val = ((buf[*idx] - '0') * 10) + buf[(*idx) + 1] - '0';
-  *idx = *idx + 2;
-  return val;
-}
-
-void CryptoManagerImpl::asn1_time_to_tm(ASN1_TIME* time) const {
-  char* buf = (char*)time->data;
-  int index = 0;
-  const int year = pull_number_from_buf(buf, &index);
-  if (V_ASN1_GENERALIZEDTIME == time->type) {
-    expiration_time_.tm_year =
-        (year * 100 - 1900) + pull_number_from_buf(buf, &index);
-  } else {
-    expiration_time_.tm_year = year < 50 ? year + 100 : year;
-  }
-
-  const int mon = pull_number_from_buf(buf, &index);
-  const int day = pull_number_from_buf(buf, &index);
-  const int hour = pull_number_from_buf(buf, &index);
-  const int mn = pull_number_from_buf(buf, &index);
-
-  expiration_time_.tm_mon = mon - 1;
-  expiration_time_.tm_mday = day;
-  expiration_time_.tm_hour = hour;
-  expiration_time_.tm_min = mn;
-
-  if (buf[index] == 'Z') {
-    expiration_time_.tm_sec = 0;
-  }
-  if ((buf[index] == '+') || (buf[index] == '-')) {
-    const int mn = pull_number_from_buf(buf, &index);
-    const int mn1 = pull_number_from_buf(buf, &index);
-    expiration_time_.tm_sec = (mn * 3600) + (mn1 * 60);
-  } else {
-    const int sec = pull_number_from_buf(buf, &index);
-    expiration_time_.tm_sec = sec;
-  }
-}
-
-void CryptoManagerImpl::InitCertExpTime() {
-  strptime("1 Jan 1970 00:00:00", "%d %b %Y %H:%M:%S", &expiration_time_);
-}
-
 bool CryptoManagerImpl::UpdateModuleCertificateData(X509* certificate,
                                                     EVP_PKEY* key) {
   LOG4CXX_AUTO_TRACE(logger_);
diff --git a/src/components/security_manager/test/security_manager_test.cc b/src/components/security_manager/test/security_manager_test.cc
index 2661d9fef4..30f046ab24 100644
--- a/src/components/security_manager/test/security_manager_test.cc
+++ b/src/components/security_manager/test/security_manager_test.cc
@@ -494,8 +494,7 @@ TEST_F(SecurityManagerTest, CreateSSLContext_Success) {
 
   const SSLContext* result = security_manager_->CreateSSLContext(
       kKey,
-      security_manager::SecurityManager::ContextCreationStrategy::
-          kForceRecreation);
+      security_manager::SecurityManager::ContextCreationStrategy::kUseExisting);
   EXPECT_EQ(&mock_ssl_context_new, result);
 }
 /*
@@ -537,38 +536,24 @@ TEST_F(SecurityManagerTest, StartHandshake_SSLInternalError) {
 
   uint32_t connection_id = 0;
   uint8_t session_id = 0;
-  // uint8_t protocol_version = 0;
+
   EXPECT_CALL(mock_session_observer, PairFromKey(kKey, _, _));
-  EXPECT_CALL(mock_session_observer, GetHandshakeContext(kKey))
-      .WillOnce(Return(SSLContext::HandshakeContext()));
   EXPECT_CALL(mock_session_observer,
               ProtocolVersionUsed(connection_id, session_id, _))
       .WillOnce(Return(true));
-
-  // Expect InternalError with ERROR_ID
-  EXPECT_CALL(
-      mock_protocol_handler,
-      SendMessageToMobileApp(
-          InternalErrorWithErrId(SecurityManager::ERROR_INTERNAL), kIsFinal));
   // Expect notifying listeners (unsuccess)
   EXPECT_CALL(*mock_sm_listener,
               OnHandshakeDone(kKey, SSLContext::Handshake_Result_Fail))
       .WillOnce(Return(true));
-
-  // Emulate SessionObserver result
   EXPECT_CALL(mock_session_observer, GetSSLContext(kKey, kControl))
-      .WillOnce(Return(&mock_ssl_context_exists));
-  EXPECT_CALL(mock_ssl_context_exists, IsInitCompleted())
-      .WillOnce(Return(false));
-  EXPECT_CALL(mock_ssl_context_exists, SetHandshakeContext(_));
-  EXPECT_CALL(mock_ssl_context_exists, StartHandshake(_, _))
-      .WillOnce(DoAll(SetArgPointee<0>(handshake_data_out_pointer),
-                      SetArgPointee<1>(handshake_data_out_size),
-                      Return(SSLContext::Handshake_Result_Fail)));
+      .WillOnce(ReturnNull());
+  // Expect InternalError with ERROR_ID
+  EXPECT_CALL(
+      mock_protocol_handler,
+      SendMessageToMobileApp(
+          InternalErrorWithErrId(SecurityManager::ERROR_INTERNAL), kIsFinal));
 
   security_manager_->StartHandshake(kKey);
-
-  // Listener was destroyed after OnHandshakeDone call
   mock_sm_listener.release();
 }
 
diff --git a/src/components/security_manager/test/ssl_certificate_handshake_test.cc b/src/components/security_manager/test/ssl_certificate_handshake_test.cc
index 92392243ff..83ffa33b44 100644
--- a/src/components/security_manager/test/ssl_certificate_handshake_test.cc
+++ b/src/components/security_manager/test/ssl_certificate_handshake_test.cc
@@ -130,11 +130,11 @@ class SSLHandshakeTest : public testing::TestWithParam<Protocol> {
         .WillByDefault(ReturnRef(server_ciphers_list_));
     ON_CALL(*mock_server_manager_settings_, ca_cert_path())
         .WillByDefault(ReturnRef(server_ca_certificate_path_));
-    ON_CALL(*mock_server_manager_settings, module_cert_path())
+    ON_CALL(*mock_server_manager_settings_, module_cert_path())
         .WillByDefault(ReturnRef(server_cert_filename));
-    ON_CALL(*mock_server_manager_settings, module_key_path())
+    ON_CALL(*mock_server_manager_settings_, module_key_path())
         .WillByDefault(ReturnRef(server_key_filename));
-    ON_CALL(*mock_server_manager_settings, verify_peer())
+    ON_CALL(*mock_server_manager_settings_, verify_peer())
         .WillByDefault(Return(verify_peer));
   }
   void SetClientInitialValues(const security_manager::Protocol protocol,
@@ -160,11 +160,11 @@ class SSLHandshakeTest : public testing::TestWithParam<Protocol> {
         .WillByDefault(ReturnRef(client_ciphers_list_));
     ON_CALL(*mock_client_manager_settings_, ca_cert_path())
         .WillByDefault(ReturnRef(client_ca_certificate_path_));
-    ON_CALL(*mock_client_manager_settings, module_cert_path())
+    ON_CALL(*mock_client_manager_settings_, module_cert_path())
         .WillByDefault(ReturnRef(client_cert_filename));
-    ON_CALL(*mock_client_manager_settings, module_key_path())
+    ON_CALL(*mock_client_manager_settings_, module_key_path())
         .WillByDefault(ReturnRef(client_key_filename));
-    ON_CALL(*mock_client_manager_settings, verify_peer())
+    ON_CALL(*mock_client_manager_settings_, verify_peer())
         .WillByDefault(Return(verify_peer));
   }