Merge pull request #15 from ARMmbed/release-1.5.0

mbed-cloud-client 1.5.0

Author: Jani Suonperä

CHANGELOG.md

@@ -1,6 +1,70 @@
-## Changelog for Mbed Cloud Client
+## Changelog for Pelion Device Management Client
+
+### Release 1.5.0 (11.09.2018)
+
+#### Pelion Device Management Client
+
+* Implement new callback to track notification and delayed post response delivery statuses.
+  * Added API: `M2MBase::set_message_delivery_status_cb(message_delivery_status_cb callback, void *client_args);`
+  * Following API's are mark as deprecated since this new API will replace them. These API's will be removed in subsequential client relases.
+    * `M2MBase::send_notification_delivery_status(const M2MBase& object, const NotificationDeliveryStatus status)`
+    * `M2MBase::get_notification_msgid()`
+    * `M2MBase::set_notification_msgid(uint16_t msgid)`
+	* `M2MBase::set_notification_delivery_status_cb(notification_delivery_status_cb callback, void *client_args)`
+	* `M2MBase::get_notification_delivery_status()`
+	* `M2MBase::clear_notification_delivery_status()`
+* Implemented new functionality to get the internal object list of Mbed Cloud Client.
+  * Added API: `MbedCloudClient::get_object_list()`.
+
+#### Platform Adaptation Layer (PAL)
+
+* Fixed Coverity issues in PAL.
+* Improved error handling and logging for network and storage.
+* Introduced `PAL_DNS_API_VERSION` for handling DNS.
+  * 0 = synchronous DNS.
+  * 1 = asynchronous DNS.
+  * 2 = asynchronous DNS v2 (Only with Mbed OS 5.9 or later).
+* Fixed PAL tracing implementation to allow an application to override the tracing level definitions.
+* In `pal_isLeapYear` fixed a bug that made the certificate times off by a day.
+* Enforced usage of MTU limits when using DTLS and `PAL_UDP_MTU_SIZE` is defined.
+* Added configuration for K66F.
+* [LINUX] Improved logging for RNG generation.
+* [LINUX] Removed the glibc-specific function `pthread_sigqueue()` and replaced with `pthead_kill()`.
+* [LINUX] Increased stack-size of `PAL_NOISE_TRNG_THREAD` to 32k. Increased stack-size of `PAL_NET_TEST_ASYNC_SOCKET_MANAGER_THREAD_STACK_SIZE` to 24k.
+* [LINUX] Added socket event filter clearing for `pal_plat_connect()` and `pal_plat_asynchronousSocket()`.
+* [Mbed OS] Define `PAL_USE_INTERNAL_FLASH` and `PAL_INT_FLASH_NUM_SECTIONS = 2` by default for all targets.
+* [Mbed OS] Compatibility changes for Mbed OS 5.10.
+* [Mbed OS] Fixed a compatibility issue with Mbed TLS 2.13.0 for ARMCC compiler.
+
+#### Mbed Cloud Update
+
+* Fixed Device Management Client factory update flow by setting default identity configuration to KCM
+* Added Firmware Update over CoAP into Device Management Client 
+  * The firmware is downloaded using HTTP by default.
+  * To Download using CoAP in MbedOS set the flag into "target_overrides" -section in mbed_app.json followingly:
+    * "mbed-cloud-client.update-download-protocol": "MBED_CLOUD_CLIENT_UPDATE_DOWNLOAD_PROTOCOL_COAP"
+* [LINUX] Fixed Linux Update e2e failure reverting adding "set -eu" to linux scripts.
+* Fixed RTL8195 Flash R/W Issue by adding FlashIAP Init -call into initialization
+* Fixed long HTTP headers handling logic to support headers to split to multiple fragments
+* Fixed Device Management Update Client versioning to work in factory flow
+* Fixed Device Management Update Client uninitialization logic by adding handling for state ARM_UC_HUB_STATE_UNINITIALIZED in state machine
+* Optimized static RAM usage by reusing the static object "ManifestManagerContext" during init
+* Added support into Device Management Update Client Configuration to map external Download Protocol -definition to internal configurations. This is needed for supporting Download protocol selection in Device Management Client
+* Implemented resume firmware download after connection failure.
+* Added a scheduler trace macro.
+* Merged two branches of Device Management Update client to one and added profile & feature flags to separate between different feature sets. New profile flag `ARM_UC_PROFILE_MBED_CLOUD_CLIENT` is used to enable correct profile for Device Management Client.
+* `MBED_CONF_MBED_CLIENT_DNS_USE_THREAD` removed.
+* Fixed Linux scripts to use -e and -u parameters for "set" to propagate errors
+* Fixed Update state machine failure which was noticed when traces were enabled. Notification state machine was changed to sequentially wait internal asynchronous operations to complete before sending updated resource values to service and waiting for acknowledgment from service.
+* MCCP=3 in Pelion Device Management Client: Support for sending update resource data as part of the Registration Message, thereby reducing traffic to Pelion Device Management.
+* Changed uninitialization for Device Management Update Client to be done for all states past initialization states. Added null-checks for resource value settings.
+
+#### Factory configurator client
+
+* The error `FCC_STATUS_STORE_ERROR` is returned upon an internal storage init failure.
 
 ### Release 1.4.0 (13.07.2018)
+
 * Fixed a timer initialization bug under connection handler.
 * Linux: Updated mbed-coap to 4.5.0.
 * This version of Cloud Client has been tested with Mbed OS 5.9.2.

CMakeLists.txt

@@ -17,6 +17,9 @@ SET(MBED_CLOUD_CLIENT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/mbed-cloud-client)
 add_definitions(-DMBED_CONF_NANOSTACK_EVENTLOOP_EXCLUDE_HIGHRES_TIMER)
 add_definitions(-DMBED_CONF_NANOSTACK_EVENTLOOP_USE_PLATFORM_TICK_TIMER)
 
+add_definitions(-DARM_UC_PROFILE_MBED_CLOUD_CLIENT=1)
+add_definitions(-DARM_UC_FEATURE_PAL_FILESYSTEM=1)
+
 project(mbedCloudClient)
 
 # mbed-cloud-client
@@ -117,6 +120,12 @@ include_directories(${FACTORY_CLIENT_SOURCE_DIR}/fcc-bundle-handler/fcc-bundle-h
 include_directories(${FACTORY_CLIENT_SOURCE_DIR}/fcc-bundle-handler/source/include)
 include_directories(${FACTORY_CLIENT_SOURCE_DIR}/fcc-output-info-handler/fcc-output-info-handler)
 
+# Certificate Enrollment Client
+SET(CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/certificate-enrollment-client)
+ADD_GLOBALDIR(${CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR}/certificate-enrollment-client)
+include_directories(${CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR}/certificate-enrollment-client)
+include_directories(${CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR}/source/include)
+
 # update-client
 
 SET(UPDATE_SOURCE_DIR ${CMAKE_CURRENT_SOURCE_DIR}/update-client-hub)
@@ -192,6 +201,7 @@ endif()
     "${CMAKE_CURRENT_SOURCE_DIR}/ns-hal-pal/arm_hal_timer.cpp"
     "${FACTORY_CLIENT_SOURCE_DIR}/source/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/storage/source/*.c"
+    "${FACTORY_CLIENT_SOURCE_DIR}/mbed-client-esfs/source/sotp/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/secure_store/source/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/key-config-manager/source/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/utils/source/*.c"
@@ -202,6 +212,8 @@ endif()
     "${FACTORY_CLIENT_SOURCE_DIR}/crypto-service/source/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/fcc-bundle-handler/source/*.c"
     "${FACTORY_CLIENT_SOURCE_DIR}/fcc-output-info-handler/source/*.c"
+    "${CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR}/source/*.c"
+    "${CERTIFICATE_ENROLLMENT_CLIENT_SOURCE_DIR}/source/*.cpp"
     )
 
 if ((${OS_BRAND} MATCHES "Linux"))

DOXYGEN_FRONTPAGE.md

@@ -1,15 +1,17 @@
-Mbed Cloud Client API
+Device Management Client API
 =====================
 
-This is the Doxygen generated API documentation of Mbed Cloud Client. See the [Files](files.html) section to find the documentation about a specific API. It should be used together with the [Mbed Cloud documentation](https://cloud.mbed.com/docs/current).
+This is the Doxygen-generated API documentation for Device Management Client. See the [Files](files.html) section to find the documentation about a specific API. You should also use the [Device Management documentation](https://cloud.mbed.com/docs/current).
 
-The Mbed Cloud Client high-level APIs allow mbed Cloud developers to create client side applications that connect to the Mbed Cloud service, with LwM2M features as described in the [Lightweight Machine to Machine Technical Specification](http://technical.openmobilealliance.org/Technical/technical-information/release-program/current-releases/oma-lightweightm2m-v1-0).
+The Device Management Client high-level APIs allow developers to create client side applications that connect to **Device Management**, with LwM2M features as described in the [Lightweight Machine to Machine Technical Specification](http://technical.openmobilealliance.org/Technical/technical-information/release-program/current-releases/oma-lightweightm2m-v1-0).
 
-Mbed Cloud Client is an extension of the existing [Mbed Client API](http://cloud.mbed.com/docs/current/mbed-client/index.html). It provides an additional feature of creating a unique identity for the client on the Cloud service and also provides functionality to update the client's software through the Mbed Cloud service.
+Device Management Client is an extension of the existing [Mbed Client API](http://cloud.mbed.com/docs/current/mbed-client/index.html). It provides an additional feature of creating a unique identity for the client on the **Device Management** and also provides functionality to update the client's software through the **Device Management** service.
+
+These APIs make it possible to:
 
 - Use a factory flashed or developer credentials to create a unique device identity.
 - Securely communicate with internet services over the industry standard TLS/DTLS.
-- Manage devices on the Mbed Cloud service.
+- Manage devices.
 - Fully control the endpoint and application logic from the service side. 
 - Provide functionality to update the devices over the air remotely controlled from the service side.
 - Have a unified porting layer for porting to different platforms.

README.md

@@ -1,5 +1,5 @@
-# Mbed Cloud Client
-This repository contains ARM Mbed Cloud Client: a library that connects devices to Mbed Cloud service and to Mbed-enabled cloud services from our partners.
+# Device Management Client
+This repository contains Pelion Device Management Client: a library that connects devices to Pelion Device Management service and to Mbed-enabled cloud services from our partners.
 
 The documentation is collected under the docs directory and it is also hosted [here](https://cloud.mbed.com/docs/current/connecting/index.html).
 

certificate-enrollment-client/CMakeLists.txt

@@ -0,0 +1,35 @@
+cmake_minimum_required(VERSION 2.6)
+project("certificate-enrollment-client")
+
+# includes
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/certificate-enrollment-client)
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/source/include)
+
+# FIXME: remove this line once integration is done
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/../mbed-cloud-client/source/include)
+
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/../source/include)
+
+# For mock EST
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/TESTS/utils)
+include_directories(${CMAKE_CURRENT_SOURCE_DIR}/../../pal-platform/Middleware/mbedtls/mbedtls/include/mbedtls)
+
+FILE(
+	GLOB_RECURSE  
+	certificate_enrollment_client
+
+	"${CMAKE_CURRENT_SOURCE_DIR}/certificate-enrollment-client/*.h"
+	"${CMAKE_CURRENT_SOURCE_DIR}/source/*.c"
+	"${CMAKE_CURRENT_SOURCE_DIR}/source/*.cpp"
+	
+	# Fixme: Mock EST
+	"${CMAKE_CURRENT_SOURCE_DIR}/TESTS/utils/*.cpp"
+	"${CMAKE_CURRENT_SOURCE_DIR}/TESTS/utils/*.c"
+)
+
+message ("*********************************************************************")
+message ("certificate_enrollment_client = [[${certificate_enrollment_client}]]")
+message ("*********************************************************************")
+
+CREATE_LIBRARY(certificate-enrollment-client "${certificate_enrollment_client}" "")
+ADDSUBDIRS()

certificate-enrollment-client/certificate-enrollment-client/CertificateEnrollmentClient.h

@@ -0,0 +1,64 @@
+// ----------------------------------------------------------------------------
+// Copyright 2018 ARM Ltd.
+//  
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//  
+//     http://www.apache.org/licenses/LICENSE-2.0
+//  
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------
+
+#ifndef __CERTIFICATE_ENROLLMENT_CLIENT_H__
+#define __CERTIFICATE_ENROLLMENT_CLIENT_H__
+
+#include "mbed-client/m2mresource.h"
+#include "mbed-client/m2minterface.h"
+#include "stdio.h"
+#include "ce_defs.h"
+#include "EstClient.h"
+
+namespace CertificateEnrollmentClient {
+    /**
+    * \brief Create the Certificate renewal LWM2M object, instance and resource and push the object to the list
+    * Also save the pointers to the object and resource, register the event handler, and create the renewal_mutex
+    * Should be called by ServiceClient::initialize_and_register()
+    * \param list MbedCloudClient object list
+    */
+    ce_status_e init(M2MBaseList& list, const EstClient *est_client);
+
+    /**
+    * \brief Release all the resources owned by the CertificateEnrollmentClient
+    * Should be called by the ServiceClient destructor.
+    * Does not free the LWM2M resources as the pointers are owned by the ServiceClient. They are freed by the ServiceClient object when device unregisters.
+    */
+    void finalize();
+
+    /**
+    * \brief Initiate a renewal for a specific certificate.
+    * The process will generate new keys in order to create a CSR. The CSR is then sent to the EST service to retrieve the renewed certificate.
+    * The new certificate is then atomically stored in the device, along with its corresponding private key.
+    * Note: The certificate to be removed *must* already exist in the device.
+    * \param cert_name A null terminated C string indicating the name of the certificate to be renewed.
+    * \return CE_STATUS_SUCCESS if asynchronous operations has started successfully - In this case, user callback will be executed at the end of the operation, indicating completion status.
+    *         If any other ce_status_e:: status is returned - operation encountered some error prior to start of the asynchronous stage and user callback will NOT be executed.
+    */
+    ce_status_e certificate_renew(const char *cert_name);
+
+    /**
+    * \brief Sets the callback function that is called when a certificate renewal process finishes.
+    * Should be called prior to any certificate renewal operation.
+    * If a certificate renewal is initiated (either by the certificate_renew() API or by the server) - operation will run normal but the device application will not be notified when done.
+    * \param user_cb A function pointer to the user callback. If user_cb is NULL - no callback will be called when process finishes.
+    */
+    void on_certificate_renewal(cert_renewal_cb_f user_cb);
+
+}
+
+
+#endif //__CERTIFICATE_ENROLLMENT_CLIENT_H__

certificate-enrollment-client/certificate-enrollment-client/ce_defs.h

@@ -0,0 +1,46 @@
+// ----------------------------------------------------------------------------
+// Copyright 2018 ARM Ltd.
+//  
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//  
+//     http://www.apache.org/licenses/LICENSE-2.0
+//  
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------
+
+#ifndef __CE_DEFS_H__
+#define __CE_DEFS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/**
+* @file ce_defs.h
+*  \brief Certificate Enrollment (CE) public defines. 
+* This file along with ce_status.h (included by this file) contains all the defines exposed to the user for the certificate renewal feature. 
+* This file should be included by MbedCloudClient.h. This way the user does not have to include it directly.
+*/
+
+#include "ce_status.h"
+
+/** Enumeration representing the initiator of a certificate renewal operation */
+typedef enum {
+    CE_INITIATOR_DEVICE,                 //!< Operation initiated by the application
+    CE_INITIATOR_SERVER                 //!< Operation initiated by the MDS
+} ce_initiator_e;
+
+//!< User callback for the certificate renewal feature. char* guaranteed to be persistent only in context of the callback!
+typedef void(*cert_renewal_cb_f)(const char*, ce_status_e, ce_initiator_e);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  //__CE_DEFS_H__

certificate-enrollment-client/certificate-enrollment-client/ce_status.h

@@ -0,0 +1,60 @@
+// ----------------------------------------------------------------------------
+// Copyright 2018 ARM Ltd.
+//  
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//  
+//     http://www.apache.org/licenses/LICENSE-2.0
+//  
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+// ----------------------------------------------------------------------------
+
+#ifndef __CE_STATUS_H__
+#define __CE_STATUS_H__
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+    /**
+    * @file ce_status.h
+    *  \brief Certificate Enrollment (CE) status/error codes.
+    * This list may grow as needed.
+    */
+
+#define CE_STATUS_RANGE_BASE 0x0500
+#define CE_STATUS_RANGE_END 0x05ff
+
+// TBD: need to translate KCM to CE errors
+typedef enum {
+    CE_STATUS_SUCCESS = 0,                    //!< Operation completed successfully.
+    CE_STATUS_ERROR = CE_STATUS_RANGE_BASE,   //!< Operation ended with an unspecified error.
+    CE_STATUS_INVALID_PARAMETER,              //!< A parameter provided to the function was invalid.
+    CE_STATUS_INSUFFICIENT_BUFFER,            //!< The provided buffer size was insufficient for the required output.
+    CE_STATUS_OUT_OF_MEMORY,                  //!< An out-of-memory condition occurred.
+    CE_STATUS_ITEM_NOT_FOUND,                 //!< The item was not found in the storage.
+    CE_STATUS_DEVICE_BUSY,                    //!< Device currently processing too many certificate renewals
+    CE_STATUS_BAD_INPUT_FROM_SERVER,          //!< Server sent a TLV that is either unsupported or malformed
+    CE_STATUS_EST_ERROR,
+    CE_STATUS_STORAGE_ERROR,                  //!< Storage operation ended with error.
+    CE_STATUS_RENEWAL_ITEM_VALIDATION_ERROR,  //!< Operation failed to validate renewal items.
+    CE_STATUS_BACKUP_ITEM_ERROR,              //!< Operation failed to create/read/validate backup items.
+    CE_STATUS_ORIGINAL_ITEM_ERROR,           //!< Operation failed to create/read/validate original items.
+    CE_STATUS_RESTORE_BACKUP_ERROR,           //!< Operation failed to restore backup items.
+    CE_STATUS_RENEWAL_STATUS_ERROR,           //!< Operation fialed to create/validate/delete renweal status file.
+    CE_STATUS_FORBIDDEN_REQUEST,              //!< Server asked for forbidden request (e.g.: the server is not allowed to renew the device's bootstrap certificate)
+    CE_STATUS_ITEM_IS_EMPTY,                  //!< Item was found in storage but has zero length
+    CE_STATUS_NOT_INITIALIZED,                //!< Called CertificateEnrollmentClient API before module initialization
+    CE_MAX_STATUS = CE_STATUS_RANGE_END
+} ce_status_e;
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif  //__CE_STATUS_H__