From c02631438ddc125e390c4b6458e3f21693c05bbe Mon Sep 17 00:00:00 2001
From: Nicholas Hemstreet <62158276+nihemstr@users.noreply.github.com>
Date: Tue, 30 Mar 2021 19:48:56 -0700
Subject: [PATCH] =?UTF-8?q?Added=20ability=20to=20read=20and=20set=20the?=
 =?UTF-8?q?=20trusted=20cert=20option=20for=20the=20Nested=20=E2=80=A6=20(?=
 =?UTF-8?q?#30)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

* Added ability to read and set the trusted cert option for the Nested Edge scenario

* Changed the certificate_path delimeter to edgegateway_cert_path to increase readability.
---
 src/adu_types/inc/aduc/adu_types.h |  2 +-
 src/agent/src/main.c               | 13 +++++++++++--
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/src/adu_types/inc/aduc/adu_types.h b/src/adu_types/inc/aduc/adu_types.h
index e9d5b86e1..5b1437c86 100644
--- a/src/adu_types/inc/aduc/adu_types.h
+++ b/src/adu_types/inc/aduc/adu_types.h
@@ -38,7 +38,7 @@ typedef enum tagADUC_AuthType
     ADUC_AuthType_NotSet = 0,
     ADUC_AuthType_SASToken = 1,
     ADUC_AuthType_SASCert = 2,
-
+    ADUC_AuthType_NestedEdgeCert = 3,
 } ADUC_AuthType;
 
 /**
diff --git a/src/agent/src/main.c b/src/agent/src/main.c
index 6927b6b05..acf903907 100644
--- a/src/agent/src/main.c
+++ b/src/agent/src/main.c
@@ -514,6 +514,15 @@ _Bool ADUC_DeviceClient_Create(ADUC_ConnectionInfo* connInfo, const ADUC_LaunchA
         Log_Error("Unable to set IotHub certificate, error=%d", iothubResult);
         result = false;
     }
+    else if (
+        connInfo->certificateString != NULL && connInfo->authType == ADUC_AuthType_NestedEdgeCert
+        && (iothubResult =
+                ClientHandle_SetOption(g_iotHubClientHandle, OPTION_TRUSTED_CERT, connInfo->certificateString))
+            != IOTHUB_CLIENT_OK)
+    {
+        Log_Error("Could not add trusted certificate, error=%d ", iothubResult);
+        result = false;
+    }
     else if (
         connInfo->opensslEngine != NULL && connInfo->authType == ADUC_AuthType_SASCert
         && (iothubResult =
@@ -628,7 +637,7 @@ _Bool GetConnectionInfoFromADUConfigFile(ADUC_ConnectionInfo* info)
 
     // Optional: The certificate string is needed for Edge Gateway connection.
     if (ReadDelimitedValueFromFile(
-            ADUC_CONF_FILE_PATH, "certificate_path", certificatePath, ARRAY_SIZE(certificatePath)))
+            ADUC_CONF_FILE_PATH, "edgegateway_cert_path", certificatePath, ARRAY_SIZE(certificatePath)))
     {
         if (!LoadBufferWithFileContents(certificatePath, certificateString, ARRAY_SIZE(certificateString)))
         {
@@ -642,7 +651,7 @@ _Bool GetConnectionInfoFromADUConfigFile(ADUC_ConnectionInfo* info)
             goto done;
         }
 
-        info->authType = ADUC_AuthType_SASCert;
+        info->authType = ADUC_AuthType_NestedEdgeCert;
     }
 
     succeeded = true;