Reformat, minor improvements

CertificateManagementObject/certificatemanagement.c

@@ -69,10 +69,11 @@ CertificateManagementObjectClassAttributes cmo_class_attr = {
 };
 
 const char instance_1_name[] = "Default Device Certificate";
+const EipUint8 instance_1_length = 26; // excluding trailing \0
 
-CipShortString const name = {
-		.length = strlen(instance_1_name),
-		.string = (EipByte*)(&instance_1_name)
+const CipShortString name = {
+    .length = instance_1_length,
+    .string = (EipByte *)(&instance_1_name),
 };
 
 const Certificate device_certificate = {
@@ -86,11 +87,11 @@ const Certificate ca_certificate = {
 };
 
 CertificateManagementObject g_certificate_management = {
-	.name = name,                                                               /*Attribute 1*/
-	.state = kVerified,                    /*Attribute 2*/
-	.device_certificate = device_certificate,                                   /*Attribute 3*/
-	.ca_certificate = ca_certificate,                                           /*Attribute 4*/
-	.certificate_encoding = kCertificateEncodingPEM /*Attribute 5*/
+    .name = name,                                    /*Attribute 1*/
+    .state = kVerified,                              /*Attribute 2*/
+    .device_certificate = device_certificate,        /*Attribute 3*/
+    .ca_certificate = ca_certificate,                /*Attribute 4*/
+    .certificate_encoding = kCertificateEncodingPEM, /*Attribute 5*/
 };
 
 /** @brief Produce the data according to CIP encoding onto the message buffer.
@@ -100,11 +101,10 @@ CertificateManagementObject g_certificate_management = {
  *  @param certificate pointer to the certificate object to encode
  *  @param outgoing_message pointer to the message to be sent
  */
-void EncodeCertificateManagementObjectCertificate(const Certificate *const certificate,
-                                          ENIPMessage *const outgoing_message) {
-    AddSintToMessage(certificate->certificate_status, outgoing_message);
-
-    EncodeCipSecurityObjectPath(&(certificate->path), outgoing_message);
+void EncodeCertificateManagementObjectCertificate(
+    const Certificate *const certificate, ENIPMessage *const outgoing_message) {
+  AddSintToMessage(certificate->certificate_status, outgoing_message);
+  EncodeCipSecurityObjectPath(&(certificate->path), outgoing_message);
 }
 
 /** @brief Retrieve the given object instance EPATH according to
@@ -120,23 +120,19 @@ void EncodeCertificateManagementObjectCertificate(const Certificate *const certi
  */
 int DecodeCertificateManagementObjectCertificate(
     Certificate *const certificate,
-	CipMessageRouterRequest *const message_router_request,
-	CipMessageRouterResponse *const message_router_response) {
-
-	int number_of_decoded_bytes = -1;
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response) {
+  int number_of_decoded_bytes = -1;
 
-	certificate->certificate_status = GetUsintFromMessage(
-			&message_router_request->data);
-	number_of_decoded_bytes = 1;
+  certificate->certificate_status = GetUsintFromMessage(&message_router_request->data);
+  number_of_decoded_bytes = 1;
 
-	//write EPATH to the file object instance
-	number_of_decoded_bytes += DecodeCipSecurityObjectPath(
-						&(certificate->path),
-						message_router_request,
-						message_router_response);
+  // write EPATH to the file object instance
+  number_of_decoded_bytes += DecodeCipSecurityObjectPath(
+      &(certificate->path), message_router_request, message_router_response);
 
-	OPENER_TRACE_INFO("Number_of_decoded bytes: %d\n", number_of_decoded_bytes);
-	return number_of_decoded_bytes;
+  OPENER_TRACE_INFO("Number_of_decoded bytes: %d\n", number_of_decoded_bytes);
+  return number_of_decoded_bytes;
 }
 
 /** @brief Produce the data according to CIP encoding onto the message buffer.
@@ -220,148 +216,141 @@ void CertificateManagementObjectBindAttributes(CipInstance *instance,
 
 /** @brief Certificate Management Object Create service
  *
- * The Create service shall be used to create a dynamic instance.
- * See Vol.8 Section 5-5.5.1
+ *  The Create service shall be used to create a dynamic instance.
+ *  @See Vol.8, Chapter 5-5.5.1
  */
 EipStatus CertificateManagementObjectCreate(
-		CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorSuccess;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	if (message_router_request->request_data_size > 0) {
-
-		CipClass *certificate_management_object_class = GetCipClass(
-				kCertificateManagementObjectClassCode);
-
-		CipInstance *certificate_management_object_instance = AddCipInstances(
-				certificate_management_object_class, 1); /* add 1 instance*/
-
-		CertificateManagementObject *new_cmo =
-				(CertificateManagementObject*) CipCalloc(1,
-						sizeof(CertificateManagementObject));
-
-		new_cmo->name.length = GetUsintFromMessage(
-				&message_router_request->data);
-
-		new_cmo->name.string = (CipByte*) CipCalloc(
-				new_cmo->name.length, sizeof(CipByte));
-
-          memcpy(new_cmo->name.string, message_router_request->data, new_cmo->name.length);
-          CertificateManagementObjectBindAttributes(certificate_management_object_instance, new_cmo);
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorSuccess;
+
+  if (message_router_request->request_data_size > 0) {
+    CipClass *certificate_management_object_class =
+        GetCipClass(kCertificateManagementObjectClassCode);
+
+    CipInstance *certificate_management_object_instance = AddCipInstances(
+        certificate_management_object_class, 1); /* add 1 instance*/
+
+    CertificateManagementObject *new_cmo =
+        (CertificateManagementObject *)CipCalloc(1, sizeof(CertificateManagementObject));
+
+    new_cmo->name.length = GetUsintFromMessage(&message_router_request->data);
+    new_cmo->name.string = (CipByte *)CipCalloc(new_cmo->name.length, sizeof(CipByte));
+
+    memcpy(new_cmo->name.string, message_router_request->data, new_cmo->name.length);
+    CertificateManagementObjectBindAttributes( certificate_management_object_instance, new_cmo);
+
+    new_cmo->state = kCreated;
+    OPENER_TRACE_INFO("CMO instance number %d created\n",
+                      certificate_management_object_instance->instance_number);
+  } else {
+    message_router_response->general_status = kCipErrorNotEnoughData;
+  }
 
-          new_cmo->state = kCreated;
-          OPENER_TRACE_INFO("CMO instance number %d created\n",
-                            certificate_management_object_instance->instance_number);
-        } else {
-          message_router_response->general_status = kCipErrorNotEnoughData;
-        }
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 /** @brief Certificate Management Object Delete service
  *
- * The Delete service shall be used to delete dynamic instances
- * (static instances shall return status code 0x2D, Instance Not Deletable).
- * See Vol.8 Section 5-5.5.2
+ *  The Delete service shall be used to delete dynamic instances
+ *  (static instances shall return status code 0x2D, Instance Not Deletable).
+ *  @See Vol.8, Chapter 5-5.5.2
  */
 EipStatus CertificateManagementObjectDelete(
-		CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-	//TODO: implement service
-	message_router_response->general_status = kCipErrorInstanceNotDeletable;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipClass *const cmo_class = GetCipClass(
-			kCertificateManagementObjectClassCode);
-
-	if (instance->instance_number != 1) { //static instance 1 should not be deleted
-
-		CipInstance *instances = cmo_class->instances;
-
-		// update pointers in instance list
-		instances = cmo_class->instances; /* pointer to first instance */
-		if (instances->instance_number == instance->instance_number) { //if instance to delete is head
-			cmo_class->instances = instances->next;
-		} else {
-			while (NULL != instances->next) /* as long as what next points to is not zero */
-			{
-				CipInstance *next_instance = instances->next;
-				if (next_instance->instance_number
-						== instance->instance_number) {
-					instances->next = next_instance->next;
-					break;
-				}
-				instances = instances->next;
-			}
-		}
-		OPENER_TRACE_INFO("CMO instance number %d deleted\n",
-						instance->instance_number);
-
-		CipFree(instance); //delete instance
-		//TODO: free all allocated elements of instance
-
-		cmo_class->number_of_instances -= 1; /* update the total number of instances recorded by the class - Attr. 3 */
-
-		//update largest instance number (class Attribute 2)
-		instances = cmo_class->instances;
-		while (NULL != instances->next) { //get last element - should be largest number
-			instances = instances->next;
-		}
-		cmo_class->max_instance = instances->instance_number;
-
-		message_router_response->general_status = kCipErrorSuccess;
-	}
-
-	return kEipStatusOk;
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  // TODO: implement service
+  message_router_response->general_status = kCipErrorInstanceNotDeletable;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipClass *const cmo_class =
+      GetCipClass(kCertificateManagementObjectClassCode);
+
+  if (instance->instance_number != 1) {  // static instance 1 should not be deleted
+
+    CipInstance *instances = cmo_class->instances;
+
+    // update pointers in instance list
+    instances = cmo_class->instances; /* pointer to first instance */
+    if (instances->instance_number == instance->instance_number) {  // if instance to delete is head
+      cmo_class->instances = instances->next;
+    } else {
+      while (NULL != instances->next) // as long as what next points to is not zero
+      {
+        CipInstance *next_instance = instances->next;
+        if (next_instance->instance_number == instance->instance_number) {
+          instances->next = next_instance->next;
+          break;
+        }
+        instances = instances->next;
+      }
+    }
+    OPENER_TRACE_INFO("CMO instance number %d deleted\n", instance->instance_number);
+
+    CipFree(instance);  // delete instance
+    // TODO: free all allocated elements of instance
+
+    cmo_class->number_of_instances -= 1; /* update the total number of instances
+                                            recorded by the class - Attr. 3 */
+
+    // update largest instance number (class Attribute 2)
+    instances = cmo_class->instances;
+    while (NULL != instances->next) {  // get last element - should be largest number
+      instances = instances->next;
+    }
+    cmo_class->max_instance = instances->instance_number;
+
+    message_router_response->general_status = kCipErrorSuccess;
+  }
+
+  return kEipStatusOk;
 }
 
 /** @brief Certificate Management Object Create CSR service
  *
- * The Create_CSR service creates a Certificate Signing Request,
- * suitable for submission to an enrollment server or certificate authority for signing.
- * See Vol.8 Section 5-5.7.1
+ *  The Create_CSR service creates a Certificate Signing Request,
+ *  suitable for submission to an enrollment server or certificate authority for signing.
+ *  @See Vol.8, Chapter 5-5.7.1
  */
-EipStatus CertificateManagementObjectCreateCSR(CipInstance *RESTRICT const instance,
-                                            CipMessageRouterRequest *const message_router_request,
-                                            CipMessageRouterResponse *const message_router_response,
-                                            const struct sockaddr *originator_address,
-                                            const int encapsulation_session) {
-	//TODO: implement service
-
-	return kEipStatusOk;
+EipStatus CertificateManagementObjectCreateCSR(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  // TODO: implement service
+
+  return kEipStatusOk;
 }
 
 /** @brief Certificate Management Object Verify Certificate service
  *
- * The Verify_Certificate shall cause the object to verify the certificate
- * indicated by the service parameter. This service will set the appropriate status value
- * for the Certificate Status field of all certificates involved in the verification.
- * See Vol.8 Section 5-5.7.2
+ *  The Verify_Certificate shall cause the object to verify the certificate
+ *  indicated by the service parameter. This service will set the appropriate status value
+ *  for the Certificate Status field of all certificates involved in the verification.
+ *  @See Vol.8, Chapter 5-5.7.2
  */
-EipStatus CertificateManagementObjectVerifyCertificate(CipInstance *RESTRICT const instance,
-                                            CipMessageRouterRequest *const message_router_request,
-                                            CipMessageRouterResponse *const message_router_response,
-                                            const struct sockaddr *originator_address,
-                                            const int encapsulation_session) {
+EipStatus CertificateManagementObjectVerifyCertificate(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  // TODO: implement service
 
-	//TODO: implement service
-
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 void CertificateManagementObjectInitializeClassSettings(CipClass *class) {
@@ -461,26 +450,27 @@ EipStatus CertificateManagementObjectInit(void) {
   CipClass *certificate_management_object_class = NULL;
   CipInstance *certificate_management_object_instance;
 
-  certificate_management_object_class =
-      CreateCipClass(kCertificateManagementObjectClassCode,
-                     3, /* # class attributes */
-                     10,/* # highest class attribute number */
-                     3, /* # class services */
-                     5, /* # instance attributes */
-                     5, /* # highest instance attribute number */
-                     6, /* # instance services */
-                     1, /* # instances*/
-                     "Certificate Management Object",
-                     CERTIFICATE_MANAGEMENT_OBJECT_REVISION, /* # class revision */
-                     &CertificateManagementObjectInitializeClassSettings /* # function pointer for initialization */
-      );
+  certificate_management_object_class = CreateCipClass(
+      kCertificateManagementObjectClassCode,
+      3,  /* # class attributes */
+      10, /* # highest class attribute number */
+      3,  /* # class services */
+      5,  /* # instance attributes */
+      5,  /* # highest instance attribute number */
+      6,  /* # instance services */
+      1,  /* # instances */
+      "Certificate Management Object",
+      CERTIFICATE_MANAGEMENT_OBJECT_REVISION,             /* # class revision */
+      &CertificateManagementObjectInitializeClassSettings /* # function pointer for initialization */
+  );
 
   if (NULL == certificate_management_object_class) {
     /* Initialization failed */
     return kEipStatusError;
   }
 
-  certificate_management_object_instance = GetCipInstance(certificate_management_object_class, 1);
+  certificate_management_object_instance =
+      GetCipInstance(certificate_management_object_class, 1);
 
   /* Bind attributes to the static instance number 1 (default certificates)*/
   CertificateManagementObjectBindAttributes(

CipSecurityObject/cipsecurity.c

@@ -58,7 +58,7 @@
 CipSecurityObject g_security = {
     .state = kFactoryDefaultConfiguration,
     .security_profiles = kEtherNetIpConfidentialityProfile,
-    .security_profiles_configured = kEtherNetIpConfidentialityProfile
+    .security_profiles_configured = kEtherNetIpConfidentialityProfile,
 };
 
 /* ********************************************************************
@@ -67,277 +67,263 @@ CipSecurityObject g_security = {
 
 /** @brief CIP Security Object Reset service
  *
- * Return this CIP Security Object Instance to the
- * Factory Default Configuration State.
- * See Vol.8 Section 5-3.5.1
+ *  Return this CIP Security Object Instance to the
+ *  Factory Default Configuration State.
+ *  @See Vol.8, Chapter 5-3.5.1
  */
-EipStatus CipSecurityObjectReset(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorAttributeNotSupported;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute 1: state
-
-	if (NULL != attribute) {
-		if (message_router_request->request_data_size > 0) {
-			message_router_response->general_status = kCipErrorTooMuchData;
-		} else {
-			g_security.state = kFactoryDefaultConfiguration;
-			message_router_response->general_status = kCipErrorSuccess;
-			OPENER_TRACE_INFO("Reset attribute 1 (state) of instance %d\n", instance->instance_number);
-
-			/*perform a reset on each Ethernet/IP Security Object instances present*/
-			CipInstance *eip_security_object_instance = GetCipInstance(
-					GetCipClass(kEIPSecurityObjectClassCode), 1);
-
-			if (NULL != eip_security_object_instance) {
-				for (CipInstance *ins =
-						eip_security_object_instance->cip_class->instances; ins;
-						ins = ins->next) /* follow the list*/
-						{
-					attribute = GetCipAttribute(ins, 13); //attribute #13 pull model enable
-					*(CipBool*) attribute->data = true;
-
-					attribute = GetCipAttribute(ins, 14); //attribute #14 pull model status
-					*(CipUint*) attribute->data = 0x0000;
-
-					attribute = GetCipAttribute(ins, 1); //attribute #1 state
-					*(CipUsint*) attribute->data =
-                                            kEIPFactoryDefaultConfiguration;
-
-					EIPSecurityObjectResetSettableAttributes(ins); //reset settable attributes of ins
-				}
-			}
-
-		}
-
-	}
-
-	return kEipStatusOk;
+EipStatus CipSecurityObjectReset(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorAttributeNotSupported;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute 1: state
+
+  if (NULL != attribute) {
+    if (message_router_request->request_data_size > 0) {
+      message_router_response->general_status = kCipErrorTooMuchData;
+    } else {
+      g_security.state = kFactoryDefaultConfiguration;
+      message_router_response->general_status = kCipErrorSuccess;
+      OPENER_TRACE_INFO("Reset attribute 1 (state) of instance %d\n",
+                        instance->instance_number);
+
+      /*perform a reset on each Ethernet/IP Security Object instances present*/
+      CipInstance *eip_security_object_instance =
+          GetCipInstance(GetCipClass(kEIPSecurityObjectClassCode), 1);
+
+      if (NULL != eip_security_object_instance) {
+        for (CipInstance *ins = eip_security_object_instance->cip_class->instances; ins; ins = ins->next) /* follow the list*/
+        {
+          attribute = GetCipAttribute(ins, 13);  // attribute #13 pull model enable
+          *(CipBool *)attribute->data = true;
+
+          attribute = GetCipAttribute(ins, 14);  // attribute #14 pull model status
+          *(CipUint *)attribute->data = 0x0000;
+
+          attribute = GetCipAttribute(ins, 1);  // attribute #1 state
+          *(CipUsint *)attribute->data = kEIPFactoryDefaultConfiguration;
+
+          EIPSecurityObjectResetSettableAttributes(ins);  // reset settable attributes of ins
+        }
+      }
+    }
+  }
+
+  return kEipStatusOk;
 }
 
 /** @brief CIP Security Object Begin_Config service
  *
- * Begins a security configuration session.
- * See Vol.8 Section 5-3.7.1
+ *  Begins a security configuration session.
+ *  @See Vol.8, Chapter 5-3.7.1
  */
-EipStatus CipSecurityObjectBeginConfig(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorPrivilegeViolation;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-//	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-//	CipUsint state = *(CipUsint*) attribute->data;   //TODO: check
-	CipUsint state = g_security.state;
-
-	if (kConfigurationInProgress == state) {
-		message_router_response->general_status = kCipErrorObjectStateConflict;
-	} else {
-		if (kCIPSecurityConfigured == state) {
-
-			//TODO: check if command is sent over valid TLS connection, else:
-			message_router_response->general_status =
-					kCipErrorPrivilegeViolation;
-		} else {
-			//TODO: check if other configuration in progress
-
-//			*(CipUsint*) attribute->data =
-//					kConfigurationInProgress; //set state  //TODO: check
-
-			g_security.state = kConfigurationInProgress;
-			g_security_session_start_time = GetMilliSeconds(); //TODO: check
-
-			message_router_response->general_status = kCipErrorSuccess;
-		}
-
-	}
+EipStatus CipSecurityObjectBeginConfig(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorPrivilegeViolation;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+//  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);
+//  attribute #1 state CipUsint state = *(CipUsint*) attribute->data; //TODO: check
+  CipUsint state = g_security.state;
+
+  if (kConfigurationInProgress == state) {
+    message_router_response->general_status = kCipErrorObjectStateConflict;
+  } else {
+    if (kCIPSecurityConfigured == state) {
+      // TODO: check if command is sent over valid TLS connection, else:
+      message_router_response->general_status = kCipErrorPrivilegeViolation;
+    } else {
+      // TODO: check if other configuration in progress
+
+      // *(CipUsint*) attribute->data = kConfigurationInProgress; //set state  TODO: check
+
+      g_security.state = kConfigurationInProgress;
+      g_security_session_start_time = GetMilliSeconds();  // TODO: check
+
+      message_router_response->general_status = kCipErrorSuccess;
+    }
+  }
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 /** @brief CIP Security Object End_Config service
  *
- * Ends the configuration session.
- * See Vol.8 Section 5-3.7.3
+ *  Ends the configuration session.
+ *  @See Vol.8, Chapter 5-3.7.3
  */
-EipStatus CipSecurityObjectEndConfig(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorObjectStateConflict;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-//	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-//	CipUsint state = *(CipUsint*) attribute->data; //TODO: check
-	CipUsint state = g_security.state;
-
-		if (kConfigurationInProgress == state) {
-			message_router_response->general_status = kCipErrorSuccess;
-//			*(CipUsint*) attribute->data = kCIPSecurityConfigured; //set state
-			g_security.state = kCIPSecurityConfigured;
-		}
-
-	return kEipStatusOk;
+EipStatus CipSecurityObjectEndConfig(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorObjectStateConflict;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+//  CipAttributeStruct *attribute = GetCipAttribute(instance, 1); // attribute #1 state
+//  CipUsint state = *(CipUsint*) attribute->data; //TODO: check
+  CipUsint state = g_security.state;
+
+  if (kConfigurationInProgress == state) {
+    message_router_response->general_status = kCipErrorSuccess;
+//    *(CipUsint *)attribute->data = kCIPSecurityConfigured;  // set state
+    g_security.state = kCIPSecurityConfigured;
+  }
+
+  return kEipStatusOk;
 }
 
 /** @brief CIP Security Object Kick_Timer service
  *
- * Causes the object to reset the configuration session timer.
- * See Vol.8 Section 5-3.7.2
+ *  Causes the object to reset the configuration session timer.
+ *  @See Vol.8, Chapter 5-3.7.2
  */
-EipStatus CipSecurityObjectKickTimer(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorObjectStateConflict;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-//	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-//	CipUsint state = *(CipUsint*) attribute->data; //TODO: check
-	CipUsint state = g_security.state;
-
-	if (kConfigurationInProgress == state) {
-		//reset configuration session timer
-		g_security_session_start_time = GetMilliSeconds(); //actual time TODO: check
-		message_router_response->general_status = kCipErrorSuccess;
-	}
-
-	return kEipStatusOk;
+EipStatus CipSecurityObjectKickTimer(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorObjectStateConflict;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+//  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);               // attribute #1 state
+//  CipUsint state = *(CipUsint *)attribute->data;  // TODO: check
+  CipUsint state = g_security.state;
+
+  if (kConfigurationInProgress == state) {
+    // reset configuration session timer
+    g_security_session_start_time = GetMilliSeconds();  // actual time TODO: check
+    message_router_response->general_status = kCipErrorSuccess;
+  }
+
+  return kEipStatusOk;
 }
 
 /** @brief CIP Security Object Object_Cleanup service
  *
- * Remove unused object instances related to security configuration
- * See Vol.8 Section 5-3.7.4
+ *  Remove unused object instances related to security configuration
+ *  @See Vol.8, Chapter 5-3.7.4
  */
-EipStatus CipSecurityObjectCleanup(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kNoOrphanObjects;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	//TODO: implement service
+EipStatus CipSecurityObjectCleanup(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kNoOrphanObjects;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  // TODO: implement service
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 void EncodeCipSecurityObjectPath(const CipEpath *const epath,
-		ENIPMessage *const outgoing_message) {
-	AddSintToMessage(epath->path_size, outgoing_message);
-	if(0 != epath->path_size){
-		EncodeEPath((CipEpath*) epath, outgoing_message);
-	}
+                                 ENIPMessage *const outgoing_message) {
+  AddSintToMessage(epath->path_size, outgoing_message);
+  if (0 != epath->path_size) {
+    EncodeEPath((CipEpath *)epath, outgoing_message);
+  }
 }
 
-int DecodeCipSecurityObjectPath(CipEpath *const epath,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response) {
-
-	const EipUint8 *message_runner = (message_router_request->data);
-
-	/* get data from message */
-	EipUint8 path_size = GetUsintFromMessage(&message_runner);
-	EipUint16 class_id = 0;
-	EipUint16 instance_number = 0;
-	EipUint16 attribute_number = 0;
-
-	int number_of_decoded_bytes = 0;
-
-	while (number_of_decoded_bytes < (path_size * 2)) {
-
-		switch (*message_runner) {
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_CLASS_ID +
-		LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
-			message_runner++;
-			class_id = GetUsintFromMessage(&message_runner);
-			number_of_decoded_bytes += 2;
-			break;
-
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_CLASS_ID +
-		LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
-			message_runner += 2;
-			class_id = GetUintFromMessage(&message_runner);
-			number_of_decoded_bytes += 4;
-			break;
-
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_INSTANCE_ID +
-		LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
-			message_runner++;
-			instance_number = GetUsintFromMessage(&message_runner);
-			number_of_decoded_bytes += 2;
-			break;
-
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_INSTANCE_ID +
-		LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
-			message_runner += 2;
-			instance_number = GetUintFromMessage(&message_runner);
-			number_of_decoded_bytes += 4;
-			break;
-
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_ATTRIBUTE_ID +
-		LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
-			message_runner++;
-			attribute_number = GetUsintFromMessage(&message_runner);
-			number_of_decoded_bytes += 2;
-			break;
-
-		case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_ATTRIBUTE_ID +
-		LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
-			message_runner += 2;
-			attribute_number = GetUintFromMessage(&message_runner);
-			number_of_decoded_bytes += 4;
-			break;
-
-		default:
-			OPENER_TRACE_ERR("ERROR wrong path requested\n");
-			message_router_response->general_status = kCipErrorPathSegmentError;
-			return kEipStatusError;
-		}
-
-	} // end while
-
-	/* copy epath to attribute structure */
-	epath->path_size = path_size;
-	epath->class_id = class_id;
-	epath->instance_number = instance_number;
-	epath->attribute_number = attribute_number;
-
-	OPENER_ASSERT(path_size * 2 == number_of_decoded_bytes); /* path size is in 16 bit chunks according to the specification */
-
-	message_router_request->data = message_runner; //update message-pointer
-
-	message_router_response->general_status = kCipErrorSuccess;
-	return number_of_decoded_bytes += 1; // + 1 byte for path size
+int DecodeCipSecurityObjectPath(
+    CipEpath *const epath,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response) {
+  const EipUint8 *message_runner = (message_router_request->data);
+
+  /* get data from message */
+  EipUint8 path_size = GetUsintFromMessage(&message_runner);
+  EipUint16 class_id = 0;
+  EipUint16 instance_number = 0;
+  EipUint16 attribute_number = 0;
+
+  int number_of_decoded_bytes = 0;
+
+  while (number_of_decoded_bytes < (path_size * 2)) {
+    switch (*message_runner) {
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_CLASS_ID +
+          LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
+        message_runner++;
+        class_id = GetUsintFromMessage(&message_runner);
+        number_of_decoded_bytes += 2;
+        break;
+
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_CLASS_ID +
+          LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
+        message_runner += 2;
+        class_id = GetUintFromMessage(&message_runner);
+        number_of_decoded_bytes += 4;
+        break;
+
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_INSTANCE_ID +
+          LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
+        message_runner++;
+        instance_number = GetUsintFromMessage(&message_runner);
+        number_of_decoded_bytes += 2;
+        break;
+
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_INSTANCE_ID +
+          LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
+        message_runner += 2;
+        instance_number = GetUintFromMessage(&message_runner);
+        number_of_decoded_bytes += 4;
+        break;
+
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_ATTRIBUTE_ID +
+          LOGICAL_SEGMENT_FORMAT_EIGHT_BIT:
+        message_runner++;
+        attribute_number = GetUsintFromMessage(&message_runner);
+        number_of_decoded_bytes += 2;
+        break;
+
+      case SEGMENT_TYPE_LOGICAL_SEGMENT + LOGICAL_SEGMENT_TYPE_ATTRIBUTE_ID +
+          LOGICAL_SEGMENT_FORMAT_SIXTEEN_BIT:
+        message_runner += 2;
+        attribute_number = GetUintFromMessage(&message_runner);
+        number_of_decoded_bytes += 4;
+        break;
+
+      default:
+        OPENER_TRACE_ERR("ERROR wrong path requested\n");
+        message_router_response->general_status = kCipErrorPathSegmentError;
+        return kEipStatusError;
+    }
+
+  }  // end while
+
+  /* copy epath to attribute structure */
+  epath->path_size = path_size;
+  epath->class_id = class_id;
+  epath->instance_number = instance_number;
+  epath->attribute_number = attribute_number;
+
+  OPENER_ASSERT(path_size * 2 == number_of_decoded_bytes); /* path size is in 16 bit chunks according to the specification */
+
+  message_router_request->data = message_runner;  // update message-pointer
+
+  message_router_response->general_status = kCipErrorSuccess;
+  return number_of_decoded_bytes += 1;  // + 1 byte for path size
 }
 
 void CipSecurityObjectInitializeClassSettings(CipClass *class) {

EtherNetIPSecurityObject/ethernetipsecurity.c

@@ -69,26 +69,26 @@
  */
 /**< definition of EtherNet/IP Security object instance 1 data */
 
-CipEpath CMO_Paths[1] = {  //Certificate Management object paths
-		{
-				2, /* PathSize in 16 Bit chunks */
-				kCertificateManagementObjectClassCode, /* Class Code */
-				0x01, /* Instance # */
-		}
+CipEpath CMO_Paths[1] = {  // Certificate Management object paths
+    {
+        2,                                     /* PathSize in 16 Bit chunks */
+        kCertificateManagementObjectClassCode, /* Class Code */
+        0x01,                                  /* Instance # */
+    }};
+
+const EIPSecurityObjectPathList active_device_certificates = {
+    // at present, a maximum of 1 entry may be configured
+    1,
+    CMO_Paths,
 };
 
-EIPSecurityObjectPathList const active_device_certificates = { //at present, a maximum of 1 entry may be configured
-		  1,
-		  CMO_Paths
- };
-
 EIPSecurityObject g_eip_security = { //TODO: add object configuration
-		.state = kEIPFactoryDefaultConfiguration,     /** Attribute #1 */
-		.active_device_certificates = active_device_certificates,        /** Attribute #6 */
-		.pre_shared_keys.number_of_pre_shared_keys = 0,                  /** Attribute #5 */
-		.pull_model_enabled = true,  //default: true                     /** Attribute #13 */
-		.pull_model_status = 0x0000,                                     /** Attribute #14 */
-		.dtls_timeout = 0x0C //default: 12 seconds                       /** Attribute #15 */
+    .state = kEIPFactoryDefaultConfiguration,                 /** Attribute #1 */
+    .active_device_certificates = active_device_certificates, /** Attribute #6 */
+    .pre_shared_keys.number_of_pre_shared_keys = 0,           /** Attribute #5 */
+    .pull_model_enabled = true,  // default: true             /** Attribute #13 */
+    .pull_model_status = 0x0000,                              /** Attribute #14 */
+    .dtls_timeout = 0x0C //default: 12 seconds                /** Attribute #15 */
 };
 //  .capability_flags =0,                           /** Attribute #2 */
 //  .available_cipher_suites = 0,                   /** Attribute #3 */
@@ -107,257 +107,247 @@ EIPSecurityObject g_eip_security = { //TODO: add object configuration
 
 /** @brief EtherNet/IP Security Object Reset settable attributes
  *
- * Return all settable instance attributes to the
- * Factory Default Configuration value
+ *  Return all settable instance attributes to the
+ *  Factory Default Configuration value
  */
-void EIPSecurityObjectResetSettableAttributes(CipInstance *instance){
-	CipAttributeStruct *attribute = NULL;
+void EIPSecurityObjectResetSettableAttributes(CipInstance *instance) {
+  CipAttributeStruct *attribute = NULL;
 
-			attribute = GetCipAttribute(instance, 4);
-			attribute->data = (void*) &g_eip_security.allowed_cipher_suites;
+  attribute = GetCipAttribute(instance, 4);
+  attribute->data = (void *)&g_eip_security.allowed_cipher_suites;
 
-			attribute = GetCipAttribute(instance, 5);
-			attribute->data = (void*) &g_eip_security.pre_shared_keys;
+  attribute = GetCipAttribute(instance, 5);
+  attribute->data = (void *)&g_eip_security.pre_shared_keys;
 
-			attribute = GetCipAttribute(instance, 6);
-			attribute->data = (void*) &g_eip_security.active_device_certificates;
+  attribute = GetCipAttribute(instance, 6);
+  attribute->data = (void *)&g_eip_security.active_device_certificates;
 
-			attribute = GetCipAttribute(instance, 7);
-			attribute->data = (void*) &g_eip_security.trusted_authorities;
+  attribute = GetCipAttribute(instance, 7);
+  attribute->data = (void *)&g_eip_security.trusted_authorities;
 
-			attribute = GetCipAttribute(instance, 8);
-			attribute->data = (void*) &g_eip_security.certificate_revocation_list;
+  attribute = GetCipAttribute(instance, 8);
+  attribute->data = (void *)&g_eip_security.certificate_revocation_list;
 
-			attribute = GetCipAttribute(instance, 9);
-			attribute->data = (void*) &g_eip_security.verify_client_certificate;
+  attribute = GetCipAttribute(instance, 9);
+  attribute->data = (void *)&g_eip_security.verify_client_certificate;
 
-			attribute = GetCipAttribute(instance, 10);
-			attribute->data = (void*) &g_eip_security.send_certificate_chain;
+  attribute = GetCipAttribute(instance, 10);
+  attribute->data = (void *)&g_eip_security.send_certificate_chain;
 
-			attribute = GetCipAttribute(instance, 11);
-			attribute->data = (void*) &g_eip_security.check_expiration;
+  attribute = GetCipAttribute(instance, 11);
+  attribute->data = (void *)&g_eip_security.check_expiration;
 
-			attribute = GetCipAttribute(instance, 12);
-			attribute->data = (void*) &g_eip_security.trusted_identities;
+  attribute = GetCipAttribute(instance, 12);
+  attribute->data = (void *)&g_eip_security.trusted_identities;
 
-			attribute = GetCipAttribute(instance, 15);
-			attribute->data = (void*) &g_eip_security.dtls_timeout;
+  attribute = GetCipAttribute(instance, 15);
+  attribute->data = (void *)&g_eip_security.dtls_timeout;
 
-			attribute = GetCipAttribute(instance, 16);
-			attribute->data = (void*) &g_eip_security.udp_only_policy;
+  attribute = GetCipAttribute(instance, 16);
+  attribute->data = (void *)&g_eip_security.udp_only_policy;
 }
 
 /** @brief EtherNet/IP Security Object Reset service
  *
- * Return this EtherNet/IP Security Object Instance to the
- * Factory Default Configuration State.
- * See Vol.8 Section 5-4.5.1
+ *  Return this EtherNet/IP Security Object Instance to the
+ *  Factory Default Configuration State.
+ *  @See Vol.8, Chapter 5-4.5.1
  */
-EipStatus EIPSecurityObjectReset(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorPrivilegeViolation; //TODO: check error status
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	//TODO: check for valid TLS connection
-
-	CipAttributeStruct *attribute = NULL;
-
-	CipBool enable_pull_model = false; /* The default value if parameter was omitted. */
-	CipUint pull_model_status = 0x0000;
-	CipUint state = 0;
-
-	if (message_router_request->request_data_size == 1) {
-		enable_pull_model = GetBoolFromMessage(&message_router_request->data);
-
-		if (enable_pull_model) { // data: 01
-			pull_model_status = 0x0000; //TODO: 0x0000 not allowed - check
-			state = kEIPFactoryDefaultConfiguration;
-		} else { // data: 00
-			pull_model_status = 0xFFFF;
-			state = kPullModelDisabled;
-		}
-	} else {
-		pull_model_status = 0xFFFF;
-	}
+EipStatus EIPSecurityObjectReset(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorPrivilegeViolation;  // TODO: check error status
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  // TODO: check for valid TLS connection
+
+  CipAttributeStruct *attribute = NULL;
+
+  CipBool enable_pull_model = false; /* The default value if parameter was omitted. */
+  CipUint pull_model_status = 0x0000;
+  CipUint state = 0;
+
+  if (message_router_request->request_data_size == 1) {
+    enable_pull_model = GetBoolFromMessage(&message_router_request->data);
+
+    if (enable_pull_model) {       // data: 01
+      pull_model_status = 0x0000;  // TODO: 0x0000 not allowed - check
+      state = kEIPFactoryDefaultConfiguration;
+    } else {  // data: 00
+      pull_model_status = 0xFFFF;
+      state = kPullModelDisabled;
+    }
+  } else {
+    pull_model_status = 0xFFFF;
+  }
 
-	attribute = GetCipAttribute(instance, 13); //attribute #13 pull model enable
-	*(CipBool*) attribute->data = enable_pull_model; //set value
+  attribute = GetCipAttribute(instance, 13);  // attribute #13 pull model enable
+  *(CipBool *)attribute->data = enable_pull_model;  // set value
 
-	attribute = GetCipAttribute(instance, 14); //attribute #14 pull model status
-	*(CipUint*) attribute->data = pull_model_status; //set value
+  attribute = GetCipAttribute(instance, 14);  // attribute #14 pull model status
+  *(CipUint *)attribute->data = pull_model_status;  // set value
 
-	attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	*(CipUsint*) attribute->data = state; //set value
+  attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  *(CipUsint *)attribute->data = state;      // set value
 
-	/*Reset settable attributes of each existing EtherNet/IP Security Object to factory default*/
-	for (CipInstance *ins = instance->cip_class->instances; ins; ins =
-			ins->next) /* follow the list*/
-			{
-		EIPSecurityObjectResetSettableAttributes(ins);
-	}
+  /* Reset settable attributes of each existing EtherNet/IP Security Object to
+   * factory default */
+  for (CipInstance *ins = instance->cip_class->instances; ins; ins = ins->next) /* follow the list*/
+  {
+    EIPSecurityObjectResetSettableAttributes(ins);
+  }
 
-	message_router_response->general_status = kCipErrorSuccess;
-	return kEipStatusOk;
+  message_router_response->general_status = kCipErrorSuccess;
+  return kEipStatusOk;
 }
 
 /** @brief EtherNet/IP Security Object Begin_Config service
  *
- * Causes the object to transition to the Configuration In Progress state.
- * See Vol.8 Section 5-4.7.1
+ *  Causes the object to transition to the Configuration In Progress state.
+ *  @See Vol.8, Chapter 5-4.7.1
  */
-EipStatus EIPSecurityObjectBeginConfig(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorSuccess;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	CipUsint state = *(CipUsint*)attribute->data;
-
-	if (kEIPFactoryDefaultConfiguration != state) {
-		message_router_response->general_status = kCipErrorObjectStateConflict;
-	} else {
-
-		//TODO: save current instance config before starting new config
-		*(CipUsint*) attribute->data = kEIPConfigurationInProgress; //set state
-
-		//TODO: start configuration session timer
-	}
+EipStatus EIPSecurityObjectBeginConfig(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorSuccess;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  CipUsint state = *(CipUsint *)attribute->data;
+
+  if (kEIPFactoryDefaultConfiguration != state) {
+    message_router_response->general_status = kCipErrorObjectStateConflict;
+  } else {
+    // TODO: save current instance config before starting new config
+    *(CipUsint *)attribute->data = kEIPConfigurationInProgress;  // set state
+
+    // TODO: start configuration session timer
+  }
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 /** @brief EtherNet/IP Security Object Kick_Timer service
  *
- * Causes the object to reset the configuration session timer.
- * See Vol.8 Section 5-4.7.2
+ *  Causes the object to reset the configuration session timer.
+ *  @See Vol.8, Chapter 5-4.7.2
  */
-EipStatus EIPSecurityObjectKickTimer(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorObjectStateConflict;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	CipUsint state = *(CipUsint*)attribute->data;
-
-	if (kEIPConfigurationInProgress == state) {
-		//TODO: reset configuration session timer
-		message_router_response->general_status = kCipErrorSuccess;
-	}
+EipStatus EIPSecurityObjectKickTimer(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorObjectStateConflict;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  CipUsint state = *(CipUsint *)attribute->data;
+
+  if (kEIPConfigurationInProgress == state) {
+    // TODO: reset configuration session timer
+    message_router_response->general_status = kCipErrorSuccess;
+  }
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 /** @brief EtherNet/IP Security Object Apply_Config service
  *
- * Applies the configuration and places the object in the Configured state.
- * See Vol.8 Section 5-4.7.3
+ *  Applies the configuration and places the object in the Configured state.
+ *  @See Vol.8, Chapter 5-4.7.3
  */
-EipStatus EIPSecurityObjectApplyConfig(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorObjectStateConflict;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	CipUsint state = *(CipUsint*) attribute->data;
-
-	if (kEIPConfigurationInProgress == state) {
-
-		/* The default values if parameters were omitted. */
-		CipWord apply_behavior_flags = 0;
-		CipUint close_delay = 0;
-
-		if (0 < message_router_request->request_data_size) {
-			apply_behavior_flags = GetWordFromMessage(
-					         &(message_router_request->data));
-			close_delay = GetUintFromMessage(
-							         &(message_router_request->data));
-		}
+EipStatus EIPSecurityObjectApplyConfig(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorObjectStateConflict;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  CipUsint state = *(CipUsint *)attribute->data;
+
+  if (kEIPConfigurationInProgress == state) {
+    /* The default values if parameters were omitted. */
+    CipWord apply_behavior_flags = 0;
+    CipUint close_delay = 0;
+
+    if (0 < message_router_request->request_data_size) {
+      apply_behavior_flags = GetWordFromMessage(&(message_router_request->data));
+      close_delay = GetUintFromMessage(&(message_router_request->data));
+    }
 
-		//check apply behavior
-		if (apply_behavior_flags & (1 << 0)){ //Bit 0 set
-			//TODO: close existing connections once close_delay has elapsed
-		}
-		if (apply_behavior_flags & (1 << 1)){ //Bit 1 set
-			//TODO: run Object_Cleanup service of the CIP Security Object after applying changes
-		}
+    // check apply behavior
+    if (apply_behavior_flags & (1 << 0)) {  // Bit 0 set
+      // TODO: close existing connections once close_delay has elapsed
+    }
+    if (apply_behavior_flags & (1 << 1)) {  // Bit 1 set
+      // TODO: run Object_Cleanup service of the CIP Security Object after
+      // applying changes
+    }
 
-		//TODO: Apply config
-		/*device shall begin using the new attribute
-			settings when establishing new (D)TLS sessions. */
+    // TODO: Apply config
+    /* device shall begin using the new attribute
+     * settings when establishing new (D)TLS sessions. */
 
-		//TODO: change state to configured
-		//*(CipUsint*) attribute->data = kEIPConfigured;
-		message_router_response->general_status = kCipErrorSuccess;
-	}
+    // TODO: change state to configured
+    //*(CipUsint*) attribute->data = kEIPConfigured;
+    message_router_response->general_status = kCipErrorSuccess;
+  }
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 /** @brief EtherNet/IP Security Object Abort_Config service
  *
- * Abort the current configuration and discard pending changes.
- * See Vol.8 Section 5-4.7.4
+ *  Abort the current configuration and discard pending changes.
+ *  @See Vol.8, Chapter 5-4.7.4
  */
-EipStatus EIPSecurityObjectAbortConfig(CipInstance *RESTRICT const instance,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response,
-		const struct sockaddr *originator_address,
-		const int encapsulation_session) {
-
-	message_router_response->general_status = kCipErrorObjectStateConflict;
-	message_router_response->size_of_additional_status = 0;
-	InitializeENIPMessage(&message_router_response->message);
-	message_router_response->reply_service = (0x80
-			| message_router_request->service);
-
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	CipUsint state = *(CipUsint*) attribute->data;
-
-	if (kEIPConfigurationInProgress == state){
-
-		//TODO: implement service
-
-		//TODO: change back to state before configuration in progress
-		*(CipUsint*) attribute->data = kEIPConfigured; //TODO: remove
-		message_router_response->general_status = kCipErrorSuccess;
-	}
+EipStatus EIPSecurityObjectAbortConfig(
+    CipInstance *RESTRICT const instance,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response,
+    const struct sockaddr *originator_address,
+    const int encapsulation_session) {
+  message_router_response->general_status = kCipErrorObjectStateConflict;
+  message_router_response->size_of_additional_status = 0;
+  InitializeENIPMessage(&message_router_response->message);
+  message_router_response->reply_service = (0x80 | message_router_request->service);
+
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  CipUsint state = *(CipUsint *)attribute->data;
+
+  if (kEIPConfigurationInProgress == state) {
+    // TODO: implement service
+
+    // TODO: change back to state before configuration in progress
+    *(CipUsint *)attribute->data = kEIPConfigured;  // TODO: remove
+    message_router_response->general_status = kCipErrorSuccess;
+  }
 
-	return kEipStatusOk;
+  return kEipStatusOk;
 }
 
 void EncodeEIPSecurityObjectCipherSuiteId(const void *const data,
-                                          ENIPMessage *const outgoing_message)
-{
+                                          ENIPMessage *const outgoing_message) {
   EIPSecurityObjectCipherSuiteId *cipher_suite_id =
-      (EIPSecurityObjectCipherSuiteId *) data;
+      (EIPSecurityObjectCipherSuiteId *)data;
 
   EncodeCipUsint(&(cipher_suite_id->iana_first_byte), outgoing_message);
   EncodeCipUsint(&(cipher_suite_id->iana_second_byte), outgoing_message);
@@ -447,125 +437,116 @@ int DecodeEIPSecurityObjectPathList(EIPSecurityObjectPathList *const path_list,
 	return number_of_decoded_bytes;
 }
 
-/**
- * When accessed via Get_Attributes_All or Get_Attribute_Single, the Size of
- * PSK element shall be 0, and 0 bytes of PSK value shall be returned.
- * This ensures that the PSK value cannot be read out of the device,
- * as it is a confidential piece of information.
+/** @brief When accessed via Get_Attributes_All or Get_Attribute_Single, the
+ *  Size of PSK element shall be 0, and 0 bytes of PSK value shall be returned.
+ *  This ensures that the PSK value cannot be read out of the device,
+ *  as it is a confidential piece of information.
  */
 void EncodeEIPSecurityObjectPreSharedKeys(const void *const data,
-                                         ENIPMessage *const outgoing_message) {
+                                          ENIPMessage *const outgoing_message) {
   AddSintToMessage(0, outgoing_message);
 }
 
 int DecodeEIPSecurityObjectPreSharedKeys(
-		EIPSecurityObjectPreSharedKeys *const pre_shared_keys,
-		CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response) {
-
-	int number_of_decoded_bytes = -1;
+    EIPSecurityObjectPreSharedKeys *const pre_shared_keys,
+    CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response) {
+  int number_of_decoded_bytes = -1;
 
-	CipUsint number_of_psk = GetUsintFromMessage(
-			&(message_router_request->data));
+  CipUsint number_of_psk = GetUsintFromMessage(&(message_router_request->data));
 
-	// At present, a maximum of 1 PSK may be configured
-	if (number_of_psk > 1) {
-		message_router_response->general_status =
-				kCipErrorInvalidAttributeValue;
-		return number_of_decoded_bytes;
-	}
+  // At present, a maximum of 1 PSK may be configured
+  if (number_of_psk > 1) {
+    message_router_response->general_status = kCipErrorInvalidAttributeValue;
+    return number_of_decoded_bytes;
+  }
 
-	if (number_of_psk == 1) {
-		EIPSecurityObjectPreSharedKey *psk_structure = CipCalloc(number_of_psk,
-				sizeof(EIPSecurityObjectPreSharedKey));
-
-		psk_structure->psk_identity_size = GetUsintFromMessage(
-				&(message_router_request->data));
-
-		if (psk_structure->psk_identity_size <= SIZE_MAX_PSK_IDENTITY) {
-			CipOctet *psk_identity = CipCalloc(psk_structure->psk_identity_size,
-					sizeof(CipOctet));
-
-			memcpy(psk_identity, message_router_request->data,
-					psk_structure->psk_identity_size);
-			message_router_request->data += psk_structure->psk_identity_size;
-			//          for (int i=0; i<psk_structure->psk_identity_size; i++) {
-			//            psk_identity[i] = GetByteFromMessage(&(message_router_request->data));
-			//          }
-
-			psk_structure->psk_identity = psk_identity;
-			psk_structure->psk_size = GetUsintFromMessage(
-					&(message_router_request->data));
-
-			if (psk_structure->psk_size <= SIZE_MAX_PSK) {
-				CipOctet *psk = CipCalloc(psk_structure->psk_size,
-						sizeof(CipOctet));
-
-				memcpy(psk, message_router_request->data,
-						psk_structure->psk_size);
-				//            for (int i=0; i<psk_structure->psk_size; i++) {
-				//              psk[i] = GetByteFromMessage(&(message_router_request->data));
-				//            }
-
-				psk_structure->psk = psk;
-				//TODO: Cleanup existing PSKs
-				pre_shared_keys->pre_shared_keys = psk_structure;
-				message_router_response->general_status = kCipErrorSuccess;
-			} else {
-				if (psk_identity != NULL) {
-					CipFree(psk_identity);
-					psk_structure->psk_identity = NULL;
-				}
-				if (psk_structure != NULL) {
-					CipFree(psk_structure);
-				}
-				message_router_response->general_status =
-						kCipErrorInvalidAttributeValue;
-			}
-		} else {
-			if (psk_structure != NULL) {
-				CipFree(psk_structure);
-			}
-			message_router_response->general_status =
-					kCipErrorInvalidAttributeValue;
-		}
-	} else {
-		//TODO: Cleanup existing PSKs
-		pre_shared_keys->number_of_pre_shared_keys = number_of_psk; //0
-		pre_shared_keys->pre_shared_keys = NULL;
-		message_router_response->general_status = kCipErrorSuccess;
-	}
+  if (number_of_psk == 1) {
+    EIPSecurityObjectPreSharedKey *psk_structure =
+        CipCalloc(number_of_psk, sizeof(EIPSecurityObjectPreSharedKey));
+
+    psk_structure->psk_identity_size =
+        GetUsintFromMessage(&(message_router_request->data));
+
+    if (psk_structure->psk_identity_size <= SIZE_MAX_PSK_IDENTITY) {
+      CipOctet *psk_identity =
+          CipCalloc(psk_structure->psk_identity_size, sizeof(CipOctet));
+
+      memcpy(psk_identity, message_router_request->data, psk_structure->psk_identity_size);
+      message_router_request->data += psk_structure->psk_identity_size;
+      //          for (int i=0; i<psk_structure->psk_identity_size; i++) {
+      //            psk_identity[i] =
+      //            GetByteFromMessage(&(message_router_request->data));
+      //          }
+
+      psk_structure->psk_identity = psk_identity;
+      psk_structure->psk_size = GetUsintFromMessage(&(message_router_request->data));
+
+      if (psk_structure->psk_size <= SIZE_MAX_PSK) {
+        CipOctet *psk = CipCalloc(psk_structure->psk_size, sizeof(CipOctet));
+
+        memcpy(psk, message_router_request->data, psk_structure->psk_size);
+        //            for (int i=0; i<psk_structure->psk_size; i++) {
+        //              psk[i] =
+        //              GetByteFromMessage(&(message_router_request->data));
+        //            }
+
+        psk_structure->psk = psk;
+        // TODO: Cleanup existing PSKs
+        pre_shared_keys->pre_shared_keys = psk_structure;
+        message_router_response->general_status = kCipErrorSuccess;
+      } else {
+        if (psk_identity != NULL) {
+          CipFree(psk_identity);
+          psk_structure->psk_identity = NULL;
+        }
+        if (psk_structure != NULL) {
+          CipFree(psk_structure);
+        }
+        message_router_response->general_status =
+            kCipErrorInvalidAttributeValue;
+      }
+    } else {
+      if (psk_structure != NULL) {
+        CipFree(psk_structure);
+      }
+      message_router_response->general_status = kCipErrorInvalidAttributeValue;
+    }
+  } else {
+    // TODO: Cleanup existing PSKs
+    pre_shared_keys->number_of_pre_shared_keys = number_of_psk;  // 0
+    pre_shared_keys->pre_shared_keys = NULL;
+    message_router_response->general_status = kCipErrorSuccess;
+  }
 
-	return number_of_decoded_bytes;
+  return number_of_decoded_bytes;
 }
 
-int DecodeDTLSTimeout(CipUint *const data,
-		const CipMessageRouterRequest *const message_router_request,
-		CipMessageRouterResponse *const message_router_response) {
-
-	CipInstance *const instance = GetCipInstance(
-				GetCipClass(message_router_request->request_path.class_id),
-				message_router_request->request_path.instance_number);
+int DecodeDTLSTimeout(
+    CipUint *const data,
+    const CipMessageRouterRequest *const message_router_request,
+    CipMessageRouterResponse *const message_router_response) {
+  CipInstance *const instance =
+      GetCipInstance(GetCipClass(message_router_request->request_path.class_id),
+                     message_router_request->request_path.instance_number);
 
-	CipAttributeStruct *attribute = GetCipAttribute(instance, 1); //attribute #1 state
-	CipUsint state = *(CipUsint*)attribute->data;
+  CipAttributeStruct *attribute = GetCipAttribute(instance, 1);  // attribute #1 state
+  CipUsint state = *(CipUsint *)attribute->data;
 
-	if (kEIPConfigurationInProgress == state){
+  if (kEIPConfigurationInProgress == state) {
+    CipUint dtls_timeout = GetUintFromMessage(&(message_router_request->data));
 
-		CipUint dtls_timeout = GetUintFromMessage(&(message_router_request->data));
-
-		if (0 <= dtls_timeout && 3600 >= dtls_timeout) {
-			*data = dtls_timeout;
-			message_router_response->general_status = kCipErrorSuccess;
-			return 2;
-		} else {
-			message_router_response->general_status =
-					kCipErrorInvalidAttributeValue;
-		}
-	} else {
-		message_router_response->general_status = kCipErrorObjectStateConflict;
-	}
-	return -1;
+    if (0 <= dtls_timeout && 3600 >= dtls_timeout) {
+      *data = dtls_timeout;
+      message_router_response->general_status = kCipErrorSuccess;
+      return 2;
+    } else {
+      message_router_response->general_status = kCipErrorInvalidAttributeValue;
+    }
+  } else {
+    message_router_response->general_status = kCipErrorObjectStateConflict;
+  }
+  return -1;
 }
 
 void EIPSecurityObjectInitializeClassSettings(CipClass *class) {