2 * //******************************************************************
4 * // Copyright 2016 Samsung Electronics All Rights Reserved.
6 * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
8 * // Licensed under the Apache License, Version 2.0 (the "License");
9 * // you may not use this file except in compliance with the License.
10 * // You may obtain a copy of the License at
12 * // http://www.apache.org/licenses/LICENSE-2.0
14 * // Unless required by applicable law or agreed to in writing, software
15 * // distributed under the License is distributed on an "AS IS" BASIS,
16 * // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17 * // See the License for the specific language governing permissions and
18 * // limitations under the License.
20 * //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
22 package org.iotivity.cloud.accountserver.resources.certificate;
24 import java.security.PublicKey;
25 import java.util.Arrays;
26 import java.util.Date;
27 import java.util.HashMap;
30 import org.iotivity.cloud.accountserver.Constants;
31 import org.iotivity.cloud.accountserver.x509.cert.CSRParser;
32 import org.iotivity.cloud.accountserver.x509.cert.CertificateBuilder;
33 import org.iotivity.cloud.accountserver.x509.cert.CertificateIssuerConfig;
34 import org.iotivity.cloud.accountserver.x509.cert.CertificatePrivateKeyPair;
35 import org.iotivity.cloud.base.device.Device;
36 import org.iotivity.cloud.base.exception.ServerException;
37 import org.iotivity.cloud.base.exception.ServerException.BadRequestException;
38 import org.iotivity.cloud.base.protocols.IRequest;
39 import org.iotivity.cloud.base.protocols.IResponse;
40 import org.iotivity.cloud.base.protocols.MessageBuilder;
41 import org.iotivity.cloud.base.protocols.enums.ContentFormat;
42 import org.iotivity.cloud.base.protocols.enums.ResponseStatus;
43 import org.iotivity.cloud.base.resource.Resource;
44 import org.iotivity.cloud.util.Cbor;
46 public class CertificateResource extends Resource {
47 /* resource uri for certificate issuer */
48 private Cbor<HashMap<String, Object>> mCbor = new Cbor<>();
49 private CertificateManager mCertificateManager = new CertificateManager();
50 private static String DEVICE_OU = "OCF Device";
52 public CertificateResource() {
53 super(Arrays.asList(Constants.PREFIX_OIC, Constants.CREDPROV_URI,
58 public void onDefaultRequestReceived(Device srcDevice, IRequest request)
59 throws ServerException {
60 IResponse response = null;
62 switch (request.getMethod()) {
64 response = handlePutRequest(request);
68 throw new BadRequestException(
69 request.getMethod() + " request type is not support");
72 srcDevice.sendResponse(response);
75 private IResponse handlePutRequest(IRequest request)
76 throws ServerException {
78 Map<String, Object> payloadData = mCbor
79 .parsePayloadFromCbor(request.getPayload(), HashMap.class);
81 if (payloadData == null) {
82 throw new BadRequestException("CBOR parsing failed");
85 Map<String, Object> responsePayload = null;
87 if (payloadData.containsKey(Constants.REQ_CSR)) {
89 byte[] csrDer = (byte[]) payloadData.get(Constants.REQ_CSR);
90 CSRParser parser = null;
91 PublicKey pubKey = null;
94 parser = new CSRParser(csrDer);
95 if (!parser.verify()) {
96 throw new Exception();
98 pubKey = parser.getPublicKey();
99 } catch (Exception e) {
100 throw new BadRequestException("Bad CSR");
103 CertificateIssuerConfig ciConfig = CertificateIssuerConfig
106 Date notBefore = ciConfig.getNotBeforeDate();
107 Date notAfter = ciConfig.getNotAfterDate();
109 CertificateBuilder certBuilder = new CertificateBuilder(
110 parser.getCommonName(), pubKey, notBefore, notAfter,
111 ciConfig.getNextSerialNumber(),
112 ciConfig.getRootCertificate());
114 certBuilder.setSubjectC(parser.getCountry());
116 certBuilder.setSubjectO(parser.getOrganizational());
118 certBuilder.setSubjectOU(DEVICE_OU);
120 CertificatePrivateKeyPair devCert = null;
123 devCert = certBuilder.build();
124 // System.out.println("============================== DEV CERT
125 // ===========================");
126 // System.out.println();
127 // System.out.println(devCert.getCertificate().toString());
128 // System.out.println("===================================================================");
130 if (payloadData.containsKey(Constants.REQ_DEVICE_ID)) {
131 mCertificateManager.addDeviceId(
132 (String) payloadData.get(Constants.RESP_DEVICE_ID));
135 responsePayload = mCertificateManager.createPayload(
136 devCert.getCertificate().getEncoded(),
137 ciConfig.getRootCertificate().getCertificate()
140 } catch (Exception e) {
141 throw new BadRequestException("Certificate generation error");
145 throw new BadRequestException("CSR is null");
148 return MessageBuilder.createResponse(request, ResponseStatus.CONTENT,
149 ContentFormat.APPLICATION_CBOR,
150 mCbor.encodingPayloadToCbor(responsePayload));