1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef IOTVT_SRM_CREDR_H
22 #define IOTVT_SRM_CREDR_H
24 #include "cainterface.h"
25 #include "securevirtualresourcetypes.h"
33 * Initialize credential resource by loading data from persistent storage.
35 * @return ::OC_STACK_OK, if initialization is successful, else ::OC_STACK_ERROR if
36 * initialization fails.
38 OCStackResult InitCredResource();
41 * Perform cleanup for credential resources.
43 * @return ::OC_STACK_OK, if no errors. ::OC_STACK_ERROR, if stack process error.
44 * ::OC_STACK_NO_RESOURCE, if resource not found.
45 * ::OC_STACK_INVALID_PARAM, if invalid param.
47 OCStackResult DeInitCredResource();
50 * This method is used by tinydtls/SRM to retrieve credential for given subject.
52 * @param subjectId for which credential is required.
54 * @return reference to @ref OicSecCred_t, if credential is found, else NULL, if credential
57 const OicSecCred_t* GetCredResourceData(const OicUuid_t* subjectId);
60 * This function converts credential data into CBOR format.
61 * Caller needs to invoke 'free' when done using returned string.
63 * @param cred is the pointer to instance of OicSecCred_t structure.
64 * @param cborPayload is the CBOR converted value.
65 * @param cborSize is the size of the CBOR.
66 * @param secureFlag shows fill or not private key.
68 * @return ::OC_STACK_OK if conversion is successful, else ::OC_STACK_ERROR if unsuccessful.
70 OCStackResult CredToCBORPayload(const OicSecCred_t* cred, uint8_t **cborPayload,
71 size_t *cborSize, int secureFlag);
74 * This function generates the bin credential data.
76 * @param subject pointer to subject of this credential.
77 * @param credType credential type.
78 * @param publicData public data such as public key.
79 * @param privateData private data such as private key.
80 * @param rownerID Resource owner's UUID.
82 * @return pointer to instance of @ref OicSecCred_t if successful. else NULL in case of error.
85 OicSecCred_t * GenerateCredential(const OicUuid_t* subject, OicSecCredType_t credType,
86 const OicSecCert_t * publicData, const OicSecKey_t * privateData,
87 const OicUuid_t * rownerID);
90 * This function adds the new cred to the credential list.
92 * @param cred is the pointer to new credential.
94 * @return ::OC_STACK_OK, cred not NULL and persistent storage gets updated.
95 * ::OC_STACK_ERROR, cred is NULL or fails to update persistent storage.
97 OCStackResult AddCredential(OicSecCred_t * cred);
100 * Function to remove the credential from SVR DB.
102 * @param credId is the Credential ID to be deleted.
104 * @return ::OC_STACK_OK for success, or errorcode otherwise.
106 OCStackResult RemoveCredential(const OicUuid_t *credId);
108 #if defined(__WITH_DTLS__)
110 * This internal callback is used by lower stack (i.e. CA layer) to
111 * retrieve PSK credentials from RI security layer.
113 * @param type of PSK data required by CA layer during DTLS handshake.
114 * @param desc Additional request information.
115 * @param desc_len is the actual length of desc.
116 * @param result is must be filled with the requested information.
117 * @param result_length is the maximum size of @p result.
119 * @return The number of bytes written to @p result or a value
120 * less than zero on error.
122 int32_t GetDtlsPskCredentials( CADtlsPskCredType_t type,
123 const unsigned char *desc, size_t desc_len,
124 unsigned char *result, size_t result_length);
127 * Add temporal PSK to PIN based OxM.
129 * @param tmpSubject is the UUID of target device
130 * @param credType is the type of credential to be added
131 * @param pin is the numeric characters
132 * @param pinSize is the length of 'pin'
133 * @param rownerID Resource owner's UUID
134 * @param tmpCredSubject is the generated credential's subject.
136 * @return ::OC_STACK_OK for success or else errorcode.
138 OCStackResult AddTmpPskWithPIN(const OicUuid_t* tmpSubject, OicSecCredType_t credType,
139 const char * pin, size_t pinSize,
140 const OicUuid_t * rownerID,
141 OicUuid_t* tmpCredSubject);
143 #endif /* __WITH_DTLS__ */
147 * This function is used toretrieve certificate credentials from RI security layer.
149 * @param credInfo is the binary structure containing certificate credentials
151 * @return 0 on success.
153 int GetDtlsX509Credentials(CADtlsX509Creds_t *credInfo);
154 #endif /*__WITH_X509__*/
157 * Function to deallocate allocated memory to OicSecCred_t.
159 * @param cred pointer to cred type.
162 void DeleteCredList(OicSecCred_t* cred);
165 * Internal function to update resource owner
167 * @param newROwner new owner
169 * @retval ::OC_STACK_OK for Success, otherwise some error value
171 OCStackResult SetCredRownerId(const OicUuid_t* newROwner);
174 * Gets the OicUuid_t value for the rownerid of the cred resource.
176 * @param rowneruuid a pointer to be assigned to the rowneruuid property
177 * @return ::OC_STACK_OK if rowneruuid is assigned correctly, else ::OC_STACK_ERROR.
179 OCStackResult GetCredRownerId(OicUuid_t *rowneruuid);
185 #endif //IOTVT_SRM_CREDR_H