1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef IOTVT_SRM_CREDR_H
22 #define IOTVT_SRM_CREDR_H
24 #include "cainterface.h"
25 #include "securevirtualresourcetypes.h"
33 * Initialize credential resource by loading data from persistent storage.
36 * OC_STACK_OK - no errors
37 * OC_STACK_ERROR - stack process error
39 OCStackResult InitCredResource();
42 * Perform cleanup for credential resources.
45 * OC_STACK_OK - no errors
46 * OC_STACK_ERROR - stack process error
47 * OC_STACK_NO_RESOURCE - resource not found
48 * OC_STACK_INVALID_PARAM - invalid param
50 OCStackResult DeInitCredResource();
53 * This method is used by tinydtls/SRM to retrieve credential for given Subject.
55 * @param subject - subject for which credential is required.
58 * reference to OicSecCred_t - if credential is found
59 * NULL - if credential not found
61 const OicSecCred_t* GetCredResourceData(const OicUuid_t* subjectId);
64 * This function converts credential data into JSON format.
65 * Caller needs to invoke 'free' when done using
67 * @param cred pointer to instance of OicSecCred_t structure.
70 * pointer to JSON credential representation - if credential for subjectId found
71 * NULL - if credential for subjectId not found
73 char* BinToCredJSON(const OicSecCred_t* cred);
76 * This function generates the bin credential data.
78 * @param subject pointer to subject of this credential.
79 * @param credType credential type.
80 * @param publicData public data such as public key.
81 * @param privateData private data such as private key.
82 * @param ownersLen length of owners array
83 * @param owners array of owners.
86 * pointer to instance of OicSecCred_t - success
89 OicSecCred_t * GenerateCredential(const OicUuid_t* subject, OicSecCredType_t credType,
90 const char * publicData, const char * privateData, size_t ownersLen,
91 const OicUuid_t * owners);
94 * This function adds the new cred to the credential list.
96 * @param cred pointer to new credential.
99 * OC_STACK_OK - cred not NULL and persistent storage gets updated
100 * OC_STACK_ERROR - cred is NULL or fails to update persistent storage
102 OCStackResult AddCredential(OicSecCred_t * cred);
105 * Function to remove the credential from SVR DB.
107 * @param credId Credential ID to be deleted.
109 * @return OC_STACK_OK for success and errorcode otherwise.
111 OCStackResult RemoveCredential(const OicUuid_t* credId);
114 * Remove all credential data on credential resource and persistent storage
117 * OC_STACK_OK - no errors
118 * OC_STACK_ERROR - stack process error
120 OCStackResult RemoveAllCredentials(void);
122 #if defined(__WITH_DTLS__)
124 * This internal callback is used by lower stack (i.e. CA layer) to
125 * retrieve PSK credentials from RI security layer.
127 * @param[in] type type of PSK data required by CA layer during DTLS handshake.
128 * @param[in] desc Additional request information.
129 * @param[in] desc_len The actual length of desc.
130 * @param[out] result Must be filled with the requested information.
131 * @param[in] result_length Maximum size of @p result.
133 * @return The number of bytes written to @p result or a value
134 * less than zero on error.
136 int32_t GetDtlsPskCredentials( CADtlsPskCredType_t type,
137 const unsigned char *desc, size_t desc_len,
138 unsigned char *result, size_t result_length);
141 * Add temporal PSK to PIN based OxM
143 * @param[in] tmpSubject UUID of target device
144 * @param[in] credType Type of credential to be added
145 * @param[in] pin numeric characters
146 * @param[in] pinSize length of 'pin'
147 * @param[in] ownersLen Number of owners
148 * @param[in] owners Array of owners
149 * @param[out] tmpCredSubject Generated credential's subject.
151 * @return OC_STACK_OK for success and errorcode otherwise.
153 OCStackResult AddTmpPskWithPIN(const OicUuid_t* tmpSubject, OicSecCredType_t credType,
154 const char * pin, size_t pinSize,
155 size_t ownersLen, const OicUuid_t * owners, OicUuid_t* tmpCredSubject);
157 #endif /* __WITH_DTLS__ */
161 * This function is used toretrieve certificate credentials from RI security layer.
164 * binary structure containing certificate credentials
166 * @retval 0 on scuccess
168 int GetDtlsX509Credentials(CADtlsX509Creds_t *credInfo);
169 #endif /*__WITH_X509__*/
172 * Function to deallocate allocated memory to OicSecCred_t
174 * @param cred pointer to cred type
177 void DeleteCredList(OicSecCred_t* cred);
183 #endif //IOTVT_SRM_CREDR_H