1 /* *****************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * *****************************************************************/
23 #include "ocprovisioningmanager.h"
24 #include "pmutility.h"
25 #include "ownershiptransfermanager.h"
26 #include "oic_malloc.h"
28 #include "secureresourceprovider.h"
29 #include "provisioningdatabasemanager.h"
30 #include "credresource.h"
32 #include "aclresource.h" //Note: SRM internal header
36 typedef struct Linkdata Linkdata_t;
40 const OCProvisionDev_t *pDev1;
41 OicSecAcl_t *pDev1Acl;
42 const OCProvisionDev_t *pDev2;
43 OicSecAcl_t *pDev2Acl;
44 OCProvisionResult_t *resArr;
46 int currentCountResults;
47 OCProvisionResultCB resultCallback;
52 * The function is responsible for initializaton of the provisioning manager. It will load
53 * provisioning database which have owned device's list and their linked status.
54 * TODO: In addition, if there is a device(s) which has not up-to-date credentials, this function will
55 * automatically try to update the deivce(s).
57 * @param[in] dbPath file path of the sqlite3 db
59 * @return OC_STACK_OK in case of success and other value otherwise.
61 OCStackResult OCInitPM(const char* dbPath)
63 return PDMInit(dbPath);
67 * The function is responsible for discovery of device is current subnet. It will list
68 * all the device in subnet which are not yet owned. Please call OCInit with OC_CLIENT_SERVER as
71 * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
72 * client before returning the list of devices.
73 * @param[out] ppList List of candidate devices to be provisioned
74 * @return OTM_SUCCESS in case of success and other value otherwise.
76 OCStackResult OCDiscoverUnownedDevices(unsigned short timeout, OCProvisionDev_t **ppList)
78 if( ppList == NULL || *ppList != NULL)
80 return OC_STACK_INVALID_PARAM;
83 return PMDeviceDiscovery(timeout, false, ppList);
87 * The function is responsible for discovery of owned device is current subnet. It will list
88 * all the device in subnet which are owned by calling provisioning client.
90 * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
91 * client before returning the list of devices.
92 * @param[out] ppList List of device owned by provisioning tool.
93 * @return OTM_SUCCESS in case of success and other value otherwise.
95 OCStackResult OCDiscoverOwnedDevices(unsigned short timeout, OCProvisionDev_t **ppList)
97 if( ppList == NULL || *ppList != NULL)
99 return OC_STACK_INVALID_PARAM;
102 return PMDeviceDiscovery(timeout, true, ppList);
106 * API to register for particular OxM.
108 * @param[in] Ownership transfer method.
109 * @param[in] Implementation of callback functions for owership transfer.
110 * @return OC_STACK_OK in case of success and other value otherwise.
112 OCStackResult OCSetOwnerTransferCallbackData(OicSecOxm_t oxm, OTMCallbackData_t* callbackData)
114 if(NULL == callbackData)
116 return OC_STACK_INVALID_PARAM;
119 return OTMSetOwnershipTransferCallbackData(oxm, callbackData);
122 OCStackResult OCDoOwnershipTransfer(void* ctx,
123 OCProvisionDev_t *targetDevices,
124 OCProvisionResultCB resultCallback)
126 if( NULL == targetDevices )
128 return OC_STACK_INVALID_PARAM;
131 return OTMDoOwnershipTransfer(ctx, targetDevices, resultCallback);
135 * This function deletes memory allocated to linked list created by OCDiscover_XXX_Devices API.
137 * @param[in] pList Pointer to OCProvisionDev_t which should be deleted.
139 void OCDeleteDiscoveredDevices(OCProvisionDev_t *pList)
141 PMDeleteDeviceList(pList);
145 * this function sends ACL information to resource.
147 * @param[in] ctx Application context would be returned in result callback.
148 * @param[in] selectedDeviceInfo Selected target device.
149 * @param[in] acl ACL to provision.
150 * @param[in] resultCallback callback provided by API user, callback will be called when provisioning
151 request recieves a response from resource server.
152 * @return OC_STACK_OK in case of success and other value otherwise.
154 OCStackResult OCProvisionACL(void* ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecAcl_t *acl,
155 OCProvisionResultCB resultCallback)
157 return SRPProvisionACL(ctx, selectedDeviceInfo, acl, resultCallback);
161 * function to provision credential to devices.
163 * @param[in] ctx Application context would be returned in result callback.
164 * @param[in] type Type of credentials to be provisioned to the device.
165 * @param[in] pDev1 Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned.
166 @param[in] pDev2 Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned.
167 * @param[in] resultCallback callback provided by API user, callback will be called when
168 * provisioning request recieves a response from first resource server.
169 * @return OC_STACK_OK in case of success and other value otherwise.
171 OCStackResult OCProvisionCredentials(void *ctx, OicSecCredType_t type, size_t keySize,
172 const OCProvisionDev_t *pDev1,
173 const OCProvisionDev_t *pDev2,
174 OCProvisionResultCB resultCallback)
176 return SRPProvisionCredentials(ctx, type, keySize,
177 pDev1, pDev2, resultCallback);
182 * Function to unlink devices.
183 * This function will remove the credential & relationship between the two devices.
185 * @param[in] ctx Application context would be returned in result callback
186 * @param[in] pTargetDev1 first device information to be unlinked.
187 * @param[in] pTargetDev2 second device information to be unlinked.
188 * @param[in] resultCallback callback provided by API user, callback will be called when
189 * device unlink is finished.
190 * @return OC_STACK_OK in case of success and other value otherwise.
192 OCStackResult OCUnlinkDevices(void* ctx,
193 const OCProvisionDev_t* pTargetDev1,
194 const OCProvisionDev_t* pTargetDev2,
195 OCProvisionResultCB resultCallback)
197 OIC_LOG(INFO, TAG, "IN OCUnlinkDevices");
198 OCUuidList_t* idList = NULL;
201 if (!pTargetDev1 || !pTargetDev2 || !resultCallback)
203 OIC_LOG(ERROR, TAG, "OCUnlinkDevices : NULL parameters");
204 return OC_STACK_INVALID_PARAM;
207 // Get linked devices with the first device.
208 OCStackResult res = PDMGetLinkedDevices(&(pTargetDev1->doxm->deviceID), &idList, &numOfDev);
209 if (OC_STACK_OK != res)
211 OIC_LOG(ERROR, TAG, "OCUnlinkDevices : PDMgetOwnedDevices failed");
216 OIC_LOG(DEBUG, TAG, "OCUnlinkDevices : Can not find linked devices");
217 res = OC_STACK_INVALID_PARAM; // Input devices are not linked, No request is made
221 // Check the linked devices contains the second device. If yes send credential DELETE request.
222 OCUuidList_t* curDev = idList;
223 while (NULL != curDev)
225 if (memcmp(pTargetDev2->doxm->deviceID.id, curDev->dev.id, sizeof(curDev->dev.id)) == 0)
227 res = SRPUnlinkDevices(ctx, pTargetDev1, pTargetDev2, resultCallback);
228 if (OC_STACK_OK != res)
230 OIC_LOG(ERROR, TAG, "OCUnlinkDevices : Failed to unlink devices.");
234 curDev = curDev->next;
236 OIC_LOG(DEBUG, TAG, "No matched pair found from provisioning database");
237 res = OC_STACK_INVALID_PARAM; // Input devices are not linked, No request is made
240 OIC_LOG(INFO, TAG, "OUT OCUnlinkDevices");
242 PDMDestoryOicUuidLinkList(idList);
247 * Function to device revocation
248 * This function will remove credential of target device from all devices in subnet.
250 * @param[in] ctx Application context would be returned in result callback
251 * @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds)
252 * @param[in] pTargetDev Device information to be revoked.
253 * @param[in] resultCallback callback provided by API user, callback will be called when
254 * credential revocation is finished.
255 * @return OC_STACK_OK in case of success and other value otherwise.
257 OCStackResult OCRemoveDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery,
258 const OCProvisionDev_t* pTargetDev,
259 OCProvisionResultCB resultCallback)
261 OIC_LOG(INFO, TAG, "IN OCRemoveDevice");
262 OCStackResult res = OC_STACK_ERROR;
263 if (!pTargetDev || !resultCallback || 0 == waitTimeForOwnedDeviceDiscovery)
265 OIC_LOG(INFO, TAG, "OCRemoveDevice : Invalied parameters");
266 return OC_STACK_INVALID_PARAM;
269 // Send DELETE requests to linked devices
270 OCStackResult resReq = OC_STACK_ERROR; // Check that we have to wait callback or not.
271 resReq = SRPRemoveDevice(ctx, waitTimeForOwnedDeviceDiscovery, pTargetDev, resultCallback);
272 if (OC_STACK_OK != resReq)
274 if (OC_STACK_CONTINUE == resReq)
276 OIC_LOG(DEBUG, TAG, "OCRemoveDevice : Revoked device has no linked device except PT.");
280 OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to invoke SRPRemoveDevice");
286 // Remove credential of revoked device from SVR database
287 const OicSecCred_t *cred = NULL;
288 cred = GetCredResourceData(&pTargetDev->doxm->deviceID);
291 OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to get credential of remove device.");
295 res = RemoveCredential(&cred->subject);
296 if (res != OC_STACK_RESOURCE_DELETED)
298 OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to remove credential.");
303 * Change the device status as stale status.
304 * If all request are successed, this device information will be deleted.
306 res = PDMSetDeviceStale(&pTargetDev->doxm->deviceID);
307 if (res != OC_STACK_OK)
309 OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to set device status as stale");
313 // TODO: We need to add new mechanism to clean up the stale state of the device.
317 //Close the DTLS session of the removed device.
318 CAEndpoint_t* endpoint = (CAEndpoint_t *)&pTargetDev->endpoint;
319 endpoint->port = pTargetDev->securePort;
320 CAResult_t caResult = CACloseDtlsSession(endpoint);
321 if(CA_STATUS_OK != caResult)
323 OIC_LOG_V(WARNING, TAG, "OCRemoveDevice : Failed to close DTLS session : %d", caResult);
327 * If there is no linked device, PM does not send any request.
328 * So we should directly invoke the result callback to inform the result of OCRemoveDevice.
330 if(OC_STACK_CONTINUE == res)
334 resultCallback(ctx, 0, NULL, false);
340 OIC_LOG(INFO, TAG, "OUT OCRemoveDevice");
346 * Internal Function to update result in link result array.
348 static void UpdateLinkResults(Linkdata_t *link, int device, OCStackResult stackresult)
351 OIC_LOG_V(INFO,TAG,"value of link->currentCountResults is %d",link->currentCountResults);
354 memcpy(link->resArr[(link->currentCountResults)].deviceId.id, link->pDev1->doxm->deviceID.id,UUID_LENGTH);
358 memcpy(link->resArr[(link->currentCountResults)].deviceId.id, link->pDev2->doxm->deviceID.id,UUID_LENGTH);
360 link->resArr[(link->currentCountResults)].res = stackresult;
361 ++(link->currentCountResults);
366 * Callback to handle ACL provisioning for device 2.
368 static void AclProv2CB(void* ctx, int nOfRes, OCProvisionResult_t *arr, bool hasError)
373 OIC_LOG(ERROR,TAG,"Context is Null in ACLProv 2");
377 Linkdata_t *link = (Linkdata_t*)ctx;
378 OCProvisionResultCB resultCallback = link->resultCallback;
383 UpdateLinkResults(link, 2,arr[0].res);
384 OIC_LOG(ERROR,TAG,"Error occured while ACL provisioning device 1");
385 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
388 OICFree(link->resArr);
392 UpdateLinkResults(link, 2, arr[0].res);
393 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
396 OICFree(link->resArr);
402 * Callback to handle ACL provisioning for device 1
404 static void AclProv1CB(void* ctx, int nOfRes, OCProvisionResult_t *arr, bool hasError)
409 OIC_LOG(ERROR,TAG,"Context is Null in ACLProv1");
413 Linkdata_t *link = (Linkdata_t*)ctx;
414 OCProvisionResultCB resultCallback = link->resultCallback;
418 OIC_LOG(ERROR,TAG,"Error occured while ACL provisioning device 1");
419 UpdateLinkResults(link, 1, arr[0].res);
420 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
423 OICFree(link->resArr);
427 UpdateLinkResults(link, 1, arr[0].res);
428 if (NULL != link->pDev2Acl)
430 OCStackResult res = SRPProvisionACL(ctx, link->pDev2, link->pDev2Acl, &AclProv2CB);
431 if (OC_STACK_OK!=res)
433 UpdateLinkResults(link, 2, res);
434 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
442 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
445 OICFree(link->resArr);
453 * Callback to handle credential provisioning.
455 static void ProvisionCredsCB(void* ctx, int nOfRes, OCProvisionResult_t *arr, bool hasError)
459 OIC_LOG(ERROR,TAG,"Error occured while credential provisioning");
462 Linkdata_t *link = (Linkdata_t*)ctx;
463 OCProvisionResultCB resultCallback = link->resultCallback;
464 OIC_LOG_V(INFO, TAG, "has error returned %d",hasError);
465 UpdateLinkResults(link, 1, arr[0].res);
466 UpdateLinkResults(link, 2, arr[1].res);
469 OIC_LOG(ERROR,TAG,"Error occured while credential provisioning");
470 ((OCProvisionResultCB)(resultCallback))(link->ctx, nOfRes,
473 OICFree(link->resArr);
477 if (NULL != link->pDev1Acl)
480 OCStackResult res = SRPProvisionACL(ctx, link->pDev1, link->pDev1Acl, &AclProv1CB);
481 if (OC_STACK_OK!=res)
483 OIC_LOG(ERROR, TAG, "Error while provisioning ACL for device 1");
484 UpdateLinkResults(link, 1, res);
485 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
488 OICFree(link->resArr);
492 else if (NULL!=link->pDev2Acl)
494 OIC_LOG(ERROR, TAG, "ACL for device 1 is NULL");
495 OCStackResult res = SRPProvisionACL(ctx, link->pDev2, link->pDev2Acl, &AclProv2CB);
496 if (OC_STACK_OK!=res)
498 OIC_LOG(ERROR, TAG, "Error while provisioning ACL for device 2");
499 UpdateLinkResults(link, 2, res);
500 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
503 OICFree(link->resArr);
509 OIC_LOG(INFO, TAG, "ACLs of both devices are NULL");
510 ((OCProvisionResultCB)(resultCallback))(link->ctx, link->currentCountResults,
513 OICFree(link->resArr);
519 * function to provision credentials between two devices and ACLs for the devices who act as a server.
521 * @param[in] ctx Application context would be returned in result callback.
522 * @param[in] type Type of credentials to be provisioned to the device.
523 * @param[in] pDev1 Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned.
524 * @param[in] acl ACL for device 1. If this is not required set NULL.
525 * @param[in] pDev2 Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned.
526 * @param[in] acl ACL for device 2. If this is not required set NULL.
527 * @param[in] resultCallback callback provided by API user, callback will be called when
528 * provisioning request recieves a response from first resource server.
529 * @return OC_STACK_OK in case of success and other value otherwise.
531 OCStackResult OCProvisionPairwiseDevices(void* ctx, OicSecCredType_t type, size_t keySize,
532 const OCProvisionDev_t *pDev1, OicSecAcl_t *pDev1Acl,
533 const OCProvisionDev_t *pDev2, OicSecAcl_t *pDev2Acl,
534 OCProvisionResultCB resultCallback)
537 if (!pDev1 || !pDev2 || !resultCallback)
539 OIC_LOG(ERROR, TAG, "OCProvisionPairwiseDevices : Invalid parameters");
540 return OC_STACK_INVALID_PARAM;
542 if (!(keySize == OWNER_PSK_LENGTH_128 || keySize == OWNER_PSK_LENGTH_256))
544 OIC_LOG(INFO, TAG, "OCProvisionPairwiseDevices : Invalid key size");
545 return OC_STACK_INVALID_PARAM;
548 OIC_LOG(DEBUG, TAG, "Checking link in DB");
549 bool linkExists = true;
550 OCStackResult res = PDMIsLinkExists(&pDev1->doxm->deviceID, &pDev2->doxm->deviceID, &linkExists);
551 if(res != OC_STACK_OK)
553 OIC_LOG(ERROR, TAG, "Internal Error Occured");
558 OIC_LOG(ERROR, TAG, "Link already exists");
559 return OC_STACK_INVALID_PARAM;
562 int noOfResults = 2; // Initial Value
563 if (NULL != pDev1Acl)
567 if (NULL != pDev2Acl)
571 Linkdata_t *link = (Linkdata_t*) OICMalloc(sizeof(Linkdata_t));
574 OIC_LOG(ERROR, TAG, "Failed to memory allocation");
575 return OC_STACK_NO_MEMORY;
577 OIC_LOG_V(INFO,TAG, "Maximum no od results %d",noOfResults);
580 link->pDev1Acl = pDev1Acl;
582 link->pDev2Acl = pDev2Acl;
584 // 1 call for each device for credential provisioning. implict call by SRPProvisioning credential
585 // 1 call for ACL provisioning for device 1 and 1 call for ACL provisioning for device 2.
586 link->numOfResults = noOfResults;
587 link->resultCallback = resultCallback;
588 link->currentCountResults = 0;
589 link->resArr = (OCProvisionResult_t*) OICMalloc(sizeof(OCProvisionResult_t)*noOfResults);
590 res = SRPProvisionCredentials(link, type, keySize,
591 pDev1, pDev2, &ProvisionCredsCB);
592 if (res != OC_STACK_OK)
594 OICFree(link->resArr);
601 OCStackResult OCGetDevInfoFromNetwork(unsigned short waittime,
602 OCProvisionDev_t** pOwnedDevList,
603 OCProvisionDev_t** pUnownedDevList)
605 //TODO will be replaced by more efficient logic
606 if (pOwnedDevList == NULL || *pOwnedDevList != NULL || pUnownedDevList == NULL
607 || *pUnownedDevList != NULL)
609 return OC_STACK_INVALID_PARAM;
612 // Code for unowned discovery
613 OCProvisionDev_t *unownedDevice = NULL;
614 OCStackResult res = OCDiscoverUnownedDevices(waittime/2, &unownedDevice);
615 if (OC_STACK_OK != res)
617 OIC_LOG(ERROR,TAG, "Error in unowned discovery");
621 // Code for owned discovery
622 OCProvisionDev_t *ownedDevice = NULL;
623 res = OCDiscoverOwnedDevices(waittime/2, &ownedDevice);
624 if (OC_STACK_OK != res)
626 OIC_LOG(ERROR,TAG, "Error in owned discovery");
627 PMDeleteDeviceList(unownedDevice);
631 // Code to get list of all the owned devices.
632 OCUuidList_t *uuidList = NULL;
633 size_t numOfDevices = 0;
634 res = PDMGetOwnedDevices(&uuidList, &numOfDevices);
635 if (OC_STACK_OK != res)
637 OIC_LOG(ERROR, TAG, "Error while getting info from DB");
638 PMDeleteDeviceList(unownedDevice);
639 PMDeleteDeviceList(ownedDevice);
643 // Code to compare devices in owned list and deviceid from DB.
644 OCProvisionDev_t* pCurDev = ownedDevice;
645 size_t deleteCnt = 0;
648 if(true == PMDeleteFromUUIDList(uuidList, &pCurDev->doxm->deviceID))
652 pCurDev = pCurDev->next;
654 // If there is no remaind device in uuidList, we have to assign NULL to prevent free.
655 if (deleteCnt == numOfDevices)
659 // Code to add information of the devices which are currently off in owned list.
660 OCUuidList_t *powerOffDeviceList = uuidList;
661 while (powerOffDeviceList)
663 OCProvisionDev_t *ptr = (OCProvisionDev_t *)OICCalloc(1, sizeof (OCProvisionDev_t));
666 OIC_LOG(ERROR,TAG,"Fail to allocate memory");
667 PMDeleteDeviceList(unownedDevice);
668 PMDeleteDeviceList(ownedDevice);
669 OCDeleteUuidList(uuidList);
670 return OC_STACK_NO_MEMORY;
673 ptr->doxm = (OicSecDoxm_t*)OICCalloc(1, sizeof(OicSecDoxm_t));
674 if (NULL == ptr->doxm)
676 OIC_LOG(ERROR,TAG,"Fail to allocate memory");
677 PMDeleteDeviceList(unownedDevice);
678 PMDeleteDeviceList(ownedDevice);
679 OCDeleteUuidList(uuidList);
681 return OC_STACK_NO_MEMORY;
684 memcpy(ptr->doxm->deviceID.id, powerOffDeviceList->dev.id, sizeof(ptr->doxm->deviceID.id));
686 ptr->devStatus = DEV_STATUS_OFF;
687 LL_PREPEND(ownedDevice, ptr);
688 powerOffDeviceList = powerOffDeviceList->next;
691 OCDeleteUuidList(uuidList);
692 *pOwnedDevList = ownedDevice;
693 *pUnownedDevList = unownedDevice;
697 OCStackResult OCGetLinkedStatus(const OicUuid_t* uuidOfDevice, OCUuidList_t** uuidList,
698 size_t* numOfDevices)
700 return PDMGetLinkedDevices(uuidOfDevice, uuidList, numOfDevices);
703 void OCDeleteUuidList(OCUuidList_t* pList)
705 PDMDestoryOicUuidLinkList(pList);
709 * This function deletes ACL data.
711 * @param pAcl Pointer to OicSecAcl_t structure.
713 void OCDeleteACLList(OicSecAcl_t* pAcl)
721 * this function sends CRL information to resource.
723 * @param[in] ctx Application context would be returned in result callback.
724 * @param[in] selectedDeviceInfo Selected target device.
725 * @param[in] crl CRL to provision.
726 * @param[in] resultCallback callback provided by API user, callback will be called when provisioning
727 request recieves a response from resource server.
728 * @return OC_STACK_OK in case of success and other value otherwise.
730 OCStackResult OCProvisionCRL(void* ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecCrl_t *crl,
731 OCProvisionResultCB resultCallback)
733 return SRPProvisionCRL(ctx, selectedDeviceInfo, crl, resultCallback);
735 #endif // __WITH_X509__