1 /* *****************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * *****************************************************************/
24 #include "securevirtualresourcetypes.h"
25 #include "doxmresource.h"
26 #include "credresource.h"
28 #include "cainterface.h"
29 #include "casecurityinterface.h"
31 #include "oic_malloc.h"
35 #include "oxmmanufacturercert.h"
36 #include "ownershiptransfermanager.h"
37 #include "srmresourcestrings.h"
38 #include "pkix_interface.h"
39 #include "mbedtls/ssl_ciphersuites.h"
41 #define TAG "OXM_MCertificate"
43 OCStackResult CreateMCertificateBasedSelectOxmPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
45 if (!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
47 return OC_STACK_INVALID_PARAM;
50 otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_MANUFACTURER_CERTIFICATE;
52 return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
55 OCStackResult CreateConMCertificateBasedSelectOxmPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
57 if (!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
59 return OC_STACK_INVALID_PARAM;
62 otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_CON_MFG_CERT;
64 return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
67 OCStackResult CreateMCertificateBasedOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
69 if (!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
71 return OC_STACK_INVALID_PARAM;
74 OicUuid_t uuidPT = {.id={0}};
78 if (OC_STACK_OK != GetDoxmDeviceID(&uuidPT))
80 OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
81 return OC_STACK_ERROR;
83 memcpy(otmCtx->selectedDeviceInfo->doxm->owner.id, uuidPT.id , UUID_LENGTH);
85 return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
88 OCStackResult PrepareMCertificateCallback(OTMContext_t *otmCtx)
90 OIC_LOG(INFO, TAG, "IN PrepareMCertificateCallback");
92 if (!otmCtx || !otmCtx->selectedDeviceInfo)
94 return OC_STACK_INVALID_PARAM;
97 if (CA_STATUS_OK != CAregisterPkixInfoHandler(GetManufacturerPkixInfo))
99 OIC_LOG(ERROR, TAG, "Failed to register PkixInfohandler");
100 return OC_STACK_ERROR;
103 if (CA_STATUS_OK != CAregisterGetCredentialTypesHandler(InitManufacturerCipherSuiteList))
105 OIC_LOG(ERROR, TAG, "Failed to register CredentialTypesHandler");
106 return OC_STACK_ERROR;
109 OIC_LOG(INFO, TAG, "OUT PrepareMCertificateCallback");
114 OCStackResult CreateSecureSessionMCertificateCallback(OTMContext_t* otmCtx)
116 OIC_LOG(INFO, TAG, "IN CreateSecureSessionMCertificateCallback");
118 if (!otmCtx || !otmCtx->selectedDeviceInfo)
120 return OC_STACK_INVALID_PARAM;
123 CAResult_t caresult = CAEnableAnonECDHCipherSuite(false);
124 if (CA_STATUS_OK != caresult)
126 OIC_LOG_V(ERROR, TAG, "Failed to disable anon cipher suite");
127 return OC_STACK_ERROR;
129 OIC_LOG(INFO, TAG, "Anonymous cipher suite disabled.");
131 caresult = CASelectCipherSuite(MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8,
132 otmCtx->selectedDeviceInfo->endpoint.adapter);
133 if (CA_STATUS_OK != caresult)
135 OIC_LOG_V(ERROR, TAG, "Failed to select MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8");
136 return OC_STACK_ERROR;
138 OIC_LOG(INFO, TAG, "MBEDTLS_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 cipher suite selected.");
140 OCProvisionDev_t* selDevInfo = otmCtx->selectedDeviceInfo;
141 CAEndpoint_t *endpoint = (CAEndpoint_t *)OICCalloc(1, sizeof (CAEndpoint_t));
142 if (NULL == endpoint)
144 return OC_STACK_NO_MEMORY;
146 memcpy(endpoint,&selDevInfo->endpoint,sizeof(CAEndpoint_t));
147 endpoint->port = selDevInfo->securePort;
148 caresult = CAInitiateHandshake(endpoint);
150 if (CA_STATUS_OK != caresult)
152 OIC_LOG_V(ERROR, TAG, "DTLS handshake failure.");
153 return OC_STACK_ERROR;
156 OIC_LOG(INFO, TAG, "OUT CreateSecureSessionMCertificateCallback");