1 /* *****************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 * *****************************************************************/
24 #include "securevirtualresourcetypes.h"
25 #include "doxmresource.h"
26 #include "credresource.h"
28 #include "cainterface.h"
30 #include "oic_malloc.h"
34 #include "oxmrandompin.h"
35 #include "ownershiptransfermanager.h"
36 #include "pinoxmcommon.h"
37 #include "oxmverifycommon.h"
39 #define TAG "OIC_OXM_RandomPIN"
41 typedef enum PinState{
44 PIN_INPUT_SUCCESS = 2,
48 static PinState_t gPinState = PIN_INPUT_READY;
50 OCStackResult CreatePinBasedSelectOxmPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
52 if(!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
54 return OC_STACK_INVALID_PARAM;
57 otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_RANDOM_DEVICE_PIN;
59 return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
62 OCStackResult CreatePinBasedOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
64 if(!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
66 return OC_STACK_INVALID_PARAM;
69 OicUuid_t uuidPT = {.id={0}};
73 if (OC_STACK_OK != GetDoxmDeviceID(&uuidPT))
75 OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
76 return OC_STACK_ERROR;
78 memcpy(otmCtx->selectedDeviceInfo->doxm->owner.id, uuidPT.id , UUID_LENGTH);
80 return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
83 OCStackResult InputPinCodeCallback(OTMContext_t *otmCtx)
85 if (!otmCtx || !otmCtx->selectedDeviceInfo)
87 return OC_STACK_INVALID_PARAM;
90 uint8_t pinData[OXM_RANDOM_PIN_MAX_SIZE + 1] = {0};
91 OCStackResult res = OC_STACK_ERROR;
93 if (PIN_INPUT_WAIT == gPinState)
95 OIC_LOG(ERROR, TAG, "Pin input callback invoked already");
97 SetResult(otmCtx, res);
98 return OC_STACK_NOT_ACCEPTABLE;
101 gPinState = PIN_INPUT_WAIT;
103 res = InputPin((char*)pinData, sizeof(pinData));
104 if (OC_STACK_OK != res)
106 OIC_LOG(ERROR, TAG, "Failed to input PIN");
107 gPinState = PIN_INPUT_FAIL;
108 SetResult(otmCtx, res);
111 gPinState = PIN_INPUT_SUCCESS;
114 * Since PSK will be used directly while PIN based ownership transfer,
115 * Credential should not be saved into SVR.
116 * For this reason, We will use a temporary get_psk_info callback to random PIN OxM.
119 if(!(otmCtx->selectedDeviceInfo->doxm->owned))
121 if(CA_STATUS_OK != CAregisterPskCredentialsHandler(GetDtlsPskForRandomPinOxm))
123 OIC_LOG(ERROR, TAG, "Failed to register DTLS credentials handler for random PIN OxM.");
124 res = OC_STACK_ERROR;
127 #ifdef MULTIPLE_OWNER
129 else if(otmCtx->selectedDeviceInfo->doxm->owned &&
130 otmCtx->selectedDeviceInfo->doxm->mom &&
131 OIC_MULTIPLE_OWNER_DISABLE != otmCtx->selectedDeviceInfo->doxm->mom->mode)
133 if(CA_STATUS_OK != CAregisterPskCredentialsHandler(GetDtlsPskForMotRandomPinOxm))
135 OIC_LOG(ERROR, TAG, "Failed to register TLS credentials handler for random PIN OxM.");
136 res = OC_STACK_ERROR;
139 #endif //MULTIPLE_OWNER
141 //Set the device id to derive temporal PSK
142 SetUuidForPinBasedOxm(&(otmCtx->selectedDeviceInfo->doxm->deviceID));
147 OCStackResult CreateSecureSessionRandomPinCallback(OTMContext_t* otmCtx)
149 OIC_LOG(INFO, TAG, "IN CreateSecureSessionRandomPinCallbak");
151 if (!otmCtx || !otmCtx->selectedDeviceInfo)
153 return OC_STACK_INVALID_PARAM;
156 CAResult_t caresult = CAEnableAnonECDHCipherSuite(false);
157 if (CA_STATUS_OK != caresult)
159 OIC_LOG_V(ERROR, TAG, "Unable to disable anon cipher suite");
160 return OC_STACK_ERROR;
162 OIC_LOG(INFO, TAG, "Anonymous cipher suite disabled.");
164 caresult = CASelectCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, otmCtx->selectedDeviceInfo->endpoint.adapter);
165 if (CA_STATUS_OK != caresult)
167 OIC_LOG_V(ERROR, TAG, "Failed to select TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256");
168 return OC_STACK_ERROR;
170 OIC_LOG(INFO, TAG, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 cipher suite selected.");
172 OCProvisionDev_t* selDevInfo = otmCtx->selectedDeviceInfo;
173 CAEndpoint_t endpoint;
174 memcpy(&endpoint, &selDevInfo->endpoint, sizeof(CAEndpoint_t));
176 if(CA_ADAPTER_IP == endpoint.adapter)
178 endpoint.port = selDevInfo->securePort;
179 caresult = CAInitiateHandshake(&endpoint);
181 else if (CA_ADAPTER_GATT_BTLE == endpoint.adapter)
183 caresult = CAInitiateHandshake(&endpoint);
188 endpoint.port = selDevInfo->tcpPort;
189 caresult = CAinitiateSslHandshake(&endpoint);
192 if (CA_STATUS_OK != caresult)
194 OIC_LOG_V(ERROR, TAG, "DTLS handshake failure.");
195 return OC_STACK_ERROR;
198 OIC_LOG(INFO, TAG, "OUT CreateSecureSessionRandomPinCallbak");