resource/csdk/security/provisioning/src/oxmrandompin.c

   1 /* *****************************************************************
   2  *
   3  * Copyright 2015 Samsung Electronics All Rights Reserved.
   4  *
   5  *
   6  *
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *     http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  *
  19  * *****************************************************************/
  20
  21 #include <memory.h>
  22
  23 #include "ocstack.h"
  24 #include "securevirtualresourcetypes.h"
  25 #include "doxmresource.h"
  26 #include "credresource.h"
  27 #include "cacommon.h"
  28 #include "cainterface.h"
  29 #include "ocrandom.h"
  30 #include "oic_malloc.h"
  31 #include "logger.h"
  32 #include "pbkdf2.h"
  33 #include "global.h"
  34 #include "base64.h"
  35 #include "oxmrandompin.h"
  36 #include "ownershiptransfermanager.h"
  37 #include "pinoxmcommon.h"
  38
  39 #define TAG "OXM_RandomPIN"
  40
  41 OCStackResult CreatePinBasedSelectOxmPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
  42 {
  43     if(!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
  44     {
  45         return OC_STACK_INVALID_PARAM;
  46     }
  47
  48     otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_RANDOM_DEVICE_PIN;
  49
  50     return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
  51 }
  52
  53 OCStackResult CreatePinBasedOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size)
  54 {
  55     if(!otmCtx || !otmCtx->selectedDeviceInfo || !payload || *payload || !size)
  56     {
  57         return OC_STACK_INVALID_PARAM;
  58     }
  59
  60     OicUuid_t uuidPT = {.id={0}};
  61     *payload = NULL;
  62     *size = 0;
  63
  64     if (OC_STACK_OK != GetDoxmDeviceID(&uuidPT))
  65     {
  66         OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
  67         return OC_STACK_ERROR;
  68     }
  69     memcpy(otmCtx->selectedDeviceInfo->doxm->owner.id, uuidPT.id , UUID_LENGTH);
  70
  71     return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true);
  72 }
  73
  74 OCStackResult InputPinCodeCallback(OTMContext_t *otmCtx)
  75 {
  76     if (!otmCtx || !otmCtx->selectedDeviceInfo)
  77     {
  78         return OC_STACK_INVALID_PARAM;
  79     }
  80
  81     uint8_t pinData[OXM_RANDOM_PIN_SIZE + 1];
  82
  83     OCStackResult res = InputPin((char*)pinData, OXM_RANDOM_PIN_SIZE + 1);
  84     if (OC_STACK_OK != res)
  85     {
  86         OIC_LOG(ERROR, TAG, "Failed to input PIN");
  87         return res;
  88     }
  89
  90     /**
  91      * Since PSK will be used directly while PIN based ownership transfer,
  92      * Credential should not be saved into SVR.
  93      * For this reason, We will use a temporary get_psk_info callback to random PIN OxM.
  94      */
  95 #ifdef __WITH_TLS__
  96     if(CA_STATUS_OK != CAregisterTlsCredentialsHandler(GetDtlsPskForRandomPinOxm))
  97     {
  98         OIC_LOG(ERROR, TAG, "Failed to register TLS credentials handler for random PIN OxM.");
  99         res = OC_STACK_ERROR;
 100     }
 101 #endif
 102     if(CA_STATUS_OK != CARegisterDTLSCredentialsHandler(GetDtlsPskForRandomPinOxm))
 103     {
 104         OIC_LOG(ERROR, TAG, "Failed to register DTLS credentials handler for random PIN OxM.");
 105         res = OC_STACK_ERROR;
 106     }
 107
 108     //Set the device id to derive temporal PSK
 109     SetUuidForRandomPinOxm(&(otmCtx->selectedDeviceInfo->doxm->deviceID));
 110
 111     return res;
 112 }
 113
 114 OCStackResult CreateSecureSessionRandomPinCallback(OTMContext_t* otmCtx)
 115 {
 116     OIC_LOG(INFO, TAG, "IN CreateSecureSessionRandomPinCallbak");
 117
 118     if (!otmCtx || !otmCtx->selectedDeviceInfo)
 119     {
 120         return OC_STACK_INVALID_PARAM;
 121     }
 122
 123     CAResult_t caresult = CAEnableAnonECDHCipherSuite(false);
 124     if (CA_STATUS_OK != caresult)
 125     {
 126         OIC_LOG_V(ERROR, TAG, "Unable to disable anon cipher suite");
 127         return OC_STACK_ERROR;
 128     }
 129     OIC_LOG(INFO, TAG, "Anonymous cipher suite disabled.");
 130
 131     caresult  = CASelectCipherSuite(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256, otmCtx->selectedDeviceInfo->endpoint.adapter);
 132     if (CA_STATUS_OK != caresult)
 133     {
 134         OIC_LOG_V(ERROR, TAG, "Failed to select TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256");
 135         return OC_STACK_ERROR;
 136     }
 137     OIC_LOG(INFO, TAG, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256 cipher suite selected.");
 138
 139     OCProvisionDev_t* selDevInfo = otmCtx->selectedDeviceInfo;
 140     CAEndpoint_t endpoint;
 141     memcpy(&endpoint, &selDevInfo->endpoint, sizeof(CAEndpoint_t));
 142
 143     if(CA_ADAPTER_IP == endpoint.adapter)
 144     {
 145         endpoint.port = selDevInfo->securePort;
 146         caresult = CAInitiateHandshake(&endpoint);
 147     }
 148 #ifdef __WITH_TLS__
 149     else
 150     {
 151         endpoint.port = selDevInfo->tcpPort;
 152         caresult = CAinitiateTlsHandshake(&endpoint);
 153     }
 154 #endif
 155     if (CA_STATUS_OK != caresult)
 156     {
 157         OIC_LOG_V(ERROR, TAG, "DTLS handshake failure.");
 158         return OC_STACK_ERROR;
 159     }
 160
 161     OIC_LOG(INFO, TAG, "OUT CreateSecureSessionRandomPinCallbak");
 162
 163     return OC_STACK_OK;
 164 }