resource/csdk/security/provisioning/src/oxmrandompin.c

   1 /* *****************************************************************
   2  *
   3  * Copyright 2015 Samsung Electronics All Rights Reserved.
   4  *
   5  *
   6  *
   7  * Licensed under the Apache License, Version 2.0 (the "License");
   8  * you may not use this file except in compliance with the License.
   9  * You may obtain a copy of the License at
  10  *
  11  *     http://www.apache.org/licenses/LICENSE-2.0
  12  *
  13  * Unless required by applicable law or agreed to in writing, software
  14  * distributed under the License is distributed on an "AS IS" BASIS,
  15  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  16  * See the License for the specific language governing permissions and
  17  * limitations under the License.
  18  *
  19  * *****************************************************************/
  20
  21 #include <memory.h>
  22
  23 #include "ocstack.h"
  24 #include "securevirtualresourcetypes.h"
  25 #include "doxmresource.h"
  26 #include "credresource.h"
  27 #include "cacommon.h"
  28 #include "cainterface.h"
  29 #include "ocrandom.h"
  30 #include "oic_malloc.h"
  31 #include "logger.h"
  32 #include "pbkdf2.h"
  33 #include "global.h"
  34 #include "base64.h"
  35 #include "oxmrandompin.h"
  36 #include "ownershiptransfermanager.h"
  37 #include "pinoxmcommon.h"
  38
  39 #define TAG "OXM_RandomPIN"
  40
  41 char* CreatePinBasedSelectOxmPayload(OTMContext_t* otmCtx)
  42 {
  43     if(!otmCtx || !otmCtx->selectedDeviceInfo)
  44     {
  45         return NULL;
  46     }
  47
  48     otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_RANDOM_DEVICE_PIN;
  49
  50     return BinToDoxmJSON(otmCtx->selectedDeviceInfo->doxm);
  51 }
  52
  53 char* CreatePinBasedOwnerTransferPayload(OTMContext_t* otmCtx)
  54 {
  55     if(!otmCtx || !otmCtx->selectedDeviceInfo)
  56     {
  57         return NULL;
  58     }
  59
  60     OicUuid_t uuidPT = {.id={0}};
  61
  62     if (OC_STACK_OK != GetDoxmDeviceID(&uuidPT))
  63     {
  64         OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
  65         return NULL;
  66     }
  67     memcpy(otmCtx->selectedDeviceInfo->doxm->owner.id, uuidPT.id , UUID_LENGTH);
  68
  69     return BinToDoxmJSON(otmCtx->selectedDeviceInfo->doxm);
  70 }
  71
  72 OCStackResult InputPinCodeCallback(OTMContext_t* otmCtx)
  73 {
  74     if(!otmCtx || !otmCtx->selectedDeviceInfo)
  75     {
  76         return OC_STACK_INVALID_PARAM;
  77     }
  78
  79     uint8_t pinData[OXM_RANDOM_PIN_SIZE + 1];
  80
  81     OCStackResult res = InputPin((char*)pinData, OXM_RANDOM_PIN_SIZE + 1);
  82     if(OC_STACK_OK != res)
  83     {
  84         OIC_LOG(ERROR, TAG, "Failed to input PIN");
  85         return res;
  86     }
  87
  88     /**
  89      * Since PSK will be used directly while PIN based ownership transfer,
  90      * Credential should not be saved into SVR.
  91      * For this reason, We will use a temporary get_psk_info callback to random PIN OxM.
  92      */
  93     if(CA_STATUS_OK != CARegisterDTLSCredentialsHandler(GetDtlsPskForRandomPinOxm))
  94     {
  95         OIC_LOG(ERROR, TAG, "Failed to register DTLS credentials handler for random PIN OxM.");
  96         res = OC_STACK_ERROR;
  97     }
  98
  99     //Set the device id to derive temporal PSK
 100     SetUuidForRandomPinOxm(&(otmCtx->selectedDeviceInfo->doxm->deviceID));
 101
 102     return res;
 103 }
 104
 105 OCStackResult CreateSecureSessionRandomPinCallbak(OTMContext_t* otmCtx)
 106 {
 107     OIC_LOG(INFO, TAG, "IN CreateSecureSessionRandomPinCallbak");
 108
 109     if(!otmCtx || !otmCtx->selectedDeviceInfo)
 110     {
 111         return OC_STACK_INVALID_PARAM;
 112     }
 113
 114     CAResult_t caresult = CAEnableAnonECDHCipherSuite(false);
 115     if (CA_STATUS_OK != caresult)
 116     {
 117         OIC_LOG_V(ERROR, TAG, "Unable to disable anon cipher suite");
 118         return OC_STACK_ERROR;
 119     }
 120     OIC_LOG(INFO, TAG, "Anonymous cipher suite disabled.");
 121
 122     caresult  = CASelectCipherSuite(TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256);
 123     if (CA_STATUS_OK != caresult)
 124     {
 125         OIC_LOG_V(ERROR, TAG, "Failed to select TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256");
 126         return OC_STACK_ERROR;
 127     }
 128     OIC_LOG(INFO, TAG, "TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256 cipher suite selected.");
 129
 130
 131     OCProvisionDev_t* selDevInfo = otmCtx->selectedDeviceInfo;
 132     CAEndpoint_t *endpoint = (CAEndpoint_t *)OICCalloc(1, sizeof (CAEndpoint_t));
 133     if(NULL == endpoint)
 134     {
 135         return OC_STACK_NO_MEMORY;
 136     }
 137     memcpy(endpoint,&selDevInfo->endpoint,sizeof(CAEndpoint_t));
 138     endpoint->port = selDevInfo->securePort;
 139     caresult = CAInitiateHandshake(endpoint);
 140     OICFree(endpoint);
 141     if (CA_STATUS_OK != caresult)
 142     {
 143         OIC_LOG_V(ERROR, TAG, "DTLS handshake failure.");
 144         return OC_STACK_ERROR;
 145     }
 146
 147     OIC_LOG(INFO, TAG, "OUT CreateSecureSessionRandomPinCallbak");
 148
 149     return OC_STACK_OK;
 150 }
 151