1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
23 #include "cainterface.h"
24 #include "secureresourcemanager.h"
25 #include "resourcemanager.h"
26 #include "credresource.h"
27 #include "policyengine.h"
30 #define TAG PCF("SRM")
32 //Request Callback handler
33 static CARequestCallback gRequestHandler = NULL;
34 //Response Callback handler
35 static CAResponseCallback gResponseHandler = NULL;
36 //Error Callback handler
37 static CAErrorCallback gErrorHandler = NULL;
38 //Persistent Storage callback handler for open/read/write/close/unlink
39 static OCPersistentStorage *gPersistentStorageHandler = NULL;
42 * A single global Policy Engine context will suffice as long
43 * as SRM is single-threaded.
45 PEContext_t g_policyEngineContext;
48 * @brief Handle the request from the SRM.
49 * @param endPoint [IN] Endpoint object from which the response is received.
50 * @param requestInfo [IN] Information for the request.
53 void SRMRequestHandler(const CARemoteEndpoint_t *endPoint, const CARequestInfo_t *requestInfo)
55 OC_LOG(INFO, TAG, PCF("Received request from remote device"));
57 if (!endPoint || !requestInfo)
59 OC_LOG(ERROR, TAG, PCF("Invalid arguments"));
64 OicUuid_t subjectId = {};
65 memcpy(subjectId.id, endPoint->identity.id, sizeof(subjectId.id));
67 //Check the URI has the query and skip it before checking the permission
68 char *uri = strstr(endPoint->resourceUri, "?");
72 position = uri - endPoint->resourceUri;
74 if (position > MAX_URI_LENGTH)
76 OC_LOG(ERROR, TAG, PCF("URI length is too long"));
79 SRMAccessResponse_t response = ACCESS_DENIED;
82 char newUri[MAX_URI_LENGTH + 1];
83 strncpy(newUri, endPoint->resourceUri, (position));
84 newUri[position] = '\0';
85 //Skip query and pass the newUri.
86 response = CheckPermission(&g_policyEngineContext, &subjectId, newUri,
87 GetPermissionFromCAMethod_t(requestInfo->method));
92 //Pass endPoint->resourceUri if there is no query info.
93 response = CheckPermission(&g_policyEngineContext, &subjectId, endPoint->resourceUri,
94 GetPermissionFromCAMethod_t(requestInfo->method));
96 if (IsAccessGranted(response) && gRequestHandler)
98 return (gRequestHandler(endPoint, requestInfo));
101 // Form a 'access deny' or 'Error' response and send to peer
102 CAResponseInfo_t responseInfo = {};
103 memcpy(&responseInfo.info, &(requestInfo->info), sizeof(responseInfo.info));
104 responseInfo.info.payload = NULL;
105 if (!gRequestHandler)
107 responseInfo.result = CA_INTERNAL_SERVER_ERROR;
112 * TODO Enhance this logic more to decide between
113 * CA_UNAUTHORIZED_REQ or CA_FORBIDDEN_REQ depending
114 * upon SRMAccessResponseReasonCode_t
116 responseInfo.result = CA_UNAUTHORIZED_REQ;
119 if (CA_STATUS_OK != CASendResponse(endPoint, &responseInfo))
121 OC_LOG(ERROR, TAG, PCF("Failed in sending response to a unauthorized request!"));
126 * @brief Handle the response from the SRM.
127 * @param endPoint [IN] The remote endpoint.
128 * @param responseInfo [IN] Response information from the endpoint.
131 void SRMResponseHandler(const CARemoteEndpoint_t *endPoint, const CAResponseInfo_t *responseInfo)
133 OC_LOG(INFO, TAG, PCF("Received response from remote device"));
134 if (gResponseHandler)
136 gResponseHandler(endPoint, responseInfo);
142 * @brief Handle the error from the SRM.
143 * @param endPoint [IN] The remote endpoint.
144 * @param errorInfo [IN] Error information from the endpoint.
147 void SRMErrorHandler(const CARemoteEndpoint_t *endPoint, const CAErrorInfo_t *errorInfo)
149 OC_LOG(INFO, TAG, PCF("Received error from remote device"));
152 gErrorHandler(endPoint, errorInfo);
158 * @brief Register request and response callbacks.
159 * Requests and responses are delivered in these callbacks.
160 * @param reqHandler [IN] Request handler callback ( for GET,PUT ..etc)
161 * @param respHandler [IN] Response handler callback.
163 * OC_STACK_OK - No errors; Success
164 * OC_STACK_INVALID_PARAM - invalid parameter
166 OCStackResult SRMRegisterHandler(CARequestCallback reqHandler,
167 CAResponseCallback respHandler,
168 CAErrorCallback errHandler)
170 OC_LOG(INFO, TAG, PCF("SRMRegisterHandler !!"));
171 if( !reqHandler || !respHandler || !errHandler)
173 OC_LOG(ERROR, TAG, PCF("Callback handlers are invalid"));
174 return OC_STACK_INVALID_PARAM;
176 gRequestHandler = reqHandler;
177 gResponseHandler = respHandler;
178 gErrorHandler = errHandler;
181 #if defined(__WITH_DTLS__)
182 CARegisterHandler(SRMRequestHandler, SRMResponseHandler, SRMErrorHandler);
184 CARegisterHandler(reqHandler, respHandler, errHandler);
185 #endif /* __WITH_DTLS__ */
190 * @brief Register Persistent storage callback.
191 * @param persistentStorageHandler [IN] Pointers to open, read, write, close & unlink handlers.
193 * OC_STACK_OK - No errors; Success
194 * OC_STACK_INVALID_PARAM - Invalid parameter
196 OCStackResult SRMRegisterPersistentStorageHandler(OCPersistentStorage* persistentStorageHandler)
198 OC_LOG(INFO, TAG, PCF("SRMRegisterPersistentStorageHandler !!"));
199 if(!persistentStorageHandler)
201 OC_LOG(ERROR, TAG, PCF("The persistent storage handler is invalid"));
202 return OC_STACK_INVALID_PARAM;
204 gPersistentStorageHandler = persistentStorageHandler;
209 * @brief Get Persistent storage handler pointer.
211 * The pointer to Persistent Storage callback handler
214 OCPersistentStorage* SRMGetPersistentStorageHandler()
216 OC_LOG(INFO, TAG, PCF("SRMGetPersistentStorageHandler !!"));
217 return gPersistentStorageHandler;
222 * @brief Initialize all secure resources ( /oic/sec/cred, /oic/sec/acl, /oic/sec/pstat etc).
223 * @retval OC_STACK_OK for Success, otherwise some error value
225 OCStackResult SRMInitSecureResources()
227 // TODO: temporarily returning OC_STACK_OK every time until default
228 // behavior (for when SVR DB is missing) is settled.
229 InitSecureResources();
231 #if defined(__WITH_DTLS__)
232 CARegisterDTLSCredentialsHandler(GetDtlsPskCredentials);
233 #endif // (__WITH_DTLS__)
239 * @brief Perform cleanup for secure resources ( /oic/sec/cred, /oic/sec/acl, /oic/sec/pstat etc).
242 void SRMDeInitSecureResources()
244 DestroySecureResources();
248 * @brief Initialize Policy Engine.
249 * @return OC_STACK_OK for Success, otherwise some error value.
251 OCStackResult SRMInitPolicyEngine()
253 return InitPolicyEngine(&g_policyEngineContext);
257 * @brief Cleanup Policy Engine.
260 void SRMDeInitPolicyEngine()
262 return DeInitPolicyEngine(&g_policyEngineContext);