1 //****************************************************************
3 // Copyright 2015 Samsung Electronics All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef OC_PROVISIONINGMANAGER_CXX_H_
22 #define OC_PROVISIONINGMANAGER_CXX_H_
26 #include "pinoxmcommon.h"
27 #include "ocprovisioningmanager.h"
29 #include "OCPlatform_impl.h"
33 class OCSecureResource;
35 typedef std::vector<std::shared_ptr<OCSecureResource>> DeviceList_t;
36 typedef std::vector<OicUuid_t> UuidList_t;
37 typedef std::vector<OCProvisionResult_t> PMResultList_t;
38 typedef std::function<void(PMResultList_t *result, int hasError)> ResultCallBack;
40 struct ProvisionContext
42 ResultCallBack callback;
43 ProvisionContext(ResultCallBack cb) : callback(cb){}
47 * This class is for credential's to be set to devices.
48 * The types supported are
50 * 1: symmetric pair-wise key
51 * 2: symmetric group key
53 * 8: signed asymmetric key (aka certificate)
58 OicSecCredType_t type;
61 Credential() = default;
62 Credential(OicSecCredType_t type, size_t size) : type(type), keySize(size)
66 * API to get credential type of device.
67 * @return credential type of device.
69 OicSecCredType_t getCredentialType() const
75 * API to get size of credential key type.
76 * @return size of credential key type.
78 size_t getCredentialKeySize() const
84 * API to set credential type of device.
85 * Device can have following credential types
86 * - symmetric pair-wise key
87 * - symmetric group key
89 * - signed asymmetric key (aka certificate)
91 * @param type credential type.
93 void setCredentialType(OicSecCredType_t type)
99 * API to set size of credential key type.
100 * @param keySize credential key size.
101 * @note can be either 128 or 256 for symmetric pair-wise key
103 void setCredentialKeySize(size_t keySize)
105 this->keySize = keySize;
113 * The API is responsible for initialization of the provisioning manager. It will load
114 * provisioning database which have owned device's list and their linked status.
116 * @param dbPath file path of the sqlite3 database.
118 * @return ::OC_STACK_OK in case of success and other value otherwise.
120 static OCStackResult provisionInit(const std::string& dbPath);
123 * API is responsible for discovery of devices in it's subnet. It will list
124 * all the device in subnet which are not yet owned.
126 * @param timeout Timeout in seconds, time until which function will listen to
127 * responses from server before returning the list of devices.
128 * @param list List of candidate devices to be provisioned.
129 * @return ::OC_STACK_OK in case of success and other value otherwise.
131 static OCStackResult discoverUnownedDevices(unsigned short timeout,
135 * API is responsible for discovery of devices in it's subnet. It will list
136 * all the device in subnet which are already owned by calling provisioning client.
138 * @param timeout Timeout in seconds, time until which function will listen to
139 * responses from server before returning the list of devices.
140 * @param list List of owned devices.
141 * @return ::OC_STACK_OK in case of success and other value otherwise.
143 static OCStackResult discoverOwnedDevices(unsigned short timeout,
147 * API is responsible for discovery of devices in specified endpoint/deviceID.
148 * And this function will only return the specified device's response.
150 * @param timeout Timeout in seconds, time until which function will listen to
151 * responses from server before returning the specified device.
152 * @param deviceID deviceID of target device
153 * @param foundDevice OCSecureResource object of found device.
154 * @return ::OC_STACK_OK in case of success and other value otherwise.\n
155 * ::OC_STACK_INVALID_PARAM when deviceID is NULL or ppFoundDevice is not
158 static OCStackResult discoverSingleDevice(unsigned short timeout,
159 const OicUuid_t* deviceID,
160 std::shared_ptr<OCSecureResource> &foundDevice);
163 * API for registering Ownership transfer methods for a particular transfer Type.
165 * @param oxm Ownership transfer method.
166 * @param callbackData CallbackData Methods for ownership transfer.
167 * @param inputPin Callback method to input pin for verification.
168 * @return ::OC_STACK_OK in case of success and other value otherwise.
170 static OCStackResult setOwnerTransferCallbackData(OicSecOxm_t oxm,
171 OTMCallbackData_t* callbackData, InputPinCallback inputPin);
174 * API to get status of all the devices in current subnet. The status include endpoint
175 * information and doxm information which can be extracted during owned and unowned
176 * discovery. Along with this information, API will provide information about
178 * Device can have following states
179 * - ON/OFF: Device is switched on or off.
181 * @param timeout Wait time for the API.
182 * @param ownedDevList List of owned devices.
183 * @param unownedDevList List of unowned devices.
184 * @return ::OC_STACK_OK in case of success and other value otherwise.
186 static OCStackResult getDevInfoFromNetwork(unsigned short timeout,
187 DeviceList_t &ownedDevList,
188 DeviceList_t &unownedDevList);
190 * Server API to register callback to display stack generated PIN.
192 * @param displayPin Callback Method to Display generated PIN.
193 * @return ::OC_STACK_OK in case of success and other value otherwise.
195 static OCStackResult setDisplayPinCB(GeneratePinCallback displayPin);
198 * API to remove device credential and ACL from all devices in subnet.
200 * @param resultCallback Callback provided by API user, callback will be called when
201 * credential revocation is finished.
202 * @param uuid Device uuid to be revoked.
203 * @param waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device
204 * discovery in seconds.
205 * @return ::OC_STACK_OK in case of success and other value otherwise.
207 static OCStackResult removeDeviceWithUuid(unsigned short waitTimeForOwnedDeviceDiscovery,
209 ResultCallBack resultCallback);
212 * API to save ACL which has several ACE into Acl of SVR.
214 * @param acl ACL to be saved in Acl of SVR.
215 * @return OC_STACK_OK in case of success and other value otherwise.
217 static OCStackResult saveACL(const OicSecAcl_t* acl);
219 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
221 * API to save Trust certificate chain into Cred of SVR.
223 * @param[in] trustCertChain Trust certificate chain to be saved in Cred of SVR.
224 * @param[in] chainSize Size of trust certificate chain to be saved in Cred of SVR
225 * @param[in] encodingType Encoding type of trust certificate chain to be saved in Cred of SVR
226 * @param[out] credId CredId of saved trust certificate chain in Cred of SVR.
227 * @return OC_STACK_OK in case of success and other value otherwise.
229 static OCStackResult saveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
230 OicEncodingType_t encodingType, uint16_t *credId);
231 #endif // __WITH_DTLS__ || __WITH_TLS__
236 * This class represents a secure virtual device, which can be provisioned by the
237 * provisioning client.
239 class OCSecureResource
242 std::weak_ptr<std::recursive_mutex> m_csdkLock;
243 OCProvisionDev_t *devPtr; // pointer to device.
247 OCSecureResource(std::weak_ptr<std::recursive_mutex> csdkLock, OCProvisionDev_t *dPtr);
252 * API to provision credentials between two devices and ACLs for the devices who
255 * @param cred Type of credentials & key size to be provisioned to the device.
256 * @param acl1 ACL for device 1. If this is not required set NULL.
257 * @param device2 Second device to be provisioned.
258 * @param acl2 ACL for device 2. If this is not required set NULL.
259 * @param resultCallback Callback will be called when provisioning request receives
260 * a response from first resource server.
261 * @return ::OC_STACK_OK in case of success and other value otherwise.
263 OCStackResult provisionPairwiseDevices(const Credential &cred, const OicSecAcl_t* acl1,
264 const OCSecureResource &device2, const OicSecAcl_t* acl2,
265 ResultCallBack resultCallback);
268 * API to do ownership transfer for un-owned device.
270 * @param resultCallback Result callback function to be invoked when
271 * ownership transfer finished.
272 * @return ::OC_STACK_OK in case of success and other value otherwise.
274 OCStackResult doOwnershipTransfer(ResultCallBack resultCallback);
277 * API to send ACL information to resource.
279 * @param acl ACL to provision.
280 * @param resultCallback Callback will be called when provisioning request
281 * receives a response from resource server.
282 * @return ::OC_STACK_OK in case of success and other value otherwise.
284 OCStackResult provisionACL(const OicSecAcl_t* acl,
285 ResultCallBack resultCallback);
288 * API to provision credential to devices.
290 * @param cred Type of credentials to be provisioned to the device.
291 * @param device2 Second device' instance, representing resource to be provisioned.
292 * @param resultCallback Callback will be called when provisioning request receives
293 * a response from first resource server.
294 * @return ::OC_STACK_OK in case of success and other value otherwise.
296 OCStackResult provisionCredentials(const Credential &cred,
297 const OCSecureResource &device2,
298 ResultCallBack resultCallback);
301 * API to remove the credential & relationship between the two devices.
303 * @param device2 Second device information to be unlinked.
304 * @param resultCallback Callback provided by API user, callback will be called when
305 * device unlink is finished.
306 * @return ::OC_STACK_OK in case of success and other value otherwise.
308 OCStackResult unlinkDevices(const OCSecureResource &device2,
309 ResultCallBack resultCallback);
312 * API to remove device credential from all devices in subnet.
314 * @param resultCallback Callback provided by API user, callback will be called when
315 * credential revocation is finished.
316 * @param waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device
317 * discovery in seconds.
318 * @return ::OC_STACK_OK in case of success and other value otherwise.
320 OCStackResult removeDevice(unsigned short waitTimeForOwnedDeviceDiscovery,
321 ResultCallBack resultCallback);
324 * API to provision DirectPairing to devices.
326 * @param pconf pointer to PCONF (Pairing Configuration).
327 * @param resultCallback Callback will be called when provisioning request receives
328 * a response from first resource server.
329 * @return ::OC_STACK_OK in case of success and other value otherwise.
331 OCStackResult provisionDirectPairing(const OicSecPconf_t *pconf,
332 ResultCallBack resultCallback);
334 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
336 * API to provision cert.
338 * @param type type of cred.
339 * @param credId id of cert.
340 * @param resultCallback Callback will be called when provisioning request
341 * receives a response from resource server.
342 * @return ::OC_STACK_OK in case of success and other value otherwise.
344 OCStackResult provisionTrustCertChain(OicSecCredType_t type, uint16_t credId,
345 ResultCallBack resultCallback);
347 #endif // __WITH_DTLS__ or __WITH_TLS__
350 * This method is used to get linked devices' IDs.
352 * @param uuidList Information about the list of linked devices uuids.
353 * @return ::OC_STACK_OK in case of success and other value otherwise.
355 OCStackResult getLinkedDevices(UuidList_t &uuidList);
358 * API to get the device ID of this resource.
361 std::string getDeviceID();
364 * API to get the information of device for provisioning.
365 * @return @ref OCProvisionDev_t Reference provides information of device for provisioning.
367 OCProvisionDev_t* getDevPtr()const;
370 * This function returns the device's IP address.
371 * @return device address.
373 std::string getDevAddr();
376 * This function returns the device's Status.
377 * @return Device status (1 = ON and 2 = OFF).
379 int getDeviceStatus();
382 * This function provides the owned status of the device.
383 * @return Device owned status.
385 bool getOwnedStatus();
389 * Common callback wrapper, which will be called from OC-APIs.
391 static void callbackWrapper(void* ctx, int nOfRes,
392 OCProvisionResult_t *arr, bool hasError);
395 void validateSecureResource();
399 #endif // OC_PROVISIONINGMANAGER_CXX_H_