1 //******************************************************************
3 // Copyright 2015 Samsung Electronics All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
23 #include "EnrolleeSecurity.h"
24 #include "oxmjustworks.h"
25 #include "oxmrandompin.h"
26 #include "EnrolleeResource.h"
28 #include "ESException.h"
29 #include "oic_malloc.h"
30 #include "provisioningdatabasemanager.h"
31 #include "oic_string.h"
33 #include "srmutility.h"
34 #include "aclresource.h"
35 #include "internal/doxmresource.h"
44 static const char COAP[] = "coap://";
45 static const char COAPS[] = "coaps://";
46 static const char COAP_TCP[] = "coap+tcp://";
47 static const char COAP_GATT[] = "coap+gatt://";
48 static const char COAP_RFCOMM[] = "coap+rfcomm://";
51 #define MAX_PERMISSION_LENGTH (5)
59 // TODO : Currently discovery timeout for owned and unowned devices is fixed as 5
60 // The value should be accepted from the application as a parameter during ocplatform
64 #define ES_SEC_DISCOVERY_TIMEOUT 15
66 #define ES_SEC_DISCOVERY_TIMEOUT 5
69 EnrolleeSecurity::EnrolleeSecurity(std::shared_ptr< OC::OCResource > resource)
71 m_ocResource = resource;
74 void EnrolleeSecurity::onEnrolleeSecuritySafetyCB(OC::PMResultList_t *result,
77 std::weak_ptr<EnrolleeSecurity> this_ptr)
79 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "onEnrolleeSecuritySafetyCB");
80 std::shared_ptr<EnrolleeSecurity> Ptr = this_ptr.lock();
87 void EnrolleeSecurity::convertUUIDToString(const uint8_t uuid[UUID_SIZE],
88 std::string& uuidString)
90 char uuidArray[UUID_STRING_SIZE] = {'\0',};
91 int ret = snprintf(uuidArray, UUID_STRING_SIZE,
92 "%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x",
93 uuid[0], uuid[1], uuid[2], uuid[3],
94 uuid[4], uuid[5], uuid[6], uuid[7],
95 uuid[8], uuid[9], uuid[10], uuid[11],
96 uuid[12], uuid[13], uuid[14], uuid[15]
99 if (ret != UUID_STRING_SIZE - 1)
104 uuidString = uuidArray;
107 std::string EnrolleeSecurity::getResourceDeviceAddress(const std::string& host)
109 size_t prefix_len = 0;
111 if (host.compare(0, sizeof(COAP) - 1, COAP) == 0)
113 prefix_len = sizeof(COAP) - 1;
115 else if (host.compare(0, sizeof(COAPS) - 1, COAPS) == 0)
117 prefix_len = sizeof(COAPS) - 1;
119 else if (host.compare(0, sizeof(COAP_TCP) - 1, COAP_TCP) == 0)
121 prefix_len = sizeof(COAP_TCP) - 1;
123 else if (host.compare(0, sizeof(COAP_GATT) - 1, COAP_GATT) == 0)
125 prefix_len = sizeof(COAP_GATT) - 1;
127 else if (host.compare(0, sizeof(COAP_RFCOMM) - 1, COAP_RFCOMM) == 0)
129 prefix_len = sizeof(COAP_RFCOMM) - 1;
133 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
134 "Well-known prefix for connectivity is not found. Please check OCResource::setHost");
139 std::string host_token = host.substr(prefix_len);
141 if (host_token[0] == '[') // IPv6
143 size_t bracket = host_token.find(']');
145 // extract the ipv6 address
146 return host_token.substr(0, bracket + 1);
150 size_t dot = host_token.find('.');
151 if (std::string::npos == dot) // MAC
153 size_t semi_count = std::count(host_token.begin(), host_token.end(), ':');
156 size_t found_semi = host_token.find_last_of(':');
157 host_token = host_token.substr(0, found_semi);
163 size_t colon = host_token.find(':');
165 // extract the ipv4 address
166 return host_token.substr(0, colon);
171 bool EnrolleeSecurity::isOwnerIDMatched(std::shared_ptr< OC::OCSecureResource > foundDevice)
173 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "isOwnerIDMatched IN");
175 if(foundDevice.get() == nullptr)
177 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "foundDevice is NULL ptr");
183 char uuidString[UUID_STRING_SIZE] = {};
184 if(RAND_UUID_OK == OCConvertUuidToString(foundDevice->getDevPtr()->doxm->owner.id, uuidString))
186 ownerID = uuidString;
193 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Mediator ID %s", m_mediatorID.c_str());
194 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Enrollee's Owner ID %s", ownerID.c_str());
196 if(ownerID == m_mediatorID)
198 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
199 "The found device's first owner ID is matched with Mediator's ID");
204 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
205 "The found device's first owner ID is NOT matched with Mediator's ID");
208 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "isOwnerIDMatched OUT");
213 #ifdef MULTIPLE_OWNER
214 bool EnrolleeSecurity::isSubOwnerIDMatched(std::shared_ptr< OC::OCSecureResource > foundDevice)
216 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "isSubOwnerIDMatched IN");
218 if(foundDevice.get() == nullptr)
220 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
221 "The found device's sub owner ID is NOT matched with Mediator's ID");
227 std::string subOwnerID;
228 char uuidString[UUID_STRING_SIZE] = {};
230 OicSecSubOwner_t* subOwnerList = foundDevice->getDevPtr()->doxm->subOwners;
234 if(RAND_UUID_OK == OCConvertUuidToString(subOwnerList->uuid.id, uuidString))
236 subOwnerID = uuidString;
243 if(subOwnerID == m_mediatorID)
245 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
246 "The found device's owner ID is matched with Mediator's ID as a second owner");
250 subOwnerList = subOwnerList->next;
255 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
256 "The found device's sub owner ID is NOT matched with Mediator's ID");
259 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "isSubOwnerIDMatched OUT");
263 void EnrolleeSecurity::changeMOTMethodCB(PMResultList_t *result, int hasError)
265 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "changeMOTMethodCB IN");
268 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG,
269 "requestEnableMOTMode API is failed with error %d", hasError);
270 enableMOTModeResult = false;
274 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "requestEnableMOTMode API is succeeded");
275 enableMOTModeResult = true;
283 void EnrolleeSecurity::selectMOTMethodCB(PMResultList_t *result, int hasError)
285 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "selectMOTMethodCB IN");
288 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG,
289 "selectMOTMethod API is failed with error %d", hasError);
290 motMethodProvResult = false;
294 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "selectMOTMethod API is succeeded");
295 motMethodProvResult = true;
302 void EnrolleeSecurity::preconfigPinProvCB(PMResultList_t *result, int hasError)
304 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "preconfigPinProvCB IN");
307 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG,
308 "provisionPreconfPin API is failed with error %d", hasError);
309 preConfigPinProvResult = false;
313 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "provisionPreconfPin API is succeeded");
314 preConfigPinProvResult = true;
321 void EnrolleeSecurity::multipleOwnershipTransferCb(OC::PMResultList_t *result, int hasError)
323 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "multipleOwnershipTransferCb IN");
329 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "multipleOwnershipTransferCb is failed with code(%d)", hasError);
335 for (unsigned int i = 0; i < result->size(); i++)
338 convertUUIDToString(result->at(i).deviceId.id, uuid);
340 if(m_ocResource != NULL && m_ocResource->sid() == uuid)
342 if( OC_STACK_OK == result->at(i).res )
344 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "multipleOwnershipTransferCb is succeeded");
345 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d", result->at(i).res);
346 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "device uuid : %s", uuid.c_str());
352 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "multipleOwnershipTransfer is failed with code(%d)", hasError);
362 ESResult EnrolleeSecurity::requestSetPreconfPinData(const ESOwnershipTransferData& MOTData)
364 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "requestSetPreconfPinData IN");
366 ESResult res = ESResult::ES_ERROR;
368 OC::ResultCallBack preconfigPinProvCB = std::bind(
369 &EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
370 std::placeholders::_1, std::placeholders::_2,
371 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::preconfigPinProvCB,
372 this, std::placeholders::_1, std::placeholders::_2)),
375 std::string pin = MOTData.getPreConfiguredPin();
377 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "provisionPreconfPin is called.");
378 if(OC_STACK_OK != m_securedResource->provisionPreconfPin(
379 pin.c_str(), pin.length(), preconfigPinProvCB))
381 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionPreconfPin API error");
382 res = ESResult:: ES_PRE_CONFIG_PIN_PROVISIONING_FAILURE;
386 std::unique_lock<std::mutex> lck(m_mtx);
389 if(!preConfigPinProvResult)
391 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionPreconfPin is failed.");
392 res = ESResult:: ES_PRE_CONFIG_PIN_PROVISIONING_FAILURE;
396 return ESResult::ES_OK;
399 ESResult EnrolleeSecurity::requestSetMOTMethod(const ESOwnershipTransferData& MOTData)
401 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "requestSetMOTMethod IN");
403 ESResult res = ESResult::ES_ERROR;
405 OC::ResultCallBack selectMOTMethodCB = std::bind(
406 &EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
407 std::placeholders::_1, std::placeholders::_2,
408 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::selectMOTMethodCB,
409 this, std::placeholders::_1, std::placeholders::_2)),
412 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "selectMOTMethod is called.");
413 if(OC_STACK_OK != m_securedResource->selectMOTMethod(
414 MOTData.getMOTMethod(),
417 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "selectMOTMethod API error");
418 res = ESResult:: ES_MOT_METHOD_SELECTION_FAILURE;
422 std::unique_lock<std::mutex> lck(m_mtx);
425 if(!motMethodProvResult)
427 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "selectMOTMethod is failed.");
428 res = ESResult:: ES_MOT_METHOD_SELECTION_FAILURE;
432 return ESResult::ES_OK;
435 ESResult EnrolleeSecurity::requestEnableMOTMode()
437 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "requestEnableMOTMode IN");
438 ESResult res = ESResult:: ES_ERROR;
440 OC::ResultCallBack changeMOTMethodCB = std::bind(
441 &EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
442 std::placeholders::_1, std::placeholders::_2,
443 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::changeMOTMethodCB,
444 this, std::placeholders::_1, std::placeholders::_2)),
448 m_securedResource->changeMOTMode(OIC_MULTIPLE_OWNER_ENABLE, changeMOTMethodCB))
450 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "changeMOTMode is failed.");
451 return ESResult:: ES_MOT_ENABLING_FAILURE;
454 std::unique_lock<std::mutex> lck(m_mtx);
457 if(!enableMOTModeResult)
459 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "requestEnableMOTMode is failed.");
460 res = ESResult:: ES_MOT_ENABLING_FAILURE;
464 return ESResult::ES_OK;
467 ESResult EnrolleeSecurity::provisionMOTConfig(const ESOwnershipTransferData& MOTData)
469 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "provisionMOTConfig IN");
470 ESResult res = ESResult:: ES_ERROR;
472 if(!m_securedResource->isMOTEnabled())
474 res = requestEnableMOTMode();
475 if(res != ESResult::ES_OK)
477 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "requestEnableMOTMode is failed.");
482 if( OIC_PRECONFIG_PIN == MOTData.getMOTMethod() &&
483 !MOTData.getPreConfiguredPin().empty())
485 res = requestSetPreconfPinData(MOTData);
487 if(res != ESResult::ES_OK)
489 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "RequestSetPreconfPinData is failed.");
493 if(OIC_PRECONFIG_PIN == MOTData.getMOTMethod() ||
494 OIC_RANDOM_DEVICE_PIN == MOTData.getMOTMethod())
496 res = requestSetMOTMethod(MOTData);
498 if(res != ESResult::ES_OK)
500 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "RequestSetMOTMethod is failed.");
508 void EnrolleeSecurity::ownershipTransferCb(OC::PMResultList_t *result, int hasError
511 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "ownershipTransferCb IN");
517 for (unsigned int i = 0; i < result->size(); i++)
520 convertUUIDToString(result->at(i).deviceId.id, uuid);
522 if(m_ocResource != NULL && m_ocResource->sid() == uuid)
524 if(OC_STACK_USER_DENIED_REQ == result->at(i).res)
526 res = ESResult::ES_USER_DENIED_CONFIRMATION_REQ;
528 else if(OC_STACK_AUTHENTICATION_FAILURE == result->at(i).res)
530 OicSecOxm_t oxm = OIC_OXM_COUNT;
531 if(OC_STACK_OK != m_securedResource->getOTMethod(&oxm))
537 if(OIC_MANUFACTURER_CERTIFICATE == oxm)
539 res = ESResult::ES_AUTHENTICATION_FAILURE_WITH_WRONG_CERT;
541 else if(OIC_CON_MFG_CERT == oxm)
543 res = ESResult::ES_AUTHENTICATION_FAILURE_WITH_WRONG_CERT;
545 else if(OIC_RANDOM_DEVICE_PIN == oxm)
547 res = ESResult::ES_AUTHENTICATION_FAILURE_WITH_WRONG_PIN;
550 else if(OC_STACK_COMM_ERROR == result->at(i).res)
552 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
553 "OwnershipTransfer is failed with OC_STACK_COMM_ERROR");
554 res = ESResult::ES_COMMUNICATION_ERROR;
556 else if(OC_STACK_TIMEOUT == result->at(i).res)
558 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
559 "OwnershipTransfer is failed with OC_STACK_TIMEOUT");
560 res = ESResult::ES_COMMUNICATION_ERROR;
562 else if(OC_STACK_GATEWAY_TIMEOUT== result->at(i).res)
564 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
565 "OwnershipTransfer is failed with OC_STACK_GATEWAY_TIMEOUT");
566 res = ESResult::ES_COMMUNICATION_ERROR;
570 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "OwnershipTransfer is failed with ESResult(%d)", res);
576 for (unsigned int i = 0; i < result->size(); i++)
579 convertUUIDToString(result->at(i).deviceId.id, uuid);
581 if(m_ocResource != NULL && m_ocResource->sid() == uuid)
583 if( OC_STACK_OK == result->at(i).res )
585 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "OwnershipTransfer is succeeded");
586 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d", result->at(i).res);
587 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "device uuid : %s", uuid.c_str());
593 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "OwnershipTransfer is failed with code(%d)", hasError);
604 ESResult EnrolleeSecurity::discoverTargetSecureResource()
606 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "discoverTargetSecureResource IN");
608 OCStackResult result = OC_STACK_ERROR;
611 if(OC_STACK_OK != ConvertStrToUuid(m_ocResource->sid().c_str(), &uuid))
613 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Convert to uuid from deviceID failed.");
617 // If a discovered resource uses BLE transport, unicast for secure resource discovery is
619 if( m_ocResource->connectivityType() & CT_ADAPTER_GATT_BTLE )
621 std::string GattAddress = getResourceDeviceAddress(m_ocResource->host());
622 if(!GattAddress.empty())
624 result = OCSecure::discoverSingleDeviceInUnicast(ES_SEC_DISCOVERY_TIMEOUT,
627 m_ocResource->connectivityType(),
629 if(result != OC_STACK_OK)
631 return ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
636 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "GATT BTLE address format is wrong.");
642 result = OCSecure::discoverSingleDevice(ES_SEC_DISCOVERY_TIMEOUT,
645 if(result != OC_STACK_OK)
647 return ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
651 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Secured resource is found.");
652 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "HOST: %s", m_securedResource->getDevAddr().c_str());
653 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "SID: %s", m_securedResource->getDeviceID().c_str());
654 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Owned status: %d", m_securedResource->getOwnedStatus());
656 OicSecOxm_t selectedOTMethod = OIC_OXM_COUNT;
657 if( OC_STACK_OK != m_securedResource->getOTMethod(&selectedOTMethod) )
659 selectedOTMethod = OIC_OXM_COUNT; // Out-of-range
661 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Selected OT Method: %d", (int)(selectedOTMethod));
662 #ifdef MULTIPLE_OWNER
663 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "MOT Supported: %d", (int)(m_securedResource->isMOTSupported()));
664 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "MOT Enabled: %d", (int)(m_securedResource->isMOTEnabled()));
666 if(m_securedResource->getOwnedStatus())
668 char uuidString[UUID_STRING_SIZE] = {};
669 if(RAND_UUID_OK == OCConvertUuidToString(m_securedResource->getDevPtr()->doxm->owner.id, uuidString))
671 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Owner ID: %s", uuidString);
675 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "OCConvertUuidToString is failed");
682 ESOwnershipTransferData EnrolleeSecurity::getOwnershipTransferDataFromUser
683 (SecurityProvStatusCbWithOption callback)
685 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "getOwnershipTransferDataFromUser IN");
686 ESOwnershipTransferData ownershipTransferData;
688 std::shared_ptr< SecProvisioningStatus > securityProvisioningStatus =
689 std::make_shared< SecProvisioningStatus >
691 ESResult::ES_SECURE_RESOURCE_IS_DISCOVERED);
692 ownershipTransferData = callback(securityProvisioningStatus);
693 #ifdef MULTIPLE_OWNER
694 if(OIC_RANDOM_DEVICE_PIN == ownershipTransferData.getMOTMethod())
696 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Selected MOT Method: OIC_RANDOM_DEVICE_PIN");
698 else if(OIC_PRECONFIG_PIN == ownershipTransferData.getMOTMethod())
700 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Selected MOT Method: OIC_PRECONFIG_PIN");
701 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Pre-configured PIN: %s",
702 ownershipTransferData.getPreConfiguredPin().c_str());
705 return ownershipTransferData;
708 ESResult EnrolleeSecurity::syncUpWithMediatorDB()
710 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "syncUpWithMediatorDB IN");
712 OCStackResult result = OC_STACK_ERROR;
713 ESResult res = ESResult::ES_ERROR;
715 OC::ResultCallBack removeDeviceWithUuidCB = std::bind(
716 &EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
717 std::placeholders::_1, std::placeholders::_2,
718 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::removeDeviceWithUuidCB,
719 this, std::placeholders::_1, std::placeholders::_2)),
722 result = OCSecure::removeDeviceWithUuid(ES_SEC_DISCOVERY_TIMEOUT,
724 removeDeviceWithUuidCB);
725 if(result != OC_STACK_OK)
727 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "removeDeviceWithUuid failed. (%d)", result);
728 res = ESResult::ES_OWNERSHIP_IS_NOT_SYNCHRONIZED;
732 std::unique_lock<std::mutex> lck(m_mtx);
733 m_cond.wait_for(lck, std::chrono::seconds(ES_SEC_DISCOVERY_TIMEOUT));
735 if(!removeDeviceResult)
737 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Removing device is failed.");
738 res = ESResult::ES_OWNERSHIP_IS_NOT_SYNCHRONIZED;
741 return ESResult::ES_OK;
744 std::string EnrolleeSecurity::getMediatorDevID()
746 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "getMediatorDevID IN");
747 OCUUIdentity* mediatorDevId = (OCUUIdentity* )OICMalloc(sizeof(OCUUIdentity));
750 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionOwnership: OICMalloc error return");
754 if(OC::OCPlatform::getDeviceId(mediatorDevId) != OC_STACK_OK)
756 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "getDeviceId is failed.");
757 OICFree(mediatorDevId);
761 char uuidString[UUID_STRING_SIZE] = {};
762 if(RAND_UUID_OK == OCConvertUuidToString(mediatorDevId->id, uuidString))
764 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Mediator UUID : %s", uuidString);
765 OICFree(mediatorDevId);
766 return std::string(uuidString);
769 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "OCConvertUuidToString is failed.");
770 OICFree(mediatorDevId);
774 ESResult EnrolleeSecurity::provisionOwnership(SecurityProvStatusCbWithOption callback)
776 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "provisionOwnership IN");
778 ESResult res = ESResult:: ES_ERROR;
780 ESOwnershipTransferData ownershipTransferData;
782 std::string mediatorDevIdStr = getMediatorDevID();
783 if(mediatorDevIdStr.empty())
785 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "getMediatorDevID is failed.");
790 m_mediatorID = mediatorDevIdStr;
793 res = discoverTargetSecureResource();
797 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Secure Resource Discovery failed.");
798 res = ESResult:: ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
801 else if (m_securedResource)
805 ownershipTransferData = getOwnershipTransferDataFromUser(callback);
808 if(m_securedResource->getOwnedStatus())
810 if(isOwnedDeviceRegisteredInDB())
812 #ifdef MULTIPLE_OWNER
813 if(isSubOwnerIDMatched(m_securedResource))
815 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
816 "The found device is already owned by Mediator.(SUCCESS)");
817 res = ESResult::ES_OK;
821 if(isOwnerIDMatched(m_securedResource))
823 if((OIC_PRECONFIG_PIN == ownershipTransferData.getMOTMethod() ||
824 OIC_RANDOM_DEVICE_PIN == ownershipTransferData.getMOTMethod()))
826 if(m_securedResource->isMOTSupported())
828 res = provisionMOTConfig(ownershipTransferData);
831 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
832 "provisionMOTConfig is failed.");
835 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
836 "The found device is already owned by Mediator and enabled MOT mode.");
841 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
842 "The found device is not supported MOT");
843 return ESResult:: ES_MOT_NOT_SUPPORTED;
848 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
849 "The found device is already owned by Mediator.(SUCCESS)");
850 res = ESResult::ES_OK;
855 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
856 "An ownership transfer knowledge is not synchronized"
857 "between mediator and found enrollee.(FAILED)");
858 res = ESResult::ES_OWNERSHIP_IS_NOT_SYNCHRONIZED;
861 if(isOwnerIDMatched(m_securedResource))
863 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG,
864 "The found device is already owned by Mediator.(SUCCESS)");
865 res = ESResult::ES_OK;
870 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
871 "An ownership transfer knowledge is not synchronized"
872 "between mediator and found enrollee.(FAILED)");
873 res = ESResult::ES_OWNERSHIP_IS_NOT_SYNCHRONIZED;
878 #ifdef MULTIPLE_OWNER
879 else if( !isOwnedDeviceRegisteredInDB() &&
880 !isOwnerIDMatched(m_securedResource) &&
881 !isSubOwnerIDMatched(m_securedResource) &&
882 m_securedResource->isMOTEnabled() &&
883 (OIC_PRECONFIG_PIN == ownershipTransferData.getMOTMethod() ||
884 OIC_RANDOM_DEVICE_PIN == ownershipTransferData.getMOTMethod()))
887 res = performMultipleOwnershipTransfer(ownershipTransferData);
889 if(res != ESResult::ES_OK)
891 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG,
892 "Multiple Ownership-Transfer failed. (%d)", res);
896 else if( !isOwnedDeviceRegisteredInDB() &&
897 (isOwnerIDMatched(m_securedResource) ||
898 isSubOwnerIDMatched(m_securedResource)))
900 else if( !isOwnedDeviceRegisteredInDB() && isOwnerIDMatched(m_securedResource))
903 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
904 "An ownership transfer knowledge is not synchronized between mediator and found enrollee.(FAILED)");
905 res = ESResult::ES_OWNERSHIP_IS_NOT_SYNCHRONIZED;
910 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
911 "The found device is already owned by Other Mediator.(FAILED)");
912 res = ESResult::ES_OWNERSHIP_TRANSFER_FAILURE;
918 if(isOwnedDeviceRegisteredInDB())
920 res = syncUpWithMediatorDB();
922 if(res != ESResult::ES_OK)
924 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG,
925 "syncUpWithMediatorDB failed. (%d)", res);
928 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Removing device is succeeded.");
930 res = performOwnershipTransfer();
932 if(res != ESResult::ES_OK)
934 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "Ownership-Transfer failed. (%d)", res);
937 #ifdef MULTIPLE_OWNER
938 if( m_securedResource->isMOTSupported() &&
939 ownershipTransferData.getMOTMethod() != OIC_OXM_COUNT)
941 res = provisionMOTConfig(ownershipTransferData);
949 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "No secure resource is found.");
950 res = ESResult:: ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
955 ESResult EnrolleeSecurity::performOwnershipTransfer()
957 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "performOwnershipTransfer IN.");
959 OCStackResult result = OC_STACK_ERROR;
960 ESResult res = ESResult::ES_ERROR;
962 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Transfering ownership for : %s ",
963 m_securedResource->getDeviceID().c_str());
965 OC::ResultCallBack ownershipTransferCb =
966 std::bind(&EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
967 std::placeholders::_1, std::placeholders::_2,
968 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::ownershipTransferCb,
969 this, std::placeholders::_1, std::placeholders::_2, std::ref(res))),
973 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "doOwnershipTransfer is excuted");
974 result = m_securedResource->doOwnershipTransfer(ownershipTransferCb);
976 if (result != OC_STACK_OK)
978 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "doOwnershipTransfer is failed");
979 return ESResult::ES_ERROR;
982 std::unique_lock<std::mutex> lck(m_mtx);
987 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Ownership-Transfer failed.");
991 return ESResult::ES_OK;
994 #ifdef MULTIPLE_OWNER
995 ESResult EnrolleeSecurity::performMultipleOwnershipTransfer(const ESOwnershipTransferData& MOTdata)
997 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "performMultipleOwnershipTransfer IN.");
999 OCStackResult result = OC_STACK_ERROR;
1001 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Transfering sub-ownership for : %s ",
1002 m_securedResource->getDeviceID().c_str());
1004 if(OIC_PRECONFIG_PIN == MOTdata.getMOTMethod() &&
1005 !MOTdata.getPreConfiguredPin().empty())
1007 std::string pin = MOTdata.getPreConfiguredPin();
1009 result = m_securedResource->addPreconfigPIN(pin.c_str(), pin.length());
1010 if(OC_STACK_OK != result)
1012 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "addPreconfigPIN is failed");
1013 return ESResult::ES_ERROR;
1016 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Preconfig PIN : %s", pin.c_str());
1019 OC::ResultCallBack multipleOwnershipTransferCb =
1020 std::bind(&EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
1021 std::placeholders::_1, std::placeholders::_2,
1022 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::multipleOwnershipTransferCb,
1023 this, std::placeholders::_1, std::placeholders::_2)),
1024 shared_from_this());
1026 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "doMultipleOwnershipTransfer is excuted");
1028 result = m_securedResource->doMultipleOwnershipTransfer(multipleOwnershipTransferCb);
1029 if(OC_STACK_OK != result)
1031 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "doMultipleOwnershipTransfer is failed");
1032 return ESResult::ES_ERROR;
1035 std::unique_lock<std::mutex> lck(m_mtx);
1040 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Multiple Ownership-Transfer failed.");
1041 return ESResult::ES_OWNERSHIP_TRANSFER_FAILURE;
1044 return ESResult::ES_OK;
1048 void EnrolleeSecurity::removeDeviceWithUuidCB(OC::PMResultList_t *result, int hasError)
1050 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "removeDeviceWithUuidCB IN");
1054 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "removeDeviceWithUuid is failed with code (%d)", hasError);
1055 removeDeviceResult = false;
1060 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "removeDeviceWithUuid is succeeded");
1062 for (unsigned int i = 0; i < result->size(); i++)
1065 convertUUIDToString(result->at(i).deviceId.id, uuid);
1067 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d", result->at(i).res);
1068 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "device uuid : %s", uuid.c_str());
1070 removeDeviceResult = true;
1072 m_cond.notify_all();
1075 bool EnrolleeSecurity::isOwnedDeviceRegisteredInDB()
1077 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "isOwnedDeviceRegisteredInDB IN");
1079 OCStackResult res = OC_STACK_ERROR;
1081 OCUuidList_t *uuidList = NULL;
1082 size_t numOfDevices = 0;
1084 res = PDMGetOwnedDevices(&uuidList, &numOfDevices);
1085 if (OC_STACK_OK != res)
1087 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Error while getting info from DB");
1092 OCUuidList_t *pUuidList = uuidList;
1096 convertUUIDToString(pUuidList->dev.id, uuid);
1097 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG,
1098 "m_ocResource->sid(): %s, cur DB UUID %s",
1099 m_ocResource->sid().c_str(), uuid.c_str());
1100 if(m_ocResource->sid() == uuid.c_str())
1105 pUuidList = pUuidList->next;
1112 std::string EnrolleeSecurity::getUUID() const
1114 return m_ocResource->sid();
1117 #if defined(__WITH_DTLS__) && defined(__WITH_TLS__)
1118 ESResult EnrolleeSecurity::provisionSecurityForCloudServer(
1119 std::string cloudUuid, int credId)
1121 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "provisionSecurityForCloudServer IN");
1123 ESResult res = ESResult::ES_ERROR;
1125 // Need to discover Owned device in a given network, again
1126 std::shared_ptr< OC::OCSecureResource > ownedDevice = NULL;
1128 OCStackResult result = OC_STACK_ERROR;
1130 if(OC_STACK_OK != ConvertStrToUuid(m_ocResource->sid().c_str(), &uuid))
1132 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Convert to uuid from deviceID failed.");
1136 // If a discovered resource uses BLE transport, unicast for secure resource discovery is
1138 if( m_ocResource->connectivityType() & CT_ADAPTER_GATT_BTLE )
1140 std::string GattAddress = getResourceDeviceAddress(m_ocResource->host());
1141 if(!GattAddress.empty())
1143 result = OCSecure::discoverSingleDeviceInUnicast(ES_SEC_DISCOVERY_TIMEOUT,
1146 m_ocResource->connectivityType(),
1151 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "GATT BTLE address format is wrong.");
1152 res = ESResult:: ES_ERROR;
1158 result = OCSecure::discoverSingleDevice(ES_SEC_DISCOVERY_TIMEOUT,
1163 if (result != OC_STACK_OK)
1165 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "secureResource Discovery failed.");
1166 res = ESResult::ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
1169 else if (ownedDevice)
1171 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Secured resource is found.");
1172 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "HOST: %s", ownedDevice->getDevAddr().c_str());
1173 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "SID: %s", ownedDevice->getDeviceID().c_str());
1174 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Owned status: %d", ownedDevice->getOwnedStatus());
1176 if (ownedDevice->getOwnedStatus())
1178 if(!isOwnedDeviceRegisteredInDB())
1180 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "The found device is not one in SVR DB");
1181 res = ESResult::ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
1187 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "The found device is unowned.");
1188 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Ownerthip transfer is required.");
1190 res = ESResult::ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
1196 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "No secure resource is found");
1197 res = ESResult::ES_SECURE_RESOURCE_DISCOVERY_FAILURE;
1201 if(cloudUuid.empty())
1203 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
1204 "ACL provisioning is skipped due to empty UUID of cloud server");
1208 res = performACLProvisioningForCloudServer(ownedDevice, cloudUuid);
1209 if(res != ESResult::ES_OK)
1211 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "error performACLProvisioningForCloudServer");
1218 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG,
1219 "Cert. provisioning is skipped due to wrong cred ID (<1)");
1223 res = performCertProvisioningForCloudServer(ownedDevice, credId);
1224 if(res != ESResult::ES_OK)
1226 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "error performCertProvisioningForCloudServer");
1234 ESResult EnrolleeSecurity::performCertProvisioningForCloudServer(
1235 std::shared_ptr< OC::OCSecureResource > ownedDevice, int credId)
1237 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "performCertProvisioningForCloudServer IN");
1239 ESResult res = ESResult::ES_CERT_PROVISIONING_FAILURE;
1243 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Given ownedDevice is null");
1247 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Given CredId: %d", credId);
1249 OC::ResultCallBack CertProvisioningCb =
1250 std::bind(&EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
1251 std::placeholders::_1, std::placeholders::_2,
1252 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::certProvisioningCb,
1253 this, std::placeholders::_1, std::placeholders::_2)),
1254 shared_from_this());
1256 OCStackResult rst = ownedDevice->provisionTrustCertChain(SIGNED_ASYMMETRIC_KEY,
1257 static_cast<uint16_t>(credId),
1258 CertProvisioningCb);
1259 if(OC_STACK_OK != rst)
1261 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "provisionTrustCertChain error: %d", rst);
1265 std::unique_lock<std::mutex> lck(m_mtx);
1270 res = ESResult::ES_OK;
1276 ESResult EnrolleeSecurity::performACLProvisioningForCloudServer(
1277 std::shared_ptr< OC::OCSecureResource > ownedDevice, std::string& cloudUuid)
1279 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "performACLProvisioningForCloudServer IN");
1281 ESResult res = ESResult::ES_ACL_PROVISIONING_FAILURE;
1285 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Given ownedDevice is null");
1289 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "Given cloudUuid: %s", cloudUuid.c_str());
1292 if(OC_STACK_OK != ConvertStrToUuid(cloudUuid.c_str(), &uuid))
1294 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Convert to uuid from deviceID failed.");
1299 // Create Acl for Cloud Server to be provisioned to Enrollee
1300 OicSecAcl_t* acl = createAcl(uuid);
1303 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl error return");
1307 OC::ResultCallBack aclProvisioningCb =
1308 std::bind(&EnrolleeSecurity::onEnrolleeSecuritySafetyCB,
1309 std::placeholders::_1, std::placeholders::_2,
1310 static_cast<ESSecurityCb>(std::bind(&EnrolleeSecurity::aclProvisioningCb,
1311 this, std::placeholders::_1, std::placeholders::_2)),
1312 shared_from_this());
1314 // ACL provisioning to Enrollee
1315 OCStackResult rst = ownedDevice->provisionACL(acl, aclProvisioningCb);
1316 if(OC_STACK_OK != rst)
1318 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "OCProvisionACL API error: %d", rst);
1322 std::unique_lock<std::mutex> lck(m_mtx);
1327 res = ESResult::ES_OK;
1329 OCDeleteACLList(acl);
1333 OicSecAcl_t* EnrolleeSecurity::createAcl(const OicUuid_t cloudUuid)
1335 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "creatAcl IN");
1337 // allocate memory for |acl| struct
1338 OicSecAcl_t* acl = (OicSecAcl_t*) OICCalloc(1, sizeof(OicSecAcl_t));
1341 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1342 return NULL; // not need to 'goto' |ERROR| before allocating |acl|
1344 OicSecAce_t* ace = (OicSecAce_t*) OICCalloc(1, sizeof(OicSecAce_t));
1347 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1348 return NULL; // not need to 'goto' |ERROR| before allocating |acl|
1350 LL_APPEND(acl->aces, ace);
1352 memcpy(&ace->subjectuuid, &cloudUuid, UUID_LENGTH);
1354 OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
1357 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1358 OCDeleteACLList(acl);
1363 size_t len = strlen(href)+1; // '1' for null termination
1364 rsrc->href = (char*) OICCalloc(len, sizeof(char));
1367 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1369 OCDeleteACLList(acl);
1372 OICStrcpy(rsrc->href, len, href);
1375 rsrc->typeLen = arrLen;
1376 rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
1379 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1381 OCDeleteACLList(acl);
1384 rsrc->types[0] = OICStrdup("rt"); // ignore
1387 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICStrdup error return");
1389 OCDeleteACLList(acl);
1393 rsrc->interfaceLen = 1;
1394 rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
1395 if(!rsrc->interfaces)
1397 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICCalloc error return");
1399 OCDeleteACLList(acl);
1402 rsrc->interfaces[0] = OICStrdup("if"); // ignore
1403 if(!rsrc->interfaces[0])
1405 OIC_LOG(ERROR, ENROLEE_SECURITY_TAG, "createAcl: OICStrdup error return");
1407 OCDeleteACLList(acl);
1411 LL_APPEND(ace->resources, rsrc);
1413 ace->permission = 31; // R/W/U/D
1415 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "creatAcl OUT");
1420 void EnrolleeSecurity::aclProvisioningCb(PMResultList_t *result, int hasError)
1422 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "aclProvisioningCb IN");
1426 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "ACL provisioning is failed with code (%d)", hasError);
1431 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Received ACL provisioning results: ");
1433 std::string devUuid;
1434 for (unsigned int i = 0; i < result->size(); i++)
1436 convertUUIDToString(result->at(i).deviceId.id, devUuid);
1438 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d", result->at(i).res);
1439 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "device uuid : %s", devUuid.c_str());
1444 m_cond.notify_all();
1447 void EnrolleeSecurity::certProvisioningCb(PMResultList_t *result, int hasError)
1449 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "certProvisioningCb IN");
1453 OIC_LOG_V(ERROR, ENROLEE_SECURITY_TAG, "Cert provisioning is failed with code (%d)", hasError);
1458 OIC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Received Cert. provisioning results: ");
1460 std::string devUuid;
1461 for (unsigned int i = 0; i < result->size(); i++)
1463 convertUUIDToString(result->at(i).deviceId.id, devUuid);
1465 OIC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d", result->at(i).res);
1466 OIC_LOG_V(INFO_PRIVATE, ENROLEE_SECURITY_TAG, "device uuid : %s", devUuid.c_str());
1471 m_cond.notify_all();
1473 #endif //defined(__WITH_DTLS__) && defined(__WITH_TLS__)