1 //******************************************************************
3 // Copyright 2015 Samsung Electronics All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef ENROLLEE_SECURITY_H_
22 #define ENROLLEE_SECURITY_H_
26 #include <condition_variable>
29 #include "ESRichCommon.h"
30 #include "OCProvisioningManager.hpp"
36 #define ENROLEE_SECURITY_TAG "ES_ENROLLEE_SECURITY"
37 #define UUID_SIZE (16)
38 #define UUID_STRING_SIZE (37)
41 class EnrolleeResource;
42 class OCSecureResource;
44 typedef std::vector<OCProvisionResult_t> PMResultList_t;
45 typedef std::function<void(OC::PMResultList_t *result, int hasError)> ESSecurityCb;
48 * This class contains the methods needed for security layer interaction.
50 * @see EnrolleeSecurity
52 class EnrolleeSecurity : public std::enable_shared_from_this<EnrolleeSecurity>
55 EnrolleeSecurity(std::shared_ptr< OC::OCResource > resource);
56 ESResult provisionOwnership(SecurityProvStatusCbWithOption callback);
57 std::string getUUID() const;
60 std::shared_ptr< OC::OCResource > m_ocResource;
61 SecurityProvStatusCb m_securityProvStatusCb;
62 SecurityPinCb m_securityPinCb;
63 SecProvisioningDbPathCb m_secProvisioningDbPathCb;
66 std::condition_variable m_cond;
67 std::atomic<bool> otmResult;
68 std::atomic<bool> enableMOTModeResult;
69 std::atomic<bool> motMethodProvResult;
70 std::atomic<bool> preConfigPinProvResult;
71 std::atomic<bool> removeDeviceResult;
72 std::atomic<bool> aclResult;
73 std::atomic<bool> certResult;
74 std::string m_mediatorID;
76 std::shared_ptr< OC::OCSecureResource > m_securedResource;
78 static void onEnrolleeSecuritySafetyCB(OC::PMResultList_t *result,
81 std::weak_ptr<EnrolleeSecurity> this_ptr);
83 ESResult performOwnershipTransfer();
84 bool isOwnedDeviceRegisteredInDB();
85 void removeDeviceWithUuidCB(OC::PMResultList_t *result, int hasError);
86 ESResult discoverTargetSecureResource();
87 ESOwnershipTransferData getOwnershipTransferDataFromUser
88 (SecurityProvStatusCbWithOption callback);
89 ESResult syncUpWithMediatorDB();
91 ESResult performMultipleOwnershipTransfer(const ESOwnershipTransferData& MOTdata);
92 void changeMOTMethodCB(PMResultList_t *result, int hasError);
94 void selectMOTMethodCB(PMResultList_t *result, int hasError);
95 void preconfigPinProvCB(PMResultList_t *result, int hasError);
96 void multipleOwnershipTransferCb(OC::PMResultList_t *result, int hasError);
97 bool isSubOwnerIDMatched(std::shared_ptr< OC::OCSecureResource > foundDevice);
98 ESResult requestSetPreconfPinData(const ESOwnershipTransferData& MOTData);
99 ESResult requestSetMOTMethod(const ESOwnershipTransferData& MOTData);
100 ESResult requestEnableMOTMode();
101 ESResult provisionMOTConfig(const ESOwnershipTransferData& MOTData);
103 void ownershipTransferCb(OC::PMResultList_t *result, int hasError, ESResult& res);
104 void convertUUIDToString(const uint8_t uuid[UUID_SIZE],
105 std::string& uuidString);
106 std::string getResourceDeviceAddress(const std::string& host);
107 bool isOwnerIDMatched(std::shared_ptr< OC::OCSecureResource > foundDevice);
108 std::string getMediatorDevID();
110 #if defined(__WITH_DTLS__) && defined(__WITH_TLS__)
112 ESResult provisionSecurityForCloudServer(
113 std::string cloudUuid, int credId);
115 ESResult performCertProvisioningForCloudServer(
116 std::shared_ptr< OC::OCSecureResource > ownedDevice,
118 ESResult performACLProvisioningForCloudServer(
119 std::shared_ptr< OC::OCSecureResource > ownedDevice,
120 std::string& cloudUuid);
121 OicSecAcl_t* createAcl(const OicUuid_t cloudUuid);
122 void aclProvisioningCb(PMResultList_t *result, int hasError);
123 void certProvisioningCb(PMResultList_t *result, int hasError);
124 #endif //defined(__WITH_DTLS__) && defined(__WITH_TLS__)
129 #endif /* ENROLLEE_SECURITY_H_*/