#include <string.h>
#include "ocprovisioningmanager.h"
#include "pmutility.h"
+#include "srmutility.h"
#include "ownershiptransfermanager.h"
+#ifdef MULTIPLE_OWNER
+#include "multipleownershiptransfermanager.h"
+#endif //MULTIPLE_OWNER
#include "oic_malloc.h"
#include "logger.h"
#include "secureresourceprovider.h"
#include "utlist.h"
#include "aclresource.h" //Note: SRM internal header
#include "pconfresource.h"
+#include "psinterface.h"
+#include "srmresourcestrings.h"
-#define TAG "OCPMAPI"
+#define TAG "OIC_OCPMAPI"
typedef struct Linkdata Linkdata_t;
struct Linkdata
};
+#ifdef MULTIPLE_OWNER
+typedef struct ProvPreconfPINCtx ProvPreconfPINCtx_t;
+struct ProvPreconfPINCtx
+{
+ void *ctx;
+ const OCProvisionDev_t *devInfo;
+ const char* pin;
+ size_t pinLen;
+ OCProvisionResultCB resultCallback;
+};
+#endif //MULTIPLE_OWNER
+
/**
* The function is responsible for initializaton of the provisioning manager. It will load
* provisioning database which have owned device's list and their linked status.
return PDMInit(dbPath);
}
+void OCTerminatePM()
+{
+ OTMTerminate();
+}
+
+OCStackResult OCPDMCleanupForTimeout()
+{
+ return PDMDeleteDeviceWithState(PDM_DEVICE_INIT);
+}
+
+/**
+ * The function is responsible for discovery of owned/unowned device is specified endpoint/deviceID.
+ * And this function will only return the specified device's response.
+ *
+ * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
+ * server before returning the device.
+ * @param[in] deviceID deviceID of target device.
+ * @param[out] ppFoundDevice OCProvisionDev_t of found device
+ * @return OTM_SUCCESS in case of success and other value otherwise.
+ */
+OCStackResult OCDiscoverSingleDevice(unsigned short timeout, const OicUuid_t* deviceID,
+ OCProvisionDev_t **ppFoundDevice)
+{
+ if( NULL == ppFoundDevice || NULL != *ppFoundDevice || 0 == timeout || NULL == deviceID)
+ {
+ return OC_STACK_INVALID_PARAM;
+ }
+
+ return PMSingleDeviceDiscovery(timeout, deviceID, ppFoundDevice);
+}
+
+/**
+ * The function is responsible for discovery of owned/unowned device is specified endpoint/deviceID.
+ * And this function will only return the specified device's response.
+ *
+ * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
+ * server before returning the device.
+ * @param[in] deviceID deviceID of target device.
+ * @param[in] hostAddress MAC address of target device.
+ * @param[in] connType ConnectivityType for discovery.
+ * @param[out] ppFoundDevice OCProvisionDev_t of found device.
+ * @return OTM_SUCCESS in case of success and other value otherwise.
+ */
+OCStackResult OCDiscoverSingleDeviceInUnicast(unsigned short timeout, const OicUuid_t* deviceID,
+ const char* hostAddress, OCConnectivityType connType,
+ OCProvisionDev_t **ppFoundDevice)
+{
+ if( NULL == ppFoundDevice || NULL != *ppFoundDevice || 0 == timeout || NULL == deviceID ||
+ NULL == hostAddress)
+ {
+ OIC_LOG(ERROR, TAG, "OCDiscoverSingleDeviceInUnicast : Invalid Parameter");
+ return OC_STACK_INVALID_PARAM;
+ }
+
+ return PMSingleDeviceDiscoveryInUnicast(timeout, deviceID, hostAddress, connType,
+ ppFoundDevice);
+}
+
/**
* The function is responsible for discovery of device is current subnet. It will list
* all the device in subnet which are not yet owned. Please call OCInit with OC_CLIENT_SERVER as
* OCMode.
*
* @param[in] timeout Timeout in seconds, value till which function will listen to responses from
- * client before returning the list of devices.
+ * server before returning the list of devices.
* @param[out] ppList List of candidate devices to be provisioned
* @return OTM_SUCCESS in case of success and other value otherwise.
*/
* all the device in subnet which are owned by calling provisioning client.
*
* @param[in] timeout Timeout in seconds, value till which function will listen to responses from
- * client before returning the list of devices.
+ * server before returning the list of devices.
* @param[out] ppList List of device owned by provisioning tool.
* @return OTM_SUCCESS in case of success and other value otherwise.
*/
return PMDeviceDiscovery(timeout, true, ppList);
}
+#ifdef MULTIPLE_OWNER
+/**
+ * The function is responsible for discovery of MOT enabled device is current subnet.
+ *
+ * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
+ * server before returning the list of devices.
+ * @param[out] ppList List of MOT enabled devices.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCDiscoverMultipleOwnerEnabledDevices(unsigned short timeout, OCProvisionDev_t **ppList)
+{
+ if( ppList == NULL || *ppList != NULL || 0 == timeout)
+ {
+ return OC_STACK_INVALID_PARAM;
+ }
+
+ return PMMultipleOwnerDeviceDiscovery(timeout, false, ppList);
+}
+
+/**
+ * The function is responsible for discovery of Multiple Owned device is current subnet.
+ *
+ * @param[in] timeout Timeout in seconds, value till which function will listen to responses from
+ * server before returning the list of devices.
+ * @param[out] ppList List of Multiple Owned devices.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCDiscoverMultipleOwnedDevices(unsigned short timeout, OCProvisionDev_t **ppList)
+{
+ if( ppList == NULL || *ppList != NULL || 0 == timeout)
+ {
+ return OC_STACK_INVALID_PARAM;
+ }
+
+ return PMMultipleOwnerDeviceDiscovery(timeout, true, ppList);
+}
+
+
+/**
+ * API to add preconfigured PIN to local SVR DB.
+ *
+ * @param[in] targetDeviceInfo Selected target device.
+ * @param[in] preconfigPin Preconfig PIN which is used while multiple owner authentication
+ * @param[in] preconfigPinLen Byte length of preconfigPin
+ *
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCAddPreconfigPin(const OCProvisionDev_t *targetDeviceInfo,
+ const char *preconfigPin,
+ size_t preconfigPinLen)
+{
+ return MOTAddPreconfigPIN(targetDeviceInfo, preconfigPin, preconfigPinLen);
+}
+
+
+OCStackResult OCDoMultipleOwnershipTransfer(void* ctx,
+ OCProvisionDev_t *targetDevices,
+ OCProvisionResultCB resultCallback)
+{
+ if( NULL == targetDevices )
+ {
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (NULL == resultCallback)
+ {
+ OIC_LOG(INFO, TAG, "OCDoOwnershipTransfer : NULL Callback");
+ return OC_STACK_INVALID_CALLBACK;
+ }
+ return MOTDoOwnershipTransfer(ctx, targetDevices, resultCallback);
+}
+
+OCStackResult OCRemoveSubOwner(void* ctx,
+ const OCProvisionDev_t *targetDeviceInfo,
+ const OicUuid_t* subOwner,
+ OCProvisionResultCB resultCallback)
+{
+ if (NULL == targetDeviceInfo || NULL == subOwner)
+ {
+ OIC_LOG_V(ERROR, TAG, "%s : NULL Param", __func__);
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (NULL == resultCallback)
+ {
+ OIC_LOG_V(ERROR, TAG, "%s : NULL Callback", __func__);
+ return OC_STACK_INVALID_CALLBACK;
+ }
+
+ return MOTRemoveSubOwner(ctx, targetDeviceInfo, subOwner, resultCallback);
+}
+
+OCStackResult OCRemoveAllSubOwner(void* ctx,
+ const OCProvisionDev_t *targetDeviceInfo,
+ OCProvisionResultCB resultCallback)
+{
+ if (NULL == targetDeviceInfo)
+ {
+ OIC_LOG_V(ERROR, TAG, "%s : NULL Param", __func__);
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (NULL == resultCallback)
+ {
+ OIC_LOG_V(ERROR, TAG, "%s : NULL Callback", __func__);
+ return OC_STACK_INVALID_CALLBACK;
+ }
+
+ return MOTRemoveSubOwner(ctx, targetDeviceInfo, &WILDCARD_SUBJECT_ID, resultCallback);
+}
+
+
+#endif //MULTIPLE_OWNER
+
/**
* API to register for particular OxM.
*
return OTMSetOwnershipTransferCallbackData(oxm, callbackData);
}
+/**
+ * API to set a allow status of OxM
+ *
+ * @param[in] oxm Owership transfer method (ref. OicSecOxm_t)
+ * @param[in] allowStatus allow status (true = allow, false = not allow)
+ *
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCSetOxmAllowStatus(const OicSecOxm_t oxm, const bool allowStatus)
+{
+ return OTMSetOxmAllowStatus(oxm, allowStatus);
+}
+
OCStackResult OCDoOwnershipTransfer(void* ctx,
OCProvisionDev_t *targetDevices,
OCProvisionResultCB resultCallback)
}
/**
+ * function to save ACL which has several ACE into Acl of SVR.
+ *
+ * @param acl ACL to be saved in Acl of SVR.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCSaveACL(const OicSecAcl_t* acl)
+{
+ return SRPSaveACL(acl);
+}
+
+/**
+ * this function requests CRED information to resource.
+ *
+ * @param[in] ctx Application context would be returned in result callback.
+ * @param[in] selectedDeviceInfo Selected target device.
+ * @param[in] resultCallback callback provided by API user, callback will be called when provisioning
+ request recieves a response from resource server.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCGetCredResource(void* ctx, const OCProvisionDev_t *selectedDeviceInfo,
+ OCProvisionResultCB resultCallback)
+{
+ return SRPGetCredResource(ctx, selectedDeviceInfo, resultCallback);
+}
+
+/**
+ * this function requests ACL information to resource.
+ *
+ * @param[in] ctx Application context would be returned in result callback.
+ * @param[in] selectedDeviceInfo Selected target device.
+ * @param[in] resultCallback callback provided by API user, callback will be called when provisioning
+ request recieves a response from resource server.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCGetACLResource(void* ctx, const OCProvisionDev_t *selectedDeviceInfo,
+ OCProvisionResultCB resultCallback)
+{
+ return SRPGetACLResource(ctx, selectedDeviceInfo, resultCallback);
+}
+
+
+OCStackResult OCReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+ size_t *chainSize)
+{
+ return SRPReadTrustCertChain(credId, trustCertChain, chainSize);
+}
+/**
* function to provision credential to devices.
*
* @param[in] ctx Application context would be returned in result callback.
return SRPProvisionDirectPairing(ctx, selectedDeviceInfo, pconf, resultCallback);
}
+#ifdef MULTIPLE_OWNER
+static void AddPreconfPinOxMCB(void* ctx, int nOfRes, OCProvisionResult_t *arr, bool hasError)
+{
+ ProvPreconfPINCtx_t* provCtx = (ProvPreconfPINCtx_t*)ctx;
+ if(provCtx)
+ {
+ OCStackResult res = MOTProvisionPreconfigPIN(provCtx->ctx, provCtx->devInfo, provCtx->pin, provCtx->pinLen, provCtx->resultCallback);
+ if(OC_STACK_OK != res)
+ {
+ arr->res = res;
+ provCtx->resultCallback(provCtx->ctx, nOfRes, arr, true);
+ }
+ }
+}
+
+OCStackResult OCProvisionPreconfigPin(void *ctx,
+ OCProvisionDev_t *targetDeviceInfo,
+ const char *preconfigPin,
+ size_t preconfigPinLen,
+ OCProvisionResultCB resultCallback)
+{
+ if( NULL == targetDeviceInfo || NULL == preconfigPin || 0 == preconfigPinLen )
+ {
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (NULL == resultCallback)
+ {
+ OIC_LOG(INFO, TAG, "OCProvisionPreconfigPinCredential : NULL Callback");
+ return OC_STACK_INVALID_CALLBACK;
+ }
+
+ ProvPreconfPINCtx_t* provCtx = (ProvPreconfPINCtx_t*)OICCalloc(1, sizeof(ProvPreconfPINCtx_t));
+ if(NULL == provCtx)
+ {
+ return OC_STACK_NO_MEMORY;
+ }
+ provCtx->ctx = ctx;
+ provCtx->devInfo = targetDeviceInfo;
+ provCtx->pin = preconfigPin;
+ provCtx->pinLen = preconfigPinLen;
+ provCtx->resultCallback = resultCallback;
+ /*
+ * First of all, update OxMs to support preconfigured PIN OxM.
+ * In case of Preconfigured PIN OxM already supported on the server side,
+ * MOTAddMOTMethod API will be send POST Cred request.
+ * In case of Preconfigure PIN OxM not exist on the server side,
+ * the MOTAddMOTMethod API will be send POST doxm request to update OxMs and then send POST Cred request.
+ */
+ return MOTAddMOTMethod((void*)provCtx, targetDeviceInfo, OIC_PRECONFIG_PIN, AddPreconfPinOxMCB);
+}
+#endif //MULTIPLE_OWNER
+
/*
* Function to unlink devices.
* This function will remove the credential & relationship between the two devices.
return res;
}
+static OCStackResult RemoveDeviceInfoFromLocal(const OCProvisionDev_t* pTargetDev)
+{
+ // Remove credential of revoked device from SVR database
+ OCStackResult res = OC_STACK_ERROR;
+ const OicSecCred_t *cred = NULL;
+
+ OIC_LOG(DEBUG, TAG, "IN RemoveDeviceInfoFromLocal");
+ cred = GetCredResourceData(&pTargetDev->doxm->deviceID);
+ if (NULL != cred)
+ {
+ res = RemoveCredential(&cred->subject);
+ if (res != OC_STACK_RESOURCE_DELETED)
+ {
+ OIC_LOG(ERROR, TAG, "RemoveDeviceInfoFromLocal : Failed to remove credential.");
+ goto error;
+ }
+ }
+ /**
+ * Change the device status as stale status.
+ * If all request are successed, this device information will be deleted.
+ */
+ res = PDMSetDeviceState(&pTargetDev->doxm->deviceID, PDM_DEVICE_STALE);
+ if (res != OC_STACK_OK)
+ {
+ OIC_LOG(WARNING, TAG, "OCRemoveDevice : Failed to set device status as stale");
+ }
+
+ // TODO: We need to add new mechanism to clean up the stale state of the device.
+
+ // Close the DTLS session of the removed device.
+ CAResult_t caResult = CAcloseSslConnectionUsingUuid(pTargetDev->doxm->deviceID.id
+ , sizeof(pTargetDev->doxm->deviceID.id));
+ if(CA_STATUS_OK != caResult)
+ {
+ OIC_LOG_V(WARNING, TAG, "OCRemoveDevice : Failed to close (D)TLS session : %d", caResult);
+ }
+ OIC_LOG(DEBUG, TAG, "OUT RemoveDeviceInfoFromLocal");
+error:
+ return res;
+}
+
/*
* Function to device revocation
* This function will remove credential of target device from all devices in subnet.
}
}
- // Remove credential of revoked device from SVR database
- const OicSecCred_t *cred = NULL;
- cred = GetCredResourceData(&pTargetDev->doxm->deviceID);
- if (cred == NULL)
+ res = RemoveDeviceInfoFromLocal(pTargetDev);
+ if(OC_STACK_OK != res)
{
- OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to get credential of remove device.");
+ OIC_LOG(ERROR, TAG, "Filed to remove the device information from local.");
goto error;
}
- res = RemoveCredential(&cred->subject);
- if (res != OC_STACK_RESOURCE_DELETED)
+ if(OC_STACK_CONTINUE == resReq)
{
- OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to remove credential.");
+ /**
+ * If there is no linked device, PM does not send any request.
+ * So we should directly invoke the result callback to inform the result of OCRemoveDevice.
+ */
+ if(resultCallback)
+ {
+ resultCallback(ctx, 0, NULL, false);
+ }
+ res = OC_STACK_OK;
+ }
+
+error:
+ OIC_LOG(INFO, TAG, "OUT OCRemoveDevice");
+ return res;
+}
+
+/*
+* Function to device revocation
+* This function will remove credential of target device from all devices in subnet.
+*
+* @param[in] ctx Application context would be returned in result callback
+* @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds)
+* @param[in] pTargetDev Device information to be revoked.
+* @param[in] resultCallback callback provided by API user, callback will be called when
+* credential revocation is finished.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+*/
+OCStackResult OCRemoveDeviceWithUuid(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery,
+ const OicUuid_t* pTargetUuid,
+ OCProvisionResultCB resultCallback)
+{
+ OIC_LOG(INFO, TAG, "IN OCRemoveDeviceWithUuid");
+
+ OCStackResult res = OC_STACK_ERROR;
+ OCProvisionDev_t* pTargetDev = NULL;
+ bool discoverdFlag = false;
+ OCProvisionDev_t* pOwnedDevList = NULL;
+ OCStackResult resReq = OC_STACK_CONTINUE;
+
+ if (!pTargetUuid || 0 == waitTimeForOwnedDeviceDiscovery)
+ {
+ OIC_LOG(INFO, TAG, "OCRemoveDeviceWithUuid : Invalied parameters");
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (!resultCallback)
+ {
+ OIC_LOG(INFO, TAG, "OCRemoveDeviceWithUuid : NULL Callback");
+ return OC_STACK_INVALID_CALLBACK;
+ }
+
+ char* strUuid = NULL;
+ if(OC_STACK_OK != ConvertUuidToStr(pTargetUuid, &strUuid))
+ {
+ OIC_LOG(WARNING, TAG, "Failed to covert UUID to String.");
goto error;
}
- /**
- * Change the device status as stale status.
- * If all request are successed, this device information will be deleted.
- */
- res = PDMSetDeviceStale(&pTargetDev->doxm->deviceID);
- if (res != OC_STACK_OK)
+ //Generate OCProvisionDev_t instance to use when target device not found on the network.
+ //In this case, the device id required only.
+ pTargetDev = (OCProvisionDev_t*)OICCalloc(1, sizeof(OCProvisionDev_t));
+ if(NULL == pTargetDev)
+ {
+ OIC_LOG(ERROR, TAG, "Failed to allocate memory.");
+ res = OC_STACK_NO_MEMORY;
+ goto error;
+ }
+ pTargetDev->doxm = (OicSecDoxm_t*)OICCalloc(1, sizeof(OicSecDoxm_t));
+ if(NULL == pTargetDev->doxm)
{
- OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to set device status as stale");
+ OIC_LOG(ERROR, TAG, "Failed to allocate memory.");
+ res = OC_STACK_NO_MEMORY;
goto error;
}
+ memcpy(pTargetDev->doxm->deviceID.id, pTargetUuid->id, sizeof(pTargetUuid->id));
- // TODO: We need to add new mechanism to clean up the stale state of the device.
+ OCUuidList_t* linkedDevices = NULL;
+ size_t numOfLinkedDevices = 0;
+ res = PDMGetLinkedDevices(pTargetUuid, &linkedDevices, &numOfLinkedDevices);
+ if(OC_STACK_OK != res)
+ {
+ OIC_LOG(ERROR, TAG, "Error in PDMGetLinkedDevices");
+ goto error;
+ }
+ PDMDestoryOicUuidLinkList(linkedDevices);
- res = resReq;
+ //If there is no linked devices, device revocation step can be skipped.
+ if(0 != numOfLinkedDevices)
+ {
+ OIC_LOG_V(INFO, TAG, "[%s] linked with other devices.", strUuid);
+ //2. Find owned device from the network
+ res = PMDeviceDiscovery(waitTimeForOwnedDeviceDiscovery, true, &pOwnedDevList);
+ if (OC_STACK_OK != res)
+ {
+ OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Failed to PMDeviceDiscovery");
+ goto error;
+ }
- //Close the DTLS session of the removed device.
- CAEndpoint_t* endpoint = (CAEndpoint_t *)&pTargetDev->endpoint;
- endpoint->port = pTargetDev->securePort;
- CAResult_t caResult = CACloseDtlsSession(endpoint);
- if(CA_STATUS_OK != caResult)
+ OCProvisionDev_t* tempDev = NULL;
+ LL_FOREACH(pOwnedDevList, tempDev)
+ {
+ if(memcmp(&tempDev->doxm->deviceID.id, pTargetUuid->id, sizeof(pTargetUuid->id)) == 0)
+ {
+ break;
+ }
+ }
+
+ if(NULL == tempDev)
+ {
+ OIC_LOG_V(WARNING, TAG, "Can not find [%s] on the network.", strUuid);
+ OIC_LOG_V(WARNING, TAG, "[%s]'s information will be deleted from local and other devices.", strUuid);
+ }
+ else
+ {
+ OICFree(pTargetDev->doxm);
+ OICFree(pTargetDev);
+ pTargetDev = tempDev;
+ discoverdFlag = true;
+ OIC_LOG_V(INFO, TAG, "[%s] is dectected on the network.", strUuid);
+ }
+
+ OIC_LOG_V(INFO, TAG, "Trying [%s] revocation.", strUuid);
+
+ // Send DELETE requests to linked devices
+ resReq = SRPRemoveDeviceWithoutDiscovery(ctx, pOwnedDevList, pTargetDev, resultCallback);
+ if (OC_STACK_OK != resReq)
+ {
+ if (OC_STACK_CONTINUE == resReq)
+ {
+ OIC_LOG(INFO, TAG, "OCRemoveDeviceWithUuid : Revoked device has no linked device except PT.");
+ }
+ else
+ {
+ OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Failed to invoke SRPRemoveDevice");
+ res = resReq;
+ goto error;
+ }
+ }
+ }
+ else
{
- OIC_LOG_V(WARNING, TAG, "OCRemoveDevice : Failed to close DTLS session : %d", caResult);
+ OIC_LOG_V(INFO, TAG, "There is no linked devices with [%s]", strUuid);
+ OIC_LOG(INFO, TAG, "Device discovery and SRPRemoveDevice will be skipped.");
}
- /**
- * If there is no linked device, PM does not send any request.
- * So we should directly invoke the result callback to inform the result of OCRemoveDevice.
- */
- if(OC_STACK_CONTINUE == res)
+ res = RemoveDeviceInfoFromLocal(pTargetDev);
+ if(OC_STACK_OK != res)
+ {
+ OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Filed to remove the device information from local.");
+ goto error;
+ }
+
+ if(OC_STACK_CONTINUE == resReq)
{
+ /**
+ * If there is no linked device, PM does not send any request.
+ * So we should directly invoke the result callback to inform the result of OCRemoveDevice.
+ */
if(resultCallback)
{
resultCallback(ctx, 0, NULL, false);
}
error:
- OIC_LOG(INFO, TAG, "OUT OCRemoveDevice");
+ OICFree(strUuid);
+ PMDeleteDeviceList(pOwnedDevList);
+ if(pTargetDev && false == discoverdFlag)
+ {
+ OICFree(pTargetDev->doxm);
+ OICFree(pTargetDev);
+ }
+ OIC_LOG(INFO, TAG, "OUT OCRemoveDeviceWithUuid");
return res;
}
+/*
+ * Function to reset the target device.
+ * This function will remove credential and ACL of target device from all devices in subnet.
+ *
+ * @param[in] ctx Application context would be returned in result callback
+ * @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds)
+ * @param[in] pTargetDev Device information to be revoked.
+ * @param[in] resultCallback callback provided by API user, callback will be called when
+ * credential revocation is finished.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCResetDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery,
+ const OCProvisionDev_t* pTargetDev,
+ OCProvisionResultCB resultCallback)
+{
+ OIC_LOG(INFO, TAG, "IN OCResetDevice");
+ OCStackResult res = OC_STACK_ERROR;
+ if (!pTargetDev || 0 == waitTimeForOwnedDeviceDiscovery)
+ {
+ OIC_LOG(INFO, TAG, "OCResetDevice : Invalid parameters");
+ return OC_STACK_INVALID_PARAM;
+ }
+ if (!resultCallback)
+ {
+ OIC_LOG(INFO, TAG, "OCResetDevice : NULL Callback");
+ return OC_STACK_INVALID_CALLBACK;
+ }
+
+ // Send DELETE requests to linked devices
+ res = SRPSyncDevice(ctx, waitTimeForOwnedDeviceDiscovery, pTargetDev, resultCallback);
+ if (OC_STACK_CONTINUE == res)
+ {
+ OIC_LOG(DEBUG, TAG, "OCResetDevice : Target device has no linked device except PT.");
+ if(resultCallback)
+ {
+ resultCallback(ctx, 0, NULL, false);
+ }
+ SRPResetDevice(pTargetDev, resultCallback);
+ res = OC_STACK_OK;
+ }
+ else if(OC_STACK_OK != res)
+ {
+ OIC_LOG(ERROR, TAG, "OCResetDevice : Failed to invoke SRPSyncDevice");
+ }
+ OIC_LOG(INFO, TAG, "OUT OCResetDevice");
+ return res;
+}
+
+/**
+ * This function resets SVR DB to its factory setting.
+ *
+ * @return OC_STACK_OK in case of successful reset and other value otherwise.
+ */
+OCStackResult OCResetSVRDB(void)
+{
+ return ResetSecureResourceInPS();
+}
+
+/**
+ * This function configures SVR DB as self-ownership.
+ *
+ *@return OC_STACK_OK in case of successful configue and other value otherwise.
+ */
+OCStackResult OCConfigSelfOwnership(void)
+{
+ return ConfigSelfOwnership();
+}
/**
* Internal Function to update result in link result array.
return res;
}
+ // Code to compare devices in unowned list and deviceid from DB
+ // (In case of hard reset of the device)
+ OCProvisionDev_t* pUnownedList = unownedDevice;
+ while (pUnownedList && uuidList)
+ {
+ OCUuidList_t *tmp1 = NULL,*tmp2=NULL;
+ LL_FOREACH_SAFE(uuidList, tmp1, tmp2)
+ {
+ if(0 == memcmp(tmp1->dev.id, pUnownedList->doxm->deviceID.id,
+ sizeof(pUnownedList->doxm->deviceID.id)))
+ {
+ OIC_LOG_V(INFO, TAG, "OCGetDevInfoFromNetwork : \
+ Removing device id = %s in PDM and dat.", pUnownedList->doxm->deviceID.id);
+ if (OC_STACK_OK != PDMDeleteDevice(&pUnownedList->doxm->deviceID))
+ {
+ OIC_LOG(ERROR, TAG, "OCGetDevInfoFromNetwork : \
+ Failed to remove device in PDM.");
+ }
+ //remove the cred entry from dat file
+ if (OC_STACK_OK != RemoveDeviceInfoFromLocal(pUnownedList))
+ {
+ OIC_LOG(ERROR, TAG, "OCGetDevInfoFromNetwork : \
+ Failed to remove cred entry device in dat file.");
+ }
+ LL_DELETE(uuidList, tmp1);
+ OICFree(tmp1);
+ }
+ }
+ pUnownedList = pUnownedList->next;
+ }
// Code to compare devices in owned list and deviceid from DB.
OCProvisionDev_t* pCurDev = ownedDevice;
size_t deleteCnt = 0;
while (pCurDev)
{
- if(true == PMDeleteFromUUIDList(uuidList, &pCurDev->doxm->deviceID))
+ if(true == PMDeleteFromUUIDList(&uuidList, &pCurDev->doxm->deviceID))
{
deleteCnt++;
}
FreePdAclList(pPdAcl);
}
+#ifdef MULTIPLE_OWNER
+/**
+ * API to update 'doxm.mom' to resource server.
+ *
+ * @param[in] targetDeviceInfo Selected target device.
+ * @param[in] momType Mode of multiple ownership transfer (ref. oic.sec.mom)
+ * @param[in] resultCallback callback provided by API user, callback will be called when
+ * POST 'mom' request recieves a response from resource server.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCChangeMOTMode(void *ctx, const OCProvisionDev_t *targetDeviceInfo,
+ const OicSecMomType_t momType, OCProvisionResultCB resultCallback)
+{
+ return MOTChangeMode(ctx, targetDeviceInfo, momType, resultCallback);
+}
-#ifdef __WITH_X509__
/**
- * this function sends CRL information to resource.
+ * API to update 'doxm.oxmsel' to resource server.
+ *
+ * @param[in] targetDeviceInfo Selected target device.
+ * @param[in] oxmSelValue Method of multiple ownership transfer (ref. oic.sec.oxm)
+ * @param[in] resultCallback callback provided by API user, callback will be called when
+ * POST 'oxmsel' request recieves a response from resource server.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCSelectMOTMethod(void *ctx, const OCProvisionDev_t *targetDeviceInfo,
+ const OicSecOxm_t oxmSelValue, OCProvisionResultCB resultCallback)
+{
+ return MOTSelectMOTMethod(ctx, targetDeviceInfo, oxmSelValue, resultCallback);
+}
+#endif //MULTIPLE_OWNER
+
+/**
+ * Function to select appropriate security provisioning method.
+ *
+ * @param[in] supportedMethods Array of supported methods
+ * @param[in] numberOfMethods number of supported methods
+ * @param[out] selectedMethod Selected methods
+ * @param[in] ownerType type of owner device (SUPER_OWNER or SUB_OWNER)
+ * @return OC_STACK_OK on success
+ */
+OCStackResult OCSelectOwnershipTransferMethod(const OicSecOxm_t *supportedMethods,
+ size_t numberOfMethods, OicSecOxm_t *selectedMethod, OwnerType_t ownerType)
+{
+ return OTMSelectOwnershipTransferMethod(supportedMethods, numberOfMethods,
+ selectedMethod, ownerType);
+}
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+/**
+ * function to provision Trust certificate chain to devices.
*
* @param[in] ctx Application context would be returned in result callback.
- * @param[in] selectedDeviceInfo Selected target device.
- * @param[in] crl CRL to provision.
- * @param[in] resultCallback callback provided by API user, callback will be called when provisioning
- request recieves a response from resource server.
+ * @param[in] type Type of credentials to be provisioned to the device.
+ * @param[in] credId CredId of trust certificate chain to be provisioned to the device.
+ * @param[in] selectedDeviceInfo Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned.
+ * @param[in] resultCallback callback provided by API user, callback will be called when
+ * provisioning request recieves a response from first resource server.
* @return OC_STACK_OK in case of success and other value otherwise.
*/
-OCStackResult OCProvisionCRL(void* ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecCrl_t *crl,
- OCProvisionResultCB resultCallback)
+OCStackResult OCProvisionTrustCertChain(void *ctx, OicSecCredType_t type, uint16_t credId,
+ const OCProvisionDev_t *selectedDeviceInfo,
+ OCProvisionResultCB resultCallback)
+{
+ return SRPProvisionTrustCertChain(ctx, type, credId,
+ selectedDeviceInfo, resultCallback);
+}
+
+/**
+ * function to save Trust certificate chain into Cred of SVR.
+ *
+ * @param[in] trustCertChain Trust certificate chain to be saved in Cred of SVR.
+ * @param[in] chainSize Size of trust certificate chain to be saved in Cred of SVR
+ * @param[in] encodingType Encoding type of trust certificate chain to be saved in Cred of SVR
+ * @param[out] credId CredId of saved trust certificate chain in Cred of SVR.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCSaveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
+ OicEncodingType_t encodingType, uint16_t *credId)
+{
+ return SRPSaveTrustCertChain(trustCertChain, chainSize, encodingType, credId);
+}
+
+/**
+ * function to register notifier for Trustcertchain change.
+ *
+ * @param[in] ctx user context.
+ * @param[in] TrustCertChainChangeCB notification callback fucntion.
+ * @return OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCRegisterTrustCertChainNotifier(void *ctx, TrustCertChainChangeCB Callback)
+{
+ return SRPRegisterTrustCertChainNotifier(ctx, Callback);
+}
+
+/**
+ * function to de-register notifier for Trustcertchain change.
+ */
+void OCRemoveTrustCertChainNotifier()
+{
+ SRPRemoveTrustCertChainNotifier();
+}
+
+/**
+ * This function sets the callback to utilize peer certificate information
+ */
+OCStackResult OCSetPeerCertCallback(void *ctx, PeerCertCallback peerCertCallback)
{
- return SRPProvisionCRL(ctx, selectedDeviceInfo, crl, resultCallback);
+ CAResult_t ret;
+
+ OIC_LOG_V(DEBUG, TAG, "IN %s", __func__);
+ ret = CAsetPeerCertCallback(ctx, peerCertCallback);
+ if (CA_STATUS_OK != ret)
+ {
+ OIC_LOG_V(ERROR, TAG, "CAsetPeerCertCallback() Failed(%d)", ret);
+ return OC_STACK_ERROR;
+ }
+ OIC_LOG_V(DEBUG, TAG, "OUT %s", __func__);
+
+ return OC_STACK_OK;
}
-#endif // __WITH_X509__
+
+#endif // __WITH_DTLS__ || __WITH_TLS__