//Clean Period
OICFree(cred->period);
- //Clean Owners
- OICFree(cred->owners);
-
//Clean Cred node itself
OICFree(cred);
}
}
OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload,
- size_t *cborSize)
+ size_t *cborSize, int secureFlag)
{
if (NULL == credS || NULL == cborPayload || NULL != *cborPayload || NULL == cborSize)
{
*cborSize = 0;
*cborPayload = NULL;
const OicSecCred_t *cred = credS;
- CborEncoder encoder = { {.ptr = NULL }, .end = 0 };
- CborEncoder credArray = { {.ptr = NULL }, .end = 0 };
- CborEncoder credRootMap = { {.ptr = NULL }, .end = 0 };
+ CborEncoder encoder;
+ CborEncoder credArray;
+ CborEncoder credRootMap;
if (0 == cborLen)
{
while (cred)
{
- CborEncoder credMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 };
+ CborEncoder credMap;
size_t mapSize = CRED_MAP_SIZE;
char *subject = NULL;
if (cred->period)
mapSize++;
}
#ifdef __WITH_X509__
- if (cred->publicData.data)
+ if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->publicData.data)
{
mapSize++;
}
#endif /* __WITH_X509__ */
- if (cred->privateData.data)
+ if (!secureFlag && cred->privateData.data)
{
mapSize++;
}
#ifdef __WITH_X509__
//PublicData -- Not Mandatory
- if (cred->publicData.data)
+ if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->publicData.data)
{
- CborEncoder publicMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 };
+ CborEncoder publicMap;
const size_t publicMapSize = 2;
cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PUBLICDATA_NAME,
cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_JSON_ENCODING_NAME,
strlen(OIC_JSON_ENCODING_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Encoding Tag.");
- cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_SEC_ENCODING_BYTESTREAM,
- strlen(OIC_SEC_ENCODING_BYTESTREAM));
+ cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_SEC_ENCODING_RAW,
+ strlen(OIC_SEC_ENCODING_RAW));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Encoding Value.");
cborEncoderResult = cbor_encoder_close_container(&credMap, &publicMap);
}
#endif /*__WITH_X509__*/
//PrivateData -- Not Mandatory
- if(cred->privateData.data)
+ if(!secureFlag && cred->privateData.data)
{
- CborEncoder privateMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 };
+ CborEncoder privateMap;
const size_t privateMapSize = 2;
cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PRIVATEDATA_NAME,
cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_JSON_ENCODING_NAME,
strlen(OIC_JSON_ENCODING_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Encoding Tag.");
- cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_SEC_ENCODING_BYTESTREAM,
- strlen(OIC_SEC_ENCODING_BYTESTREAM));
+ cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_SEC_ENCODING_RAW,
+ strlen(OIC_SEC_ENCODING_RAW));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Encoding Value.");
cborEncoderResult = cbor_encoder_close_container(&credMap, &privateMap);
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Cred Array.");
cred = credS;
- // TODO : Need to modify cred->owners[0] to cred->rownerid based on RAML spec.
+
// Rownerid
- if(cred->owners && cred->ownersLen > 0)
{
char *rowner = NULL;
cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_ROWNERID_NAME,
strlen(OIC_JSON_ROWNERID_NAME));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding rownerid Name.");
- ret = ConvertUuidToStr(&cred->owners[0], &rowner);
+ ret = ConvertUuidToStr(&cred->rownerID, &rowner);
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
cborEncoderResult = cbor_encode_text_string(&credRootMap, rowner, strlen(rowner));
VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding rownerid Value.");
// Since the allocated initial memory failed, double the memory.
cborLen += encoder.ptr - encoder.end;
cborEncoderResult = CborNoError;
- ret = CredToCBORPayload(credS, cborPayload, &cborLen);
+ ret = CredToCBORPayload(credS, cborPayload, &cborLen, secureFlag);
*cborSize = cborLen;
}
OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
OicSecCred_t **secCred)
{
- if (NULL == cborPayload || NULL == secCred || NULL != *secCred)
+ if (NULL == cborPayload || NULL == secCred || NULL != *secCred || 0 == size)
{
return OC_STACK_INVALID_PARAM;
}
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
OICFree(subjectid);
}
- // subjectid
+ // credtype
if (strcmp(name, OIC_JSON_CREDTYPE_NAME) == 0)
{
cborFindResult = cbor_value_get_uint64(&credMap, (uint64_t *) &cred->credType);
}
}
- // TODO : Need to modify headCred->owners[0].id to headCred->rowner based on RAML spec.
+ //ROwner -- Mandatory
if (strcmp(tagName, OIC_JSON_ROWNERID_NAME) == 0)
{
char *stRowner = NULL;
cborFindResult = cbor_value_dup_text_string(&CredRootMap, &stRowner, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rownerid Value.");
- headCred->ownersLen = 1;
- headCred->owners = (OicUuid_t *)OICCalloc(headCred->ownersLen, sizeof(*headCred->owners));
- VERIFY_NON_NULL(TAG, headCred->owners, ERROR);
- ret = ConvertStrToUuid(stRowner, &headCred->owners[0]);
+
+ ret = ConvertStrToUuid(stRowner, &headCred->rownerID);
VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
OICFree(stRowner);
}
OicSecCred_t * GenerateCredential(const OicUuid_t * subject, OicSecCredType_t credType,
const OicSecCert_t * publicData, const OicSecKey_t* privateData,
- size_t ownersLen, const OicUuid_t * owners)
+ const OicUuid_t * rownerID)
{
(void)publicData;
OCStackResult ret = OC_STACK_ERROR;
cred->privateData.len = privateData->len;
}
- VERIFY_SUCCESS(TAG, ownersLen > 0, ERROR);
- cred->ownersLen = ownersLen;
-
- cred->owners = (OicUuid_t *)OICCalloc(cred->ownersLen, sizeof(*cred->owners));
- VERIFY_NON_NULL(TAG, cred->owners, ERROR);
- for (size_t i = 0; i < cred->ownersLen; i++)
- {
- memcpy(cred->owners[i].id, owners[i].id, sizeof(cred->owners[i].id));
- }
+ VERIFY_NON_NULL(TAG, rownerID, ERROR);
+ memcpy(&cred->rownerID, rownerID, sizeof(OicUuid_t));
ret = OC_STACK_OK;
exit:
{
uint8_t *payload = NULL;
size_t size = 0;
- OCStackResult res = CredToCBORPayload(cred, &payload, &size);
+ int secureFlag = 0;
+ OCStackResult res = CredToCBORPayload(cred, &payload, &size, secureFlag);
if ((OC_STACK_OK == res) && payload)
{
if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_CRED_NAME, payload, size))
//Get binary representation of cbor
OicSecCred_t *cred = NULL;
- uint8_t *payload = (((OCSecurityPayload*)ehRequest->payload)->securityData1);
+ uint8_t *payload = (((OCSecurityPayload*)ehRequest->payload)->securityData);
size_t size = (((OCSecurityPayload*)ehRequest->payload)->payloadSize);
OCStackResult res = CBORPayloadToCred(payload, size, &cred);
if (res == OC_STACK_OK)
return ret;
}
+/**
+ * The entity handler determines how to process a GET request.
+ */
+static OCEntityHandlerResult HandleGetRequest (const OCEntityHandlerRequest * ehRequest)
+{
+ OIC_LOG(INFO, TAG, "HandleGetRequest processing GET request");
+
+ // Convert Cred data into CBOR for transmission
+ size_t size = 0;
+ uint8_t *payload = NULL;
+ int secureFlag = 1;
+
+ const OicSecCred_t *cred = gCred;
+ OCStackResult res = CredToCBORPayload(cred, &payload, &size, secureFlag);
+
+ // A device should always have a default cred. Therefore, payload should never be NULL.
+ OCEntityHandlerResult ehRet = (res == OC_STACK_OK) ? OC_EH_OK : OC_EH_ERROR;
+
+ // Send response payload to request originator
+ if (OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, payload, size))
+ {
+ ehRet = OC_EH_ERROR;
+ OIC_LOG(ERROR, TAG, "SendSRMResponse failed in HandlePstatGetRequest");
+ }
+ OICFree(payload);
+ return ehRet;
+}
+
static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * ehRequest)
{
OCEntityHandlerResult ret = OC_EH_ERROR;
//Get binary representation of CBOR
OicSecCred_t *cred = NULL;
- uint8_t *payload = ((OCSecurityPayload*)ehRequest->payload)->securityData1;
+ uint8_t *payload = ((OCSecurityPayload*)ehRequest->payload)->securityData;
size_t size = ((OCSecurityPayload*)ehRequest->payload)->payloadSize;
OCStackResult res = CBORPayloadToCred(payload, size, &cred);
if ((OC_STACK_OK == res) && cred)
switch (ehRequest->method)
{
case OC_REST_GET:
- ret = OC_EH_FORBIDDEN;
+ ret = HandleGetRequest(ehRequest);;
break;
case OC_REST_PUT:
ret = HandlePutRequest(ehRequest);
}
//Send payload to request originator
- ret = (SendSRMCBORResponse(ehRequest, ret, NULL, 0) == OC_STACK_OK) ?
+ ret = (SendSRMResponse(ehRequest, ret, NULL, 0) == OC_STACK_OK) ?
ret : OC_EH_ERROR;
return ret;
* @param[in] credType Type of credential to be added
* @param[in] pin numeric characters
* @param[in] pinSize length of 'pin'
- * @param[in] ownersLen Number of owners
- * @param[in] owners Array of owners
+ * @param[in] rownerID Resource owner's UUID
* @param[out] tmpCredSubject Generated credential's subject.
*
* @return OC_STACK_OK for success and errorcode otherwise.
*/
OCStackResult AddTmpPskWithPIN(const OicUuid_t* tmpSubject, OicSecCredType_t credType,
const char * pin, size_t pinSize,
- size_t ownersLen, const OicUuid_t * owners, OicUuid_t* tmpCredSubject)
+ const OicUuid_t * rownerID, OicUuid_t* tmpCredSubject)
{
OCStackResult ret = OC_STACK_ERROR;
OIC_LOG(DEBUG, TAG, "AddTmpPskWithPIN IN");
uint8_t privData[OWNER_PSK_LENGTH_128] = {0,};
OicSecKey_t privKey = {privData, OWNER_PSK_LENGTH_128};
OicSecCred_t* cred = NULL;
- int dtlsRes = DeriveCryptoKeyFromPassword((const unsigned char *)pin, pinSize, owners->id,
+ int dtlsRes = DeriveCryptoKeyFromPassword((const unsigned char *)pin, pinSize, rownerID->id,
UUID_LENGTH, PBKDF_ITERATIONS,
OWNER_PSK_LENGTH_128, privData);
VERIFY_SUCCESS(TAG, (0 == dtlsRes) , ERROR);
cred = GenerateCredential(tmpSubject, credType, NULL,
- &privKey, ownersLen, owners);
+ &privKey, rownerID);
if(NULL == cred)
{
OIC_LOG(ERROR, TAG, "GeneratePskWithPIN() : Failed to generate credential");
{
goto exit;
}
+ credInfo->chainLen = 2;
memcpy(credInfo->certificateChain, cred->publicData.data, cred->publicData.len);
memcpy(credInfo->devicePrivateKey, cred->privateData.data, cred->privateData.len);
- credInfo->certificateChainLen = parseCertPrefix(cred->publicData.data);
+ credInfo->certificateChainLen = cred->publicData.len;
GetCAPublicKeyData(credInfo);
ret = 0;
+
exit:
return ret;
}
#undef CERT_LEN_PREFIX
#endif /* __WITH_X509__ */
+
+OCStackResult SetCredRownerId(const OicUuid_t* newROwner)
+{
+ OCStackResult ret = OC_STACK_ERROR;
+ uint8_t *cborPayload = NULL;
+ size_t size = 0;
+ int secureFlag = 0;
+ OicUuid_t prevId = {.id={0}};
+
+ if(NULL == newROwner)
+ {
+ ret = OC_STACK_INVALID_PARAM;
+ }
+ if(NULL == gCred)
+ {
+ ret = OC_STACK_NO_RESOURCE;
+ }
+
+ if(newROwner && gCred)
+ {
+ memcpy(prevId.id, gCred->rownerID.id, sizeof(prevId.id));
+ memcpy(gCred->rownerID.id, newROwner->id, sizeof(newROwner->id));
+
+ ret = CredToCBORPayload(gCred, &cborPayload, &size, secureFlag);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ ret = UpdateSecureResourceInPS(OIC_JSON_CRED_NAME, cborPayload, size);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ OICFree(cborPayload);
+ }
+
+ return ret;
+
+exit:
+ OICFree(cborPayload);
+ memcpy(gCred->rownerID.id, prevId.id, sizeof(prevId.id));
+ return ret;
+}
+
+OCStackResult GetCredRownerId(OicUuid_t *rowneruuid)
+{
+ OCStackResult retVal = OC_STACK_ERROR;
+ if (gCred)
+ {
+ *rowneruuid = gCred->rownerID;
+ retVal = OC_STACK_OK;
+ }
+ return retVal;
+}
projects / platform / upstream / iotivity.git / blobdiff