X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fprovisioning%2Finclude%2Finternal%2Fsecureresourceprovider.h;h=6768791ee94d79608b6434a44dceb507b2438a0d;hb=d2c51d0d4c93d4428b950fffbc0d52fa551c2bf0;hp=2fff7f76828aabda87a0b0286b16c6e9808c5a75;hpb=659142c01b7a3a0dcfd1c84c00c50b48913539c5;p=platform%2Fupstream%2Fiotivity.git diff --git a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h index 2fff7f7..6768791 100644 --- a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h +++ b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h @@ -24,6 +24,8 @@ #include "ocstack.h" #include "securevirtualresourcetypes.h" #include "pmtypes.h" +#include "octypes.h" + #ifdef __cplusplus extern "C" @@ -33,21 +35,196 @@ extern "C" /** * API to send ACL information to resource. * + * @param[in] ctx Application context to be returned in result callback. * @param[in] selectedDeviceInfo Selected target device. + * @param[in] aclVersion Version of the ACL resource to access * @param[in] acl ACL to provision. * @param[in] resultCallback callback provided by API user, callback will be called when * provisioning request recieves a response from resource server. * @return OC_STACK_OK in case of success and other value otherwise. */ OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, - OicSecAcl_t *acl, OCProvisionResultCB resultCallback); + OicSecAcl_t *acl, OicSecAclVersion_t aclVersion, OCProvisionResultCB resultCallback); + +/** + * API to save ACL which has several ACE into Acl of SVR. + * + * @param acl ACL to be saved in Acl of SVR. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPSaveACL(const OicSecAcl_t *acl); + +/** + * API to request CRED information to resource. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPGetCredResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OCProvisionResultCB resultCallback); + +/** + * API to request ACL information to resource. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] aclVersion Version of ACL resource to query + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPGetACLResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OicSecAclVersion_t aclVersion, OCProvisionResultCB resultCallback); + +/** + * API to request the Certificate Signing Request (CSR) resource. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPGetCSRResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OCGetCSRResultCB resultCallback); + +/** + * API to request the Roles resource. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] resultCallback Callback provided by API user. Callback will be called when + * provisioning request receives a response from resource server. + * @return OC_STACK_OK in case of success or error value otherwise. + */ +OCStackResult SRPGetRolesResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OCGetRolesResultCB resultCallback); + +/** + * This function requests the device delete a particular role certificate by credId. + * + * @param[in] ctx Application context that is returned in the result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] resultCallback callback provided by the API user. Callback will be called when request receives + * a response from the resource server. + * @param[in] credId credId to request be deleted. + * + * @return OC_STACK_OK in case of success, and error value otherwise. + */ +OCStackResult SRPDeleteRoleCertificateByCredId(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OCProvisionResultCB resultCallback, uint32_t credId); + +#if defined(__WITH_DTLS__) || defined(__WITH_TLS__) + +/** + * function to provision Trust certificate chain to devices. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] type Type of credentials to be provisioned to the device. + * @param[in] credId CredId of trust certificate chain to be provisioned to the device. + * @param[in] selectedDeviceInfo Pointer to OCProvisionDev_t instance,respresenting resource to be provsioned. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from first resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPProvisionTrustCertChain(void *ctx, OicSecCredType_t type, uint16_t credId, + const OCProvisionDev_t *selectedDeviceInfo, + OCProvisionResultCB resultCallback); + +/** + * function to save Trust certificate chain into Cred of SVR. + * + * @param[in] trustCertChain Trust certificate chain to be saved in Cred of SVR. + * @param[in] chainSize Size of trust certificate chain to be saved in Cred of SVR + * @param[in] encodingType Encoding type of trust certificate chain to be saved in Cred of SVR + * @param[out] credId CredId of saved trust certificate chain in Cred of SVR. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPSaveTrustCertChain(const uint8_t *trustCertChain, size_t chainSize, + OicEncodingType_t encodingType,uint16_t *credId); + +/** + * function to save own certificate chain into Cred of SVR. + * + * @param[in] cert own certificate chain to be saved in Cred of SVR. + * @param[in] key own secret key to be saved in Cred of SVR. + * @param[out] credId CredId of saved trust certificate chain in Cred of SVR. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPSaveOwnCertChain(OicSecKey_t * cert, OicSecKey_t * key, uint16_t *credId); + +/** + * function to save own role certificate into Cred of SVR. + * + * @param[in] cert Certificate chain to be saved in Cred of SVR + * @param[out] credId CredId of saved trust certificate chain in Cred of SVR. + * @return OC_STACK_OK in case of success and other value otherwise. + * + * @note The certificate public key must be the same as public key in the identity + * certificate (installed by SRPSaveOwnCertChain). + */ +OCStackResult SRPSaveOwnRoleCert(OicSecKey_t * cert, uint16_t *credId); + +/** + * function to register callback, for getting notification for TrustCertChain change. + * + * @param[in] ctx user context to be passed. + * @param[in] TrustCertChainChangeCB notifier callback function + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPRegisterTrustCertChainNotifier(void *ctx, TrustCertChainChangeCB callback); + +/** + * function to de-register TrustCertChain notification callback. + */ +void SRPRemoveTrustCertChainNotifier(void); + +#endif // __WITH_DTLS__ || __WITH_TLS__ +/** + * API to send Direct-Pairing Configuration to a device. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] pconf PCONF pointer. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPProvisionDirectPairing(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OicSecPconf_t *pconf, OCProvisionResultCB resultCallback); + +/** + * API to send Direct-Pairing Configuration to a device. + * + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] pconf PCONF pointer. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPProvisionDirectPairing(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, + OicSecPconf_t *pconf, OCProvisionResultCB resultCallback); /** * API to provision credential to devices. * + * @param[in] ctx Application context to be returned in result callback. * @param[in] type Type of credentials to be provisioned to the device. - * @param[in] pDev1 Pointer to PMOwnedDeviceInfo_t instance,respresenting resource to be provsioned. - @param[in] pDev2 Pointer to PMOwnedDeviceInfo_t instance,respresenting resource to be provsioned. + * @param[in] keySize size of key + * @param[in] pDev1 Pointer to PMOwnedDeviceInfo_t instance, representing the resource to be provisioned. + * @param[in] pDev2 Pointer to PMOwnedDeviceInfo_t instance, representing the resource to be provisioned. + * Use NULL to indicate the local device. + * @param[in] pemCert When provisioning a certificate (type is SIGNED_ASYMMETRIC_KEY), this is the + * certificate, encoded as PEM. + * @param[in] role1 When provisioning a PSK (type is SYMMETRIC_PAIR_WISE_KEY), this is the role which + * the device indicated by pDev1 will also have when communicating with pDev2. Use NULL + * to associate no role with this credential. + * @param[in] role2 When provisioning a PSK (type is SYMMETRIC_PAIR_WISE_KEY), this is the role which + * the device indicated by pDev1 will also have when communicating with pDev2. Use NULL + * to associate no role with this credential. * @param[in] resultCallback callback provided by API user, callback will be called when * provisioning request recieves a response from first resource server. * @return OC_STACK_OK in case of success and other value otherwise. @@ -55,13 +232,32 @@ OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceI OCStackResult SRPProvisionCredentials(void *ctx,OicSecCredType_t type, size_t keySize, const OCProvisionDev_t *pDev1, const OCProvisionDev_t *pDev2, + const char* pemCert, + const OicSecRole_t *role1, + const OicSecRole_t *role2, + OCProvisionResultCB resultCallback); + /** + * API to provision credential to devices with DOS. + * + * @param[in] ctx Application context to be returned in result callback. + * @param[in] type Type of credentials to be provisioned to the device. + * @param[in] keySize size of key + * @param[in] pDev1 Pointer to PMOwnedDeviceInfo_t instance, representing the resource to be provisioned. + * @param[in] pDev2 Pointer to PMOwnedDeviceInfo_t instance, representing the resource to be provisioned. + * @param[in] resultCallback callback provided by API user, callback will be called when + * provisioning request recieves a response from first resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPProvisionCredentialsDos(void *ctx,OicSecCredType_t type, size_t keySize, + const OCProvisionDev_t *pDev1, + const OCProvisionDev_t *pDev2, OCProvisionResultCB resultCallback); /** * Function to unlink devices. * This function will remove the credential & relationship between the two devices. * - * @param[in] ctx Application context would be returned in result callback + * @param[in] ctx Application context to be returned in result callback * @param[in] pTargetDev1 first device information to be unlinked. * @param[in] pTargetDev2 second device information to be unlinked. * @param[in] resultCallback callback provided by API user, callback will be called when @@ -74,11 +270,11 @@ OCStackResult SRPUnlinkDevices(void* ctx, const OCProvisionDev_t* pTargetDev2, OCProvisionResultCB resultCallback); -/* +/** * Function to device revocation. * This function will remove credential of target device from all devices in subnet. * - * @param[in] ctx Application context would be returned in result callback + * @param[in] ctx Application context to be returned in result callback * @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds) * @param[in] pTargetDev Device information to be revoked. * @param[in] resultCallback callback provided by API user, callback will be called when @@ -93,6 +289,65 @@ OCStackResult SRPRemoveDevice(void* ctx, const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback); +/** + * Function to device revocation + * This function will remove credential of target device from all devices in subnet. + * + * @param[in] ctx Application context to be returned in result callback + * @param[in] pOwnedDevList List of owned devices + * @param[in] pTargetDev Device information to be revoked. + * @param[in] resultCallback callback provided by API user, callback will be called when + * credential revocation is finished. + * @return OC_STACK_OK in case of success and other value otherwise. + * If OC_STACK_OK is returned, the caller of this API should wait for callback. + * OC_STACK_CONTINUE means operation is success but no request is need to be initiated. + */ +OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* pOwnedDevList, + const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback); + +/** + * Function to sync-up credential and ACL of the target device. + * This function will remove credential and ACL of target device from all devices in subnet. + * + * @param[in] ctx Application context to be returned in result callback + * @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds) + * @param[in] pTargetDev Device information to be revoked. + * @param[in] resultCallback callback provided by API user, callback will be called when + * credential revocation is finished. + * when there is an error, this user callback is called immediately. + * @return OC_STACK_OK in case of success and other value otherwise. + * If OC_STACK_OK is returned, the caller of this API should wait for callback. + * OC_STACK_CONTINUE means operation is success but no request is need to be initiated. + */ +OCStackResult SRPSyncDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery, + const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback); + +/** + * Function for remote reset + * This function will send pstat POST(modify) message to the target device + * to change current mode to reset state in order to initiate remote reset. + * + * @param[in] pTargetDev Device information to be revoked. + * @param[in] resultCallback callback provided by API user, callback will be called when + * credential revocation is finished. + * when there is an error, this user callback is called immediately. + * @return OC_STACK_OK in case of success and other value otherwise. + * If OC_STACK_OK is returned, the caller of this API should wait for callback. + * OC_STACK_CONTINUE means operation is success but no request is need to be initiated. + */ +OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, + OCProvisionResultCB resultCallback); + +/** + * Function to read Trust certificate chain from SVR. + * Caller must free when done using the returned trust certificate + * @param[in] credId CredId of trust certificate chain in SVR. + * @param[out] trustCertChain Trust certificate chain. + * @param[out] chainSize Size of trust certificate chain + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult SRPReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain, + size_t *chainSize); #ifdef __cplusplus } #endif