X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fprovisioning%2Fsrc%2Fcredentialgenerator.c;h=a930e5358900fadb519e6285b0b06a408e2cbbfe;hb=refs%2Ftags%2Ftizen_4.0.m2_release;hp=50623748c6f71a7666de1ef65a0700fa2b53154a;hpb=b9cbeb8577a6598b963f33113f784f059291e955;p=platform%2Fupstream%2Fiotivity.git

diff --git a/resource/csdk/security/provisioning/src/credentialgenerator.c b/resource/csdk/security/provisioning/src/credentialgenerator.c
index 5062374..a930e53 100644
--- a/resource/csdk/security/provisioning/src/credentialgenerator.c
+++ b/resource/csdk/security/provisioning/src/credentialgenerator.c
@@ -29,16 +29,8 @@
 #include "srmutility.h"
 #include "stdbool.h"
 #include "securevirtualresourcetypes.h"
-#ifdef __WITH_X509__
-#include "ck_manager.h"
-//Certificate-related functions
-#define CERT_LEN_PREFIX (3)
-#define BYTE_SIZE (8) //bits
 
-#define CHAIN_LEN (2) //TODO: replace by external define or a runtime value
-#endif  //__WITH_X509__
-
-#define TAG "SRPAPI-CG"
+#define TAG "OIC_SRPAPI_CG"
 
 OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySize,
         const OicUuid_t *ptDeviceId, const OicUuid_t *firstDeviceId,
@@ -63,16 +55,16 @@ OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySiz
 
     uint8_t *privData = (uint8_t *)OICCalloc(privDataKeySize, sizeof(uint8_t));
     VERIFY_NON_NULL(TAG, privData, ERROR);
-    OicSecKey_t privKey = {privData, keySize};
+    OicSecKey_t privKey = {.data=privData, .len=keySize};
 
     OCFillRandomMem(privData, privDataKeySize);
 
     // TODO: currently owner array is 1. only provisioning tool's id.
-    tempFirstCred =  GenerateCredential(secondDeviceId, type, NULL, &privKey, ptDeviceId);
+    tempFirstCred =  GenerateCredential(secondDeviceId, type, NULL, &privKey, ptDeviceId, NULL);
     VERIFY_NON_NULL(TAG, tempFirstCred, ERROR);
 
     // TODO: currently owner array is 1. only provisioning tool's id.
-    tempSecondCred =  GenerateCredential(firstDeviceId, type, NULL, &privKey, ptDeviceId);
+    tempSecondCred =  GenerateCredential(firstDeviceId, type, NULL, &privKey, ptDeviceId, NULL);
     VERIFY_NON_NULL(TAG, tempSecondCred, ERROR);
 
     *firstCred = tempFirstCred;
@@ -80,6 +72,7 @@ OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySiz
     res = OC_STACK_OK;
 
 exit:
+    OICClearMemory(privData, privDataKeySize);
     OICFree(privData);
 
     if(res != OC_STACK_OK)
@@ -92,145 +85,3 @@ exit:
 
     return res;
 }
-
-#ifdef __WITH_X509__
-static void writeCertPrefix(uint8_t *prefix, uint32_t certLen)
-{
-    for (size_t i = 0; i < CERT_LEN_PREFIX; ++i)
-    {
-        prefix[i] = (certLen >> (BYTE_SIZE * (CERT_LEN_PREFIX - 1 - i))) & 0xFF;
-    }
-}
-
-static uint32_t appendCert2Chain(uint8_t *appendPoint, uint8_t *cert, size_t len)
-{
-    uint32_t ret = 0;
-    VERIFY_NON_NULL(TAG, appendPoint, ERROR);
-    VERIFY_NON_NULL(TAG, cert, ERROR);
-
-    memcpy(appendPoint + CERT_LEN_PREFIX, cert, len);
-    writeCertPrefix(appendPoint, len);
-
-    ret = len + CERT_LEN_PREFIX;
-exit:
-    return ret;
-}
-
-/**
- * Function to generate Base64 encoded credential data for device.
- *
- * @param[in]   subject             Device id.
- * @param[out]  certificateChain    Pointer to Array of Base64 encoded certificate strings.
- * @param[out]  chainLength         Pointer to number of the certificates in certificateChain.
- * @param[out]  privKey             Pointer to Base64 encoded private key.
- * @return  OC_STACK_OK on success
- */
-static OCStackResult GenerateCertificateAndKeys(const OicUuid_t * subject, OicSecCert_t * certificateChain,
-        OicSecKey_t * privKey)
-{
-    if (NULL == subject || NULL == certificateChain || NULL == privKey)
-    {
-        return  OC_STACK_INVALID_PARAM;
-    }
-    certificateChain->data = NULL;
-    privKey->data = NULL;
-
-    ByteArray pubKeyBA  = BYTE_ARRAY_INITIALIZER;
-    ByteArray privKeyBA = BYTE_ARRAY_INITIALIZER;
-    ByteArray cert[CHAIN_LEN];
-
-    uint8_t pubKeyData[PUBLIC_KEY_SIZE] = {0};
-    uint8_t privKeyData[PRIVATE_KEY_SIZE] = {0};
-    uint8_t certData[ISSUER_MAX_CERT_SIZE * CHAIN_LEN] = {0};
-    uint8_t subjName[UUID_LENGTH + 1] = {0};
-
-    pubKeyBA.data  = pubKeyData;
-    pubKeyBA.len   = PUBLIC_KEY_SIZE;
-    privKeyBA.data = privKeyData;
-    privKeyBA.len  = PRIVATE_KEY_SIZE;
-    for (size_t i = 0; i < CHAIN_LEN; ++i)
-    {
-        cert[i].data      = certData + ISSUER_MAX_CERT_SIZE * i;
-        cert[i].len       = ISSUER_MAX_CERT_SIZE;
-    }
-
-    memcpy(subjName, subject->id, UUID_LENGTH);
-    subjName[UUID_LENGTH] = '\0';
-
-    if (PKI_SUCCESS != GenerateKeyPair(&privKeyBA, &pubKeyBA))
-    {
-        OIC_LOG(ERROR, TAG, "Error generating keys.");
-        return OC_STACK_ERROR;
-    }
-    if (PKI_SUCCESS != CKMIssueDeviceCertificate(subjName, NULL, NULL, pubKeyBA.data, cert))
-    {
-        OIC_LOG(ERROR, TAG, "Error generating certificate.");
-        return OC_STACK_ERROR;
-    }
-
-    uint8_t numCert = 0;
-    if (PKI_SUCCESS != GetCAChain(&numCert , cert + 1))
-    {
-        OIC_LOG(ERROR, TAG, "Error getting CA certificate chain.");
-        return OC_STACK_ERROR;
-    }
-
-    numCert ++;
-    uint32_t len = 0;
-    for (size_t i = 0; i < numCert; i++)
-    {
-        certificateChain->data = (uint8_t *) OICRealloc(certificateChain->data,
-                                                        len + cert[i].len + CERT_LEN_PREFIX);
-        if (NULL == certificateChain->data)
-        {
-            OIC_LOG(ERROR, TAG, "Error while memory allocation");
-            return OC_STACK_ERROR;
-        }
-
-        uint32_t appendedLen = appendCert2Chain(certificateChain->data + len,
-                                                cert[i].data, cert[i].len);
-        if (0 == appendedLen)
-        {
-            OIC_LOG(ERROR, TAG, "Error while certifiacate chain creation.");
-            OICFree(certificateChain->data);
-            certificateChain->len = 0;
-            return OC_STACK_ERROR;
-        }
-        len += appendedLen;
-    }
-    certificateChain->len = len;
-    privKey->data = (uint8_t*) OICMalloc(PRIVATE_KEY_SIZE);
-    if (NULL == privKey->data)
-    {
-        OIC_LOG(ERROR, TAG, "Error while memory allocation");
-        OICFree(certificateChain->data);
-        certificateChain->len = 0;
-        privKey->len = 0;
-        return OC_STACK_ERROR;
-    }
-    memcpy(privKey->data, privKeyData, PRIVATE_KEY_SIZE);
-    privKey->len = PRIVATE_KEY_SIZE;
-
-    return OC_STACK_OK;
-}
-
-OCStackResult PMGenerateCertificateCredentials(const OicUuid_t *ptDeviceId,
-        const OicUuid_t *deviceId, OicSecCred_t **const cred)
-{
-    if (NULL == ptDeviceId || NULL == deviceId || NULL == cred || NULL != *cred)
-    {
-        return OC_STACK_INVALID_PARAM;
-    }
-    OicSecCert_t certificateChain;
-    OicSecKey_t privKey;
-    if (OC_STACK_OK != GenerateCertificateAndKeys(deviceId, &certificateChain, &privKey))
-    {
-        OIC_LOG(ERROR, TAG, "Error while generating credential data.");
-        return OC_STACK_ERROR;
-    }
-
-    *cred = GenerateCredential(deviceId, SIGNED_ASYMMETRIC_KEY, &certificateChain,
-                              &privKey, ptDeviceId);
-    return OC_STACK_OK;
-}
-#endif // __WITH_X509__