X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fprovisioning%2Fsrc%2Fsecureresourceprovider.c;h=6804381a70b7d1a5e5e217774f6cae68f7286736;hb=b1cb9602751772b0ac7f05f185a67daad0820757;hp=837f4bf3e587c2b71382609382f36d8bbbd6daa8;hpb=72344ad0d6bf761dd65f7c9fe44922559b1bed2e;p=platform%2Fupstream%2Fiotivity.git diff --git a/resource/csdk/security/provisioning/src/secureresourceprovider.c b/resource/csdk/security/provisioning/src/secureresourceprovider.c index 837f4bf..6804381 100644 --- a/resource/csdk/security/provisioning/src/secureresourceprovider.c +++ b/resource/csdk/security/provisioning/src/secureresourceprovider.c @@ -17,6 +17,7 @@ * limitations under the License. * * *****************************************************************/ +#include "iotivity_config.h" #include #include #include @@ -28,6 +29,7 @@ #include "secureresourceprovider.h" #include "logger.h" #include "oic_malloc.h" +#include "oic_string.h" #include "aclresource.h" #include "pstatresource.h" #include "srmresourcestrings.h" @@ -36,34 +38,42 @@ #include "pconfresource.h" #include "credentialgenerator.h" #include "cainterface.h" +#if defined (__TIZENRT__) +#include +#else #include "cJSON.h" +#endif #include "pmtypes.h" #include "pmutility.h" +#include "srmutility.h" #include "provisioningdatabasemanager.h" #include "base64.h" #include "utlist.h" #include "ocpayload.h" -#ifdef __WITH_X509__ +#ifdef __WITH_DTLS__ #include "crlresource.h" #endif // WITH_X509__ -#define TAG "SRPAPI" +#define TAG "OIC_SRPAPI" /** * Macro to verify argument is not equal to NULL. - * eg: VERIFY_NON_NULL(TAG, ptrData, ERROR,OC_STACK_ERROR); + * eg: VERIFY_NON_NULL_RET(TAG, ptrData, ERROR,OC_STACK_ERROR); */ -#define VERIFY_NON_NULL(tag, arg, logLevel, retValue) { if (NULL == (arg)) \ +#define VERIFY_NON_NULL_RET(tag, arg, logLevel, retValue) { if (NULL == (arg)) \ { OIC_LOG((logLevel), tag, #arg " is NULL"); return retValue; } } /** * Macro to verify success of operation. - * eg: VERIFY_SUCCESS(TAG, OC_STACK_OK == foo(), ERROR, OC_STACK_ERROR); + * eg: VERIFY_SUCCESS_RET(TAG, OC_STACK_OK == foo(), ERROR, OC_STACK_ERROR); */ -#define VERIFY_SUCCESS(tag, op, logLevel, retValue) { if (!(op)) \ +#define VERIFY_SUCCESS_RET(tag, op, logLevel, retValue) { if (!(op)) \ {OIC_LOG((logLevel), tag, #op " failed!!"); return retValue;} } + +trustCertChainContext_t g_trustCertChainNotifier; + /** * Structure to carry credential data to callback. */ @@ -135,6 +145,7 @@ struct UnlinkData { //Example of DELETE cred request -> coaps://0.0.0.0:5684/oic/sec/cred?sub=(BASE64 ENCODED UUID) const char * SRP_FORM_DELETE_CREDENTIAL = "coaps://[%s]:%d%s?%s=%s"; +const char * SRP_FORM_DELETE_CREDENTIAL_TCP = "coaps+tcp://[%s]:%d%s?%s=%s"; // Structure to carry remove APIs data to callback. typedef struct RemoveData RemoveData_t; @@ -144,6 +155,7 @@ struct RemoveData { OCProvisionDev_t* linkedDevList; /**< A list of devices which have invalid credential.**/ OCProvisionResult_t* removeRes; /**< Result array.**/ OCProvisionResultCB resultCallback; /**< Pointer to result callback.**/ + OCClientContextDeleter deleteCallback; /**< Pointer to delete callback.**/ size_t numOfResults; /**< Number of results in result array.**/ size_t sizeOfResArray; bool hasError; @@ -191,7 +203,7 @@ static void registerResultForCredProvisioning(CredentialData_t *credData, static OCStackApplicationResult provisionCredentialCB2(void *ctx, OCDoHandle UNUSED, OCClientResponse *clientResponse) { - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); CredentialData_t *credData = (CredentialData_t *) ctx; (void)UNUSED; @@ -242,7 +254,7 @@ static OCStackApplicationResult provisionCredentialCB2(void *ctx, OCDoHandle UNU static OCStackApplicationResult provisionCredentialCB1(void *ctx, OCDoHandle UNUSED, OCClientResponse *clientResponse) { - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); (void)UNUSED; CredentialData_t* credData = (CredentialData_t*) ctx; OICFree(credData->credInfoFirst); @@ -336,6 +348,7 @@ static OCStackResult provisionCredentials(const OicSecCred_t *cred, query, sizeof(query), OIC_RSRC_CRED_URI)) { OIC_LOG(ERROR, TAG, "DeviceDiscoveryHandler : Failed to generate query"); + OCPayloadDestroy((OCPayload *)secPayload); return OC_STACK_ERROR; } OIC_LOG_V(DEBUG, TAG, "Query=%s", query); @@ -358,7 +371,7 @@ static OCStackResult provisionCredentials(const OicSecCred_t *cred, return OC_STACK_OK; } -#ifdef __WITH_X509__ +#if defined(__WITH_DTLS__) || defined(__WITH_TLS__) /** * Structure to carry certificate data to callback. */ @@ -374,19 +387,6 @@ struct CertificateData }; /** - * Structure to carry CRL provision API data to callback. - */ -typedef struct CRLData CRLData_t; -struct CRLData -{ - void *ctx; /**< Pointer to user context.**/ - const OCProvisionDev_t *deviceInfo; /**< Pointer to PMDevInfo_t.**/ - OCProvisionResultCB resultCallback; /**< Pointer to result callback.**/ - OCProvisionResult_t *resArr; /**< Result array.**/ - int numOfResults; /**< Number of results in result array.**/ -}; - -/** * Internal function to update result in result array. */ static void registerResultForCertProvisioning(CertData_t *certData, @@ -400,23 +400,28 @@ static void registerResultForCertProvisioning(CertData_t *certData, ++(certData->numOfResults); } -/** - * Internal Function to store results in result array during ACL provisioning. - */ -static void registerResultForCRLProvisioning(CRLData_t *crlData, - OCStackResult stackresult) +OCStackResult SRPRegisterTrustCertChainNotifier(void *ctx, TrustCertChainChangeCB callback) { - OIC_LOG_V(INFO, TAG, "Inside registerResultForCRLProvisioning crlData->numOfResults is %d\n", - crlData->numOfResults); - memcpy(crlData->resArr[(crlData->numOfResults)].deviceId.id, - crlData->deviceInfo->doxm->deviceID.id, UUID_LENGTH); - crlData->resArr[(crlData->numOfResults)].res = stackresult; - ++(crlData->numOfResults); + if (g_trustCertChainNotifier.callback) + { + OIC_LOG(ERROR, TAG, "Can't register Notifier, Unregister previous one"); + return OC_STACK_ERROR; + } + + g_trustCertChainNotifier.callback = callback; + g_trustCertChainNotifier.context = ctx; + return OC_STACK_OK; } +void SRPRemoveTrustCertChainNotifier() +{ + g_trustCertChainNotifier.callback = NULL; + g_trustCertChainNotifier.context = NULL; + return; +} /** - * Callback handler of SRPProvisionCRL. + * Callback handler for handling callback of certificate provisioning device. * * @param[in] ctx ctx value passed to callback from calling function. * @param[in] UNUSED handle to an invocation @@ -424,61 +429,76 @@ static void registerResultForCRLProvisioning(CRLData_t *crlData, * @return OC_STACK_DELETE_TRANSACTION to delete the transaction * and OC_STACK_KEEP_TRANSACTION to keep it. */ -static OCStackApplicationResult SRPProvisionCRLCB(void *ctx, OCDoHandle UNUSED, - OCClientResponse *clientResponse) +static OCStackApplicationResult provisionCertCB(void *ctx, OCDoHandle UNUSED, + OCClientResponse *clientResponse) { - OIC_LOG_V(INFO, TAG, "Inside SRPProvisionCRLCB."); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + CertData_t *certData = (CertData_t *) ctx; (void)UNUSED; - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); - CRLData_t *crlData = (CRLData_t*)ctx; - OCProvisionResultCB resultCallback = crlData->resultCallback; + OCProvisionResultCB resultCallback = certData->resultCallback; + OIC_LOG(INFO, TAG, "provisionCertCB called"); if (clientResponse) { if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - registerResultForCRLProvisioning(crlData, OC_STACK_RESOURCE_CHANGED); - ((OCProvisionResultCB)(resultCallback))(crlData->ctx, crlData->numOfResults, - crlData->resArr, + registerResultForCertProvisioning(certData, OC_STACK_RESOURCE_CHANGED); + ((OCProvisionResultCB)(resultCallback))(certData->ctx, certData->numOfResults, + certData->resArr, false); - OICFree(crlData->resArr); - OICFree(crlData); + OICFree(certData->resArr); + OICFree(certData); return OC_STACK_DELETE_TRANSACTION; } + } - registerResultForCRLProvisioning(crlData, OC_STACK_ERROR); - ((OCProvisionResultCB)(resultCallback))(crlData->ctx, crlData->numOfResults, - crlData->resArr, + OIC_LOG(INFO, TAG, "provisionCertCredCB received Null clientResponse"); + registerResultForCertProvisioning(certData, OC_STACK_ERROR); + ((OCProvisionResultCB)(resultCallback))(certData->ctx, certData->numOfResults, + certData->resArr, true); - OIC_LOG_V(ERROR, TAG, "SRPProvisionCRLCB received Null clientResponse"); - OICFree(crlData->resArr); - OICFree(crlData); + OICFree(certData->resArr); + OICFree(certData); return OC_STACK_DELETE_TRANSACTION; } -OCStackResult SRPProvisionCRL(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, - OicSecCrl_t *crl, OCProvisionResultCB resultCallback) +OCStackResult SRPProvisionTrustCertChain(void *ctx, OicSecCredType_t type, uint16_t credId, + const OCProvisionDev_t *selectedDeviceInfo, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, crl, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + OIC_LOG(INFO, TAG, "In SRPProvisionTrustCertChain"); + VERIFY_NON_NULL_RET(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + if (SIGNED_ASYMMETRIC_KEY != type) + { + OIC_LOG(INFO, TAG, "Invalid key type"); + return OC_STACK_INVALID_PARAM; + } + + OicSecCred_t *trustCertChainCred = GetCredEntryByCredId(credId); + if(NULL == trustCertChainCred) + { + OIC_LOG(ERROR, TAG, "Can not find matched Trust Cert. Chain."); + return OC_STACK_NO_RESOURCE; + } OCSecurityPayload* secPayload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload)); - if (!secPayload) + if(!secPayload) { + DeleteCredList(trustCertChainCred); OIC_LOG(ERROR, TAG, "Failed to memory allocation"); return OC_STACK_NO_MEMORY; } - secPayload->base.type = PAYLOAD_TYPE_SECURITY; - OCStackResult res = CrlToCBORPayload(crl, &secPayload->securityData, &secPayload->payloadSize); - if((OC_STACK_OK != res) && (NULL == secPayload->securityData)) + int secureFlag = 0; + if(OC_STACK_OK != CredToCBORPayload(trustCertChainCred, &secPayload->securityData, &secPayload->payloadSize, secureFlag)) { - OICFree(secPayload); - OIC_LOG(ERROR, TAG, "Failed to BinToCrlJSON"); + DeleteCredList(trustCertChainCred); + OCPayloadDestroy((OCPayload *)secPayload); + OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload"); return OC_STACK_NO_MEMORY; } - OIC_LOG(DEBUG, TAG, "Created payload for CRL:"); + DeleteCredList(trustCertChainCred); + OIC_LOG(DEBUG, TAG, "Created payload for Cred:"); OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize); char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; @@ -486,171 +506,198 @@ OCStackResult SRPProvisionCRL(void *ctx, const OCProvisionDev_t *selectedDeviceI selectedDeviceInfo->endpoint.addr, selectedDeviceInfo->securePort, selectedDeviceInfo->connType, - query, sizeof(query), OIC_RSRC_CRL_URI)) + query, sizeof(query), OIC_RSRC_CRED_URI)) { - OIC_LOG(ERROR, TAG, "DeviceDiscoveryHandler : Failed to generate query"); + OIC_LOG(ERROR, TAG, "SRPProvisionTrustCertChain : Failed to generate query"); OCPayloadDestroy((OCPayload *)secPayload); return OC_STACK_ERROR; } OIC_LOG_V(DEBUG, TAG, "Query=%s", query); OCCallbackData cbData = {.context=NULL, .cb=NULL, .cd=NULL}; - cbData.cb = &SRPProvisionCRLCB; - CRLData_t *crlData = (CRLData_t *) OICCalloc(1, sizeof(CRLData_t)); - if (crlData == NULL) + cbData.cb = &provisionCertCB; + CertData_t *certData = (CertData_t *) OICCalloc(1, sizeof(CertData_t)); + if (NULL == certData) { + OIC_LOG(ERROR, TAG, "Memory allocation problem"); OCPayloadDestroy((OCPayload *)secPayload); - OIC_LOG(ERROR, TAG, "Unable to allocate memory"); return OC_STACK_NO_MEMORY; } + certData->deviceInfo = selectedDeviceInfo; + certData->resultCallback = resultCallback; + certData->credInfo = NULL; //credInfo not used in the response handler + certData->numOfResults=0; + certData->ctx = ctx; - crlData->deviceInfo = selectedDeviceInfo; - crlData->resultCallback = resultCallback; - crlData->numOfResults=0; - crlData->ctx = ctx; - - crlData->resArr = (OCProvisionResult_t*)OICCalloc(1, sizeof(OCProvisionResult_t)); - if (crlData->resArr == NULL) + int noOfRiCalls = 1; + certData->resArr = (OCProvisionResult_t*)OICCalloc(noOfRiCalls, sizeof(OCProvisionResult_t)); + if (certData->resArr == NULL) { + OICFree(certData); OCPayloadDestroy((OCPayload *)secPayload); OIC_LOG(ERROR, TAG, "Unable to allocate memory"); return OC_STACK_NO_MEMORY; } - - cbData.context = (void *)crlData; + cbData.context = (void *)certData; cbData.cd = NULL; OCMethod method = OC_REST_POST; OCDoHandle handle = NULL; - OIC_LOG(DEBUG, TAG, "Sending CRL info to resource server"); - + OIC_LOG(DEBUG, TAG, "Sending Cred info to resource server"); OCStackResult ret = OCDoResource(&handle, method, query, &selectedDeviceInfo->endpoint, (OCPayload*)secPayload, selectedDeviceInfo->connType, OC_HIGH_QOS, &cbData, NULL, 0); - if (ret != OC_STACK_OK) { - OICFree(crlData->resArr); - OICFree(crlData); + OICFree(certData->resArr); + OICFree(certData); } - return ret; + VERIFY_SUCCESS_RET(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); + return OC_STACK_OK; } -/** - * Internal function for handling credential generation and sending cretificate credential. - * - * @param[in] cred Instance of cred resource. - * @param[in] deviceInfo information about device to which credential is to be provisioned. - * @param[in] responseHandler callbak called by OC stack when request API receives response. - * @return OC_STACK_OK in case of success and other value otherwise. - */ -static OCStackResult provisionCertCred(const OicSecCred_t *cred, - const OCProvisionDev_t *deviceInfo, CertData_t *certData, - OCClientResponseHandler responseHandler) +OCStackResult SRPSaveTrustCertChain(uint8_t *trustCertChain, size_t chainSize, + OicEncodingType_t encodingType, uint16_t *credId) { - OCSecurityPayload* secPayload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload)); - if(!secPayload) + OIC_LOG(DEBUG, TAG, "IN SRPSaveTrustCertChain"); + VERIFY_NON_NULL_RET(TAG, trustCertChain, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, credId, ERROR, OC_STACK_INVALID_PARAM); + + // It is temporary condition. + // 6144(6K) = 6 * 1024, generally, one Cert is less than 2k. + // because we use 3 Cert, 6K is enough size for saving Certs. + if (6144 <= chainSize) { - OIC_LOG(ERROR, TAG, "Failed to memory allocation"); - return OC_STACK_NO_MEMORY; + OIC_LOG_V(ERROR, TAG, "chainSize(%u) is invalid", chainSize); + return OC_STACK_INVALID_PARAM; } - secPayload->base.type = PAYLOAD_TYPE_SECURITY; - int secureFlag = 0; - OCStackResult res = CredToCBORPayload(cred, &secPayload->securityData, - &secPayload->payloadSize, secureFlag); - if ((OC_STACK_OK != res) || (NULL == secPayload->securityData)) + OCStackResult res = OC_STACK_ERROR; + + OicSecCred_t *cred = (OicSecCred_t *)OICCalloc(1, sizeof(*cred)); + VERIFY_NON_NULL_RET(TAG, cred, ERROR, OC_STACK_NO_MEMORY); + + res = GetDoxmDeviceID(&cred->subject); + if (OC_STACK_OK != res) { - OICFree(secPayload); - OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload"); - return OC_STACK_NO_MEMORY; + OIC_LOG(ERROR, TAG, "Cann't get the device id(GetDoxmDeviceID)"); + DeleteCredList(cred); + return res; } - OIC_LOG(DEBUG, TAG, "Created payload for Cred:"); - OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize); - char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; - if(!PMGenerateQuery(true, - deviceInfo->endpoint.addr, - deviceInfo->securePort, - deviceInfo->connType, - query, sizeof(query), OIC_RSRC_CRED_URI)) + cred->credUsage= (char *)OICCalloc(1, strlen(TRUST_CA)+1 ); + VERIFY_NON_NULL_RET(TAG, cred->credUsage, ERROR, OC_STACK_NO_MEMORY); + OICStrcpy(cred->credUsage, strlen(TRUST_CA) + 1, TRUST_CA); + + cred->credType = SIGNED_ASYMMETRIC_KEY; + + if (encodingType == OIC_ENCODING_PEM) { - OIC_LOG(ERROR, TAG, "DeviceDiscoveryHandler : Failed to generate query"); - OCPayloadDestroy((OCPayload *)secPayload); - return OC_STACK_ERROR; + cred->optionalData.data = (uint8_t *)OICCalloc(1, chainSize + 1); + VERIFY_NON_NULL_RET(TAG, cred->optionalData.data, ERROR, OC_STACK_NO_MEMORY); + cred->optionalData.len = chainSize + 1; } - OIC_LOG_V(DEBUG, TAG, "Query=%s", query); + else + { + cred->optionalData.data = (uint8_t *)OICCalloc(1, chainSize); + VERIFY_NON_NULL_RET(TAG, cred->optionalData.data, ERROR, OC_STACK_NO_MEMORY); + cred->optionalData.len = chainSize; + } + memcpy(cred->optionalData.data, trustCertChain, chainSize); + cred->optionalData.encoding = encodingType; + cred->optionalData.revstat = false; - OCCallbackData cbData = {.context=NULL, .cb=NULL, .cd=NULL}; - cbData.cb = responseHandler; - cbData.context = (void *) certData; - cbData.cd = NULL; + res = AddCredential(cred); + if(res != OC_STACK_OK) + { + DeleteCredList(cred); + return res; + } + *credId = cred->credId; - OCDoHandle handle = NULL; - OCMethod method = OC_REST_POST; - OCStackResult ret = OCDoResource(&handle, method, query, 0, (OCPayload*)secPayload, - deviceInfo->connType, OC_HIGH_QOS, &cbData, NULL, 0); - OIC_LOG_V(INFO, TAG, "OCDoResource::Certificate provisioning returned : %d",ret); - if (ret != OC_STACK_OK) + if (g_trustCertChainNotifier.callback) { - OIC_LOG(ERROR, TAG, "OCStack resource error"); + uint8_t *certChain = (uint8_t*)OICCalloc(1, sizeof(uint8_t) * chainSize); + VERIFY_NON_NULL_RET(TAG, certChain, ERROR, OC_STACK_NO_MEMORY); + memcpy(certChain, trustCertChain, chainSize); + g_trustCertChainNotifier.callback(g_trustCertChainNotifier.context, *credId, + certChain, chainSize); + OICFree(certChain); } - return ret; + OIC_LOG(DEBUG, TAG, "OUT SRPSaveTrustCertChain"); + + return res; } -/** - * Callback handler for handling callback of certificate provisioning device. - * - * @param[in] ctx ctx value passed to callback from calling function. - * @param[in] UNUSED handle to an invocation - * @param[in] clientResponse Response from queries to remote servers. - * @return OC_STACK_DELETE_TRANSACTION to delete the transaction - * and OC_STACK_KEEP_TRANSACTION to keep it. - */ -static OCStackApplicationResult provisionCertCB(void *ctx, OCDoHandle UNUSED, - OCClientResponse *clientResponse) + +OCStackResult SRPSaveOwnCertChain(OicSecKey_t * cert, OicSecKey_t * key, uint16_t *credId) { - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); - CertData_t *certData = (CertData_t *) ctx; - (void)UNUSED; + OIC_LOG_V(DEBUG, TAG, "In %s", __func__); + VERIFY_NON_NULL_RET(TAG, cert, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, cert->data, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, key, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, key->data, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, credId, ERROR, OC_STACK_INVALID_PARAM); - OCProvisionResultCB resultCallback = certData->resultCallback; - OIC_LOG(INFO, TAG, "provisionCertCred called"); - if (clientResponse) + OCStackResult res = OC_STACK_ERROR; + + OicSecCred_t *cred = (OicSecCred_t *)OICCalloc(1, sizeof(*cred)); + VERIFY_NON_NULL_RET(TAG, cred, ERROR, OC_STACK_NO_MEMORY); + + OIC_LOG_V(DEBUG, TAG, "IN: %s", __func__); + + res = GetDoxmDeviceID(&cred->subject); + if (OC_STACK_OK != res) { - if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) - { - registerResultForCertProvisioning(certData, OC_STACK_RESOURCE_CHANGED); - ((OCProvisionResultCB)(resultCallback))(certData->ctx, certData->numOfResults, - certData->resArr, - false); - OICFree(certData->resArr); - OICFree(certData); - return OC_STACK_DELETE_TRANSACTION; - } + OIC_LOG(ERROR, TAG, "Cann't get the device id(GetDoxmDeviceID)"); + DeleteCredList(cred); + return res; + } + + cred->credUsage= (char *)OICCalloc(1, strlen(PRIMARY_CERT)+1 ); + VERIFY_NON_NULL_RET(TAG, cred->credUsage, ERROR, OC_STACK_NO_MEMORY); + OICStrcpy(cred->credUsage, strlen(PRIMARY_CERT) + 1, PRIMARY_CERT) ; + cred->credType = SIGNED_ASYMMETRIC_KEY; + + OicSecKey_t *publicData = &cred->publicData; + publicData->data = (uint8_t *)OICCalloc(1, cert->len); + VERIFY_NON_NULL_RET(TAG, publicData->data, ERROR, OC_STACK_NO_MEMORY); + memcpy(publicData->data, cert->data, cert->len); + publicData->len = cert->len; + publicData->encoding = cert->encoding; + + OicSecKey_t *privateData = &cred->privateData; + privateData->data = (uint8_t *)OICCalloc(1, key->len); + VERIFY_NON_NULL_RET(TAG, privateData->data, ERROR, OC_STACK_NO_MEMORY); + memcpy(privateData->data, key->data, key->len); + privateData->len = key->len; + privateData->encoding = key->encoding; + + res = AddCredential(cred); + if(res != OC_STACK_OK) + { + DeleteCredList(cred); + return res; } - OIC_LOG(INFO, TAG, "provisionCertCredCB received Null clientResponse"); - registerResultForCertProvisioning(certData, OC_STACK_ERROR); - ((OCProvisionResultCB)(resultCallback))(certData->ctx, certData->numOfResults, - certData->resArr, - true); - OICFree(certData->resArr); - OICFree(certData); - return OC_STACK_DELETE_TRANSACTION; + *credId = cred->credId; + + OIC_LOG_V(DEBUG, TAG, "Out %s", __func__); + + return res; } -#endif // __WITH_X509__ +#endif // __WITH_DTLS__ || __WITH_TLS__ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t keySize, const OCProvisionDev_t *pDev1, const OCProvisionDev_t *pDev2, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, pDev1, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, pDev1, ERROR, OC_STACK_INVALID_PARAM); if (SYMMETRIC_PAIR_WISE_KEY == type) { - VERIFY_NON_NULL(TAG, pDev2, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, pDev2, ERROR, OC_STACK_INVALID_PARAM); } if (!resultCallback) { @@ -709,7 +756,7 @@ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t k OCStackResult res = PMGeneratePairWiseCredentials(type, keySize, &provTooldeviceID, &firstDevice->doxm->deviceID, &secondDevice->doxm->deviceID, &firstCred, &secondCred); - VERIFY_SUCCESS(TAG, (res==OC_STACK_OK), ERROR, OC_STACK_ERROR); + VERIFY_SUCCESS_RET(TAG, (res==OC_STACK_OK), ERROR, OC_STACK_ERROR); OIC_LOG(INFO, TAG, "Credentials generated successfully"); CredentialData_t *credData = (CredentialData_t *) OICCalloc(1, sizeof(CredentialData_t)); @@ -749,53 +796,9 @@ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t k OICFree(credData); } OIC_LOG_V(INFO, TAG, "provisionCredentials returned: %d",res); - VERIFY_SUCCESS(TAG, (res==OC_STACK_OK), ERROR, OC_STACK_ERROR); - return res; - } -#ifdef __WITH_X509__ - case SIGNED_ASYMMETRIC_KEY: - { - const OCProvisionDev_t *firstDevice = pDev1; - OicSecCred_t *cred = NULL; - OCStackResult res = PMGenerateCertificateCredentials(&provTooldeviceID, - &firstDevice->doxm->deviceID,&cred); - VERIFY_SUCCESS(TAG, (res==OC_STACK_OK), ERROR, OC_STACK_ERROR); - OIC_LOG(INFO, TAG, "Certificate credentials generated successfully"); - CertData_t *certData = (CertData_t *) OICCalloc(1, sizeof(CertData_t)); - if (NULL == certData) - { - OICFree(cred); - OIC_LOG(ERROR, TAG, "Memory allocation problem"); - return OC_STACK_NO_MEMORY; - } - - certData->deviceInfo = firstDevice; - certData->ctx = ctx; - certData->credInfo = cred; - certData->numOfResults = 0; - certData->resultCallback = resultCallback; - - certData->resArr = (OCProvisionResult_t*)OICCalloc(1, sizeof(OCProvisionResult_t)); - if (NULL == certData->resArr) - { - DeleteCredList(cred); - OICFree(certData); - OIC_LOG(ERROR, TAG, "Memory allocation problem"); - return OC_STACK_NO_MEMORY; - } - - res = provisionCertCred(cred, firstDevice, certData, &provisionCertCB); - if (OC_STACK_OK != res) - { - OICFree(certData->resArr); - OICFree(certData); - } - DeleteCredList(cred); - OIC_LOG_V(INFO, TAG, "provisionCertCredentials returned: %d",res); - + VERIFY_SUCCESS_RET(TAG, (res==OC_STACK_OK), ERROR, OC_STACK_ERROR); return res; } -#endif default: { OIC_LOG(ERROR, TAG, "Invalid option."); @@ -833,7 +836,7 @@ static OCStackApplicationResult SRPProvisionACLCB(void *ctx, OCDoHandle UNUSED, { OIC_LOG_V(INFO, TAG, "Inside SRPProvisionACLCB."); (void)UNUSED; - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); ACLData_t *aclData = (ACLData_t*)ctx; OCProvisionResultCB resultCallback = aclData->resultCallback; @@ -863,9 +866,28 @@ static OCStackApplicationResult SRPProvisionACLCB(void *ctx, OCDoHandle UNUSED, OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecAcl_t *acl, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, acl, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + VERIFY_NON_NULL_RET(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, acl, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + + // if rowneruuid is empty, set it to device ID + OicUuid_t emptyOwner = {.id = {0} }; + if (memcmp(&(acl->rownerID.id), &emptyOwner, UUID_IDENTITY_SIZE) == 0) + { + OIC_LOG(DEBUG, TAG, "Set Rowner to PT's deviceId, because Rowner of ACL is empty"); + OicUuid_t oicUuid; + + if (OC_STACK_OK == GetDoxmDeviceID(&oicUuid)) + { + memcpy(&(acl->rownerID.id), &oicUuid, UUID_IDENTITY_SIZE); + } + else + { + OIC_LOG(DEBUG, TAG, "Failed to set Rowner to PT's deviceID\ + becuase it failed to retrieve Doxm DeviceID"); + return OC_STACK_ERROR; + } + } OCSecurityPayload* secPayload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload)); if(!secPayload) @@ -931,10 +953,21 @@ OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceI OICFree(aclData->resArr); OICFree(aclData); } - VERIFY_SUCCESS(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); + VERIFY_SUCCESS_RET(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); return OC_STACK_OK; } +OCStackResult SRPSaveACL(const OicSecAcl_t *acl) +{ + OIC_LOG(DEBUG, TAG, "IN SRPSaveACL"); + VERIFY_NON_NULL_RET(TAG, acl, ERROR, OC_STACK_INVALID_PARAM); + + OCStackResult res = InstallACL(acl); + + OIC_LOG(DEBUG, TAG, "OUT SRPSaveACL"); + return res; +} + /** * Internal Function to store results in result array during Direct-Pairing provisioning. */ @@ -963,7 +996,7 @@ static OCStackApplicationResult SRPProvisionDirectPairingCB(void *ctx, OCDoHandl { OIC_LOG_V(INFO, TAG, "Inside SRPProvisionDirectPairingCB."); (void)UNUSED; - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); PconfData_t *pconfData = (PconfData_t*)ctx; OCProvisionResultCB resultCallback = pconfData->resultCallback; @@ -993,9 +1026,9 @@ static OCStackApplicationResult SRPProvisionDirectPairingCB(void *ctx, OCDoHandl OCStackResult SRPProvisionDirectPairing(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecPconf_t *pconf, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, pconf, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + VERIFY_NON_NULL_RET(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, pconf, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); // check direct-pairing capability if (true != selectedDeviceInfo->doxm->dpc) @@ -1079,7 +1112,7 @@ OCStackResult SRPProvisionDirectPairing(void *ctx, const OCProvisionDev_t *selec OICFree(pconfData->resArr); OICFree(pconfData); } - VERIFY_SUCCESS(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); + VERIFY_SUCCESS_RET(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); return OC_STACK_OK; } @@ -1139,10 +1172,28 @@ static OCStackResult SendDeleteCredentialRequest(void* ctx, return OC_STACK_ERROR; } + char addressEncoded[CA_MAX_URI_LENGTH] = {0}; + OCStackResult result = OCEncodeAddressForRFC6874(addressEncoded, + sizeof(addressEncoded), + destDev->endpoint.addr); + if (OC_STACK_OK != result) + { + OIC_LOG_V(ERROR, TAG, "SendDeleteCredentialRequest : encoding error %d\n", result); + return OC_STACK_ERROR; + } + char reqBuf[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; int snRet = 0; //coaps://0.0.0.0:5684/oic/sec/cred?subjectid=(Canonical ENCODED UUID) - snRet = snprintf(reqBuf, sizeof(reqBuf), SRP_FORM_DELETE_CREDENTIAL, destDev->endpoint.addr, + const char *srpUri = SRP_FORM_DELETE_CREDENTIAL; +#ifdef __WITH_TLS__ + if(OC_ADAPTER_TCP == destDev->endpoint.adapter) + { + srpUri = SRP_FORM_DELETE_CREDENTIAL_TCP; + } +#endif + + snRet = snprintf(reqBuf, sizeof(reqBuf), srpUri, addressEncoded, destDev->securePort, OIC_RSRC_CRED_URI, OIC_JSON_SUBJECTID_NAME, subID); OICFree(subID); if (snRet < 0) @@ -1197,10 +1248,21 @@ static OCStackResult SendDeleteACLRequest(void* ctx, return OC_STACK_ERROR; } + char addressEncoded[CA_MAX_URI_LENGTH] = {0}; + OCStackResult result = OCEncodeAddressForRFC6874(addressEncoded, + sizeof(addressEncoded), + destDev->endpoint.addr); + if (OC_STACK_OK != result) + { + OIC_LOG_V(ERROR, TAG, "SendDeleteCredentialRequest : encoding error %d\n", result); + return OC_STACK_ERROR; + } + + char reqBuf[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; int snRet = 0; //coaps://0.0.0.0:5684/oic/sec/acl?subjectuuid=(Canonical ENCODED UUID) - snRet = snprintf(reqBuf, sizeof(reqBuf), SRP_FORM_DELETE_CREDENTIAL, destDev->endpoint.addr, + snRet = snprintf(reqBuf, sizeof(reqBuf), SRP_FORM_DELETE_CREDENTIAL, addressEncoded, destDev->securePort, OIC_RSRC_ACL_URI, OIC_JSON_SUBJECTID_NAME, subID); OICFree(subID); if (snRet < 0) @@ -1249,7 +1311,7 @@ static OCStackApplicationResult SRPUnlinkDevice2CB(void *unlinkCtx, OCDoHandle h { (void) handle; OIC_LOG(DEBUG, TAG, "IN SRPUnlinkDevice2CB"); - VERIFY_NON_NULL(TAG, unlinkCtx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, unlinkCtx, ERROR, OC_STACK_DELETE_TRANSACTION); UnlinkData_t* unlinkData = (UnlinkData_t*)unlinkCtx; if (clientResponse) @@ -1312,7 +1374,7 @@ static OCStackApplicationResult SRPUnlinkDevice1CB(void *unlinkCtx, OCDoHandle h OCClientResponse *clientResponse) { OIC_LOG_V(INFO, TAG, "Inside SRPUnlinkDevice1CB "); - VERIFY_NON_NULL(TAG, unlinkCtx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, unlinkCtx, ERROR, OC_STACK_DELETE_TRANSACTION); UnlinkData_t* unlinkData = (UnlinkData_t*)unlinkCtx; (void) handle; @@ -1418,7 +1480,7 @@ OCStackResult SRPUnlinkDevices(void* ctx, } UnlinkData_t* unlinkData = (UnlinkData_t*)OICCalloc(1, sizeof(UnlinkData_t)); - VERIFY_NON_NULL(TAG, unlinkData, ERROR, OC_STACK_NO_MEMORY); + VERIFY_NON_NULL_RET(TAG, unlinkData, ERROR, OC_STACK_NO_MEMORY); //Initialize unlink data unlinkData->ctx = ctx; @@ -1552,7 +1614,7 @@ static OCStackApplicationResult SRPRemoveDeviceCB(void *delDevCtx, OCDoHandle ha //Save the deleted status in delDevCtx (void)handle; OIC_LOG_V(INFO, TAG, "Inside SRPRemoveDeviceCB."); - VERIFY_NON_NULL(TAG, delDevCtx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, delDevCtx, ERROR, OC_STACK_DELETE_TRANSACTION); OCStackResult res = OC_STACK_ERROR; RemoveData_t* removeData = (RemoveData_t*)delDevCtx; @@ -1631,12 +1693,12 @@ static OCStackApplicationResult SRPSyncDeviceCredCB(void *delDevCtx, OCDoHandle //Save the deleted status in delDevCtx (void)handle; OIC_LOG_V(INFO, TAG, "Inside SRPSyncDeviceCredCB."); - VERIFY_NON_NULL(TAG, delDevCtx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, delDevCtx, ERROR, OC_STACK_DELETE_TRANSACTION); OCStackResult res = OC_STACK_ERROR; RemoveData_t* removeData = (RemoveData_t*)delDevCtx; OCProvisionDev_t * pTargetDev = PMCloneOCProvisionDev(removeData->revokeTargetDev); - OCProvisionResultCB resultCallback = removeData->resultCallback; + OCClientContextDeleter deleteCallback = removeData->deleteCallback; if (clientResponse) { OicUuid_t revDevUuid = {.id={0}}; @@ -1691,7 +1753,7 @@ static OCStackApplicationResult SRPSyncDeviceCredCB(void *delDevCtx, OCDoHandle OIC_LOG(ERROR, TAG, "SRPSyncDevice received Null clientResponse"); } - SRPResetDevice(pTargetDev, resultCallback); + SRPResetDevice(pTargetDev, deleteCallback); return OC_STACK_DELETE_TRANSACTION; } @@ -1705,9 +1767,12 @@ static OCStackApplicationResult SRPSyncDeviceCredCB(void *delDevCtx, OCDoHandle * @return OC_STACK_DELETE_TRANSACTION to delete the transaction * and OC_STACK_KEEP_TRANSACTION to keep it. */ -static OCStackApplicationResult SRPSyncDeviceACLCB(void *ctx, OCDoHandle handle, +static OCStackApplicationResult SRPSyncDeviceACLCB(void *ctx, OCDoHandle UNUSED, OCClientResponse *clientResponse) { + (void)ctx; + (void)UNUSED; + (void)clientResponse; return OC_STACK_DELETE_TRANSACTION; } @@ -1715,15 +1780,16 @@ static OCStackApplicationResult SRPSyncDeviceACLCB(void *ctx, OCDoHandle handle, * Callback handler of device remote reset. * * @param[in] ctx ctx value passed to callback from calling function. - * @param[in] handle handle to an invocation + * @param[in] UNUSED handle to an invocation * @param[in] clientResponse Response from queries to remote servers. * @return OC_STACK_DELETE_TRANSACTION to delete the transaction * and OC_STACK_KEEP_TRANSACTION to keep it. */ -static OCStackApplicationResult SRPResetDeviceCB(void *ctx, OCDoHandle handle, +static OCStackApplicationResult SRPResetDeviceCB(void *ctx, OCDoHandle UNUSED, OCClientResponse *clientResponse) { OIC_LOG(DEBUG, TAG, "IN SRPResetDeviceCB"); + (void)UNUSED; if(OC_STACK_OK == clientResponse->result) { OIC_LOG(DEBUG, TAG, "Change Target Device Pstat Cm SUCCEEDED"); @@ -1759,7 +1825,7 @@ static OCStackApplicationResult SRPResetDeviceCB(void *ctx, OCDoHandle handle, //Close the DTLS session of the reset device. CAEndpoint_t* endpoint = (CAEndpoint_t *)&clientResponse->devAddr; - CAResult_t caResult = CACloseDtlsSession(endpoint); + CAResult_t caResult = CAcloseSslSession(endpoint); if(CA_STATUS_OK != caResult) { OIC_LOG_V(WARNING, TAG, "OCResetDevice : Failed to close DTLS session : %d", caResult); @@ -1781,7 +1847,7 @@ error: } static OCStackResult GetListofDevToReqDeleteCred(const OCProvisionDev_t* pRevokeTargetDev, - OCProvisionDev_t* pOwnedDevList, + const OCProvisionDev_t* pOwnedDevList, OCUuidList_t* pLinkedUuidList, OCProvisionDev_t** ppLinkedDevList, size_t *numOfLinkedDev) @@ -1802,13 +1868,14 @@ static OCStackResult GetListofDevToReqDeleteCred(const OCProvisionDev_t* pRevoke if (OC_STACK_OK != res) { OIC_LOG(FATAL, TAG, "PDMSetLinkStale() FAIL: PDB is an obsolete one."); - return OC_STACK_INCONSISTENT_DB; + return OC_STACK_SVR_DB_NOT_EXIST; } if (pOwnedDevList) { // If this linked device is alive (power-on), add the deivce to the list. - OCProvisionDev_t *curDev = NULL, *tmpDev = NULL; + const OCProvisionDev_t *curDev = NULL; + const OCProvisionDev_t *tmpDev = NULL; LL_FOREACH_SAFE(pOwnedDevList, curDev, tmpDev) { if (memcmp(curDev->doxm->deviceID.id, curUuid->dev.id, sizeof(curUuid->dev.id)) == 0) @@ -1997,7 +2064,12 @@ OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* { OIC_LOG(INFO, TAG, "IN SRPRemoveDeviceWithoutDiscovery"); - if (!pTargetDev || !pOwnedDevList) + if (!pOwnedDevList) + { + OIC_LOG(WARNING, TAG, "SRPRemoveDeviceWithoutDiscovery : Owned Device List is empty"); + return OC_STACK_CONTINUE; + } + if (!pTargetDev) { OIC_LOG(INFO, TAG, "SRPRemoveDeviceWithoutDiscovery : NULL parameters"); return OC_STACK_INVALID_PARAM; @@ -2019,15 +2091,14 @@ OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* res = PDMGetLinkedDevices(&pTargetDev->doxm->deviceID, &pLinkedUuidList, &numOfDevices); if (OC_STACK_OK != res) { - OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : Failed to get linked devices information"); - return res; + OIC_LOG(WARNING, TAG, "SRPRemoveDeviceWithoutDiscovery : Failed to get linked devices information"); + return OC_STACK_CONTINUE; } // if there is no related device, we can skip further process. if (0 == numOfDevices) { - OIC_LOG(DEBUG, TAG, "SRPRemoveDeviceWithoutDiscovery : No linked device found."); - res = OC_STACK_CONTINUE; - goto error; + OIC_LOG(WARNING, TAG, "SRPRemoveDeviceWithoutDiscovery : No linked device found."); + return OC_STACK_CONTINUE; } //2. Make a list of devices to send DELETE credential request @@ -2043,8 +2114,7 @@ OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* if (0 == numOfLinkedDev) // This case means, there is linked device but it's not alive now. { // So we don't have to send request message. OIC_LOG(DEBUG, TAG, "SRPRemoveDeviceWithoutDiscovery : No alived & linked device found."); - res = OC_STACK_CONTINUE; - goto error; + return OC_STACK_CONTINUE; } // 3. Prepare RemoveData Context data. @@ -2286,7 +2356,7 @@ error: * OC_STACK_CONTINUE means operation is success but no request is need to be initiated. */ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, - OCProvisionResultCB resultCallback) + OCClientContextDeleter deleteCallback) { OIC_LOG(INFO, TAG, "IN SRPResetDevice"); if (!pTargetDev) @@ -2294,7 +2364,7 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, OIC_LOG(INFO, TAG, "SRPResetDevice : NULL parameters"); return OC_STACK_INVALID_PARAM; } - if (!resultCallback) + if (!deleteCallback) { OIC_LOG(INFO, TAG, "SRPResetDevice : NULL Callback"); return OC_STACK_INVALID_CALLBACK; @@ -2312,7 +2382,7 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, pstat->isOp = false; memcpy(pstat->deviceID.id, pTargetDev->doxm->deviceID.id, sizeof(OicUuid_t)); pstat->tm = TAKE_OWNER; - pstat->om = (OicSecDpom_t)(SINGLE_SERVICE_SERVER_DRIVEN | MULTIPLE_SERVICE_CLIENT_DRIVEN); + pstat->om = (OicSecDpom_t)(SINGLE_SERVICE_CLIENT_DRIVEN); // the only mode IoTivity supports currently pstat->smLen = 1; pstat->sm = (OicSecDpom_t *) OICCalloc(pstat->smLen, sizeof(OicSecDpom_t)); if (NULL == pstat->sm) @@ -2321,7 +2391,7 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, OICFree(pstat); return OC_STACK_NO_MEMORY; } - pstat->sm[0] = (OicSecDpom_t)(SINGLE_SERVICE_SERVER_DRIVEN | MULTIPLE_SERVICE_CLIENT_DRIVEN); + pstat->sm[0] = (OicSecDpom_t)(SINGLE_SERVICE_CLIENT_DRIVEN); // the only mode IoTivity supports currently OCSecurityPayload * secPayload = (OCSecurityPayload *) OICCalloc(1, sizeof(OCSecurityPayload)); if (!secPayload) @@ -2357,13 +2427,19 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, } OIC_LOG_V(DEBUG, TAG, "Query=%s", query); - OCProvisionDev_t * targetDev = PMCloneOCProvisionDev(pTargetDev); OCCallbackData cbData = { .context = NULL, .cb = NULL, .cd = NULL }; - cbData.cb = &SRPResetDeviceCB; - cbData.context = (void *) targetDev; - cbData.cd = NULL; OCMethod method = OC_REST_POST; OCDoHandle handle = NULL; + OCProvisionDev_t * targetDev = PMCloneOCProvisionDev(pTargetDev); + if (NULL == targetDev) + { + OIC_LOG(ERROR, TAG, "target dev is null"); + res = OC_STACK_ERROR; + goto error; + } + cbData.cb = &SRPResetDeviceCB; + cbData.context = (void *) targetDev; + cbData.cd = deleteCallback; OIC_LOG(DEBUG, TAG, "Sending PSTAT info to resource server"); res = OCDoResource(&handle, method, query, &targetDev->endpoint, (OCPayload *)secPayload, @@ -2408,7 +2484,7 @@ static OCStackApplicationResult SRPGetCredResourceCB(void *ctx, OCDoHandle UNUSE { OIC_LOG_V(INFO, TAG, "Inside SRPGetCredResourceCB."); (void)UNUSED; - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); GetSecData_t *GetSecData = (GetSecData_t*)ctx; OCProvisionResultCB resultCallback = GetSecData->resultCallback; @@ -2420,6 +2496,8 @@ static OCStackApplicationResult SRPGetCredResourceCB(void *ctx, OCDoHandle UNUSE size_t size = ((OCSecurityPayload*)clientResponse->payload)->payloadSize; OIC_LOG_BUFFER(DEBUG, TAG, payload, size); + (void)size; + (void)payload; registerResultForGetCredResourceCB(GetSecData, OC_STACK_OK); ((OCProvisionResultCB)(resultCallback))(GetSecData->ctx, GetSecData->numOfResults, @@ -2446,8 +2524,8 @@ static OCStackApplicationResult SRPGetCredResourceCB(void *ctx, OCDoHandle UNUSE OCStackResult SRPGetCredResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + VERIFY_NON_NULL_RET(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; if(!PMGenerateQuery(true, @@ -2495,7 +2573,7 @@ OCStackResult SRPGetCredResource(void *ctx, const OCProvisionDev_t *selectedDevi OICFree(GetSecData->resArr); OICFree(GetSecData); } - VERIFY_SUCCESS(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); + VERIFY_SUCCESS_RET(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); OIC_LOG(DEBUG, TAG, "OUT SRPGetCredResource"); return OC_STACK_OK; @@ -2529,7 +2607,7 @@ static OCStackApplicationResult SRPGetACLResourceCB(void *ctx, OCDoHandle UNUSED { OIC_LOG_V(INFO, TAG, "Inside SRPGetACLResourceCB."); (void)UNUSED; - VERIFY_NON_NULL(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); + VERIFY_NON_NULL_RET(TAG, ctx, ERROR, OC_STACK_DELETE_TRANSACTION); GetSecData_t *GetSecData = (GetSecData_t*)ctx; OCProvisionResultCB resultCallback = GetSecData->resultCallback; @@ -2541,6 +2619,8 @@ static OCStackApplicationResult SRPGetACLResourceCB(void *ctx, OCDoHandle UNUSED size_t size = ((OCSecurityPayload*)clientResponse->payload)->payloadSize; OIC_LOG_BUFFER(DEBUG, TAG, payload, size); + (void)payload; + (void)size; registerResultForGetACLResourceCB(GetSecData, OC_STACK_OK); ((OCProvisionResultCB)(resultCallback))(GetSecData->ctx, GetSecData->numOfResults, @@ -2567,8 +2647,8 @@ static OCStackApplicationResult SRPGetACLResourceCB(void *ctx, OCDoHandle UNUSED OCStackResult SRPGetACLResource(void *ctx, const OCProvisionDev_t *selectedDeviceInfo, OCProvisionResultCB resultCallback) { - VERIFY_NON_NULL(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); - VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); + VERIFY_NON_NULL_RET(TAG, selectedDeviceInfo, ERROR, OC_STACK_INVALID_PARAM); + VERIFY_NON_NULL_RET(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK); char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0}; if(!PMGenerateQuery(true, @@ -2616,8 +2696,29 @@ OCStackResult SRPGetACLResource(void *ctx, const OCProvisionDev_t *selectedDevic OICFree(GetSecData->resArr); OICFree(GetSecData); } - VERIFY_SUCCESS(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); + VERIFY_SUCCESS_RET(TAG, (OC_STACK_OK == ret), ERROR, OC_STACK_ERROR); OIC_LOG(DEBUG, TAG, "OUT SRPGetACLResource"); return OC_STACK_OK; } + +OCStackResult SRPReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain, + size_t *chainSize) +{ + OIC_LOG(DEBUG, TAG, "IN SRPReadTrustCertChain"); + + OCStackResult res = OC_STACK_ERROR; + int secureFlag = 0; + OicSecCred_t* credData = GetCredEntryByCredId(credId); + if(credData) + { + res = CredToCBORPayload((const OicSecCred_t*) credData, trustCertChain, + chainSize, secureFlag); + if(OC_STACK_OK != res) + { + OIC_LOG(INFO, TAG, "CredToCBORPayload failed"); + } + } + DeleteCredList(credData); + return res; +}