X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=resource%2Fcsdk%2Fsecurity%2Fsrc%2Fsecureresourcemanager.c;h=a054e73a6a1d5e282feb8aeea8334af8fe4356e8;hb=9a19f4a70b1df5398a41ef7c6471d3c0d7121fa5;hp=4c4179922bd1ff115170eeec2871fa2875b72ef2;hpb=edcfc3d2329da7b914771c0dcff5f42c9b74fd93;p=platform%2Fupstream%2Fiotivity.git diff --git a/resource/csdk/security/src/secureresourcemanager.c b/resource/csdk/security/src/secureresourcemanager.c index 4c41799..a054e73 100644 --- a/resource/csdk/security/src/secureresourcemanager.c +++ b/resource/csdk/security/src/secureresourcemanager.c @@ -24,8 +24,11 @@ #include "cainterface.h" #include "resourcemanager.h" #include "credresource.h" +#include "doxmresource.h" +#include "pstatresource.h" #include "policyengine.h" #include "srmutility.h" +#include "psinterface.h" #include "amsmgr.h" #include "oic_string.h" #include "oic_malloc.h" @@ -133,7 +136,7 @@ exit: */ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requestInfo) { - OIC_LOG(DEBUG, TAG, "Received request from remote device"); + OIC_LOG_V(DEBUG, TAG, "%s:Received request from remote device", __func__); bool isRequestOverSecureChannel = false; if (!endPoint || !requestInfo) @@ -152,6 +155,12 @@ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requ } //Check the URI has the query and skip it before checking the permission + if (NULL == requestInfo->info.resourceUri) + { + OIC_LOG(ERROR, TAG, "Invalid resourceUri"); + return; + } + char *uri = strstr(requestInfo->info.resourceUri, "?"); int position = 0; if (uri) @@ -204,14 +213,14 @@ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requ } } } -#ifdef _ENABLE_MULTIPLE_OWNER_ +#ifdef MULTIPLE_OWNER /* * In case of ACL and CRED, The payload required to verify the payload. * Payload information will be used for subowner's permission verification. */ g_policyEngineContext.payload = (uint8_t*)requestInfo->info.payload; g_policyEngineContext.payloadSize = requestInfo->info.payloadSize; -#endif //_ENABLE_MULTIPLE_OWNER_ +#endif //MULTIPLE_OWNER //New request are only processed if the policy engine state is AWAITING_REQUEST. if (AWAITING_REQUEST == g_policyEngineContext.state) @@ -275,7 +284,7 @@ exit: */ void SRMResponseHandler(const CAEndpoint_t *endPoint, const CAResponseInfo_t *responseInfo) { - OIC_LOG(DEBUG, TAG, "Received response from remote device"); + OIC_LOG_V(DEBUG, TAG, "%s:Received response from remote device", __func__); // isProvResponse flag is to check whether response is catered by provisioning APIs or not. // When token sent by CA response matches with token generated by provisioning request, @@ -302,8 +311,8 @@ void SRMResponseHandler(const CAEndpoint_t *endPoint, const CAResponseInfo_t *re */ void SRMErrorHandler(const CAEndpoint_t *endPoint, const CAErrorInfo_t *errorInfo) { - OIC_LOG_V(INFO, TAG, "Received error from remote device with result, %d for request uri, %s", - errorInfo->result, errorInfo->info.resourceUri); + OIC_LOG_V(INFO, TAG, "%s:Received error from remote device with result, %d for request uri, %s", + __func__, errorInfo->result, errorInfo->info.resourceUri); if (gErrorHandler) { gErrorHandler(endPoint, errorInfo); @@ -341,8 +350,18 @@ OCStackResult SRMRegisterPersistentStorageHandler(OCPersistentStorage* persisten OIC_LOG(ERROR, TAG, "The persistent storage handler is invalid"); return OC_STACK_INVALID_PARAM; } + gPersistentStorageHandler = persistentStorageHandler; - return OC_STACK_OK; + + // Check validity of Persistent Storage + OCStackResult res = OC_STACK_SVR_DB_NOT_EXIST; + res = CheckPersistentStorage(persistentStorageHandler); + if (OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "Persistent storage is not normal"); + gPersistentStorageHandler = NULL; + } + return res; } OCPersistentStorage* SRMGetPersistentStorageHandler() @@ -391,7 +410,6 @@ bool SRMIsSecurityResourceURI(const char* uri) } const char *rsrcs[] = { - OIC_RSRC_SVC_URI, OIC_RSRC_AMACL_URI, OIC_RSRC_CRL_URI, OIC_RSRC_CRED_URI, @@ -427,6 +445,133 @@ bool SRMIsSecurityResourceURI(const char* uri) } /** + * Check whether persistent storage is valid + * @return OC_STACK_OK if valid, other errors otherwise; + */ +OCStackResult CheckPersistentStorage(OCPersistentStorage* ps) +{ + OIC_LOG_V(INFO, TAG, "In %s", __func__); + + FILE *fp = NULL; + OCStackResult ret = OC_STACK_SVR_DB_NOT_EXIST; + OicSecDoxm_t* doxm = NULL; + OicSecPstat_t* pstat = NULL; + uint8_t *data = NULL; + size_t size = 0; + + if (NULL == ps) + { + OIC_LOG(ERROR, TAG, "NULL PersistentStorage Parameter"); + ret = OC_STACK_INVALID_PARAM; + goto exit; + } + + // Check whether the DB file exists + fp = ps->open(SVR_DB_DAT_FILE_NAME, "r+b"); + if (NULL == fp) + { + OIC_LOG(ERROR, TAG, "DB file cannot be opened"); + ret = OC_STACK_SVR_DB_NOT_EXIST; + SetPSStatus(PS_OPEN_FAIL); + goto exit; + } + ps->close(fp); + + OIC_LOG(INFO, TAG, "Checking doxm resource..."); + //Check DOXM resource + ret = GetSecureVirtualDatabaseFromPS2(ps, OIC_JSON_DOXM_NAME, &data, &size); + // If database read failed + if (OC_STACK_OK != ret) + { + OIC_LOG (ERROR, TAG, "Can not find the DOXM Resource in SVR DB."); + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + if (data && 0 < size) + { + // Read DOXM resource from PS + ret = CBORPayloadToDoxm(data, size, &doxm); + if (OC_STACK_OK != ret) + { + OIC_LOG_V(ERROR, TAG, "Failed to Convert CBOR to Doxm bin : %d", ret); + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + } + else + { + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + if (data) + { + OICFree(data); + data = NULL; + } + + OIC_LOG(INFO, TAG, "Checking pstat resource..."); + //Check PSTAT resource + ret = GetSecureVirtualDatabaseFromPS2(ps, OIC_JSON_PSTAT_NAME, &data, &size); + // If database read failed + if (OC_STACK_OK != ret) + { + OIC_LOG (ERROR, TAG, "Can not find the PSTAT Resource in SVR DB."); + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + if (data && 0 < size) + { + // Read ACL resource from PS + ret = CBORPayloadToPstat(data, size, &pstat); + if (OC_STACK_OK != ret) + { + OIC_LOG_V(ERROR, TAG, "Failed to Convert CBOR to PSTAT bin : %d", ret); + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + } + else + { + ret = OC_STACK_INCONSISTENT_DB; + SetPSStatus(PS_PARSE_FAIL); + goto exit; + } + if (data) + { + OICFree(data); + data = NULL; + } + + SetPSStatus(PS_NORMAL); + + ret = OC_STACK_OK; + OIC_LOG(INFO, TAG, "All Secure Virtual Resources are fine."); + +exit: + if (data) + { + OICFree(data); + } + if (doxm) + { + DeleteDoxmBinData(doxm); + } + if (pstat) + { + DeletePstatBinData(pstat); + } + + OIC_LOG_V(INFO, TAG, "Out %s", __func__); + + return ret; +} + +/** * Get the Secure Virtual Resource (SVR) type from the URI. * @param uri [IN] Pointer to URI in question. * @return The OicSecSvrType_t of the URI passed (note: if not a Secure Virtual @@ -522,15 +667,6 @@ OicSecSvrType_t GetSvrTypeFromUri(const char* uri) } } - svrLen = strlen(OIC_RSRC_SVC_URI); - if(uriLen == svrLen) - { - if(0 == strncmp(uri, OIC_RSRC_SVC_URI, svrLen)) - { - return OIC_R_SVC_TYPE; - } - } - svrLen = strlen(OIC_RSRC_SACL_URI); if(uriLen == svrLen) {