This patch is
1) to configure SVR db as self-ownership for device (ex. onboarding tool)
that is not required to Ownership Transfer by other device.
2) DeviceID of both doxm and pstat remains as same after reset.
- Test Configure SVR as self-ownership
1. Build with scons SECURED=1 WITH_TCP=1 WITH_CLOUD=1
2. Run the cloudClient with dat file that is configured as Ready-For-OTM
ex) ./cloudClient oic_svr_db_server_randompin.dat
3. Perfrom Configure SVRdb as Self-OwnerShip [Menu:11]
-Patch 1: Upload patch
-Patch 2: Fixed build error on arduino
-Patch 3-5 : Rebase due to Jenkins problem
-Patch 6 : Apply review comment
-Patch 7,8 : Apply Greg's review commnets
-Patch 9: Rebase due to merge conflict
Change-Id: I12f178e5955d2d963ba46b88972042ee1c90dff8
Signed-off-by: js126.lee <js126.lee@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/15495
Reviewed-by: Jongmin Choi <jminl.choi@samsung.com>
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Randeep Singh <randeep.s@samsung.com>
(cherry picked from commit
1494606f170d49087b06da294afc9af8eac7ba2a)
Reviewed-on: https://gerrit.iotivity.org/gerrit/15825
InputPinCodeCallback
LoadSecretJustWorksCallback
+OCConfigSelfOwnership
OCDeleteACLList
OCDeleteDiscoveredDevices
OCDeletePdAclList
const CAErrorInfo_t *errorInfo);
#endif //__WITH_DTLS__ && MULTIPLE_OWNER
+/**
+ * Internal function to change doxm resource to Ready for Normal Operation.
+ *
+ * @param newROwner new owner
+ *
+ * @retval ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult SetDoxmSelfOwnership(const OicUuid_t* newROwner);
+
#ifdef __cplusplus
}
#endif
*/
bool GetPstatIsop();
+/**
+ * Internal function to change pastat resource to Ready for Normal Operation.
+ *
+ * @param newROwner new owner
+ *
+ * @retval ::OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult SetPstatSelfOwnership(const OicUuid_t* newROwner);
+
#ifdef __cplusplus
}
#endif
OCStackResult OTMSelectOwnershipTransferMethod(const OicSecOxm_t *supportedMethods,\r
size_t numberOfMethods, OicSecOxm_t *selectedMethod, OwnerType_t ownerType);\r
\r
+/**\r
+ * This function configures SVR DB as self-ownership.\r
+ *\r
+ *@return OC_STACK_OK in case of successful configue and other value otherwise.\r
+ */\r
+OCStackResult ConfigSelfOwnership(void);\r
+\r
#ifdef __cplusplus\r
}\r
#endif\r
*/\r
OCStackResult OCResetSVRDB(void);\r
\r
+/**\r
+ * This function configures SVR DB as self-ownership.\r
+ *\r
+ *@return OC_STACK_OK in case of successful configue and other value otherwise.\r
+ */\r
+OCStackResult OCConfigSelfOwnership(void);\r
+\r
/**\r
* API to get status of all the devices in current subnet. The status include endpoint information\r
* and doxm information which can be extracted duing owned and unowned discovery. Along with this\r
USE_RSA = 8,
SAVE_TRUST_CERT = 9,
USE_SECURE_CONN = 10,
+ CONFIG_SELF_OWNERSHIP = 11,
DISCOVERY = 13,
GET = 14,
printf("** %d - Change TLS cipher suite (ECDSA/RSA)\n", USE_RSA);
printf("** %d - Save Trust Cert. Chain into Cred of SVR\n", SAVE_TRUST_CERT);
printf("** %d - Change Protocol type (CoAP/CoAPs)\n", USE_SECURE_CONN);
+ printf("** %d - Configure SVRdb as Self-OwnerShip\n", CONFIG_SELF_OWNERSHIP);
if (OC_CLIENT == mode)
{
return res;
}
+static OCStackResult configSelfOwnership(void)
+{
+ OCStackResult res = OC_STACK_ERROR;
+ OIC_LOG(INFO, TAG, "Configures SVR DB as self-ownership.");
+
+ res = OCConfigSelfOwnership();
+
+ if (OC_STACK_OK != res)
+ {
+ OIC_LOG(ERROR, TAG, "OCConfigSelfOwnership API error. Please check SVR DB");
+ }
+ else
+ {
+ OIC_LOG(INFO, TAG, "Success to configures SVR DB as self-ownership");
+ }
+
+ return res;
+}
+
static void wrongRequest()
{
printf(">> Entered Wrong Menu Number. Please Enter Again\n\n");
sendDataToServer = false;
}
break;
+ case CONFIG_SELF_OWNERSHIP:
+ configSelfOwnership();
+ sendDataToServer = false;
+ break;
case EXIT:
oc_mutex_free(mutex);
oc_cond_free(cond);
return ResetSecureResourceInPS();
}
+/**
+ * This function configures SVR DB as self-ownership.
+ *
+ *@return OC_STACK_OK in case of successful configue and other value otherwise.
+ */
+OCStackResult OCConfigSelfOwnership(void)
+{
+ return ConfigSelfOwnership();
+}
+
/**
* Internal Function to update result in link result array.
*/
#include "payload_logging.h"
#include "pkix_interface.h"
#include "oxmverifycommon.h"
+#include "psinterface.h"
#define TAG "OIC_OTM"
return ret;
}
+
+OCStackResult ConfigSelfOwnership(void)
+{
+ OIC_LOG(INFO, TAG, "IN ConfigSelfOwnership");
+
+ bool isDeviceOwned = true;
+ if (OC_STACK_OK != GetDoxmIsOwned(&isDeviceOwned))
+ {
+ OIC_LOG (ERROR, TAG, "Unable to retrieve doxm owned state");
+ return OC_STACK_ERROR;
+ }
+ if( (true == isDeviceOwned) ||(true == GetPstatIsop()) )
+ {
+ OIC_LOG(ERROR, TAG, "The state of device is not Ready for Ownership transfer.");
+ return OC_STACK_ERROR;
+ }
+ OicUuid_t deviceID = {.id={0}};
+ if ( OC_STACK_OK != GetDoxmDeviceID(&deviceID) )
+ {
+ OIC_LOG (ERROR, TAG, "Unable to retrieve doxm Device ID");
+ return OC_STACK_ERROR;
+ }
+
+ OCStackResult ret = OC_STACK_OK;
+ //Update the pstat resource as Normal Operation.
+ ret = SetPstatSelfOwnership(&deviceID);
+ if(OC_STACK_OK != ret)
+ {
+ OIC_LOG (ERROR, TAG, "Unable to update pstat resource as Normal Operation");
+ goto exit;
+ }
+ //Update the doxm resource as Normal Operation.
+ ret = SetDoxmSelfOwnership(&deviceID);
+ if(OC_STACK_OK != ret)
+ {
+ OIC_LOG (ERROR, TAG, "Unable to update doxm resource as Normal Operation");
+ goto exit;
+ }
+ //Update default ACE of security resource to prevent anonymous user access.
+ ret = UpdateDefaultSecProvACE();
+ if(OC_STACK_OK != ret)
+ {
+ OIC_LOG (ERROR, TAG, "Unable to update default ace in ConfigSelfOwnership");
+ goto exit;
+ }
+ //Update the acl resource owner as owner device.
+ ret = SetAclRownerId(&deviceID);
+ if(OC_STACK_OK != ret)
+ {
+ OIC_LOG (ERROR, TAG, "Unable to update acl resource in ConfigSelfOwnership");
+ goto exit;
+ }
+ //Update the cred resource owner as owner device.
+ ret = SetCredRownerId(&deviceID);
+ if(OC_STACK_OK != ret)
+ {
+ // Cred resouce may be empty in Ready for Ownership transfer state.
+ if (OC_STACK_NO_RESOURCE == ret)
+ {
+ OIC_LOG (INFO, TAG, "Cred resource is empty");
+ ret = OC_STACK_OK;
+ goto exit;
+ }
+ OIC_LOG (ERROR, TAG, "Unable to update cred resource in ConfigSelfOwnership");
+ }
+
+exit:
+ if(OC_STACK_OK != ret)
+ {
+ /*
+ * If some error is occured while configure self-ownership,
+ * ownership related resource should be revert back to initial status.
+ */
+ ResetSecureResourceInPS();
+ }
+
+ return ret;
+}
}
}
}
+
+OCStackResult SetDoxmSelfOwnership(const OicUuid_t* newROwner)
+{
+ OCStackResult ret = OC_STACK_ERROR;
+ uint8_t *cborPayload = NULL;
+ size_t size = 0;
+
+ if(NULL == gDoxm)
+ {
+ ret = OC_STACK_NO_RESOURCE;
+ return ret;
+ }
+
+ if( newROwner && (false == gDoxm->owned) )
+ {
+ gDoxm->owned = true;
+ memcpy(gDoxm->owner.id, newROwner->id, sizeof(newROwner->id));
+ memcpy(gDoxm->rownerID.id, newROwner->id, sizeof(newROwner->id));
+
+ ret = DoxmToCBORPayload(gDoxm, &cborPayload, &size, false);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ ret = UpdateSecureResourceInPS(OIC_JSON_DOXM_NAME, cborPayload, size);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ OICFree(cborPayload);
+ }
+
+ return ret;
+
+exit:
+ OICFree(cborPayload);
+ return ret;
+}
+
* Creates Reset Profile from the initial secure virtual resources.
* This function copies the secure resources
* and creates the Reset Profile in the Persistent Storage.
- * Device ID in doxm and pstat are left empty as it will be renewed after reset.
+ * Device ID in doxm and pstat remains as same after reset.
*
* @return OCStackResult - result of updating Secure Virtual Resource(s)
*/
}
}
- // Set the Device ID in doxm and pstat to empty
- if (pstatCbor)
- {
- OicSecPstat_t *pstat = NULL;
- ret = CBORPayloadToPstat(pstatCbor, pstatCborLen, &pstat);
- OICFree(pstatCbor);
- pstatCbor = NULL;
- pstatCborLen = 0;
-
- OicUuid_t emptyUuid = {.id = {0} };
- memcpy(&pstat->deviceID, &emptyUuid, sizeof(OicUuid_t));
- memcpy(&pstat->rownerID, &emptyUuid, sizeof(OicUuid_t));
-
- ret = PstatToCBORPayload(pstat, &pstatCbor, &pstatCborLen, false);
- DeletePstatBinData(pstat);
- }
- if (doxmCbor)
- {
- OicSecDoxm_t *doxm = NULL;
- ret = CBORPayloadToDoxm(doxmCbor, doxmCborLen, &doxm);
- OICFree(doxmCbor);
- doxmCbor = NULL;
- doxmCborLen = 0;
-
- OicUuid_t emptyUuid = {.id = {0} };
- memcpy(&doxm->deviceID, &emptyUuid, sizeof(OicUuid_t));
- memcpy(&doxm->rownerID, &emptyUuid, sizeof(OicUuid_t));
-
- ret = DoxmToCBORPayload(doxm, &doxmCbor, &doxmCborLen, false);
- DeleteDoxmBinData(doxm);
- }
-
{
size_t size = aclCborLen + pstatCborLen + doxmCborLen + 255;
resetPfCbor = (uint8_t *) OICCalloc(1, size);
}
return retVal;
}
+
+OCStackResult SetPstatSelfOwnership(const OicUuid_t* newROwner)
+{
+ OCStackResult ret = OC_STACK_ERROR;
+ uint8_t *cborPayload = NULL;
+ size_t size = 0;
+
+ if(NULL == gPstat)
+ {
+ ret = OC_STACK_NO_RESOURCE;
+ return ret;
+ }
+
+ if( newROwner && (false == gPstat->isOp) && (true == (TAKE_OWNER && gPstat->cm)) )
+ {
+ gPstat->cm = (OicSecDpm_t)(gPstat->cm & (~TAKE_OWNER));
+ gPstat->isOp = true;
+
+ memcpy(gPstat->deviceID.id, newROwner->id, sizeof(newROwner->id));
+ memcpy(gPstat->rownerID.id, newROwner->id, sizeof(newROwner->id));
+
+ ret = PstatToCBORPayload(gPstat, &cborPayload, &size, false);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ ret = UpdateSecureResourceInPS(OIC_JSON_PSTAT_NAME, cborPayload, size);
+ VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+ OICFree(cborPayload);
+ }
+ else
+ {
+ OIC_LOG(ERROR, TAG, "The state of PSTAT is not Ready For OTM");
+ }
+
+ return ret;
+
+exit:
+ OICFree(cborPayload);
+ return ret;
+}
+
projects / platform / upstream / iotivity.git / commitdiff