Update ACL data-structure based on RAML spec.

author leechul <chuls.lee@samsung.com>

Fri, 20 May 2016 00:41:00 +0000 (09:41 +0900)

committer Randeep Singh <randeep.s@samsung.com>

Thu, 7 Jul 2016 11:33:14 +0000 (11:33 +0000)
author leechul <chuls.lee@samsung.com>
Fri, 20 May 2016 00:41:00 +0000 (09:41 +0900)
committer Randeep Singh <randeep.s@samsung.com>
Thu, 7 Jul 2016 11:33:14 +0000 (11:33 +0000)
diff --git a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat

index b8d249c..50eda91 100644 (file)

Binary files a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat and b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat differ
diff --git a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json

index 22dfeba..004221a 100644 (file)
--- a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json
+++ b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,22 +44,22 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        }                  \r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
+                        }\r
                      ],\r
                      "permission": 2\r
                  }\r
              ]\r
          },\r
          "rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
-    },    \r
+    },\r
      "pstat": {\r
          "isop": true,\r
          "cm": 2,\r
diff --git a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat

index 9de47b8..7cf2a68 100644 (file)

Binary files a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat and b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat differ
diff --git a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json

index 5052bd1..5a92ec9 100644 (file)
--- a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json
+++ b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/acl",\r
+                            "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat

index 31e1814..638c971 100644 (file)

Binary files a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat and b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat differ
diff --git a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json

index 0e1bf23..f38870c 100644 (file)
--- a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json
+++ b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -68,20 +62,20 @@
                          {\r
                              "href": "/a/light",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/a/light0",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/a/light1",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
diff --git a/resource/csdk/security/include/internal/aclresource.h b/resource/csdk/security/include/internal/aclresource.h

index 5f1ac9d..2b83f81 100644 (file)
--- a/resource/csdk/security/include/internal/aclresource.h
+++ b/resource/csdk/security/include/internal/aclresource.h
@@ -47,9 +47,9 @@ OCStackResult DeInitACLResource();
   *
   * @note On the first call to @ref GetACLResourceData, savePtr should point to NULL.
   *
- * @return reference to @ref OicSecAcl_t if ACL is found, else NULL.
+ * @return reference to @ref OicSecAce_t if ACE is found, else NULL.
   */
-const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **savePtr);
+const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr);
  
  /**
   * This function converts ACL data into CBOR format.
@@ -70,6 +70,14 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t * acl, uint8_t **outPayload, si
  void DeleteACLList(OicSecAcl_t* acl);
  
  /**
+ * Internal function to duplicate the ACE instance.
+ *
+ * @param ace instance of @ref OicSecAce_t structure to be duplicated.
+ * @return reference to @ref OicSecAce_t if ACE was successfully duplicated.
+ */
+OicSecAce_t* DuplicateACE(const OicSecAce_t* ace);
+
+/**
   * This function installs a new ACL.
   *
   * @param payload cbor value representing a new ACL.
@@ -80,12 +88,12 @@ void DeleteACLList(OicSecAcl_t* acl);
  OCStackResult InstallNewACL(const uint8_t* payload, const size_t size);
  
  /**
- * This function updates default ACL which is required for ownership transfer.
+ * This function updates default ACE which is required for ownership transfer.
   * This function should be invoked after OTM is complete to prevent anonymous user access.
   *
   * @retval OC_STACK_OK for Success, otherwise some error value
   */
-OCStackResult UpdateDefaultSecProvACL();
+OCStackResult UpdateDefaultSecProvACE();
  
  /**
   * Internal function to update resource owner
diff --git a/resource/csdk/security/include/internal/srmresourcestrings.h b/resource/csdk/security/include/internal/srmresourcestrings.h

index 7f63d92..7e84a76 100644 (file)
--- a/resource/csdk/security/include/internal/srmresourcestrings.h
+++ b/resource/csdk/security/include/internal/srmresourcestrings.h
@@ -113,6 +113,7 @@ extern const char * OIC_JSON_PUBDATA_NAME;
  extern const char * OIC_JSON_PRIVDATA_NAME;
  extern const char * OIC_JSON_OPTDATA_NAME;
  extern const char * OIC_JSON_CRMS_NAME;
+extern const char * OIC_JSON_VALIDITY_NAME;
  extern const char * OIC_JSON_PERIOD_NAME;
  extern const char * OIC_JSON_PERIODS_NAME;
  extern const char * OIC_JSON_RECURRENCES_NAME;
diff --git a/resource/csdk/security/include/securevirtualresourcetypes.h b/resource/csdk/security/include/securevirtualresourcetypes.h

index 10c9e50..5cefddd 100644 (file)
--- a/resource/csdk/security/include/securevirtualresourcetypes.h
+++ b/resource/csdk/security/include/securevirtualresourcetypes.h
@@ -164,6 +164,12 @@ INLINE_API bool IsAccessGranted(SRMAccessResponse_t response)
      }
  }
  
+typedef struct OicSecRsrc OicSecRsrc_t;
+
+typedef struct OicSecValidity OicSecValidity_t;
+
+typedef struct OicSecAce OicSecAce_t;
+
  typedef struct OicSecAcl OicSecAcl_t;
  
  typedef struct OicSecAmacl OicSecAmacl_t;
@@ -323,6 +329,35 @@ struct OicSecKey
  
  };
  
+struct OicSecRsrc
+{
+    char *href; // 0:R:S:Y:String
+    char *rel; // 1:R:S:N:String
+    char** types; // 2:R:S:N:String Array
+    size_t typeLen; // the number of elts in types
+    char** interfaces; // 3:R:S:N:String Array
+    size_t interfaceLen; // the number of elts in interfaces
+    OicSecRsrc_t *next;
+};
+
+struct OicSecValidity
+{
+    char* period; // 0:R:S:Y:String
+    char** recurrences; // 1:R:M:Y:Array of String
+    size_t recurrenceLen; // the number of elts in recurrence
+    OicSecValidity_t *next;
+};
+
+struct OicSecAce
+{
+    // <Attribute ID>:<Read/Write>:<Multiple/Single>:<Mandatory?>:<Type>
+    OicUuid_t subjectuuid; // 0:R:S:Y:uuid
+    OicSecRsrc_t *resources; // 1:R:M:Y:Resource
+    uint16_t permission; // 2:R:S:Y:UINT16
+    OicSecValidity_t *validities; // 3:R:M:N:Time-interval
+    OicSecAce_t *next;
+};
+
  /**
   * /oic/sec/acl (Access Control List) data type.
   * Derived from OIC Security Spec; see Spec for details.
@@ -330,17 +365,8 @@ struct OicSecKey
  struct OicSecAcl
  {
      // <Attribute ID>:<Read/Write>:<Multiple/Single>:<Mandatory?>:<Type>
-    OicUuid_t           subject;        // 0:R:S:Y:uuid TODO: this deviates
-                                        // from spec and needs to be updated
-                                        // in spec (where it's a String).
-    size_t              resourcesLen;   // the number of elts in Resources
-    char                **resources;    // 1:R:M:Y:String
-    uint16_t            permission;     // 2:R:S:Y:UINT16
-    size_t              prdRecrLen;     // the number of elts in Periods
-    char                **periods;       // 3:R:M*:N:String (<--M*; see Spec)
-    char                **recurrences;   // 5:R:M:N:String
-    OicUuid_t           rownerID;        // 8:R:S:Y:oic.uuid
-    OicSecAcl_t         *next;
+    OicUuid_t           rownerID;        // 0:R:S:Y:oic.uuid
+    OicSecAce_t         *aces; // 1:R:M:N:ACE
  };
  
  /**
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat

old mode 100755 (executable)

new mode 100644 (file)

index bf440f2..14b258b

Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat differ
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json

old mode 100755 (executable)

new mode 100644 (file)

index 20062b4..b65c99c
--- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json
+++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json
@@ -8,38 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,32 +30,32 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/crl",\r
+                            "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/cred",\r
+                            "href": "/oic/sec/crl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.crl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat

old mode 100755 (executable)

new mode 100644 (file)

index 59f65e5..7f9f27f

Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat differ
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json

old mode 100755 (executable)

new mode 100644 (file)

index a7598d4..88d2069
--- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json
+++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json
@@ -8,38 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,32 +30,32 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/crl",\r
+                            "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/cred",\r
+                            "href": "/oic/sec/crl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.crl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat

old mode 100755 (executable)

new mode 100644 (file)

index 6143d32..a735af7

Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat differ
diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json

old mode 100755 (executable)

new mode 100644 (file)

index 2e33796..36269f1
--- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json
+++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json
@@ -8,32 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/ad",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -44,14 +30,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat

index 06454be..ac8348a 100644 (file)

Binary files a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat and b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat differ
diff --git a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json

index dbdee77..e251611 100644 (file)
--- a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json
+++ b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json
@@ -8,32 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/ad",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -44,26 +30,26 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 7\r
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat

index 781f654..3caa104 100644 (file)

Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat differ
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json

index fb3c609..3d17ddd 100644 (file)
--- a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json
+++ b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json
@@ -8,38 +8,36 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        }\r
+                    ],\r
+                    "permission": 2\r
+                },\r
+                {\r
+                    "subjectuuid": "*",\r
+                    "resources": [\r
                          {\r
-                            "href": "/oic/ad",\r
+                            "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/amacl",\r
+                            "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -48,24 +46,24 @@
                      "subjectuuid": "*",\r
                      "resources": [\r
                          {\r
-                            "href": "/oic/sec/doxm",\r
+                            "href": "/oic/sec/pconf",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pconf"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
-                            "href": "/oic/sec/pstat",\r
+                            "href": "/oic/sec/dpairing",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        }                  \r
+                            "rt": ["oic.r.dpairing"],\r
+                            "if": ["oic.if.baseline"]\r
+                        }\r
                      ],\r
                      "permission": 2\r
                  }\r
              ]\r
          },\r
          "rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
-    },    \r
+    },\r
      "pstat": {\r
          "isop": true,\r
          "cm": 0,\r
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat

index 3796ce7..33c6b54 100644 (file)

Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat differ
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json

index 20f2c36..d2ef7c0 100644 (file)
--- a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json
+++ b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json
@@ -8,38 +8,18 @@
                          {
                              "href": "/oic/res",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
+                            "rt": ["oic.wk.res"],
+                            "if": ["oic.if.ll"]
+                        },{
                              "href": "/oic/d",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
+                            "rt": ["oic.wk.d"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
+                        },{
                              "href": "/oic/p",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/res/d",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/res/types/d",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/presence",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.p"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          }
                      ],
                      "permission": 2
@@ -50,26 +30,26 @@
                          {
                              "href": "/oic/sec/doxm",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.doxm"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/pstat",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pstat"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/acl",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.acl"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/cred",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.cred"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 6
@@ -80,14 +60,14 @@
                          {
                              "href": "/oic/sec/pconf",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pconf"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/dpairing",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.dpairing"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 6
@@ -98,8 +78,8 @@
                          {
                              "href": "/oic/sec/ver",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.ver"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 2
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat

index 4adbf4d..f17f27d 100644 (file)

Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat differ
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json

old mode 100755 (executable)

new mode 100644 (file)

index 59b56a7..f175679
--- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json
+++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json
@@ -8,36 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -48,26 +30,26 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
@@ -78,14 +60,14 @@
                          {\r
                              "href": "/oic/sec/pconf",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pconf"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/dpairing",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.dpairing"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
@@ -96,8 +78,8 @@
                          {\r
                              "href": "/oic/sec/ver",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.ver"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -125,4 +107,4 @@
          "rowneruuid": "6A757374-776F-726B-4465-765575696430",\r
          "dpc": true\r
      }\r
-}
-\ No newline at end of file
+}\r
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat

index cfce7f8..025592c 100644 (file)

Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat differ
diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json

index dc595bd..97c36ff 100644 (file)
--- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json
+++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json
@@ -8,38 +8,18 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
+                        },{\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
+                        },{\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,26 +30,26 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
@@ -80,14 +60,14 @@
                          {\r
                              "href": "/oic/sec/pconf",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pconf"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/dpairing",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.dpairing"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
@@ -98,8 +78,8 @@
                          {\r
                              "href": "/oic/sec/ver",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.ver"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/csdk/security/provisioning/sample/provisioningclient.c b/resource/csdk/security/provisioning/sample/provisioningclient.c

index 19fd535..a22e393 100644 (file)
--- a/resource/csdk/security/provisioning/sample/provisioningclient.c
+++ b/resource/csdk/security/provisioning/sample/provisioningclient.c
@@ -25,6 +25,7 @@
  #endif
  
  #include "platform_features.h"
+#include "utlist.h"
  #include "logger.h"
  #include "oic_malloc.h"
  #include "oic_string.h"
@@ -58,6 +59,7 @@ extern "C"
  #define _99_EXIT_PRVN_CLT_      99
  
  #define ACL_RESRC_MAX_NUM   16
+#define ACL_RESRC_ARRAY_SIZE   3 //This value is used only for sample (not OCF spec)
  #define ACL_RESRC_MAX_LEN   128
  #define ACL_PEMISN_CNT      5
  #define DISCOVERY_TIMEOUT   10  // 10 sec
@@ -1045,6 +1047,13 @@ static OicSecAcl_t* createAcl(const int dev_num)
          OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
          return NULL;  // not need to 'goto' |ERROR| before allocating |acl|
      }
+    OicSecAce_t* ace = (OicSecAce_t*) OICCalloc(1, sizeof(OicSecAce_t));
+    if(!ace)
+    {
+        OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+        return NULL;  // not need to 'goto' |ERROR| before allocating |acl|
+    }
+    LL_APPEND(acl->aces, ace);
  
      // enter |subject| device number
      int num = 0;
@@ -1070,7 +1079,7 @@ static OicSecAcl_t* createAcl(const int dev_num)
          OIC_LOG(ERROR, TAG, "createAcl: device instance empty");
          goto CRACL_ERROR;
      }
-    memcpy(&acl->subject, &dev->doxm->deviceID, UUID_LENGTH);
+    memcpy(&ace->subjectuuid, &dev->doxm->deviceID, UUID_LENGTH);
  
      // enter number of |resources| in 'accessed' device
      for( ; ; )
@@ -1094,16 +1103,17 @@ static OicSecAcl_t* createAcl(const int dev_num)
      // enter actually each 'accessed' |resources| name
      printf("         Enter Each Accessed Resource Name (each under 128 char)\n");
              // '128' is ACL_RESRC_MAX_LEN
-    acl->resourcesLen = (unsigned) num;
-    acl->resources = (char**) OICCalloc(acl->resourcesLen, sizeof(char*));
-    if(!acl->resources)
-    {
-        OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
-        goto CRACL_ERROR;
-    }
+
      char rsrc_in[ACL_RESRC_MAX_LEN+1] = {0};  // '1' for null termination
-    for(int i=0; acl->resourcesLen>(unsigned)i; ++i)
+    for(int i = 0; num > i; ++i)
      {
+        OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+        if(!rsrc)
+        {
+            OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+            goto CRACL_ERROR;
+        }
+
          printf("         Enter Accessed Resource[%d] Name: ", i+1);
          for(int ret=0; 1!=ret; )
          {
@@ -1112,14 +1122,98 @@ static OicSecAcl_t* createAcl(const int dev_num)
                                          // '0x20<=code' is character region
          }
          size_t len = strlen(rsrc_in)+1;  // '1' for null termination
-        char* rsrc = (char*) OICCalloc(len, sizeof(char));
+        rsrc->href = (char*) OICCalloc(len, sizeof(char));
          if(!rsrc)
          {
              OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
              goto CRACL_ERROR;
          }
-        OICStrcpy(rsrc, len, rsrc_in);
-        acl->resources[i] = rsrc;  // after here, |rsrc| points nothing
+        OICStrcpy(rsrc->href, len, rsrc_in);
+
+        int arrLen = 0;
+        while(1)
+        {
+            printf("         Enter Number of resource type for [%s]: ", rsrc_in);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%d", &arrLen);
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+            {
+                break;
+            }
+            printf("     Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+        }
+
+        rsrc->typeLen = arrLen;
+        rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
+        if(!rsrc->types)
+        {
+            OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+            goto CRACL_ERROR;
+        }
+
+        for(int i = 0; i < arrLen; i++)
+        {
+            printf("         Enter ResourceType[%d] Name: ", i+1);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%128s", rsrc_in);  // '128' is ACL_RESRC_MAX_LEN
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            rsrc->types[i] = OICStrdup(rsrc_in);
+            if(!rsrc->types[i])
+            {
+                OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+                goto CRACL_ERROR;
+            }
+        }
+
+        while(1)
+        {
+            printf("         Enter Number of interface name for [%s]: ", rsrc_in);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%d", &arrLen);
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+            {
+                break;
+            }
+            printf("     Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+        }
+
+        rsrc->interfaceLen = arrLen;
+        rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
+        if(!rsrc->interfaces)
+        {
+            OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+            goto CRACL_ERROR;
+        }
+
+        for(int i = 0; i < arrLen; i++)
+        {
+            printf("         Enter ResourceType[%d] Name: ", i+1);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%128s", rsrc_in);  // '128' is ACL_RESRC_MAX_LEN
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            rsrc->interfaces[i] = OICStrdup(rsrc_in);
+            if(!rsrc->interfaces[i])
+            {
+                OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+                goto CRACL_ERROR;
+            }
+        }
+
+        LL_APPEND(ace->resources, rsrc);
      }
  
      // enter |permission| for this access
@@ -1151,34 +1245,7 @@ static OicSecAcl_t* createAcl(const int dev_num)
          }
          pmsn_msk <<= 1;
      }
-    acl->permission = pmsn;
-
-    // enter |owner| device number
-    int own_num = 0;
-    for( ; ; )
-    {
-        printf("   > [D] Enter Owner Device Number: ");
-        for(int ret=0; 1!=ret; )
-        {
-            ret = scanf("%d", &own_num);
-            for( ; 0x20<=getchar(); );  // for removing overflow garbages
-                                        // '0x20<=code' is character region
-        }
-        if(0<own_num && g_own_cnt>=own_num)
-        {
-            break;
-        }
-        printf("         Entered Wrong Number. Please Enter Again\n");
-    }
-
-    dev = getDevInst((const OCProvisionDev_t*)g_own_list, own_num);
-    if(!dev || !dev->doxm)
-    {
-        OIC_LOG(ERROR, TAG, "createAcl: device instance empty");
-        goto CRACL_ERROR;
-    }
-    memcpy(&acl->rownerID, &dev->doxm->deviceID, sizeof(OicUuid_t));
-    printf("\n");
+    ace->permission = pmsn;
  
      return acl;
  
diff --git a/resource/csdk/security/provisioning/src/secureresourceprovider.c b/resource/csdk/security/provisioning/src/secureresourceprovider.c

index e3f5bba..35aebec 100644 (file)
--- a/resource/csdk/security/provisioning/src/secureresourceprovider.c
+++ b/resource/csdk/security/provisioning/src/secureresourceprovider.c
@@ -880,6 +880,9 @@ OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceI
          OIC_LOG(ERROR, TAG, "Failed to AclToCBORPayload");
          return OC_STACK_NO_MEMORY;
      }
+    OIC_LOG(DEBUG, TAG, "Created payload for ACL:");
+    OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize);
+
      char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0};
      if(!PMGenerateQuery(true,
                          selectedDeviceInfo->endpoint.addr,
diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c

index aaa96fb..9537efc 100644 (file)
--- a/resource/csdk/security/src/aclresource.c
+++ b/resource/csdk/security/src/aclresource.c
@@ -25,7 +25,9 @@
  #endif
  #include <stdlib.h>
  
+#include "utlist.h"
  #include "ocstack.h"
+#include "octypes.h"
  #include "ocserverrequest.h"
  #include "oic_malloc.h"
  #include "oic_string.h"
@@ -60,74 +62,219 @@ static OicSecAcl_t *gAcl = NULL;
  static OCResourceHandle gAclHandle = NULL;
  
  /**
+ * This function frees OicSecRsrc_t object's fields and object itself.
+ */
+static void FreeRsrc(OicSecRsrc_t *rsrc)
+{
+    //Clean each member of resource
+    OICFree(rsrc->href);
+    OICFree(rsrc->rel);
+    //Clean "rt"
+    if(0 < rsrc->typeLen && rsrc->types)
+    {
+        for(size_t i = 0; i < rsrc->typeLen; i++)
+        {
+            OICFree(rsrc->types[i]);
+        }
+        OICFree(rsrc->types);
+        rsrc->types = NULL;
+    }
+    //Clean "if"
+    if(0 < rsrc->interfaceLen && rsrc->interfaces)
+    {
+        for(size_t i = 0; i < rsrc->interfaceLen; i++)
+        {
+            OICFree(rsrc->interfaces[i]);
+        }
+        OICFree(rsrc->interfaces);
+        rsrc->interfaces = NULL;
+    }
+    OICFree(rsrc);
+    rsrc = NULL;
+}
+
+/**
   * This function frees OicSecAcl_t object's fields and object itself.
   */
-static void FreeACE(OicSecAcl_t *ace)
+static void FreeACE(OicSecAce_t *ace)
  {
-    size_t i;
      if (NULL == ace)
      {
          OIC_LOG(ERROR, TAG, "Invalid Parameter");
          return;
      }
  
-    // Clean Resources
-    for (i = 0; i < ace->resourcesLen; i++)
+    //Clean Resources
+    OicSecRsrc_t* rsrc = NULL;
+    OicSecRsrc_t* tmpRsrc = NULL;
+    LL_FOREACH_SAFE(ace->resources, rsrc, tmpRsrc)
      {
-        OICFree(ace->resources[i]);
+        LL_DELETE(ace->resources, rsrc);
+        FreeRsrc(rsrc);
      }
-    OICFree(ace->resources);
  
-    //Clean Period
-    if (ace->periods)
+    //Clean Validities
+    OicSecValidity_t *validity = NULL;
+    OicSecValidity_t *tmpValidity = NULL;
+    LL_FOREACH_SAFE(ace->validities, validity, tmpValidity)
      {
-        for (i = 0; i < ace->prdRecrLen; i++)
-        {
-            OICFree(ace->periods[i]);
-        }
-        OICFree(ace->periods);
-    }
+        LL_DELETE(ace->validities, validity);
  
-    //Clean Recurrence
-    if (ace->recurrences)
-    {
-        for (i = 0; i < ace->prdRecrLen; i++)
+        //Clean period
+        OICFree(validity->period);
+
+        //Clean recurrence
+        for(size_t i = 0; i < validity->recurrenceLen; i++)
          {
-            OICFree(ace->recurrences[i]);
+            OICFree(validity->recurrences[i]);
          }
-        OICFree(ace->recurrences);
+        OICFree(validity->recurrences);
+        OICFree(validity);
+        validity = NULL;
      }
  
-    // Clean ACL node itself
+    //Clean ACE
      OICFree(ace);
+    ace = NULL;
  }
  
  void DeleteACLList(OicSecAcl_t* acl)
  {
      if (acl)
      {
-        OicSecAcl_t *aclTmp1 = NULL;
-        OicSecAcl_t *aclTmp2 = NULL;
-        LL_FOREACH_SAFE(acl, aclTmp1, aclTmp2)
+        OicSecAce_t *ace = NULL;
+        OicSecAce_t *tmpAce = NULL;
+        LL_FOREACH_SAFE(acl->aces, ace, tmpAce)
          {
-            LL_DELETE(acl, aclTmp1);
-            FreeACE(aclTmp1);
+            LL_DELETE(acl->aces, ace);
+            FreeACE(ace);
          }
+        acl->aces = NULL;
+        OICFree(acl);
      }
  }
  
+OicSecAce_t* DuplicateACE(const OicSecAce_t* ace)
+{
+    OicSecAce_t* newAce = NULL;
+    size_t allocateSize = 0;
+
+    if(ace)
+    {
+        newAce = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+        VERIFY_NON_NULL(TAG, newAce, ERROR);
+
+        //Subject uuid
+        memcpy(&newAce->subjectuuid, &ace->subjectuuid, sizeof(OicUuid_t));
+
+        OicSecRsrc_t* rsrc = NULL;
+        LL_FOREACH(ace->resources, rsrc)
+        {
+            OicSecRsrc_t* newRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+            VERIFY_NON_NULL(TAG, newRsrc, ERROR);
+            LL_APPEND(newAce->resources, newRsrc);
+
+            //href is mandatory
+            VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
+            allocateSize = strlen(rsrc->href) + 1;
+            newRsrc->href = (char*)OICMalloc(sizeof(char) * allocateSize);
+            VERIFY_NON_NULL(TAG, newRsrc->href, ERROR);
+            OICStrcpy(newRsrc->href, allocateSize, rsrc->href);
+
+            if(rsrc->rel)
+            {
+                allocateSize = strlen(rsrc->rel) + 1;
+                newRsrc->rel = (char*)OICMalloc(sizeof(char) * allocateSize);
+                VERIFY_NON_NULL(TAG, newRsrc->rel, ERROR);
+                OICStrcpy(newRsrc->rel, allocateSize, rsrc->rel);
+            }
+
+            if(rsrc->types && 0 < rsrc->typeLen)
+            {
+                newRsrc->typeLen = rsrc->typeLen;
+                newRsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+                VERIFY_NON_NULL(TAG, (newRsrc->types), ERROR);
+                for(size_t i = 0; i < rsrc->typeLen; i++)
+                {
+                    newRsrc->types[i] = OICStrdup(rsrc->types[i]);
+                    VERIFY_NON_NULL(TAG, (newRsrc->types[i]), ERROR);
+                }
+            }
+
+            if(rsrc->interfaces && 0 < rsrc->interfaceLen)
+            {
+                newRsrc->interfaceLen = rsrc->interfaceLen;
+                newRsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+                VERIFY_NON_NULL(TAG, (newRsrc->interfaces), ERROR);
+                for(size_t i = 0; i < rsrc->interfaceLen; i++)
+                {
+                    newRsrc->interfaces[i] = OICStrdup(rsrc->interfaces[i]);
+                    VERIFY_NON_NULL(TAG, (newRsrc->interfaces[i]), ERROR);
+                }
+            }
+        }
+
+        //Permission
+        newAce->permission = ace->permission;
+
+        //Validity
+        if(ace->validities)
+        {
+            OicSecValidity_t* validity = NULL;
+            LL_FOREACH(ace->validities, validity)
+            {
+                OicSecValidity_t* newValidity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+                VERIFY_NON_NULL(TAG, newValidity, ERROR);
+                LL_APPEND(newAce->validities, newValidity);
+
+                if(validity->period)
+                {
+                    allocateSize = strlen(validity->period) + 1;
+                    newValidity->period = (char*)OICMalloc(sizeof(char) * allocateSize);
+                    VERIFY_NON_NULL(TAG, newValidity->period, ERROR);
+                    OICStrcpy(newValidity->period, allocateSize, validity->period);
+                }
+
+                if(validity->recurrences && 0 < validity->recurrenceLen)
+                {
+                    newValidity->recurrenceLen = validity->recurrenceLen;
+
+                    newValidity->recurrences = (char**)OICMalloc(sizeof(char*) * validity->recurrenceLen);
+                    VERIFY_NON_NULL(TAG, newValidity->recurrences, ERROR);
+
+                    for(size_t i = 0; i < validity->recurrenceLen; i++)
+                    {
+                        allocateSize = strlen(validity->recurrences[i]) + 1;
+                        newValidity->recurrences[i] = (char*)OICMalloc(sizeof(char) * allocateSize);
+                        VERIFY_NON_NULL(TAG, (newValidity->recurrences[i]), ERROR);
+                        OICStrcpy(newValidity->recurrences[i], allocateSize, validity->recurrences[i]);
+                    }
+                }
+            }
+        }
+
+        newAce->next = NULL;
+    }
+
+    return newAce;
+
+exit:
+    FreeACE(newAce);
+    return NULL;
+}
+
  static size_t OicSecAclSize(const OicSecAcl_t *secAcl)
  {
      if (!secAcl)
      {
          return 0;
      }
-    OicSecAcl_t *acl = (OicSecAcl_t *)secAcl;
+    OicSecAce_t *ace= (OicSecAce_t *)secAcl->aces;
      size_t size = 0;
-    while (acl)
+    while (ace)
      {
         size++;
-       acl = acl->next;
+       ace = ace->next;
      }
      return size;
  }
@@ -142,6 +289,7 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz
      OCStackResult ret = OC_STACK_ERROR;
      CborError cborEncoderResult = CborNoError;
      OicSecAcl_t *acl = (OicSecAcl_t *)secAcl;
+    OicSecAce_t* ace = NULL;
      CborEncoder encoder;
      CborEncoder aclMap;
      CborEncoder aclListMap;
@@ -180,21 +328,25 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz
      cborEncoderResult = cbor_encoder_create_array(&aclListMap, &acesArray, OicSecAclSize(secAcl));
      VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACES Array.");
  
-    while (acl)
+    ace = NULL;
+    LL_FOREACH (acl->aces, ace)
      {
          CborEncoder oicSecAclMap;
          // ACL Map size - Number of mandatory items
          uint8_t aclMapSize = ACL_ACES_MAP_SIZE;
          size_t inLen = 0;
  
-        // Create ACL Map
-        if (acl->periods)
+        OicSecValidity_t* validityElts = ace->validities;
+        while(validityElts)
          {
-            ++aclMapSize;
-        }
-        if (acl->recurrences)
-        {
-            ++aclMapSize;
+            if(validityElts->period)
+            {
+                aclMapSize++;
+            }
+            if(validityElts->recurrences)
+            {
+                aclMapSize++;
+            }
          }
  
          cborEncoderResult = cbor_encoder_create_map(&acesArray, &oicSecAclMap, aclMapSize);
@@ -204,7 +356,7 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz
          cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_SUBJECTID_NAME,
              strlen(OIC_JSON_SUBJECTID_NAME));
          VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Subject Name Tag.");
-        inLen = (memcmp(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
+        inLen = (memcmp(&(ace->subjectuuid), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
              WILDCARD_SUBJECT_ID_LEN : sizeof(OicUuid_t);
          if(inLen == WILDCARD_SUBJECT_ID_LEN)
          {
@@ -215,10 +367,10 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz
          else
          {
              char *subject = NULL;
-            ret = ConvertUuidToStr(&acl->subject, &subject);
+            ret = ConvertUuidToStr(&ace->subjectuuid, &subject);
              VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
              cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, subject, strlen(subject));
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id Value.");
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject UUID Value.");
              OICFree(subject);
          }
  
@@ -229,112 +381,168 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz
                  strlen(OIC_JSON_RESOURCES_NAME));
              VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Tag.");
  
-            cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &resources, acl->resourcesLen);
+            size_t rsrcLen = 0;
+            OicSecRsrc_t* rsrcElts = NULL;
+            LL_FOREACH(ace->resources, rsrcElts)
+            {
+                rsrcLen++;
+            }
+
+            cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &resources, rsrcLen);
              VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Array.");
  
-            for (size_t i = 0; i < acl->resourcesLen; i++)
+            OicSecRsrc_t* rsrc = NULL;
+            LL_FOREACH(ace->resources, rsrc)
              {
  
                  CborEncoder rMap;
                  cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, ACL_RESOURCE_MAP_SIZE);
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map.");
  
+                //href -- Mandatory
+                VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
                  cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME,
                          strlen(OIC_JSON_HREF_NAME));
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag.");
-                cborEncoderResult = cbor_encode_text_string(&rMap, acl->resources[i],
-                        strlen(acl->resources[i]));
+                cborEncoderResult = cbor_encode_text_string(&rMap, rsrc->href, strlen(rsrc->href));
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map.");
  
-                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
-                        strlen(OIC_JSON_REL_NAME));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
-
-                // TODO : Need to assign real value of REL
-                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
-                        strlen(OIC_JSON_EMPTY_STRING));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
-
+                //resource type -- Mandatory
                  cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME,
                          strlen(OIC_JSON_RT_NAME));
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag.");
  
-                // TODO : Need to assign real value of RT
-                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
-                        strlen(OIC_JSON_EMPTY_STRING));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value.");
+                CborEncoder resourceTypes;
+                cborEncoderResult = cbor_encoder_create_array(&rMap, &resourceTypes, rsrc->typeLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding RT Array.");
+                for(size_t i = 0; i < rsrc->typeLen; i++)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&resourceTypes, rsrc->types[i], strlen(rsrc->types[i]));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value.");
+                }
+                cborEncoderResult = cbor_encoder_close_container(&rMap, &resourceTypes);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing resourceTypes.");
  
+                //interface -- Mandatory
                  cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME,
                          strlen(OIC_JSON_IF_NAME));
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag.");
  
-                // TODO : Need to assign real value of IF
-                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
-                        strlen(OIC_JSON_EMPTY_STRING));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value.");
+                CborEncoder interfaces;
+                cborEncoderResult = cbor_encoder_create_array(&rMap, &interfaces, rsrc->interfaceLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding IF Array.");
+                for(size_t i = 0; i < rsrc->interfaceLen; i++)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&interfaces, rsrc->interfaces[i], strlen(rsrc->interfaces[i]));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value.");
+                }
+                cborEncoderResult = cbor_encoder_close_container(&rMap, &interfaces);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing interfaces.");
  
+                //rel
+                if(rsrc->rel)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
+                            strlen(OIC_JSON_REL_NAME));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
+                    cborEncoderResult = cbor_encode_text_string(&rMap, rsrc->rel, strlen(rsrc->rel));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
+                }
+                else
+                {
+                    cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
+                            strlen(OIC_JSON_REL_NAME));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
+                    cborEncoderResult = cbor_encode_text_string(&rMap, "", 0);
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
+                }
  
                  cborEncoderResult = cbor_encoder_close_container(&resources, &rMap);
                  VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map.");
-
              }
              cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &resources);
              VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Name Array.");
          }
  
-
          // Permissions -- Mandatory
          cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERMISSION_NAME,
              strlen(OIC_JSON_PERMISSION_NAME));
          VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Tag.");
-        cborEncoderResult = cbor_encode_int(&oicSecAclMap, acl->permission);
+        cborEncoderResult = cbor_encode_int(&oicSecAclMap, ace->permission);
          VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Value.");
  
-        // Period -- Not Mandatory
-        if (acl->periods)
+        // TODO: Need to verfication for validity
+        // Validity(Time-interval) -- Not Mandatory
+        if(ace->validities)
          {
-
-            CborEncoder period;
-            cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERIOD_NAME,
-                strlen(OIC_JSON_PERIOD_NAME));
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Tag.");
-            cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &period, acl->prdRecrLen);
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Array.");
-            for (size_t i = 0; i < acl->prdRecrLen; i++)
+            size_t validityLen = 0;
+            validityElts = NULL;
+            LL_FOREACH(ace->validities, validityElts)
              {
-                cborEncoderResult = cbor_encode_text_string(&period, acl->periods[i],
-                    strlen(acl->periods[i]));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Value in Array.");
+                validityLen++;
              }
-            cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &period);
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Period Array.");
-        }
  
-        // Recurrence -- Not Mandatory
-        if (acl->recurrences)
-        {
-            CborEncoder recurrences;
-            cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RECURRENCES_NAME,
-                strlen(OIC_JSON_RECURRENCES_NAME));
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Tag.");
-            cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &recurrences, acl->prdRecrLen);
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array.");
-
-            for (size_t i = 0; i < acl->prdRecrLen; i++)
+            CborEncoder validities;
+            cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_VALIDITY_NAME,
+                strlen(OIC_JSON_VALIDITY_NAME));
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validity Tag.");
+            cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &validities, validityLen);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validities Array.");
+
+            //How to add the value w/o "title" using tinycobr...? :(
+
+            validityElts = NULL;
+            LL_FOREACH(ace->validities, validityElts)
              {
-                cborEncoderResult = cbor_encode_text_string(&recurrences, acl->recurrences[i],
-                    strlen(acl->recurrences[i]));
-                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array Value.");
+                 CborEncoder validity;
+                 size_t validitySize = 0;
+                 if(validityElts->period)
+                {
+                    validitySize++;
+                }
+                if(validityElts->recurrences)
+                {
+                    validitySize++;
+                }
+
+                cborEncoderResult = cbor_encoder_create_array(&validities, &validity, validitySize);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Validity Array.");
+
+                // Period
+                if (validityElts->period)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&validity, validityElts->period,
+                        strlen(validityElts->period));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Value.");
+                }
+
+                // Recurrence
+                if (validityElts->recurrences)
+                {
+                    CborEncoder recurrences;
+                    cborEncoderResult = cbor_encoder_create_array(&validity, &recurrences, validityElts->recurrenceLen);
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array.");
+
+                    for (size_t i = 0; i < validityElts->recurrenceLen; i++)
+                    {
+                        cborEncoderResult = cbor_encode_text_string(&recurrences, validityElts->recurrences[i],
+                            strlen(validityElts->recurrences[i]));
+                        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array Value.");
+                    }
+                    cborEncoderResult = cbor_encoder_close_container(&validity, &recurrences);
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Recurrence Array");
+                }
+
+                cborEncoderResult = cbor_encoder_close_container(&validities, &validity);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Validity Array.");
              }
-            cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &recurrences);
-            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Recurrence Array");
  
+            cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &validities);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Validities Array.");
          }
  
-
          cborEncoderResult = cbor_encoder_close_container(&acesArray, &oicSecAclMap);
          VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACES Map.");
-        acl = acl->next;
      }
  
      // Close ACES Array
@@ -410,7 +618,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
      CborError cborFindResult = CborNoError;
      cbor_parser_init(cborPayload, size, 0, &parser, &aclCbor);
  
-    OicSecAcl_t *headAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+    OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
  
      // Enter ACL Map
      CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
@@ -422,7 +630,7 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
          char* tagName = NULL;
          size_t len = 0;
          CborType type = cbor_value_get_type(&aclMap);
-        if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
+        if (type == CborTextStringType)
          {
              cborFindResult = cbor_value_dup_text_string(&aclMap, &tagName, &len, NULL);
              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
@@ -442,78 +650,67 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                  while (cbor_value_is_valid(&aclistMap))
                  {
                      char* acName = NULL;
-                    size_t acLen = 0;
+                    size_t readLen = 0;
                      CborType acType = cbor_value_get_type(&aclistMap);
-                    if (acType == CborTextStringType && cbor_value_is_text_string(&aclistMap))
+                    if (acType == CborTextStringType)
                      {
-                        cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &acLen, NULL);
+                        cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &readLen, NULL);
                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACLIST Map.");
                          cborFindResult = cbor_value_advance(&aclistMap);
                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACLIST Map.");
                      }
+
                      if(acName)
                      {
                          if (strcmp(acName, OIC_JSON_ACES_NAME)  == 0)
                          {
-
                              // Enter ACES Array
-                            CborValue aclArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
-                            cborFindResult = cbor_value_enter_container(&aclistMap, &aclArray);
-                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Array.");
+                            CborValue acesArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
+                            cborFindResult = cbor_value_enter_container(&aclistMap, &acesArray);
+                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACES Array.");
  
                              int acesCount = 0;
-                            while (cbor_value_is_valid(&aclArray))
+                            while (cbor_value_is_valid(&acesArray))
                              {
                                  acesCount++;
+                                CborValue aceMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
+                                cborFindResult = cbor_value_enter_container(&acesArray, &aceMap);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACE Map.");
  
-                                CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 };
-                                cborFindResult = cbor_value_enter_container(&aclArray, &aclMap);
-                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Map.");
-                                OicSecAcl_t *acl = NULL;
+                                OicSecAce_t *ace = NULL;
+                                ace = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+                                VERIFY_NON_NULL(TAG, ace, ERROR);
+                                LL_APPEND(acl->aces, ace);
  
-                                if(acesCount == 1)
-                                {
-                                    acl = headAcl;
-                                }
-                                else
-                                {
-                                    acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
-                                    OicSecAcl_t *temp = headAcl;
-                                    while (temp->next)
-                                    {
-                                        temp = temp->next;
-                                    }
-                                    temp->next = acl;
-                                }
                                  VERIFY_NON_NULL(TAG, acl, ERROR);
  
-                                while (cbor_value_is_valid(&aclMap))
+                                while (cbor_value_is_valid(&aceMap))
                                  {
                                      char* name = NULL;
                                      size_t len = 0;
-                                    CborType type = cbor_value_get_type(&aclMap);
-                                    if (type == CborTextStringType && cbor_value_is_text_string(&aclMap))
+                                    CborType type = cbor_value_get_type(&aceMap);
+                                    if (type == CborTextStringType)
                                      {
-                                        cborFindResult = cbor_value_dup_text_string(&aclMap, &name, &len, NULL);
-                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map.");
-                                        cborFindResult = cbor_value_advance(&aclMap);
-                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACL Map.");
+                                        cborFindResult = cbor_value_dup_text_string(&aceMap, &name, &len, NULL);
+                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACE Map.");
+                                        cborFindResult = cbor_value_advance(&aceMap);
+                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACE Map.");
                                      }
                                      if (name)
                                      {
                                          // Subject -- Mandatory
-                                        if (strcmp(name, OIC_JSON_SUBJECTID_NAME)  == 0 && cbor_value_is_text_string(&aclMap))
+                                        if (strcmp(name, OIC_JSON_SUBJECTID_NAME)  == 0)
                                          {
                                              char *subject = NULL;
-                                            cborFindResult = cbor_value_dup_text_string(&aclMap, &subject, &len, NULL);
+                                            cborFindResult = cbor_value_dup_text_string(&aceMap, &subject, &len, NULL);
                                              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding subject Value.");
                                              if(strcmp(subject, WILDCARD_RESOURCE_URI) == 0)
                                              {
-                                                acl->subject.id[0] = '*';
+                                                ace->subjectuuid.id[0] = '*';
                                              }
                                              else
                                              {
-                                                ret = ConvertStrToUuid(subject, &acl->subject);
+                                                ret = ConvertStrToUuid(subject, &ace->subjectuuid);
                                                  VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
                                              }
                                              OICFree(subject);
@@ -523,14 +720,9 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                          if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0)
                                          {
                                              CborValue resources = { .parser = NULL };
-                                            cborFindResult = cbor_value_get_array_length(&aclMap, &acl->resourcesLen);
-                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Resource Array Len Value.");
-                                            cborFindResult = cbor_value_enter_container(&aclMap, &resources);
+                                            cborFindResult = cbor_value_enter_container(&aceMap, &resources);
                                              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering a Resource Array.");
  
-                                            acl->resources = (char **) OICMalloc(acl->resourcesLen * sizeof(char*));
-                                            VERIFY_NON_NULL(TAG, acl->resources, ERROR);
-                                            int i = 0;
                                              while (cbor_value_is_valid(&resources))
                                              {
                                                  // rMap
@@ -538,8 +730,11 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                                  cborFindResult = cbor_value_enter_container(&resources, &rMap);
                                                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
  
+                                                OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+                                                VERIFY_NON_NULL(TAG, rsrc, ERROR);
+                                                LL_APPEND(ace->resources, rsrc);
  
-                                                while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
+                                                while(cbor_value_is_valid(&rMap))
                                                  {
                                                      char *rMapName = NULL;
                                                      size_t rMapNameLen = 0;
@@ -551,37 +746,61 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                                      // "href"
                                                      if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName))
                                                      {
-                                                        // TODO : Need to check data structure of OicSecAcl_t based on RAML spec.
-                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &acl->resources[i++], &len, NULL);
+                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &rsrc->href, &len, NULL);
                                                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value.");
                                                      }
-                                                    // "rel"
-                                                    if (0 == strcmp(OIC_JSON_REL_NAME, rMapName))
-                                                    {
-                                                        // TODO : Need to check data structure of OicSecAcl_t based on RAML spec.
-                                                        char *relData = NULL;
-                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &relData, &len, NULL);
-                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding REL Value.");
-                                                        OICFree(relData);
-                                                    }
+
                                                      // "rt"
-                                                    if (0 == strcmp(OIC_JSON_RT_NAME, rMapName))
+                                                    if (0 == strcmp(OIC_JSON_RT_NAME, rMapName) && cbor_value_is_array(&rMap))
                                                      {
-                                                        // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec.
-                                                        char *rtData = NULL;
-                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &len, NULL);
-                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value.");
-                                                        OICFree(rtData);
+                                                        cbor_value_get_array_length(&rMap, &rsrc->typeLen);
+                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT array length.");
+                                                        VERIFY_SUCCESS(TAG, (0 != rsrc->typeLen), ERROR);
+
+                                                        rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+                                                        VERIFY_NON_NULL(TAG, rsrc->types, ERROR);
+
+                                                        CborValue resourceTypes;
+                                                        cborFindResult = cbor_value_enter_container(&rMap, &resourceTypes);
+                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering RT Array.");
+
+                                                        for(size_t i = 0; cbor_value_is_valid(&resourceTypes) && cbor_value_is_text_string(&resourceTypes); i++)
+                                                        {
+                                                            cborFindResult = cbor_value_dup_text_string(&resourceTypes, &(rsrc->types[i]), &readLen, NULL);
+                                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding resource type.");
+                                                            cborFindResult = cbor_value_advance(&resourceTypes);
+                                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing resource type.");
+                                                        }
                                                      }
  
                                                      // "if"
-                                                    if (0 == strcmp(OIC_JSON_IF_NAME, rMapName))
+                                                    if (0 == strcmp(OIC_JSON_IF_NAME, rMapName) && cbor_value_is_array(&rMap))
                                                      {
-                                                        // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec.
-                                                        char *ifData = NULL;
-                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &len, NULL);
-                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value.");
-                                                        OICFree(ifData);
+                                                        cbor_value_get_array_length(&rMap, &rsrc->interfaceLen);
+                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF array length.");
+                                                        VERIFY_SUCCESS(TAG, (0 != rsrc->interfaceLen), ERROR);
+
+                                                        rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+                                                        VERIFY_NON_NULL(TAG, rsrc->interfaces, ERROR);
+
+                                                        CborValue interfaces;
+                                                        cborFindResult = cbor_value_enter_container(&rMap, &interfaces);
+                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering IF Array.");
+
+                                                        for(size_t i = 0; cbor_value_is_valid(&interfaces) && cbor_value_is_text_string(&interfaces); i++)
+                                                        {
+                                                            cborFindResult = cbor_value_dup_text_string(&interfaces, &(rsrc->interfaces[i]), &readLen, NULL);
+                                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF type.");
+                                                            cborFindResult = cbor_value_advance(&interfaces);
+                                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing IF type.");
+                                                        }
+                                                    }
+
+                                                    // "rel"
+                                                    if (0 == strcmp(OIC_JSON_REL_NAME, rMapName))
+                                                    {
+                                                        cborFindResult = cbor_value_dup_text_string(&rMap, &rsrc->rel, &len, NULL);
+                                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding REL Value.");
                                                      }
  
                                                      if (cbor_value_is_valid(&rMap))
@@ -604,67 +823,76 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                                          if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0)
                                          {
                                              uint64_t tmp64;
-
-                                            cborFindResult = cbor_value_get_uint64(&aclMap, &tmp64);
+                                            cborFindResult = cbor_value_get_uint64(&aceMap, &tmp64);
                                              VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a PERM Value.");
-                                            acl->permission = tmp64;
+                                            ace->permission = (uint16_t)tmp64;
                                          }
  
-                                        // Period -- Not mandatory
-                                        if (strcmp(name, OIC_JSON_PERIOD_NAME) == 0 && cbor_value_is_array(&aclMap))
+                                        // TODO: Need to verfication for validity
+                                        // Validity -- Not mandatory
+                                        if(strcmp(name, OIC_JSON_VALIDITY_NAME) == 0)
                                          {
-                                            CborValue period = { .parser = NULL };
-                                            cborFindResult = cbor_value_get_array_length(&aclMap, &acl->prdRecrLen);
-                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Len.");
-                                            cborFindResult = cbor_value_enter_container(&aclMap, &period);
-                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Map.");
-                                            acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
-                                            VERIFY_NON_NULL(TAG, acl->periods, ERROR);
-                                            int i = 0;
-                                            while (cbor_value_is_text_string(&period) && cbor_value_is_text_string(&period))
-                                            {
-                                                cborFindResult = cbor_value_dup_text_string(&period, &acl->periods[i++],
-                                                    &len, NULL);
-                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Value.");
-                                                cborFindResult = cbor_value_advance(&period);
-                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a Period Array.");
-                                            }
-                                        }
+                                            CborValue validitiesMap = {.parser = NULL};
+                                            size_t validitySize = 0;
  
-                                        // Recurrence -- Not mandatory
-                                        if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0)
-                                        {
-                                            CborValue recurrences = { .parser = NULL };
-                                            cborFindResult = cbor_value_enter_container(&aclMap, &recurrences);
-                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array.");
-                                            acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
-                                            VERIFY_NON_NULL(TAG, acl->recurrences, ERROR);
-                                            int i = 0;
-                                            while (cbor_value_is_text_string(&recurrences) && cbor_value_is_text_string(&recurrences))
+                                            cborFindResult = cbor_value_get_array_length(&aceMap, &validitySize);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Validity Array Length.");
+
+                                            cborFindResult = cbor_value_enter_container(&aceMap, &validitiesMap);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a validity Array Map.");
+
+                                            while(cbor_value_is_valid(&validitiesMap))
                                              {
-                                                cborFindResult = cbor_value_dup_text_string(&recurrences,
-                                                    &acl->recurrences[i++], &len, NULL);
-                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array Value.");
-                                                cborFindResult = cbor_value_advance(&recurrences);
-                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Closing Recurrence Array.");
+                                                OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+                                                VERIFY_NON_NULL(TAG, validity, ERROR);
+                                                LL_APPEND(ace->validities, validity);
+
+                                                CborValue validityMap  = {.parser = NULL};
+                                                //period (string)
+                                                cborFindResult = cbor_value_enter_container(&validitiesMap, &validityMap);
+                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a validity Map.");
+
+                                                size_t len = 0;
+                                                cborFindResult =cbor_value_dup_text_string(&validityMap, &validity->period, &len, NULL);
+                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period value.");
+
+                                                //recurrence (string array)
+                                                CborValue recurrenceMap  = {.parser = NULL};
+                                                cborFindResult = cbor_value_enter_container(&validityMap, &recurrenceMap);
+                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a recurrence array.");
+
+                                                cborFindResult = cbor_value_get_array_length(&recurrenceMap, &validity->recurrenceLen);
+                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array.");
+
+                                                validity->recurrences = (char**)OICCalloc(validity->recurrenceLen, sizeof(char*));
+                                                VERIFY_NON_NULL(TAG, validity->recurrences, ERROR);
+
+                                                for(size_t i = 0; cbor_value_is_text_string(&recurrenceMap) && i < validity->recurrenceLen; i++)
+                                                {
+                                                    cborFindResult = cbor_value_dup_text_string(&recurrenceMap, &validity->recurrences[i], &len, NULL);
+                                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a recurrence Value.");
+
+                                                    cborFindResult = cbor_value_advance(&recurrenceMap);
+                                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a recurrences Array.");
+                                                }
+
+                                                cborFindResult = cbor_value_advance(&validitiesMap);
+                                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a validities Array.");
                                              }
                                          }
-
                                          OICFree(name);
                                      }
  
-                                    if (type != CborMapType && cbor_value_is_valid(&aclMap))
+                                    if (type != CborMapType && cbor_value_is_valid(&aceMap))
                                      {
-                                        cborFindResult = cbor_value_advance(&aclMap);
+                                        cborFindResult = cbor_value_advance(&aceMap);
                                          VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing the Array.");
                                      }
                                  }
  
-                                acl->next = NULL;
-
-                                if (cbor_value_is_valid(&aclArray))
+                                if (cbor_value_is_valid(&acesArray))
                                  {
-                                    cborFindResult = cbor_value_advance(&aclArray);
+                                    cborFindResult = cbor_value_advance(&acesArray);
                                      VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACL Array.");
                                  }
                              }
@@ -680,13 +908,13 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size)
                  }
              }
  
-            // TODO : Need to modify headAcl->owners[0].id to headAcl->rowner based on RAML spec.
-            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0 && cbor_value_is_text_string(&aclMap))
+            //rownerID -- Mandatory
+            if (strcmp(tagName, OIC_JSON_ROWNERID_NAME)  == 0)
              {
                  char *stRowner = NULL;
                  cborFindResult = cbor_value_dup_text_string(&aclMap, &stRowner, &len, NULL);
                  VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rownerid Value.");
-                ret = ConvertStrToUuid(stRowner, &headAcl->rownerID);
+                ret = ConvertStrToUuid(stRowner, &acl->rownerID);
                  VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
                  OICFree(stRowner);
              }
@@ -703,10 +931,11 @@ exit:
      if (cborFindResult != CborNoError)
      {
          OIC_LOG(ERROR, TAG, "Failed to CBORPayloadToAcl");
-        DeleteACLList(headAcl);
-        headAcl = NULL;
+        DeleteACLList(acl);
+        acl = NULL;
      }
-    return headAcl;
+
+    return acl;
  }
  
  /**
@@ -724,8 +953,8 @@ static OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource)
  {
      OIC_LOG(DEBUG, TAG, "IN RemoveACE");
  
-    OicSecAcl_t *acl = NULL;
-    OicSecAcl_t *tempAcl = NULL;
+    OicSecAce_t *ace = NULL;
+    OicSecAce_t *tempAce = NULL;
      bool deleteFlag = false;
      OCStackResult ret = OC_STACK_NO_RESOURCE;
  
@@ -738,12 +967,12 @@ static OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource)
      //If resource is NULL then delete all the ACE for the subject.
      if (NULL == resource || resource[0] == '\0')
      {
-        LL_FOREACH_SAFE(gAcl, acl, tempAcl)
+        LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
          {
-            if (memcmp(acl->subject.id, subject->id, sizeof(subject->id)) == 0)
+            if (memcmp(ace->subjectuuid.id, subject->id, sizeof(subject->id)) == 0)
              {
-                LL_DELETE(gAcl, acl);
-                FreeACE(acl);
+                LL_DELETE(gAcl->aces, ace);
+                FreeACE(ace);
                  deleteFlag = true;
              }
          }
@@ -754,42 +983,29 @@ static OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource)
          //resource in the ACE for the subject then delete the whole ACE. If there are more resources
          //than the required resource in the ACE, for the subject then just delete the resource from
          //the resource array
-        LL_FOREACH_SAFE(gAcl, acl, tempAcl)
+        LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
          {
-            if (memcmp(acl->subject.id, subject->id, sizeof(subject->id)) == 0)
+            if (memcmp(ace->subjectuuid.id, subject->id, sizeof(subject->id)) == 0)
              {
-                if (1 == acl->resourcesLen && strcmp(acl->resources[0], resource) == 0)
+                OicSecRsrc_t* rsrc = NULL;
+                OicSecRsrc_t* tempRsrc = NULL;
+                LL_FOREACH_SAFE(ace->resources, rsrc, tempRsrc)
                  {
-                    LL_DELETE(gAcl, acl);
-                    FreeACE(acl);
-                    deleteFlag = true;
-                    break;
-                }
-                else
-                {
-                    size_t resPos = -1;
-                    size_t i;
-                    for (i = 0; i < acl->resourcesLen; i++)
-                    {
-                        if (strcmp(acl->resources[i], resource) == 0)
-                        {
-                            resPos = i;
-                            break;
-                        }
-                    }
-                    if (0 <= (int) resPos)
+                    if(strcmp(rsrc->href, resource) == 0)
                      {
-                        OICFree(acl->resources[resPos]);
-                        acl->resources[resPos] = NULL;
-                        acl->resourcesLen -= 1;
-                        for (i = resPos; i < acl->resourcesLen; i++)
-                        {
-                            acl->resources[i] = acl->resources[i + 1];
-                        }
+                        LL_DELETE(ace->resources, rsrc);
+                        FreeRsrc(rsrc);
                          deleteFlag = true;
-                        break;
                      }
                  }
+
+                //If resource list is empty
+                if(NULL == ace->resources && true == deleteFlag)
+                {
+                    //Remove the ACE from ACL
+                    LL_DELETE(gAcl->aces, ace);
+                    FreeACE(ace);
+                }
              }
          }
      }
@@ -899,8 +1115,12 @@ static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *e
  
          char resource[MAX_URI_LENGTH] = { 0 };
  
-        OicSecAcl_t *savePtr = NULL;
-        const OicSecAcl_t *currentAce = NULL;
+        OicSecAce_t *savePtr = NULL;
+        const OicSecAce_t *currentAce = NULL;
+        OicSecAcl_t targetAcl;
+
+        memcpy(&targetAcl.rownerID, &gAcl->rownerID, sizeof(OicUuid_t));
+        targetAcl.aces = NULL;
  
          // 'Subject' field is MUST for processing a querystring in REST request.
          GetResourceFromQueryString(ehRequest->query, resource, sizeof(resource));
@@ -912,20 +1132,22 @@ static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *e
           */
          while ((currentAce = GetACLResourceData(&subject, &savePtr)))
          {
+            targetAcl.aces = (OicSecAce_t*)currentAce;
+
              /*
               * If REST querystring contains a specific resource, we need
               * to search for that resource in ACE.
               */
              if (resource[0] != '\0')
              {
-                for (size_t n = 0; n < currentAce->resourcesLen; n++)
+                OicSecRsrc_t *rsrc = NULL;
+                LL_FOREACH(currentAce->resources, rsrc)
                  {
-                    if ((currentAce->resources[n])
-                            && (0 == strcmp(resource, currentAce->resources[n])
-                                    || 0 == strcmp(WILDCARD_RESOURCE_URI, currentAce->resources[n])))
+                    if(0 == strcmp(rsrc->href, resource) ||
+                        0 == strcmp(WILDCARD_RESOURCE_URI, rsrc->href))
                      {
                          // Convert ACL data into CBOR format for transmission
-                        if (OC_STACK_OK != AclToCBORPayload(currentAce, &payload, &size))
+                        if (OC_STACK_OK != AclToCBORPayload(&targetAcl, &payload, &size))
                          {
                              ehRet = OC_EH_ERROR;
                          }
@@ -936,7 +1158,7 @@ static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *e
              else
              {
                  // Convert ACL data into CBOR format for transmission
-                if (OC_STACK_OK != AclToCBORPayload(currentAce, &payload, &size))
+                if (OC_STACK_OK != AclToCBORPayload(&targetAcl, &payload, &size))
                  {
                      ehRet = OC_EH_ERROR;
                  }
@@ -984,27 +1206,27 @@ static OCEntityHandlerResult HandleACLPostRequest(const OCEntityHandlerRequest *
          if (newAcl)
          {
              // Append the new ACL to existing ACL
-            LL_APPEND(gAcl, newAcl);
-            size_t size = 0;
-            // In case of unit test do not update persistant storage.
-            if (memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_ID, sizeof(newAcl->subject.id)) == 0
-                || memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_B64_ID, sizeof(newAcl->subject.id)) == 0)
+            OicSecAce_t* newAce = NULL;
+            OicSecAce_t* tempAce = NULL;
+            LL_FOREACH_SAFE(newAcl->aces, newAce, tempAce)
              {
-                ehRet = OC_EH_RESOURCE_CREATED;
+                LL_APPEND(gAcl->aces, newAce);
              }
-            else
+            newAcl->aces = NULL;
+
+            size_t size = 0;
+            uint8_t *cborPayload = NULL;
+            if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size))
              {
-                uint8_t *cborPayload = NULL;
-                if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size))
+                if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK)
                  {
-                    if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK)
-                    {
-                        ehRet = OC_EH_RESOURCE_CREATED;
-                    }
-                    OICFree(cborPayload);
+                    ehRet = OC_EH_RESOURCE_CREATED;
                  }
+                OICFree(cborPayload);
              }
          }
+
+        DeleteACLList(newAcl);
      }
  
      // Send payload to request originator
@@ -1120,8 +1342,15 @@ OCStackResult SetDefaultACL(OicSecAcl_t *acl)
  OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
  {
      OCStackResult ret = OC_STACK_ERROR;
-
      OicUuid_t ownerId = { .id = { 0 } };
+    OicSecAcl_t *acl = NULL;
+    OicSecAce_t *ace = NULL;
+    OicSecRsrc_t* resRsrc = NULL;
+    OicSecRsrc_t* deviceRsrc = NULL;
+    OicSecRsrc_t* platformRsrc = NULL;
+    OicSecRsrc_t* aclRsrc = NULL;
+    OicSecRsrc_t* doxmRsrc = NULL;
+    OicSecRsrc_t* pstatRsrc = NULL;
  
      /*
       * TODO In future, when new virtual resources will be added in OIC
@@ -1130,48 +1359,133 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
       * mechanism in SVR database.
       */
  
-    const char *rsrcs[] = {
-        OC_RSRVD_WELL_KNOWN_URI,
-        OC_RSRVD_DEVICE_URI,
-        OC_RSRVD_PLATFORM_URI,
-        OC_RSRVD_RESOURCE_TYPES_URI,
-#ifdef WITH_PRESENCE
-        OC_RSRVD_PRESENCE_URI,
-#endif //WITH_PRESENCE
-        OIC_RSRC_ACL_URI,
-        OIC_RSRC_DOXM_URI,
-        OIC_RSRC_PSTAT_URI,
-    };
-
      if (!defaultAcl)
      {
          return OC_STACK_INVALID_PARAM;
      }
  
-    OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+    acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
      VERIFY_NON_NULL(TAG, acl, ERROR);
  
-    // Subject -- Mandatory
-    memcpy(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(acl->subject));
-
-    // Resources -- Mandatory
-    acl->resourcesLen = sizeof(rsrcs) / sizeof(rsrcs[0]);
+    ace = (OicSecAce_t *) OICCalloc(1, sizeof(OicSecAce_t));
+    VERIFY_NON_NULL(TAG, ace, ERROR);
  
-    acl->resources = (char**) OICCalloc(acl->resourcesLen, sizeof(char*));
-    VERIFY_NON_NULL(TAG, (acl->resources), ERROR);
+    LL_APPEND(acl->aces, ace);
  
-    for (size_t i = 0; i < acl->resourcesLen; i++)
-    {
-        size_t len = strlen(rsrcs[i]) + 1;
-        acl->resources[i] = (char*) OICMalloc(len * sizeof(char));
-        VERIFY_NON_NULL(TAG, (acl->resources[i]), ERROR);
-        OICStrcpy(acl->resources[i], len, rsrcs[i]);
-    }
+    // Subject -- Mandatory
+    memcpy(ace->subjectuuid.id, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t));
  
-    acl->permission = PERMISSION_READ;
-    acl->prdRecrLen = 0;
-    acl->periods = NULL;
-    acl->recurrences = NULL;
+    // Resources -- Mandatory
+    // /oic/res
+    resRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, resRsrc, ERROR);
+    LL_APPEND(ace->resources, resRsrc);
+    resRsrc->href = OICStrdup(OC_RSRVD_WELL_KNOWN_URI);
+    VERIFY_NON_NULL(TAG, (resRsrc->href), ERROR);
+    resRsrc->typeLen = 1;
+    resRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, resRsrc->types, ERROR);
+    resRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_RES);
+    VERIFY_NON_NULL(TAG, resRsrc->types[0], ERROR);
+    resRsrc->interfaceLen = 2;
+    resRsrc->interfaces = (char**)OICCalloc(resRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, resRsrc->interfaces, ERROR);
+    resRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, resRsrc->interfaces[0], ERROR);
+    resRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+    VERIFY_NON_NULL(TAG, resRsrc->interfaces[1], ERROR);
+
+    // /oic/d
+    deviceRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, deviceRsrc, ERROR);
+    LL_APPEND(ace->resources, deviceRsrc);
+    deviceRsrc->href = OICStrdup(OC_RSRVD_DEVICE_URI);
+    VERIFY_NON_NULL(TAG, (deviceRsrc->href), ERROR);
+    deviceRsrc->typeLen = 1;
+    deviceRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, deviceRsrc->types, ERROR);
+    deviceRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_DEVICE);
+    VERIFY_NON_NULL(TAG, deviceRsrc->types[0], ERROR);
+    deviceRsrc->interfaceLen = 2;
+    deviceRsrc->interfaces = (char**)OICCalloc(deviceRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, deviceRsrc->interfaces, ERROR);
+    deviceRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, deviceRsrc->interfaces[0], ERROR);
+    deviceRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+    VERIFY_NON_NULL(TAG, deviceRsrc->interfaces[1], ERROR);
+
+    // /oic/p
+    platformRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, platformRsrc, ERROR);
+    LL_APPEND(ace->resources, platformRsrc);
+    platformRsrc->href = OICStrdup(OC_RSRVD_PLATFORM_URI);
+    VERIFY_NON_NULL(TAG, (platformRsrc->href), ERROR);
+    platformRsrc->typeLen = 1;
+    platformRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, platformRsrc->types, ERROR);
+    platformRsrc->types[0] = OICStrdup(OC_RSRVD_RESOURCE_TYPE_PLATFORM);
+    VERIFY_NON_NULL(TAG, platformRsrc->types[0], ERROR);
+    platformRsrc->interfaceLen = 2;
+    platformRsrc->interfaces = (char**)OICCalloc(platformRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, platformRsrc->interfaces, ERROR);
+    platformRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, platformRsrc->interfaces[0], ERROR);
+    platformRsrc->interfaces[1] = OICStrdup(OC_RSRVD_INTERFACE_READ);
+    VERIFY_NON_NULL(TAG, platformRsrc->interfaces[1], ERROR);
+
+    // /oic/sec/acl
+    aclRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, aclRsrc, ERROR);
+    LL_APPEND(ace->resources, aclRsrc);
+    aclRsrc->href = OICStrdup(OIC_RSRC_ACL_URI);
+    VERIFY_NON_NULL(TAG, (aclRsrc->href), ERROR);
+    aclRsrc->typeLen = 1;
+    aclRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, aclRsrc->types, ERROR);
+    aclRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_ACL);
+    VERIFY_NON_NULL(TAG, aclRsrc->types[0], ERROR);
+    aclRsrc->interfaceLen = 1;
+    aclRsrc->interfaces = (char**)OICCalloc(aclRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, aclRsrc->interfaces, ERROR);
+    aclRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, aclRsrc->interfaces[0], ERROR);
+
+    // /oic/sec/doxm
+    doxmRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, doxmRsrc, ERROR);
+    LL_APPEND(ace->resources, doxmRsrc);
+    doxmRsrc->href = OICStrdup(OIC_RSRC_DOXM_URI);
+    VERIFY_NON_NULL(TAG, (doxmRsrc->href), ERROR);
+    doxmRsrc->typeLen = 1;
+    doxmRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, doxmRsrc->types, ERROR);
+    doxmRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_DOXM);
+    VERIFY_NON_NULL(TAG, doxmRsrc->types[0], ERROR);
+    doxmRsrc->interfaceLen = 1;
+    doxmRsrc->interfaces = (char**)OICCalloc(doxmRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, doxmRsrc->interfaces, ERROR);
+    doxmRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, doxmRsrc->interfaces[0], ERROR);
+
+    // /oic/sec/pstat
+    pstatRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, pstatRsrc, ERROR);
+    LL_APPEND(ace->resources, pstatRsrc);
+    pstatRsrc->href = OICStrdup(OIC_RSRC_PSTAT_URI);
+    VERIFY_NON_NULL(TAG, (pstatRsrc->href), ERROR);
+    pstatRsrc->typeLen = 1;
+    pstatRsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, pstatRsrc->types, ERROR);
+    pstatRsrc->types[0] = OICStrdup(OIC_RSRC_TYPE_SEC_PSTAT);
+    VERIFY_NON_NULL(TAG, pstatRsrc->types[0], ERROR);
+    pstatRsrc->interfaceLen = 1;
+    pstatRsrc->interfaces = (char**)OICCalloc(pstatRsrc->interfaceLen, sizeof(char*));
+    VERIFY_NON_NULL(TAG, pstatRsrc->interfaces, ERROR);
+    pstatRsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+    VERIFY_NON_NULL(TAG, pstatRsrc->interfaces[0], ERROR);
+
+    ace->permission = PERMISSION_READ;
+    ace->validities = NULL;
  
      // Device ID is the owner of this default ACL
      if (GetDoxmResourceData() != NULL)
@@ -1187,8 +1501,6 @@ OCStackResult GetDefaultACL(OicSecAcl_t** defaultAcl)
  
      memcpy(&acl->rownerID, &ownerId, sizeof(OicUuid_t));
  
-    acl->next = NULL;
-
      *defaultAcl = acl;
      ret = OC_STACK_OK;
  
@@ -1211,7 +1523,7 @@ OCStackResult InitACLResource()
      size_t size = 0;
      ret = GetSecureVirtualDatabaseFromPS(OIC_JSON_ACL_NAME, &data, &size);
      // If database read failed
-    if (ret != OC_STACK_OK)
+    if (OC_STACK_OK != ret)
      {
          OIC_LOG(DEBUG, TAG, "ReadSVDataFromPS failed");
      }
@@ -1227,7 +1539,11 @@ OCStackResult InitACLResource()
       */
      if (!gAcl)
      {
-        GetDefaultACL(&gAcl);
+        ret = GetDefaultACL(&gAcl);
+        if (OC_STACK_OK != ret)
+        {
+            OIC_LOG(ERROR, TAG, "Failed to create default ACL");
+        }
          // TODO Needs to update persistent storage
      }
      VERIFY_NON_NULL(TAG, gAcl, FATAL);
@@ -1256,10 +1572,10 @@ OCStackResult DeInitACLResource()
      return ret;
  }
  
-const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **savePtr)
+const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr)
  {
-    OicSecAcl_t *acl = NULL;
-    OicSecAcl_t *begin = NULL;
+    OicSecAce_t *ace = NULL;
+    OicSecAce_t *begin = NULL;
  
      if (NULL == subjectId)
      {
@@ -1272,7 +1588,7 @@ const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **
       */
      if (NULL == *savePtr)
      {
-        begin = gAcl;
+        begin = gAcl->aces;
      }
      else
      {
@@ -1281,22 +1597,22 @@ const OicSecAcl_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAcl_t **
           * savePtr and assign 'begin' to the next ACL after it in the linked
           * list and start searching from there.
           */
-        LL_FOREACH(gAcl, acl)
+        LL_FOREACH(gAcl->aces, ace)
          {
-            if (acl == *savePtr)
+            if (ace == *savePtr)
              {
-                begin = acl->next;
+                begin = ace->next;
              }
          }
      }
  
      // Find the next ACL corresponding to the 'subjectID' and return it.
-    LL_FOREACH(begin, acl)
+    LL_FOREACH(begin, ace)
      {
-        if (memcmp(&(acl->subject), subjectId, sizeof(OicUuid_t)) == 0)
+        if (memcmp(&(ace->subjectuuid), subjectId, sizeof(OicUuid_t)) == 0)
          {
-            *savePtr = acl;
-            return acl;
+            *savePtr = ace;
+            return ace;
          }
      }
  
@@ -1315,26 +1631,21 @@ OCStackResult InstallNewACL(const uint8_t *cborPayload, const size_t size)
      if (newAcl)
      {
          // Append the new ACL to existing ACL
-        LL_APPEND(gAcl, newAcl);
-
-        // Update persistent storage only if it is not WILDCARD_SUBJECT_ID
-        if (memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_ID, sizeof(newAcl->subject.id)) == 0
-            || memcmp(newAcl->subject.id, &WILDCARD_SUBJECT_B64_ID, sizeof(newAcl->subject.id)) == 0)
+        OicSecAce_t* newAce = NULL;
+        LL_FOREACH(newAcl->aces, newAce)
          {
-            ret = OC_STACK_OK;
+            LL_APPEND(gAcl->aces, newAce);
          }
-        else
+
+        size_t size = 0;
+        uint8_t *payload = NULL;
+        if (OC_STACK_OK == AclToCBORPayload(gAcl, &payload, &size))
          {
-            size_t size = 0;
-            uint8_t *payload = NULL;
-            if (OC_STACK_OK == AclToCBORPayload(gAcl, &payload, &size))
+            if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, payload, size) == OC_STACK_OK)
              {
-                if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, payload, size) == OC_STACK_OK)
-                {
-                    ret = OC_STACK_OK;
-                }
-                OICFree(payload);
+                ret = OC_STACK_OK;
              }
+            OICFree(payload);
          }
      }
  
@@ -1342,89 +1653,125 @@ OCStackResult InstallNewACL(const uint8_t *cborPayload, const size_t size)
  }
  
  /**
- * This function generates default ACL for security resource in case of owned status.
+ * This function generates default ACE for security resource in case of owned status.
   *
- * @return Default ACL for security resource.
+ * @return Default ACE for security resource.
   */
-static OicSecAcl_t* GetSecDefaultACL()
+static OicSecAce_t* GetSecDefaultACE()
  {
-    const char *sec_rsrcs[] = {
-        OIC_RSRC_DOXM_URI,
-        OIC_RSRC_PSTAT_URI
-    };
-    OicUuid_t ownerId = {.id = {0}};
-    OCStackResult res = OC_STACK_ERROR;
-    OicSecAcl_t* newDefaultAcl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
-    VERIFY_NON_NULL(TAG, newDefaultAcl, ERROR);
+    const int NUM_OF_DOXM_RT = 1;
+    const int NUM_OF_DOXM_IF  = 1;
+    const int NUM_OF_PSTAT_RT = 1;
+    const int NUM_OF_PSTAT_IF = 1;
+    const char *doxmRt[] = { OIC_RSRC_TYPE_SEC_DOXM };
+    const char *pstatRt[] = { OIC_RSRC_TYPE_SEC_PSTAT };
+    const char *doxmIf[] = { OC_RSRVD_INTERFACE_DEFAULT };
+    const char *pstatIf[] = { OC_RSRVD_INTERFACE_DEFAULT };
+    OicSecRsrc_t* doxmRsrc = NULL;
+    OicSecRsrc_t* pstatRsrc = NULL;
+
+    //Generate default ACE
+    OicSecAce_t* newAce = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    VERIFY_NON_NULL(TAG, newAce, ERROR);
  
      // Subject -- Mandatory
-    memcpy(&(newDefaultAcl->subject), &WILDCARD_SUBJECT_ID, WILDCARD_SUBJECT_ID_LEN);
-
-    // Resources -- Mandatory
-    newDefaultAcl->resourcesLen = NUMBER_OF_DEFAULT_SEC_RSCS;
-    newDefaultAcl->resources = (char**)OICCalloc(NUMBER_OF_DEFAULT_SEC_RSCS, sizeof(char*));
-    VERIFY_NON_NULL(TAG, (newDefaultAcl->resources), ERROR);
+    memcpy(newAce->subjectuuid.id, &WILDCARD_SUBJECT_ID, WILDCARD_SUBJECT_ID_LEN);
+
+    //Resources -- Mandatory
+    //Add doxm
+    doxmRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, doxmRsrc, ERROR);
+    LL_APPEND(newAce->resources, doxmRsrc);
+    // pstat-href
+    doxmRsrc->href = OICStrdup(OIC_RSRC_DOXM_URI);
+    VERIFY_NON_NULL(TAG, (doxmRsrc->href), ERROR);
+    // pstat-rt
+    doxmRsrc->typeLen = NUM_OF_DOXM_RT;
+    doxmRsrc->types = (char**)OICCalloc(NUM_OF_DOXM_RT, sizeof(char*));
+    VERIFY_NON_NULL(TAG, (doxmRsrc->types), ERROR);
+    for(int i = 0; i < NUM_OF_DOXM_RT; i++)
+    {
+        doxmRsrc->types[i] = OICStrdup(doxmRt[i]);
+        VERIFY_NON_NULL(TAG, (doxmRsrc->types[i]), ERROR);
+    }
+    // pstat-if
+    doxmRsrc->interfaceLen = NUM_OF_DOXM_IF;
+    doxmRsrc->interfaces = (char**)OICCalloc(NUM_OF_DOXM_IF, sizeof(char*));
+    VERIFY_NON_NULL(TAG, (doxmRsrc->interfaces), ERROR);
+    for(int i = 0; i < NUM_OF_DOXM_IF; i++)
+    {
+        doxmRsrc->interfaces[i] = OICStrdup(doxmIf[i]);
+        VERIFY_NON_NULL(TAG, (doxmRsrc->interfaces[i]), ERROR);
+    }
  
-    for (size_t i = 0; i <  NUMBER_OF_DEFAULT_SEC_RSCS; i++)
+    //Add pstat
+    pstatRsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, pstatRsrc, ERROR);
+    LL_APPEND(newAce->resources, pstatRsrc);
+    //pstat-href
+    pstatRsrc->href = OICStrdup(OIC_RSRC_PSTAT_URI);
+    VERIFY_NON_NULL(TAG, (pstatRsrc->href), ERROR);
+    //pstat-rt
+    pstatRsrc->typeLen = NUM_OF_PSTAT_RT;
+    pstatRsrc->types = (char**)OICCalloc(NUM_OF_PSTAT_RT, sizeof(char*));
+    VERIFY_NON_NULL(TAG, (pstatRsrc->types), ERROR);
+    for(int i = 0; i < NUM_OF_PSTAT_RT; i++)
      {
-        size_t len = strlen(sec_rsrcs[i]) + 1;
-        newDefaultAcl->resources[i] = (char*)OICMalloc(len * sizeof(char));
-        VERIFY_NON_NULL(TAG, (newDefaultAcl->resources[i]), ERROR);
-        OICStrcpy(newDefaultAcl->resources[i], len, sec_rsrcs[i]);
+        pstatRsrc->types[i] = OICStrdup(pstatRt[i]);
+        VERIFY_NON_NULL(TAG, (pstatRsrc->types[i]), ERROR);
+    }
+    // pstat-if
+    pstatRsrc->interfaceLen = NUM_OF_PSTAT_IF;
+    pstatRsrc->interfaces = (char**)OICCalloc(NUM_OF_PSTAT_IF, sizeof(char*));
+    VERIFY_NON_NULL(TAG, (pstatRsrc->interfaces), ERROR);
+    for(int i = 0; i < NUM_OF_PSTAT_IF; i++)
+    {
+        pstatRsrc->interfaces[i] = OICStrdup(pstatIf[i]);
+        VERIFY_NON_NULL(TAG, (pstatRsrc->interfaces[i]), ERROR);
      }
  
      // Permissions -- Mandatory
-    newDefaultAcl->permission = PERMISSION_READ;
+    newAce->permission = PERMISSION_READ;
  
      //Period -- Not Mandatory
-    newDefaultAcl->prdRecrLen = 0;
-    newDefaultAcl->periods = NULL;
-
-    //Recurrence -- Not Mandatory
-    newDefaultAcl->recurrences = NULL;
-
-    // Device ID is the owner of this default ACL
-    res = GetDoxmDeviceID(&ownerId);
-    VERIFY_SUCCESS(TAG, OC_STACK_OK == res, FATAL);
-
-    // Owners -- Mandatory
-    memcpy(&newDefaultAcl->rownerID, &ownerId, sizeof(OicUuid_t));
+    newAce->validities = NULL;
  
-    return newDefaultAcl;
+    return newAce;
  exit:
-    DeleteACLList(newDefaultAcl);
+    FreeACE(newAce);
      return NULL;
  
  }
  
-OCStackResult UpdateDefaultSecProvACL()
+OCStackResult UpdateDefaultSecProvACE()
  {
      OCStackResult ret = OC_STACK_OK;
-    OicSecAcl_t *acl = NULL;
-    OicSecAcl_t *tmp = NULL;
+    OicSecAce_t *ace = NULL;
+    OicSecAce_t *tempAce = NULL;
  
      if(gAcl)
      {
          int matchedRsrc = 0;
          bool isRemoved = false;
  
-        LL_FOREACH_SAFE(gAcl, acl, tmp)
+        LL_FOREACH_SAFE(gAcl->aces, ace, tempAce)
          {
              //Find default security resource ACL
-            if(memcmp(&acl->subject, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0 &&
-                ((PERMISSION_READ | PERMISSION_WRITE) == acl->permission))
+            if(memcmp(&ace->subjectuuid, &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0 &&
+                ((PERMISSION_READ | PERMISSION_WRITE) == ace->permission))
              {
                  matchedRsrc = 0;
  
-                for(size_t i = 0; i < acl->resourcesLen; i++)
+                OicSecRsrc_t* rsrc = NULL;
+                LL_FOREACH(ace->resources, rsrc)
                  {
-                    if(strncmp(acl->resources[i], OIC_RSRC_DOXM_URI,
+                    if(strncmp(rsrc->href, OIC_RSRC_DOXM_URI,
                                 strlen(OIC_RSRC_DOXM_URI) + 1) == 0 ||
-                       strncmp(acl->resources[i], OIC_RSRC_CRED_URI,
+                       strncmp(rsrc->href, OIC_RSRC_CRED_URI,
                                 strlen(OIC_RSRC_CRED_URI) + 1) == 0 ||
-                       strncmp(acl->resources[i], OIC_RSRC_ACL_URI,
+                       strncmp(rsrc->href, OIC_RSRC_ACL_URI,
                                 strlen(OIC_RSRC_ACL_URI) + 1) == 0 ||
-                       strncmp(acl->resources[i], OIC_RSRC_PSTAT_URI,
+                       strncmp(rsrc->href, OIC_RSRC_PSTAT_URI,
                                 strlen(OIC_RSRC_PSTAT_URI) + 1) == 0)
                      {
                          matchedRsrc++;
@@ -1434,8 +1781,8 @@ OCStackResult UpdateDefaultSecProvACL()
                  //If default security resource ACL is detected, delete it.
                  if(NUMBER_OF_SEC_PROV_RSCS == matchedRsrc)
                  {
-                    LL_DELETE(gAcl, acl);
-                    FreeACE(acl);
+                    LL_DELETE(gAcl->aces, ace);
+                    FreeACE(ace);
                      isRemoved = true;
                  }
              }
@@ -1444,15 +1791,15 @@ OCStackResult UpdateDefaultSecProvACL()
          if(isRemoved)
          {
              /*
-             * Generate new security resource ACL as follows :
+             * Generate new security resource ACE as follows :
               *      subject : "*"
               *      resources :  '/oic/sec/doxm', '/oic/sec/pstat'
               *      permission : READ
               */
-            OicSecAcl_t *newDefaultAcl = GetSecDefaultACL();
-            if (newDefaultAcl)
+            OicSecAce_t *secDefaultAce = GetSecDefaultACE();
+            if (secDefaultAce)
              {
-                LL_APPEND(gAcl, newDefaultAcl);
+                LL_APPEND(gAcl->aces, secDefaultAce);
  
                  size_t size = 0;
                  uint8_t *payload = NULL;
diff --git a/resource/csdk/security/src/doxmresource.c b/resource/csdk/security/src/doxmresource.c

index a3c3243..b0372fe 100644 (file)
--- a/resource/csdk/security/src/doxmresource.c
+++ b/resource/csdk/security/src/doxmresource.c
@@ -828,8 +828,8 @@ static OCEntityHandlerResult HandleDoxmPostRequest(const OCEntityHandlerRequest
                  // Update new state in persistent storage
                  if (UpdatePersistentStorage(gDoxm))
                  {
-                    //Update default ACL of security resource to prevent anonymous user access.
-                    if(OC_STACK_OK == UpdateDefaultSecProvACL())
+                    //Update default ACE of security resource to prevent anonymous user access.
+                    if(OC_STACK_OK == UpdateDefaultSecProvACE())
                      {
                          ehRet = OC_EH_OK;
                      }
diff --git a/resource/csdk/security/src/dpairingresource.c b/resource/csdk/security/src/dpairingresource.c

index 01eccd0..4d0c88b 100644 (file)
--- a/resource/csdk/security/src/dpairingresource.c
+++ b/resource/csdk/security/src/dpairingresource.c
@@ -134,7 +134,7 @@ OCStackResult SavePairingPSK(OCDevAddr *endpoint,
      }
  
      uint8_t pairingPSK[OWNER_PSK_LENGTH_128] = {0};
-    OicSecKey_t pairingKey = {pairingPSK, OWNER_PSK_LENGTH_128};
+    OicSecKey_t pairingKey = {pairingPSK, OWNER_PSK_LENGTH_128, OIC_ENCODING_RAW};
  
      //Generating PairingPSK using OwnerPSK scheme
      CAResult_t pskRet = CAGenerateOwnerPSK((const CAEndpoint_t *)endpoint,
@@ -557,24 +557,72 @@ static OCEntityHandlerResult HandleDpairingPutRequest (const OCEntityHandlerRequ
          OicSecPdAcl_t *pdAcl;
          LL_FOREACH(pconf->pdacls, pdAcl)
          {
-            OicSecAcl_t acl;
-            memset(&acl, 0, sizeof(OicSecAcl_t));
-            memcpy(&acl.subject, &gDpair->pdeviceID, sizeof(OicUuid_t));
-            acl.resources = pdAcl->resources;
-            acl.resourcesLen = pdAcl->resourcesLen;
-            memcpy(&acl.rownerID, &pconf->rownerID, sizeof(OicUuid_t));
-            acl.permission = pdAcl->permission;
-            acl.periods = pdAcl->periods;
-            acl.recurrences = pdAcl->recurrences;
-            acl.prdRecrLen = pdAcl->prdRecrLen;
+            OicSecAcl_t* acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
+            VERIFY_NON_NULL(TAG, acl, ERROR);
+
+            OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+            VERIFY_NON_NULL(TAG, ace, ERROR);
+
+            LL_APPEND(acl->aces, ace);
+
+            memcpy(&ace->subjectuuid, &gDpair->pdeviceID, sizeof(OicUuid_t));
+
+            for(size_t i = 0; i < pdAcl->resourcesLen; i++)
+            {
+                OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+                VERIFY_NON_NULL(TAG, rsrc, ERROR);
+
+                size_t rsrcLen = strlen(pdAcl->resources[i]) + 1;
+                rsrc->href = (char*)OICMalloc(rsrcLen * sizeof(char));
+                VERIFY_NON_NULL(TAG, (rsrc->href), ERROR);
+
+                OICStrcpy(rsrc->href, rsrcLen, pdAcl->resources[i]);
+                LL_APPEND(ace->resources, rsrc);
+            }
+
+            ace->permission = pdAcl->permission;
+
+            //Copy the validity
+            if(pdAcl->periods || pdAcl->recurrences)
+            {
+                OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+                VERIFY_NON_NULL(TAG, validity, ERROR);
+
+                if(pdAcl->periods && pdAcl->periods[0])
+                {
+                    size_t periodLen = strlen(pdAcl->periods[0]) + 1;
+                    validity->period = (char*)OICMalloc(periodLen * sizeof(char));
+                    VERIFY_NON_NULL(TAG, (validity->period), ERROR);
+                    OICStrcpy(validity->period, periodLen, pdAcl->periods[0]);
+                }
+
+                if(pdAcl->recurrences && 0 < pdAcl->prdRecrLen)
+                {
+                    validity->recurrenceLen = pdAcl->prdRecrLen;
+                    validity->recurrences = (char**)OICMalloc(sizeof(char*) * pdAcl->prdRecrLen);
+                    VERIFY_NON_NULL(TAG, (validity->recurrences), ERROR);
+
+                    for(size_t i = 0; i < pdAcl->prdRecrLen; i++)
+                    {
+                        size_t recurrenceLen = strlen(pdAcl->recurrences[i]) + 1;
+                        validity->recurrences[i] = (char*)OICMalloc(recurrenceLen  * sizeof(char));
+                        VERIFY_NON_NULL(TAG, (validity->recurrences[i]), ERROR);
+
+                        OICStrcpy(validity->recurrences[i], recurrenceLen, pdAcl->recurrences[i]);
+                    }
+                }
+
+                LL_APPEND(ace->validities, validity);
+            }
  
              size_t size = 0;
              uint8_t *payload = NULL;
-            if (OC_STACK_OK == AclToCBORPayload(&acl, &payload, &size))
+            if (OC_STACK_OK == AclToCBORPayload(acl, &payload, &size))
              {
                  InstallNewACL(payload, size);
                  OICFree(payload);
              }
+            DeleteACLList(acl);
          }
  
          //update pconf device list
diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c

index ee991fe..04451b0 100644 (file)
--- a/resource/csdk/security/src/policyengine.c
+++ b/resource/csdk/security/src/policyengine.c
@@ -19,6 +19,7 @@
  //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  #include <string.h>
  
+#include "utlist.h"
  #include "oic_malloc.h"
  #include "policyengine.h"
  #include "amsmgr.h"
@@ -308,28 +309,32 @@ static void CopyParamsToContext(PEContext_t     *context,
   * @return true if access is within valid time period or if the period or recurrence is not present.
   * false if period and recurrence present and the access is not within valid time period.
   */
-static bool IsAccessWithinValidTime(const OicSecAcl_t *acl)
+static bool IsAccessWithinValidTime(const OicSecAce_t *ace)
  {
  #ifndef WITH_ARDUINO //Period & Recurrence not supported on Arduino due
-                     //lack of absolute time
-    if (NULL== acl || NULL == acl->periods || 0 == acl->prdRecrLen)
+    //lack of absolute time
+    if (NULL== ace || NULL == ace->validities)
      {
          return true;
      }
  
      //periods & recurrences rules are paired.
-    if (NULL == acl->recurrences)
+    if (NULL == ace->validities->recurrences)
      {
          return false;
      }
  
-    for (size_t i = 0; i < acl->prdRecrLen; i++)
+    OicSecValidity_t* validity =  NULL;
+    LL_FOREACH(ace->validities, validity)
      {
-        if (IOTVTICAL_VALID_ACCESS ==  IsRequestWithinValidTime(acl->periods[i],
-            acl->recurrences[i]))
+        for(size_t i = 0; i < validity->recurrenceLen; i++)
          {
-            OIC_LOG(INFO, TAG, "Access request is in allowed time period");
-            return true;
+            if (IOTVTICAL_VALID_ACCESS ==  IsRequestWithinValidTime(validity->period,
+                validity->recurrences[i]))
+            {
+                OIC_LOG(INFO, TAG, "Access request is in allowed time period");
+                return true;
+            }
          }
      }
      OIC_LOG(ERROR, TAG, "Access request is in invalid time period");
@@ -341,24 +346,25 @@ static bool IsAccessWithinValidTime(const OicSecAcl_t *acl)
  }
  
  /**
- * Check whether 'resource' is in the passed ACL.
+ * Check whether 'resource' is in the passed ACE.
   *
   * @param resource is the resource being searched.
- * @param acl is the ACL to check.
+ * @param ace is the ACE to check.
   *
   * @return true if 'resource' found, otherwise false.
   */
- static bool IsResourceInAcl(const char *resource, const OicSecAcl_t *acl)
+ static bool IsResourceInAce(const char *resource, const OicSecAce_t *ace)
  {
-    if (NULL== acl || NULL == resource)
+    if (NULL== ace || NULL == resource)
      {
          return false;
      }
  
-     for (size_t n = 0; n < acl->resourcesLen; n++)
-     {
-         if (0 == strcmp(resource, acl->resources[n]) || // TODO null terms?
-             0 == strcmp(WILDCARD_RESOURCE_URI, acl->resources[n]))
+    OicSecRsrc_t* rsrc = NULL;
+    LL_FOREACH(ace->resources, rsrc)
+    {
+         if (0 == strcmp(resource, rsrc->href) || // TODO null terms?
+             0 == strcmp(WILDCARD_RESOURCE_URI, rsrc->href))
           {
               return true;
           }
@@ -381,8 +387,8 @@ static void ProcessAccessRequest(PEContext_t *context)
      OIC_LOG(DEBUG, TAG, "Entering ProcessAccessRequest()");
      if (NULL != context)
      {
-        const OicSecAcl_t *currentAcl = NULL;
-        OicSecAcl_t *savePtr = NULL;
+        const OicSecAce_t *currentAce = NULL;
+        OicSecAce_t *savePtr = NULL;
  
          // Start out assuming subject not found.
          context->retVal = ACCESS_DENIED_SUBJECT_NOT_FOUND;
@@ -391,28 +397,28 @@ static void ProcessAccessRequest(PEContext_t *context)
          // ACL for this request.
          do
          {
-            OIC_LOG_V(DEBUG, TAG, "%s: getting ACL..." ,__func__);
-            currentAcl = GetACLResourceData(&context->subject, &savePtr);
+            OIC_LOG_V(DEBUG, TAG, "%s: getting ACE..." ,__func__);
+            currentAce = GetACLResourceData(&context->subject, &savePtr);
  
-            if (NULL != currentAcl)
+            if (NULL != currentAce)
              {
                  // Found the subject, so how about resource?
-                OIC_LOG_V(DEBUG, TAG, "%s:found ACL matching subject" ,__func__);
+                OIC_LOG_V(DEBUG, TAG, "%s:found ACE matching subject" ,__func__);
  
                  // Subject was found, so err changes to Rsrc not found for now.
                  context->retVal = ACCESS_DENIED_RESOURCE_NOT_FOUND;
                  OIC_LOG_V(DEBUG, TAG, "%s:Searching for resource..." ,__func__);
-                if (IsResourceInAcl(context->resource, currentAcl))
+                if (IsResourceInAce(context->resource, currentAce))
                  {
-                    OIC_LOG_V(INFO, TAG, "%s:found matching resource in ACL" ,__func__);
+                    OIC_LOG_V(INFO, TAG, "%s:found matching resource in ACE" ,__func__);
                      context->matchingAclFound = true;
  
                      // Found the resource, so it's down to valid period & permission.
                      context->retVal = ACCESS_DENIED_INVALID_PERIOD;
-                    if (IsAccessWithinValidTime(currentAcl))
+                    if (IsAccessWithinValidTime(currentAce))
                      {
                          context->retVal = ACCESS_DENIED_INSUFFICIENT_PERMISSION;
-                        if (IsPermissionAllowingRequest(currentAcl->permission, context->permission))
+                        if (IsPermissionAllowingRequest(currentAce->permission, context->permission))
                          {
                              context->retVal = ACCESS_GRANTED;
                          }
@@ -423,7 +429,7 @@ static void ProcessAccessRequest(PEContext_t *context)
              {
                  OIC_LOG_V(INFO, TAG, "%s:no ACL found matching subject for resource %s",__func__, context->resource);
              }
-        } while ((NULL != currentAcl) && (false == context->matchingAclFound));
+        } while ((NULL != currentAce) && (false == context->matchingAclFound));
  
          if (IsAccessGranted(context->retVal))
          {
diff --git a/resource/csdk/security/src/srmresourcestrings.c b/resource/csdk/security/src/srmresourcestrings.c

index 2b435c8..3d334d2 100644 (file)
--- a/resource/csdk/security/src/srmresourcestrings.c
+++ b/resource/csdk/security/src/srmresourcestrings.c
@@ -20,6 +20,7 @@
  
  #include <stdlib.h>
  #include "securevirtualresourcetypes.h"
+#include "octypes.h"
  
  const char * SVR_DB_FILE_NAME = "oic_svr_db.json";
  const char * SVR_DB_DAT_FILE_NAME = "oic_svr_db.dat";
@@ -114,6 +115,7 @@ const char * OIC_JSON_PRIVDATA_NAME = "privdata";
  const char * OIC_JSON_OPTDATA_NAME = "optdata";
  const char * OIC_JSON_SERVICE_DEVICE_ID = "svcdid";
  const char * OIC_JSON_SERVICE_TYPE = "svct";
+const char* OIC_JSON_VALIDITY_NAME = "validity";
  const char * OIC_JSON_PERIOD_NAME = "period";
  const char * OIC_JSON_PERIODS_NAME = "prds";
  const char * OIC_JSON_CRMS_NAME = "crms";
@@ -129,10 +131,10 @@ const char * OIC_JSON_PRM_NAME = "prm";
  const char * OIC_JSON_SPM_NAME = "spm";
  const char * OIC_JSON_PDEVICE_ID_NAME = "pdeviceuuid";
  const char * OIC_JSON_RLIST_NAME = "rlist";
-const char * OIC_JSON_HREF_NAME = "href";
-const char * OIC_JSON_REL_NAME = "rel";
-const char * OIC_JSON_RT_NAME = "rt";
-const char * OIC_JSON_IF_NAME = "if";
+const char * OIC_JSON_HREF_NAME = OC_RSRVD_HREF;
+const char * OIC_JSON_REL_NAME = OC_RSRVD_REL;
+const char * OIC_JSON_RT_NAME = OC_RSRVD_RESOURCE_TYPE;
+const char * OIC_JSON_IF_NAME = OC_RSRVD_INTERFACE;
  const char * OIC_JSON_ROWNERID_NAME = "rowneruuid";
  const char * OIC_JSON_ENCODING_NAME = "encoding";
  const char * OIC_JSON_DATA_NAME = "data";
diff --git a/resource/csdk/security/tool/json2cbor.c b/resource/csdk/security/tool/json2cbor.c

index f0c4a96..0f41aab 100644 (file)
--- a/resource/csdk/security/tool/json2cbor.c
+++ b/resource/csdk/security/tool/json2cbor.c
@@ -20,6 +20,7 @@
  
  #include <stdlib.h>
  #include <string.h>
+#include "utlist.h"
  #include "cJSON.h"
  #include "base64.h"
  #include "cainterface.h"
@@ -343,23 +344,9 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr)
              cJSON *jsonAcl = cJSON_GetArrayItem(jsonAclArray, idx);
              VERIFY_NON_NULL(TAG, jsonAcl, ERROR);
  
-            OicSecAcl_t *acl = NULL;
-            if(idx == 0)
-            {
-                acl = headAcl;
-            }
-            else
-            {
-                acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
-                OicSecAcl_t *temp = headAcl;
-                while (temp->next)
-                {
-                    temp = temp->next;
-                }
-                temp->next = acl;
-            }
-
-            VERIFY_NON_NULL(TAG, acl, ERROR);
+            OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+            VERIFY_NON_NULL(TAG, ace, ERROR);
+            LL_APPEND(headAcl->aces, ace);
  
              size_t jsonObjLen = 0;
              cJSON *jsonObj = NULL;
@@ -368,11 +355,11 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr)
              VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR);
              if(strcmp(jsonObj->valuestring, WILDCARD_RESOURCE_URI) == 0)
              {
-                acl->subject.id[0] = '*';
+                ace->subjectuuid.id[0] = '*';
              }
              else
              {
-                ret = ConvertStrToUuid(jsonObj->valuestring, &acl->subject);
+                ret = ConvertStrToUuid(jsonObj->valuestring, &ace->subjectuuid);
                  VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
              }
              // Resources -- Mandatory
@@ -380,87 +367,134 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr)
              VERIFY_NON_NULL(TAG, jsonObj, ERROR);
              VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR);
  
-            acl->resourcesLen = (size_t)cJSON_GetArraySize(jsonObj);
-
-            VERIFY_SUCCESS(TAG, acl->resourcesLen > 0, ERROR);
-            acl->resources = (char**)OICCalloc(acl->resourcesLen, sizeof(char*));
-            VERIFY_NON_NULL(TAG, (acl->resources), ERROR);
+            size_t resourcesLen = (size_t)cJSON_GetArraySize(jsonObj);
+            VERIFY_SUCCESS(TAG, resourcesLen > 0, ERROR);
  
-            size_t idxx = 0;
-            do
+            for(size_t idxx = 0; idxx < resourcesLen; idxx++)
              {
+                OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+                VERIFY_NON_NULL(TAG, rsrc, ERROR);
+
                  cJSON *jsonRsrc = cJSON_GetArrayItem(jsonObj, idxx);
                  VERIFY_NON_NULL(TAG, jsonRsrc, ERROR);
  
+                //href
                  size_t jsonRsrcObjLen = 0;
                  cJSON *jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_HREF_NAME);
                  VERIFY_NON_NULL(TAG, jsonRsrcObj, ERROR);
                  VERIFY_SUCCESS(TAG, cJSON_String == jsonRsrcObj->type, ERROR);
  
                  jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1;
-                acl->resources[idxx] = (char*)OICMalloc(jsonRsrcObjLen);
+                rsrc->href = (char*)OICMalloc(jsonRsrcObjLen);
+                VERIFY_NON_NULL(TAG, (rsrc->href), ERROR);
+                OICStrcpy(rsrc->href, jsonRsrcObjLen, jsonRsrcObj->valuestring);
+
+                //rel
+                jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_REL_NAME);
+                if(jsonRsrcObj)
+                {
+                    jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1;
+                    rsrc->rel = (char*)OICMalloc(jsonRsrcObjLen);
+                    VERIFY_NON_NULL(TAG, (rsrc->rel), ERROR);
+                    OICStrcpy(rsrc->rel, jsonRsrcObjLen, jsonRsrcObj->valuestring);
+                }
  
-                VERIFY_NON_NULL(TAG, (acl->resources[idxx]), ERROR);
-                OICStrcpy(acl->resources[idxx], jsonRsrcObjLen, jsonRsrcObj->valuestring);
+                //rt
+                jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_RT_NAME);
+                if(jsonRsrcObj && cJSON_Array == jsonRsrcObj->type)
+                {
+                    rsrc->typeLen = (size_t)cJSON_GetArraySize(jsonRsrcObj);
+                    VERIFY_SUCCESS(TAG, (0 < rsrc->typeLen), ERROR);
+                    rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*));
+                    VERIFY_NON_NULL(TAG, (rsrc->types), ERROR);
+                    for(size_t i = 0; i < rsrc->typeLen; i++)
+                    {
+                        cJSON *jsonRsrcType = cJSON_GetArrayItem(jsonRsrcObj, i);
+                        rsrc->types[i] = OICStrdup(jsonRsrcType->valuestring);
+                        VERIFY_NON_NULL(TAG, (rsrc->types[i]), ERROR);
+                    }
+                }
+
+                //if
+                jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_IF_NAME);
+                if(jsonRsrcObj && cJSON_Array == jsonRsrcObj->type)
+                {
+                    rsrc->interfaceLen = (size_t)cJSON_GetArraySize(jsonRsrcObj);
+                    VERIFY_SUCCESS(TAG, (0 < rsrc->interfaceLen), ERROR);
+                    rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*));
+                    VERIFY_NON_NULL(TAG, (rsrc->interfaces), ERROR);
+                    for(size_t i = 0; i < rsrc->interfaceLen; i++)
+                    {
+                        cJSON *jsonInterface = cJSON_GetArrayItem(jsonRsrcObj, i);
+                        rsrc->interfaces[i] = OICStrdup(jsonInterface->valuestring);
+                        VERIFY_NON_NULL(TAG, (rsrc->interfaces[i]), ERROR);
+                    }
+                }
  
-            } while ( ++idxx < acl->resourcesLen);
+                LL_APPEND(ace->resources, rsrc);
+            }
  
              // Permissions -- Mandatory
              jsonObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERMISSION_NAME);
              VERIFY_NON_NULL(TAG, jsonObj, ERROR);
              VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR);
-            acl->permission = jsonObj->valueint;
-            //Period -- Not Mandatory
-            cJSON *jsonPeriodObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERIOD_NAME);
-            if(jsonPeriodObj)
+            ace->permission = jsonObj->valueint;
+
+            //Validity -- Not Mandatory
+            cJSON *jsonValidityObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_VALIDITY_NAME);
+            if(jsonValidityObj)
              {
-                VERIFY_SUCCESS(TAG, cJSON_Array == jsonPeriodObj->type, ERROR);
-                acl->prdRecrLen = (size_t)cJSON_GetArraySize(jsonPeriodObj);
-                if(acl->prdRecrLen > 0)
+                VERIFY_SUCCESS(TAG, cJSON_Array == jsonValidityObj->type, ERROR);
+                size_t validityLen = cJSON_GetArraySize(jsonValidityObj);
+                VERIFY_SUCCESS(TAG, (0 < validityLen), ERROR);
+
+                cJSON *jsonValidity = NULL;
+                for(size_t i = 0; i < validityLen; i++)
                  {
-                    acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
-                    VERIFY_NON_NULL(TAG, acl->periods, ERROR);
+                    jsonValidity = cJSON_GetArrayItem(jsonValidityObj, i);
+                    VERIFY_NON_NULL(TAG, jsonValidity, ERROR);
+                    VERIFY_SUCCESS(TAG, (jsonValidity->type == cJSON_Array), ERROR);
+
+                    OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+                    VERIFY_NON_NULL(TAG, validity, ERROR);
+                    LL_APPEND(ace->validities, validity);
  
-                    cJSON *jsonPeriod = NULL;
-                    for(size_t i = 0; i < acl->prdRecrLen; i++)
+                    //Period
+                    cJSON* jsonPeriod = cJSON_GetArrayItem(jsonValidity, 0);
+                    if(jsonPeriod)
                      {
-                        jsonPeriod = cJSON_GetArrayItem(jsonPeriodObj, i);
-                        VERIFY_NON_NULL(TAG, jsonPeriod, ERROR);
+                        VERIFY_SUCCESS(TAG, (cJSON_String == jsonPeriod->type), ERROR);
  
                          jsonObjLen = strlen(jsonPeriod->valuestring) + 1;
-                        acl->periods[i] = (char*)OICMalloc(jsonObjLen);
-                        VERIFY_NON_NULL(TAG, acl->periods[i], ERROR);
-                        OICStrcpy(acl->periods[i], jsonObjLen, jsonPeriod->valuestring);
+                        validity->period = (char*)OICMalloc(jsonObjLen);
+                        VERIFY_NON_NULL(TAG, validity->period, ERROR);
+                        OICStrcpy(validity->period, jsonObjLen, jsonPeriod->valuestring);
                      }
-                }
-            }
-            //Recurrence -- Not mandatory
-            cJSON *jsonRecurObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_RECURRENCES_NAME);
-            if(jsonRecurObj)
-            {
-
-                VERIFY_SUCCESS(TAG, cJSON_Array == jsonRecurObj->type, ERROR);
  
-                if(acl->prdRecrLen > 0)
-                {
-                    acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*));
-                    VERIFY_NON_NULL(TAG, acl->recurrences, ERROR);
-
-                    cJSON *jsonRecur = NULL;
-                    for(size_t i = 0; i < acl->prdRecrLen; i++)
+                    //Recurrence
+                    cJSON* jsonRecurObj = cJSON_GetArrayItem(jsonValidity, 1);
+                    if(jsonRecurObj)
                      {
-                        jsonRecur = cJSON_GetArrayItem(jsonRecurObj, i);
-                        VERIFY_NON_NULL(TAG, jsonRecur, ERROR);
-                        jsonObjLen = strlen(jsonRecur->valuestring) + 1;
-                        acl->recurrences[i] = (char*)OICMalloc(jsonObjLen);
-                        VERIFY_NON_NULL(TAG, acl->recurrences[i], ERROR);
-                        OICStrcpy(acl->recurrences[i], jsonObjLen, jsonRecur->valuestring);
+                        VERIFY_SUCCESS(TAG, (cJSON_Array == jsonRecurObj->type), ERROR);
+                        validity->recurrenceLen = cJSON_GetArraySize(jsonRecurObj);
+                        VERIFY_SUCCESS(TAG, (0 < validity->recurrenceLen), ERROR);
+
+                        validity->recurrences = (char**)OICCalloc(validity->recurrenceLen, sizeof(char*));
+                        VERIFY_NON_NULL(TAG, validity->recurrences, ERROR);
+
+                        cJSON *jsonRecur = NULL;
+                        for(size_t i = 0; i < validity->recurrenceLen; i++)
+                        {
+                            jsonRecur = cJSON_GetArrayItem(jsonRecurObj, i);
+                            VERIFY_NON_NULL(TAG, jsonRecur, ERROR);
+                            jsonObjLen = strlen(jsonRecur->valuestring) + 1;
+                            validity->recurrences[i] = (char*)OICMalloc(jsonObjLen);
+                            VERIFY_NON_NULL(TAG, validity->recurrences[i], ERROR);
+                            OICStrcpy(validity->recurrences[i], jsonObjLen, jsonRecur->valuestring);
+                        }
                      }
                  }
              }
-
-            acl->next = NULL;
-
          } while( ++idx < numAcl);
      }
  
@@ -734,7 +768,6 @@ OicSecCred_t * JSONToCredBin(const char * jsonStr)
          int numCred = cJSON_GetArraySize(jsonCredArray);
          VERIFY_SUCCESS(TAG, numCred > 0, ERROR);
          int idx = 0;
-        size_t ownersLen = 0;
          do
          {
              cJSON *jsonCred = cJSON_GetArrayItem(jsonCredArray, idx);
@@ -792,6 +825,24 @@ OicSecCred_t * JSONToCredBin(const char * jsonStr)
                  VERIFY_NON_NULL(TAG, (cred->privateData.data), ERROR);
                  memcpy(cred->privateData.data, jsonPriv->valuestring, jsonObjLen);
                  cred->privateData.len = jsonObjLen;
+
+                cJSON *jsonEncoding = cJSON_GetObjectItem(jsonObj, OIC_JSON_ENCODING_NAME);
+                VERIFY_NON_NULL(TAG, jsonEncoding, ERROR);
+
+                if(strcmp(OIC_SEC_ENCODING_RAW, jsonEncoding->valuestring) == 0)
+                {
+                    cred->privateData.encoding = OIC_ENCODING_RAW;
+                }
+                else if(strcmp(OIC_SEC_ENCODING_BASE64, jsonEncoding->valuestring) == 0)
+                {
+                    cred->privateData.encoding = OIC_ENCODING_BASE64;
+                }
+                else
+                {
+                    printf("Unknow encoding type dectected!\n");
+                    printf("json2cbor will use \"oic.sec.encoding.raw\" as default encoding type.\n");
+                    cred->privateData.encoding = OIC_ENCODING_RAW;
+                }
              }
  #ifdef __WITH_X509__
              //PublicData is mandatory only for SIGNED_ASYMMETRIC_KEY credentials type.
diff --git a/resource/csdk/security/unittest/aclresourcetest.cpp b/resource/csdk/security/unittest/aclresourcetest.cpp

index eefeaf8..dbf4cb8 100644 (file)
--- a/resource/csdk/security/unittest/aclresourcetest.cpp
+++ b/resource/csdk/security/unittest/aclresourcetest.cpp
@@ -19,6 +19,7 @@
  //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
  
  #include "gtest/gtest.h"
+#include "utlist.h"
  #include <sys/stat.h>
  #include "ocstack.h"
  #include "psinterface.h"
@@ -49,42 +50,111 @@ const char* ACL1_FILE_NAME = "oic_unittest_acl1.dat";
  
  #define NUM_ACE_FOR_WILDCARD_IN_ACL1_DAT (1)
  
-TEST(ACLResourceTest, CBORDefaultACLConversion)
+static bool AddResourceToACE(OicSecAce_t* ace, const char* rsrcName,
+                             const char* typeName, const char* interfaceName)
  {
-    OicSecAcl_t *defaultAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
-    ASSERT_TRUE(defaultAcl != NULL);
-    uint8_t defaultAclSub[] = { 0x2a };
-    memcpy(defaultAcl->subject.id, defaultAclSub, sizeof(defaultAclSub));
-    defaultAcl->permission = 2;
-    const char *defaulAclRsrc[] = { "/oic/res", "/oic/d", "/oic/p", "/oic/res/types/d",
-            "/oic/ad", "/oic/sec/acl", "/oic/sec/doxm", "/oic/sec/pstat"};
-    defaultAcl->resourcesLen = 8;
-    defaultAcl->resources = (char **)OICCalloc(defaultAcl->resourcesLen, sizeof(char *));
-    ASSERT_TRUE(defaultAcl->resources != NULL);
-    for (size_t i = 0 ; i < defaultAcl->resourcesLen; i++)
+    OicSecRsrc_t* rsrc = NULL;
+
+    VERIFY_NON_NULL(TAG, ace, ERROR);
+    VERIFY_NON_NULL(TAG, rsrcName, ERROR);
+    VERIFY_NON_NULL(TAG, interfaceName, ERROR);
+    VERIFY_NON_NULL(TAG, typeName, ERROR);
+
+    rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+    VERIFY_NON_NULL(TAG, rsrc, ERROR);
+    rsrc->href = OICStrdup(rsrcName);
+    VERIFY_NON_NULL(TAG, rsrc->href, ERROR);
+
+    rsrc->typeLen = 1;
+    rsrc->types = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, rsrc->types, ERROR);
+    rsrc->types[0] = OICStrdup(typeName);
+    VERIFY_NON_NULL(TAG, rsrc->types[0], ERROR);
+
+    rsrc->interfaceLen = 1;
+    rsrc->interfaces = (char**)OICCalloc(1, sizeof(char*));
+    VERIFY_NON_NULL(TAG, rsrc->interfaces, ERROR);
+    rsrc->interfaces[0] = OICStrdup(interfaceName);
+    VERIFY_NON_NULL(TAG, rsrc->interfaces[0], ERROR);
+
+    LL_APPEND(ace->resources, rsrc);
+    return true;
+exit:
+    if(rsrc)
+    {
+        if(rsrc->href)
+        {
+            OICFree(rsrc->href);
+            OICFree(rsrc->types[0]);
+            OICFree(rsrc->types);
+            OICFree(rsrc->interfaces[0]);
+            OICFree(rsrc->interfaces);
+        }
+        OICFree(rsrc);
+    }
+    return false;
+}
+
+static int GetNumberOfResource(const OicSecAce_t* ace)
+{
+    int ret = 0;
+    OicSecRsrc_t* rsrc = NULL;
+    LL_FOREACH(ace->resources, rsrc)
      {
-        defaultAcl->resources[i] = OICStrdup(defaulAclRsrc[i]);
-        ASSERT_TRUE(defaultAcl->resources[i] != NULL);
+        ret++;
      }
+
+    return ret;
+}
+
+TEST(ACLResourceTest, CBORDefaultACLConversion)
+{
+    uint8_t defaultAclSub[] = { 0x2a };
      uint8_t defaultAclOwnrs[] = {0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32,
          0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32};
+
+    OicSecAcl_t *defaultAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
+    ASSERT_TRUE(NULL != defaultAcl);
+    OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    ASSERT_TRUE(NULL != ace);
+    ace->permission = 2;
+    memcpy(ace->subjectuuid.id, defaultAclSub, sizeof(defaultAclSub));
+    LL_APPEND(defaultAcl->aces, ace);
+
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res", "oic.wk.res", "oic.if.ll"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/d", "oic.wk.d", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/p", "oic.wk.p", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res/types/d", "oic.wk.unknow", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/ad", "oic.wk.ad", "oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/acl", "oic.r.acl", "oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/doxm", "oic.r.doxm" ,"oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/pstat", "oic.r.pstat" ,"oic.if.baseline"));
+
      memcpy(defaultAcl->rownerID.id, defaultAclOwnrs, sizeof(defaultAclOwnrs));
  
      size_t defaultAclSize = 0;
      uint8_t *defaultPsStorage = NULL;
      OCStackResult convRet = AclToCBORPayload(defaultAcl, &defaultPsStorage, &defaultAclSize);
      EXPECT_EQ(OC_STACK_OK, convRet);
-    ASSERT_TRUE(defaultPsStorage != NULL);
+    ASSERT_TRUE(NULL != defaultPsStorage);
      EXPECT_NE(0, defaultAclSize);
  
      OicSecAcl_t* convertedAcl = CBORPayloadToAcl(defaultPsStorage, defaultAclSize);
-    ASSERT_TRUE(convertedAcl != NULL);
+    ASSERT_TRUE(NULL != convertedAcl);
  
-    EXPECT_EQ(defaultAcl->resourcesLen, convertedAcl->resourcesLen);
-    for(size_t i = 0; i < convertedAcl->resourcesLen; i++)
+    size_t rsrcCnt1 = 0;
+    size_t rsrcCnt2 = 0;
+    OicSecAce_t* tempAce = NULL;
+    LL_FOREACH(defaultAcl->aces, tempAce)
+    {
+        rsrcCnt1 += GetNumberOfResource(tempAce);
+    }
+    tempAce = NULL;
+    LL_FOREACH(convertedAcl->aces, tempAce)
      {
-        EXPECT_EQ(0, strcmp(defaultAcl->resources[i], convertedAcl->resources[i]));
+        rsrcCnt2 += GetNumberOfResource(tempAce);
      }
+    EXPECT_EQ(rsrcCnt1, rsrcCnt2);
  
      DeleteACLList(convertedAcl);
      DeleteACLList(defaultAcl);
@@ -93,79 +163,47 @@ TEST(ACLResourceTest, CBORDefaultACLConversion)
  
  TEST(ACLResourceTest, CBORACLConversion)
  {
+    uint8_t ownrs[] = {0x32, 0x32, 0x32, 0x32,
+                       0x32, 0x32, 0x32, 0x32,
+                       0x32, 0x32, 0x32, 0x32,
+                       0x32, 0x32, 0x32, 0x32};
+    const char* subjectUuid[3] = {"0000000000000000",
+                                  "1111111111111111",
+                                  "2222222222222222"};
+    const uint16_t permission[3] = {2, 6, 31};
+    const size_t numOfRsrc[3] = {6, 2, 2};
+
      OicSecAcl_t *secAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
      ASSERT_TRUE(secAcl != NULL);
-    uint8_t subjectBytes[] = { 0x2a };
-    memcpy(secAcl->subject.id, subjectBytes, sizeof(subjectBytes));
-    secAcl->permission = 2;
-    const char *rsrc[] = { "/oic/res", "/oic/d", "/oic/p", "/oic/res/types/d",
-                           "/oic/ad", "/oic/sec/acl"};
-    secAcl->resourcesLen = 6;
-    secAcl->resources = (char **)OICCalloc(secAcl->resourcesLen, sizeof(char *));
-    ASSERT_TRUE(secAcl->resources != NULL);
-    for (size_t i = 0 ; i < secAcl->resourcesLen; i++)
-    {
-        secAcl->resources[i] = OICStrdup(rsrc[i]);
-        ASSERT_TRUE(secAcl->resources[i] != NULL);
-
-    }
-
-    uint8_t ownrs[] = {0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32, 0x32,
-        0x32, 0x32, 0x32, 0x32, 0x32, 0x32};
      memcpy(secAcl->rownerID.id, ownrs, sizeof(ownrs));
  
-    OicSecAcl_t *secAcl1 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
-    ASSERT_TRUE(secAcl1 != NULL);
-    memcpy(secAcl1->subject.id, subjectBytes, sizeof(subjectBytes));
-    secAcl1->permission = 6;
-    const char *rsrc1[] = { "/oic/sec/doxm", "/oic/sec/pstat"};
-    secAcl1->resourcesLen = 2;
-    secAcl1->resources = (char **)OICCalloc(secAcl1->resourcesLen, sizeof(char *));
-    ASSERT_TRUE(secAcl1->resources != NULL);
-    for (size_t i = 0 ; i < secAcl1->resourcesLen; i++)
-    {
-        secAcl1->resources[i] = OICStrdup(rsrc1[i]);
-        ASSERT_TRUE(secAcl1->resources[i] != NULL);
-    }
-    memcpy(secAcl1->rownerID.id, ownrs, sizeof(ownrs));
-    secAcl->next = secAcl1;
-
-    OicSecAcl_t *secAcl2 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
-    ASSERT_TRUE(secAcl2 != NULL);
-    uint8_t subjectBytes1[] = {0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31,
-        0x31, 0x31, 0x31, 0x31, 0x31, 0x31, 0x31};
-    memcpy(secAcl2->subject.id, subjectBytes1, sizeof(subjectBytes1));
-    secAcl2->permission = 255;
-    const char *rsrc2[] = {"/oic/light", "/oic/fan" };
-    secAcl2->resourcesLen = 2;
-    secAcl2->resources = (char **)OICCalloc(secAcl2->resourcesLen, sizeof(char *));
-    ASSERT_TRUE(secAcl2->resources != NULL);
-    for (size_t i = 0 ; i < secAcl2->resourcesLen; i++)
-    {
-        secAcl2->resources[i] = OICStrdup(rsrc2[i]);
-        ASSERT_TRUE(secAcl2->resources[i] != NULL);
-    }
-    memcpy(secAcl2->rownerID.id, ownrs, sizeof(ownrs));
-    secAcl1->next = secAcl2;
-
-    OicSecAcl_t *secAcl3 = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));
-    ASSERT_TRUE(secAcl3 != NULL);
-    uint8_t subjectBytes2[] = {0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33,
-                               0x33, 0x33, 0x33, 0x33, 0x33, 0x33, 0x33};
-    memcpy(secAcl3->subject.id, subjectBytes2, sizeof(subjectBytes2));
-    secAcl3->permission = 255;
-    const char *rsrc3[] = {"/oic/light", "/oic/garage" };
-    secAcl3->resourcesLen = 2;
-    secAcl3->resources = (char **)OICCalloc(secAcl3->resourcesLen, sizeof(char *));
-    ASSERT_TRUE(secAcl3->resources != NULL);
-    for (size_t i = 0 ; i < secAcl3->resourcesLen; i++)
-    {
-        secAcl3->resources[i] = OICStrdup(rsrc3[i]);
-        ASSERT_TRUE(secAcl3->resources[i] != NULL);
-    }
-    memcpy(secAcl3->rownerID.id, ownrs, sizeof(ownrs));
-    secAcl2->next = secAcl3;
-    secAcl3->next = NULL;
+    OicSecAce_t *ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    ASSERT_TRUE(NULL != ace);
+    ace->permission = permission[0];
+    memcpy(ace->subjectuuid.id, subjectUuid[0], strlen(subjectUuid[0]));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res", "oic.wk.res", "oic.if.ll"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/d", "oic.wk.d", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/p", "oic.wk.p", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/res/types/d", "oic.wk.unknow", "oic.if.r"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/ad", "oic.wk.ad", "oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/oic/sec/acl", "oic.r.acl", "oic.if.baseline"));
+    LL_APPEND(secAcl->aces, ace);
+
+    OicSecAce_t *ace1 = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    ASSERT_TRUE(NULL != ace1);
+    ace1->permission = permission[1];
+    memcpy(ace1->subjectuuid.id, subjectUuid[1], strlen(subjectUuid[1]));
+    EXPECT_EQ(true, AddResourceToACE(ace1, "/oic/sec/doxm", "oic.r.doxm" ,"oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace1, "/oic/sec/pstat", "oic.r.pstat" ,"oic.if.baseline"));
+    LL_APPEND(secAcl->aces, ace1);
+
+    OicSecAce_t *ace2 = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    ASSERT_TRUE(NULL != ace2);
+    ace2->permission = permission[2];
+    memcpy(ace2->subjectuuid.id, subjectUuid[2], strlen(subjectUuid[2]));
+    EXPECT_EQ(true, AddResourceToACE(ace2, "/oic/light", "oic.core", "oic.if.baseline"));
+    EXPECT_EQ(true, AddResourceToACE(ace2, "/oic/garage", "oic.core", "oic.if.baseline"));
+    LL_APPEND(secAcl->aces, ace2);
  
      size_t size = 0;
      uint8_t *psStorage = NULL;
@@ -173,12 +211,35 @@ TEST(ACLResourceTest, CBORACLConversion)
      ASSERT_TRUE(NULL != psStorage);
      OicSecAcl_t *acl = CBORPayloadToAcl(psStorage, size);
      ASSERT_TRUE(NULL != acl);
-    EXPECT_EQ(2, acl->permission);
-    EXPECT_EQ(6 , acl->resourcesLen);
-    EXPECT_STREQ("/oic/res", acl->resources[0]);
+
+    size_t numberOfCheckedAce = 0;
+    OicSecAce_t* tempAce = NULL;
+    LL_FOREACH(acl->aces, tempAce)
+    {
+        if(memcmp(tempAce->subjectuuid.id, subjectUuid[0], strlen(subjectUuid[0])) == 0)
+        {
+            EXPECT_EQ(numOfRsrc[0], GetNumberOfResource(tempAce));
+            EXPECT_EQ(permission[0], tempAce->permission);
+            numberOfCheckedAce++;
+        }
+        if(memcmp(tempAce->subjectuuid.id, subjectUuid[1], strlen(subjectUuid[1])) == 0)
+        {
+            EXPECT_EQ(numOfRsrc[1], GetNumberOfResource(tempAce));
+            EXPECT_EQ(permission[1], tempAce->permission);
+            numberOfCheckedAce++;
+        }
+        if(memcmp(tempAce->subjectuuid.id, subjectUuid[2], strlen(subjectUuid[2])) == 0)
+        {
+            EXPECT_EQ(numOfRsrc[2], GetNumberOfResource(tempAce));
+            EXPECT_EQ(permission[2], tempAce->permission);
+            numberOfCheckedAce++;
+        }
+    }
+    EXPECT_EQ(3, numberOfCheckedAce);
+
      DeleteACLList(acl);
-    OICFree(psStorage);
      DeleteACLList(secAcl);
+    OICFree(psStorage);
  }
  
  //InitResource Tests
@@ -195,27 +256,29 @@ TEST(ACLResourceTest, GetDefaultACLTests)
      size_t size = 0;
  
      ASSERT_TRUE(ReadCBORFile(DEFAULT_ACL_FILE_NAME, OIC_JSON_ACL_NAME, &payload, &size));
-    ASSERT_TRUE(payload != NULL);
+    ASSERT_TRUE(NULL != payload);
  
      OicSecAcl_t *psAcl = CBORPayloadToAcl(payload, size);
-    ASSERT_TRUE(psAcl != NULL);
+    ASSERT_TRUE(NULL != psAcl);
  
      OicSecAcl_t *acl = NULL;
      EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&acl));
-    ASSERT_TRUE(acl != NULL);
+    ASSERT_TRUE(NULL != acl);
  
      // Verify if the SRM generated default ACL matches with unit test default
      if (acl && psAcl)
      {
-        EXPECT_TRUE(strcmp((char*)acl->subject.id, (char*)psAcl->subject.id) == 0);
-        EXPECT_EQ(acl->resourcesLen, psAcl->resourcesLen);
-        for (size_t i = 0; i < acl->resourcesLen; i++)
+        OicSecAce_t* tempAce1 = NULL;
+        OicSecAce_t* tempAce2 = NULL;
+
+        for(tempAce1 = acl->aces, tempAce2 = psAcl->aces;
+            tempAce1 && tempAce2; tempAce1 = tempAce1->next,
+            tempAce2 = tempAce2->next)
          {
-            EXPECT_EQ(strlen(acl->resources[i]), strlen(psAcl->resources[i]));
-            EXPECT_TRUE(memcmp(acl->resources[i], psAcl->resources[i],
-                            strlen(acl->resources[i])) == 0);
+            EXPECT_TRUE(memcmp(tempAce1->subjectuuid.id, tempAce2->subjectuuid.id, sizeof(tempAce1->subjectuuid.id)) == 0);
+            EXPECT_EQ(tempAce1->permission, tempAce2->permission);
+            EXPECT_EQ(GetNumberOfResource(tempAce1), GetNumberOfResource(tempAce2));
          }
-        EXPECT_EQ(acl->permission, psAcl->permission);
      }
  
      DeleteACLList(psAcl);
@@ -231,15 +294,20 @@ TEST(ACLResourceTest, ACLPostTest)
      uint8_t *payload = NULL;
      size_t size = 0;
  
+    static OCPersistentStorage ps = OCPersistentStorage();
+    SetPersistentHandler(&ps, true);
+
+    OicSecAcl_t *defaultAcl = NULL;
+    EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+    ASSERT_TRUE(defaultAcl != NULL);
+    EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
      ASSERT_TRUE(ReadCBORFile(ACL1_FILE_NAME, OIC_JSON_ACL_NAME, &payload, &size));
      ASSERT_TRUE(NULL != payload);
  
      OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
      ASSERT_TRUE(NULL != securityPayload);
  
-    static OCPersistentStorage ps = OCPersistentStorage();
-    SetPersistentHandler(&ps, true);
-
      // Create Entity Handler POST request payload
      OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
      ehReq.method = OC_REST_POST;
@@ -251,8 +319,8 @@ TEST(ACLResourceTest, ACLPostTest)
      ASSERT_TRUE(NULL != acl);
  
      // Verify if SRM contains ACL for the subject
-    OicSecAcl_t *savePtr = NULL;
-    const OicSecAcl_t* subjectAcl = GetACLResourceData(&(acl->subject), &savePtr);
+    OicSecAce_t *savePtr = NULL;
+    const OicSecAce_t* subjectAcl = GetACLResourceData(&(acl->aces->subjectuuid), &savePtr);
      ASSERT_TRUE(NULL != subjectAcl);
  
      // Perform cleanup
@@ -289,16 +357,16 @@ TEST(ACLResourceTest, GetACLResourceTests)
      EXPECT_EQ(OC_STACK_OK, SetDefaultACL(acl1));
  
      // Verify that ACL file contains 2 ACE entries for 'WILDCARD' subject
-    const OicSecAcl_t *acl = NULL;
-    OicSecAcl_t *savePtr = NULL;
+    const OicSecAce_t *ace = NULL;
+    OicSecAce_t *savePtr = NULL;
      OicUuid_t subject = WILDCARD_SUBJECT_ID;
      int count = 0;
  
      do
      {
-        acl = GetACLResourceData(&subject, &savePtr);
-        count = (NULL != acl) ? count + 1 : count;
-    } while (acl != NULL);
+        ace = GetACLResourceData(&subject, &savePtr);
+        count = (NULL != ace) ? count + 1 : count;
+    } while (ace != NULL);
  
      EXPECT_EQ(count, NUM_ACE_FOR_WILDCARD_IN_ACL1_DAT);
  
@@ -310,32 +378,40 @@ TEST(ACLResourceTest, GetACLResourceTests)
  
  static OCStackResult  populateAcl(OicSecAcl_t *acl,  int numRsrc)
  {
-     OCStackResult ret = OC_STACK_ERROR;
-    memcpy(acl->subject.id, "2222222222222222", sizeof(acl->subject.id));
-    acl->resourcesLen = (size_t)numRsrc;
-    acl->resources = (char**)OICCalloc(acl->resourcesLen, sizeof(char*));
-    VERIFY_NON_NULL(TAG, acl->resources, ERROR);
-    acl->resources[0] = (char*)OICMalloc(strlen("/a/led")+1);
-    VERIFY_NON_NULL(TAG, acl->resources[0], ERROR);
-    OICStrcpy(acl->resources[0], strlen("/a/led")+1, "/a/led");
-    if(numRsrc == 2)
+    OCStackResult ret = OC_STACK_ERROR;
+    OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    VERIFY_NON_NULL(TAG, ace, ERROR);
+
+    memcpy(ace->subjectuuid.id, "2222222222222222", sizeof(ace->subjectuuid.id));
+    EXPECT_EQ(true, AddResourceToACE(ace, "/a/led", "oic.core", "oic.if.r"));
+    if(2 == numRsrc)
      {
-        acl->resources[1] = (char*)OICMalloc(strlen("/a/fan")+1);
-        VERIFY_NON_NULL(TAG, acl->resources[1], ERROR);
-        OICStrcpy(acl->resources[1], strlen("/a/fan")+1, "/a/fan");
+        EXPECT_EQ(true, AddResourceToACE(ace, "/a/fan", "oic.core", "oic.if.r"));
      }
-    acl->permission = 6;
+    ace->permission = 6;
+    LL_APPEND(acl->aces, ace);
+
      memcpy(acl->rownerID.id, "1111111111111111", sizeof(acl->rownerID.id));
  
      ret = OC_STACK_OK;
+
+    return ret;
  exit:
+    DeleteACLList(acl);
      return ret;
-
  }
  
  //'DELETE' ACL test
  TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
  {
+    static OCPersistentStorage ps = OCPersistentStorage();
+    SetPersistentHandler(&ps, true);
+
+    OicSecAcl_t *defaultAcl = NULL;
+    EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+    ASSERT_TRUE(defaultAcl != NULL);
+    EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
      //Populate ACL
      OicSecAcl_t acl = OicSecAcl_t();
      EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 1));
@@ -350,9 +426,6 @@ TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
      OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
      ASSERT_TRUE(NULL != securityPayload);
  
-    static OCPersistentStorage ps = OCPersistentStorage();
-    SetPersistentHandler(&ps, true);
-
      // Create Entity Handler POST request payload
      OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
      ehReq.payload = (OCPayload *) securityPayload;
@@ -360,9 +433,9 @@ TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
      ACLEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL);
  
      // Verify if SRM contains ACE for the subject
-    OicSecAcl_t* savePtr = NULL;
-    const OicSecAcl_t* subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
-    ASSERT_TRUE(NULL != subjectAcl1);
+    OicSecAce_t* savePtr = NULL;
+    const OicSecAce_t* subjectAce1 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+    ASSERT_TRUE(NULL != subjectAce1);
  
      // Create Entity Handler DELETE request
      ehReq.method = OC_REST_DELETE;
@@ -374,8 +447,8 @@ TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
  
      // Verify if SRM has deleted ACE for the subject
      savePtr = NULL;
-    const OicSecAcl_t* subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
-    ASSERT_TRUE(NULL == subjectAcl2);
+    const OicSecAce_t* subjectAce2 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+    ASSERT_TRUE(NULL == subjectAce2);
  
      // Perform cleanup
      DeInitACLResource();
@@ -386,6 +459,14 @@ TEST(ACLResourceTest, ACLDeleteWithSingleResourceTest)
  
  TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
  {
+    static OCPersistentStorage ps = OCPersistentStorage();
+    SetPersistentHandler(&ps, true);
+
+    OicSecAcl_t *defaultAcl = NULL;
+    EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+    ASSERT_TRUE(defaultAcl != NULL);
+    EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
      //Populate ACL
      OicSecAcl_t acl = OicSecAcl_t();
      EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 2));
@@ -400,9 +481,6 @@ TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
      OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
      ASSERT_TRUE(NULL!= securityPayload);
  
-    static OCPersistentStorage ps = OCPersistentStorage();
-    SetPersistentHandler(&ps, true);
-
      // Create Entity Handler POST request payload
      OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
      ehReq.method = OC_REST_POST;
@@ -410,10 +488,18 @@ TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
      ACLEntityHandler(OC_REQUEST_FLAG, &ehReq, NULL);
  
      // Verify if SRM contains ACE for the subject with two resources
-    OicSecAcl_t* savePtr = NULL;
-    const OicSecAcl_t* subjectAcl1 = GetACLResourceData(&acl.subject, &savePtr);
-    ASSERT_TRUE(NULL != subjectAcl1);
-    EXPECT_EQ(2, subjectAcl1->resourcesLen);
+    OicSecAce_t* savePtr = NULL;
+    const OicSecAce_t* subjectAce1 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+    ASSERT_TRUE(NULL != subjectAce1);
+    EXPECT_EQ(2, GetNumberOfResource(subjectAce1));
+
+    printf("\n\n");
+    OicSecRsrc_t* rsrc = NULL;
+    LL_FOREACH(subjectAce1->resources, rsrc)
+    {
+        printf("%s\n", rsrc->href);
+    }
+    printf("\n\n");
  
      // Create Entity Handler DELETE request
      ehReq.method = OC_REST_DELETE;
@@ -426,9 +512,9 @@ TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
  
      // Verify if SRM contains ACL for the subject but only with one resource
      savePtr = NULL;
-    const OicSecAcl_t* subjectAcl2 = GetACLResourceData(&acl.subject, &savePtr);
-    ASSERT_TRUE(NULL != subjectAcl2);
-    EXPECT_EQ(1, subjectAcl2->resourcesLen);
+    const OicSecAce_t* subjectAce2 = GetACLResourceData(&acl.aces->subjectuuid, &savePtr);
+    ASSERT_TRUE(NULL != subjectAce2);
+    EXPECT_EQ(1, GetNumberOfResource(subjectAce2));
  
      // Perform cleanup
      OCPayloadDestroy((OCPayload *)securityPayload);
@@ -440,6 +526,14 @@ TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest)
  //'GET' with query ACL test
  TEST(ACLResourceTest, ACLGetWithQueryTest)
  {
+    static OCPersistentStorage ps = OCPersistentStorage();
+    SetPersistentHandler(&ps, true);
+
+    OicSecAcl_t *defaultAcl = NULL;
+    EXPECT_EQ(OC_STACK_OK, GetDefaultACL(&defaultAcl));
+    ASSERT_TRUE(defaultAcl != NULL);
+    EXPECT_EQ(OC_STACK_OK, SetDefaultACL(defaultAcl));
+
      //Populate ACL
      OicSecAcl_t acl = OicSecAcl_t();
      EXPECT_EQ(OC_STACK_OK, populateAcl(&acl, 1));
@@ -454,9 +548,6 @@ TEST(ACLResourceTest, ACLGetWithQueryTest)
      OCSecurityPayload *securityPayload = OCSecurityPayloadCreate(payload, size);
      ASSERT_TRUE(NULL != securityPayload);
  
-    static OCPersistentStorage ps = OCPersistentStorage();
-    SetPersistentHandler(&ps, true);
-
      //Create Entity Handler POST request payload
      OCEntityHandlerRequest ehReq = OCEntityHandlerRequest();
      ehReq.method = OC_REST_POST;
diff --git a/resource/csdk/security/unittest/oic_svr_db.dat b/resource/csdk/security/unittest/oic_svr_db.dat

index c048b16..835276f 100644 (file)

Binary files a/resource/csdk/security/unittest/oic_svr_db.dat and b/resource/csdk/security/unittest/oic_svr_db.dat differ
diff --git a/resource/csdk/security/unittest/oic_svr_db.json b/resource/csdk/security/unittest/oic_svr_db.json

index 7c86ab3..f2c04cc 100644 (file)
--- a/resource/csdk/security/unittest/oic_svr_db.json
+++ b/resource/csdk/security/unittest/oic_svr_db.json
@@ -8,32 +8,20 @@
                          {
                              "href": "/oic/res",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.res"],
+                            "if": ["oic.if.ll"]
                          },
                          {
                              "href": "/oic/d",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.d"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          },
                          {
                              "href": "/oic/p",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/res/types/d",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/ad",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.p"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          }
                      ],
                      "permission": 2
@@ -44,20 +32,20 @@
                          {
                              "href": "/oic/sec/doxm",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.doxm"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/pstat",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pstat"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/acl",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.acl"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 6
@@ -68,14 +56,14 @@
                          {
                              "href": "/oic/sec/pconf",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pconf"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/dpairing",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.dpairing"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 6
diff --git a/resource/csdk/security/unittest/oic_unittest.dat b/resource/csdk/security/unittest/oic_unittest.dat

index e022892..4befed0 100644 (file)

Binary files a/resource/csdk/security/unittest/oic_unittest.dat and b/resource/csdk/security/unittest/oic_unittest.dat differ
diff --git a/resource/csdk/security/unittest/oic_unittest.json b/resource/csdk/security/unittest/oic_unittest.json

index 922be86..c435721 100644 (file)
--- a/resource/csdk/security/unittest/oic_unittest.json
+++ b/resource/csdk/security/unittest/oic_unittest.json
@@ -8,17 +8,17 @@
                          {
                              "href": "/oic/light",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/fan",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
-                    "permission": 31        
+                    "permission": 31
                  },
                  {
                      "subjectuuid": "33333333-3333-3333-3333-333333333333",
@@ -26,17 +26,17 @@
                          {
                              "href": "/oic/light",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/garage",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
-                    "permission": 31        
+                    "permission": 31
                  }
              ]
          },
diff --git a/resource/csdk/security/unittest/oic_unittest_acl1.dat b/resource/csdk/security/unittest/oic_unittest_acl1.dat

index 93c8370..9b91532 100644 (file)
--- a/resource/csdk/security/unittest/oic_unittest_acl1.dat
+++ b/resource/csdk/security/unittest/oic_unittest_acl1.dat
@@ -1 +1 @@
-¿caclY\ 2\8b¢faclist¡daces\84£ksubjectuuida*iresources\86¤dhrefh/oic/rescrel`brt`bif`¤dhreff/oic/dcrel`brt`bif`¤dhreff/oic/pcrel`brt`bif`¤dhrefp/oic/res/types/dcrel`brt`bif`¤dhrefg/oic/adcrel`brt`bif`¤dhrefl/oic/sec/aclcrel`brt`bif`jpermission\ 2£ksubjectuuida*iresources\82¤dhrefm/oic/sec/doxmcrel`brt`bif`¤dhrefn/oic/sec/pstatcrel`brt`bif`jpermission\ 6£ksubjectuuidx$31313131-3131-3131-3131-313131313131iresources\82¤dhrefj/oic/lightcrel`brt`bif`¤dhrefh/oic/fancrel`brt`bif`jpermission\18\1f£ksubjectuuidx$33333333-3333-3333-3333-333333333333iresources\82¤dhrefj/oic/lightcrel`brt`bif`¤dhrefk/oic/garagecrel`brt`bif`jpermission\18\1fjrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
-\ No newline at end of file
+¿caclY\ 3 ¢faclist¡daces\84£ksubjectuuida*iresources\83¤dhrefh/oic/resbrt\81joic.wk.resbif\81ioic.if.llcrel`¤dhreff/oic/dbrt\81hoic.wk.dbif\82ooic.if.baselinehoic.if.rcrel`¤dhreff/oic/pbrt\81hoic.wk.pbif\82ooic.if.baselinehoic.if.rcrel`jpermission\ 2£ksubjectuuida*iresources\82¤dhrefm/oic/sec/doxmbrt\81joic.r.doxmbif\81ooic.if.baselinecrel`¤dhrefn/oic/sec/pstatbrt\81koic.r.pstatbif\81ooic.if.baselinecrel`jpermission\ 6£ksubjectuuidx$31313131-3131-3131-3131-313131313131iresources\82¤dhrefj/oic/lightbrt\81hoic.corebif\81ooic.if.baselinecrel`¤dhrefh/oic/fanbrt\81hoic.corebif\81ooic.if.baselinecrel`jpermission\18\1f£ksubjectuuidx$33333333-3333-3333-3333-333333333333iresources\82¤dhrefj/oic/lightbrt\81hoic.corebif\81ooic.if.baselinecrel`¤dhrefk/oic/garagebrt\81hoic.corebif\81ooic.if.baselinecrel`jpermission\18\1fjrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
+\ No newline at end of file
diff --git a/resource/csdk/security/unittest/oic_unittest_acl1.json b/resource/csdk/security/unittest/oic_unittest_acl1.json

index 7dd810f..7dbb78b 100644 (file)
--- a/resource/csdk/security/unittest/oic_unittest_acl1.json
+++ b/resource/csdk/security/unittest/oic_unittest_acl1.json
@@ -8,38 +8,20 @@
                          {
                              "href": "/oic/res",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.res"],
+                            "if": ["oic.if.ll"]
                          },
                          {
                              "href": "/oic/d",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.d"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          },
                          {
                              "href": "/oic/p",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/res/types/d",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/ad",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/sec/acl",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.p"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          }
                      ],
                      "permission": 2
@@ -50,14 +32,14 @@
                          {
                              "href": "/oic/sec/doxm",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.doxm"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/pstat",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pstat"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 6
@@ -68,17 +50,17 @@
                          {
                              "href": "/oic/light",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/fan",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
-                    "permission": 31        
+                    "permission": 31
                  },
                  {
                      "subjectuuid": "33333333-3333-3333-3333-333333333333",
@@ -86,17 +68,17 @@
                          {
                              "href": "/oic/light",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/garage",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.core"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
-                    "permission": 31        
+                    "permission": 31
                  }
              ]
          },
diff --git a/resource/csdk/security/unittest/oic_unittest_default_acl.dat b/resource/csdk/security/unittest/oic_unittest_default_acl.dat

index e9efbb5..064d997 100644 (file)
--- a/resource/csdk/security/unittest/oic_unittest_default_acl.dat
+++ b/resource/csdk/security/unittest/oic_unittest_default_acl.dat
@@ -1 +1 @@
-¿caclY\ 1X¢faclist¡daces\81£ksubjectuuida*iresources\88¤dhrefh/oic/rescrel`brt`bif`¤dhreff/oic/dcrel`brt`bif`¤dhreff/oic/pcrel`brt`bif`¤dhrefp/oic/res/types/dcrel`brt`bif`¤dhrefg/oic/adcrel`brt`bif`¤dhrefl/oic/sec/aclcrel`brt`bif`¤dhrefm/oic/sec/doxmcrel`brt`bif`¤dhrefn/oic/sec/pstatcrel`brt`bif`jpermission\ 2jrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
-\ No newline at end of file
+¿caclY\ 1Ã¢faclist¡daces\81£ksubjectuuida*iresources\86¤dhrefh/oic/resbrt\81joic.wk.resbif\81ioic.if.llcrel`¤dhreff/oic/dbrt\81hoic.wk.dbif\82ooic.if.baselinehoic.if.rcrel`¤dhreff/oic/pbrt\81hoic.wk.pbif\82ooic.if.baselinehoic.if.rcrel`¤dhrefm/oic/sec/doxmbrt\81joic.r.doxmbif\81ooic.if.baselinecrel`¤dhrefn/oic/sec/pstatbrt\81koic.r.pstatbif\81ooic.if.baselinecrel`¤dhrefl/oic/sec/aclbrt\81ioic.r.aclbif\81ooic.if.baselinecrel`jpermission\ 2jrowneruuidx$32323232-3232-3232-3232-323232323232ÿ
+\ No newline at end of file
diff --git a/resource/csdk/security/unittest/oic_unittest_default_acl.json b/resource/csdk/security/unittest/oic_unittest_default_acl.json

index d624da5..df8739a 100644 (file)
--- a/resource/csdk/security/unittest/oic_unittest_default_acl.json
+++ b/resource/csdk/security/unittest/oic_unittest_default_acl.json
@@ -8,50 +8,38 @@
                          {
                              "href": "/oic/res",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.res"],
+                            "if": ["oic.if.ll"]
                          },
                          {
                              "href": "/oic/d",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.d"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          },
                          {
                              "href": "/oic/p",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.wk.p"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
                          },
                          {
-                            "href": "/oic/res/types/d",
+                            "href": "/oic/sec/doxm",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.doxm"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
-                            "href": "/oic/ad",
+                            "href": "/oic/sec/pstat",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.pstat"],
+                            "if": ["oic.if.baseline"]
                          },
                          {
                              "href": "/oic/sec/acl",
                              "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/sec/doxm",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
-                        },
-                        {
-                            "href": "/oic/sec/pstat",
-                            "rel": "",
-                            "rt": "",
-                            "if": ""
+                            "rt": ["oic.r.acl"],
+                            "if": ["oic.if.baseline"]
                          }
                      ],
                      "permission": 2
diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat

index ff0932f..3a2ed71 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat and b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat differ
diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json

index 4d958e9..92f954a 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json
+++ b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json
@@ -8,44 +8,38 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -56,14 +50,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -99,7 +93,7 @@
                  "credtype": 1,\r
                  "privatedata": {\r
                      "data": "BBBBBBBBBBBBBBBB",\r
-                    "encoding": "oic.sec.encoding.raw"\r
+                    "encoding": "oic.encoding.raw"\r
                  }\r
              }\r
          ],\r
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat

index 7dbbb0a..dc4fdee 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat differ
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json

index 4b19514..fd12c93 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json
+++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json
@@ -8,44 +8,38 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -56,14 +50,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat

index 43b7a1c..033b730 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat differ
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json

index d2e33a0..a652898 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json
+++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json
@@ -1,100 +1,82 @@
  {
-    "acl": {\r
-        "aclist": {\r
-            "aces": [\r
-                {\r
-                    "subjectuuid": "*",\r
-                    "resources": [\r
-                        {\r
-                            "href": "/oic/res",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/p",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        }\r
-                    ],\r
-                    "permission": 2\r
-                },\r
-                {\r
-                    "subjectuuid": "*",\r
-                    "resources": [\r
-                        {\r
-                            "href": "/oic/sec/doxm",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/sec/pstat",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/sec/acl",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/sec/cred",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        }\r
-                    ],\r
-                    "permission": 6\r
-                }\r
-            ]\r
-        },\r
-        "rowneruuid" : "64697265-6374-7061-6972-696e67446576"\r
-    },\r
-    "pstat": {\r
-        "isop": false,\r
-        "deviceuuid": "64697265-6374-7061-6972-696e67446576",\r
-        "rowneruuid": "64697265-6374-7061-6972-696e67446576",\r
-        "cm": 2,\r
-        "tm": 0,\r
-        "om": 3,\r
-        "sm": 3\r
-        },\r
-    "doxm": {\r
-        "oxms": [0],\r
-        "oxmsel": 0,\r
-        "sct": 1,\r
-        "owned": false,\r
-        "deviceuuid": "64697265-6374-7061-6972-696e67446576",\r
-        "devowneruuid": "",\r
-        "rowneruuid": "64697265-6374-7061-6972-696e67446576",\r
-        "dpc": false\r
-    }\r
-}\r
+    "acl": {
+        "aclist": {
+            "aces": [
+                {
+                    "subjectuuid": "*",
+                    "resources": [
+                        {
+                            "href": "/oic/res",
+                            "rel": "",
+                            "rt": ["oic.wk.res"],
+                            "if": ["oic.if.ll"]
+                        },
+                        {
+                            "href": "/oic/d",
+                            "rel": "",
+                            "rt": ["oic.wk.d"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
+                        },
+                        {
+                            "href": "/oic/p",
+                            "rel": "",
+                            "rt": ["oic.wk.p"],
+                            "if": ["oic.if.baseline", "oic.if.r"]
+                        }
+                    ],
+                    "permission": 2
+                },
+                {
+                    "subjectuuid": "*",
+                    "resources": [
+                        {
+                            "href": "/oic/sec/doxm",
+                            "rel": "",
+                            "rt": ["oic.r.doxm"],
+                            "if": ["oic.if.baseline"]
+                        },
+                        {
+                            "href": "/oic/sec/pstat",
+                            "rel": "",
+                            "rt": ["oic.r.pstat"],
+                            "if": ["oic.if.baseline"]
+                        },
+                        {
+                            "href": "/oic/sec/acl",
+                            "rel": "",
+                            "rt": ["oic.r.acl"],
+                            "if": ["oic.if.baseline"]
+                        },
+                        {
+                            "href": "/oic/sec/cred",
+                            "rel": "",
+                            "rt": ["oic.r.cred"],
+                            "if": ["oic.if.baseline"]
+                        }
+                    ],
+                    "permission": 6
+                }
+            ]
+        },
+        "rowneruuid" : "64697265-6374-7061-6972-696e67446576"
+    },
+    "pstat": {
+        "isop": false,
+        "deviceuuid": "64697265-6374-7061-6972-696e67446576",
+        "rowneruuid": "64697265-6374-7061-6972-696e67446576",
+        "cm": 2,
+        "tm": 0,
+        "om": 3,
+        "sm": 3
+        },
+    "doxm": {
+        "oxms": [0],
+        "oxmsel": 0,
+        "sct": 1,
+        "owned": false,
+        "deviceuuid": "64697265-6374-7061-6972-696e67446576",
+        "devowneruuid": "",
+        "rowneruuid": "64697265-6374-7061-6972-696e67446576",
+        "dpc": false
+    }
+}
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat

index bbdd93e..f4e0cee 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat differ
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json

index 07cc051..4e19439 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json
+++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json
@@ -8,44 +8,38 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -56,14 +50,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat

index 7f5457c..446a3c5 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat differ
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json

index 1dd7463..0a02f49 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json
+++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json
@@ -8,50 +8,38 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat

index 605683a..f17f27d 100644 (file)

Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat differ
diff --git a/resource/examples/oic_svr_db_client.dat b/resource/examples/oic_svr_db_client.dat

index 6feb473..ec4f806 100644 (file)

Binary files a/resource/examples/oic_svr_db_client.dat and b/resource/examples/oic_svr_db_client.dat differ
diff --git a/resource/examples/oic_svr_db_client.json b/resource/examples/oic_svr_db_client.json

index 5052bd1..c5ed9b6 100644 (file)
--- a/resource/examples/oic_svr_db_client.json
+++ b/resource/examples/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/resource/examples/oic_svr_db_client_directpairing.dat b/resource/examples/oic_svr_db_client_directpairing.dat

index 116deb8..3191896 100644 (file)

Binary files a/resource/examples/oic_svr_db_client_directpairing.dat and b/resource/examples/oic_svr_db_client_directpairing.dat differ
diff --git a/resource/examples/oic_svr_db_client_directpairing.json b/resource/examples/oic_svr_db_client_directpairing.json

index 0c83965..87d15bb 100644 (file)
--- a/resource/examples/oic_svr_db_client_directpairing.json
+++ b/resource/examples/oic_svr_db_client_directpairing.json
@@ -8,26 +8,20 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
-                            "href": "/oic/res/types/d",\r
+                            "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/presence",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -38,26 +32,26 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/cred",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.cred"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
diff --git a/resource/examples/oic_svr_db_server.dat b/resource/examples/oic_svr_db_server.dat

index 6834a79..1e9bdb5 100644 (file)

Binary files a/resource/examples/oic_svr_db_server.dat and b/resource/examples/oic_svr_db_server.dat differ
diff --git a/resource/examples/oic_svr_db_server.json b/resource/examples/oic_svr_db_server.json

index 921cc9d..2b845e5 100644 (file)
--- a/resource/examples/oic_svr_db_server.json
+++ b/resource/examples/oic_svr_db_server.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -68,8 +62,8 @@
                          {\r
                              "href": "/a/light",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
diff --git a/resource/provisioning/examples/SConscript b/resource/provisioning/examples/SConscript

index ae9d12f..07600fe 100644 (file)
--- a/resource/provisioning/examples/SConscript
+++ b/resource/provisioning/examples/SConscript
@@ -41,6 +41,7 @@ examples_env.AppendUnique(CPPPATH = [
          '../../oc_logger/include',
          '../../csdk/connectivity/api',
          '../../csdk/security/include',
+        '../../csdk/security/include/internal',
          '../../csdk/security/provisioning/include',
          '../../csdk/security/provisioning/include/oxm',
          '../../csdk/security/provisioning/include/internal'
diff --git a/resource/provisioning/examples/oic_svr_db_client.dat b/resource/provisioning/examples/oic_svr_db_client.dat

index 781f654..b94601a 100644 (file)

Binary files a/resource/provisioning/examples/oic_svr_db_client.dat and b/resource/provisioning/examples/oic_svr_db_client.dat differ
diff --git a/resource/provisioning/examples/oic_svr_db_client.json b/resource/provisioning/examples/oic_svr_db_client.json

index fb3c609..4589145 100644 (file)
--- a/resource/provisioning/examples/oic_svr_db_client.json
+++ b/resource/provisioning/examples/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/amacl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.amacl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,22 +44,22 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        }                  \r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
+                        }\r
                      ],\r
                      "permission": 2\r
                  }\r
              ]\r
          },\r
          "rowneruuid" : "61646D69-6E44-6576-6963-655575696430"\r
-    },    \r
+    },\r
      "pstat": {\r
          "isop": true,\r
          "cm": 0,\r
diff --git a/resource/provisioning/examples/provisioningclient.cpp b/resource/provisioning/examples/provisioningclient.cpp

index ad53059..13ca047 100644 (file)
--- a/resource/provisioning/examples/provisioningclient.cpp
+++ b/resource/provisioning/examples/provisioningclient.cpp
@@ -36,9 +36,12 @@
  #include "OCProvisioningManager.h"
  #include "oxmjustworks.h"
  #include "oxmrandompin.h"
+#include "aclresource.h"
+#include "utlist.h"
  
  #define MAX_URI_LENGTH (64)
  #define MAX_PERMISSION_LENGTH (5)
+#define ACL_RESRC_ARRAY_SIZE (3)
  #define CREATE (1)
  #define READ (2)
  #define UPDATE (4)
@@ -270,19 +273,8 @@ int readDeviceNumber(DeviceList_t &list, int count, int *out)
   */
  static void deleteACL(OicSecAcl_t *acl)
  {
-    if (acl)
-    {
-        /* Clean Resources */
-        for (unsigned int i = 0; i < (acl)->resourcesLen; i++)
-        {
-            OICFree((acl)->resources[i]);
-        }
-        OICFree((acl)->resources);
+    DeleteACLList(acl);
  
-        /* Clean ACL node itself */
-        /* Required only if acl was created in heap */
-        OICFree((acl));
-    }
  }
  
  /**
@@ -369,39 +361,54 @@ static int InputACL(OicSecAcl_t *acl)
      printf("Subject : ");
      ret = scanf("%19ms", &temp_id);
  
+    OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+    if(NULL == ace)
+    {
+        OIC_LOG(ERROR, TAG, "Error while memory allocation");
+        return -1;
+    }
+    LL_APPEND(acl->aces, ace);
+
      if (1 == ret)
      {
          for (int i = 0, j = 0; temp_id[i] != '\0'; i++)
          {
              if (DASH != temp_id[i])
-                acl->subject.id[j++] = temp_id[i];
+                ace->subjectuuid.id[j++] = temp_id[i];
          }
          OICFree(temp_id);
      }
      else
      {
+        deleteACL(acl);
          printf("Error while input\n");
          return -1;
      }
  
      //Set Resource.
+    size_t resourcesLen = 0;
      printf("Num. of Resource : ");
-    ret = scanf("%zu", &acl->resourcesLen);
-    if ((1 != ret) || (acl->resourcesLen <= 0 || acl->resourcesLen > 50))
+    ret = scanf("%zu", &resourcesLen);
+    if ((1 != ret) || (resourcesLen <= 0 || resourcesLen > 50))
      {
+        deleteACL(acl);
          printf("Error while input\n");
          return -1;
      }
      printf("-URI of resource\n");
      printf("ex)/oic/sh/temp/0 (Max_URI_Length: 64 Byte )\n");
-    acl->resources = (char **)OICCalloc(acl->resourcesLen, sizeof(char *));
-    if (NULL == acl->resources)
-    {
-        OIC_LOG(ERROR, TAG, "Error while memory allocation");
-        return -1;
-    }
-    for (size_t i = 0; i < acl->resourcesLen; i++)
+    for(size_t i = 0; i < resourcesLen; i++)
      {
+        OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+        if(NULL == rsrc)
+        {
+            deleteACL(acl);
+            OIC_LOG(ERROR, TAG, "Error while memory allocation");
+            return -1;
+        }
+
+        LL_APPEND(ace->resources, rsrc);
+
          printf("[%zu]Resource : ", i + 1);
          ret = scanf("%64ms", &temp_rsc);
          if (1 != ret)
@@ -410,14 +417,97 @@ static int InputACL(OicSecAcl_t *acl)
              return -1;
          }
  
-        acl->resources[i] = OICStrdup(temp_rsc);
+        rsrc->href = OICStrdup(temp_rsc);
          OICFree(temp_rsc);
-        if (NULL == acl->resources[i])
+
+        char* rsrc_in = NULL;
+        int arrLen = 0;
+        while(1)
          {
-            OIC_LOG(ERROR, TAG, "Error while memory allocation");
-            return -1;
+            printf("         Enter Number of resource type for [%s]: ", rsrc_in);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%d", &arrLen);
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+            {
+                break;
+            }
+            printf("     Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+        }
+
+        rsrc->typeLen = arrLen;
+        rsrc->types = (char**)OICCalloc(arrLen, sizeof(char*));
+        if(!rsrc->types)
+        {
+            OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+            goto error;
          }
+
+        for(int i = 0; i < arrLen; i++)
+        {
+            printf("         Enter ResourceType[%d] Name: ", i+1);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%64ms", &rsrc_in);  // '128' is ACL_RESRC_MAX_LEN
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            rsrc->types[i] = OICStrdup(rsrc_in);
+            OICFree(rsrc_in);
+            if(!rsrc->types[i])
+            {
+                OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+                goto error;
+            }
+        }
+
+        while(1)
+        {
+            printf("         Enter Number of interface name for [%s]: ", rsrc_in);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%d", &arrLen);
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            if(0 < arrLen && ACL_RESRC_ARRAY_SIZE >= arrLen)
+            {
+                break;
+            }
+            printf("     Entered Wrong Number. Please Enter under %d Again\n", ACL_RESRC_ARRAY_SIZE);
+        }
+
+        rsrc->interfaceLen = arrLen;
+        rsrc->interfaces = (char**)OICCalloc(arrLen, sizeof(char*));
+        if(!rsrc->interfaces)
+        {
+            OIC_LOG(ERROR, TAG, "createAcl: OICCalloc error return");
+            goto error;
+        }
+
+        for(int i = 0; i < arrLen; i++)
+        {
+            printf("         Enter ResourceType[%d] Name: ", i+1);
+            for(int ret=0; 1!=ret; )
+            {
+                ret = scanf("%64ms", &rsrc_in);  // '128' is ACL_RESRC_MAX_LEN
+                for( ; 0x20<=getchar(); );  // for removing overflow garbages
+                                            // '0x20<=code' is character region
+            }
+            rsrc->interfaces[i] = OICStrdup(rsrc_in);
+            OICFree(rsrc_in);
+            if(!rsrc->interfaces[i])
+            {
+                OIC_LOG(ERROR, TAG, "createAcl: OICStrdup error return");
+                goto error;
+            }
+        }
+
      }
+
      // Set Permission
      do
      {
@@ -428,9 +518,9 @@ static int InputACL(OicSecAcl_t *acl)
          if (1 != ret)
          {
              printf("Error while input\n");
-            return -1;
+            goto error;
          }
-        ret = CalculateAclPermission(temp_pms, &(acl->permission));
+        ret = CalculateAclPermission(temp_pms, &(ace->permission));
          OICFree(temp_pms);
      } while (0 != ret );
  
@@ -443,7 +533,7 @@ static int InputACL(OicSecAcl_t *acl)
      if (1 != ret)
      {
          printf("Error while input\n");
-        return -1;
+        goto error;
      }
  
      for (int k = 0, j = 0; temp_id[k] != '\0'; k++)
@@ -456,6 +546,10 @@ static int InputACL(OicSecAcl_t *acl)
      OICFree(temp_id);
  
      return 0;
+
+error:
+    DeleteACLList(acl);
+    return -1;
  }
  
  static int InputCredentials(Credential &cred)
diff --git a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat

index cb6a70f..80da641 100644 (file)

Binary files a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat and b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat differ
diff --git a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json

index 592bc1b..b631514 100644 (file)
--- a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json
+++ b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat

index 9de47b8..ec4f806 100644 (file)

Binary files a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat and b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat differ
diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json

index 5052bd1..c5ed9b6 100644 (file)
--- a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json
+++ b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat

index 31e1814..436838d 100644 (file)

Binary files a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat and b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat differ
diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json

index 0e1bf23..f38870c 100644 (file)
--- a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json
+++ b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json
@@ -8,38 +8,32 @@
                          {\r
                              "href": "/oic/res",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.res"],\r
+                            "if": ["oic.if.ll"]\r
                          },\r
                          {\r
                              "href": "/oic/d",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.d"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/p",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        },\r
-                        {\r
-                            "href": "/oic/res/types/d",\r
-                            "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.p"],\r
+                            "if": ["oic.if.baseline", "oic.if.r"]\r
                          },\r
                          {\r
                              "href": "/oic/ad",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.wk.ad"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/oic/sec/acl",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.acl"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -50,14 +44,14 @@
                          {\r
                              "href": "/oic/sec/doxm",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
-                        } ,\r
+                            "rt": ["oic.r.doxm"],\r
+                            "if": ["oic.if.baseline"]\r
+                        },\r
                          {\r
                              "href": "/oic/sec/pstat",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.r.pstat"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 2\r
@@ -68,20 +62,20 @@
                          {\r
                              "href": "/a/light",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/a/light0",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          },\r
                          {\r
                              "href": "/a/light1",\r
                              "rel": "",\r
-                            "rt": "",\r
-                            "if": ""\r
+                            "rt": ["oic.core"],\r
+                            "if": ["oic.if.baseline"]\r
                          }\r
                      ],\r
                      "permission": 6\r
author	leechul <chuls.lee@samsung.com>
	Fri, 20 May 2016 00:41:00 +0000 (09:41 +0900)
committer	Randeep Singh <randeep.s@samsung.com>
	Thu, 7 Jul 2016 11:33:14 +0000 (11:33 +0000)
android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat		patch \| blob \| history
android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json		patch \| blob \| history
android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat		patch \| blob \| history
android/examples/simpleclient/src/main/assets/oic_svr_db_client.json		patch \| blob \| history
android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat		patch \| blob \| history
android/examples/simpleserver/src/main/assets/oic_svr_db_server.json		patch \| blob \| history
resource/csdk/security/include/internal/aclresource.h		patch \| blob \| history
resource/csdk/security/include/internal/srmresourcestrings.h		patch \| blob \| history
resource/csdk/security/include/securevirtualresourcetypes.h		patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat		patch \| blob \| history
resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_client.dat		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_client.json		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json	[changed mode: 0755->0644]	patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat		patch \| blob \| history
resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json		patch \| blob \| history
resource/csdk/security/provisioning/sample/provisioningclient.c		patch \| blob \| history
resource/csdk/security/provisioning/src/secureresourceprovider.c		patch \| blob \| history
resource/csdk/security/src/aclresource.c		patch \| blob \| history
resource/csdk/security/src/doxmresource.c		patch \| blob \| history
resource/csdk/security/src/dpairingresource.c		patch \| blob \| history
resource/csdk/security/src/policyengine.c		patch \| blob \| history
resource/csdk/security/src/srmresourcestrings.c		patch \| blob \| history
resource/csdk/security/tool/json2cbor.c		patch \| blob \| history
resource/csdk/security/unittest/aclresourcetest.cpp		patch \| blob \| history
resource/csdk/security/unittest/oic_svr_db.dat		patch \| blob \| history
resource/csdk/security/unittest/oic_svr_db.json		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest.dat		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest.json		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest_acl1.dat		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest_acl1.json		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest_default_acl.dat		patch \| blob \| history
resource/csdk/security/unittest/oic_unittest_default_acl.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_amss_db.dat		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_amss_db.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json		patch \| blob \| history
resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat		patch \| blob \| history
resource/examples/oic_svr_db_client.dat		patch \| blob \| history
resource/examples/oic_svr_db_client.json		patch \| blob \| history
resource/examples/oic_svr_db_client_directpairing.dat		patch \| blob \| history
resource/examples/oic_svr_db_client_directpairing.json		patch \| blob \| history
resource/examples/oic_svr_db_server.dat		patch \| blob \| history
resource/examples/oic_svr_db_server.json		patch \| blob \| history
resource/provisioning/examples/SConscript		patch \| blob \| history
resource/provisioning/examples/oic_svr_db_client.dat		patch \| blob \| history
resource/provisioning/examples/oic_svr_db_client.json		patch \| blob \| history
resource/provisioning/examples/provisioningclient.cpp		patch \| blob \| history
service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat		patch \| blob \| history
service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json		patch \| blob \| history
service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat		patch \| blob \| history
service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json		patch \| blob \| history
service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat		patch \| blob \| history
service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json		patch \| blob \| history