Integrated CA layer and RI layer for DTLS security

Integrated OCSecurityConfig data structure with CA DTLS implementation.
Also updated RI layer to use security data structure variables from CA.

Change-Id: Ia708c8a61f3a8e56442c7acfa927cf2512024452
Signed-off-by: Sachin Agrawal <sachin.agrawal@intel.com>

diff --git a/resource/csdk/connectivity/api/cacommon.h b/resource/csdk/connectivity/api/cacommon.h
index 490280c3539b0c7d9931bfcdb81539f22a6f80b5..e4d616389e87ce3ca7b1a8a01eb050ce746a99d9 100644 (file)
--- a/resource/csdk/connectivity/api/cacommon.h
+++ b/resource/csdk/connectivity/api/cacommon.h
@@ -70,27 +70,6 @@ extern "C"
 #define CA_OPTION_LOCATION_QUERY 20
 #define CA_OPTION_OBSERVE 6
 
-/**
- @brief Max length of ID
- */
-#define DTLS_PSK_ID_LEN 16
-
-/**
- @brief Max length of PSK
- */
-#define DTLS_PSK_PSK_LEN 16
-
-/**
- @brief version
- */
-#define DtlsPskCredsBlobVer_1 1
-
-/**
- @brief current version
- */
-#define DtlsPskCredsBlobVer_CurrentVersion DtlsPskCredsBlobVer_1
-
-
 /**
  @brief Payload information from resource model
  */
@@ -347,29 +326,6 @@ typedef struct
     CAInfo_t info;
 } CAResponseInfo_t;
 
-/**
- * Credentials for a device. Includes identity and the associated PSK.
- */
-typedef struct
-{
-    unsigned char clientIdentity[DTLS_PSK_ID_LEN];
-    unsigned char rsClientPsk[DTLS_PSK_PSK_LEN];
-} CADtlsPskCreds_t;
-
-/**
- * Binary blob containing device identity and the credentials for all devices
- * trusted by this device.
- */
-typedef struct
-{
-    uint16_t blobVer;                        /**< version of the blob */
-    uint16_t reserved;                       /**< reserved for future use */
-    unsigned char rsIdentity[DTLS_PSK_ID_LEN]; /**< identity of self */
-    uint32_t num;                            /**< number of credentials in this blob */
-    CADtlsPskCreds_t *creds;                 /**< list of credentials. Size of this
-                                                 array is determined by 'num' variable. */
-} CADtlsPskCredsBlob_t;
-
 #ifdef __cplusplus
 } /* extern "C" */
 #endif

diff --git a/resource/csdk/connectivity/build/linux/Makefile b/resource/csdk/connectivity/build/linux/Makefile
index 5158ebbcd036fc5954795506251a15d58209f17e..b0036a8b730be2bc1b089e632b18f8912646670e 100644 (file)
--- a/resource/csdk/connectivity/build/linux/Makefile
+++ b/resource/csdk/connectivity/build/linux/Makefile
@@ -123,7 +123,8 @@ IFLAGS = -I$(PROJECT_COMMON_INC_PATH)       \
         -I$(libcoap_build_dir)
 
 ifeq ($(DTLS),1)
-       IFLAGS += -I$(libtiny_lib_dir)
+       IFLAGS += -I$(libtiny_lib_dir) \
+               -I$(PROJECT_SEC_PATH)
 endif
 
 DFLAGS = -D__LINUX__ -DWITH_POSIX $(BUILD_FLAG)

diff --git a/resource/csdk/connectivity/build/linux/common.mk b/resource/csdk/connectivity/build/linux/common.mk
index fe665854bb258a011430b9529982fee8a7f337d6..3207f838c677337621d42cffc711e83dfd93b05a 100644 (file)
--- a/resource/csdk/connectivity/build/linux/common.mk
+++ b/resource/csdk/connectivity/build/linux/common.mk
@@ -32,6 +32,7 @@ PROJECT_COMMON_SRC_PATH               = $(PROJECT_ROOT_PATH)/common/src
 PROJECT_COMMON_PATH                    = $(PROJECT_ROOT_PATH)/common
 PROJECT_OUT_PATH                       = $(PROJECT_ROOT_PATH)/build/out
 PROJECT_LIB_PATH                       = $(PROJECT_ROOT_PATH)/lib
+PROJECT_SEC_PATH                       = $(PROJECT_ROOT_PATH)/../stack/include
 
 ##
 ##     macro

diff --git a/resource/csdk/connectivity/inc/caadapternetdtls.h b/resource/csdk/connectivity/inc/caadapternetdtls.h
index b4efbc99111487d011cde6e843b78358e272bbe0..f8246e2b9d3152d1c7f4c35e3ccd03716dfd0835 100644 (file)
--- a/resource/csdk/connectivity/inc/caadapternetdtls.h
+++ b/resource/csdk/connectivity/inc/caadapternetdtls.h
@@ -24,11 +24,14 @@
 #include "uarraylist.h"
 #include "umutex.h"
 #include "caadapterutils.h"
+#include "ocsecurityconfig.h"
 
 #define MAX_SUPPORTED_ADAPTERS 2
 
-///TODO: once proper .h provided for this function, it will be removed
-extern void CAGetDtlsPskCredentials(CADtlsPskCredsBlob_t **credInfo);
+/**
+ * @brief The implementation will be provided by OIC RI layer.
+ */
+extern void OCGetDtlsPskCredentials(OCDtlsPskCredsBlob **credInfo);
 
 typedef void (*CAPacketReceivedCallback)(const char *ipAddress, const uint32_t port,
         const void *data, const uint32_t dataLength, const CABool_t isSecured);

diff --git a/resource/csdk/connectivity/samples/linux/Makefile b/resource/csdk/connectivity/samples/linux/Makefile
index 74197a0b52d16e41f9792d0538fec2caaa18efc8..278a4253890d14a6d2e3fc2b3a6fd98e5bc982c8 100644 (file)
--- a/resource/csdk/connectivity/samples/linux/Makefile
+++ b/resource/csdk/connectivity/samples/linux/Makefile
@@ -28,6 +28,7 @@ PROJECT_API_PATH                      = $(PROJECT_ROOT_PATH)/api
 PROJECT_INC_PATH                       = $(PROJECT_ROOT_PATH)/inc
 PROJECT_SRC_PATH                       = $(PROJECT_ROOT_PATH)/src
 PROJECT_COMMON_PATH            = $(PROJECT_ROOT_PATH)/common
+PROJECT_SEC_PATH                       = $(PROJECT_ROOT_PATH)/../stack/include
 PROJECT_OUT_PATH                       = $(PROJECT_ROOT_PATH)/build/out
 COMPONENT_OUT_PATH             = ./out
 COMPONENT_OBJ_PATH             = ./.objs
@@ -64,7 +65,7 @@ CFLAGS                                = -g -c -Wall -fPIC
 
 LFLAGS                         = -ldl -lpthread
 
-IFLAGS                         = -I$(PROJECT_API_PATH) \
+IFLAGS                         = -I$(PROJECT_API_PATH) -I$(PROJECT_SEC_PATH)
 
 DFLAGS                         = -DLINUX -DTB_LOG
 

diff --git a/resource/csdk/connectivity/samples/linux/sample.sh b/resource/csdk/connectivity/samples/linux/sample.sh
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/resource/csdk/connectivity/samples/linux/sample_main.c b/resource/csdk/connectivity/samples/linux/sample_main.c
index 9c26c48e2ff4065030b68941bf0a0640fd8cd362..a6620cb2ebfe1bbe291d07cc54a537f572ad62ab 100644 (file)
--- a/resource/csdk/connectivity/samples/linux/sample_main.c
+++ b/resource/csdk/connectivity/samples/linux/sample_main.c
@@ -25,6 +25,7 @@
 #include <unistd.h>
 #include "cacommon.h"
 #include "cainterface.h"
+#include "ocsecurityconfig.h"
 
 
 #define MAX_BUF_LEN 1024
@@ -65,6 +66,7 @@ void unselect_network();
 void handle_request_response();
 void find_fixed_resource();
 void get_network_info();
+void send_secure_request();
 
 void request_handler(const CARemoteEndpoint_t *object, const CARequestInfo_t *requestInfo);
 void response_handler(const CARemoteEndpoint_t *object, const CAResponseInfo_t *responseInfo);
@@ -78,51 +80,57 @@ static const char *gSecureInfoData = "{\"oc\":[{\"href\":\"%s\",\"prop\":{\"rt\"
 static const char *gNormalInfoData = "{\"oc\":[{\"href\":\"%s\",\"prop\":{\"rt\":[\"core.led\"],"
                                      "\"if\":[\"oc.mi.def\"],\"obs\":1}}]}";
 
-static CADtlsPskCredsBlob_t *pskCredsBlob = NULL;
+static OCDtlsPskCredsBlob *pskCredsBlob = NULL;
 
 void clearDtlsCredentialInfo()
 {
     printf("clearDtlsCredentialInfo IN\n");
     if (pskCredsBlob)
     {
-        // Initialize sensitive data to zeroes before freeing.
-        memset(pskCredsBlob->creds, 0, sizeof(CADtlsPskCreds_t) * (pskCredsBlob->num));
+        // Zero out sensitive data before freeing.
+        if (pskCredsBlob->num)
+        {
+            memset(pskCredsBlob->creds, 0,
+                    sizeof(OCDtlsPskCredsBlob) + (sizeof(OCDtlsPskCreds)*(pskCredsBlob->num - 1)));
+        }
         free(pskCredsBlob->creds);
-
-        memset(pskCredsBlob, 0, sizeof(CADtlsPskCredsBlob_t));
-        free(pskCredsBlob);
         pskCredsBlob = NULL;
     }
     printf("clearDtlsCredentialInfo OUT\n");
 }
 
 // Internal API. Invoked by OC stack to retrieve credentials from this module
-void CAGetDtlsPskCredentials(CADtlsPskCredsBlob_t **credInfo)
+void OCGetDtlsPskCredentials(OCDtlsPskCredsBlob **credInfo)
 {
-    printf("CAGetDtlsPskCredentials IN\n");
+    printf("OCGetDtlsPskCredentials IN\n");
 
     *credInfo = pskCredsBlob;
 
-    printf("CAGetDtlsPskCredentials OUT\n");
+    printf("OCGetDtlsPskCredentials OUT\n");
 }
 
 int32_t SetCredentials()
 {
+    int32_t ret = 0;
     printf("SetCredentials IN\n");
-    pskCredsBlob = (CADtlsPskCredsBlob_t *)malloc(sizeof(CADtlsPskCredsBlob_t));
+    pskCredsBlob = (OCDtlsPskCredsBlob *)malloc(sizeof(OCDtlsPskCredsBlob));
 
-    memset(pskCredsBlob, 0x0, sizeof(CADtlsPskCredsBlob_t));
-    memcpy(pskCredsBlob->rsIdentity, IDENTITY, DTLS_PSK_ID_LEN);
+    if (pskCredsBlob)
+    {
+        memset(pskCredsBlob, 0x0, sizeof(OCDtlsPskCredsBlob));
+        pskCredsBlob->num = DtlsPskCredsBlobVer_CurrentVersion;
+        memcpy(pskCredsBlob->identity, IDENTITY, DTLS_PSK_ID_LEN);
 
-    pskCredsBlob->num = 1;
+        pskCredsBlob->num = 1;
 
-    pskCredsBlob->creds = (CADtlsPskCreds_t *)malloc(sizeof(CADtlsPskCreds_t) * (pskCredsBlob->num));
+        memcpy(pskCredsBlob->creds[0].id, IDENTITY, DTLS_PSK_ID_LEN);
+        memcpy(pskCredsBlob->creds[0].psk, RS_CLIENT_PSK, DTLS_PSK_PSK_LEN);
 
-    memcpy(pskCredsBlob->creds[0].clientIdentity, IDENTITY, DTLS_PSK_ID_LEN);
-    memcpy(pskCredsBlob->creds[0].rsClientPsk, RS_CLIENT_PSK, DTLS_PSK_PSK_LEN);
+        ret = 1;
+    }
 
     printf("SetCredentials OUT\n");
-    return 1;
+    return ret;
 }
 
 int main()
@@ -258,6 +266,20 @@ void process()
                     }
                 }
                 break;
+
+            case 'w':
+            case 'W':
+                gReceived = 0;
+                start_discovery_server();
+                send_secure_request();
+                while (gReceived == 0)
+                {
+                    sleep(1);
+                    handle_request_response();
+                }
+
+                break;
+
             case 'z':
             case 'Z':
                 start_listening_server();
@@ -470,7 +492,7 @@ void send_request()
     requestData.token = token;
     if ('1' == secureRequest[0])
     {
-        int length = strlen(gSecureInfoData) + strlen(resourceURI) + 1;
+        int length = strlen(resourceURI) + 1;
         requestData.payload = (CAPayload_t) malloc(length);
         sprintf(requestData.payload, gSecureInfoData, resourceURI, gLocalSecurePort);
     }
@@ -500,6 +522,56 @@ void send_request()
     printf("=============================================\n");
 }
 
+void send_secure_request()
+{
+    char uri[MAX_BUF_LEN];
+    char ipv4addr[CA_IPADDR_SIZE];
+
+    printf("Enter IPv4 address of the source hosting secure resource (Ex: 11.12.13.14)\n");
+
+    fgets(ipv4addr, CA_IPADDR_SIZE, stdin);
+    snprintf(uri, MAX_BUF_LEN, "coaps://%s:5684/a/light", ipv4addr);
+
+    printf("\n=============================================\n");
+    // create remote endpoint
+    CARemoteEndpoint_t *endpoint = NULL;
+    if (CA_STATUS_OK != CACreateRemoteEndpoint(uri, CA_ETHERNET, &endpoint))
+    {
+        printf("Failed to create remote endpoint!\n");
+        goto exit;
+    }
+
+    // create token
+    CAToken_t token = NULL;
+    if (CA_STATUS_OK != CAGenerateToken(&token))
+    {
+        printf("Failed to generate token !\n");
+        goto exit;
+    }
+
+    // create request data
+    CAMessageType_t msgType = CA_MSG_NONCONFIRM;
+    CAInfo_t requestData;
+    memset(&requestData, 0, sizeof(CAInfo_t));
+    requestData.token = token;
+    requestData.type = msgType;
+
+    CARequestInfo_t requestInfo;
+    memset(&requestInfo, 0, sizeof(CARequestInfo_t));
+    requestInfo.method = CA_GET;
+    requestInfo.info = requestData;
+
+    // send request
+    CASendRequest(endpoint, &requestInfo);
+
+exit:
+    // cleanup
+    CADestroyToken(token);
+    CADestroyRemoteEndpoint(endpoint);
+    printf("=============================================\n");
+}
+
+
 void send_request_all()
 {
     char buf[MAX_BUF_LEN];
@@ -793,6 +865,7 @@ char get_menu()
     printf("\th : handle request response\n");
     printf("\ty : run static client\n");
     printf("\tz : run static server\n");
+    printf("\tw : send secure request\n");
     printf("\tq : quit\n");
     printf("=============================================\n");
     printf("select : ");

diff --git a/resource/csdk/connectivity/src/adapter_util/caadapternetdtls.c b/resource/csdk/connectivity/src/adapter_util/caadapternetdtls.c
index a349ec0fbf991600d8e370068814aef5adee7292..1d016d4ae42260b35b5d6f06293690286e278ed4 100644 (file)
--- a/resource/csdk/connectivity/src/adapter_util/caadapternetdtls.c
+++ b/resource/csdk/connectivity/src/adapter_util/caadapternetdtls.c
@@ -346,29 +346,32 @@ static int32_t CAGetPskCredentials(dtls_context_t *ctx,
     OIC_LOG(DEBUG, NET_DTLS_TAG, "IN");
 
     int32_t ret  = -1;
+    OCDtlsPskCredsBlob *credInfo = NULL;
 
-    CADtlsPskCredsBlob_t *credInfo = NULL;
-    CAGetDtlsPskCredentials(&credInfo);
+    //Retrieve the credentials blob from security module
+    OCGetDtlsPskCredentials(&credInfo);
 
-    VERIFY_NON_NULL_RET(credInfo, NET_DTLS_TAG, "CAGetDtlsPskCredentials credInfo is NULL", 0);
+    VERIFY_NON_NULL_RET(credInfo, NET_DTLS_TAG, "OCGetDtlsPskCredentials credInfo is NULL", ret);
 
     if ((type == DTLS_PSK_HINT) || (type == DTLS_PSK_IDENTITY))
     {
         if (DTLS_PSK_ID_LEN <= resultLen)
         {
-            memcpy(result, credInfo->rsIdentity, DTLS_PSK_ID_LEN);
+            memcpy(result, credInfo->identity, DTLS_PSK_ID_LEN);
             ret = DTLS_PSK_ID_LEN;
         }
     }
 
     if ((type == DTLS_PSK_KEY) && (desc) && (descLen == DTLS_PSK_PSK_LEN))
     {
+        //Check if we have the credentials for the device with which we
+        //are trying to perform a handshake
         int index = 0;
-        for (index = 0; index < credInfo->num; index++)
+        for (; index < credInfo->num; index++)
         {
-            if (memcmp(desc, credInfo->creds[index].clientIdentity, DTLS_PSK_ID_LEN) == 0)
+            if (memcmp(desc, credInfo->creds[index].id, DTLS_PSK_ID_LEN) == 0)
             {
-                memcpy(result, credInfo->creds[index].rsClientPsk, DTLS_PSK_PSK_LEN);
+                memcpy(result, credInfo->creds[index].psk, DTLS_PSK_PSK_LEN);
                 ret = DTLS_PSK_PSK_LEN;
             }
         }

diff --git a/resource/csdk/libcoap-4.1.1/makefile b/resource/csdk/libcoap-4.1.1/makefile
index ddf4fec04ee7b7154cca2b5512b72b544c90ff33..e90a12183f86bb56f362989bc687e6094fdf9849 100644 (file)
--- a/resource/csdk/libcoap-4.1.1/makefile
+++ b/resource/csdk/libcoap-4.1.1/makefile
@@ -29,6 +29,7 @@ PLATFORM=linux
 PLATFORM_TYPE=linux
 # override with `make PLATFORM=arduinomega ARDUINOWIFI=1` to enable Arduino WiFi shield
 ARDUINOWIFI := 0
+CA_INT_DTLS := 0
 
 ifeq ($(ROOT_DIR), )
        ROOT_DIR = ..
@@ -106,6 +107,7 @@ SOURCES+= pdu.c net.c debug.c encode.c uri.c coap_list.c hashkey.c \
 VPATH += $(OCSOCK_DIR)/src:$(LOGGER_DIR)/src:$(RANDOM_DIR)/src:$(OCMALLOC_DIR)/src\
          :$(OC_LOG_DIR)/c
 
+ifeq ($(CA_INT_DTLS),0)
 ifeq ($(PLATFORM),linux)
 ifneq ($(wildcard $(TINYDTLS_DIR)/libtinydtls.a),)
     $(info "Building libcoap with DTLS support")
@@ -117,6 +119,7 @@ ifneq ($(wildcard $(TINYDTLS_DIR)/libtinydtls.a),)
        CC_FLAGS.release += -DWITH_DTLS
 endif
 endif
+endif
 
 OBJECTS:= $(patsubst %.c, %.o, $(SOURCES))
 

diff --git a/resource/csdk/makefile b/resource/csdk/makefile
index c3582edb9d3ed8cdc9ec859bcb2ac7da3eeda6ac..f3673843c44b68e804dc1fbf50d868246e0583f5 100644 (file)
--- a/resource/csdk/makefile
+++ b/resource/csdk/makefile
@@ -27,6 +27,7 @@ PLATFORM := linux
 
 # override with `make PLATFORM=arduinomega ARDUINOWIFI=1` to enable Arduino WiFi shield
 ARDUINOWIFI := 0
+CA_INT_DTLS := 0
 
 ifeq ($(ROOT_DIR), )
 ROOT_DIR       = ./
@@ -154,7 +155,7 @@ buildScript_all: objdirs obj_build ca liboctbstack.a
 
 make_lcoap:
        @echo "Building $@"
-       $(MAKE) -C $(LCOAP_DIR) "BUILD=$(BUILD)" "PLATFORM=$(PLATFORM)" "ARDUINOWIFI=$(ARDUINOWIFI)"
+       $(MAKE) -C $(LCOAP_DIR) "BUILD=$(BUILD)" "PLATFORM=$(PLATFORM)" "ARDUINOWIFI=$(ARDUINOWIFI)" "CA_INT_DTLS=$(CA_INT_DTLS)"
 
 objdirs:
        mkdir -p $(PLATFORM)
@@ -180,12 +181,14 @@ liboctbstack.a:
        # Repackage all the objects at this location into a single archive. This is OCStack, OCCoap, and LibCoap (LibCoap contains OCRandom, OCLogger, and OCSocket.).
        $(AR) -r $(OUT_DIR)/$@ $(OBJ_DIR)/*.o
 
-    ifeq ($(PLATFORM),linux)
-     ifneq ($(wildcard $(TINYDTLS_DIR)/libtinydtls.a),)
+    ifeq ($(CA_INT_DTLS),0)
+     ifeq ($(PLATFORM),linux)
+      ifneq ($(wildcard $(TINYDTLS_DIR)/libtinydtls.a),)
                        $(info "Building liboctbstack with DTLS support")
                        mkdir -p $(OBJ_DIR)/tinydtls
                        @cd $(OBJ_DIR)/tinydtls && $(AR) -x ../$(PLATFORM_SPECIFIC_BACKOUT)$(TINYDTLS_DIR)/libtinydtls.a
                        $(AR) -q $(OUT_DIR)/$@ $(OBJ_DIR)/tinydtls/*.o
+      endif
      endif
     endif
 

diff --git a/resource/csdk/stack/include/internal/ocresourcehandler.h b/resource/csdk/stack/include/internal/ocresourcehandler.h
index 971dba51b30b8f9bf9ce085c0a9fcdf06cf5c427..8522e14d75d87179e58a9bc183322666cc001057 100644 (file)
--- a/resource/csdk/stack/include/internal/ocresourcehandler.h
+++ b/resource/csdk/stack/include/internal/ocresourcehandler.h
@@ -78,9 +78,16 @@ OCStackResult DetermineResourceHandling (OCServerRequest *request,
 OCStackResult
 ProcessRequest(ResourceHandling resHandling, OCResource *resource, OCServerRequest *request);
 
+#ifdef CA_INT
+OCStackResult
+BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filterOn,
+                        char *filterValue, char * out, uint16_t *remaining,
+                        CAConnectivityType_t connType );
+#else
 OCStackResult
 BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filterOn,
                         char *filterValue, char * out, uint16_t *remaining);
+#endif
 
 OCStackResult EntityHandlerCodeToOCStackCode(OCEntityHandlerResult ehResult);
 

diff --git a/resource/csdk/stack/samples/linux/secure/makefile b/resource/csdk/stack/samples/linux/secure/makefile
index c77d733abc7008a728040f80d13499c9fec1814f..212b43706d1e42110217ba8e7427e8db5bad6ee9 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/makefile
+++ b/resource/csdk/stack/samples/linux/secure/makefile
@@ -25,6 +25,7 @@ PLATFORM := linux
 CC      := g++
 OUT_DIR          := $(BUILD)
 OBJ_DIR          := $(OUT_DIR)/obj
+CA_INT_DTLS := 0
 
 ifeq ($(ROOT_DIR), )
 ROOT_DIR       = ../../../..
@@ -41,8 +42,9 @@ OCCOAP_DIR    = $(ROOT_DIR)/occoap
 OCTBSTACK_DIR  = $(ROOT_DIR)/stack
 EXTLIBS_DIR    = $(ROOT_DIR)/../../extlibs
 CJSON_DIR      = $(EXTLIBS_DIR)/cjson
-
 CJSON_SRC      = $(CJSON_DIR)
+CONNECTIVITY_DIR= $(ROOT_DIR)/connectivity
+
 
 OCLOGGER_INC   = $(OCLOGGER_DIR)/include
 OC_LOG_INC     = $(OC_LOG_DIR)/include
@@ -63,12 +65,17 @@ INC_DIRS    += -I$(OCTBSTACK_INC)
 INC_DIRS       += -I$(CJSON_INC)
 
 CC_FLAGS.debug   := -O0 -g3 -Wall -ffunction-sections -fdata-sections -fno-exceptions \
-                        -std=c++0x -pedantic $(INC_DIRS) -L$(ROOT_DIR)/linux/$(BUILD) -DTB_LOG
+                        -std=c++0x -pedantic $(INC_DIRS) -L$(ROOT_DIR)/linux/$(BUILD) \
+                                               -L$(CONNECTIVITY_DIR)/build/out -DTB_LOG 
 CC_FLAGS.release := -Os -Wall -fdata-sections -Wl,--gc-sections -Wl,-s -fno-exceptions \
-                        -std=c++0x $(INC_DIRS) -L$(ROOT_DIR)/linux/$(BUILD) -DTB_LOG
+                        -std=c++0x $(INC_DIRS) -L$(ROOT_DIR)/linux/$(BUILD) \
+                                               -L$(CONNECTIVITY_DIR)/build/out -DTB_LOG 
 
 LDLIBS         += -loctbstack -lpthread
 CPPFLAGS       += $(CC_FLAGS.$(BUILD)) $(LDLIBS)
+ifeq ($(CA_INT_DTLS),1)
+ CPPFLAGS      += -lconnectivity_abstraction -DCA_INT_DTLS
+endif
 
 CJSON_SOURCES          := $(CJSON_SRC)/cJSON.c
 

diff --git a/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp b/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp
index e4125d2b26e14cada498e61c3c750d95fe66e16f..047370e0ac1c882a391d1fc628c75fee27c3ab89 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp
+++ b/resource/csdk/stack/samples/linux/secure/occlientbasicops.cpp
@@ -34,7 +34,12 @@
 #define TAG "occlientbasicops"
 static int UNICAST_DISCOVERY = 0;
 static int TEST_CASE = 0;
+
+#ifdef CA_INT_DTLS
+static int IPV4_ADDR_SIZE = 16;
+#else
 static const char * TEST_APP_UNICAST_DISCOVERY_QUERY = "coap://0.0.0.0:5683/oc/core";
+#endif
 static std::string putPayload = "{\"state\":\"off\",\"power\":10}";
 static std::string coapServerIP;
 static std::string coapServerPort;
@@ -180,7 +185,11 @@ int InitPutRequest()
     OC_LOG_V(INFO, TAG, "\n\nExecuting %s", __func__);
     std::ostringstream query;
     query << (coapSecureResource ? "coaps://" : "coap://") << coapServerIP
-        << ":" << coapServerPort << coapServerResource;
+        << ":" << coapServerPort
+#ifdef CA_INT_DTLS
+        << "/"
+#endif
+        << coapServerResource;
     return (InvokeOCDoResource(query, OC_REST_PUT, OC_LOW_QOS, putReqCB, NULL, 0));
 }
 
@@ -222,7 +231,11 @@ int InitGetRequest(OCQualityOfService qos)
     OC_LOG_V(INFO, TAG, "\n\nExecuting %s", __func__);
     std::ostringstream query;
     query << (coapSecureResource ? "coaps://" : "coap://") << coapServerIP
-        << ":" << coapServerPort << coapServerResource;
+        << ":" << coapServerPort
+#ifdef CA_INT_DTLS
+        << "/"
+#endif
+        << coapServerResource;
 
     return (InvokeOCDoResource(query, OC_REST_GET, (qos == OC_HIGH_QOS)?
             OC_HIGH_QOS:OC_LOW_QOS, getReqCB, NULL, 0));
@@ -234,10 +247,19 @@ int InitDiscovery()
     OCCallbackData cbData;
     OCDoHandle handle;
     /* Start a discovery query*/
-    char szQueryUri[64] = { 0 };
+    char szQueryUri[MAX_URI_LENGTH] = { 0 };
+
     if (UNICAST_DISCOVERY)
     {
+#ifdef CA_INT_DTLS
+        char ipv4addr[IPV4_ADDR_SIZE];
+
+        printf("Enter IPv4 address of the Server hosting secure resource (Ex: 11.12.13.14)\n");
+        fgets(ipv4addr, IPV4_ADDR_SIZE, stdin);
+        snprintf(szQueryUri, sizeof(szQueryUri), "coap://%s:5683/oc/core", ipv4addr);
+#else
         strcpy(szQueryUri, TEST_APP_UNICAST_DISCOVERY_QUERY);
+#endif
     }
     else
     {

diff --git a/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp b/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp
index 216268b397796e427a5f1dccb935e8f29b39e028..57011845b42e244f60f4fe1053dc0221b0d86592 100644 (file)
--- a/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp
+++ b/resource/csdk/stack/samples/linux/secure/ocserverbasicops.cpp
@@ -39,7 +39,11 @@ static int gCurrLedInstance = 0;
 #define SAMPLE_MAX_NUM_POST_INSTANCE  2
 static LEDResource gLedInstance[SAMPLE_MAX_NUM_POST_INSTANCE];
 
+#ifdef CA_INT_DTLS
+char *gResourceUri= (char *)"a/led";
+#else
 char *gResourceUri= (char *)"/a/led";
+#endif
 
 static uint16_t OC_WELL_KNOWN_PORT = 5683;
 

diff --git a/resource/csdk/stack/src/occollection.c b/resource/csdk/stack/src/occollection.c
index 2efba225ab4a09a40d6ac6fffa4cf06c96d07946..92c73c890a6b9592966a66caf9b93164a55a6b55 100644 (file)
--- a/resource/csdk/stack/src/occollection.c
+++ b/resource/csdk/stack/src/occollection.c
@@ -242,7 +242,15 @@ HandleLinkedListInterface(OCEntityHandlerRequest *ehRequest,
             OCResource* temp = collResource->rsrcResources[i];
             if (temp)
             {
-                ret = BuildVirtualResourceResponse(temp, filterOn, filterValue, (char*)ptr, &remaining);
+#ifdef CA_INT
+                //TODO : Update needed here to get correct connectivity type
+                //from ServerRequest data structure
+                ret = BuildVirtualResourceResponse(temp, filterOn, filterValue,
+                         (char*)ptr, &remaining, CA_WIFI );
+#else
+                ret = BuildVirtualResourceResponse(temp, filterOn, filterValue,
+                         (char*)ptr, &remaining);
+#endif
                 if (ret != OC_STACK_OK)
                 {
                     break;

diff --git a/resource/csdk/stack/src/ocresource.c b/resource/csdk/stack/src/ocresource.c
index ec7c17945d08e10c4572513e8fbd8ed82e5891f4..425ae6d0f65386bee505a50bac1dc6816a772190 100644 (file)
--- a/resource/csdk/stack/src/ocresource.c
+++ b/resource/csdk/stack/src/ocresource.c
@@ -30,6 +30,12 @@
 #include "debug.h"
 #include "cJSON.h"
 
+#ifdef CA_INT
+    #include "cacommon.h"
+    #include "cainterface.h"
+#endif
+
+
 /// Module Name
 #define TAG PCF("ocresource")
 #define VERIFY_SUCCESS(op, successCode) { if (op != successCode) \
@@ -61,6 +67,37 @@ OCEntityHandlerResult defaultResourceEHandler(OCEntityHandlerFlag flag,
     return  OC_EH_OK; // Making sure that the Default EH and the Vendor EH have matching signatures
 }
 
+#ifdef CA_INT
+/* This method  will return the port at which the secure resource is hosted */
+static OCStackResult GetSecurePortInfo(CAConnectivityType_t connType, uint32_t *port)
+{
+    CALocalConnectivity_t* info = NULL;
+    uint32_t size = 0;
+    OCStackResult ret = OC_STACK_ERROR;
+
+    CAResult_t caResult = CAGetNetworkInformation(&info, &size);
+    if ((caResult == CA_STATUS_OK) && info && size)
+    {
+        while (size--)
+        {
+            if (info[size].isSecured == CA_TRUE && info[size].type == connType)
+            {
+                if (info[size].type == CA_ETHERNET ||
+                    info[size].type == CA_WIFI)
+                {
+                    *port = info[size].addressInfo.IP.port;
+                    ret = OC_STACK_OK;
+                    break;
+                }
+            }
+        }
+    }
+
+    free(info);
+    return ret;
+}
+#endif
+
 static OCStackResult ValidateUrlQuery (unsigned char *url, unsigned char *query,
                                 uint8_t *filterOn, char **filterValue)
 {
@@ -104,8 +141,17 @@ static OCStackResult ValidateUrlQuery (unsigned char *url, unsigned char *query,
     return OC_STACK_OK;
 }
 
-OCStackResult BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filterOn,
-                                            char *filterValue, char * out, uint16_t *remaining)
+
+#ifdef CA_INT
+OCStackResult
+BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filterOn,
+                        char *filterValue, char * out, uint16_t *remaining,
+                        CAConnectivityType_t connType )
+#else
+OCStackResult
+BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filterOn,
+                        char *filterValue, char * out, uint16_t *remaining)
+#endif
 {
     OCResourceType *resourceTypePtr;
     OCResourceInterface *interfacePtr;
@@ -181,10 +227,15 @@ OCStackResult BuildVirtualResourceResponse(OCResource *resourcePtr, uint8_t filt
             }
             // Set secure flag for secure resources
             if (resourcePtr->resourceProperties & OC_SECURE) {
-                uint16_t port;
                 cJSON_AddNumberToObject (propObj, OC_RSRVD_SECURE, OC_RESOURCE_SECURE);
                 //Set the IP port also as secure resources are hosted on a different port
+#ifdef CA_INT
+                uint32_t port;
+                if (GetSecurePortInfo (connType, &port) == OC_STACK_OK) {
+#else
+                uint16_t port;
                 if (OCGetResourceEndPointInfo (resourcePtr, &port) == OC_STACK_OK) {
+#endif
                     cJSON_AddNumberToObject (propObj, OC_RSRVD_HOSTING_PORT, port);
                 }
             }
@@ -400,8 +451,13 @@ HandleVirtualResource (OCServerRequest *request, OCResource* resource)
                         remaining--;
                     }
                     firstLoopDone = 1;
+#ifdef CA_INT
+                    result = BuildVirtualResourceResponse(resource, filterOn, filterValue,
+                            (char*)ptr, &remaining, request->connectivityType );
+#else
                     result = BuildVirtualResourceResponse(resource, filterOn, filterValue,
                             (char*)ptr, &remaining);
+#endif
 
                     if (result != OC_STACK_OK)
                     {

diff --git a/resource/csdk/stack/src/ocserverrequest.c b/resource/csdk/stack/src/ocserverrequest.c
index cbda482b335d28a05242e3d6626551ebd4f310c4..0ecb89f31a6c47dd02b63bfc416ba78cfc447288 100644 (file)
--- a/resource/csdk/stack/src/ocserverrequest.c
+++ b/resource/csdk/stack/src/ocserverrequest.c
@@ -363,6 +363,7 @@ OCStackResult HandleSingleResponse(OCEntityHandlerResponse * ehResponse)
     responseEndpoint.resourceUri      = serverRequest->resourceUrl;
     responseEndpoint.addressInfo      = serverRequest->addressInfo;
     responseEndpoint.connectivityType = serverRequest->connectivityType;
+    responseEndpoint.isSecured        = serverRequest->secured;
 
     // Copy the info
     switch (ehResponse->ehResult)

diff --git a/resource/csdk/stack/src/ocstack.c b/resource/csdk/stack/src/ocstack.c
index 23bd367e59bdc0496ae62ecbd5b90e418dc6e5e5..b4115f3091ed2dcd5bb0a548727d6cd50c8712f7 100644 (file)
--- a/resource/csdk/stack/src/ocstack.c
+++ b/resource/csdk/stack/src/ocstack.c
@@ -363,7 +363,7 @@ void HandleCARequests(const CARemoteEndpoint_t* endPoint, const CARequestInfo_t*
     // CA does not need the following 3 fields
     serverRequest.coapID = 0;
     serverRequest.delayedResNeeded = 0;
-    serverRequest.secured = 0;
+    serverRequest.secured = endPoint->isSecured;
 
     // copy the address
     serverRequest.addressInfo      = endPoint->addressInfo;