- Implements madatory property 'sct' in doxm resource.
1. Modify marshalling/Unmarshalling functions in doxmresource.c.
2. Modify all SVR databases that have 'doxm' resource.
[Patch #2] Modify property(attribute ID) and wrong usage of a type for sct.
[Patch #3] Rebase & Fix Arduino build error
[Patch #4] Fix Provisioning C++ Sample build error
[Patch #5] Add 'sct' to resource/provisioning/example/xxx.json
[Patch #6] Updated xxx_client.json acl perms
Change-Id: I4340de22a138437f4307639a2e05dbe8a5affb8b
Signed-off-by: Woochul Shim <woochul.shim@samsung.com>
Signed-off-by: Ashwini Kumar <k.ashwini@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/2470
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
Reviewed-by: Sachin Agrawal <sachin.agrawal@intel.com>
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MjIyMjIyMjIyMjIyMjIyMg==",
"ownr": "MjIyMjIyMjIyMjIyMjIyMg=="
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MTExMTExMTExMTExMTExMQ==",
"ownr": "MjIyMjIyMjIyMjIyMjIyMg=="
extern const char * OIC_JSON_SM_NAME;
extern const char * OIC_JSON_SERVICE_DEVICE_ID;
extern const char * OIC_JSON_SERVICE_TYPE;
+extern const char * OIC_JSON_SUPPORTED_CRED_TYPE_NAME;
extern OicUuid_t WILDCARD_SUBJECT_ID;
extern size_t WILDCARD_SUBJECT_ID_LEN;
typedef struct OicSecCred OicSecCred_t;
/**
- * @brief /oic/sec/credtype (Credential Type) data type.
- * Derived from OIC Security Spec /oic/sec/cred; see Spec for details.
- * 0: no security mode
- * 1: symmetric pair-wise key
- * 2: symmetric group key
- * 4: asymmetric key
- * 8: signed asymmetric key (aka certificate)
- * 16: PIN /password
- */
-typedef uint16_t OicSecCredType_t;
-
-/**
* Aid for assigning/testing vals with OicSecCredType_t.
* Example:
* OicSecCredType_t ct = PIN_PASSWORD | ASYMMETRIC_KEY;
ASYMMETRIC_KEY = (0x1 << 2),
SIGNED_ASYMMETRIC_KEY = (0x1 << 3),
PIN_PASSWORD = (0x1 << 4),
+ ASYMMETRIC_ENCRYPTION_KEY = (0x1 << 5),
} OSCTBitmask_t;
+/**
+ * @brief /oic/sec/credtype (Credential Type) data type.
+ * Derived from OIC Security Spec /oic/sec/cred; see Spec for details.
+ * 0: no security mode
+ * 1: symmetric pair-wise key
+ * 2: symmetric group key
+ * 4: asymmetric key
+ * 8: signed asymmetric key (aka certificate)
+ * 16: PIN /password
+ */
+typedef OSCTBitmask_t OicSecCredType_t;
+
typedef struct OicSecDoxm OicSecDoxm_t;
typedef enum OicSecDpm
OicSecOxm_t *oxm; // 1:R:M:N:UINT16
size_t oxmLen; // the number of elts in Oxm
OicSecOxm_t oxmSel; // 2:R/W:S:Y:UINT16
- bool owned; // 3:R:S:Y:Boolean
+ OicSecCredType_t sct; // 3:R:S:Y:oic.sec.credtype
+ bool owned; // 4:R:S:Y:Boolean
//TODO: Need more clarification on deviceIDFormat field type.
- //OicSecDvcIdFrmt_t deviceIDFormat; // 4:R:S:Y:UINT8
- OicUuid_t deviceID; // 5:R:S:Y:oic.uuid
- OicUuid_t owner; // 6:R:S:Y:oic.uuid
+ //OicSecDvcIdFrmt_t deviceIDFormat; // 5:R:S:Y:UINT8
+ OicUuid_t deviceID; // 6:R:S:Y:oic.uuid
+ OicUuid_t owner; // 7:R:S:Y:oic.uuid
// NOTE: we are using UUID for Owner instead of Svc type for mid-April
// SRM version only; this will change to Svc type for full implementation.
- //OicSecSvc_t Owner; // 5:R:S:Y:oic.sec.svc
+ //OicSecSvc_t devOwner; // 7:R:S:Y:oic.sec.svc
+ //OicSecSvc_t rOwner; // 8:R:S:Y:oic.sec.svc
//TODO change Owner type to oic.sec.svc
};
"/oic/d",
"/oic/p",
"/oic/res/types/d",
- "/oic/ad"
+ "/oic/ad",
+ "/oic/sec/amacl"
],
"perms": 2,
"ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="]
"sub": "Kg==",
"rsrc": [
"/oic/sec/doxm",
- "/oic/sec/pstat",
- "/oic/sec/acl",
- "/oic/sec/cred"
+ "/oic/sec/pstat"
],
- "perms": 7,
+ "perms": 2,
"ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="]
}
],
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "YWRtaW5EZXZpY2VVVUlEMA==",
"ownr": "YWRtaW5EZXZpY2VVVUlEMA=="
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "YWRtaW5EZXZpY2VVVUlE",
"ownr": "YWRtaW5EZXZpY2VVVUlE"
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": false,
"deviceid": "anVzdHdvcmtzRGV2VVVJRA=="
}
"doxm": {
"oxm": [0,2],
"oxmsel": 0,
+ "sct": 1,
"owned": false,
"deviceid": "cmFuZG9tUGluRGV2VVVJRA=="
}
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": false,
"deviceid": "MTExMTExMTExMTExMTExMQ=="
}
jsonObj = cJSON_GetObjectItem(jsonCred, OIC_JSON_CREDTYPE_NAME);
VERIFY_NON_NULL(TAG, jsonObj, ERROR);
VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR);
- cred->credType = jsonObj->valueint;
+ cred->credType = (OicSecCredType_t)jsonObj->valueint;
//PrivateData is mandatory for some of the credential types listed below.
jsonObj = cJSON_GetObjectItem(jsonCred, OIC_JSON_PRIVATEDATA_NAME);
&gOicSecDoxmJustWorks, /* uint16_t *oxm */
1, /* size_t oxmLen */
OIC_JUST_WORKS, /* uint16_t oxmSel */
+ SYMMETRIC_PAIR_WISE_KEY,/* OicSecCredType_t sct */
false, /* bool owned */
{.id = {0}}, /* OicUuid_t deviceID */
{.id = {0}}, /* OicUuid_t owner */
//OxmSel -- Mandatory
cJSON_AddNumberToObject(jsonDoxm, OIC_JSON_OXM_SEL_NAME, (int)doxm->oxmSel);
+ //sct -- Mandatory
+ cJSON_AddNumberToObject(jsonDoxm, OIC_JSON_SUPPORTED_CRED_TYPE_NAME, (int)doxm->sct);
+
//Owned -- Mandatory
cJSON_AddBoolToObject(jsonDoxm, OIC_JSON_OWNED_NAME, doxm->owned);
doxm->oxmSel = gDoxm->oxmSel;
}
+ //sct -- Mandatory
+ jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_SUPPORTED_CRED_TYPE_NAME);
+ if(jsonObj)
+ {
+ VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR);
+ doxm->sct = (OicSecCredType_t)jsonObj->valueint;
+ }
+ else // PUT/POST JSON may not have sct so set it to the gDoxm->sct
+ {
+ VERIFY_NON_NULL(TAG, gDoxm, ERROR);
+ doxm->sct = gDoxm->sct;
+ }
+
//Owned -- Mandatory
jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_OWNED_NAME);
if(jsonObj)
const char * OIC_JSON_PERIOD_NAME = "prd";
const char * OIC_JSON_PERIODS_NAME = "prds";
const char * OIC_JSON_RECURRENCES_NAME = "recurs";
+const char * OIC_JSON_SUPPORTED_CRED_TYPE_NAME = "sct";
OicUuid_t WILDCARD_SUBJECT_ID = {"*"};
size_t WILDCARD_SUBJECT_ID_LEN = 1;
#endif
- cred->credType = 1;
+ cred->credType = SYMMETRIC_PAIR_WISE_KEY;
cred->privateData.data = (char *)OICCalloc(1, strlen("My private Key11") + 1);
VERIFY_NON_NULL(TAG, cred->privateData.data, ERROR);
strcpy(cred->privateData.data, "My private Key11");
#if 0
cred->next->roleIdsLen = 0;
#endif
- cred->next->credType = 1;
+ cred->next->credType = SYMMETRIC_PAIR_WISE_KEY;
sz = strlen("My private Key21") + 1;
cred->next->privateData.data = (char *)OICCalloc(1, sz);
VERIFY_NON_NULL(TAG, cred->next->privateData.data, ERROR);
doxm->oxm[0] = OIC_JUST_WORKS;
doxm->oxmSel = OIC_JUST_WORKS;
+ doxm->sct = SYMMETRIC_PAIR_WISE_KEY;
doxm->owned = true;
//TODO: Need more clarification on deviceIDFormat field type.
//doxm.deviceIDFormat = URN;
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": false,
"deviceid": "MjIyMjIyMjIyMjIyMjIyMg=="
}
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MjIyMjIyMjIyMjIyMjIyMg==",
"ownr": "MjIyMjIyMjIyMjIyMjIyMg=="
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MTExMTExMTExMTExMTExMQ==",
"ownr": "YWRtaW5EZXZpY2VVVUlEAA=="
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MjIyMjIyMjIyMjIyMjIyMg==",
"ownr": "MjIyMjIyMjIyMjIyMjIyMg=="
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "MTExMTExMTExMTExMTExMQ==",
"ownr": "MjIyMjIyMjIyMjIyMjIyMg=="
"/oic/d",
"/oic/p",
"/oic/res/types/d",
- "/oic/ad"
+ "/oic/ad",
+ "/oic/sec/amacl"
],
"perms": 2,
"ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="]
"sub": "Kg==",
"rsrc": [
"/oic/sec/doxm",
- "/oic/sec/pstat",
- "/oic/sec/acl",
- "/oic/sec/cred"
+ "/oic/sec/pstat"
],
- "perms": 7,
+ "perms": 2,
"ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="]
}
],
"doxm": {
"oxm": [0],
"oxmsel": 0,
+ "sct": 1,
"owned": true,
"deviceid": "YWRtaW5EZXZpY2VVVUlEMA==",
"ownr": "YWRtaW5EZXZpY2VVVUlEMA=="
switch (choice){
case 1:
- cred.setCredentialType(choice);
+ cred.setCredentialType(static_cast<OicSecCredType_t>(choice));
choice = 0; //validation of the accepted choice.
break;
case 2:
pOwnedDevList[first]->getDeviceID();
std::cout << " and "<< pOwnedDevList[second]->getDeviceID() << std::endl;
- Credential cred(0,0);
+ Credential cred( NO_SECURITY_MODE ,0);
std::cout << "Please input credentials for selected devices: " << std::endl;
if (0 != InputCredentials(cred))
break;
pOwnedDevList[first]->getDeviceID();
std::cout << " and "<< pOwnedDevList[second]->getDeviceID() << std::endl;
- Credential cred(0,0);
+ Credential cred( NO_SECURITY_MODE, 0);
std::cout << "Please input credentials for selected devices: " << std::endl;
if (0 != InputCredentials(cred))
break;