######################################################################
# easy-setup project build script
######################################################################
-import os
+import os.path
Import('env')
+easysetup_path = os.curdir
+
######################################################################
#building Resource client, resourceBroker and resourceCache
######################################################################
easy_setup_env.AppendUnique(CXXFLAGS = ['-Wall', '-std=c++0x'])
if target_os == 'linux':
- easy_setup_env.AppendUnique(LIBS = ['pthread'])
+ easy_setup_env.AppendUnique(LIBS = ['pthread', 'dl'])
if target_os in ['android']:
easy_setup_env.AppendUnique(LIBPATH = [env.get('BUILD_DIR')])
easy_setup_env.AppendUnique(RPATH = [env.get('BUILD_DIR')])
easy_setup_env.AppendUnique(CXXFLAGS = ['-pthread'])
easy_setup_env.PrependUnique(LIBS = ['oc', 'octbstack', 'oc_logger', 'pthread', 'connectivity_abstraction'])
+ if env.get('SECURED') == '1':
+ easy_setup_env.PrependUnique(LIBS = ['ocprovision', 'ocpmapi'])
if target_os == 'arduino':
easy_setup_env.AppendUnique(CPPPATH = [
- '../../resource/oc_logger/include',
- '../../resource/csdk/logger/include',
- '../../resource/csdk/stack/include',
- '../../extlibs/cjson',
+ env.get('SRC_DIR') + '/resource/c_common/oic_malloc/include',
+ env.get('SRC_DIR') + '/resource/oc_logger/include',
+ env.get('SRC_DIR') + '/resource/csdk/logger/include',
+ env.get('SRC_DIR') + '/resource/csdk/stack/include',
+ env.get('SRC_DIR') + '/extlibs/cjson',
'sdk/enrollee/arduino/wifi',
'sdk/enrollee/api',
'sdk/enrollee/src',
env.get('SRC_DIR') + '/resource/c_common/oic_malloc/include',
env.get('SRC_DIR') + '/resource/include',
env.get('SRC_DIR') + '/resource/csdk/logger/include',
- env.get('SRC_DIR') + '/resource/csdk/stack/include',
- env.get('SRC_DIR') + '/resource/csdk/logger/include',
+ env.get('SRC_DIR') + '/resource/csdk/stack/include',
+ env.get('SRC_DIR') + '/resource/csdk/logger/include',
env.get('SRC_DIR') + '/resource/csdk/security/include',
env.get('SRC_DIR') + '/extlibs/cjson',
- '/ser/sdk/common',
+ env.get('SRC_DIR') + '/extlibs/sqlite3',
+ '/sdk/common',
'sdk/mediator/include',
'sdk/mediator/src'])
+ if env.get('SECURED') == '1':
+ easy_setup_env.AppendUnique(CPPPATH = [
+ env.get('SRC_DIR') + '/resource/csdk/security/provisioning/include',
+ env.get('SRC_DIR') + '/resource/csdk/security/provisioning/include/internal',
+ env.get('SRC_DIR') + '/resource/csdk/security/provisioning/include/oxm'])
+
######################################################################
# Source files and Targets
'sdk/mediator/src/provisioning.cpp'])
easy_setup_env.InstallTarget(es_sdk_shared, 'libESSDK')
+print"easysetup_path %s" % easysetup_path
+
+es_src = None
+
if target_os == 'linux':
- es_sdk_shared = easy_setup_env.SharedLibrary('ESSDKLibrary',
- ['sdk/mediator/src/RemoteEnrollee.cpp',
- 'sdk/mediator/src/RemoteEnrolleeResource.cpp',
- 'sdk/mediator/src/EasySetup.cpp',
- 'sdk/mediator/src/prov_adapter.cpp',
- 'sdk/mediator/src/ESException.cpp',
- 'sdk/mediator/src/wifi_provisioning.cpp',
- 'sdk/mediator/src/provisioning.cpp'])
+ if env.get('SECURED') == '1':
+ env.AppendUnique(es_src = [os.path.join(easysetup_path, 'sdk/mediator/src/EnrolleeSecurity.cpp')])
+
+ es_common_src = ['sdk/mediator/src/RemoteEnrollee.cpp',
+ 'sdk/mediator/src/RemoteEnrolleeResource.cpp',
+ 'sdk/mediator/src/EasySetup.cpp',
+ 'sdk/mediator/src/prov_adapter.cpp',
+ 'sdk/mediator/src/ESException.cpp',
+ 'sdk/mediator/src/wifi_provisioning.cpp',
+ 'sdk/mediator/src/provisioning.cpp']
+
+ env.AppendUnique(es_src = es_common_src)
+
+ es_sdk_shared = easy_setup_env.SharedLibrary('ESSDKLibrary', env.get('es_src'))
easy_setup_env.InstallTarget(es_sdk_shared, 'libESSDK')
+print "Files path is %s" % env.get('es_src')
+
#Go to build sample apps
SConscript('sampleapp/SConscript')
env.get('SRC_DIR') + '/service/easy-setup/sdk/common'])
mediator_env.PrependUnique(LIBS = ['oc', 'octbstack', 'oc_logger', 'pthread', 'connectivity_abstraction', 'coap', 'ESSDKLibrary'])
+if env.get('SECURED') == '1':
+ mediator_env.PrependUnique(LIBS = ['ocpmapi', 'ocprovision'])
+
mediator = mediator_env.Program('mediator', 'mediator_cpp.cpp')
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#include <iostream>
+#include<stdio.h>
#include "oic_string.h"
#include "EasySetup.h"
#define ES_SAMPLE_APP_TAG "ES_SAMPLE_APP_TAG"
#define DECLARE_MENU(FUNC, ...) { #FUNC, FUNC }
+#define JSON_DB_PATH "./oic_svr_db_client.json"
+
using namespace OC;
using namespace OIC::Service;
static EnrolleeNWProvInfo netInfo;
static RemoteEnrollee::shared_ptr remoteEnrollee = nullptr;
+static std::string ipaddress, ssid, pwd;
+
struct CloseApp
{
};
easySetupIntance = EasySetup::getInstance();
- std::string ipaddress ("192.168.0.100");
- std::cout << "Enter the target enrollee ipv4 address ";
+ ipaddress = "192.168.0.150";
+ //std::cout << "Enter the target enrollee ipv4 address ";
- std::string ssid;
- std::cout << "Enter the ssid of the target Enrolleer ";
- std:: cin >> ssid;
+ ssid = "hello";
+ //std::cout << "Enter the ssid of the target Enrolleer ";
+ //std:: cin >> ssid;
- std::string pwd;
- std::cout << "Enter the pwd of the target Enrolleer ";
- std::cin >> pwd;
+ pwd = "helalalal";
+ //std::cout << "Enter the pwd of the target Enrolleer ";
+ //std::cin >> pwd;
netInfo.connType = CT_ADAPTER_IP;
netInfo.isSecured = false;
+ netInfo.needSecuredEasysetup = false;
OICStrcpy(netInfo.netAddressInfo.WIFI.ipAddress, IPV4_ADDR_SIZE - 1, ipaddress.c_str());
OICStrcpy(netInfo.netAddressInfo.WIFI.ssid, NET_WIFI_SSID_SIZE - 1, ssid.c_str());
OICStrcpy(netInfo.netAddressInfo.WIFI.pwd, NET_WIFI_PWD_SIZE - 1, pwd.c_str());
};
}
+static FILE* client_open(const char *UNUSED_PARAM, const char *mode)
+{
+ (void)UNUSED_PARAM;
+ return fopen(JSON_DB_PATH, mode);
+}
+
void configurePlatform()
{
+ OCPersistentStorage ps {client_open, fread, fwrite, fclose, unlink };
+
PlatformConfig config
{
- OC::ServiceType::InProc, ModeType::Client, "0.0.0.0", 0, OC::QualityOfService::LowQos
+ OC::ServiceType::InProc, ModeType::Both, "0.0.0.0", 0, OC::QualityOfService::LowQos, NULL
};
OCPlatform::Configure(config);
}
#ifndef ES_COMMON_H_
#define ES_COMMON_H_
+#include <string>
#ifndef WITH_ARDUINO
#include <memory>
#endif
#define OIC_STRING_MAX_VALUE 100
#define IPV4_ADDR_SIZE 16
#define IP_PORT 55555
-#define NET_WIFI_SSID_SIZE 16
-#define NET_WIFI_PWD_SIZE 16
+#define NET_WIFI_SSID_SIZE 100
+#define NET_WIFI_PWD_SIZE 100
/**
* @brief Mac address length for BT port
*/
typedef struct
{
- EnrolleeInfo netAddressInfo; /**< Enroller Network Info**/
- OCConnectivityType connType; /**< Connectivity Type**/
- bool isSecured; /**< Secure connection**/
+ EnrolleeInfo netAddressInfo; /**< Enroller Network Info**/
+ OCConnectivityType connType; /**< Connectivity Type**/
+ bool isSecured; /**< Secure connection**/
+ // TODO : Ideally isSecured should be renamed to needSecuredEasysetup.
+ // To provide backward compatibility to v1.0 release, a new variable is being added.
+ // If isSecured is not used by other applications, isSecured will be depricated.
+ bool needSecuredEasysetup; /**< Need of secure ownership transfer during easysetup**/
} EnrolleeNWProvInfo;
/**
*/
typedef void (*OCProvisioningStatusCB)(EasySetupInfo *easySetupInfo);
+#ifndef WITH_ARDUINO
+
namespace OIC
{
namespace Service
ES_PROVISIONED
} CurrentESState;
-#ifndef WITH_ARDUINO
+ typedef enum
+ {
+ ES_SEC_UNKNOWN = 0,
+ ES_SEC_OWNED,
+ ES_SEC_ACL_PROVISIONED,
+ ES_SEC_CREDS_PROVISIONED
+ } EnrolleeSecState;
+
+ /**
+ * Security Provisioning Status
+ */
+ typedef struct {
+ /// UUID of the target device
+ std::string devUUID;
+ /// EasySetup result
+ ESResult res;
+ } SecProvisioningResult;
+
+
+ /**
+ * Callback function definition for providing Enrollee security status .
+ */
+ typedef std::function< void(SecProvisioningResult) > EnrolleeSecStatusCb;
+
+ /**
+ * Callback definition to be invoked when the security stack expects a pin from application.
+ */
+ typedef std::function< void(std::string&) > SecurityPinCb;
+
+ /**
+ * Callback definition to be invoked when the stack expects a db path.
+ */
+ typedef std::function< void(std::string&) > SecProvisioningDbPathCb;
+
class ProvisioningStatus
{
public:
EasySetupState m_easySetupState;
EnrolleeNWProvInfo m_enrolleeNWProvInfo;
};
-#endif
-
}
}
+#endif //WITH_ARDUINO
-#endif
+#endif //ES_COMMON_H_
#include "resourceHandler.h"
#include "ocpayload.h"
+#include "oic_string.h"
+
/**
* @var ES_RH_TAG
* @brief Logging tag for module name.
{
sprintf(g_prov.tnn, "%s", tnn);
}
+ else
+ {
+ OC_LOG (ERROR, ES_RH_TAG, "value is not available");
+ }
OC_LOG_V(INFO, ES_RH_TAG, "g_prov.tnn %s", g_prov.tnn);
{
sprintf(g_prov.cd, "%s", cd);
}
+ else
+ {
+ OC_LOG (ERROR, ES_RH_TAG, "value is not available");
+ }
OC_LOG_V(INFO, ES_RH_TAG, "g_prov.cd %s", g_prov.cd);
namespace Service\r
{\r
class RemoteEnrolleeResource;\r
+ class EnrolleeSecurity;\r
\r
/**\r
* This class represents Remote Enrollee device instance.\r
typedef std::function< void(std::shared_ptr< EasySetupStatus >) >\r
EasySetupStatusCB;\r
\r
+#ifdef __WITH_DTLS__\r
+ /**\r
+ * Register Security status and other information callback handlers.\r
+ *\r
+ * @param enrolleeSecStatusCb Callback to get security status callbacks.\r
+ * @param secProvisioningDbCb Callback to be invoked when the stack expects a\r
+ * path for the provisioning db.\r
+ * @param securityPinCb Callback to get security pin during pin based ownership transfer.\r
+ *\r
+ * @throws InvalidParameterException If callback is an empty function or null.\r
+ * @throws ESBadRequestException If registration is already completed.\r
+ *\r
+ * @see SecProvisioningResult\r
+ */\r
+ ESResult registerSecurityCallbackHandler(EnrolleeSecStatusCb enrolleeSecStatusCb,\r
+ SecurityPinCb securityPinCb, SecProvisioningDbPathCb secProvisioningDbPathCb);\r
+#endif //__WITH_DTLS__\r
+\r
/**\r
* Register EasySetup status handler.\r
*\r
* @param callback Callback to get EasySetup status.\r
+ * @param secProvisioningDbCB Callback to be invoked when the stack expects a\r
+ * path for the provisioning db.\r
*\r
* @throws InvalidParameterException If callback is an empty function or null.\r
* @throws ESBadRequestException If registration is already completed.\r
*\r
* @see RemoteEnrollee\r
*/\r
- virtual void startProvisioning();\r
+ void startProvisioning();\r
\r
/**\r
* Stop provisioning process that is currently in progress.\r
*\r
* @throws BadRequestException If provisioning is not in progress.\r
*/\r
- virtual void stopProvisioning();\r
+ void stopProvisioning();\r
\r
/**\r
* Check if the Enrollee device provisioned.\r
*/\r
- virtual bool isEnrolleeProvisioned();\r
+ bool isEnrolleeProvisioned();\r
\r
/**\r
* Get the Provisioning information provided for the current Enrollee.\r
*\r
* @return EnrolleeNWProvInfo Provisioning information provided for the current Enrollee.\r
*/\r
- virtual EnrolleeNWProvInfo& getEnrolleeProvisioningInfo ();\r
+ EnrolleeNWProvInfo& getEnrolleeProvisioningInfo ();\r
\r
private:\r
std::shared_ptr< RemoteEnrolleeResource > m_remoteResource;\r
EasySetupStatusCB m_easySetupStatusCb;\r
+ EnrolleeSecStatusCb m_enrolleeSecStatusCb;\r
+ SecurityPinCb m_securityPinCb;\r
+ SecProvisioningDbPathCb m_secProvisioningDbPathCb;\r
EnrolleeNWProvInfo m_enrolleeNWProvInfo;\r
+ std::shared_ptr< EnrolleeSecurity > m_enrolleeSecurity;\r
CurrentESState m_currentESState;\r
+ bool m_needSecuredEasysetup;\r
\r
void provisioningStatusHandler (std::shared_ptr< ProvisioningStatus > provStatus);\r
};\r
--- /dev/null
+//******************************************************************\r
+//\r
+// Copyright 2015 Samsung Electronics All Rights Reserved.\r
+//\r
+//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\r
+//\r
+// Licensed under the Apache License, Version 2.0 (the "License");\r
+// you may not use this file except in compliance with the License.\r
+// You may obtain a copy of the License at\r
+//\r
+// http://www.apache.org/licenses/LICENSE-2.0\r
+//\r
+// Unless required by applicable law or agreed to in writing, software\r
+// distributed under the License is distributed on an "AS IS" BASIS,\r
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+// See the License for the specific language governing permissions and\r
+// limitations under the License.\r
+//\r
+//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\r
+\r
+#include "EnrolleeSecurity.h"\r
+#include "oxmjustworks.h"\r
+#include "oxmrandompin.h"\r
+#include "RemoteEnrolleeResource.h"\r
+#include "logger.h"\r
+#include "ESException.h"\r
+#include "oic_malloc.h"\r
+\r
+namespace OIC\r
+{\r
+ namespace Service\r
+ {\r
+ //TODO : Currently discovery timeout for owned and unowned devices is fixed as 5\r
+ // The value should be accepted from the application as a parameter during ocplatform\r
+ // config call\r
+ #define ES_SEC_DISCOVERY_TIMEOUT 5\r
+\r
+ EnrolleeSecurity::EnrolleeSecurity(\r
+ std::shared_ptr< RemoteEnrolleeResource > remoteEnrolleeResource,\r
+ std::string secDbPath)\r
+ {\r
+ m_enrolleeSecState = EnrolleeSecState::ES_SEC_UNKNOWN;\r
+\r
+ //Initializing the provisioning client stack using the db path provided by the\r
+ // application.\r
+ // Note : If the path is NULL or empty, the PDM.db should be present in the same path.\r
+ OCStackResult result = OCSecure::provisionInit(secDbPath);\r
+\r
+ if (result != OC_STACK_OK)\r
+ {\r
+ throw ESPlatformException(result);\r
+ }\r
+ }\r
+\r
+ ESResult EnrolleeSecurity::registerCallbackHandler(\r
+ EnrolleeSecStatusCb enrolleeSecStatusCb, SecurityPinCb securityPinCb,\r
+ SecProvisioningDbPathCb secProvisioningDbPathCb)\r
+\r
+ {\r
+ m_enrolleeSecStatusCb = enrolleeSecStatusCb;\r
+ m_securityPinCb = securityPinCb;\r
+ m_secProvisioningDbPathCb = secProvisioningDbPathCb;\r
+\r
+ return ES_ERROR;\r
+ }\r
+\r
+ std::shared_ptr< OC::OCSecureResource > EnrolleeSecurity::findEnrollee(std::string host,\r
+ DeviceList_t &list)\r
+ {\r
+ for (unsigned int i = 0; i < list.size(); i++)\r
+ {\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Device %d ID %s ", i + 1,\r
+ list[i]->getDeviceID().c_str());\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "From IP :%s", list[i]->getDevAddr().c_str());\r
+\r
+ if(list[i]->getDevAddr() == host)\r
+ {\r
+ return list[i];\r
+ }\r
+ }\r
+\r
+ return nullptr;\r
+ }\r
+\r
+ void EnrolleeSecurity::ownershipTransferCb(OC::PMResultList_t *result, int hasError)\r
+ {\r
+ if (hasError)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG,"Error!!! in OwnershipTransfer");\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(DEBUG, ENROLEE_SECURITY_TAG,"Transferred Ownership successfuly for device : ");\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "UUID : %s",result->at(0).deviceId.id);\r
+\r
+ delete result;\r
+\r
+ //TODO : Decide if we have to manage the owned/unowned devices.\r
+ //pOwnedDevList.push_back(pUnownedDevList[transferDevIdx]);\r
+ //pUnownedDevList.erase(pUnownedDevList.begin() + transferDevIdx);\r
+ }\r
+ }\r
+\r
+ /**\r
+ * Callback function for provisioning ACL, Credentials.\r
+ *\r
+ * @param[in] result Result list\r
+ * @param[in] hasError indicates if the result has error\r
+ */\r
+ void EnrolleeSecurity::provisionCb(OC::PMResultList_t *result, int hasError)\r
+ {\r
+ if (hasError)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Error in provisioning operation!");\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(DEBUG, ENROLEE_SECURITY_TAG, "Received provisioning results: ");\r
+ for (unsigned int i = 0; i < result->size(); i++)\r
+ {\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Result is = %d for device",result->at(i).res); OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "UUID : %s",result->at(0).deviceId.id);\r
+ }\r
+\r
+ delete result;\r
+ }\r
+ }\r
+\r
+ ESResult EnrolleeSecurity::performOwnershipTransfer()\r
+ {\r
+ ESResult res = ES_ERROR;\r
+\r
+ OC::DeviceList_t pUnownedDevList, pOwnedDevList;\r
+\r
+ pOwnedDevList.clear();\r
+ pUnownedDevList.clear();\r
+\r
+ OCStackResult result = OCSecure::discoverOwnedDevices(ES_SEC_DISCOVERY_TIMEOUT,\r
+ pOwnedDevList);\r
+ if (result != OC_STACK_OK)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Owned Discovery failed.");\r
+ res = ES_ERROR;\r
+\r
+ return res;\r
+ }\r
+ else if (pOwnedDevList.size())\r
+ {\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Found owned devices. Count =%d",\r
+ pOwnedDevList.size());\r
+ std::shared_ptr< OC::OCSecureResource > ownedDevice =\r
+ findEnrollee(\r
+ m_remoteEnrolleeResource->m_enrolleeNWProvInfo.netAddressInfo.WIFI.ipAddress,\r
+ pOwnedDevList);\r
+ if(ownedDevice)\r
+ {\r
+ res = ES_OK;\r
+ }\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "No Secure devices found.");\r
+ res = ES_ERROR;\r
+\r
+ return res;\r
+ }\r
+\r
+ result = OCSecure::discoverUnownedDevices(ES_SEC_DISCOVERY_TIMEOUT,\r
+ pUnownedDevList);\r
+ if (result != OC_STACK_OK)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "UnOwned Discovery failed.");\r
+ res = ES_ERROR;\r
+\r
+ return res;\r
+ }\r
+ else if (pUnownedDevList.size())\r
+ {\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Found Unowned devices. Count =%d",\r
+ pUnownedDevList.size());\r
+\r
+ std::shared_ptr< OC::OCSecureResource > unownedDevice =\r
+ findEnrollee(\r
+ m_remoteEnrolleeResource->m_enrolleeNWProvInfo.netAddressInfo.WIFI.ipAddress,\r
+ pUnownedDevList);\r
+ if (unownedDevice)\r
+ {\r
+ OTMCallbackData_t justWorksCBData;\r
+ justWorksCBData.loadSecretCB = LoadSecretJustWorksCallback;\r
+ justWorksCBData.createSecureSessionCB = CreateSecureSessionJustWorksCallback;\r
+ justWorksCBData.createSelectOxmPayloadCB = CreateJustWorksSelectOxmPayload;\r
+ justWorksCBData.createOwnerTransferPayloadCB =\r
+ CreateJustWorksOwnerTransferPayload;\r
+ OCSecure::setOwnerTransferCallbackData(OIC_JUST_WORKS, &justWorksCBData, NULL);\r
+\r
+ OC_LOG_V(DEBUG, ENROLEE_SECURITY_TAG, "Transfering ownership for : %s ",\r
+ unownedDevice->getDeviceID().c_str());\r
+\r
+ OC::ResultCallBack ownershipTransferCb = std::bind(\r
+ &EnrolleeSecurity::ownershipTransferCb, this, std::placeholders::_1,\r
+ std::placeholders::_2);\r
+\r
+ if (unownedDevice->doOwnershipTransfer(ownershipTransferCb) != OC_STACK_OK)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "OwnershipTransferCallback is failed");\r
+ res = ES_ERROR;\r
+ }\r
+ else\r
+ {\r
+ if(provisionCreds() == ES_OK)\r
+ {\r
+ OC_LOG(DEBUG, ENROLEE_SECURITY_TAG,\r
+ "provisionCreds success. Continuing with provisioning ACL");\r
+\r
+ if (provisionAcl() == ES_OK)\r
+ {\r
+ OC_LOG(DEBUG, ENROLEE_SECURITY_TAG,\r
+ "provisionAcl success.");\r
+\r
+ //returning success;\r
+ res = ES_OK;\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionAcl failed.");\r
+ res = ES_ERROR;\r
+ }\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionCreds failed.");\r
+ res = ES_ERROR;\r
+ }\r
+ }\r
+ }\r
+ }\r
+ else\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "No Secure devices found.");\r
+ res = ES_ERROR;\r
+\r
+ return res;\r
+ }\r
+\r
+ return res;\r
+ }\r
+\r
+ ESResult EnrolleeSecurity::provisionAcl()\r
+ {\r
+ // TODO : Currently device id is hardcoded, but this id has to be obtained from the\r
+ // application\r
+ OicSecAcl_t *acl = nullptr;\r
+\r
+ acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t));\r
+ if (nullptr == acl)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "Error while memory allocation");\r
+ return ES_ERROR;\r
+ }\r
+\r
+// std::cout << "Please input ACL for selected device: " << std::endl;\r
+// if (0 != InputACL(acl1))\r
+// {\r
+// break;\r
+// }\r
+\r
+ OC::ResultCallBack provisioningCb = std::bind(&EnrolleeSecurity::provisionCb, this,\r
+ std::placeholders::_1, std::placeholders::_2);\r
+\r
+ if (m_securedResource->provisionACL(acl, provisioningCb) != OC_STACK_OK)\r
+ {\r
+ OC_LOG(ERROR, ENROLEE_SECURITY_TAG, "provisionACL is failed");\r
+ }\r
+ return ES_ERROR;\r
+ }\r
+\r
+ ESResult EnrolleeSecurity::provisionCreds()\r
+ {\r
+// int devices[2];\r
+//\r
+// if (0 != readDeviceNumber(pOwnedDevList, 2, devices))\r
+// break;\r
+//\r
+// int first = devices[0];\r
+// int second = devices[1];\r
+//\r
+// std::cout << "Provision Credentials to devices: "\r
+// << pOwnedDevList[first]->getDeviceID();\r
+// std::cout << " and " << pOwnedDevList[second]->getDeviceID() << std::endl;\r
+//\r
+// Credential cred(NO_SECURITY_MODE, 0);\r
+// std::cout << "Please input credentials for selected devices: " << std::endl;\r
+// if (0 != InputCredentials(cred))\r
+// break;\r
+//\r
+// ask = 0;\r
+//\r
+// if (pOwnedDevList[first]->provisionCredentials(cred, *pOwnedDevList[second].get(),\r
+// provisionCB) != OC_STACK_OK)\r
+// {\r
+// ask = 1;\r
+// std::cout << "provisionCredentials is failed" << std::endl;\r
+// }\r
+ return ES_ERROR;\r
+ }\r
+ }\r
+}\r
--- /dev/null
+//******************************************************************\r
+//\r
+// Copyright 2015 Samsung Electronics All Rights Reserved.\r
+//\r
+//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\r
+//\r
+// Licensed under the Apache License, Version 2.0 (the "License");\r
+// you may not use this file except in compliance with the License.\r
+// You may obtain a copy of the License at\r
+//\r
+// http://www.apache.org/licenses/LICENSE-2.0\r
+//\r
+// Unless required by applicable law or agreed to in writing, software\r
+// distributed under the License is distributed on an "AS IS" BASIS,\r
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+// See the License for the specific language governing permissions and\r
+// limitations under the License.\r
+//\r
+//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=\r
+\r
+#ifndef ENROLLEE_SECURITY_H_\r
+#define ENROLLEE_SECURITY_H_\r
+\r
+#include <functional>\r
+\r
+#include "escommon.h"\r
+#include "OCProvisioningManager.h"\r
+\r
+namespace OIC\r
+{\r
+ namespace Service\r
+ {\r
+ #define ENROLEE_SECURITY_TAG "ENROLEE_SECURITY"\r
+\r
+ class RemoteEnrolleeResource;\r
+ class OCSecureResource;\r
+\r
+ /**\r
+ * This class contains the methods needed for security layer interaction.\r
+ *\r
+ * @see EnrolleeSecurity\r
+ */\r
+ class EnrolleeSecurity\r
+ {\r
+ public:\r
+ EnrolleeSecurity(std::shared_ptr< RemoteEnrolleeResource > remoteEnrolleeResource,\r
+ std::string secDbPath);\r
+\r
+ ESResult registerCallbackHandler(EnrolleeSecStatusCb enrolleeSecStatusCb,\r
+ SecurityPinCb securityPinCb, SecProvisioningDbPathCb secProvisioningDbPathCb);\r
+\r
+\r
+ ESResult performOwnershipTransfer();\r
+\r
+ ESResult provisionCreds();\r
+\r
+ ESResult provisionAcl();\r
+\r
+ private:\r
+ std::shared_ptr < RemoteEnrolleeResource > m_remoteEnrolleeResource;\r
+ EnrolleeSecStatusCb m_enrolleeSecStatusCb;\r
+ SecurityPinCb m_securityPinCb;\r
+ SecProvisioningDbPathCb m_secProvisioningDbPathCb;\r
+\r
+ EnrolleeSecState m_enrolleeSecState;\r
+ std::shared_ptr < OC::OCSecureResource > m_securedResource;\r
+\r
+ std::shared_ptr< OC::OCSecureResource > findEnrollee(std::string host,\r
+ OC::DeviceList_t &list);\r
+ void provisionCb(OC::PMResultList_t *result, int hasError);\r
+ void ownershipTransferCb(OC::PMResultList_t *result, int hasError);\r
+ };\r
+ }\r
+}\r
+\r
+#endif /* ENROLLEE_SECURITY_H_*/\r
+\r
#include "RemoteEnrolleeResource.h"\r
#include "ESException.h"\r
#include "logger.h"\r
+#ifdef __WITH_DTLS__\r
+#include "EnrolleeSecurity.h"\r
+#endif //__WITH_DTLS\r
\r
namespace OIC\r
{\r
m_enrolleeNWProvInfo(enrolleeNWProvInfo)\r
{\r
m_currentESState = CurrentESState::ES_UNKNOWN;\r
+ m_needSecuredEasysetup = enrolleeNWProvInfo.needSecuredEasysetup;\r
\r
OC_LOG ( DEBUG, ES_REMOTE_ENROLLEE_TAG, "Inside RemoteEnrollee constr");\r
- if (m_easySetupStatusCb)\r
- {\r
- throw ESBadRequestException("Callback handler already registered");\r
- }\r
}\r
\r
+#ifdef __WITH_DTLS__\r
+ ESResult RemoteEnrollee::registerSecurityCallbackHandler(\r
+ EnrolleeSecStatusCb enrolleeSecStatusCb, SecurityPinCb securityPinCb,\r
+ SecProvisioningDbPathCb secProvisioningDbPathCb)\r
+ {\r
+ // No need to check NULL for m_secProvisioningDbPathCB as this is not a mandatory\r
+ // callback function. If m_secProvisioningDbPathCB is NULL, provisioning manager\r
+ // in security layer will try to find the PDM.db file in the local path.\r
+ // If PDM.db is found, the provisioning manager operations will succeed.\r
+ // Otherwise all the provisioning manager operations will fail.\r
+ m_secProvisioningDbPathCb = secProvisioningDbPathCb;\r
+ m_enrolleeSecStatusCb = enrolleeSecStatusCb;\r
+ m_securityPinCb = securityPinCb;\r
+ return ES_OK;\r
+ }\r
+#endif //__WITH_DTLS__\r
+\r
void RemoteEnrollee::registerEasySetupStatusHandler(EasySetupStatusCB callback)\r
{\r
OC_LOG ( DEBUG, ES_REMOTE_ENROLLEE_TAG, "Entered registerStatusHandler");\r
{\r
m_easySetupStatusCb = callback;\r
\r
- m_remoteResource = std::make_shared< RemoteEnrolleeResource >(\r
- m_enrolleeNWProvInfo.netAddressInfo.WIFI.ipAddress,\r
- m_enrolleeNWProvInfo.connType);\r
+ m_remoteResource = std::make_shared< RemoteEnrolleeResource >(m_enrolleeNWProvInfo);\r
\r
m_remoteResource->constructResourceObject();\r
}\r
return;\r
}\r
\r
-\r
void RemoteEnrollee::startProvisioning()\r
{\r
OC_LOG(DEBUG,ES_REMOTE_ENROLLEE_TAG,"Entering startProvisioning");\r
{\r
m_currentESState = CurrentESState::ES_ONBOARDED;\r
\r
+#ifdef __WITH_DTLS__\r
+ if (m_needSecuredEasysetup && m_currentESState < CurrentESState::ES_OWNED)\r
+ {\r
+ //TODO : DBPath is passed empty as of now. Need to take dbpath from application.\r
+ m_enrolleeSecurity = std::make_shared <EnrolleeSecurity> (m_remoteResource, "");\r
+\r
+ m_enrolleeSecurity->registerCallbackHandler(m_enrolleeSecStatusCb,\r
+ m_securityPinCb, m_secProvisioningDbPathCb);\r
+\r
+ if (m_enrolleeSecurity->performOwnershipTransfer() == ES_ERROR)\r
+ {\r
+ std::shared_ptr< EasySetupStatus > easySetupStatus = nullptr;\r
+\r
+ easySetupStatus = std::make_shared < EasySetupStatus\r
+ > (DEVICE_NOT_OWNED, m_enrolleeNWProvInfo);\r
+ return;\r
+ }\r
+ }\r
+#endif\r
+\r
OC_LOG(DEBUG,ES_REMOTE_ENROLLEE_TAG,"Before ProvisionEnrollee");\r
\r
RemoteEnrolleeResource::ProvStatusCb provStatusCb = std::bind(\r
&RemoteEnrollee::provisioningStatusHandler, this, std::placeholders::_1);\r
\r
m_remoteResource->registerProvStatusCallback(provStatusCb);\r
- m_remoteResource->provisionEnrollee(m_enrolleeNWProvInfo);\r
+ m_remoteResource->provisionEnrollee();\r
}\r
}\r
\r
namespace Service\r
{\r
#define ES_REMOTE_ENROLLEE_TAG "ES_REMOTE_ENROLLEE"\r
- static const char ES_RES_URI[] = "/oic/prov";\r
- static const char ES_RES_TYPE[] = "oic.r.prov";\r
+ static const char ES_PROV_RES_URI[] = "/oic/prov";\r
+ static const char ES_PROV_RES_TYPE[] = "oic.r.prov";\r
\r
- RemoteEnrolleeResource::RemoteEnrolleeResource(const std::string& host,\r
- OCConnectivityType connectivityType) :\r
- m_host(host), m_connectivityType(connectivityType)\r
+ RemoteEnrolleeResource::RemoteEnrolleeResource(EnrolleeNWProvInfo enrolleeNWProvInfo)\r
{\r
-\r
+ m_enrolleeNWProvInfo = enrolleeNWProvInfo;\r
}\r
\r
void RemoteEnrolleeResource::onProvPostResource(const HeaderOptions& /*headerOptions*/,\r
OCRepresentation provisioningRepresentation;\r
\r
provisioningRepresentation.setValue(OC_RSRVD_ES_TNN,\r
- m_enrolleeNWProvInfo.netAddressInfo.WIFI.ssid);\r
+ std::string(m_enrolleeNWProvInfo.netAddressInfo.WIFI.ssid));\r
provisioningRepresentation.setValue(OC_RSRVD_ES_CD,\r
- m_enrolleeNWProvInfo.netAddressInfo.WIFI.pwd);\r
+ std::string(m_enrolleeNWProvInfo.netAddressInfo.WIFI.pwd));\r
\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "onProvResource : ssid - %s",\r
- m_enrolleeNWProvInfo.netAddressInfo.WIFI.ssid);\r
+ m_enrolleeNWProvInfo.netAddressInfo.WIFI.ssid);\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "onProvResource : pwd - %s",\r
- m_enrolleeNWProvInfo.netAddressInfo.WIFI.pwd);\r
+ m_enrolleeNWProvInfo.netAddressInfo.WIFI.pwd);\r
\r
m_ocResource->put(provisioningRepresentation, QueryParamsMap(),\r
std::function<\r
{\r
std::vector< std::string > m_if = { DEFAULT_INTERFACE };\r
- std::vector< std::string > m_resTypes = {ES_RES_TYPE};\r
+ std::vector< std::string > m_resTypes = {ES_PROV_RES_TYPE};\r
\r
\r
OC_LOG(DEBUG, ES_REMOTE_ENROLLEE_TAG, "Before OCPlatform::constructResourceObject");\r
\r
- OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "m_host = %s", m_host.c_str());\r
- OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "ES_RES_URI = %s", ES_RES_URI);\r
+ OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "m_host = %s",\r
+ m_enrolleeNWProvInfo.netAddressInfo.WIFI.ipAddress);\r
+ OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "ES_PROV_RES_URI = %s", ES_PROV_RES_URI);\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "m_connectivityType = %d",\r
- m_connectivityType);\r
+ m_enrolleeNWProvInfo.connType);\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "m_resTypes = %s",\r
- m_resTypes.at(0).c_str());\r
+ m_resTypes.at(0).c_str());\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "m_if = %s", m_if.at(0).c_str());\r
\r
std::string host;\r
- if(m_enrolleeNWProvInfo.isSecured)\r
+ if(m_enrolleeNWProvInfo.needSecuredEasysetup)\r
{\r
host.append("coaps://");\r
}\r
host.append("coap://");\r
}\r
\r
- if(m_connectivityType == CT_ADAPTER_IP)\r
+ if(m_enrolleeNWProvInfo.connType == CT_ADAPTER_IP)\r
{\r
- host.append(m_host);\r
- //TODO : If the target Enrollee is not a Arduino Wi-Fi device, then m_ocResource\r
- // will be discovered using findResource API of OCPlatform instead of using\r
- // constructResourceObject API. The port number thus will be found during\r
- // resource discovery instead of using 55555\r
+ // TODO : RemoteEnrollee is current handling easysetup on IP transport.\r
+ // WiFiRemoteEnrollee need to extend RemoteEnrollee for providing IP specific\r
+ // Enrollee easysetup.\r
+\r
+ host.append(m_enrolleeNWProvInfo.netAddressInfo.WIFI.ipAddress);\r
+ //TODO : If the target Enrollee is not a Arduino Wi-Fi device,\r
+ // then the port number will be found during resource discovery instead of\r
+ // using 55555\r
host.append(":55555");\r
}\r
\r
OC_LOG_V (DEBUG, ES_REMOTE_ENROLLEE_TAG, "HOST = %s", host.c_str());\r
\r
m_ocResource = OC::OCPlatform::constructResourceObject(host,\r
- ES_RES_URI,\r
- m_connectivityType,\r
+ ES_PROV_RES_URI,\r
+ m_enrolleeNWProvInfo.connType,\r
true,\r
m_resTypes,\r
m_if);\r
}\r
}\r
\r
- void RemoteEnrolleeResource::provisionEnrollee(const EnrolleeNWProvInfo& enrolleeNWProvInfo)\r
+ void RemoteEnrolleeResource::provisionEnrollee()\r
\r
{\r
if(m_ocResource == nullptr)\r
throw ESBadRequestException ("Resource is not initialized");\r
}\r
\r
- m_enrolleeNWProvInfo = enrolleeNWProvInfo;\r
OC::QueryParamsMap query;\r
OC::OCRepresentation rep;\r
\r
namespace Service\r
{\r
class OCResource;\r
+ class EnrolleeSecurity;\r
\r
/**\r
* This class contains the resource discovery methods.\r
*/\r
class RemoteEnrolleeResource\r
{\r
+ friend class EnrolleeSecurity;\r
+\r
public:\r
typedef std::shared_ptr< RemoteEnrolleeResource > Ptr;\r
\r
- typedef std::function< void(std::shared_ptr< ProvisioningStatus > provStatus) > ProvStatusCb;\r
+ typedef std::function< void(std::shared_ptr< ProvisioningStatus >) > ProvStatusCb;\r
\r
/**\r
* RemoteEnrolleeResource constructor\r
*\r
- * @param host Host information of the Enrollee device obtained from OnBoarding process.\r
- * @param connectivityType Connectivity type on which OnBoarding is performed\r
+ * @param enrolleeNWProvInfo Provisioning information for the Enrollee\r
*\r
* @throw ESBadRequestException is thrown if the parameters are invalid\r
*/\r
- RemoteEnrolleeResource(const std::string& host, OCConnectivityType connectivityType);\r
+ RemoteEnrolleeResource(EnrolleeNWProvInfo enrolleeNWProvInfo);\r
\r
~RemoteEnrolleeResource() = default;\r
\r
/**\r
* Function for provisioning of Remote Enrollee resource using the information provided.\r
*\r
- * @param enrolleeNWProvInfo Provisioning information for the Enrollee\r
- *\r
* @throws InvalidParameterException If cb is empty.\r
*/\r
- virtual void provisionEnrollee(const EnrolleeNWProvInfo& enrolleeNWProvInfo);\r
+ void provisionEnrollee();\r
\r
/**\r
* Function for unprovisioning of Remote Enrollee and bring to unprovisioned state\r
*\r
* @throws ESBadRequestException If device is not provisioned already.\r
*/\r
- virtual void unprovisionEnrollee();\r
+ void unprovisionEnrollee();\r
\r
\r
\r
private:\r
std::shared_ptr< OC::OCResource > m_ocResource;\r
std::mutex m_mutex;\r
- std::string m_host;\r
- OCConnectivityType m_connectivityType;\r
ProvStatusCb m_provStatusCb;\r
EnrolleeNWProvInfo m_enrolleeNWProvInfo;\r
\r