From: Randeep Singh <randeep.s@samsung.com>
Date: Mon, 7 Nov 2016 04:34:37 +0000 (+0530)
Subject: Function to read Trust certificate chain from SVR
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=3e6afba27f9f4a963a695f87bf0cf70f731c0a2d;p=contrib%2Fiotivity.git

Function to read Trust certificate chain from SVR

Change-Id: Icfef62eca83a360dc73ecee3e3bbe7f8c5821d85
Signed-off-by: saurabh.s9 <saurabh.s9@samsung.com>
Signed-off-by: Randeep Singh <randeep.s@samsung.com>
Signed-off-by: Ashwini Kumar <k.ashwini@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/14031
Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org>
(cherry picked from commit de505627a5bec12a0fefc3d084286b70d9309d59)
Signed-off-by: Randeep Singh <randeep.s@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/13389
---

diff --git a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h
index 5e621bf..876dfd9 100644
--- a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h
+++ b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h
@@ -236,6 +236,16 @@ OCStackResult SRPSyncDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDisc
 OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev,
         OCProvisionResultCB resultCallback);
 
+/*
+ * Function to read Trust certificate chain from SVR.
+ * Caller must free when done using the returned trust certificate
+ * @param[in] credId CredId of trust certificate chain in SVR.
+ * @param[out] trustCertChain Trust certificate chain.
+ * @param[out] chainSize Size of trust certificate chain
+ * @return  OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult SRPReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                     size_t *chainSize);
 #ifdef __cplusplus
 }
 #endif
diff --git a/resource/csdk/security/provisioning/include/ocprovisioningmanager.h b/resource/csdk/security/provisioning/include/ocprovisioningmanager.h
index 7250d79..8ae5b57 100644
--- a/resource/csdk/security/provisioning/include/ocprovisioningmanager.h
+++ b/resource/csdk/security/provisioning/include/ocprovisioningmanager.h
@@ -452,6 +452,17 @@ OCStackResult OCProvisionTrustCertChain(void *ctx, OicSecCredType_t type, uint16
 OCStackResult OCSaveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
                                         OicEncodingType_t encodingType, uint16_t *credId);
 
+/*
+ * Function to read Trust certificate chain from SVR.
+ * Caller must free when done using the returned trust certificate
+ * @param[in] credId CredId of trust certificate chain in SVR.
+ * @param[out] trustCertChain Trust certificate chain.
+ * @param[out] chainSize Size of trust certificate chain
+ * @return  OC_STACK_OK in case of success and other value otherwise.
+ */
+OCStackResult OCReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                     size_t *chainSize);
+
 #endif // __WITH_DTLS__ || __WITH_TLS__
 
 
diff --git a/resource/csdk/security/provisioning/src/ocprovisioningmanager.c b/resource/csdk/security/provisioning/src/ocprovisioningmanager.c
index 8734cd1..88eeda3 100644
--- a/resource/csdk/security/provisioning/src/ocprovisioningmanager.c
+++ b/resource/csdk/security/provisioning/src/ocprovisioningmanager.c
@@ -310,6 +310,12 @@ OCStackResult OCGetACLResource(void* ctx, const OCProvisionDev_t *selectedDevice
     return SRPGetACLResource(ctx, selectedDeviceInfo, resultCallback);
 }
 
+
+OCStackResult OCReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                     size_t *chainSize)
+{
+    return SRPReadTrustCertChain(credId, trustCertChain, chainSize);
+}
 /**
  * function to provision credential to devices.
  *
diff --git a/resource/csdk/security/provisioning/src/secureresourceprovider.c b/resource/csdk/security/provisioning/src/secureresourceprovider.c
index 44e3eb4..9208420 100644
--- a/resource/csdk/security/provisioning/src/secureresourceprovider.c
+++ b/resource/csdk/security/provisioning/src/secureresourceprovider.c
@@ -2670,3 +2670,24 @@ OCStackResult SRPGetACLResource(void *ctx, const OCProvisionDev_t *selectedDevic
 
     return OC_STACK_OK;
 }
+
+OCStackResult SRPReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                     size_t *chainSize)
+{
+    OIC_LOG(DEBUG, TAG, "IN SRPReadTrustCertChain");
+
+    OCStackResult res = OC_STACK_ERROR;
+    int secureFlag = 0;
+    OicSecCred_t* credData = GetCredEntryByCredId(credId);
+    if(credData)
+    {
+        res = CredToCBORPayload((const OicSecCred_t*) credData, trustCertChain,
+                                chainSize, secureFlag);
+        if(OC_STACK_OK != res)
+        {
+            OIC_LOG(INFO, TAG, "CredToCBORPayload failed");
+        }
+    }
+    DeleteCredList(credData);
+    return res;
+}
diff --git a/resource/include/OCProvisioningManager.h b/resource/include/OCProvisioningManager.h
old mode 100755
new mode 100644
index 5fe59fe..78f4e00
--- a/resource/include/OCProvisioningManager.h
+++ b/resource/include/OCProvisioningManager.h
@@ -228,6 +228,18 @@ namespace OC
              */
             static OCStackResult saveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
                                         OicEncodingType_t encodingType, uint16_t *credId);
+
+
+            /**
+             * API to read Trust certificate chain from SVR.
+             * Caller must free when done using the returned trust certificate
+             * @param[in] credId CredId of trust certificate chain in SVR.
+             * @param[out] trustCertChain Trust certificate chain.
+             * @param[out] chainSize Size of trust certificate chain
+             * @return  OC_STACK_OK in case of success and other value otherwise.
+             */
+            static OCStackResult readTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                     size_t *chainSize);
 #endif // __WITH_DTLS__ || __WITH_TLS__
 
     };
diff --git a/resource/provisioning/examples/provisioningclient.cpp b/resource/provisioning/examples/provisioningclient.cpp
index ea3fed9..9f78e89 100644
--- a/resource/provisioning/examples/provisioningclient.cpp
+++ b/resource/provisioning/examples/provisioningclient.cpp
@@ -94,6 +94,7 @@ void printMenu()
 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
     std::cout << "  13. Save the Trust Cert. Chain into Cred of SVR"<<std::endl;
     std::cout << "  14. Provision the Trust Cert. Chain"<<std::endl;
+    std::cout << "  15. Read trust cert chain"<<std::endl;
 #endif // __WITH_DTLS__ || __WITH_TLS__
     std::cout << "  99. Exit loop"<<std::endl;
 }
@@ -1311,6 +1312,27 @@ int main(void)
                         }
                         break;
                     }
+                case 15:
+                    {
+                        if (0==g_credId)
+                        {
+                            std::cout<<"please save cert using option 13.";
+                        }
+                        else
+                        {
+                            uint8_t *trustCertChain = NULL;
+                            size_t chainSize = 0;
+                            if (OC_STACK_OK != OCSecure::readTrustCertChain(g_credId, &trustCertChain,&chainSize))
+                            {
+                                std::cout <<"issue in read trust chain"<< std::endl;
+                            }
+                            else
+                            {
+                                std::cout<<"size of cert : "<<chainSize<<std::endl;
+                            }
+                        }
+                        break;
+                    }
 #endif //__WITH_DTLS__ || __WITH_TLS__
                 case 99:
                 default:
diff --git a/resource/provisioning/src/OCProvisioningManager.cpp b/resource/provisioning/src/OCProvisioningManager.cpp
old mode 100755
new mode 100644
index 02f305a..931f0ec
--- a/resource/provisioning/src/OCProvisioningManager.cpp
+++ b/resource/provisioning/src/OCProvisioningManager.cpp
@@ -362,6 +362,25 @@ namespace OC
         }
         return result;
     }
+
+    OCStackResult OCSecure::readTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
+                                                 size_t *chainSize)
+    {
+        OCStackResult result;
+        auto cLock = OCPlatform_impl::Instance().csdkLock().lock();
+
+        if (cLock)
+        {
+            std::lock_guard<std::recursive_mutex> lock(*cLock);
+            result = OCReadTrustCertChain(credId, trustCertChain, chainSize);
+        }
+        else
+        {
+            oclog() <<"Mutex not found";
+            result = OC_STACK_ERROR;
+        }
+        return result;
+    }
 #endif // __WITH_DTLS__ || __WITH_TLS__
 
     void OCSecureResource::callbackWrapper(void* ctx, int nOfRes, OCProvisionResult_t *arr, bool hasError)