From: Randeep Singh Date: Thu, 28 Jul 2016 14:03:49 +0000 (+0530) Subject: Sync master with 1.1-rel X-Git-Tag: 1.2.0+RC1~168 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=72344ad0d6bf761dd65f7c9fe44922559b1bed2e;p=platform%2Fupstream%2Fiotivity.git Sync master with 1.1-rel Merged changes of: https://gerrit.iotivity.org/gerrit/#/c/9305/ https://gerrit.iotivity.org/gerrit/#/c/9317/ https://gerrit.iotivity.org/gerrit/#/c/9325/ https://gerrit.iotivity.org/gerrit/#/c/9327/ https://gerrit.iotivity.org/gerrit/#/c/9307/ https://gerrit.iotivity.org/gerrit/#/c/9385/ https://gerrit.iotivity.org/gerrit/#/c/9249/ https://gerrit.iotivity.org/gerrit/#/c/9417/ https://gerrit.iotivity.org/gerrit/#/c/9553/ https://gerrit.iotivity.org/gerrit/#/c/9457/ https://gerrit.iotivity.org/gerrit/#/c/9425/ Change-Id: I9b156226e7544ffb1bdc142c6c8fed87ff9b53b3 Signed-off-by: Randeep Singh Reviewed-on: https://gerrit.iotivity.org/gerrit/9839 Tested-by: jenkins-iotivity Reviewed-by: dongik Lee Reviewed-by: Jongmin Choi --- diff --git a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat index d498faa..5b9aff3 100644 Binary files a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat and b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.dat differ diff --git a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json index 9371a3c..09cc117 100644 --- a/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json +++ b/android/examples/provisioningclient/src/main/assets/oic_svr_db_client.json @@ -75,7 +75,7 @@ "sct": 1, "owned": true, "deviceuuid": "61646D69-6E44-6576-6963-655575696430", - "x.com.samsung.dpc": false, + "x.org.iotivity.dpc": false, "devowneruuid": "61646D69-6E44-6576-6963-655575696430", "rowneruuid": "61646D69-6E44-6576-6963-655575696430" } diff --git a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat index 983affd..13a3935 100644 Binary files a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat and b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.dat differ diff --git a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json index f3840be..28323b5 100644 --- a/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json +++ b/android/examples/simpleclient/src/main/assets/oic_svr_db_client.json @@ -77,7 +77,7 @@ "deviceuuid": "32323232-3232-3232-3232-323232323232", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "32323232-3232-3232-3232-323232323232", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat index 742069a..706a030 100644 Binary files a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat and b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.dat differ diff --git a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json index 6094a95..d36503a 100644 --- a/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json +++ b/android/examples/simpleserver/src/main/assets/oic_svr_db_server.json @@ -101,7 +101,7 @@ "deviceuuid": "31313131-3131-3131-3131-313131313131", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "31313131-3131-3131-3131-313131313131", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/csdk/security/include/internal/doxmresource.h b/resource/csdk/security/include/internal/doxmresource.h old mode 100644 new mode 100755 index d6f98af..f63a2b1 --- a/resource/csdk/security/include/internal/doxmresource.h +++ b/resource/csdk/security/include/internal/doxmresource.h @@ -72,11 +72,12 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, * @note Caller needs to invoke OCFree after done using the return pointer. * @param cborPayload is the payload of the cbor. * @param cborSize is the size of the cbor payload. Passed parameter should not be NULL. + * @param rwOnly indicates whether convertingpayload has all properties or read-write properties only. * * @return ::OC_STACK_OK for Success, otherwise some error value. */ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t * doxm, uint8_t **cborPayload, - size_t *cborSize); + size_t *cborSize, bool rwOnly); /** * This method returns the SRM device ID for this device. diff --git a/resource/csdk/security/include/internal/pstatresource.h b/resource/csdk/security/include/internal/pstatresource.h index a36d142..c603f34 100644 --- a/resource/csdk/security/include/internal/pstatresource.h +++ b/resource/csdk/security/include/internal/pstatresource.h @@ -50,7 +50,7 @@ OCStackResult DeInitPstatResource(); * @return ::OC_STACK_OK for Success, otherwise some error value. */ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **cborPayload, - size_t *cborSize); + size_t *cborSize, bool writableOnly); /** * This method converts cbor into PSTAT data. diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat index 75ef688..fbe36db 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json index ac98158..6dcbdbf 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json @@ -80,6 +80,6 @@ "owned": false, "deviceuuid": "646F6F72-4465-7669-6365-555549443030", "rowneruuid": "646F6F72-4465-7669-6365-555549443030", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false } } diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat index f5c6a1a..46eed49 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json index 8843b87..0bf4375 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json @@ -80,6 +80,6 @@ "owned": false, "deviceuuid": "6C696768-7444-6576-6963-655555494430", "rowneruuid": "6C696768-7444-6576-6963-655555494430", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false } } diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat index 9571397..ea814fd 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json index 90c4e3a..f13ed08 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json @@ -63,6 +63,6 @@ "deviceuuid": "61646D69-6E44-6576-6963-655575696430", "devowneruuid": "61646D69-6E44-6576-6963-655575696430", "rowneruuid": "61646D69-6E44-6576-6963-655575696430", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false } } \ No newline at end of file diff --git a/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c b/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c index dc7485d..bf040de 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c +++ b/resource/csdk/security/provisioning/ck_manager/sample/provisioningclient.c @@ -37,7 +37,11 @@ #define MAX_URI_LENGTH (64) #define MAX_PERMISSION_LENGTH (5) -#define MAX_ACL_LENGTH 100 +#define MAX_ACE_LENGTH (100) +#define MAX_INTERFACE_LENGTH (10) +#define MAX_RESOURCETYPE_LENGTH (10) +#define MAX_STRING_INPUT_BUFFER_SIZE (256) + #define CREATE (1) #define READ (2) #define UPDATE (4) @@ -65,29 +69,6 @@ typedef enum provisionCrlDone = 1 << 6 } StateManager; - -/** - * Perform cleanup for ACL - * @param[in] ACL - */ -static void deleteACL(OicSecAcl_t *acl) -{ - if (acl && MAX_ACL_LENGTH > acl->resourcesLen) - { - /* Clean Resources */ - for (size_t i = 0; i < (acl)->resourcesLen; i++) - { - OICFree((acl)->resources[i]); - } - OICFree((acl)->resources); - - /* Clean ACL node itself */ - OICFree((acl)); - - acl = NULL; - } -} - void deleteCrl(OicSecCrl_t *crl) { if (crl) @@ -179,9 +160,19 @@ static int InputACL(OicSecAcl_t *acl) char temp_id [UUID_LENGTH + 4] = {0,}; char temp_rsc[MAX_URI_LENGTH + 1] = {0,}; char temp_pms[MAX_PERMISSION_LENGTH + 1] = {0,}; + char input_buffer[MAX_STRING_INPUT_BUFFER_SIZE] = {0}; + OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t)); + if(!ace) + { + printf("Failed to memory allocation\n"); + return -1; + } + LL_APPEND(acl->aces, ace); + printf("******************************************************************************\n"); printf("-Set ACL policy for target device\n"); printf("******************************************************************************\n"); + //Set Subject. printf("-URN identifying the subject\n"); printf("ex) doorDeviceUUID00 (16 Numbers except to '-')\n"); @@ -208,62 +199,135 @@ static int InputACL(OicSecAcl_t *acl) printf("Invalid input\n"); return -1; } - acl->subject.id[j++] = temp_id[i]; + ace->subjectuuid.id[j++] = temp_id[i]; } } //Set Resource. printf("Num. of Resource : \n"); - ret = scanf("%zu", &acl->resourcesLen); - if(-1 == ret || MAX_ACL_LENGTH < acl->resourcesLen) + size_t inputLen = 0; + ret = scanf("%zu", &inputLen); + if(-1 == ret || MAX_ACE_LENGTH < inputLen) { printf("Error while input\n"); return -1; } printf("-URI of resource\n"); printf("ex) /a/light (Max_URI_Length: 64 Byte )\n"); - acl->resources = (char **)OICCalloc(acl->resourcesLen, sizeof(char *)); - if (NULL == acl->resources) - { - OIC_LOG(ERROR, TAG, "Error while memory allocation"); - return -1; - } - for (size_t i = 0; i < acl->resourcesLen; i++) + + for(size_t i = 0; i < inputLen; i++) { + OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t)); + if(!rsrc) + { + printf("Failed to memory allocation\n"); + return -1; + } + LL_APPEND(ace->resources, rsrc); + + //Input the resource URI for each resource printf("[%zu]Resource : ", i + 1); - char *ptr_tempRsc = NULL; - ret = scanf("%64ms", &ptr_tempRsc); + ret = scanf("%s", input_buffer); if (1==ret) { - OICStrcpy(temp_rsc, sizeof(temp_rsc), ptr_tempRsc); - OICFree(ptr_tempRsc); + rsrc->href = OICStrdup(input_buffer); + if(!rsrc->href) + { + printf("Failed to OICStrdup\n"); + return -1; + } } else { printf("Error while input\n"); return -1; } - acl->resources[i] = OICStrdup(temp_rsc); - if (NULL == acl->resources[i]) + //Input the interface name of resource + printf("Num. of Interface of [%s] (Max value : %d) : \n", rsrc->href, MAX_INTERFACE_LENGTH); + ret = scanf("%zu", &rsrc->interfaceLen); + if(-1 == ret || MAX_INTERFACE_LENGTH < rsrc->interfaceLen) + { + printf("Error while input\n"); + return -1; + } + + printf("-Interface of [%s] resource\n", rsrc->href); + printf("ex) oic.if.baseline (Max Length: 64 Byte )\n"); + rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char*)); + if(!rsrc->interfaces) { - OIC_LOG(ERROR, TAG, "Error while memory allocation"); + printf("Failed to memory allocation\n"); return -1; } + for(size_t j = 0; j < rsrc->interfaceLen; j++) + { + printf("Interface[%zu] : ", j + 1); + ret = scanf("%s", input_buffer); + if(1 == ret) + { + rsrc->interfaces[i] = OICStrdup(input_buffer); + if(!rsrc->interfaces[i]) + { + printf("Failed to OICStrdup\n"); + return -1; + } + } + else + { + printf("Error while input\n"); + return -1; + } + } + + //Input the resource type of resource + printf("Num. of ResourceType of [%s] (Max value : %d) : \n", rsrc->href, MAX_RESOURCETYPE_LENGTH); + ret = scanf("%zu", &rsrc->typeLen); + if(-1 == ret || MAX_RESOURCETYPE_LENGTH < rsrc->typeLen) + { + printf("Error while input\n"); + return -1; + } + + printf("-Resource Type of [%s] resource\n", rsrc->href); + printf("ex) oic.core (Max Length: 64 Byte )\n"); + rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char*)); + if(!rsrc->types) + { + printf("Failed to memory allocation\n"); + return -1; + } + for(size_t j = 0; j < rsrc->typeLen; j++) + { + printf("Resource type[%zu] : ", j + 1); + ret = scanf("%s", input_buffer); + if(1 == ret) + { + rsrc->types[i] = OICStrdup(input_buffer); + if(!rsrc->types[i]) + { + printf("Failed to OICStrdup\n"); + return -1; + } + } + else + { + printf("Error while input\n"); + return -1; + } + } } + // Set Permission do { printf("-Set the permission(C,R,U,D,N)\n"); printf("ex) CRUDN, CRU_N,..(5 Charaters)\n"); printf("Permission : "); - char *ptr_temp_pms = NULL; - ret = scanf("%5ms", &ptr_temp_pms); + ret = scanf("%s", &input_buffer); if(1 == ret) { - OICStrcpy(temp_pms, sizeof(temp_pms), ptr_temp_pms); - OICFree(ptr_temp_pms); - + OICStrcpy(temp_pms, sizeof(temp_pms), input_buffer); } else { @@ -271,36 +335,13 @@ static int InputACL(OicSecAcl_t *acl) return -1; } } - while (0 != CalculateAclPermission(temp_pms, &(acl->permission)) ); - // Set Rowner - printf("-URN identifying the rowner\n"); - printf("ex) lightDeviceUUID0 (16 Numbers except to '-')\n"); + while (0 != CalculateAclPermission(temp_pms, &(ace->permission)) ); - printf("Rowner : "); - char *ptr_temp_id = NULL; - ret = scanf("%19ms", &ptr_temp_id); - if (1 == ret) - { - OICStrcpy(temp_id, sizeof(temp_id), ptr_temp_id); - OICFree(ptr_temp_id); - } - else - { - printf("Error while input\n"); - return -1; - } - j = 0; - for (int k = 0; temp_id[k] != '\0'; k++) - { - if (DASH != temp_id[k]) - { - acl->rownerID.id[j++] = temp_id[k]; - } - } return 0; } + //FILE *client_fopen(const char *path, const char *mode) FILE *client_fopen(const char* UNUSED_PARAM , const char *mode) { @@ -481,10 +522,15 @@ static int InputCRL(OicSecCrl_t *crlRes) PRINT_BYTE_ARRAY("CRL:\n",crl); CHECK_CALL(SetCertificateRevocationList, &crl); crlRes->CrlData = crl; - crlRes->ThisUpdate.data = uint8ThisUpdateTime; + crlRes->ThisUpdate.data = OICStrdup(uint8ThisUpdateTime); crlRes->ThisUpdate.len = DATE_LENGTH; crlRes->CrlId = 1; + if(NULL == crlRes->ThisUpdate.data) + { + printf("OICStrdup failed\n"); + return PKI_MEMORY_ALLOC_FAILED; + } FUNCTION_CLEAR( //OICFree(crl.data); @@ -739,7 +785,8 @@ int main() } error: - deleteACL(gAcl); + DeleteACLList(gAcl); + deleteCrl(gCrl); OCDeleteDiscoveredDevices(pDeviceList); OCDeleteDiscoveredDevices(pOwnedList); diff --git a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat index 4cee10d..70e2b51 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat and b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json index 3de30a5..5ac89c0 100644 --- a/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json +++ b/resource/csdk/security/provisioning/ck_manager/unittest/test_data/CKMInfo.json @@ -80,6 +80,6 @@ "deviceuuid": "61646d69-6e44-6576-6963-655555494430", "devowneruuid": "61646d69-6e44-6576-6963-655555494430", "rowneruuid": "61646d69-6e44-6576-6963-655555494430", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false } } \ No newline at end of file diff --git a/resource/csdk/security/provisioning/include/internal/provisioningdatabasemanager.h b/resource/csdk/security/provisioning/include/internal/provisioningdatabasemanager.h index d37c48e..c7c9483 100644 --- a/resource/csdk/security/provisioning/include/internal/provisioningdatabasemanager.h +++ b/resource/csdk/security/provisioning/include/internal/provisioningdatabasemanager.h @@ -39,6 +39,16 @@ extern "C" { OCStackResult PDMInit(const char* dbPath); /** + * This method is used by provisioning manager to check whether device is stale or not with PDM. + * + * @param[in] uuid information about the target device's uuid. + * @param[out] result true in case device is stale. + * + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult PDMIsDeviceStale(const OicUuid_t *uuid, bool *result); + +/** * This method is used by provisioning manager to check duplication of device's Device ID with * provisioning database. * diff --git a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h index 5fbc284..8bc23eb 100644 --- a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h +++ b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h @@ -153,6 +153,22 @@ OCStackResult SRPRemoveDevice(void* ctx, OCProvisionResultCB resultCallback); /* +* Function to device revocation +* This function will remove credential of target device from all devices in subnet. +* +* @param[in] ctx Application context would be returned in result callback +* @param[in] pOwnedDevList List of owned devices +* @param[in] pTargetDev Device information to be revoked. +* @param[in] resultCallback callback provided by API user, callback will be called when +* credential revocation is finished. +* @return OC_STACK_OK in case of success and other value otherwise. +* If OC_STACK_OK is returned, the caller of this API should wait for callback. +* OC_STACK_CONTINUE means operation is success but no request is need to be initiated. +*/ +OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* pOwnedDevList, + const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback); + +/* * Function to sync-up credential and ACL of the target device. * This function will remove credential and ACL of target device from all devices in subnet. * diff --git a/resource/csdk/security/provisioning/include/ocprovisioningmanager.h b/resource/csdk/security/provisioning/include/ocprovisioningmanager.h index 155513e..dd6ac1d 100644 --- a/resource/csdk/security/provisioning/include/ocprovisioningmanager.h +++ b/resource/csdk/security/provisioning/include/ocprovisioningmanager.h @@ -202,7 +202,24 @@ OCStackResult OCRemoveDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery, const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback); -/** + +/* +* Function to device revocation +* This function will remove credential of target device from all devices in subnet. +* +* @param[in] ctx Application context would be returned in result callback +* @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds) +* @param[in] pTargetDev Device information to be revoked. +* @param[in] resultCallback callback provided by API user, callback will be called when +* credential revocation is finished. + * @return OC_STACK_OK in case of success and other value otherwise. +*/ +OCStackResult OCRemoveDeviceWithUuid(void* ctx, + unsigned short waitTimeForOwnedDeviceDiscovery, + const OicUuid_t* pTargetUuid, + OCProvisionResultCB resultCallback); + +/** * API to get status of all the devices in current subnet. The status include endpoint information * and doxm information which can be extracted duing owned and unowned discovery. Along with this * information. The API will provide information about devices' status @@ -213,8 +230,8 @@ OCStackResult OCRemoveDevice(void* ctx, * variables pOwnedDevList and pUnownedDevList. * * @param[in] waitime Wait time for the API. The wait time will be divided by 2, and half of wait time - * will be used for unowned discovery and remaining half for owned discovery. So the wait time should be - * equal to or more than 2. + * will be used for unowned discovery and remaining half for owned discovery. So the wait time should be + * equal to or more than 2. * @param[out] pOwnedDevList list of owned devices. * @param[out] pUnownedDevList list of unowned devices. * @return OC_STACK_OK in case of success and other value otherwise. @@ -253,7 +270,7 @@ void OCDeleteUuidList(OCUuidList_t* pList); * * @param pAcl Pointer to OicSecAcl_t structure. */ -void OCDeleteACLList(OicSecAcl_t* pAcl); +void OCDeleteACLList(OicSecAcl_t* pAcl); /** * This function deletes PDACL data. @@ -261,21 +278,21 @@ void OCDeleteACLList(OicSecAcl_t* pAcl); * @param pPdAcl Pointer to OicSecPdAcl_t structure. */ void OCDeletePdAclList(OicSecPdAcl_t* pPdAcl); - -#ifdef __WITH_X509__ -/** - * this function sends CRL information to resource. - * - * @param[in] ctx Application context would be returned in result callback. - * @param[in] selectedDeviceInfo Selected target device. - * @param[in] crl CRL to provision. - * @param[in] resultCallback callback provided by API user, callback will be called when provisioning - request recieves a response from resource server. - * @return OC_STACK_OK in case of success and other value otherwise. - */ -OCStackResult OCProvisionCRL(void* ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecCrl_t *crl, - OCProvisionResultCB resultCallback); -#endif // __WITH_X509__ + +#ifdef __WITH_X509__ +/** + * this function sends CRL information to resource. + * + * @param[in] ctx Application context would be returned in result callback. + * @param[in] selectedDeviceInfo Selected target device. + * @param[in] crl CRL to provision. + * @param[in] resultCallback callback provided by API user, callback will be called when provisioning + request recieves a response from resource server. + * @return OC_STACK_OK in case of success and other value otherwise. + */ +OCStackResult OCProvisionCRL(void* ctx, const OCProvisionDev_t *selectedDeviceInfo, OicSecCrl_t *crl, + OCProvisionResultCB resultCallback); +#endif // __WITH_X509__ #ifdef __cplusplus diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat index 62fd559..4b5b918 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json index a8414b7..6471926 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json @@ -79,7 +79,7 @@ "sct": 1, "owned": true, "deviceuuid": "61646D69-6E44-6576-6963-655575696430", - "x.com.samsung.dpc": false, + "x.org.iotivity.dpc": false, "devowneruuid": "61646D69-6E44-6576-6963-655575696430", "rowneruuid": "61646D69-6E44-6576-6963-655575696430" } diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat index b128c9c..c44c6b1 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json index bd12a6d..85c49cf 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_randompin_with_empty_deviceid.json @@ -105,6 +105,6 @@ "deviceuuid": "", "devowneruuid": "", "rowneruuid": "", - "x.com.samsung.dpc": true + "x.org.iotivity.dpc": true } } diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat index 08c7368..07b0d53 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json index 7809570..8c7f346 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json @@ -105,6 +105,6 @@ "deviceuuid": "6A757374-776F-726B-4465-765575696430", "devowneruuid": "", "rowneruuid": "6A757374-776F-726B-4465-765575696430", - "x.com.samsung.dpc": true + "x.org.iotivity.dpc": true } } diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat index bda680d..6935b9c 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json index a316ced..90b9534 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json @@ -105,6 +105,6 @@ "deviceuuid": "72616E64-5069-6E44-6576-557569643030", "devowneruuid": "", "rowneruuid": "72616E64-5069-6E44-6576-557569643030", - "x.com.samsung.dpc": true + "x.org.iotivity.dpc": true } } diff --git a/resource/csdk/security/provisioning/sample/provisioningclient.c b/resource/csdk/security/provisioning/sample/provisioningclient.c index a2dc06c..3a6d123 100644 --- a/resource/csdk/security/provisioning/sample/provisioningclient.c +++ b/resource/csdk/security/provisioning/sample/provisioningclient.c @@ -43,21 +43,22 @@ extern "C" // declaration(s) for provisioning client using C-level provisioning API // user input definition for main loop on provisioning client -#define _10_DISCOV_ALL_DEVS_ 10 -#define _11_DISCOV_UNOWN_DEVS_ 11 -#define _12_DISCOV_OWN_DEVS_ 12 -#define _20_REGIST_DEVS_ 20 -#define _30_PROVIS_PAIR_DEVS_ 30 -#define _31_PROVIS_CRED_ 31 -#define _32_PROVIS_ACL_ 32 -#define _33_PROVIS_DP_ 33 -#define _34_CHECK_LINK_STATUS_ 34 -#define _40_UNLINK_PAIR_DEVS_ 40 -#define _50_REMOVE_SELEC_DEV_ 50 -#define _51_RESET_SELEC_DEV_ 51 -#define _60_GET_CRED_ 60 -#define _61_GET_ACL_ 61 -#define _99_EXIT_PRVN_CLT_ 99 +#define _10_DISCOV_ALL_DEVS_ 10 +#define _11_DISCOV_UNOWN_DEVS_ 11 +#define _12_DISCOV_OWN_DEVS_ 12 +#define _20_REGIST_DEVS_ 20 +#define _30_PROVIS_PAIR_DEVS_ 30 +#define _31_PROVIS_CRED_ 31 +#define _32_PROVIS_ACL_ 32 +#define _33_PROVIS_DP_ 33 +#define _34_CHECK_LINK_STATUS_ 34 +#define _40_UNLINK_PAIR_DEVS_ 40 +#define _50_REMOVE_SELEC_DEV_ 50 +#define _51_REMOVE_DEV_WITH_UUID_ 51 +#define _52_RESET_SELEC_DEV_ 52 +#define _60_GET_CRED_ 60 +#define _61_GET_ACL_ 61 +#define _99_EXIT_PRVN_CLT_ 99 #define ACL_RESRC_MAX_NUM 16 #define ACL_RESRC_ARRAY_SIZE 3 //This value is used only for sample (not OCF spec) @@ -1046,6 +1047,45 @@ static int removeDevice(void) return 0; } +static int removeDeviceWithUuid(void) +{ + char strUuid[64] = {0}; + OicUuid_t revUuid; + printf("Input the UUID : "); + for(int ret=0; 1!=ret; ) + { + ret = scanf("%64s", strUuid); + for( ; 0x20<=getchar(); ); // for removing overflow garbages + // '0x20<=code' is character region + } + OCStackResult rst = ConvertStrToUuid(strUuid, &revUuid); + if(OC_STACK_OK != rst) + { + OIC_LOG_V(ERROR, TAG, "ConvertStrToUuid API error: %d", rst); + return -1; + } + + rst = OCRemoveDeviceWithUuid("RemoveDeviceWithUUID", DISCOVERY_TIMEOUT, &revUuid, removeDeviceCB); + if(OC_STACK_OK != rst) + { + OIC_LOG_V(ERROR, TAG, "OCRemoveDeviceWithUuid API error: %d", rst); + return -1; + } + + g_doneCB = false; + if(waitCallbackRet()) // input |g_doneCB| flag implicitly + { + OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid callback error"); + return -1; + } + + // display the removed result + printf(" > Removed %s Device\n", strUuid); + printf(" > Please Discover Owned Devices for the Registered Result, with [10|12] Menu\n"); + + return 0; +} + static int resetDevice(void) { // check |own_list| for removing device @@ -1181,7 +1221,7 @@ static OicSecAcl_t* createAcl(const int dev_num) goto CRACL_ERROR; } - printf(" Enter Accessed Resource[%d] Name: ", i+1); + printf(" Enter Accessed Resource[%d] Name: (e.g. /a/led)", i+1); for(int ret=0; 1!=ret; ) { ret = scanf("%128s", rsrc_in); // '128' is ACL_RESRC_MAX_LEN @@ -1200,7 +1240,7 @@ static OicSecAcl_t* createAcl(const int dev_num) int arrLen = 0; while(1) { - printf(" Enter Number of resource type for [%s]: ", rsrc_in); + printf(" Enter Number of resource type for [%s] : ", rsrc->href); for(int ret=0; 1!=ret; ) { ret = scanf("%d", &arrLen); @@ -1224,7 +1264,7 @@ static OicSecAcl_t* createAcl(const int dev_num) for(int i = 0; i < arrLen; i++) { - printf(" Enter ResourceType[%d] Name: ", i+1); + printf(" Enter ResourceType[%d] Name (e.g. core.led): ", i+1); for(int ret=0; 1!=ret; ) { ret = scanf("%128s", rsrc_in); // '128' is ACL_RESRC_MAX_LEN @@ -1241,7 +1281,7 @@ static OicSecAcl_t* createAcl(const int dev_num) while(1) { - printf(" Enter Number of interface name for [%s]: ", rsrc_in); + printf(" Enter Number of interface for [%s]: ", rsrc->href); for(int ret=0; 1!=ret; ) { ret = scanf("%d", &arrLen); @@ -1265,7 +1305,7 @@ static OicSecAcl_t* createAcl(const int dev_num) for(int i = 0; i < arrLen; i++) { - printf(" Enter ResourceType[%d] Name: ", i+1); + printf(" Enter Interface[%d] Name (e.g. oic.if.baseline): ", i+1); for(int ret=0; 1!=ret; ) { ret = scanf("%128s", rsrc_in); // '128' is ACL_RESRC_MAX_LEN @@ -1560,7 +1600,8 @@ static void printMenu(void) printf("** [E] REMOVE THE SELECTED DEVICE\n"); printf("** 50. Remove the Selected Device\n"); - printf("** 51. Reset the Selected Device\n\n"); + printf("** 51. Remove Device with UUID (UUID input is required)\n"); + printf("** 52. Reset the Selected Device\n\n"); printf("** [F] GET SECURITY RESOURCE FOR DEBUGGING ONLY\n"); printf("** 60. Get the Credential resources of the Selected Device\n"); @@ -1684,10 +1725,16 @@ int main() OIC_LOG(ERROR, TAG, "_50_REMOVE_SELEC_DEV_: error"); } break; - case _51_RESET_SELEC_DEV_: + case _51_REMOVE_DEV_WITH_UUID_: + if(removeDeviceWithUuid()) + { + OIC_LOG(ERROR, TAG, "_51_REMOVE_DEV_WITH_UUID_: error"); + } + break; + case _52_RESET_SELEC_DEV_: if(resetDevice()) { - OIC_LOG(ERROR, TAG, "_51_RESET_SELEC_DEV_: error"); + OIC_LOG(ERROR, TAG, "_52_RESET_SELEC_DEV_: error"); } break; case _60_GET_CRED_: diff --git a/resource/csdk/security/provisioning/src/ocprovisioningmanager.c b/resource/csdk/security/provisioning/src/ocprovisioningmanager.c index 488903d..85974cf 100644 --- a/resource/csdk/security/provisioning/src/ocprovisioningmanager.c +++ b/resource/csdk/security/provisioning/src/ocprovisioningmanager.c @@ -22,6 +22,7 @@ #include #include "ocprovisioningmanager.h" #include "pmutility.h" +#include "srmutility.h" #include "ownershiptransfermanager.h" #include "oic_malloc.h" #include "logger.h" @@ -304,6 +305,51 @@ error: return res; } +static OCStackResult RemoveDeviceInfoFromLocal(const OCProvisionDev_t* pTargetDev) +{ + // Remove credential of revoked device from SVR database + OCStackResult res = OC_STACK_ERROR; + const OicSecCred_t *cred = NULL; + cred = GetCredResourceData(&pTargetDev->doxm->deviceID); + if (cred == NULL) + { + OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to get credential of remove device."); + goto error; + } + + res = RemoveCredential(&cred->subject); + if (res != OC_STACK_RESOURCE_DELETED) + { + OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to remove credential."); + goto error; + } + + /** + * Change the device status as stale status. + * If all request are successed, this device information will be deleted. + */ + res = PDMSetDeviceStale(&pTargetDev->doxm->deviceID); + if (res != OC_STACK_OK) + { + OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to set device status as stale"); + goto error; + } + + // TODO: We need to add new mechanism to clean up the stale state of the device. + + //Close the DTLS session of the removed device. + CAEndpoint_t* endpoint = (CAEndpoint_t *)&pTargetDev->endpoint; + endpoint->port = pTargetDev->securePort; + CAResult_t caResult = CACloseDtlsSession(endpoint); + if(CA_STATUS_OK != caResult) + { + OIC_LOG_V(WARNING, TAG, "OCRemoveDevice : Failed to close DTLS session : %d", caResult); + } + +error: + return res; +} + /* * Function to device revocation * This function will remove credential of target device from all devices in subnet. @@ -349,61 +395,138 @@ OCStackResult OCRemoveDevice(void* ctx, unsigned short waitTimeForOwnedDeviceDis } } - // Remove credential of revoked device from SVR database - const OicSecCred_t *cred = NULL; - cred = GetCredResourceData(&pTargetDev->doxm->deviceID); - if (cred == NULL) + res = RemoveDeviceInfoFromLocal(pTargetDev); + if(OC_STACK_OK != res) { - OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to get credential of remove device."); + OIC_LOG(ERROR, TAG, "Filed to remove the device information from local."); goto error; } - res = RemoveCredential(&cred->subject); - if (res != OC_STACK_RESOURCE_DELETED) + if(OC_STACK_CONTINUE == resReq) { - OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to remove credential."); - goto error; + /** + * If there is no linked device, PM does not send any request. + * So we should directly invoke the result callback to inform the result of OCRemoveDevice. + */ + if(resultCallback) + { + resultCallback(ctx, 0, NULL, false); + } + res = OC_STACK_OK; } - /** - * Change the device status as stale status. - * If all request are successed, this device information will be deleted. - */ - res = PDMSetDeviceStale(&pTargetDev->doxm->deviceID); - if (res != OC_STACK_OK) +error: + OIC_LOG(INFO, TAG, "OUT OCRemoveDevice"); + return res; +} + +/* +* Function to device revocation +* This function will remove credential of target device from all devices in subnet. +* +* @param[in] ctx Application context would be returned in result callback +* @param[in] waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device discovery.(seconds) +* @param[in] pTargetDev Device information to be revoked. +* @param[in] resultCallback callback provided by API user, callback will be called when +* credential revocation is finished. + * @return OC_STACK_OK in case of success and other value otherwise. +*/ +OCStackResult OCRemoveDeviceWithUuid(void* ctx, unsigned short waitTimeForOwnedDeviceDiscovery, + const OicUuid_t* pTargetUuid, + OCProvisionResultCB resultCallback) +{ + OIC_LOG(INFO, TAG, "IN OCRemoveDeviceWithUuid"); + OCStackResult res = OC_STACK_ERROR; + if (!pTargetUuid || 0 == waitTimeForOwnedDeviceDiscovery) { - OIC_LOG(ERROR, TAG, "OCRemoveDevice : Failed to set device status as stale"); - goto error; + OIC_LOG(INFO, TAG, "OCRemoveDeviceWithUuid : Invalied parameters"); + return OC_STACK_INVALID_PARAM; + } + if (!resultCallback) + { + OIC_LOG(INFO, TAG, "OCRemoveDeviceWithUuid : NULL Callback"); + return OC_STACK_INVALID_CALLBACK; } - // TODO: We need to add new mechanism to clean up the stale state of the device. + OCProvisionDev_t* pOwnedDevList = NULL; + //2. Find owned device from the network + res = PMDeviceDiscovery(waitTimeForOwnedDeviceDiscovery, true, &pOwnedDevList); + if (OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Failed to PMDeviceDiscovery"); + goto error; + } - res = resReq; + OCProvisionDev_t* pTargetDev = NULL; + LL_FOREACH(pOwnedDevList, pTargetDev) + { + if(memcmp(&pTargetDev->doxm->deviceID.id, pTargetUuid->id, sizeof(pTargetUuid->id)) == 0) + { + break; + } + } - //Close the DTLS session of the removed device. - CAEndpoint_t* endpoint = (CAEndpoint_t *)&pTargetDev->endpoint; - endpoint->port = pTargetDev->securePort; - CAResult_t caResult = CACloseDtlsSession(endpoint); - if(CA_STATUS_OK != caResult) + char* strUuid = NULL; + if(OC_STACK_OK != ConvertUuidToStr(pTargetUuid, &strUuid)) { - OIC_LOG_V(WARNING, TAG, "OCRemoveDevice : Failed to close DTLS session : %d", caResult); + OIC_LOG(WARNING, TAG, "Failed to covert UUID to String."); + goto error; } - /** - * If there is no linked device, PM does not send any request. - * So we should directly invoke the result callback to inform the result of OCRemoveDevice. - */ - if(OC_STACK_CONTINUE == res) + if(pTargetDev) { - if(resultCallback) + OIC_LOG_V(INFO, TAG, "[%s] is dectected on the network.", strUuid); + OIC_LOG_V(INFO, TAG, "Trying [%s] revocation.", strUuid); + + // Send DELETE requests to linked devices + OCStackResult resReq = OC_STACK_ERROR; // Check that we have to wait callback or not. + resReq = SRPRemoveDeviceWithoutDiscovery(ctx, pOwnedDevList, pTargetDev, resultCallback); + if (OC_STACK_OK != resReq) { - resultCallback(ctx, 0, NULL, false); + if (OC_STACK_CONTINUE == resReq) + { + OIC_LOG(DEBUG, TAG, "OCRemoveDeviceWithUuid : Revoked device has no linked device except PT."); + } + else + { + OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Failed to invoke SRPRemoveDevice"); + res = resReq; + OICFree(strUuid); + goto error; + } + } + + res = RemoveDeviceInfoFromLocal(pTargetDev); + if(OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "OCRemoveDeviceWithUuid : Filed to remove the device information from local."); + OICFree(strUuid); + goto error; + } + + if(OC_STACK_CONTINUE == resReq) + { + /** + * If there is no linked device, PM does not send any request. + * So we should directly invoke the result callback to inform the result of OCRemoveDevice. + */ + if(resultCallback) + { + resultCallback(ctx, 0, NULL, false); + } + res = OC_STACK_OK; } - res = OC_STACK_OK; + } + else + { + OIC_LOG_V(WARNING, TAG, "OCRemoveDeviceWithUuid : Failed to find the [%s] on the network.", strUuid); + res = OC_STACK_ERROR; } error: - OIC_LOG(INFO, TAG, "OUT OCRemoveDevice"); + OICFree(strUuid); + PMDeleteDeviceList(pOwnedDevList); + OIC_LOG(INFO, TAG, "OUT OCRemoveDeviceWithUuid"); return res; } diff --git a/resource/csdk/security/provisioning/src/ownershiptransfermanager.c b/resource/csdk/security/provisioning/src/ownershiptransfermanager.c index 9bdc2c5..296ce17 100644 --- a/resource/csdk/security/provisioning/src/ownershiptransfermanager.c +++ b/resource/csdk/security/provisioning/src/ownershiptransfermanager.c @@ -483,7 +483,7 @@ static OCStackApplicationResult OwnerTransferModeHandler(void *ctx, OCDoHandle U OTMContext_t* otmCtx = (OTMContext_t*)ctx; (void)UNUSED; - if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) + if (OC_STACK_RESOURCE_CHANGED == clientResponse->result) { OIC_LOG(INFO, TAG, "OwnerTransferModeHandler : response result = OC_STACK_OK"); //Send request : GET /oic/sec/pstat @@ -722,7 +722,7 @@ static OCStackApplicationResult OwnerCredentialHandler(void *ctx, OCDoHandle UNU OCStackResult res = OC_STACK_OK; OTMContext_t* otmCtx = (OTMContext_t*)ctx; - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { if(otmCtx && otmCtx->selectedDeviceInfo) { @@ -1208,7 +1208,7 @@ static OCStackResult PostOwnershipInformation(OTMContext_t* otmCtx) secPayload->base.type = PAYLOAD_TYPE_SECURITY; OCStackResult res = DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, - &secPayload->securityData, &secPayload->payloadSize); + &secPayload->securityData, &secPayload->payloadSize, true); if (OC_STACK_OK != res && NULL == secPayload->securityData) { OCPayloadDestroy((OCPayload *)secPayload); @@ -1262,7 +1262,7 @@ static OCStackResult PostUpdateOperationMode(OTMContext_t* otmCtx) } secPayload->base.type = PAYLOAD_TYPE_SECURITY; OCStackResult res = PstatToCBORPayload(deviceInfo->pstat, &secPayload->securityData, - &secPayload->payloadSize); + &secPayload->payloadSize, true); if (OC_STACK_OK != res) { OCPayloadDestroy((OCPayload *)secPayload); @@ -1410,9 +1410,31 @@ OCStackResult OTMDoOwnershipTransfer(void* ctx, } if (isDuplicate) { - OIC_LOG(ERROR, TAG, "OTMDoOwnershipTransfer : Device ID is duplicated"); - res = OC_STACK_INVALID_PARAM; - goto error; + bool isStale = false; + res = PDMIsDeviceStale(&pCurDev->doxm->deviceID, &isStale); + if(OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "Internal error in PDMIsDeviceStale"); + goto error; + } + if(isStale) + { + OIC_LOG(INFO, TAG, "Detected duplicated UUID in stale status, "\ + "this UUID will be removed from PDM"); + + res = PDMDeleteDevice(&pCurDev->doxm->deviceID); + if(OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "Internal error in PDMDeleteDevice"); + goto error; + } + } + else + { + OIC_LOG(ERROR, TAG, "OTMDoOwnershipTransfer : Device UUID is duplicated"); + res = OC_STACK_INVALID_PARAM; + goto error; + } } memcpy(otmCtx->ctxResultArray[devIdx].deviceId.id, pCurDev->doxm->deviceID.id, @@ -1453,7 +1475,7 @@ OCStackResult PostProvisioningStatus(OTMContext_t* otmCtx) } secPayload->base.type = PAYLOAD_TYPE_SECURITY; if (OC_STACK_OK != PstatToCBORPayload(otmCtx->selectedDeviceInfo->pstat, - &secPayload->securityData, &secPayload->payloadSize)) + &secPayload->securityData, &secPayload->payloadSize, true)) { OCPayloadDestroy((OCPayload *)secPayload); return OC_STACK_INVALID_JSON; @@ -1511,7 +1533,7 @@ OCStackResult PostNormalOperationStatus(OTMContext_t* otmCtx) } secPayload->base.type = PAYLOAD_TYPE_SECURITY; if (OC_STACK_OK != PstatToCBORPayload(otmCtx->selectedDeviceInfo->pstat, - &secPayload->securityData, &secPayload->payloadSize)) + &secPayload->securityData, &secPayload->payloadSize, true)) { OCPayloadDestroy((OCPayload *)secPayload); return OC_STACK_INVALID_JSON; diff --git a/resource/csdk/security/provisioning/src/oxmjustworks.c b/resource/csdk/security/provisioning/src/oxmjustworks.c index a0f1e96..d8518ff 100644 --- a/resource/csdk/security/provisioning/src/oxmjustworks.c +++ b/resource/csdk/security/provisioning/src/oxmjustworks.c @@ -43,7 +43,7 @@ OCStackResult CreateJustWorksSelectOxmPayload(OTMContext_t *otmCtx, uint8_t **pa *payload = NULL; *size = 0; - return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size); + return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true); } OCStackResult CreateJustWorksOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size) @@ -65,7 +65,7 @@ OCStackResult CreateJustWorksOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t *payload = NULL; *size = 0; - return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size); + return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true); } OCStackResult LoadSecretJustWorksCallback(OTMContext_t* UNUSED_PARAM) diff --git a/resource/csdk/security/provisioning/src/oxmrandompin.c b/resource/csdk/security/provisioning/src/oxmrandompin.c index 4efc238..d1cb7f5 100644 --- a/resource/csdk/security/provisioning/src/oxmrandompin.c +++ b/resource/csdk/security/provisioning/src/oxmrandompin.c @@ -47,7 +47,7 @@ OCStackResult CreatePinBasedSelectOxmPayload(OTMContext_t* otmCtx, uint8_t **pay otmCtx->selectedDeviceInfo->doxm->oxmSel = OIC_RANDOM_DEVICE_PIN; - return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size); + return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true); } OCStackResult CreatePinBasedOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t **payload, size_t *size) @@ -68,7 +68,7 @@ OCStackResult CreatePinBasedOwnerTransferPayload(OTMContext_t* otmCtx, uint8_t * } memcpy(otmCtx->selectedDeviceInfo->doxm->owner.id, uuidPT.id , UUID_LENGTH); - return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size); + return DoxmToCBORPayload(otmCtx->selectedDeviceInfo->doxm, payload, size, true); } OCStackResult InputPinCodeCallback(OTMContext_t *otmCtx) diff --git a/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c b/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c index 80b3eb2..1796ab0 100644 --- a/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c +++ b/resource/csdk/security/provisioning/src/provisioningdatabasemanager.c @@ -227,7 +227,7 @@ OCStackResult PDMAddDevice(const OicUuid_t *UUID) /** * Function to check whether device is stale or not */ -static OCStackResult isDeviceStale(const OicUuid_t *uuid, bool *result) +OCStackResult PDMIsDeviceStale(const OicUuid_t *uuid, bool *result) { if (NULL == uuid || NULL == result) { @@ -359,7 +359,7 @@ OCStackResult PDMLinkDevices(const OicUuid_t *UUID1, const OicUuid_t *UUID2) } bool result = false; - if (OC_STACK_OK != isDeviceStale(UUID1, &result)) + if (OC_STACK_OK != PDMIsDeviceStale(UUID1, &result)) { OIC_LOG(ERROR, TAG, "Internal error occured"); return OC_STACK_ERROR; @@ -370,7 +370,7 @@ OCStackResult PDMLinkDevices(const OicUuid_t *UUID1, const OicUuid_t *UUID2) return OC_STACK_INVALID_PARAM; } result = false; - if (OC_STACK_OK != isDeviceStale(UUID2, &result)) + if (OC_STACK_OK != PDMIsDeviceStale(UUID2, &result)) { OIC_LOG(ERROR, TAG, "Internal error occured"); return OC_STACK_ERROR; @@ -636,7 +636,7 @@ OCStackResult PDMGetLinkedDevices(const OicUuid_t *UUID, OCUuidList_t **UUIDLIST return OC_STACK_INVALID_PARAM; } bool result = false; - OCStackResult ret = isDeviceStale(UUID, &result); + OCStackResult ret = PDMIsDeviceStale(UUID, &result); if (OC_STACK_OK != ret) { OIC_LOG(ERROR, TAG, "Internal error occured"); @@ -802,7 +802,7 @@ OCStackResult PDMIsLinkExists(const OicUuid_t* uuidOfDevice1, const OicUuid_t* u } bool isStale = false; - if (OC_STACK_OK != isDeviceStale(uuidOfDevice1, &isStale)) + if (OC_STACK_OK != PDMIsDeviceStale(uuidOfDevice1, &isStale)) { OIC_LOG(ERROR, TAG, "uuidOfDevice1:Internal error occured"); return OC_STACK_ERROR; @@ -814,7 +814,7 @@ OCStackResult PDMIsLinkExists(const OicUuid_t* uuidOfDevice1, const OicUuid_t* u } isStale = false; - if (OC_STACK_OK != isDeviceStale(uuidOfDevice2, &isStale)) + if (OC_STACK_OK != PDMIsDeviceStale(uuidOfDevice2, &isStale)) { OIC_LOG(ERROR, TAG, "uuidOfDevice2:Internal error occured"); return OC_STACK_ERROR; diff --git a/resource/csdk/security/provisioning/src/secureresourceprovider.c b/resource/csdk/security/provisioning/src/secureresourceprovider.c index a51bd37..837f4bf 100644 --- a/resource/csdk/security/provisioning/src/secureresourceprovider.c +++ b/resource/csdk/security/provisioning/src/secureresourceprovider.c @@ -199,9 +199,9 @@ static OCStackApplicationResult provisionCredentialCB2(void *ctx, OCDoHandle UNU OIC_LOG(INFO, TAG, "provisionCredentialCB2 called"); if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - registerResultForCredProvisioning(credData, OC_STACK_RESOURCE_CREATED, 2); + registerResultForCredProvisioning(credData, OC_STACK_RESOURCE_CHANGED, 2); OCStackResult res = PDMLinkDevices(&credData->deviceInfo1->doxm->deviceID, &credData->deviceInfo2->doxm->deviceID); if (OC_STACK_OK != res) @@ -251,10 +251,10 @@ static OCStackApplicationResult provisionCredentialCB1(void *ctx, OCDoHandle UNU const OCProvisionResultCB resultCallback = credData->resultCallback; if (clientResponse) { - if (OC_STACK_RESOURCE_CREATED == clientResponse->result) + if (OC_STACK_RESOURCE_CHANGED == clientResponse->result) { // send credentials to second device - registerResultForCredProvisioning(credData, OC_STACK_RESOURCE_CREATED,1); + registerResultForCredProvisioning(credData, OC_STACK_RESOURCE_CHANGED,1); OCStackResult res = provisionCredentials(credInfo, deviceInfo, credData, provisionCredentialCB2); DeleteCredList(credInfo); @@ -435,9 +435,9 @@ static OCStackApplicationResult SRPProvisionCRLCB(void *ctx, OCDoHandle UNUSED, if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - registerResultForCRLProvisioning(crlData, OC_STACK_RESOURCE_CREATED); + registerResultForCRLProvisioning(crlData, OC_STACK_RESOURCE_CHANGED); ((OCProvisionResultCB)(resultCallback))(crlData->ctx, crlData->numOfResults, crlData->resArr, false); @@ -619,9 +619,9 @@ static OCStackApplicationResult provisionCertCB(void *ctx, OCDoHandle UNUSED, OIC_LOG(INFO, TAG, "provisionCertCred called"); if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - registerResultForCertProvisioning(certData, OC_STACK_RESOURCE_CREATED); + registerResultForCertProvisioning(certData, OC_STACK_RESOURCE_CHANGED); ((OCProvisionResultCB)(resultCallback))(certData->ctx, certData->numOfResults, certData->resArr, false); @@ -839,9 +839,9 @@ static OCStackApplicationResult SRPProvisionACLCB(void *ctx, OCDoHandle UNUSED, if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { - registerResultForACLProvisioning(aclData, OC_STACK_RESOURCE_CREATED); + registerResultForACLProvisioning(aclData, OC_STACK_RESOURCE_CHANGED); ((OCProvisionResultCB)(resultCallback))(aclData->ctx, aclData->numOfResults, aclData->resArr, false); @@ -969,7 +969,7 @@ static OCStackApplicationResult SRPProvisionDirectPairingCB(void *ctx, OCDoHandl if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { registerResultForDirectPairingProvisioning(pconfData, OC_STACK_OK); ((OCProvisionResultCB)(resultCallback))(pconfData->ctx, pconfData->numOfResults, @@ -1980,6 +1980,143 @@ error: } /* +* Function to device revocation +* This function will remove credential of target device from all devices in subnet. +* +* @param[in] ctx Application context would be returned in result callback +* @param[in] pOwnedDevList List of owned devices +* @param[in] pTargetDev Device information to be revoked. +* @param[in] resultCallback callback provided by API user, callback will be called when +* credential revocation is finished. +* @return OC_STACK_OK in case of success and other value otherwise. +* If OC_STACK_OK is returned, the caller of this API should wait for callback. +* OC_STACK_CONTINUE means operation is success but no request is need to be initiated. +*/ +OCStackResult SRPRemoveDeviceWithoutDiscovery(void* ctx, const OCProvisionDev_t* pOwnedDevList, + const OCProvisionDev_t* pTargetDev, OCProvisionResultCB resultCallback) +{ + OIC_LOG(INFO, TAG, "IN SRPRemoveDeviceWithoutDiscovery"); + + if (!pTargetDev || !pOwnedDevList) + { + OIC_LOG(INFO, TAG, "SRPRemoveDeviceWithoutDiscovery : NULL parameters"); + return OC_STACK_INVALID_PARAM; + } + if (!resultCallback) + { + OIC_LOG(INFO, TAG, "SRPRemoveDeviceWithoutDiscovery : NULL Callback"); + return OC_STACK_INVALID_CALLBACK; + } + + // Declare variables in here to handle error cases with goto statement. + OCProvisionDev_t* pLinkedDevList = NULL; + RemoveData_t* removeData = NULL; + + //1. Find all devices that has a credential of the revoked device + OCUuidList_t* pLinkedUuidList = NULL; + size_t numOfDevices = 0; + OCStackResult res = OC_STACK_ERROR; + res = PDMGetLinkedDevices(&pTargetDev->doxm->deviceID, &pLinkedUuidList, &numOfDevices); + if (OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : Failed to get linked devices information"); + return res; + } + // if there is no related device, we can skip further process. + if (0 == numOfDevices) + { + OIC_LOG(DEBUG, TAG, "SRPRemoveDeviceWithoutDiscovery : No linked device found."); + res = OC_STACK_CONTINUE; + goto error; + } + + //2. Make a list of devices to send DELETE credential request + // by comparing owned devices from provisioning database with mutlicast discovery result. + size_t numOfLinkedDev = 0; + res = GetListofDevToReqDeleteCred(pTargetDev, pOwnedDevList, pLinkedUuidList, + &pLinkedDevList, &numOfLinkedDev); + if (OC_STACK_OK != res) + { + OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : GetListofDevToReqDeleteCred() failed"); + goto error; + } + if (0 == numOfLinkedDev) // This case means, there is linked device but it's not alive now. + { // So we don't have to send request message. + OIC_LOG(DEBUG, TAG, "SRPRemoveDeviceWithoutDiscovery : No alived & linked device found."); + res = OC_STACK_CONTINUE; + goto error; + } + + // 3. Prepare RemoveData Context data. + removeData = (RemoveData_t*)OICCalloc(1, sizeof(RemoveData_t)); + if (!removeData) + { + OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : Failed to memory allocation"); + res = OC_STACK_NO_MEMORY; + goto error; + } + + removeData->revokeTargetDev = PMCloneOCProvisionDev(pTargetDev); + if (!removeData->revokeTargetDev) + { + OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : PMCloneOCProvisionDev Failed"); + res = OC_STACK_NO_MEMORY; + goto error; + } + + removeData->removeRes = + (OCProvisionResult_t*)OICCalloc(numOfLinkedDev, sizeof(OCProvisionResult_t)); + if (!removeData->removeRes) + { + OIC_LOG(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : Failed to memory allocation"); + res = OC_STACK_NO_MEMORY; + goto error; + } + + removeData->ctx = ctx; + removeData->linkedDevList = pLinkedDevList; + removeData->resultCallback = resultCallback; + removeData->numOfResults = 0; + removeData->sizeOfResArray = numOfLinkedDev; + removeData->hasError = false; + + // 5. Send DELETE credential request to linked devices. + OCProvisionDev_t *curDev = NULL, *tmpDev = NULL; + OCStackResult totalRes = OC_STACK_ERROR; /* variable for checking request is sent or not */ + LL_FOREACH_SAFE(pLinkedDevList, curDev, tmpDev) + { + res = SendDeleteCredentialRequest((void*)removeData, &SRPRemoveDeviceCB, + removeData->revokeTargetDev, curDev); + if (OC_STACK_OK != res) + { + OIC_LOG_V(ERROR, TAG, "SRPRemoveDeviceWithoutDiscovery : Fail to send the DELETE credential request to\ + %s:%u", curDev->endpoint.addr, curDev->endpoint.port); + } + else + { + totalRes = OC_STACK_OK; // This means at least one request is successfully sent. + } + } + + PDMDestoryOicUuidLinkList(pLinkedUuidList); //TODO: Modify API name to have unified convention. + OIC_LOG(INFO, TAG, "OUT SRPRemoveDeviceWithoutDiscovery"); + + return totalRes; // Caller of this API should wait callback if totalRes == OC_STACK_OK. + +error: + PDMDestoryOicUuidLinkList(pLinkedUuidList); + PMDeleteDeviceList(pLinkedDevList); + if (removeData) + { + OICFree(removeData->revokeTargetDev); + OICFree(removeData->removeRes); + OICFree(removeData); + } + OIC_LOG(INFO, TAG, "OUT ERROR case SRPRemoveDeviceWithoutDiscovery"); + return res; +} + +/* * Function to sync-up credential and ACL of the target device. * This function will remove credential and ACL of target device from all devices in subnet. * @@ -2171,11 +2308,11 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, return OC_STACK_NO_MEMORY; } - pstat->cm = (OicSecDpm_t) 1; - pstat->isOp = 0; + pstat->cm = RESET; + pstat->isOp = false; memcpy(pstat->deviceID.id, pTargetDev->doxm->deviceID.id, sizeof(OicUuid_t)); - pstat->tm = (OicSecDpm_t) 2; - pstat->om = (OicSecDpom_t) 0; + pstat->tm = TAKE_OWNER; + pstat->om = (OicSecDpom_t)(SINGLE_SERVICE_SERVER_DRIVEN | MULTIPLE_SERVICE_CLIENT_DRIVEN); pstat->smLen = 1; pstat->sm = (OicSecDpom_t *) OICCalloc(pstat->smLen, sizeof(OicSecDpom_t)); if (NULL == pstat->sm) @@ -2184,7 +2321,7 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, OICFree(pstat); return OC_STACK_NO_MEMORY; } - pstat->sm[0] = (OicSecDpom_t) 3; + pstat->sm[0] = (OicSecDpom_t)(SINGLE_SERVICE_SERVER_DRIVEN | MULTIPLE_SERVICE_CLIENT_DRIVEN); OCSecurityPayload * secPayload = (OCSecurityPayload *) OICCalloc(1, sizeof(OCSecurityPayload)); if (!secPayload) @@ -2196,7 +2333,7 @@ OCStackResult SRPResetDevice(const OCProvisionDev_t* pTargetDev, secPayload->base.type = PAYLOAD_TYPE_SECURITY; if (OC_STACK_OK != PstatToCBORPayload(pstat, &(secPayload->securityData), - &(secPayload->payloadSize))) + &(secPayload->payloadSize), true)) { OCPayloadDestroy((OCPayload *) secPayload); OIC_LOG(ERROR, TAG, "Failed to PstatToCBORPayload"); diff --git a/resource/csdk/security/provisioning/unittest/ocprovisioningmanager.cpp b/resource/csdk/security/provisioning/unittest/ocprovisioningmanager.cpp index ca91b31..9d971c9 100644 --- a/resource/csdk/security/provisioning/unittest/ocprovisioningmanager.cpp +++ b/resource/csdk/security/provisioning/unittest/ocprovisioningmanager.cpp @@ -139,13 +139,21 @@ TEST(OCUnlinkDevicesTest, SamelDeviceId) EXPECT_EQ(OC_STACK_INVALID_PARAM, OCUnlinkDevices(NULL,&pDev1, &pDev1, &provisioningCB)); } - TEST(OCRemoveDeviceTest, NullTargetDevice) { unsigned short waitTime = 10 ; EXPECT_EQ(OC_STACK_INVALID_PARAM, OCRemoveDevice(NULL, waitTime, NULL, provisioningCB)); } +TEST(OCRemoveDeviceWithUuidTest, NullTargetDevice) +{ + unsigned short waitTime = 10 ; + OicUuid_t uuid; + EXPECT_EQ(OC_STACK_INVALID_PARAM, OCRemoveDeviceWithUuid(NULL, waitTime, NULL, provisioningCB)); + + EXPECT_EQ(OC_STACK_INVALID_CALLBACK, OCRemoveDeviceWithUuid(NULL, waitTime, &uuid, NULL)); +} + TEST(OCRemoveDeviceTest, NullResultCallback) { unsigned short waitTime = 10; diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c index b6d148b..3aaefeb 100644 --- a/resource/csdk/security/src/aclresource.c +++ b/resource/csdk/security/src/aclresource.c @@ -49,10 +49,10 @@ #define NUMBER_OF_DEFAULT_SEC_RSCS 2 #define STRING_UUID_SIZE (UUID_LENGTH * 2 + 5) -static const uint8_t ACL_MAP_SIZE = 2; +static const uint8_t ACL_MAP_SIZE = 4; static const uint8_t ACL_ACLIST_MAP_SIZE = 1; static const uint8_t ACL_ACES_MAP_SIZE = 3; -static const uint8_t ACL_RESOURCE_MAP_SIZE = 4; +static const uint8_t ACL_RESOURCE_MAP_SIZE = 3; // CborSize is the default cbor payload size being used. @@ -396,7 +396,13 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz { CborEncoder rMap; - cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, ACL_RESOURCE_MAP_SIZE); + size_t rsrcMapSize = ACL_RESOURCE_MAP_SIZE; + if(rsrc->rel) + { + rsrcMapSize++; + } + + cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, rsrcMapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map."); //href -- Mandatory @@ -448,14 +454,6 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz cborEncoderResult = cbor_encode_text_string(&rMap, rsrc->rel, strlen(rsrc->rel)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value."); } - else - { - cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME, - strlen(OIC_JSON_REL_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag."); - cborEncoderResult = cbor_encode_text_string(&rMap, "", 0); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value."); - } cborEncoderResult = cbor_encoder_close_container(&resources, &rMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map."); @@ -566,6 +564,38 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz OICFree(rowner); } + //RT -- Mandatory + CborEncoder rtArray; + cborEncoderResult = cbor_encode_text_string(&aclMap, OIC_JSON_RT_NAME, + strlen(OIC_JSON_RT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag."); + cborEncoderResult = cbor_encoder_create_array(&aclMap, &rtArray, 1); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value."); + for (size_t i = 0; i < 1; i++) + { + cborEncoderResult = cbor_encode_text_string(&rtArray, OIC_RSRC_TYPE_SEC_ACL, + strlen(OIC_RSRC_TYPE_SEC_ACL)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding RT Value."); + } + cborEncoderResult = cbor_encoder_close_container(&aclMap, &rtArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing RT."); + + //IF-- Mandatory + CborEncoder ifArray; + cborEncoderResult = cbor_encode_text_string(&aclMap, OIC_JSON_IF_NAME, + strlen(OIC_JSON_IF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag."); + cborEncoderResult = cbor_encoder_create_array(&aclMap, &ifArray, 1); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value."); + for (size_t i = 0; i < 1; i++) + { + cborEncoderResult = cbor_encode_text_string(&ifArray, OC_RSRVD_INTERFACE_DEFAULT, + strlen(OC_RSRVD_INTERFACE_DEFAULT)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding IF Value."); + } + cborEncoderResult = cbor_encoder_close_container(&aclMap, &ifArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing IF."); + // Close ACL Map cborEncoderResult = cbor_encoder_close_container(&encoder, &aclMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACL Map."); @@ -1098,6 +1128,203 @@ exit: return false; } +static size_t GetNumberOfResource(OicSecRsrc_t* resources) +{ + size_t ret = 0; + if(resources) + { + OicSecRsrc_t* rsrc = NULL; + LL_FOREACH(resources, rsrc) + { + ret++; + } + } + return ret; +} + +static size_t GetNumberOfValidity(OicSecValidity_t* val) +{ + size_t ret = 0; + + if(val) + { + OicSecValidity_t* temp = NULL; + LL_FOREACH(val, temp) + { + ret++; + } + } + return ret; +} + + +static bool IsSameStringArray(char** strArr1, size_t strArr1Len, + char** strArr2, size_t strArr2Len) +{ + + if(NULL == strArr1 && NULL == strArr2) + { + return true; + } + + if(strArr1 && strArr2 && NULL == *strArr1 && NULL == *strArr2) + { + return true; + } + + if(strArr1 && strArr2) + { + if(*strArr1 && *strArr2 && strArr1Len == strArr2Len) + { + size_t matchedStr = 0; + for(size_t i = 0; i < strArr1Len; i++) + { + for(size_t j = 0; j < strArr2Len; j++) + { + if(strcmp(strArr1[i], strArr2[j]) == 0) + { + matchedStr++; + } + } + } + if(matchedStr == strArr1Len) + { + return true; + } + } + } + + return false; +} + +static bool IsSameResources(OicSecRsrc_t* resources1, OicSecRsrc_t* resources2) +{ + size_t numOfRsrc1 = 0; + size_t numOfRsrc2 = 0; + size_t numOfMatchedRsrc = 0; + OicSecRsrc_t* rsrc1 = NULL; + OicSecRsrc_t* rsrc2 = NULL; + + if(NULL == resources1 && NULL == resources2) + { + return true; + } + + if(resources1 && resources2) + { + numOfRsrc1 = GetNumberOfResource(resources1); + numOfRsrc2 = GetNumberOfResource(resources2); + + if(0 == numOfRsrc1 && 0 == numOfRsrc2) + { + return true; + } + + LL_FOREACH(resources1, rsrc1) + { + rsrc2 = NULL; + LL_FOREACH(resources2, rsrc2) + { + if(rsrc1 && rsrc2) + { + if(strcmp(rsrc1->href, rsrc2->href) == 0 && + IsSameStringArray(rsrc1->interfaces, rsrc1->interfaceLen, + rsrc2->interfaces, rsrc2->interfaceLen) && + IsSameStringArray(rsrc1->types, rsrc1->typeLen, + rsrc2->types, rsrc2->typeLen)) + { + // TODO: Update codes to compare 'rel' property + numOfMatchedRsrc++; + } + } + } + } + + if(numOfMatchedRsrc == numOfRsrc1) + { + return true; + } + } + + return false; +} + +static bool IsSameValidities(OicSecValidity_t* validities1, OicSecValidity_t* validities2) +{ + size_t numOfVal1 = 0; + size_t numOfVal2 = 0; + size_t numOfMatchedVal = 0; + OicSecValidity_t* val1 = NULL; + OicSecValidity_t* val2 = NULL; + + if(NULL == validities1 && NULL == validities2) + { + return true; + } + + if(validities1 && validities2) + { + numOfVal1 = GetNumberOfValidity(validities1); + numOfVal2 = GetNumberOfValidity(validities2); + if(0 == numOfVal1 && 0 == numOfVal2) + { + return true; + } + + if(numOfVal1 == numOfVal2) + { + LL_FOREACH(validities1, val1) + { + LL_FOREACH(validities2, val2) + { + if(strcmp(val1->period, val2->period) == 0 && + IsSameStringArray(val1->recurrences, val1->recurrenceLen, + val2->recurrences, val2->recurrenceLen)) + { + numOfMatchedVal++; + } + } + } + if(numOfVal1 == numOfMatchedVal) + { + return true; + } + } + } + + return false; +} + +static bool IsSameACE(OicSecAce_t* ace1, OicSecAce_t* ace2) +{ + if(ace1 && ace2) + { + if(memcmp(ace1->subjectuuid.id, ace2->subjectuuid.id, sizeof(ace1->subjectuuid.id)) != 0) + { + return false; + } + + if(false == IsSameResources(ace1->resources, ace2->resources)) + { + return false; + } + + if(ace1->permission != ace2->permission) + { + return false; + } + + if(false == IsSameValidities(ace1->validities, ace2->validities)) + { + return false; + } + + return true; + } + + return false; +} + static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *ehRequest) { OIC_LOG(INFO, TAG, "HandleACLGetRequest processing the request"); @@ -1179,6 +1406,8 @@ static OCEntityHandlerResult HandleACLGetRequest(const OCEntityHandlerRequest *e exit: // A device should always have a default acl. Therefore, payload should never be NULL. ehRet = (payload ? OC_EH_OK : OC_EH_ERROR); + OIC_LOG(DEBUG, TAG, "ACL payload with GET response"); + OIC_LOG_BUFFER(DEBUG, TAG, payload, size); //Send payload to request originator ehRet = ((SendSRMResponse(ehRequest, ehRet, payload, size)) == OC_STACK_OK) ? @@ -1193,38 +1422,77 @@ exit: static OCEntityHandlerResult HandleACLPostRequest(const OCEntityHandlerRequest *ehRequest) { OIC_LOG(INFO, TAG, "HandleACLPostRequest processing the request"); - OCEntityHandlerResult ehRet = OC_EH_ERROR; + OCEntityHandlerResult ehRet = OC_EH_OK; // Convert CBOR into ACL data and update to SVR buffers. This will also validate the ACL data received. uint8_t *payload = ((OCSecurityPayload *) ehRequest->payload)->securityData; size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize; if (payload) { - OicSecAcl_t *newAcl = CBORPayloadToAcl(payload, size); + OicSecAcl_t *newAcl = NULL; + OicSecAcl_t newAceList; + OIC_LOG(DEBUG, TAG, "ACL payload from POST request << "); + OIC_LOG_BUFFER(DEBUG, TAG, payload, size); + + newAcl = CBORPayloadToAcl(payload, size); if (newAcl) { - // Append the new ACL to existing ACL + bool isNewAce = true; + OicSecAce_t* existAce = NULL; OicSecAce_t* newAce = NULL; - OicSecAce_t* tempAce = NULL; - LL_FOREACH_SAFE(newAcl->aces, newAce, tempAce) + OicSecAce_t* tempAce1 = NULL; + OicSecAce_t* tempAce2 = NULL; + newAceList.aces = NULL; + + LL_FOREACH_SAFE(newAcl->aces, newAce, tempAce1) { - LL_APPEND(gAcl->aces, newAce); + isNewAce = true; + LL_FOREACH_SAFE(gAcl->aces, existAce, tempAce2) + { + if(IsSameACE(newAce, existAce)) + { + isNewAce = false; + } + } + if(isNewAce) + { + OIC_LOG(DEBUG, TAG, "NEW ACE dectected."); + + OicSecAce_t* insertAce = DuplicateACE(newAce); + if(insertAce) + { + OIC_LOG(DEBUG, TAG, "Appending new ACE.."); + LL_PREPEND(gAcl->aces, insertAce); + } + else + { + OIC_LOG(ERROR, TAG, "Failed to duplicate ACE."); + ehRet = OC_EH_ERROR; + } + } } - newAcl->aces = NULL; - size_t size = 0; - uint8_t *cborPayload = NULL; - if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size)) + DeleteACLList(newAcl); + + if(OC_EH_OK == ehRet) { - if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK) + size_t size = 0; + uint8_t *cborPayload = NULL; + if (OC_STACK_OK == AclToCBORPayload(gAcl, &cborPayload, &size)) { - ehRet = OC_EH_RESOURCE_CREATED; + if (UpdateSecureResourceInPS(OIC_JSON_ACL_NAME, cborPayload, size) == OC_STACK_OK) + { + ehRet = OC_EH_CHANGED; + } + OICFree(cborPayload); + } + + if(OC_EH_CHANGED != ehRet) + { + ehRet = OC_EH_ERROR; } - OICFree(cborPayload); } } - - DeleteACLList(newAcl); } //Send response to request originator diff --git a/resource/csdk/security/src/credresource.c b/resource/csdk/security/src/credresource.c index 724cde9..a8a1683 100644 --- a/resource/csdk/security/src/credresource.c +++ b/resource/csdk/security/src/credresource.c @@ -63,7 +63,7 @@ static const uint16_t CBOR_SIZE = 2048; static const uint16_t CBOR_MAX_SIZE = 4400; /** CRED size - Number of mandatory items. */ -static const uint8_t CRED_ROOT_MAP_SIZE = 2; +static const uint8_t CRED_ROOT_MAP_SIZE = 4; static const uint8_t CRED_MAP_SIZE = 3; @@ -337,6 +337,39 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload OICFree(rowner); } + //RT -- Mandatory + CborEncoder rtArray; + cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_RT_NAME, + strlen(OIC_JSON_RT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag."); + cborEncoderResult = cbor_encoder_create_array(&credRootMap, &rtArray, 1); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value."); + for (size_t i = 0; i < 1; i++) + { + cborEncoderResult = cbor_encode_text_string(&rtArray, OIC_RSRC_TYPE_SEC_CRED, + strlen(OIC_RSRC_TYPE_SEC_CRED)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding RT Value."); + } + cborEncoderResult = cbor_encoder_close_container(&credRootMap, &rtArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing RT."); + + //IF-- Mandatory + CborEncoder ifArray; + cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_IF_NAME, + strlen(OIC_JSON_IF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag."); + cborEncoderResult = cbor_encoder_create_array(&credRootMap, &ifArray, 1); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value."); + for (size_t i = 0; i < 1; i++) + { + cborEncoderResult = cbor_encode_text_string(&ifArray, OC_RSRVD_INTERFACE_DEFAULT, + strlen(OC_RSRVD_INTERFACE_DEFAULT)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding IF Value."); + } + cborEncoderResult = cbor_encoder_close_container(&credRootMap, &ifArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing IF."); + + // Close CRED Root Map cborEncoderResult = cbor_encoder_close_container(&encoder, &credRootMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing CRED Root Map."); @@ -1011,7 +1044,7 @@ static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * eh OIC_LOG(ERROR, TAG, "OwnerPSK was generated successfully."); if(OC_STACK_OK == AddCredential(cred)) { - ret = OC_EH_RESOURCE_CREATED; + ret = OC_EH_CHANGED; } else { @@ -1025,7 +1058,7 @@ static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * eh ret = OC_EH_ERROR; } - if(OC_EH_RESOURCE_CREATED == ret) + if(OC_EH_CHANGED == ret) { /** * in case of random PIN based OxM, @@ -1083,7 +1116,7 @@ static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * eh } } - if(OC_EH_RESOURCE_CREATED != ret) + if(OC_EH_CHANGED != ret) { /* * If some error is occured while ownership transfer, @@ -1114,7 +1147,7 @@ static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * eh * to it before getting appended to the existing credential * list and updating svr database. */ - ret = (OC_STACK_OK == AddCredential(cred))? OC_EH_RESOURCE_CREATED : OC_EH_ERROR; + ret = (OC_STACK_OK == AddCredential(cred))? OC_EH_CHANGED : OC_EH_ERROR; } #else //not __WITH_DTLS__ /* @@ -1123,11 +1156,11 @@ static OCEntityHandlerResult HandlePostRequest(const OCEntityHandlerRequest * eh * to it before getting appended to the existing credential * list and updating svr database. */ - ret = (OC_STACK_OK == AddCredential(cred))? OC_EH_RESOURCE_CREATED : OC_EH_ERROR; + ret = (OC_STACK_OK == AddCredential(cred))? OC_EH_CHANGED : OC_EH_ERROR; #endif//__WITH_DTLS__ } - if (OC_EH_RESOURCE_CREATED != ret) + if (OC_EH_CHANGED != ret) { if(OC_STACK_OK != RemoveCredential(&cred->subject)) { diff --git a/resource/csdk/security/src/directpairing.c b/resource/csdk/security/src/directpairing.c index 9670e67..e9e515f 100644 --- a/resource/csdk/security/src/directpairing.c +++ b/resource/csdk/security/src/directpairing.c @@ -338,7 +338,7 @@ static OCStackApplicationResult DirectPairingFinalizeHandler(void *ctx, OCDoHand if (clientResponse) { - if(OC_STACK_OK == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { // result OIC_LOG(INFO, TAG, "DirectPairingFinalizeHandler : success PUT" @@ -594,7 +594,7 @@ static OCStackApplicationResult DirectPairingHandler(void *ctx, OCDoHandle UNUSE if (clientResponse) { - if(OC_STACK_RESOURCE_CREATED == clientResponse->result) + if(OC_STACK_RESOURCE_CHANGED == clientResponse->result) { // result OIC_LOG(INFO, TAG, "DirectPairingHandler : success POST request to /oic/sec/dpairing"); diff --git a/resource/csdk/security/src/doxmresource.c b/resource/csdk/security/src/doxmresource.c index cafdd22..cc16a54 100644 --- a/resource/csdk/security/src/doxmresource.c +++ b/resource/csdk/security/src/doxmresource.c @@ -81,6 +81,14 @@ static OicSecDoxm_t gDefaultDoxm = {.id = {0}}, /* OicUuid_t rownerID */ }; +/** + * This method is internal method. + * the param roParsed is optionally used to know whether cborPayload has + * at least read only property value or not. + */ +static OCStackResult CBORPayloadToDoxmBin(const uint8_t *cborPayload, size_t size, + OicSecDoxm_t **doxm, bool *roParsed); + void DeleteDoxmBinData(OicSecDoxm_t* doxm) { if (doxm) @@ -100,7 +108,8 @@ void DeleteDoxmBinData(OicSecDoxm_t* doxm) } } -OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, size_t *size) +OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, size_t *size, + bool rwOnly) { if (NULL == doxm || NULL == payload || NULL != *payload || NULL == size) { @@ -159,7 +168,7 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz } //Oxm -- Not Mandatory - if (doxm->oxmLen > 0) + if (doxm->oxmLen > 0 && false == rwOnly) { CborEncoder oxm; cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OXMS_NAME, @@ -185,11 +194,14 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Sel Value."); //sct -- Mandatory - cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_SUPPORTED_CRED_TYPE_NAME, - strlen(OIC_JSON_SUPPORTED_CRED_TYPE_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Tag"); - cborEncoderResult = cbor_encode_int(&doxmMap, doxm->sct); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Value."); + if (false == rwOnly) + { + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_SUPPORTED_CRED_TYPE_NAME, + strlen(OIC_JSON_SUPPORTED_CRED_TYPE_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Tag"); + cborEncoderResult = cbor_encode_int(&doxmMap, doxm->sct); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Value."); + } //Owned -- Mandatory cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OWNED_NAME, @@ -198,16 +210,19 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz cborEncoderResult = cbor_encode_boolean(&doxmMap, doxm->owned); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owned Value."); - //DeviceId -- Mandatory - cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVICE_ID_NAME, - strlen(OIC_JSON_DEVICE_ID_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); - ret = ConvertUuidToStr(&doxm->deviceID, &strUuid); - VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); - cborEncoderResult = cbor_encode_text_string(&doxmMap, strUuid, strlen(strUuid)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); - OICFree(strUuid); - strUuid = NULL; + if (false == rwOnly) + { + //DeviceId -- Mandatory + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVICE_ID_NAME, + strlen(OIC_JSON_DEVICE_ID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); + ret = ConvertUuidToStr(&doxm->deviceID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&doxmMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); + OICFree(strUuid); + strUuid = NULL; + } //devownerid -- Mandatory cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVOWNERID_NAME, @@ -231,7 +246,7 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz OICFree(strUuid); strUuid = NULL; - //x.com.samsung.dpc -- not Mandatory(vendor-specific), but this type is boolean, so instance always has a value. + //x.org.iotivity.dpc -- not Mandatory(vendor-specific), but this type is boolean, so instance always has a value. cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DPC_NAME, strlen(OIC_JSON_DPC_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding DPC Tag."); @@ -289,7 +304,7 @@ exit: cborLen += encoder.ptr - encoder.end; OIC_LOG_V(DEBUG, TAG, "Doxm reallocation size : %zd.", cborLen); cborEncoderResult = CborNoError; - ret = DoxmToCBORPayload(doxm, payload, &cborLen); + ret = DoxmToCBORPayload(doxm, payload, &cborLen, rwOnly); *size = cborLen; } @@ -308,6 +323,12 @@ exit: OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, OicSecDoxm_t **secDoxm) { + return CBORPayloadToDoxmBin(cborPayload, size, secDoxm, NULL); +} + +static OCStackResult CBORPayloadToDoxmBin(const uint8_t *cborPayload, size_t size, + OicSecDoxm_t **secDoxm, bool *roParsed) +{ if (NULL == cborPayload || NULL == secDoxm || NULL != *secDoxm || 0 == size) { return OC_STACK_INVALID_PARAM; @@ -378,6 +399,23 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, cborFindResult = cbor_value_advance(&oxm); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing oxmName.") } + + if (roParsed) + { + *roParsed = true; + } + } + else + { + VERIFY_NON_NULL(TAG, gDoxm, ERROR); + doxm->oxm = (OicSecOxm_t *) OICCalloc(gDoxm->oxmLen, sizeof(*doxm->oxm)); + VERIFY_NON_NULL(TAG, doxm->oxm, ERROR); + doxm->oxmLen = gDoxm->oxmLen; + int i; + for (i = 0; i < gDoxm->oxmLen; i++) + { + doxm->oxm[i] = gDoxm->oxm[i]; + } } cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_OXM_SEL_NAME, &doxmMap); @@ -397,6 +435,11 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, { cborFindResult = cbor_value_get_int(&doxmMap, (int *) &doxm->sct); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Sct Name Value.") + + if (roParsed) + { + *roParsed = true; + } } else // PUT/POST JSON may not have sct so set it to the gDoxm->sct { @@ -437,6 +480,16 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); OICFree(strUuid); strUuid = NULL; + + if (roParsed) + { + *roParsed = true; + } + } + else + { + VERIFY_NON_NULL(TAG, gDoxm, ERROR); + memcpy(doxm->deviceID.id, &gDoxm->deviceID.id, sizeof(doxm->deviceID.id)); } cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_DEVOWNERID_NAME, &doxmMap); @@ -449,6 +502,11 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, OICFree(strUuid); strUuid = NULL; } + else + { + VERIFY_NON_NULL(TAG, gDoxm, ERROR); + memcpy(doxm->owner.id, gDoxm->owner.id, sizeof(doxm->owner.id)); + } cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_ROWNERID_NAME, &doxmMap); if (CborNoError == cborFindResult && cbor_value_is_text_string(&doxmMap)) @@ -460,6 +518,11 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, OICFree(strUuid); strUuid = NULL; } + else + { + VERIFY_NON_NULL(TAG, gDoxm, ERROR); + memcpy(doxm->rownerID.id, gDoxm->rownerID.id, sizeof(doxm->rownerID.id)); + } *secDoxm = doxm; ret = OC_STACK_OK; @@ -489,7 +552,7 @@ static bool UpdatePersistentStorage(OicSecDoxm_t * doxm) // Convert Doxm data into CBOR for update to persistent storage uint8_t *payload = NULL; size_t size = 0; - OCStackResult res = DoxmToCBORPayload(doxm, &payload, &size); + OCStackResult res = DoxmToCBORPayload(doxm, &payload, &size, false); if (payload && (OC_STACK_OK == res) && (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_DOXM_NAME, payload, size))) { @@ -606,7 +669,7 @@ static OCEntityHandlerResult HandleDoxmGetRequest (const OCEntityHandlerRequest if (ehRet == OC_EH_OK) { - if (OC_STACK_OK != DoxmToCBORPayload(gDoxm, &payload, &size)) + if (OC_STACK_OK != DoxmToCBORPayload(gDoxm, &payload, &size, false)) { OIC_LOG(WARNING, TAG, "DoxmToCBORPayload failed in HandleDoxmGetRequest"); } @@ -641,13 +704,48 @@ static OCEntityHandlerResult HandleDoxmPostRequest(const OCEntityHandlerRequest { uint8_t *payload = ((OCSecurityPayload *)ehRequest->payload)->securityData; size_t size = ((OCSecurityPayload *)ehRequest->payload)->payloadSize; - OCStackResult res = CBORPayloadToDoxm(payload, size, &newDoxm); - + bool roParsed = false; + OCStackResult res = CBORPayloadToDoxmBin(payload, size, &newDoxm, &roParsed); if (newDoxm && OC_STACK_OK == res) { - if (OIC_JUST_WORKS == newDoxm->oxmSel) + // Check request on RO property + if (true == roParsed) + { + OIC_LOG(ERROR, TAG, "Not acceptable request because of read-only propertys"); + ehRet = OC_EH_NOT_ACCEPTABLE; + goto exit; + } + + // in owned state + if (true == gDoxm->owned) { - if ((false == gDoxm->owned) && (false == newDoxm->owned)) + // update writable properties + gDoxm->oxmSel = newDoxm->oxmSel; + memcpy(&(gDoxm->owner), &(newDoxm->owner), sizeof(OicUuid_t)); + memcpy(&(gDoxm->rownerID), &(newDoxm->rownerID), sizeof(OicUuid_t)); + + if(gDoxm->owned != newDoxm->owned) + { + gDoxm->owned = newDoxm->owned; + } + + //Update new state in persistent storage + if (UpdatePersistentStorage(gDoxm) == true) + { + ehRet = OC_EH_OK; + } + else + { + OIC_LOG(ERROR, TAG, "Failed to update DOXM in persistent storage"); + ehRet = OC_EH_ERROR; + } + goto exit; + } + + // in unowned state + if ((false == gDoxm->owned) && (false == newDoxm->owned)) + { + if (OIC_JUST_WORKS == newDoxm->oxmSel) { /* * If current state of the device is un-owned, enable @@ -695,10 +793,7 @@ static OCEntityHandlerResult HandleDoxmPostRequest(const OCEntityHandlerRequest #endif //__WITH_DTLS__ } } - } - else if (OIC_RANDOM_DEVICE_PIN == newDoxm->oxmSel) - { - if ((false == gDoxm->owned) && (false == newDoxm->owned)) + else if (OIC_RANDOM_DEVICE_PIN == newDoxm->oxmSel) { /* * If current state of the device is un-owned, enable @@ -859,6 +954,8 @@ exit: { if(!gDoxm->owned && previousMsgId != ehRequest->messageID) { + OIC_LOG(WARNING, TAG, "The operation failed during handle DOXM request,"\ + "DOXM will be reverted."); RestoreDoxmToInitState(); RestorePstatToInitState(); } diff --git a/resource/csdk/security/src/pconfresource.c b/resource/csdk/security/src/pconfresource.c index 0026762..7321c37 100644 --- a/resource/csdk/security/src/pconfresource.c +++ b/resource/csdk/security/src/pconfresource.c @@ -937,7 +937,7 @@ static OCEntityHandlerResult HandlePconfPostRequest (const OCEntityHandlerReques // Update storage if(OC_EH_ERROR != ehRet && true == UpdatePersistentStorage(gPconf)) { - ehRet = OC_EH_RESOURCE_CREATED; + ehRet = OC_EH_CHANGED; } DeletePconfBinData(newPconf); diff --git a/resource/csdk/security/src/policyengine.c b/resource/csdk/security/src/policyengine.c index 04451b0..2f93169 100644 --- a/resource/csdk/security/src/policyengine.c +++ b/resource/csdk/security/src/policyengine.c @@ -132,11 +132,19 @@ static bool IsRequestFromDevOwner(PEContext_t *context) return retVal; } + /* if(OC_STACK_OK == GetDoxmDevOwnerId(&ownerid)) { retVal = UuidCmp(&context->subject, &ownerid); } + */ + // TODO: Added as workaround for CTT + OicSecDoxm_t* doxm = (OicSecDoxm_t*) GetDoxmResourceData(); + if (doxm) + { + retVal = UuidCmp(&doxm->owner, &context->subject); + } return retVal; } diff --git a/resource/csdk/security/src/psinterface.c b/resource/csdk/security/src/psinterface.c index 7043f81..c24ecde 100644 --- a/resource/csdk/security/src/psinterface.c +++ b/resource/csdk/security/src/psinterface.c @@ -629,7 +629,7 @@ OCStackResult CreateResetProfile(void) memcpy(&pstat->deviceID, &emptyUuid, sizeof(OicUuid_t)); memcpy(&pstat->rownerID, &emptyUuid, sizeof(OicUuid_t)); - ret = PstatToCBORPayload(pstat, &pstatCbor, &pstatCborLen); + ret = PstatToCBORPayload(pstat, &pstatCbor, &pstatCborLen, false); OICFree(pstat); } if (doxmCbor) @@ -644,7 +644,7 @@ OCStackResult CreateResetProfile(void) memcpy(&doxm->deviceID, &emptyUuid, sizeof(OicUuid_t)); memcpy(&doxm->rownerID, &emptyUuid, sizeof(OicUuid_t)); - ret = DoxmToCBORPayload(doxm, &doxmCbor, &doxmCborLen); + ret = DoxmToCBORPayload(doxm, &doxmCbor, &doxmCborLen, false); OICFree(doxm); } @@ -690,4 +690,3 @@ exit: OICFree(resetPfCbor); return ret; } - diff --git a/resource/csdk/security/src/pstatresource.c b/resource/csdk/security/src/pstatresource.c index 4c71325..1846d48 100644 --- a/resource/csdk/security/src/pstatresource.c +++ b/resource/csdk/security/src/pstatresource.c @@ -42,7 +42,10 @@ static const uint16_t CBOR_SIZE = 512; static const uint16_t CBOR_MAX_SIZE = 4400; // PSTAT Map size - Number of mandatory items -static const uint8_t PSTAT_MAP_SIZE = 9; +static const uint8_t PSTAT_MAP_SIZE = 6; + +// Number of writeable property +static const uint8_t WRITEABLE_PROPERTY_SIZE = 3; static OicSecDpom_t gSm = SINGLE_SERVICE_CLIENT_DRIVEN; static OicSecPstat_t gDefaultPstat = @@ -64,6 +67,14 @@ static OicSecPstat_t *gPstat = NULL; static OCResourceHandle gPstatHandle = NULL; +/** + * This method is internal method. + * the param roParsed is optionally used to know whether cborPayload has + * at least read only property value or not. + */ +static OCStackResult CBORPayloadToPstatBin(const uint8_t *cborPayload, const size_t size, + OicSecPstat_t **secPstat, bool *roParsed); + void DeletePstatBinData(OicSecPstat_t* pstat) { if (pstat) @@ -76,7 +87,8 @@ void DeletePstatBinData(OicSecPstat_t* pstat) } } -OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, size_t *size) +OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, size_t *size, + bool writableOnly) { if (NULL == pstat || NULL == payload || NULL != *payload || NULL == size) { @@ -93,7 +105,7 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, *size = 0; OCStackResult ret = OC_STACK_ERROR; - + size_t pstatMapSize = PSTAT_MAP_SIZE; CborEncoder encoder; CborEncoder pstatMap; char* strUuid = NULL; @@ -104,7 +116,12 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - cborEncoderResult = cbor_encoder_create_map(&encoder, &pstatMap, PSTAT_MAP_SIZE); + if (false == writableOnly) + { + pstatMapSize += WRITEABLE_PROPERTY_SIZE; + } + + cborEncoderResult = cbor_encoder_create_map(&encoder, &pstatMap, pstatMapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Pstat Map."); cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_ISOP_NAME, @@ -113,16 +130,6 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, cborEncoderResult = cbor_encode_boolean(&pstatMap, pstat->isOp); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ISOP Name Value."); - cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_DEVICE_ID_NAME, - strlen(OIC_JSON_DEVICE_ID_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); - ret = ConvertUuidToStr(&pstat->deviceID, &strUuid); - VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); - cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); - OICFree(strUuid); - strUuid = NULL; - cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_CM_NAME, strlen(OIC_JSON_CM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding CM Name Tag."); @@ -141,21 +148,34 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, cborEncoderResult = cbor_encode_int(&pstatMap, pstat->om); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding OM Name Value."); - cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_SM_NAME, - strlen(OIC_JSON_SM_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Name Tag."); - cborEncoderResult = cbor_encode_int(&pstatMap, pstat->sm[0]); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Name Value."); - - cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_ROWNERID_NAME, - strlen(OIC_JSON_ROWNERID_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Tag."); - ret = ConvertUuidToStr(&pstat->rownerID, &strUuid); - VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); - cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Value."); - OICFree(strUuid); - strUuid = NULL; + if (false == writableOnly) + { + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_SM_NAME, + strlen(OIC_JSON_SM_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Name Tag."); + cborEncoderResult = cbor_encode_int(&pstatMap, pstat->sm[0]); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Name Value."); + + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_DEVICE_ID_NAME, + strlen(OIC_JSON_DEVICE_ID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); + ret = ConvertUuidToStr(&pstat->deviceID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); + OICFree(strUuid); + strUuid = NULL; + + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Tag."); + ret = ConvertUuidToStr(&pstat->rownerID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Value."); + OICFree(strUuid); + strUuid = NULL; + } //RT -- Mandatory CborEncoder rtArray; @@ -206,7 +226,7 @@ exit: // Since the allocated initial memory failed, double the memory. cborLen += encoder.ptr - encoder.end; cborEncoderResult = CborNoError; - ret = PstatToCBORPayload(pstat, payload, &cborLen); + ret = PstatToCBORPayload(pstat, payload, &cborLen, writableOnly); if (OC_STACK_OK == ret) { *size = cborLen; @@ -228,6 +248,12 @@ exit: OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, OicSecPstat_t **secPstat) { + return CBORPayloadToPstatBin(cborPayload, size, secPstat, NULL); +} + +static OCStackResult CBORPayloadToPstatBin(const uint8_t *cborPayload, const size_t size, + OicSecPstat_t **secPstat, bool *roParsed) +{ if (NULL == cborPayload || NULL == secPstat || NULL != *secPstat || 0 == size) { return OC_STACK_INVALID_PARAM; @@ -258,6 +284,11 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborFindResult = cbor_value_get_boolean(&pstatMap, &pstat->isOp); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding isOp Value."); } + else + { + pstat->isOp = gPstat->isOp; + cborFindResult = CborNoError; + } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_DEVICE_ID_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_text_string(&pstatMap)) @@ -268,6 +299,16 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); OICFree(strUuid ); strUuid = NULL; + + if (roParsed) + { + *roParsed = true; + } + } + else + { + memcpy(&pstat->deviceID, &gPstat->deviceID, sizeof(OicUuid_t)); + cborFindResult = CborNoError; } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_CM_NAME, &pstatMap); @@ -276,6 +317,11 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->cm); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CM."); } + else + { + pstat->cm = gPstat->cm; + cborFindResult = CborNoError; + } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_TM_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_integer(&pstatMap)) @@ -283,6 +329,11 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->tm); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding TM."); } + else + { + pstat->tm = gPstat->tm; + cborFindResult = CborNoError; + } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_OM_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_integer(&pstatMap)) @@ -290,6 +341,11 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->om); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding OM."); } + else + { + pstat->om = gPstat->om; + cborFindResult = CborNoError; + } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_SM_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_integer(&pstatMap)) @@ -299,6 +355,18 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->sm[0]); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding SM."); + if (roParsed) + { + *roParsed = true; + } + } + else + { + VERIFY_NON_NULL(TAG, gPstat, ERROR); + pstat->smLen = gPstat->smLen; + pstat->sm = (OicSecDpom_t*)OICCalloc(pstat->smLen, sizeof(OicSecDpom_t)); + *pstat->sm = *gPstat->sm; + cborFindResult = CborNoError; } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_ROWNERID_NAME, &pstatMap); @@ -310,6 +378,17 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); OICFree(strUuid ); strUuid = NULL; + + if (roParsed) + { + *roParsed = true; + } + } + else + { + VERIFY_NON_NULL(TAG, gPstat, ERROR); + memcpy(pstat->rownerID.id, gPstat->rownerID.id, sizeof(gPstat->rownerID.id)); + cborFindResult = CborNoError; } *secPstat = pstat; @@ -337,7 +416,7 @@ static bool UpdatePersistentStorage(OicSecPstat_t *pstat) size_t size = 0; uint8_t *cborPayload = NULL; - OCStackResult ret = PstatToCBORPayload(pstat, &cborPayload, &size); + OCStackResult ret = PstatToCBORPayload(pstat, &cborPayload, &size, false); if (OC_STACK_OK == ret) { if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_PSTAT_NAME, cborPayload, size)) @@ -409,7 +488,7 @@ static OCEntityHandlerResult HandlePstatGetRequest (const OCEntityHandlerRequest uint8_t *payload = NULL; if (ehRet == OC_EH_OK) { - if(OC_STACK_OK != PstatToCBORPayload(gPstat, &payload, &size)) + if(OC_STACK_OK != PstatToCBORPayload(gPstat, &payload, &size, false)) { OIC_LOG(WARNING, TAG, "PstatToCBORPayload failed in HandlePstatGetRequest"); } @@ -435,50 +514,88 @@ static OCEntityHandlerResult HandlePstatPostRequest(const OCEntityHandlerRequest OicSecPstat_t *pstat = NULL; static uint16_t prevMsgId = 0; - if (ehRequest->payload) + if (ehRequest->payload && NULL != gPstat) { uint8_t *payload = ((OCSecurityPayload *) ehRequest->payload)->securityData; size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize; VERIFY_NON_NULL(TAG, payload, ERROR); - OCStackResult ret = CBORPayloadToPstat(payload, size, &pstat); + bool roParsed = false; + OCStackResult ret = CBORPayloadToPstatBin(payload, size, &pstat, &roParsed); VERIFY_NON_NULL(TAG, pstat, ERROR); if (OC_STACK_OK == ret) { - if (true == (pstat->cm & RESET) && false == pstat->isOp) - { - gPstat->cm = pstat->cm; - OIC_LOG(INFO, TAG, "State changed to Ready for Reset"); - } - else if (false == (pstat->cm & TAKE_OWNER) && false == pstat->isOp) + bool validReq = false; + + if (true == roParsed) { - gPstat->cm = pstat->cm; - OIC_LOG (INFO, TAG, "State changed to Ready for Provisioning"); + OIC_LOG(ERROR, TAG, "Not acceptable request because of read-only properties"); + ehRet = OC_EH_NOT_ACCEPTABLE; + goto exit; } - else if (false == (pstat->cm & TAKE_OWNER) && true == pstat->isOp) + + //operation mode(om) should be one of supported modes(sm) + for(size_t i = 0; i < gPstat->smLen; i++) { - gPstat->isOp =pstat->isOp; - OIC_LOG (INFO, TAG, "State changed to Ready for Normal Operation"); + if(gPstat->sm[i] == pstat->om) + { + validReq = true; + break; + } } - else + + if(!validReq) { - OIC_LOG(DEBUG, TAG, "Invalid Device provisionig state"); + OIC_LOG_V(ERROR, TAG, "%d is unsupported Operation Mode", (int) pstat->om); + ehRet = OC_EH_BAD_REQ; + goto exit; } - if (pstat->om != MULTIPLE_SERVICE_SERVER_DRIVEN && gPstat) + validReq = false; + + //Currently, we dose not support the multiple service server driven yet. + if (pstat->om != MULTIPLE_SERVICE_SERVER_DRIVEN) { - /* - * Check if the operation mode is in the supported provisioning services - * operation mode list. - */ - for (size_t i=0; i< gPstat->smLen; i++) + if ((pstat->cm & RESET) && false == pstat->isOp) { - if(gPstat->sm[i] == pstat->om) - { - gPstat->om = pstat->om; - break; - } + validReq = true; + OIC_LOG(INFO, TAG, "State changed to Ready for Reset"); } + else if ((pstat->cm & TAKE_OWNER) && false == pstat->isOp) + { + validReq = true; + OIC_LOG (INFO, TAG, "State changed to Ready for Ownership transfer"); + } + else if (false == (pstat->cm & TAKE_OWNER) && false == pstat->isOp) + { + validReq = true; + OIC_LOG(INFO, TAG, "State changed to Ready for Provisioning"); + } + else if (false == (pstat->cm & TAKE_OWNER) && true == pstat->isOp) + { + validReq = true; + OIC_LOG (INFO, TAG, "State changed to Ready for Normal Operation"); + } + else + { + OIC_LOG(DEBUG, TAG, "Invalid Device provisionig state"); + OIC_LOG_BUFFER(DEBUG, TAG, payload, size); + ehRet = OC_EH_BAD_REQ; + goto exit; + } + } + + if (!validReq) + { + OIC_LOG(DEBUG, TAG, "Bad request for PSTAT"); + ehRet = OC_EH_BAD_REQ; + goto exit; } + + gPstat->isOp = pstat->isOp; + gPstat->om = pstat->om; + gPstat->tm = pstat->tm; + gPstat->cm = pstat->cm; + // Convert pstat data into CBOR for update to persistent storage if (UpdatePersistentStorage(gPstat)) { @@ -504,6 +621,7 @@ static OCEntityHandlerResult HandlePstatPostRequest(const OCEntityHandlerRequest } } exit: + if(OC_EH_OK != ehRet) { /* @@ -707,7 +825,7 @@ OCStackResult SetPstatRownerId(const OicUuid_t* newROwner) memcpy(prevId.id, gPstat->rownerID.id, sizeof(prevId.id)); memcpy(gPstat->rownerID.id, newROwner->id, sizeof(newROwner->id)); - ret = PstatToCBORPayload(gPstat, &cborPayload, &size); + ret = PstatToCBORPayload(gPstat, &cborPayload, &size, false); VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); ret = UpdateSecureResourceInPS(OIC_JSON_PSTAT_NAME, cborPayload, size); diff --git a/resource/csdk/security/src/srmresourcestrings.c b/resource/csdk/security/src/srmresourcestrings.c index 20f54bf..d9f0210 100644 --- a/resource/csdk/security/src/srmresourcestrings.c +++ b/resource/csdk/security/src/srmresourcestrings.c @@ -124,7 +124,7 @@ const char * OIC_JSON_PERIODS_NAME = "prds"; const char * OIC_JSON_CRMS_NAME = "crms"; const char * OIC_JSON_RECURRENCES_NAME = "recurrence"; const char * OIC_JSON_SUPPORTED_CRED_TYPE_NAME = "sct"; -const char * OIC_JSON_DPC_NAME = "x.com.samsung.dpc"; +const char * OIC_JSON_DPC_NAME = "x.org.iotivity.dpc"; const char * OIC_JSON_EDP_NAME = "edp"; const char * OIC_JSON_PIN_NAME = "pin"; const char * OIC_JSON_PDACL_NAME = "pdacl"; diff --git a/resource/csdk/security/src/svcresource.c b/resource/csdk/security/src/svcresource.c index 9cb7f6b..410d22c 100644 --- a/resource/csdk/security/src/svcresource.c +++ b/resource/csdk/security/src/svcresource.c @@ -353,7 +353,7 @@ static OCEntityHandlerResult HandleSVCPostRequest(const OCEntityHandlerRequest * if (cborPayload && OC_STACK_OK == res && UpdateSecureResourceInPS(OIC_JSON_SVC_NAME, cborPayload, size) == OC_STACK_OK) { - ehRet = OC_EH_RESOURCE_CREATED; + ehRet = OC_EH_CHANGED; } OICFree(cborPayload); } diff --git a/resource/csdk/security/tool/json2cbor.c b/resource/csdk/security/tool/json2cbor.c index 0f41aab..947edd3 100644 --- a/resource/csdk/security/tool/json2cbor.c +++ b/resource/csdk/security/tool/json2cbor.c @@ -141,7 +141,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName { OicSecPstat_t *pstat = JSONToPstatBin(jsonStr); VERIFY_NON_NULL(TAG, pstat, FATAL); - ret = PstatToCBORPayload(pstat, &pstatCbor, &pstatCborSize); + ret = PstatToCBORPayload(pstat, &pstatCbor, &pstatCborSize, false); if(OC_STACK_OK != ret) { OIC_LOG (ERROR, TAG, "Failed converting Pstat to Cbor Payload"); @@ -157,7 +157,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName { OicSecDoxm_t *doxm = JSONToDoxmBin(jsonStr); VERIFY_NON_NULL(TAG, doxm, FATAL); - ret = DoxmToCBORPayload(doxm, &doxmCbor, &doxmCborSize); + ret = DoxmToCBORPayload(doxm, &doxmCbor, &doxmCborSize, false); if(OC_STACK_OK != ret) { OIC_LOG (ERROR, TAG, "Failed converting Doxm to Cbor Payload"); diff --git a/resource/csdk/security/unittest/doxmresource.cpp b/resource/csdk/security/unittest/doxmresource.cpp index bdab373..0fc7662 100644 --- a/resource/csdk/security/unittest/doxmresource.cpp +++ b/resource/csdk/security/unittest/doxmresource.cpp @@ -143,10 +143,10 @@ TEST(DoxmResourceTest, DoxmToCBORPayloadNULL) OicSecDoxm_t *doxm = getBinDoxm(); size_t size = 10; uint8_t *payload = NULL; - EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(NULL, NULL, 0)); - EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(doxm, NULL, &size)); - EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(doxm, &payload, 0)); - EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(NULL, &payload, &size)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(NULL, NULL, 0, false)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(doxm, NULL, &size, false)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(doxm, &payload, 0, false)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, DoxmToCBORPayload(NULL, &payload, &size, false)); DeleteDoxmBinData(doxm); } @@ -156,7 +156,7 @@ TEST(DoxmResourceTest, DoxmToCBORPayloadVALID) uint8_t *payload = NULL; size_t size = 0; - EXPECT_EQ(OC_STACK_OK, DoxmToCBORPayload(doxm, &payload, &size)); + EXPECT_EQ(OC_STACK_OK, DoxmToCBORPayload(doxm, &payload, &size, false)); EXPECT_TRUE(payload != NULL); DeleteDoxmBinData(doxm); @@ -181,7 +181,7 @@ TEST(DoxmResourceTest, CBORPayloadToDoxmVALID) OicSecDoxm_t *doxm = getBinDoxm(); uint8_t *payload = NULL; size_t size = 0; - EXPECT_EQ(OC_STACK_OK, DoxmToCBORPayload(doxm, &payload, &size)); + EXPECT_EQ(OC_STACK_OK, DoxmToCBORPayload(doxm, &payload, &size, false)); EXPECT_TRUE(payload != NULL); OicSecDoxm_t *doxmSec = NULL; diff --git a/resource/csdk/security/unittest/oic_svr_db.dat b/resource/csdk/security/unittest/oic_svr_db.dat index 66afe9c..7758880 100644 Binary files a/resource/csdk/security/unittest/oic_svr_db.dat and b/resource/csdk/security/unittest/oic_svr_db.dat differ diff --git a/resource/csdk/security/unittest/oic_svr_db.json b/resource/csdk/security/unittest/oic_svr_db.json index 59fa154..31c2763 100644 --- a/resource/csdk/security/unittest/oic_svr_db.json +++ b/resource/csdk/security/unittest/oic_svr_db.json @@ -89,6 +89,6 @@ "deviceuuid": "756E6B6E-6F77-6564-4465-766963654964", "devowneruuid": "", "rowneruuid": "756E6B6E-6F77-6564-4465-766963654964", - "x.com.samsung.dpc": true + "x.org.iotivity.dpc": true } } \ No newline at end of file diff --git a/resource/csdk/security/unittest/oic_svr_db_prov.dat b/resource/csdk/security/unittest/oic_svr_db_prov.dat index 2f8f4df..4b5604e 100644 Binary files a/resource/csdk/security/unittest/oic_svr_db_prov.dat and b/resource/csdk/security/unittest/oic_svr_db_prov.dat differ diff --git a/resource/csdk/security/unittest/oic_svr_db_prov.json b/resource/csdk/security/unittest/oic_svr_db_prov.json new file mode 100644 index 0000000..a24fd3b --- /dev/null +++ b/resource/csdk/security/unittest/oic_svr_db_prov.json @@ -0,0 +1,109 @@ +{ + "cred": { + "creds": [ + { + "credid": 1, + "subjectuuid": "61646d69-6e44-6576-6963-655575696430", + "credtype": 1, + "privatedata": { + "data": "AAAAAAAAAAAAAAAA", + "encoding": "oic.sec.encoding.raw" + } + }, + { + "credid": 2, + "subjectuuid": "646f6f72-4465-7669-6365-555549443030", + "credtype": 8, + "publicdata": { + "data": "AABBCCDDEEFFGGHH", + "encoding": "oic.sec.encoding.raw" + }, + "privatedata": { + "data": "BBBBBBBBBBBBBBBB", + "encoding": "oic.sec.encoding.raw" + } + } + ], + "rowneruuid": "61646d69-6e44-6576-6963-655575696430" + }, + "acl": { + "aclist": { + "aces": [ + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/res", + "rel": "", + "rt": ["oic.wk.res"], + "if": ["oic.if.ll"] + }, + { + "href": "/oic/d", + "rel": "", + "rt": ["oic.wk.d"], + "if": ["oic.if.baseline", "oic.if.r"] + }, + { + "href": "/oic/p", + "rel": "", + "rt": ["oic.wk.p"], + "if": ["oic.if.baseline", "oic.if.r"] + }, + { + "href": "/oic/presence", + "rel": "", + "rt": ["oic.wk.presence"], + "if": ["oic.if.baseline"] + } + ], + "permission": 2 + }, + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rel": "", + "rt": ["oic.r.doxm"], + "if": ["oic.if.baseline"] + }, + { + "href": "/oic/sec/pstat", + "rel": "", + "rt": ["oic.r.pstat"], + "if": ["oic.if.baseline"] + } + ], + "permission": 2 + } + ] + }, + "rowneruuid": "61646d69-6e44-6576-6963-655575696430" + }, + "pstat": { + "isop": true, + "deviceuuid": "646f6f72-4465-7669-6365-555549443030", + "cm": 0, + "tm": 0, + "om": 3, + "sm": 3, + "rowneruuid": "61646d69-6e44-6576-6963-655575696430" + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "deviceuuid": "646f6f72-4465-7669-6365-555549443030", + "devowneruuid": "61646d69-6e44-6576-6963-655575696430", + "rowneruuid": "61646d69-6e44-6576-6963-655575696430", + "x.org.iotivity.dpc": false + }, + "pconf": { + "edp": false, + "pin": "00000000", + "deviceuuid": "646f6f72-4465-7669-6365-555549443030", + "rowneruuid": "61646d69-6e44-6576-6963-655575696430" + } +} \ No newline at end of file diff --git a/resource/csdk/security/unittest/pstatresource.cpp b/resource/csdk/security/unittest/pstatresource.cpp index b9e5ceb..90f189d 100644 --- a/resource/csdk/security/unittest/pstatresource.cpp +++ b/resource/csdk/security/unittest/pstatresource.cpp @@ -76,7 +76,7 @@ TEST(PstatResourceTest, PstatEntityHandlerWithPostRequest) defaultPstat->sm[0] = (OicSecDpom_t) 3; size_t size = 0; uint8_t *cbor = NULL; - EXPECT_EQ(OC_STACK_OK, PstatToCBORPayload(defaultPstat, &cbor, &size)); + EXPECT_EQ(OC_STACK_OK, PstatToCBORPayload(defaultPstat, &cbor, &size, true)); DeletePstatBinData(defaultPstat); ASSERT_TRUE(cbor != NULL); @@ -95,20 +95,20 @@ TEST(PstatResourceTest, PstatEntityHandlerInvalidRequest) TEST(PstatResourceTest, PstatToCBORPayloadNULL) { - EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(NULL, NULL, 0)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(NULL, NULL, 0, false)); // Case when cbor payload is NULL OicSecPstat_t pstat; size_t size = 10; - EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, NULL, &size)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, NULL, &size, false)); uint8_t *cborPayload = (uint8_t *) OICCalloc(1, size); ASSERT_TRUE(NULL != cborPayload); - EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, &cborPayload, &size)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, &cborPayload, &size, false)); OICFree(cborPayload); cborPayload = NULL; // Case when pstat is zero. - EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(NULL, &cborPayload, &size)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(NULL, &cborPayload, &size, false)); // Case when size is 0. - EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, &cborPayload, 0)); + EXPECT_EQ(OC_STACK_INVALID_PARAM, PstatToCBORPayload(&pstat, &cborPayload, 0, false)); OICFree(cborPayload); } @@ -135,7 +135,7 @@ TEST(PstatResourceTest, PstatToCBORPayloadAndCBORPayloadToPstat) size_t size = 0; uint8_t *cbor = NULL; - EXPECT_EQ(OC_STACK_OK, PstatToCBORPayload(&pstat, &cbor, &size)); + EXPECT_EQ(OC_STACK_OK, PstatToCBORPayload(&pstat, &cbor, &size, false)); if (!cbor) { OICFree(pstat.sm); diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat index d077505..6891ae5 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat and b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json index 4574952..97a952a 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json +++ b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json @@ -83,7 +83,7 @@ "deviceuuid": "31393139-3139-3139-3139-313931393139", "devowneruuid": "61646D69-6E44-6576-6963-655555494430", "rowneruuid": "31393139-3139-3139-3139-313931393139", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat index 273f155..3d258b7 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json index e2a22c3..4837af9 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_devowner.json @@ -83,7 +83,7 @@ "deviceuuid": "32323232-3232-3232-3232-323232323232", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "32323232-3232-3232-3232-323232323232", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat index fe16181..e070ea4 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json index 5fe9f41..4fcd6db 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json @@ -77,6 +77,6 @@ "deviceuuid": "64697265-6374-7061-6972-696e67446576", "devowneruuid": "", "rowneruuid": "64697265-6374-7061-6972-696e67446576", - "x.com.samsung.dpc": false - } -} + "x.org.iotivity.dpc": false + } +} diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat index f008c51..b726fd6 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json index 122cbda..5746fc0 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_nondevowner.json @@ -83,7 +83,7 @@ "deviceuuid": "31393139-3139-3139-3139-313931393139", "devowneruuid": "31393139-3139-3139-3139-313931393139", "rowneruuid": "31393139-3139-3139-3139-313931393139", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat index 062f3ea..824fe7b 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json index a49ac8c..a5ebfcb 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json @@ -125,7 +125,7 @@ "deviceuuid": "31313131-3131-3131-3131-313131313131", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "31313131-3131-3131-3131-313131313131", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat index 0e7bf17..97eae6d 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.json new file mode 100644 index 0000000..25145b9 --- /dev/null +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server_justworks.json @@ -0,0 +1,112 @@ +{ + "acl": { + "aclist": { + "aces": [ + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/res", + "rt": ["oic.wk.res"], + "if": ["oic.if.ll"], + "rel": "" + }, + { + "href": "/oic/d", + "rt": ["oic.wk.d"], + "if": ["oic.if.baseline", "oic.if.r"], + "rel": "" + }, + { + "href": "/oic/p", + "rt": ["oic.wk.p"], + "if": ["oic.if.baseline", "oic.if.r"], + "rel": "" + } + ], + "permission": 2 + }, + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": ["oic.r.doxm"], + "if": ["oic.if.baseline"], + "rel": "" + }, + { + "href": "/oic/sec/pstat", + "rt": ["oic.r.pstat"], + "if": ["oic.if.baseline"], + "rel": "" + }, + { + "href": "/oic/sec/acl", + "rt": ["oic.r.acl"], + "if": ["oic.if.baseline"], + "rel": "" + }, + { + "href": "/oic/sec/cred", + "rt": ["oic.r.cred"], + "if": ["oic.if.baseline"], + "rel": "" + } + ], + "permission": 6 + }, + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/sec/pconf", + "rt": ["oic.r.pconf"], + "if": ["oic.if.baseline"], + "rel": "" + }, + { + "href": "/oic/sec/dpairing", + "rt": ["oic.r.dpairing"], + "if": ["oic.if.baseline"], + "rel": "" + } + ], + "permission": 6 + }, + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/sec/ver", + "rt": ["oic.r.ver"], + "if": ["oic.if.baseline"], + "rel": "" + } + ], + "permission":2 + } + ] + }, + "rowneruuid": "6a757374-776f-726b-4465-765575696430" + }, + "pstat": { + "isop": false, + "deviceuuid": "6a757374-776f-726b-4465-765575696430", + "cm": 2, + "tm": 0, + "om": 3, + "sm": 3, + "rowneruuid": "6a757374-776f-726b-4465-765575696430" + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": false, + "deviceuuid": "6a757374-776f-726b-4465-765575696430", + "devowneruuid": "", + "rowneruuid": "6a757374-776f-726b-4465-765575696430", + "x.org.iotivity.dpc": false + } +} \ No newline at end of file diff --git a/resource/examples/oic_svr_db_client.dat b/resource/examples/oic_svr_db_client.dat index 59c0c32..3c93b28 100644 Binary files a/resource/examples/oic_svr_db_client.dat and b/resource/examples/oic_svr_db_client.dat differ diff --git a/resource/examples/oic_svr_db_client.json b/resource/examples/oic_svr_db_client.json index e4c9681..792c3b1 100644 --- a/resource/examples/oic_svr_db_client.json +++ b/resource/examples/oic_svr_db_client.json @@ -77,7 +77,7 @@ "deviceuuid": "32323232-3232-3232-3232-323232323232", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "32323232-3232-3232-3232-323232323232", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/examples/oic_svr_db_client_directpairing.dat b/resource/examples/oic_svr_db_client_directpairing.dat index a4114f3..146d240 100644 Binary files a/resource/examples/oic_svr_db_client_directpairing.dat and b/resource/examples/oic_svr_db_client_directpairing.dat differ diff --git a/resource/examples/oic_svr_db_client_directpairing.json b/resource/examples/oic_svr_db_client_directpairing.json index 6ef7755..7f8e9b9 100644 --- a/resource/examples/oic_svr_db_client_directpairing.json +++ b/resource/examples/oic_svr_db_client_directpairing.json @@ -77,6 +77,6 @@ "deviceuuid": "64706169-7269-6e67-4465-765555494430", "devowneruuid": "", "rowneruuid": "64706169-7269-6e67-4465-765555494430", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false } } diff --git a/resource/examples/oic_svr_db_server.dat b/resource/examples/oic_svr_db_server.dat index 4d883c4..15eaaa6 100644 Binary files a/resource/examples/oic_svr_db_server.dat and b/resource/examples/oic_svr_db_server.dat differ diff --git a/resource/examples/oic_svr_db_server.json b/resource/examples/oic_svr_db_server.json index 037efec..5ed46fa 100644 --- a/resource/examples/oic_svr_db_server.json +++ b/resource/examples/oic_svr_db_server.json @@ -89,7 +89,7 @@ "deviceuuid": "31313131-3131-3131-3131-313131313131", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "31313131-3131-3131-3131-313131313131", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/resource/include/OCProvisioningManager.h b/resource/include/OCProvisioningManager.h index 535572c..0638d99 100644 --- a/resource/include/OCProvisioningManager.h +++ b/resource/include/OCProvisioningManager.h @@ -268,6 +268,20 @@ namespace OC ResultCallBack resultCallback); /** + * API to remove device credential and ACL from all devices in subnet. + * + * @param resultCallback Callback provided by API user, callback will be called when + * credential revocation is finished. + * @param uuid Device uuid to be revoked. + * @param waitTimeForOwnedDeviceDiscovery Maximum wait time for owned device + * discovery in seconds. + * @return ::OC_STACK_OK in case of success and other value otherwise. + */ + OCStackResult removeDeviceWithUuid(unsigned short waitTimeForOwnedDeviceDiscovery, + std::string uuid, + ResultCallBack resultCallback); + + /** * API to provision DirectPairing to devices. * * @param pconf pointer to PCONF (Pairing Configuration). diff --git a/resource/provisioning/examples/oic_svr_db_client.dat b/resource/provisioning/examples/oic_svr_db_client.dat index 04cb534..42249be 100644 Binary files a/resource/provisioning/examples/oic_svr_db_client.dat and b/resource/provisioning/examples/oic_svr_db_client.dat differ diff --git a/resource/provisioning/examples/oic_svr_db_client.json b/resource/provisioning/examples/oic_svr_db_client.json index 930d160..6b8e2b7 100644 --- a/resource/provisioning/examples/oic_svr_db_client.json +++ b/resource/provisioning/examples/oic_svr_db_client.json @@ -75,7 +75,7 @@ "sct": 1, "owned": true, "deviceuuid": "61646D69-6E44-6576-6963-655575696430", - "x.com.samsung.dpc": false, + "x.org.iotivity.dpc": false, "devowneruuid": "61646D69-6E44-6576-6963-655575696430", "rowneruuid": "61646D69-6E44-6576-6963-655575696430" } diff --git a/resource/provisioning/examples/provisioningclient.cpp b/resource/provisioning/examples/provisioningclient.cpp index 13ca047..163a769 100644 --- a/resource/provisioning/examples/provisioningclient.cpp +++ b/resource/provisioning/examples/provisioningclient.cpp @@ -87,10 +87,11 @@ void printMenu() std::cout << " 6. Credential & ACL provisioning b/w two devices"<href); for(int ret=0; 1!=ret; ) { ret = scanf("%d", &arrLen); @@ -448,7 +449,7 @@ static int InputACL(OicSecAcl_t *acl) for(int i = 0; i < arrLen; i++) { - printf(" Enter ResourceType[%d] Name: ", i+1); + printf(" Enter ResourceType[%d] Name (e.g. core.led): ", i+1); for(int ret=0; 1!=ret; ) { ret = scanf("%64ms", &rsrc_in); // '128' is ACL_RESRC_MAX_LEN @@ -466,7 +467,7 @@ static int InputACL(OicSecAcl_t *acl) while(1) { - printf(" Enter Number of interface name for [%s]: ", rsrc_in); + printf(" Enter Number of interface name for [%s]: ", rsrc->href); for(int ret=0; 1!=ret; ) { ret = scanf("%d", &arrLen); @@ -490,7 +491,7 @@ static int InputACL(OicSecAcl_t *acl) for(int i = 0; i < arrLen; i++) { - printf(" Enter ResourceType[%d] Name: ", i+1); + printf(" Enter interfnace[%d] Name (e.g. oic.if.baseline): ", i+1); for(int ret=0; 1!=ret; ) { ret = scanf("%64ms", &rsrc_in); // '128' is ACL_RESRC_MAX_LEN @@ -1107,7 +1108,28 @@ int main(void) } break; } - case 9: //Get Linked devices + case 9: //Remove Device using UUID + { + int index; + + if (0 != readDeviceNumber(pOwnedDevList, 1, &index)) break; + + std::cout << "Remove Device: "<< pOwnedDevList[index]->getDeviceID()<< std::endl; + + ask = 0; + + if (pOwnedDevList[index]->removeDeviceWithUuid(DISCOVERY_TIMEOUT, + pOwnedDevList[index]->getDeviceID(), + provisionCB) + != OC_STACK_OK) + { + ask = 1; + std::cout <<"removeDevice is failed"<< std::endl; + } + break; + } + + case 10: //Get Linked devices { UuidList_t linkedUuid; unsigned int devNum; @@ -1152,7 +1174,7 @@ int main(void) } break; } - case 10: //Get device' status + case 11: //Get device' status { DeviceList_t unownedList, ownedList; @@ -1180,7 +1202,7 @@ int main(void) break; } - case 11: + case 12: { unsigned int devNum; @@ -1210,7 +1232,7 @@ int main(void) break; } - case 12: + case 13: default: out = 1; break; diff --git a/resource/provisioning/src/OCProvisioningManager.cpp b/resource/provisioning/src/OCProvisioningManager.cpp index 17ebd68..ed34574 100644 --- a/resource/provisioning/src/OCProvisioningManager.cpp +++ b/resource/provisioning/src/OCProvisioningManager.cpp @@ -458,6 +458,45 @@ namespace OC return result; } + OCStackResult OCSecureResource::removeDeviceWithUuid(unsigned short waitTimeForOwnedDeviceDiscovery, + std::string uuid, + ResultCallBack resultCallback) + { + if (!resultCallback) + { + oclog() << "Result calback can't be null"; + return OC_STACK_INVALID_CALLBACK; + } + + OCStackResult result; + auto cLock = m_csdkLock.lock(); + + if (cLock) + { + ProvisionContext* context = new ProvisionContext(resultCallback); + + std::lock_guard lock(*cLock); + + OicUuid_t targetDev; + result = ConvertStrToUuid(uuid.c_str(), &targetDev); + if(OC_STACK_OK == result) + { + result = OCRemoveDeviceWithUuid(static_cast(context), waitTimeForOwnedDeviceDiscovery, + &targetDev, &OCSecureResource::callbackWrapper); + } + else + { + oclog() <<"Can not convert struuid to uuid"; + } + } + else + { + oclog() <<"Mutex not found"; + result = OC_STACK_ERROR; + } + return result; + } + OCStackResult OCSecureResource::getLinkedDevices(UuidList_t &uuidList) { OCStackResult result; diff --git a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat index 6dd3a0c..3884c30 100644 Binary files a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat and b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.dat differ diff --git a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json index 2d47964..6878fd9 100644 --- a/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json +++ b/service/easy-setup/sampleapp/mediator/android/EasySetup/app/src/main/assets/oic_svr_db_client.json @@ -1,88 +1,88 @@ -{ - "acl": { - "aclist": { - "aces": [ - { - "subjectuuid": "*", - "resources": [ - { - "href": "/oic/res", - "rel": "", - "rt": ["oic.wk.res"], - "if": ["oic.if.ll"] - }, - { - "href": "/oic/d", - "rel": "", - "rt": ["oic.wk.d"], - "if": ["oic.if.baseline", "oic.if.r"] - }, - { - "href": "/oic/p", - "rel": "", - "rt": ["oic.wk.p"], - "if": ["oic.if.baseline", "oic.if.r"] - }, - { - "href": "/oic/ad", - "rel": "", - "rt": ["oic.wk.ad"], - "if": ["oic.if.baseline"] - }, - { - "href": "/oic/sec/acl", - "rel": "", - "rt": ["oic.r.acl"], - "if": ["oic.if.baseline"] - }, - { - "href": "/oic/res/types/d", - "rel": "", - "rt": ["oic.wk.res"], - "if": ["oic.if.baseline"] - } - ], - "permission": 2 - }, - { - "subjectuuid": "*", - "resources": [ - { - "href": "/oic/sec/doxm", - "rel": "", - "rt": ["oic.r.doxm"], - "if": ["oic.if.baseline"] - }, - { - "href": "/oic/sec/pstat", - "rel": "", - "rt": ["oic.r.pstat"], - "if": ["oic.if.baseline"] - } - ], - "permission": 2 - } - ] - }, - "rowneruuid" : "61646d69-6e44-6576-6963-655575696430" - }, - "pstat": { - "isop": true, - "deviceuuid": "61646d69-6e44-6576-6963-655575696430", - "rowneruuid": "61646d69-6e44-6576-6963-655575696430", - "cm": 0, - "tm": 0, - "om": 3, - "sm": 3 - }, - "doxm": { - "oxms": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceuuid": "61646d69-6e44-6576-6963-655575696430", - "devowneruuid": "61646d69-6e44-6576-6963-655575696430", - "rowneruuid": "61646d69-6e44-6576-6963-655575696430", - "x.com.samsung.dpc": false - } -} +{ + "acl": { + "aclist": { + "aces": [ + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/res", + "rel": "", + "rt": ["oic.wk.res"], + "if": ["oic.if.ll"] + }, + { + "href": "/oic/d", + "rel": "", + "rt": ["oic.wk.d"], + "if": ["oic.if.baseline", "oic.if.r"] + }, + { + "href": "/oic/p", + "rel": "", + "rt": ["oic.wk.p"], + "if": ["oic.if.baseline", "oic.if.r"] + }, + { + "href": "/oic/ad", + "rel": "", + "rt": ["oic.wk.ad"], + "if": ["oic.if.baseline"] + }, + { + "href": "/oic/sec/acl", + "rel": "", + "rt": ["oic.r.acl"], + "if": ["oic.if.baseline"] + }, + { + "href": "/oic/res/types/d", + "rel": "", + "rt": ["oic.wk.res"], + "if": ["oic.if.baseline"] + } + ], + "permission": 2 + }, + { + "subjectuuid": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rel": "", + "rt": ["oic.r.doxm"], + "if": ["oic.if.baseline"] + }, + { + "href": "/oic/sec/pstat", + "rel": "", + "rt": ["oic.r.pstat"], + "if": ["oic.if.baseline"] + } + ], + "permission": 2 + } + ] + }, + "rowneruuid" : "61646d69-6e44-6576-6963-655575696430" + }, + "pstat": { + "isop": true, + "deviceuuid": "61646d69-6e44-6576-6963-655575696430", + "rowneruuid": "61646d69-6e44-6576-6963-655575696430", + "cm": 0, + "tm": 0, + "om": 3, + "sm": 3 + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "deviceuuid": "61646d69-6e44-6576-6963-655575696430", + "devowneruuid": "61646d69-6e44-6576-6963-655575696430", + "rowneruuid": "61646d69-6e44-6576-6963-655575696430", + "x.org.iotivity.dpc": false + } +} diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat index 59c0c32..3c93b28 100644 Binary files a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat and b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.dat differ diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json index e4c9681..792c3b1 100644 --- a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json +++ b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_client.json @@ -77,7 +77,7 @@ "deviceuuid": "32323232-3232-3232-3232-323232323232", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "32323232-3232-3232-3232-323232323232", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [ diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat index 742069a..706a030 100644 Binary files a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat and b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.dat differ diff --git a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json index 6094a95..d36503a 100644 --- a/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json +++ b/service/resource-encapsulation/examples/linux/secureResourceExample/oic_svr_db_server.json @@ -101,7 +101,7 @@ "deviceuuid": "31313131-3131-3131-3131-313131313131", "devowneruuid": "32323232-3232-3232-3232-323232323232", "rowneruuid": "31313131-3131-3131-3131-313131313131", - "x.com.samsung.dpc": false + "x.org.iotivity.dpc": false }, "cred": { "creds": [