From: leechul Date: Tue, 22 Mar 2016 00:38:06 +0000 (+0900) Subject: RAML v1.1 sync-up in SVR DB X-Git-Tag: 1.2.0+RC1~355^2^2~145 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=bedf2f7aefce81f5a2e4c81810a297c17c42bdfa;p=platform%2Fupstream%2Fiotivity.git RAML v1.1 sync-up in SVR DB Patch#1 : Init Patch#2 : add missed code Patch#3 : sync-up ACL, change sample db file(dat, json) Patch#4 : minor fix on ACL Patch#5 : sync-up CRED Patch#6 : minor fix on CRED Patch#7 : add "didformat" into "doxm" Patch#8 : remove "ch" and minor fix from "pstat" Patch#9 : minor change Patch#10 : change "oxm" to "oxms" in "doxm", minor change Patch#11 : fix on CRED Patch#12 : pconf sync up Patch#13 : Remove TAB characters Patch#14~16 : Remove the compile errors for arduino Patch#16 : Modify the convertion funtion's error-handling logic to gurantee NULL termination of parameter in case of cbor error. Patch#17 : 1. Rebase to resolve conflicts. 2. Re-generate SVR DB(*.dat) files. Patch#18 : 1. Resolve ownership transfer issues with two more servers. 2. Resolve the unit test errors. 3. Update unittest's SVR DB(*.dat) in CBOR format. Patch#19~21 : Upload missing file. Patch#22~23 : Update according to SVACE report. Patch#24 : Update ocstack sample's SVR DB(*.dat) in CBOR format. Patch#25 : Modify c++ samples SVR DB(*.dat, *.json) in correct format. Patch#26-27 : Insert the device owner field as empty value explicitly into sample's default SVR DB. Under test. Please don't merge this patch. Change-Id: Ia3b6c65bf5c365c664e89d934042e30576f777bf Signed-off-by: Yonggoo Kang Signed-off-by: Ashwini Kumar Signed-off-by: Chul Lee Reviewed-on: https://gerrit.iotivity.org/gerrit/6099 Tested-by: jenkins-iotivity Reviewed-by: Dmitriy Zhuravlev --- diff --git a/resource/csdk/security/include/internal/srmresourcestrings.h b/resource/csdk/security/include/internal/srmresourcestrings.h index 15cfa31..0413747 100644 --- a/resource/csdk/security/include/internal/srmresourcestrings.h +++ b/resource/csdk/security/include/internal/srmresourcestrings.h @@ -36,6 +36,8 @@ extern const char * OIC_JSON_AMACL_NAME; extern const char * OIC_RSRC_TYPE_SEC_ACL; extern const char * OIC_RSRC_ACL_URI; extern const char * OIC_JSON_ACL_NAME; +extern const char * OIC_JSON_ACLIST_NAME; +extern const char * OIC_JSON_ACES_NAME; //PSTAT extern const char * OIC_RSRC_TYPE_SEC_PSTAT; @@ -52,6 +54,7 @@ extern const char * OIC_JSON_DOXM_NAME; extern const char * OIC_RSRC_TYPE_SEC_CRED; extern const char * OIC_RSRC_CRED_URI; extern const char * OIC_JSON_CRED_NAME; +extern const char * OIC_JSON_CREDS_NAME; //CRL extern const char * OIC_RSRC_TYPE_SEC_CRL; @@ -79,13 +82,17 @@ extern const char * OIC_RSRC_DPAIRING_URI; extern const char * OIC_JSON_DPAIRING_NAME; extern const char * OIC_JSON_SUBJECT_NAME; +extern const char * OIC_JSON_SUBJECTID_NAME; extern const char * OIC_JSON_RESOURCES_NAME; extern const char * OIC_JSON_AMSS_NAME; +extern const char * OIC_JSON_AMS_NAME; extern const char * OIC_JSON_PERMISSION_NAME; extern const char * OIC_JSON_OWNERS_NAME; extern const char * OIC_JSON_OWNER_NAME; +extern const char * OIC_JSON_DEVOWNERID_NAME; extern const char * OIC_JSON_OWNED_NAME; extern const char * OIC_JSON_OXM_NAME; +extern const char * OIC_JSON_OXMS_NAME; extern const char * OIC_JSON_OXM_TYPE_NAME; extern const char * OIC_JSON_OXM_SEL_NAME; extern const char * OIC_JSON_DEVICE_ID_FORMAT_NAME; @@ -94,6 +101,10 @@ extern const char * OIC_JSON_ROLEIDS_NAME; extern const char * OIC_JSON_CREDTYPE_NAME; extern const char * OIC_JSON_PUBLICDATA_NAME; extern const char * OIC_JSON_PRIVATEDATA_NAME; +extern const char * OIC_JSON_PUBDATA_NAME; +extern const char * OIC_JSON_PRIVDATA_NAME; +extern const char * OIC_JSON_OPTDATA_NAME; +extern const char * OIC_JSON_CRMS_NAME; extern const char * OIC_JSON_PERIOD_NAME; extern const char * OIC_JSON_PERIODS_NAME; extern const char * OIC_JSON_RECURRENCES_NAME; @@ -116,6 +127,14 @@ extern const char * OIC_JSON_ROWNER_NAME; extern const char * OIC_JSON_PRM_NAME; extern const char * OIC_JSON_SPM_NAME; extern const char * OIC_JSON_PDEVICE_ID_NAME; +extern const char * OIC_JSON_RLIST_NAME; +extern const char * OIC_JSON_HREF_NAME; +extern const char * OIC_JSON_RT_NAME; +extern const char * OIC_JSON_IF_NAME; +extern const char * OIC_JSON_ROWNERID_NAME; +extern const char * OIC_JSON_ENCODING_NAME; + +extern const char * OIC_JSON_EMPTY_STRING; extern OicUuid_t WILDCARD_SUBJECT_ID; extern OicUuid_t WILDCARD_SUBJECT_B64_ID; @@ -127,6 +146,9 @@ extern const char * OXM_JUST_WORKS; extern const char * OXM_RANDOM_DEVICE_PIN; extern const char * OXM_MANUFACTURER_CERTIFICATE; +extern const char * OIC_SEC_ENCODING_BASE64; +extern const char * OIC_SEC_ENCODING_BYTESTREAM; + extern const char * OIC_SEC_TRUE; extern const char * OIC_SEC_FALSE; diff --git a/resource/csdk/security/include/securevirtualresourcetypes.h b/resource/csdk/security/include/securevirtualresourcetypes.h index 5022883..fee8d0d 100644 --- a/resource/csdk/security/include/securevirtualresourcetypes.h +++ b/resource/csdk/security/include/securevirtualresourcetypes.h @@ -399,12 +399,13 @@ struct OicSecDoxm //TODO: Need more clarification on deviceIDFormat field type. //OicSecDvcIdFrmt_t deviceIDFormat; // 5:R:S:Y:UINT8 OicUuid_t deviceID; // 6:R:S:Y:oic.uuid - bool dpc; // 7:R:S:Y:Boolean - OicUuid_t owner; // 8:R:S:Y:oic.uuid + bool dpc; // 7:R:S:Y:Boolean + OicUuid_t owner; // 8:R:S:Y:oic.uuid + OicUuid_t rownerID; // 9:R:S:Y:oic.uuid // NOTE: we are using UUID for Owner instead of Svc type for mid-April // SRM version only; this will change to Svc type for full implementation. - //OicSecSvc_t devOwner; // 9:R:S:Y:oic.sec.svc - //OicSecSvc_t rOwner; // 10:R:S:Y:oic.sec.svc + //OicSecSvc_t devOwner; // 10:R:S:Y:oic.sec.svc + //OicSecSvc_t rOwner; // 11:R:S:Y:oic.sec.svc //TODO change Owner type to oic.sec.svc }; @@ -424,6 +425,7 @@ struct OicSecPstat size_t smLen; // the number of elts in Sm OicSecDpom_t *sm; // 5:R:M:Y:oic.sec.dpom uint16_t commitHash; // 6:R:S:Y:oic.sec.sha256 + OicUuid_t rownerID; // 7:R:S:Y:oic.uuid //TODO: this is supposed to be a 256-bit uint; temporarily use uint16_t //TODO: need to decide which 256 bit and 128 bit types to use... boost? }; diff --git a/resource/csdk/security/include/srmutility.h b/resource/csdk/security/include/srmutility.h index 029a41b..4e6c02a 100644 --- a/resource/csdk/security/include/srmutility.h +++ b/resource/csdk/security/include/srmutility.h @@ -113,6 +113,29 @@ OCStackResult AddUuidArray(const cJSON* jsonRoot, const char* arrayItem, */ const char* GetOxmString(OicSecOxm_t oxmType); +/* + * This method converts UUID to canonical format string. + * + * @param uuid Device UUID + * @param strUuid converted UUID in canonical format + * @return OC_STACK_OK for success. + * + * @note Caller needs to invoke OICFree after done using the return pointer + */ +OCStackResult ConvertUuidToStr(const OicUuid_t* uuid, char** strUuid); + + +/* + * This method converts string UUID to OicUuid_t. + * + * @param strUuid Device UUID in string format + * @param uuid converted UUID in OicUuid_t format + * @return OC_STACK_OK for success. + * + */ +OCStackResult ConvertStrToUuid(const char* strUuid, OicUuid_t* uuid); + + #ifdef __cplusplus } #endif // __cplusplus diff --git a/resource/csdk/security/provisioning/SConscript b/resource/csdk/security/provisioning/SConscript index 5558dd0..329aaca 100644 --- a/resource/csdk/security/provisioning/SConscript +++ b/resource/csdk/security/provisioning/SConscript @@ -87,7 +87,7 @@ if target_os == 'android': provisioning_env.AppendUnique(LIBS = ['gnustl_static']) if not env.get('RELEASE'): - provisioning_env.AppendUnique(LIBS = ['log']) + provisioning_env.AppendUnique(CPPDEFINES = ['TB_LOG']) if target_os in ['darwin', 'ios']: provisioning_env.AppendUnique(CPPDEFINES = ['_DARWIN_C_SOURCE']) diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat index bbe13a6..d69de2a 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json index 64b51f0..2b0700c 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_door.json @@ -1,48 +1,85 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/res/d", - "/oic/res/types/d", - "/oic/presence" - ], - "perms": 2, - "ownrs" : [ - "ZG9vckRldmljZVVVSUQwMA==" + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/presence", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/crl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 6 + } ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/crl", - "/oic/sec/cred" - ], - "perms": 6, - "ownrs" : [ - "ZG9vckRldmljZVVVSUQwMA==" - ] - } - ], + "rownerid" : "646F6F72-4465-7669-6365-555549443030" + }, "pstat": { "isop": false, - "deviceid": "ZG9vckRldmljZVVVSUQwMA==", - "ch": 0, + "deviceid": "646F6F72-4465-7669-6365-555549443030", + "rownerid": "646F6F72-4465-7669-6365-555549443030", "cm": 2, "tm": 0, "om": 3, "sm": [3] }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": false, - "deviceid": "ZG9vckRldmljZVVVSUQwMA==", - "dpc": true + "didformat": 0, + "dpc": false, + "deviceid": "646F6F72-4465-7669-6365-555549443030", + "rownerid": "646F6F72-4465-7669-6365-555549443030" } } diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat index 8728afd..48ac833 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json index 96bd2e9..069f6c6 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_light.json @@ -1,48 +1,85 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/res/d", - "/oic/res/types/d", - "/oic/presence" - ], - "perms": 2, - "ownrs" : [ - "bGlnaHREZXZpY2VVVUlEMA==" + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/presence", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/crl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 6 + } ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/crl", - "/oic/sec/cred" - ], - "perms": 6, - "ownrs" : [ - "bGlnaHREZXZpY2VVVUlEMA==" - ] - } - ], + "rownerid" : "6C696768-7444-6576-6963-655555494430" + }, "pstat": { "isop": false, - "deviceid": "bGlnaHREZXZpY2VVVUlEMA==", - "ch": 0, + "deviceid": "6C696768-7444-6576-6963-655555494430", + "rownerid": "6C696768-7444-6576-6963-655555494430", "cm": 2, "tm": 0, "om": 3, "sm": [3] }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": false, - "deviceid": "bGlnaHREZXZpY2VVVUlEMA==", - "dpc": true + "dpc": false, + "didformat": 0, + "deviceid": "6C696768-7444-6576-6963-655555494430", + "rownerid": "6C696768-7444-6576-6963-655555494430" } } diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat index 42622ee..92038b5 100644 Binary files a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat and b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.dat differ diff --git a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json index d05736c..a4677e6 100644 --- a/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json +++ b/resource/csdk/security/provisioning/ck_manager/sample/oic_svr_db_pt.json @@ -1,45 +1,76 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + } , + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 2 + } + ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/cred" - ], - "perms": 7, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] - } - ], + "rownerid" : "61646D69-6E44-6576-6963-655555494430" + }, "pstat": { "isop": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "ch": 0, - "cm": 0, + "cm": 2, "tm": 0, "om": 3, - "sm": [3] + "sm": [3], + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "ownr": "YWRtaW5EZXZpY2VVVUlEMA==", - "dpc": true + "didformat": 0, + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "dpc": false, + "devownerid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" } } diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat index 6a39661..19d6957 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_client.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json index 9e5fa3a..34243c3 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_client.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_client.json @@ -1,44 +1,81 @@ -{ - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] - } - ], - "pstat": { - "isop": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "ch": 0, - "cm": 0, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "dpc": false, - "ownr": "YWRtaW5EZXZpY2VVVUlEMA==" - } -} +{ + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/amacl", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + } , + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 2 + } + ] + }, + "rownerid" : "61646D69-6E44-6576-6963-655575696430" + }, + "pstat": { + "isop": true, + "cm": 2, + "tm": 0, + "om": 3, + "sm": [3], + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "didformat": 0, + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "dpc": false, + "devownerid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" + } +} diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.dat index a02c199..3a36c78 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.json b/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.json old mode 100755 new mode 100644 index 7172a01..aaea321 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_prov_tool.json @@ -1,44 +1,86 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlE"] + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + } , + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 7 + } + ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/cred" - ], - "perms": 7, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlE"] - } - ], + "rownerid" : "61646D69-6E44-6576-6963-655575696430" + }, "pstat": { "isop": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlE", - "ch": 0, - "cm": 0, + "cm": 2, "tm": 0, "om": 3, - "sm": [3] + "sm": [3], + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlE", - "ownr": "YWRtaW5EZXZpY2VVVUlE" + "didformat": 0, + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "dpc": false, + "devownerid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" } } diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat index 7e569f1..6df2664 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json index 459f269..728d8ac 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_justworks.json @@ -1,58 +1,97 @@ -{ - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/res/d", - "/oic/res/types/d", - "/oic/presence" - ], - "perms": 2, - "ownrs" : [ - "anVzdHdvcmtzRGV2VVVJRA==" - ] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/cred" - ], - "perms": 6, - "ownrs" : [ - "anVzdHdvcmtzRGV2VVVJRA==" - ] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/pconf", - "/oic/sec/dpairing" - ], - "perms": 6, - "ownrs" : [ - "anVzdHdvcmtzRGV2VVVJRA==" - ] - } - ], - "pstat": { - "isop": false, - "deviceid": "anVzdHdvcmtzRGV2VVVJRA==", - "ch": 0, - "cm": 2, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": false, - "deviceid": "anVzdHdvcmtzRGV2VVVJRA==", - "dpc": true - } -} +{ + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/presence", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 6 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/pconf", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/dpairing", + "rt": "", + "if": "" + } + ], + "permission": 6 + } + ] + }, + "rownerid" : "6A757374-776F-726B-4465-765575696430" + }, + "pstat": { + "isop": false, + "deviceid": "6A757374-776F-726B-4465-765575696430", + "rownerid": "6A757374-776F-726B-4465-765575696430", + "cm": 2, + "tm": 0, + "om": 3, + "sm": [3] + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": false, + "didformat": 0, + "deviceid": "6A757374-776F-726B-4465-765575696430", + "devownerid": "", + "rownerid": "6A757374-776F-726B-4465-765575696430", + "dpc": true + } +} \ No newline at end of file diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat index 3ce3d98..76addbc 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json index 6cbe777..bf97781 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_server_randompin.json @@ -1,58 +1,97 @@ -{ - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/res/d", - "/oic/res/types/d", - "/oic/presence" - ], - "perms": 2, - "ownrs" : [ - "cmFuZG9tUGluRGV2VVVJRA==" - ] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/cred" - ], - "perms": 6, - "ownrs" : [ - "cmFuZG9tUGluRGV2VVVJRA==" - ] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/pconf", - "/oic/sec/dpairing" - ], - "perms": 6, - "ownrs" : [ - "cmFuZG9tUGluRGV2VVVJRA==" - ] - } - ], - "pstat": { - "isop": false, - "deviceid": "cmFuZG9tUGluRGV2VVVJRA==", - "ch": 0, - "cm": 2, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0,1], - "oxmsel": 0, - "sct": 1, - "owned": false, - "deviceid": "cmFuZG9tUGluRGV2VVVJRA==", - "dpc": true - } -} +{ + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/presence", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 6 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/pconf", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/dpairing", + "rt": "", + "if": "" + } + ], + "permission": 6 + } + ] + }, + "rownerid" : "72616E64-5069-6E44-6576-557569643030" + }, + "pstat": { + "isop": false, + "deviceid": "72616E64-5069-6E44-6576-557569643030", + "rownerid": "72616E64-5069-6E44-6576-557569643030", + "cm": 2, + "tm": 0, + "om": 3, + "sm": [3] + }, + "doxm": { + "oxms": [0,1], + "oxmsel": 0, + "sct": 1, + "owned": false, + "didformat": 0, + "deviceid": "72616E64-5069-6E44-6576-557569643030", + "devownerid": "", + "rownerid": "72616E64-5069-6E44-6576-557569643030", + "dpc": true + } +} \ No newline at end of file diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.dat b/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.dat index bb175dc..9026e4e 100644 Binary files a/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.dat and b/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.dat differ diff --git a/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.json b/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.json index fa804dd..5638270 100644 --- a/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.json +++ b/resource/csdk/security/provisioning/sample/oic_svr_db_unowned_server.json @@ -1,44 +1,85 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/acl", - "/oic/sec/svc", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/svc", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/amacl", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 6 + } + ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 6, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] - } - ], + "rownerid" : "31313131-3131-3131-3131-313131313131" + }, "pstat": { "isop": false, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 0, - "cm": 0, + "deviceid": "756E6B6E-6F77-6564-4465-766963654964", + "rownerid": "756E6B6E-6F77-6564-4465-7669636549640", + "cm": 2, "tm": 0, "om": 3, "sm": [3] }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": false, - "deviceid": "MTExMTExMTExMTExMTExMQ==" + "didformat": 0, + "deviceid": "756E6B6E-6F77-6564-4465-766963654964", + "rownerid": "756E6B6E-6F77-6564-4465-766963654964", + "dpc": true } } diff --git a/resource/csdk/security/src/aclresource.c b/resource/csdk/security/src/aclresource.c index 745c533..c2dfb9d 100644 --- a/resource/csdk/security/src/aclresource.c +++ b/resource/csdk/security/src/aclresource.c @@ -46,8 +46,14 @@ #define NUMBER_OF_SEC_PROV_RSCS 4 #define NUMBER_OF_DEFAULT_SEC_RSCS 2 +static const uint8_t ACL_MAP_SIZE = 2; +static const uint8_t ACL_ACLIST_MAP_SIZE = 1; +static const uint8_t ACL_ACES_MAP_SIZE = 3; +static const uint8_t ACL_RESOURCE_MAP_SIZE = 3; + + // CborSize is the default cbor payload size being used. -static uint64_t CborSize = 255; +static const uint16_t CBOR_SIZE = 2048; static OicSecAcl_t *gAcl = NULL; static OCResourceHandle gAclHandle = NULL; @@ -130,36 +136,59 @@ static size_t OicSecAclSize(const OicSecAcl_t *secAcl) OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, size_t *size) { - OCStackResult ret = OC_STACK_INVALID_PARAM; - int64_t cborEncoderResult = CborNoError; + if (NULL == secAcl || NULL == payload || NULL != *payload || NULL == size) + { + return OC_STACK_INVALID_PARAM; + } + + OCStackResult ret = OC_STACK_ERROR; + CborError cborEncoderResult = CborNoError; + OicSecAcl_t *acl = (OicSecAcl_t *)secAcl; + CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; + CborEncoder aclMap = { {.ptr = NULL }, .end = 0 }; + CborEncoder aclListMap = { {.ptr = NULL }, .end = 0 }; + CborEncoder acesArray = { {.ptr = NULL }, .end = 0 }; uint8_t *outPayload = NULL; size_t cborLen = *size; *size = 0; *payload = NULL; - OicSecAcl_t *acl = (OicSecAcl_t *)secAcl; - CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; - CborEncoder oicSecAclArray = { {.ptr = NULL }, .end = 0 }; - - VERIFY_NON_NULL(TAG, secAcl, ERROR); if (cborLen == 0) { - cborLen = CborSize; + cborLen = CBOR_SIZE; } outPayload = (uint8_t *)OICCalloc(1, cborLen); VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - // Create ACL Array - cborEncoderResult |= cbor_encoder_create_array(&encoder, &oicSecAclArray, OicSecAclSize(secAcl)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACL Array."); + // Create ACL Map (aclist, rownerid) + cborEncoderResult = cbor_encoder_create_map(&encoder, &aclMap, ACL_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACL Map."); + + cborEncoderResult = cbor_encode_text_string(&aclMap, OIC_JSON_ACLIST_NAME, + strlen(OIC_JSON_ACLIST_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding aclist Name Tag."); + + // Create ACLIST Map (aces) + cborEncoderResult = cbor_encoder_create_map(&aclMap, &aclListMap, ACL_ACLIST_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACLIST Map."); + + cborEncoderResult = cbor_encode_text_string(&aclListMap, OIC_JSON_ACES_NAME, + strlen(OIC_JSON_ACES_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ACES Name Tag."); + + // Create ACES Array + cborEncoderResult = cbor_encoder_create_array(&aclListMap, &acesArray, OicSecAclSize(secAcl)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACES Array."); while (acl) { CborEncoder oicSecAclMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; // ACL Map size - Number of mandatory items - uint8_t aclMapSize = 4; + uint8_t aclMapSize = ACL_ACES_MAP_SIZE; + size_t inLen = 0; + // Create ACL Map if (acl->periods) { @@ -169,59 +198,109 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz { ++aclMapSize; } - cborEncoderResult |= cbor_encoder_create_map(&oicSecAclArray, &oicSecAclMap, aclMapSize); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACL Map"); + + cborEncoderResult = cbor_encoder_create_map(&acesArray, &oicSecAclMap, aclMapSize); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating ACES Map"); // Subject -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_SUBJECT_NAME, + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_SUBJECT_NAME, strlen(OIC_JSON_SUBJECT_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Subject Name Tag."); - size_t inLen = (memcmp(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ? + inLen = (memcmp(&(acl->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ? WILDCARD_SUBJECT_ID_LEN : sizeof(OicUuid_t); - cborEncoderResult |= cbor_encode_byte_string(&oicSecAclMap, (uint8_t *)acl->subject.id, inLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id Value."); + if(inLen == WILDCARD_SUBJECT_ID_LEN) + { + char *subject = NULL; + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, WILDCARD_RESOURCE_URI, + strlen(WILDCARD_RESOURCE_URI)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id wildcard Value."); + } + else + { + char *subject = NULL; + ret = ConvertUuidToStr(&acl->subject, &subject); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, subject, strlen(subject)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id Value."); + OICFree(subject); + } // Resources { - CborEncoder resources; - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RESOURCES_NAME, + CborEncoder resources = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RESOURCES_NAME, strlen(OIC_JSON_RESOURCES_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Tag."); - cborEncoderResult |= cbor_encoder_create_array(&oicSecAclMap, &resources, acl->resourcesLen); + + cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &resources, acl->resourcesLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Array."); + for (size_t i = 0; i < acl->resourcesLen; i++) { - cborEncoderResult |= cbor_encode_text_string(&resources, acl->resources[i], - strlen(acl->resources[i])); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Resource Name Array Value."); + + CborEncoder rMap = { {.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, ACL_RESOURCE_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME, + strlen(OIC_JSON_HREF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag."); + cborEncoderResult = cbor_encode_text_string(&rMap, acl->resources[i], + strlen(acl->resources[i])); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME, + strlen(OIC_JSON_RT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag."); + + // TODO : Need to assign real value of RT + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME, + strlen(OIC_JSON_IF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag."); + + // TODO : Need to assign real value of IF + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value."); + + + cborEncoderResult = cbor_encoder_close_container(&resources, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map."); + } - cborEncoderResult |= cbor_encoder_close_container(&oicSecAclMap, &resources); + cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &resources); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Name Array."); } + // Permissions -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERMISSION_NAME, + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERMISSION_NAME, strlen(OIC_JSON_PERMISSION_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Tag."); - cborEncoderResult |= cbor_encode_int(&oicSecAclMap, acl->permission); + cborEncoderResult = cbor_encode_int(&oicSecAclMap, acl->permission); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Permission Name Value."); // Period -- Not Mandatory if (acl->periods) { + CborEncoder period; - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERIODS_NAME, - strlen(OIC_JSON_PERIODS_NAME)); + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_PERIOD_NAME, + strlen(OIC_JSON_PERIOD_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Tag."); - cborEncoderResult |= cbor_encoder_create_array(&oicSecAclMap, &period, acl->prdRecrLen); + cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &period, acl->prdRecrLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Array."); for (size_t i = 0; i < acl->prdRecrLen; i++) { - cborEncoderResult |= cbor_encode_text_string(&period, acl->periods[i], + cborEncoderResult = cbor_encode_text_string(&period, acl->periods[i], strlen(acl->periods[i])); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Value in Array."); } - cborEncoderResult |= cbor_encoder_close_container(&oicSecAclMap, &period); + cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &period); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Period Array."); } @@ -229,46 +308,67 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz if (acl->recurrences) { CborEncoder recurrences; - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RECURRENCES_NAME, + cborEncoderResult = cbor_encode_text_string(&oicSecAclMap, OIC_JSON_RECURRENCES_NAME, strlen(OIC_JSON_RECURRENCES_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Tag."); - cborEncoderResult |= cbor_encoder_create_array(&oicSecAclMap, &recurrences, acl->prdRecrLen); + cborEncoderResult = cbor_encoder_create_array(&oicSecAclMap, &recurrences, acl->prdRecrLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array."); for (size_t i = 0; i < acl->prdRecrLen; i++) { - cborEncoderResult |= cbor_encode_text_string(&recurrences, acl->recurrences[i], + cborEncoderResult = cbor_encode_text_string(&recurrences, acl->recurrences[i], strlen(acl->recurrences[i])); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Recurrence Array Value."); } - cborEncoderResult |= cbor_encoder_close_container(&oicSecAclMap, &recurrences); + cborEncoderResult = cbor_encoder_close_container(&oicSecAclMap, &recurrences); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Recurrence Array"); - } - cborEncoderResult |= cbor_encode_text_string(&oicSecAclMap, OIC_JSON_OWNERS_NAME, - strlen(OIC_JSON_OWNERS_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Name."); - CborEncoder owners; - cborEncoderResult |= cbor_encoder_create_array(&oicSecAclMap, &owners, acl->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Array."); - for (size_t i = 0; i < acl->ownersLen; i++) - { - cborEncoderResult |= cbor_encode_byte_string(&owners, (uint8_t *)acl->owners[i].id, - sizeof(acl->owners[i].id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Array Value."); } - cborEncoderResult |= cbor_encoder_close_container(&oicSecAclMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Owner Array."); - cborEncoderResult |= cbor_encoder_close_container(&oicSecAclArray, &oicSecAclMap); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACL Map."); + cborEncoderResult = cbor_encoder_close_container(&acesArray, &oicSecAclMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACES Map."); acl = acl->next; } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &oicSecAclArray); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACL Array."); + + + + // Close ACES Array + cborEncoderResult = cbor_encoder_close_container(&aclListMap, &acesArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACES Array."); + + + + // Close ACLIST Map + cborEncoderResult = cbor_encoder_close_container(&aclMap, &aclListMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACLIST Map."); + + + + // TODO : Need to modify acl->owners[0] to acl->rownerid based on RAML spec. + acl = (OicSecAcl_t *)secAcl; + // Rownerid + if(acl->owners && acl->ownersLen > 0) + { + cborEncoderResult = cbor_encode_text_string(&aclMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding rownerid Name."); + + char *rowner = NULL; + ret = ConvertUuidToStr(&acl->owners[0], &rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&aclMap, rowner, strlen(rowner)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding rownerid Value."); + OICFree(rowner); + } + + // Close ACL Map + cborEncoderResult = cbor_encoder_close_container(&encoder, &aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing ACL Map."); + if (CborNoError == cborEncoderResult) { + OIC_LOG(DEBUG, TAG, "AclToCBORPayload Successed"); *size = encoder.ptr - outPayload; *payload = outPayload; ret = OC_STACK_OK; @@ -276,24 +376,23 @@ OCStackResult AclToCBORPayload(const OicSecAcl_t *secAcl, uint8_t **payload, siz exit: if (CborErrorOutOfMemory == cborEncoderResult) { + OIC_LOG(DEBUG, TAG, "AclToCBORPayload:CborErrorOutOfMemory : retry with more memory"); + // reallocate and try again! OICFree(outPayload); // Since the allocated initial memory failed, double the memory. cborLen += encoder.ptr - encoder.end; cborEncoderResult = CborNoError; - if (OC_STACK_OK == AclToCBORPayload(secAcl, &outPayload, &cborLen)) - { - *size = cborLen; - *payload = outPayload; - ret = OC_STACK_OK; - } + ret = AclToCBORPayload(secAcl, payload, &cborLen); + *size = cborLen; } - - if (cborEncoderResult != CborNoError) + else if (cborEncoderResult != CborNoError) { + OIC_LOG(ERROR, TAG, "Failed to AclToCBORPayload"); OICFree(outPayload); outPayload = NULL; *size = 0; + *payload = NULL; ret = OC_STACK_ERROR; } @@ -309,175 +408,297 @@ OicSecAcl_t* CBORPayloadToAcl(const uint8_t *cborPayload, const size_t size) { return NULL; } - + OCStackResult ret = OC_STACK_ERROR; CborValue aclCbor = { .parser = NULL }; CborParser parser = { .end = NULL }; CborError cborFindResult = CborNoError; cbor_parser_init(cborPayload, size, 0, &parser, &aclCbor); - OicSecAcl_t *headAcl = NULL; + OicSecAcl_t *headAcl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t)); - CborValue aclArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; - cborFindResult = cbor_value_enter_container(&aclCbor, &aclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Array."); + // Enter ACL Map + CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&aclCbor, &aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Map."); - while (cbor_value_is_valid(&aclArray)) + while (cbor_value_is_valid(&aclMap)) { - CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; - cborFindResult = cbor_value_enter_container(&aclArray, &aclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Map."); - - OicSecAcl_t *acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t)); - VERIFY_NON_NULL(TAG, acl, ERROR); - - while (cbor_value_is_valid(&aclMap)) + char* tagName = NULL; + size_t len = 0; + CborType type = cbor_value_get_type(&aclMap); + if (type == CborTextStringType) { - char* name = NULL; - size_t len = 0; - CborType type = cbor_value_get_type(&aclMap); - if (type == CborTextStringType) - { - cborFindResult = cbor_value_dup_text_string(&aclMap, &name, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map."); - cborFindResult = cbor_value_advance(&aclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACL Map."); - } - if (name) + cborFindResult = cbor_value_dup_text_string(&aclMap, &tagName, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map."); + cborFindResult = cbor_value_advance(&aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACL Map."); + } + if(tagName) + { + if (strcmp(tagName, OIC_JSON_ACLIST_NAME) == 0) { - // Subject -- Mandatory - if (strcmp(name, OIC_JSON_SUBJECT_NAME) == 0) - { - uint8_t *subjectId = NULL; - cborFindResult = cbor_value_dup_byte_string(&aclMap, &subjectId, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Subject Name Value."); - memcpy(acl->subject.id, subjectId, len); - OICFree(subjectId); - } + // Enter ACLIST Map + CborValue aclistMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&aclMap, &aclistMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACLIST Map."); - // Resources -- Mandatory - if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0) - { - CborValue resources = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&aclMap, &acl->resourcesLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Rec Array Len Value."); - cborFindResult = cbor_value_enter_container(&aclMap, &resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering a Rec Array."); - - acl->resources = (char **) OICMalloc(acl->resourcesLen * sizeof(char*)); - VERIFY_NON_NULL(TAG, acl->resources, ERROR); - int i = 0; - while (cbor_value_is_text_string(&resources)) - { - cborFindResult = cbor_value_dup_text_string(&resources, &acl->resources[i++], - &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Rec Array Value."); - cborFindResult = cbor_value_advance(&resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Rec Array Advance."); - } - } - // Permissions -- Mandatory - if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0) + while (cbor_value_is_valid(&aclistMap)) { - cborFindResult = cbor_value_get_uint64(&aclMap, (uint64_t *) &acl->permission); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a PERM Value."); - } - - // Period -- Not mandatory - if (strcmp(name, OIC_JSON_PERIODS_NAME) == 0) - { - CborValue period = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&aclMap, &acl->prdRecrLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Len."); - cborFindResult = cbor_value_enter_container(&aclMap, &period); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Map."); - acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*)); - VERIFY_NON_NULL(TAG, acl->periods, ERROR); - int i = 0; - while (cbor_value_is_text_string(&period)) + char* acName = NULL; + size_t acLen = 0; + CborType acType = cbor_value_get_type(&aclistMap); + if (acType == CborTextStringType) { - cborFindResult = cbor_value_dup_text_string(&period, &acl->periods[i++], - &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Value."); - cborFindResult = cbor_value_advance(&period); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a Period Array."); + cborFindResult = cbor_value_dup_text_string(&aclistMap, &acName, &acLen, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACLIST Map."); + cborFindResult = cbor_value_advance(&aclistMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACLIST Map."); } - } - - // Recurrence -- Not mandatory - if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0) - { - CborValue recurrences = { .parser = NULL }; - cborFindResult = cbor_value_enter_container(&aclMap, &recurrences); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array."); - acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*)); - VERIFY_NON_NULL(TAG, acl->recurrences, ERROR); - int i = 0; - while (cbor_value_is_text_string(&recurrences)) + if(acName) { - cborFindResult = cbor_value_dup_text_string(&recurrences, - &acl->recurrences[i++], &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array Value."); - cborFindResult = cbor_value_advance(&recurrences); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Closing Recurrence Array."); + if (strcmp(acName, OIC_JSON_ACES_NAME) == 0) + { + + // Enter ACES Array + CborValue aclArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&aclistMap, &aclArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Array."); + + int acesCount = 0; + while (cbor_value_is_valid(&aclArray)) + { + acesCount++; + + CborValue aclMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&aclArray, &aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering ACL Map."); + OicSecAcl_t *acl = NULL; + + if(acesCount == 1) + { + acl = headAcl; + } + else + { + acl = (OicSecAcl_t *) OICCalloc(1, sizeof(OicSecAcl_t)); + OicSecAcl_t *temp = headAcl; + while (temp->next) + { + temp = temp->next; + } + temp->next = acl; + } + VERIFY_NON_NULL(TAG, acl, ERROR); + + while (cbor_value_is_valid(&aclMap)) + { + char* name = NULL; + size_t len = 0; + CborType type = cbor_value_get_type(&aclMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&aclMap, &name, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in ACL Map."); + cborFindResult = cbor_value_advance(&aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in ACL Map."); + } + if (name) + { + // Subject -- Mandatory + if (strcmp(name, OIC_JSON_SUBJECT_NAME) == 0) + { + char *subject = NULL; + cborFindResult = cbor_value_dup_text_string(&aclMap, &subject, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding subject Value."); + if(strcmp(subject, WILDCARD_RESOURCE_URI) == 0) + { + acl->subject.id[0] = '*'; + } + else + { + ret = ConvertStrToUuid(subject, &acl->subject); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + } + OICFree(subject); + } + + // Resources -- Mandatory + if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0) + { + CborValue resources = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&aclMap, &acl->resourcesLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Resource Array Len Value."); + cborFindResult = cbor_value_enter_container(&aclMap, &resources); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering a Resource Array."); + + acl->resources = (char **) OICMalloc(acl->resourcesLen * sizeof(char*)); + VERIFY_NON_NULL(TAG, acl->resources, ERROR); + int i = 0; + while (cbor_value_is_valid(&resources)) + { + // rMap + CborValue rMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&resources, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map"); + + + while(cbor_value_is_valid(&rMap)) + { + char *rMapName = NULL; + size_t rMapNameLen = 0; + cborFindResult = cbor_value_dup_text_string(&rMap, &rMapName, &rMapNameLen, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Name Tag."); + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Value."); + + // "href" + if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAcl_t based on RAML spec. + cborFindResult = cbor_value_dup_text_string(&rMap, &acl->resources[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value."); + } + + // "rt" + if (0 == strcmp(OIC_JSON_RT_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec. + char *rtData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value."); + OICFree(rtData); + } + + // "if" + if (0 == strcmp(OIC_JSON_IF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAcl_t and assign based on RAML spec. + char *ifData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value."); + OICFree(ifData); + } + + if (cbor_value_is_valid(&rMap)) + { + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Rlist Map."); + } + OICFree(rMapName); + } + + if (cbor_value_is_valid(&resources)) + { + cborFindResult = cbor_value_advance(&resources); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Resource Array."); + } + } + } + + // Permissions -- Mandatory + if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0) + { + cborFindResult = cbor_value_get_uint64(&aclMap, (uint64_t *) &acl->permission); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a PERM Value."); + } + + // Period -- Not mandatory + if (strcmp(name, OIC_JSON_PERIOD_NAME) == 0) + { + CborValue period = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&aclMap, &acl->prdRecrLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Len."); + cborFindResult = cbor_value_enter_container(&aclMap, &period); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Map."); + acl->periods = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*)); + VERIFY_NON_NULL(TAG, acl->periods, ERROR); + int i = 0; + while (cbor_value_is_text_string(&period)) + { + cborFindResult = cbor_value_dup_text_string(&period, &acl->periods[i++], + &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding a Period Array Value."); + cborFindResult = cbor_value_advance(&period); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a Period Array."); + } + } + + // Recurrence -- Not mandatory + if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0) + { + CborValue recurrences = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&aclMap, &recurrences); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array."); + acl->recurrences = (char**)OICCalloc(acl->prdRecrLen, sizeof(char*)); + VERIFY_NON_NULL(TAG, acl->recurrences, ERROR); + int i = 0; + while (cbor_value_is_text_string(&recurrences)) + { + cborFindResult = cbor_value_dup_text_string(&recurrences, + &acl->recurrences[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Recurrence Array Value."); + cborFindResult = cbor_value_advance(&recurrences); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Closing Recurrence Array."); + } + } + + OICFree(name); + } + + if (type != CborMapType && cbor_value_is_valid(&aclMap)) + { + cborFindResult = cbor_value_advance(&aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing the Array."); + } + } + + acl->next = NULL; + + if (cbor_value_is_valid(&aclArray)) + { + cborFindResult = cbor_value_advance(&aclArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACL Array."); + } + } + } + OICFree(acName); } - } - // Owners -- Mandatory - if (strcmp(name, OIC_JSON_OWNERS_NAME) == 0) - { - CborValue owners = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&aclMap, &acl->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Getting Owner Array Len."); - cborFindResult = cbor_value_enter_container(&aclMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Owner Array."); - int i = 0; - acl->owners = (OicUuid_t *)OICMalloc(acl->ownersLen * sizeof(OicUuid_t)); - VERIFY_NON_NULL(TAG, acl->owners, ERROR); - while (cbor_value_is_valid(&owners)) + if (cbor_value_is_valid(&aclistMap)) { - uint8_t *owner = NULL; - cborFindResult = cbor_value_dup_byte_string(&owners, &owner, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Owner Array Value."); - cborFindResult = cbor_value_advance(&owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Owners Array."); - memcpy(acl->owners[i++].id, owner, len); - OICFree(owner); + cborFindResult = cbor_value_advance(&aclistMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACLIST Map."); } } - OICFree(name); - } - if (type != CborMapType && cbor_value_is_valid(&aclMap)) - { - cborFindResult = cbor_value_advance(&aclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing the Array."); } - } - acl->next = NULL; - if (headAcl == NULL) - { - headAcl = acl; - } - else - { - OicSecAcl_t *temp = headAcl; - while (temp->next) + // TODO : Need to modify headAcl->owners[0].id to headAcl->rowner based on RAML spec. + if (strcmp(tagName, OIC_JSON_ROWNERID_NAME) == 0) { - temp = temp->next; + char *stRowner = NULL; + cborFindResult = cbor_value_dup_text_string(&aclMap, &stRowner, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rownerid Value."); + headAcl->ownersLen = 1; + headAcl->owners = (OicUuid_t *)OICCalloc(headAcl->ownersLen, sizeof(*headAcl->owners)); + VERIFY_NON_NULL(TAG, headAcl->owners, ERROR); + ret = ConvertStrToUuid(stRowner, &headAcl->owners[0]); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(stRowner); } - temp->next = acl; + OICFree(tagName); } - if (cbor_value_is_valid(&aclArray)) + if (cbor_value_is_valid(&aclMap)) { - cborFindResult = cbor_value_advance(&aclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACL Array."); + cborFindResult = cbor_value_advance(&aclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing ACL Map."); } } exit: if (cborFindResult != CborNoError) { + OIC_LOG(ERROR, TAG, "Failed to CBORPayloadToAcl"); DeleteACLList(headAcl); headAcl = NULL; } diff --git a/resource/csdk/security/src/amaclresource.c b/resource/csdk/security/src/amaclresource.c index 60c87f5..cff8272 100644 --- a/resource/csdk/security/src/amaclresource.c +++ b/resource/csdk/security/src/amaclresource.c @@ -34,13 +34,15 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching belox max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 1024; /* Max cbor size payload. */ static const uint16_t CBOR_MAX_SIZE = 4400; /** AMACL Map size - Number of mandatory items. */ static const uint8_t AMACL_MAP_SIZE = 3; +static const uint8_t AMACL_RSRC_MAP_SIZE = 1; +static const uint8_t AMACL_RLIST_MAP_SIZE = 3; static OicSecAmacl_t *gAmacl = NULL; static OCResourceHandle gAmaclHandle = NULL; @@ -102,85 +104,115 @@ OCStackResult AmaclToCBORPayload(const OicSecAmacl_t *amaclS, uint8_t **cborPayl *cborPayload = NULL; CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; - CborEncoder amaclArray = { {.ptr = NULL }, .end = 0 }; + CborEncoder amaclMap = { {.ptr = NULL }, .end = 0 }; int64_t cborEncoderResult = CborNoError; + CborEncoder rsrcMap = { {.ptr = NULL }, .end = 0 }; + CborEncoder rlistArray = { {.ptr = NULL }, .end = 0 }; + CborEncoder amss = { {.ptr = NULL }, .end = 0 }; + char *stRowner = NULL; const OicSecAmacl_t *amacl = amaclS; uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen); VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - // Create AMACL Array - cborEncoderResult |= cbor_encoder_create_array(&encoder, &amaclArray, OicSecAmaclCount(amacl)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMACL Array."); + // Create AMACL Map + cborEncoderResult = cbor_encoder_create_map(&encoder, &amaclMap, AMACL_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMACL Map."); - while (amacl) + // resources -- Mandatory + cborEncoderResult = cbor_encode_text_string(&amaclMap, OIC_JSON_RESOURCES_NAME, + strlen(OIC_JSON_RESOURCES_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Name Tag."); + + cborEncoderResult = cbor_encoder_create_map(&amaclMap, &rsrcMap, AMACL_RSRC_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map."); + + + cborEncoderResult = cbor_encode_text_string(&rsrcMap, OIC_JSON_RLIST_NAME, + strlen(OIC_JSON_RLIST_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RLIST Name Tag."); + + // TODO : Need to input array length by OicSecAmacl_t->resources->rlistLen based on spec. + cborEncoderResult = cbor_encoder_create_array(&rsrcMap, &rlistArray, amacl->resourcesLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RLIST Array."); + + // TODO : Need to add OicSecAmacl_t->rlist as array rMap based on RAML spec. + for (size_t i = 0; i < amacl->resourcesLen; i++) { - CborEncoder amaclMap = { {.ptr = NULL }, .end = 0 }; - cborEncoderResult |= cbor_encoder_create_map(&amaclArray, &amaclMap, AMACL_MAP_SIZE); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMACL MAP."); + // TODO : Need to create rMap structure based on RAML spec. + CborEncoder rMap = { {.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encoder_create_map(&rlistArray, &rMap, AMACL_RLIST_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RLIST Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME, + strlen(OIC_JSON_HREF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag."); + cborEncoderResult = cbor_encode_text_string(&rMap, amacl->resources[i], + strlen(amacl->resources[i])); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME, + strlen(OIC_JSON_RT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag."); + + // TODO : Need to assign real value of RT + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME, + strlen(OIC_JSON_IF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag."); + + // TODO : Need to assign real value of IF + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value."); + + cborEncoderResult = cbor_encoder_close_container(&rlistArray, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing RLIST Array."); + } - // Resources -- Mandatory - { - CborEncoder resources = { {.ptr = NULL }, .end = 0}; - cborEncoderResult |= cbor_encode_text_string(&amaclMap, OIC_JSON_RESOURCES_NAME, - strlen(OIC_JSON_RESOURCES_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Name Tag."); - cborEncoderResult |= cbor_encoder_create_array(&amaclMap, &resources, amacl->resourcesLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Name Array."); + cborEncoderResult = cbor_encoder_close_container(&rsrcMap, &rlistArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing RLIST Array."); - for (size_t i = 0; i < amacl->resourcesLen; i++) - { - cborEncoderResult |= cbor_encode_text_string(&resources, amacl->resources[i], - strlen(amacl->resources[i])); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Name Value in Array."); - } - cborEncoderResult |= cbor_encoder_close_container(&amaclMap, &resources); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Name "); - } - // Amss -- Mandatory - { - CborEncoder amss = { {.ptr = NULL }, .end = 0 }; - cborEncoderResult |= cbor_encode_text_string(&amaclMap, OIC_JSON_AMSS_NAME, - strlen(OIC_JSON_AMSS_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMSS Name Tag."); - cborEncoderResult |= cbor_encoder_create_array(&amaclMap, &amss, amacl->amssLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMSS Name Array."); - for (size_t i = 0; i < amacl->amssLen; i++) - { - cborEncoderResult |= cbor_encode_byte_string(&amss, amacl->amss[i].id, - sizeof(amacl->amss[i].id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMSS Name Value."); - } - cborEncoderResult |= cbor_encoder_close_container(&amaclMap, &amss); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing AMSS Array."); - } - // Owners -- Mandatory - { - cborEncoderResult |= cbor_encode_text_string(&amaclMap, OIC_JSON_OWNERS_NAME, - strlen(OIC_JSON_OWNERS_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Owners Array Tag."); - CborEncoder owners = { {.ptr = NULL }, .end = 0}; - cborEncoderResult |= cbor_encoder_create_array(&amaclMap, &owners, amacl->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Owners Array."); - - for (size_t i = 0; i < amacl->ownersLen; i++) - { - cborEncoderResult |= cbor_encode_byte_string(&owners, (uint8_t *)amacl->owners[i].id, - sizeof(amacl->owners[i].id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Owners Array Value."); - } - cborEncoderResult |= cbor_encoder_close_container(&amaclMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Owners Array."); - } - cborEncoderResult |= cbor_encoder_close_container(&amaclArray, &amaclMap); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing AMACL Map."); + cborEncoderResult = cbor_encoder_close_container(&amaclMap, &rsrcMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map."); - amacl = amacl->next; + // TODO : Need to modify type of OicSecAmacl_t->amss based on RAML spec. + // ams -- Mandatory + cborEncoderResult = cbor_encode_text_string(&amaclMap, OIC_JSON_AMS_NAME, + strlen(OIC_JSON_AMS_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMSS Name Tag."); + + cborEncoderResult = cbor_encoder_create_array(&amaclMap, &amss, amacl->amssLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMS Name Array."); + for (size_t i = 0; i < amacl->amssLen; i++) + { + cborEncoderResult = cbor_encode_text_string(&amss, (const char *)amacl->amss[i].id, + sizeof(amacl->amss[i].id)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding AMS Name Value."); } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &amaclArray); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Amacl Array."); + cborEncoderResult = cbor_encoder_close_container(&amaclMap, &amss); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing AMSS Array."); + + // TODO : Need to check owner property in the RAML spec. + // rowner + cborEncoderResult = cbor_encode_text_string(&amaclMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding ROwnerID Name Tag."); + + // TODO : Need to modify amacl->owners[0] to amacl->rownerid based on RAML spec. + ret = ConvertUuidToStr(&amacl->owners[0], &stRowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&amaclMap, stRowner, strlen(stRowner)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding ROwner Value."); + OICFree(stRowner); + + cborEncoderResult = cbor_encoder_close_container(&encoder, &amaclMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Amacl Map."); if (CborNoError == cborEncoderResult) { @@ -206,7 +238,7 @@ exit: } } - if (CborNoError != cborEncoderResult) + if (CborNoError != cborEncoderResult || ret != OC_STACK_OK) { OICFree(outPayload); outPayload = NULL; @@ -240,128 +272,177 @@ OCStackResult CBORPayloadToAmacl(const uint8_t *cborPayload, size_t size, } cbor_parser_init(cborPayload, cborLen, 0, &parser, &amaclCbor); - OicSecAmacl_t *headAmacl = NULL; + OicSecAmacl_t *headAmacl = (OicSecAmacl_t *)OICCalloc(1, sizeof(OicSecAmacl_t)); - CborValue amaclArray = { .parser = NULL }; - cborFindResult = cbor_value_enter_container(&amaclCbor, &amaclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Array."); + CborValue amaclMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&amaclCbor, &amaclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Map."); - while (cbor_value_is_valid(&amaclArray)) + while(cbor_value_is_valid(&amaclMap)) { - CborValue amaclMap = { .parser = NULL }; - cborFindResult = cbor_value_enter_container(&amaclArray, &amaclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Map."); + char *name = NULL; + size_t len = 0; + cborFindResult = cbor_value_dup_text_string(&amaclMap, &name, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Amacl Data Name Tag."); + cborFindResult = cbor_value_advance(&amaclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Amacl Data Value."); - OicSecAmacl_t *amacl = (OicSecAmacl_t *) OICCalloc(1, sizeof(*amacl)); - VERIFY_NON_NULL(TAG, amacl, ERROR); + //CborType type = cbor_value_get_type(&amaclMap); - while (cbor_value_is_valid(&amaclMap)) + // Resources -- Mandatory + if (0 == strcmp(OIC_JSON_RESOURCES_NAME, name)) { - char *name = NULL; - size_t len = 0; - cborFindResult = cbor_value_dup_text_string(&amaclMap, &name, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Name."); - cborFindResult = cbor_value_advance(&amaclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Advance."); - - CborType type = cbor_value_get_type(&amaclMap); + // resource map + CborValue rsrcMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&amaclMap, &rsrcMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map"); - // Resources -- Mandatory - if (0 == strcmp(OIC_JSON_RESOURCES_NAME, name)) + while(cbor_value_is_valid(&rsrcMap)) { - CborValue resources = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&amaclMap, &amacl->resourcesLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Resource Name Array Len."); - - cborFindResult = cbor_value_enter_container(&amaclMap, &resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Amacl Array."); - - amacl->resources = (char **) OICCalloc(amacl->resourcesLen, sizeof(*amacl->resources)); - VERIFY_NON_NULL(TAG, amacl->resources, ERROR); - int i = 0; - while (cbor_value_is_text_string(&resources)) + // resource name + char *rsrcName = NULL; + size_t rsrcNameLen = 0; + cborFindResult = cbor_value_dup_text_string(&rsrcMap, &rsrcName, &rsrcNameLen, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Resource Data Name Tag."); + cborFindResult = cbor_value_advance(&rsrcMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Resource Data Value."); + + // rlist + if (0 == strcmp(OIC_JSON_RLIST_NAME, rsrcName)) { - cborFindResult = cbor_value_dup_text_string(&resources, &amacl->resources[i++], - &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Resource Name Value."); - cborFindResult = cbor_value_advance(&resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Resource Name."); + int i = 0; + // TODO : Need to assign array length to OicSecAmacl_t->resources->rlistLen based of RAML spec. + cborFindResult = cbor_value_get_array_length(&rsrcMap, &headAmacl->resourcesLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rlist Array Len."); + + CborValue rsrcArray = { .parser = NULL }; + + // rlist array + cborFindResult = cbor_value_enter_container(&rsrcMap, &rsrcArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Rlist Array"); + + // TODO : Need to check data structure of OicSecAmacl_t based on RAML spec. + headAmacl->resources = (char **) OICCalloc(headAmacl->resourcesLen, sizeof(*headAmacl->resources)); + VERIFY_NON_NULL(TAG, headAmacl->resources, ERROR); + + while (cbor_value_is_valid(&rsrcArray)) + { + // rMap + CborValue rMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&rsrcArray, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Rlist Map"); + + while(cbor_value_is_valid(&rMap)) + { + char *rMapName = NULL; + size_t rMapNameLen = 0; + cborFindResult = cbor_value_dup_text_string(&rMap, &rMapName, &rMapNameLen, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Name Tag."); + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Value."); + + // "href" + if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAmacl_t based on RAML spec. + cborFindResult = cbor_value_dup_text_string(&rMap, &headAmacl->resources[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value."); + } + + // "rt" + if (0 == strcmp(OIC_JSON_RT_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAmacl_t and assign based on RAML spec. + char *rtData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value."); + OICFree(rtData); + } + + // "if" + if (0 == strcmp(OIC_JSON_IF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecAmacl_t and assign based on RAML spec. + char *ifData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value."); + OICFree(ifData); + } + + if (cbor_value_is_valid(&rMap)) + { + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Rlist Map."); + } + OICFree(rMapName); + } + + if (cbor_value_is_valid(&rsrcArray)) + { + cborFindResult = cbor_value_advance(&rsrcArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Resource Array."); + } + } } - } - // Amss -- Mandatory - if (0 == strcmp(OIC_JSON_AMSS_NAME, name)) - { - CborValue amss = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&amaclMap, &amacl->amssLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering AMSS Name Array Len."); - cborFindResult = cbor_value_enter_container(&amaclMap, &amss); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering AMSS Name Container."); - int i = 0; - amacl->amss = (OicUuid_t *)OICCalloc(amacl->amssLen, sizeof(*amacl->amss)); - VERIFY_NON_NULL(TAG, amacl->amss, ERROR); - while (cbor_value_is_valid(&amss)) + if (cbor_value_is_valid(&rsrcMap)) { - uint8_t *amssId = NULL; - cborFindResult = cbor_value_dup_byte_string(&amss, &amssId, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding AMSS Id."); - cborFindResult = cbor_value_advance(&amss); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing AMSS."); - memcpy(amacl->amss[i++].id, amssId, len); - OICFree(amssId); + cborFindResult = cbor_value_advance(&rsrcMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Resource Map."); } + OICFree(rsrcName); } - // Owners -- Mandatory - if (0 == strcmp(OIC_JSON_OWNERS_NAME, name)) - { - CborValue owners = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&amaclMap, &amacl->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Owner Name Len."); - cborFindResult = cbor_value_enter_container(&amaclMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Container Owner Array."); - int i = 0; - amacl->owners = (OicUuid_t *)OICCalloc(amacl->ownersLen, sizeof(*amacl->owners)); - VERIFY_NON_NULL(TAG, amacl->owners, ERROR); - while (cbor_value_is_valid(&owners)) - { - uint8_t *owner = NULL; - cborFindResult = cbor_value_dup_byte_string(&owners, &owner, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Adding Owners Array Value."); - cborFindResult = cbor_value_advance(&owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Owners Array"); - memcpy(amacl->owners[i++].id, owner, len); - OICFree(owner); - } - } - if (CborMapType != type && cbor_value_is_valid(&amaclMap)) - { - cborFindResult = cbor_value_advance(&amaclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Amacl Map."); - } - OICFree(name); } - amacl->next = NULL; - if (NULL == headAmacl) + // TODO : Need to modify type of OicSecAmacl_t->amss based on RAML spec. + // Ams -- Mandatory + if (0 == strcmp(OIC_JSON_AMS_NAME, name)) { - headAmacl = amacl; - } - else - { - OicSecAmacl_t *temp = headAmacl; - while (temp->next) + int i = 0; + CborValue amsArray = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&amaclMap, &headAmacl->amssLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding AMS Array Len."); + cborFindResult = cbor_value_enter_container(&amaclMap, &amsArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering AMS Array Container."); + headAmacl->amss = (OicUuid_t *)OICCalloc(headAmacl->amssLen, sizeof(*headAmacl->amss)); + VERIFY_NON_NULL(TAG, headAmacl->amss, ERROR); + while (cbor_value_is_valid(&amsArray)) { - temp = temp->next; + char *amssId = NULL; + cborFindResult = cbor_value_dup_text_string(&amsArray, &amssId, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding AMS Id."); + cborFindResult = cbor_value_advance(&amsArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing AMS."); + memcpy(headAmacl->amss[i++].id, (OicUuid_t *)amssId, len); + OICFree(amssId); } - temp->next = amacl; } - if (cbor_value_is_valid(&amaclArray)) + + // TODO : Need to modify headAmacl->owners[0].id to headAmacl->rowner based on RAML spec. + // Rowner -- Mandatory + if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name)) { - cborFindResult = cbor_value_advance(&amaclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing AMACL Array."); + char *stRowner = NULL; + cborFindResult = cbor_value_dup_text_string(&amaclMap, &stRowner, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding ROwner Value."); + headAmacl->ownersLen = 1; + headAmacl->owners = (OicUuid_t *)OICCalloc(headAmacl->ownersLen, sizeof(*headAmacl->owners)); + VERIFY_NON_NULL(TAG, headAmacl->owners, ERROR); + ret = ConvertStrToUuid(stRowner, &headAmacl->owners[0]); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(stRowner); } + + //if (CborMapType != type && cbor_value_is_valid(&amaclMap)) + if (cbor_value_is_valid(&amaclMap)) + { + cborFindResult = cbor_value_advance(&amaclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Amacl Map."); + } + OICFree(name); } + *secAmacl = headAmacl; ret = OC_STACK_OK; @@ -370,6 +451,7 @@ exit: { DeleteAmaclList(headAmacl); headAmacl = NULL; + *secAmacl = NULL; ret = OC_STACK_ERROR; } return ret; diff --git a/resource/csdk/security/src/credresource.c b/resource/csdk/security/src/credresource.c index 76fbe19..ab29adb 100644 --- a/resource/csdk/security/src/credresource.c +++ b/resource/csdk/security/src/credresource.c @@ -56,17 +56,15 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching belox max cbor size. */ -#ifndef __WITH_X509__ -static const uint8_t CBOR_SIZE = 255; -#else -static const uint16_t CBOR_SIZE = 1024; -#endif +static const uint16_t CBOR_SIZE = 2048; /** Max cbor size payload. */ static const uint16_t CBOR_MAX_SIZE = 4400; -/** CRED Map size - Number of mandatory items. */ -static const uint8_t CRED_MAP_SIZE = 4; +/** CRED size - Number of mandatory items. */ +static const uint8_t CRED_ROOT_MAP_SIZE = 2; +static const uint8_t CRED_MAP_SIZE = 3; + static OicSecCred_t *gCred = NULL; static OCResourceHandle gCredHandle = NULL; @@ -135,34 +133,46 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload { return OC_STACK_INVALID_PARAM; } - OIC_LOG(DEBUG, TAG, "CredToCBORPayload IN"); + OCStackResult ret = OC_STACK_ERROR; - size_t cborLen = *cborSize; - if (0 == cborLen) - { - cborLen = CBOR_SIZE; - } + CborError cborEncoderResult = CborNoError; + uint8_t *outPayload = NULL; + size_t cborLen = *cborSize; *cborSize = 0; *cborPayload = NULL; - + const OicSecCred_t *cred = credS; CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; CborEncoder credArray = { {.ptr = NULL }, .end = 0 }; - int64_t cborEncoderResult = CborNoError; + CborEncoder credRootMap = { {.ptr = NULL }, .end = 0 }; - const OicSecCred_t *cred = credS; - uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen); + if (0 == cborLen) + { + cborLen = CBOR_SIZE; + } + + outPayload = (uint8_t *)OICCalloc(1, cborLen); VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - // Create CRED Array - cborEncoderResult |= cbor_encoder_create_array(&encoder, &credArray, OicSecCredCount(cred)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding0 Cred Array."); + // Create CRED Root Map (creds, rownerid) + cborEncoderResult = cbor_encoder_create_map(&encoder, &credRootMap, CRED_ROOT_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Root Map"); + + // creds + cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_CREDS_NAME, + strlen(OIC_JSON_CREDS_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding creds Name Tag."); + + // creds array + cborEncoderResult = cbor_encoder_create_array(&credRootMap, &credArray, OicSecCredCount(cred)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Array."); while (cred) { CborEncoder credMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; size_t mapSize = CRED_MAP_SIZE; + char *subject = NULL; if (cred->period) { mapSize++; @@ -177,120 +187,167 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload { mapSize++; } - cborEncoderResult |= cbor_encoder_create_map(&credArray, &credMap, mapSize); + cborEncoderResult = cbor_encoder_create_map(&credArray, &credMap, mapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Map"); //CredID -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&credMap, OIC_JSON_CREDID_NAME, + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDID_NAME, strlen(OIC_JSON_CREDID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Id Tag. "); - cborEncoderResult |= cbor_encode_int(&credMap, cred->credId); + cborEncoderResult = cbor_encode_int(&credMap, cred->credId); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Id Value."); //Subject -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&credMap, OIC_JSON_SUBJECT_NAME, - strlen(OIC_JSON_SUBJECT_NAME)); + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_SUBJECTID_NAME, + strlen(OIC_JSON_SUBJECTID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Subject Tag."); - cborEncoderResult |= cbor_encode_byte_string(&credMap, cred->subject.id, - sizeof(cred->subject.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Subject Value."); + ret = ConvertUuidToStr(&cred->subject, &subject); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&credMap, subject, strlen(subject)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Subject Id Value."); + OICFree(subject); //CredType -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&credMap, OIC_JSON_CREDTYPE_NAME, + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDTYPE_NAME, strlen(OIC_JSON_CREDTYPE_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Tag."); - cborEncoderResult |= cbor_encode_int(&credMap, cred->credType); + cborEncoderResult = cbor_encode_int(&credMap, cred->credType); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Value."); #ifdef __WITH_X509__ //PublicData -- Not Mandatory if (cred->publicData.data) { - cborEncoderResult |= cbor_encode_text_string(&credMap, - OIC_JSON_PUBLICDATA_NAME, strlen(OIC_JSON_PUBLICDATA_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Data Tag."); - cborEncoderResult |= cbor_encode_byte_string(&credMap, cred->publicData.data, - cred->publicData.len); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Tag Value."); + CborEncoder publicMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + const size_t publicMapSize = 2; + + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PUBLICDATA_NAME, + strlen(OIC_JSON_PUBLICDATA_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PublicData Tag."); + + cborEncoderResult = cbor_encoder_create_map(&credMap, &publicMap, publicMapSize); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PublicData Map"); + + cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_JSON_PUBDATA_NAME, + strlen(OIC_JSON_PUBDATA_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Pub Data Tag."); + cborEncoderResult = cbor_encode_byte_string(&publicMap, cred->publicData.data, + cred->publicData.len); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Pub Value."); + + // TODO: Need to data strucure modification for OicSecCert_t. + cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_JSON_ENCODING_NAME, + strlen(OIC_JSON_ENCODING_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Encoding Tag."); + cborEncoderResult = cbor_encode_text_string(&publicMap, OIC_SEC_ENCODING_BYTESTREAM, + strlen(OIC_SEC_ENCODING_BYTESTREAM)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Public Encoding Value."); + + cborEncoderResult = cbor_encoder_close_container(&credMap, &publicMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing PublicData Map."); } #endif /*__WITH_X509__*/ //PrivateData -- Not Mandatory if(cred->privateData.data) { - cborEncoderResult |= cbor_encode_text_string(&credMap, - OIC_JSON_PRIVATEDATA_NAME, strlen(OIC_JSON_PRIVATEDATA_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Data Tag"); - cborEncoderResult |= cbor_encode_byte_string(&credMap, cred->privateData.data, + CborEncoder privateMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + const size_t privateMapSize = 2; + + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PRIVATEDATA_NAME, + strlen(OIC_JSON_PRIVATEDATA_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PrivateData Tag."); + + cborEncoderResult = cbor_encoder_create_map(&credMap, &privateMap, privateMapSize); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PrivateData Map"); + + cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_JSON_PRIVDATA_NAME, + strlen(OIC_JSON_PRIVDATA_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Priv Tag."); + cborEncoderResult = cbor_encode_byte_string(&privateMap, cred->privateData.data, cred->privateData.len); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Data Value."); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Priv Value."); + + // TODO: Need to data strucure modification for OicSecKey_t. + cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_JSON_ENCODING_NAME, + strlen(OIC_JSON_ENCODING_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Encoding Tag."); + cborEncoderResult = cbor_encode_text_string(&privateMap, OIC_SEC_ENCODING_BYTESTREAM, + strlen(OIC_SEC_ENCODING_BYTESTREAM)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Private Encoding Value."); + + cborEncoderResult = cbor_encoder_close_container(&credMap, &privateMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing PrivateData Map."); } //Period -- Not Mandatory if(cred->period) { - cborEncoderResult |= cbor_encode_text_string(&credMap, OIC_JSON_PERIOD_NAME, + cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PERIOD_NAME, strlen(OIC_JSON_PERIOD_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Name Tag."); - cborEncoderResult |= cbor_encode_text_string(&credMap, cred->period, + cborEncoderResult = cbor_encode_text_string(&credMap, cred->period, strlen(cred->period)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Period Name Value."); } - //Owners -- Mandatory - { - cborEncoderResult |= cbor_encode_text_string(&credMap, OIC_JSON_OWNERS_NAME, - strlen(OIC_JSON_OWNERS_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owners Name Tag."); - CborEncoder owners = { {.ptr = NULL }, .end = 0 }; - cborEncoderResult |= cbor_encoder_create_array(&credMap, &owners, cred->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owners Name Array."); - for (size_t i = 0; i < cred->ownersLen; i++) - { - cborEncoderResult |= cbor_encode_byte_string(&owners, (uint8_t *)cred->owners[i].id, - sizeof(cred->owners[i].id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owners Array Value."); - } - cborEncoderResult |= cbor_encoder_close_container(&credMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Owners Name Array."); - } - cborEncoderResult |= cbor_encoder_close_container(&credArray, &credMap); + + cborEncoderResult = cbor_encoder_close_container(&credArray, &credMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Cred Map."); cred = cred->next; - } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &credArray); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Cred Array."); + } + cborEncoderResult = cbor_encoder_close_container(&credRootMap, &credArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Cred Array."); - if (CborNoError == cborEncoderResult) - { - *cborPayload = outPayload; - *cborSize = encoder.ptr - outPayload; + cred = credS; + // TODO : Need to modify cred->owners[0] to cred->rownerid based on RAML spec. + // Rownerid + if(cred->owners && cred->ownersLen > 0) + { + char *rowner = NULL; + cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding rownerid Name."); + ret = ConvertUuidToStr(&cred->owners[0], &rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&credRootMap, rowner, strlen(rowner)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding rownerid Value."); + OICFree(rowner); + } + + // Close CRED Root Map + cborEncoderResult = cbor_encoder_close_container(&encoder, &credRootMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing CRED Root Map."); + + if (CborNoError == cborEncoderResult) + { + OIC_LOG(DEBUG, TAG, "CredToCBORPayload Successed"); + *cborPayload = outPayload; + *cborSize = encoder.ptr - outPayload; ret = OC_STACK_OK; } OIC_LOG(DEBUG, TAG, "CredToCBORPayload OUT"); exit: - if ((CborErrorOutOfMemory == cborEncoderResult) && (cborLen < CBOR_MAX_SIZE)) + if (CborErrorOutOfMemory == cborEncoderResult) { - // reallocate and try again! - OICFree(outPayload); - outPayload = NULL; - // Since the allocated initial memory failed, double the memory. - cborLen += encoder.ptr - encoder.end; - cborEncoderResult = CborNoError; - ret = CredToCBORPayload(credS, cborPayload, &cborLen); - if (OC_STACK_OK == ret) - { - *cborSize = cborLen; - } + OIC_LOG(DEBUG, TAG, "CredToCBORPayload:CborErrorOutOfMemory : retry with more memory"); + // reallocate and try again! + OICFree(outPayload); + // Since the allocated initial memory failed, double the memory. + cborLen += encoder.ptr - encoder.end; + cborEncoderResult = CborNoError; + ret = CredToCBORPayload(credS, cborPayload, &cborLen); + *cborSize = cborLen; } if (CborNoError != cborEncoderResult) { - OICFree(outPayload); - outPayload = NULL; - *cborSize = 0; - *cborPayload = NULL; - ret = OC_STACK_ERROR; + OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload"); + OICFree(outPayload); + outPayload = NULL; + *cborSize = 0; + *cborPayload = NULL; + ret = OC_STACK_ERROR; } return ret; @@ -303,142 +360,243 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size, { return OC_STACK_INVALID_PARAM; } - OIC_LOG(DEBUG, TAG, "CBORPayloadToCred IN"); - - *secCred = NULL; OCStackResult ret = OC_STACK_ERROR; - - CborValue credCbor; - CborParser parser; + CborValue credCbor = { .parser = NULL }; + CborParser parser = { .end = NULL }; CborError cborFindResult = CborNoError; - OicSecCred_t *cred = NULL; + cbor_parser_init(cborPayload, size, 0, &parser, &credCbor); - int cborLen = size; - if (0 == size) - { - cborLen = CBOR_SIZE; - } - cbor_parser_init(cborPayload, cborLen, 0, &parser, &credCbor); + OicSecCred_t *headCred = (OicSecCred_t *) OICCalloc(1, sizeof(OicSecCred_t)); - OicSecCred_t *headCred = NULL; + // Enter CRED Root Map + CborValue CredRootMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&credCbor, &CredRootMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering CRED Root Map."); - size_t len = 0; - CborValue credArray; - cborFindResult = cbor_value_enter_container(&credCbor, &credArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Cred Array."); - - while (cbor_value_is_valid(&credArray)) + while (cbor_value_is_valid(&CredRootMap)) { - cred = (OicSecCred_t *) OICCalloc(1, sizeof(OicSecCred_t)); - VERIFY_NON_NULL(TAG, cred, ERROR); - - //CredId -- Mandatory - CborValue credMap; - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_CREDID_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_integer(&credMap)) + char* tagName = NULL; + size_t len = 0; + CborType type = cbor_value_get_type(&CredRootMap); + if (type == CborTextStringType) { - cborFindResult = cbor_value_get_int(&credMap, (int *) &cred->credId); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CredId."); + cborFindResult = cbor_value_dup_text_string(&CredRootMap, &tagName, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in CRED Root Map."); + cborFindResult = cbor_value_advance(&CredRootMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in CRED Root Map."); } - //subject -- Mandatory - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_SUBJECT_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&credMap)) + if(tagName) { - uint8_t *id = NULL; - cborFindResult = cbor_value_dup_byte_string(&credMap, &id, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Subject Name."); - memcpy(cred->subject.id, id, len); - OICFree(id); - } - //CredType -- Mandatory - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_CREDTYPE_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_integer(&credMap)) - { - cborFindResult = cbor_value_get_int(&credMap, (int *) &cred->credType); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CredType."); - } - //Owners -- Mandatory - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_OWNERS_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_array(&credMap)) - { - CborValue owners; - cborFindResult = cbor_value_get_array_length(&credMap, &cred->ownersLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Array Len."); - cborFindResult = cbor_value_enter_container(&credMap, &owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Container."); - int i = 0; - cred->owners = (OicUuid_t *)OICCalloc(cred->ownersLen, sizeof(*cred->owners)); - VERIFY_NON_NULL(TAG, cred->owners, ERROR); - while (cbor_value_is_valid(&owners)) + if (strcmp(tagName, OIC_JSON_CREDS_NAME) == 0) { - uint8_t *owner = NULL; - cborFindResult = cbor_value_dup_byte_string(&owners, &owner, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Owner Byte String."); - memcpy(cred->owners[i++].id, owner, len); - OICFree(owner); - cborFindResult = cbor_value_advance(&owners); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Array."); - } - } - //PrivateData is mandatory for some of the credential types listed below. - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_PRIVATEDATA_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&credMap)) - { - cborFindResult = cbor_value_dup_byte_string(&credMap, - &cred->privateData.data, &cred->privateData.len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Byte Array."); - } + // Enter CREDS Array + size_t len = 0; + int credCount = 0; + CborValue credArray = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&CredRootMap, &credArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Cred Array."); + + while (cbor_value_is_valid(&credArray)) + { + credCount++; + //CredId -- Mandatory + CborValue credMap = { .parser = NULL, .ptr = NULL, .remaining = 0, .extra = 0, .type = 0, .flags = 0 }; + cborFindResult = cbor_value_enter_container(&credArray, &credMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Cred Map."); + OicSecCred_t *cred = NULL; + + if(1 == credCount) + { + cred = headCred; + } + else + { + cred = (OicSecCred_t *) OICCalloc(1, sizeof(OicSecCred_t)); + OicSecCred_t *temp = headCred; + while (temp->next) + { + temp = temp->next; + } + temp->next = cred; + } + + VERIFY_NON_NULL(TAG, cred, ERROR); + + while(cbor_value_is_valid(&credMap)) + { + char* name = NULL; + CborType type = cbor_value_get_type(&credMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&credMap, &name, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Name in CRED Map."); + cborFindResult = cbor_value_advance(&credMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Value in CRED Map."); + } + if(name) + { + //credid + if (strcmp(name, OIC_JSON_CREDID_NAME) == 0) + { + cborFindResult = cbor_value_get_uint64(&credMap, (uint64_t *) &cred->credId); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CredId."); + } + // subjectid + if (strcmp(name, OIC_JSON_SUBJECTID_NAME) == 0) + { + char *subjectid = NULL; + cborFindResult = cbor_value_dup_text_string(&credMap, &subjectid, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding subjectid Value."); + ret = ConvertStrToUuid(subjectid, &cred->subject); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(subjectid); + } + // subjectid + if (strcmp(name, OIC_JSON_CREDTYPE_NAME) == 0) + { + cborFindResult = cbor_value_get_uint64(&credMap, (uint64_t *) &cred->credType); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CredType."); + } + // privatedata + if (strcmp(name, OIC_JSON_PRIVATEDATA_NAME) == 0) + { + CborValue privateMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&credMap, &privateMap); + + while (cbor_value_is_valid(&privateMap)) + { + char* privname = NULL; + CborType type = cbor_value_get_type(&privateMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&privateMap, &privname, + &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); + cborFindResult = cbor_value_advance(&privateMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); + } + if (privname) + { + // PrivateData::privdata -- Mandatory + if (strcmp(privname, OIC_JSON_PRIVDATA_NAME) == 0) + { + cborFindResult = cbor_value_dup_byte_string(&privateMap, &cred->privateData.data, + &cred->privateData.len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding PrivateData."); + } + // PrivateData::encoding -- Mandatory + if (strcmp(privname, OIC_JSON_ENCODING_NAME) == 0) + { + // TODO: Need to update data structure, just ignore encoding value now. + } + } + if (cbor_value_is_valid(&privateMap)) + { + cborFindResult = cbor_value_advance(&privateMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing privatedata Map."); + } + OICFree(privname); + } + + } #ifdef __WITH_X509__ - //PublicData is mandatory only for SIGNED_ASYMMETRIC_KEY credentials type. - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_PUBLICDATA_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&credMap)) - { - if (cred->credType & SIGNED_ASYMMETRIC_KEY) - { - cborFindResult = cbor_value_dup_byte_string(&credMap, &cred->publicData.data, - &cred->publicData.len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Public Data."); - } - } + if (strcmp(name, OIC_JSON_PUBLICDATA_NAME) == 0) + { + CborValue pubMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&credMap, &pubMap); + + while (cbor_value_is_valid(&pubMap)) + { + char* pubname = NULL; + CborType type = cbor_value_get_type(&pubMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&pubMap, &pubname, + &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); + cborFindResult = cbor_value_advance(&pubMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); + } + if (pubname) + { + // PrivateData::privdata -- Mandatory + if (strcmp(pubname, OIC_JSON_PUBDATA_NAME) == 0) + { + cborFindResult = cbor_value_dup_byte_string(&pubMap, &cred->publicData.data, + &cred->publicData.len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding PubData."); + } + // PublicData::encoding -- Mandatory + if (strcmp(pubname, OIC_JSON_ENCODING_NAME) == 0) + { + // TODO: Need to update data structure, just ignore encoding value now. + } + } + if (cbor_value_is_valid(&pubMap)) + { + cborFindResult = cbor_value_advance(&pubMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing publicdata Map."); + } + OICFree(pubname); + } + } #endif //__WITH_X509__ - //Period -- Not Mandatory - cborFindResult = cbor_value_map_find_value(&credArray, OIC_JSON_PERIOD_NAME, &credMap); - if (CborNoError == cborFindResult && cbor_value_is_text_string(&credMap)) - { - cborFindResult = cbor_value_dup_text_string(&credMap, &cred->period, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Period."); - } - cred->next = NULL; - if (NULL == headCred) - { - headCred = cred; - } - else - { - OicSecCred_t *temp = headCred; - while (temp->next) + + if (0 == strcmp(OIC_JSON_PERIOD_NAME, name)) + { + cborFindResult = cbor_value_dup_text_string(&credMap, &cred->period, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Period."); + } + + if (cbor_value_is_valid(&credMap)) + { + cborFindResult = cbor_value_advance(&credMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing CRED Map."); + } + OICFree(name); + } + } + cred->next = NULL; + if (cbor_value_is_valid(&credArray)) + { + cborFindResult = cbor_value_advance(&credArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing CRED Array."); + } + } + } + + // TODO : Need to modify headCred->owners[0].id to headCred->rowner based on RAML spec. + if (strcmp(tagName, OIC_JSON_ROWNERID_NAME) == 0) { - temp = temp->next; + char *stRowner = NULL; + cborFindResult = cbor_value_dup_text_string(&CredRootMap, &stRowner, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Rownerid Value."); + headCred->ownersLen = 1; + headCred->owners = (OicUuid_t *)OICCalloc(headCred->ownersLen, sizeof(*headCred->owners)); + VERIFY_NON_NULL(TAG, headCred->owners, ERROR); + ret = ConvertStrToUuid(stRowner, &headCred->owners[0]); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(stRowner); } - temp->next = cred; + OICFree(tagName); } - if (cbor_value_is_valid(&credArray)) + if (cbor_value_is_valid(&CredRootMap)) { - cborFindResult = cbor_value_advance(&credArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Cred Array."); + cborFindResult = cbor_value_advance(&CredRootMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing CRED Root Map."); } } + *secCred = headCred; ret = OC_STACK_OK; - OIC_LOG(DEBUG, TAG, "CBORPayloadToCred OUT"); - exit: if (CborNoError != cborFindResult) { DeleteCredList(headCred); headCred = NULL; + *secCred = NULL; ret = OC_STACK_ERROR; } diff --git a/resource/csdk/security/src/crlresource.c b/resource/csdk/security/src/crlresource.c index 8ee41b8..7b62c57 100644 --- a/resource/csdk/security/src/crlresource.c +++ b/resource/csdk/security/src/crlresource.c @@ -50,7 +50,7 @@ static OicSecCrl_t *gCrl = NULL; /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching below max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 1024; // Max cbor size payload. static const uint16_t CBOR_MAX_SIZE = 4400; @@ -264,6 +264,7 @@ exit: OIC_LOG (ERROR, TAG, "CBORPayloadToCrl failed"); DeleteCrlBinData(crl); crl = NULL; + *secCrl = NULL; ret = OC_STACK_ERROR; } if (name) diff --git a/resource/csdk/security/src/directpairing.c b/resource/csdk/security/src/directpairing.c index 908c5ff..8b0eec4 100644 --- a/resource/csdk/security/src/directpairing.c +++ b/resource/csdk/security/src/directpairing.c @@ -55,7 +55,7 @@ #define TAG ("DP") -static const uint64_t CBOR_SIZE=255; +static const uint16_t CBOR_SIZE = 1024; /** * Structure to carry direct-pairing API data to callback. diff --git a/resource/csdk/security/src/doxmresource.c b/resource/csdk/security/src/doxmresource.c index cf958c8..bff61fa 100644 --- a/resource/csdk/security/src/doxmresource.c +++ b/resource/csdk/security/src/doxmresource.c @@ -51,13 +51,13 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching belox max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 512; /** Max cbor size payload. */ static const uint16_t CBOR_MAX_SIZE = 4400; /** DOXM Map size - Number of mandatory items. */ -static const uint8_t DOXM_MAP_SIZE = 6; +static const uint8_t DOXM_MAP_SIZE = 8; static OicSecDoxm_t *gDoxm = NULL; static OCResourceHandle gDoxmHandle = NULL; @@ -75,6 +75,7 @@ static OicSecDoxm_t gDefaultDoxm = {.id = {0}}, /* OicUuid_t deviceID */ false, /* bool dpc */ {.id = {0}}, /* OicUuid_t owner */ + {.id = {0}}, /* OicUuid_t rownerID */ }; void DeleteDoxmBinData(OicSecDoxm_t* doxm) @@ -114,6 +115,7 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; CborEncoder doxmMap = { {.ptr = NULL }, .end = 0 }; + char* strUuid = NULL; int64_t cborEncoderResult = CborNoError; uint8_t mapSize = DOXM_MAP_SIZE; @@ -130,99 +132,120 @@ OCStackResult DoxmToCBORPayload(const OicSecDoxm_t *doxm, uint8_t **payload, siz VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - cborEncoderResult |= cbor_encoder_create_map(&encoder, &doxmMap, mapSize); + cborEncoderResult = cbor_encoder_create_map(&encoder, &doxmMap, mapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Doxm Map."); //OxmType -- Not Mandatory if (doxm->oxmTypeLen > 0) { - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_OXM_TYPE_NAME, + CborEncoder oxmType = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OXM_TYPE_NAME, strlen(OIC_JSON_OXM_TYPE_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmType Tag."); - CborEncoder oxmType; - cborEncoderResult |= cbor_encoder_create_array(&doxmMap, &oxmType, doxm->oxmTypeLen); + cborEncoderResult = cbor_encoder_create_array(&doxmMap, &oxmType, doxm->oxmTypeLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmType Array."); for (size_t i = 0; i < doxm->oxmTypeLen; i++) { - cborEncoderResult |= cbor_encode_text_string(&oxmType, doxm->oxmType[i], + cborEncoderResult = cbor_encode_text_string(&oxmType, doxm->oxmType[i], strlen(doxm->oxmType[i])); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmType Value."); } - cborEncoderResult |= cbor_encoder_close_container(&doxmMap, &oxmType); + cborEncoderResult = cbor_encoder_close_container(&doxmMap, &oxmType); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing oxmType."); } //Oxm -- Not Mandatory if (doxm->oxmLen > 0) { - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_OXM_NAME, - strlen(OIC_JSON_OXM_NAME)); + CborEncoder oxm = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OXMS_NAME, + strlen(OIC_JSON_OXMS_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmName Tag."); - CborEncoder oxm; - cborEncoderResult |= cbor_encoder_create_array(&doxmMap, &oxm, doxm->oxmLen); + cborEncoderResult = cbor_encoder_create_array(&doxmMap, &oxm, doxm->oxmLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmName Array."); for (size_t i = 0; i < doxm->oxmLen; i++) { - cborEncoderResult |= cbor_encode_int(&oxm, doxm->oxm[i]); + cborEncoderResult = cbor_encode_int(&oxm, doxm->oxm[i]); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding oxmName Value"); } - cborEncoderResult |= cbor_encoder_close_container(&doxmMap, &oxm); + cborEncoderResult = cbor_encoder_close_container(&doxmMap, &oxm); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing oxmName."); } //OxmSel -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_OXM_SEL_NAME, + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OXM_SEL_NAME, strlen(OIC_JSON_OXM_SEL_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Sel Tag."); - cborEncoderResult |= cbor_encode_int(&doxmMap, doxm->oxmSel); + cborEncoderResult = cbor_encode_int(&doxmMap, doxm->oxmSel); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Sel Value."); //sct -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_SUPPORTED_CRED_TYPE_NAME, + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_SUPPORTED_CRED_TYPE_NAME, strlen(OIC_JSON_SUPPORTED_CRED_TYPE_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Tag"); - cborEncoderResult |= cbor_encode_int(&doxmMap, doxm->sct); + cborEncoderResult = cbor_encode_int(&doxmMap, doxm->sct); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Cred Type Value."); //Owned -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_OWNED_NAME, + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_OWNED_NAME, strlen(OIC_JSON_OWNED_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owned Tag."); - cborEncoderResult |= cbor_encode_boolean(&doxmMap, doxm->owned); + cborEncoderResult = cbor_encode_boolean(&doxmMap, doxm->owned); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owned Value."); - //TODO: Need more clarification on deviceIDFormat field type. -#if 0 - //DeviceIdFormat -- Mandatory - cJSON_AddNumberToObject(jsonDoxm, OIC_JSON_DEVICE_ID_FORMAT_NAME, doxm->deviceIDFormat); -#endif + + //TODO: Need to modify to use real didformat value + //DidFormat + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVICE_ID_FORMAT_NAME, + strlen(OIC_JSON_DEVICE_ID_FORMAT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding DidFormat Tag"); + cborEncoderResult = cbor_encode_int(&doxmMap, 0); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding DidFormat Value."); + //DeviceId -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_DEVICE_ID_NAME, + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVICE_ID_NAME, strlen(OIC_JSON_DEVICE_ID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); - cborEncoderResult |= cbor_encode_byte_string(&doxmMap, doxm->deviceID.id, - sizeof(doxm->deviceID.id)); + ret = ConvertUuidToStr(&doxm->deviceID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&doxmMap, strUuid, strlen(strUuid)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); + OICFree(strUuid); + strUuid = NULL; + + //devownerid -- Mandatory + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DEVOWNERID_NAME, + strlen(OIC_JSON_DEVOWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Id Tag."); + ret = ConvertUuidToStr(&doxm->owner, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&doxmMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Id Value."); + OICFree(strUuid); + strUuid = NULL; + + //ROwner -- Mandatory + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Tag."); + ret = ConvertUuidToStr(&doxm->rownerID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&doxmMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Value."); + OICFree(strUuid); + strUuid = NULL; //DPC -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_DPC_NAME, + cborEncoderResult = cbor_encode_text_string(&doxmMap, OIC_JSON_DPC_NAME, strlen(OIC_JSON_DPC_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding DPC Tag."); - cborEncoderResult |= cbor_encode_boolean(&doxmMap, doxm->dpc); + cborEncoderResult = cbor_encode_boolean(&doxmMap, doxm->dpc); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding DPC Value."); - //Owner -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&doxmMap, OIC_JSON_OWNER_NAME, - strlen(OIC_JSON_OWNER_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner tag."); - cborEncoderResult |= cbor_encode_byte_string(&doxmMap, doxm->owner.id, - sizeof(doxm->owner.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Owner Value"); - - cborEncoderResult |= cbor_encoder_close_container(&encoder, &doxmMap); + cborEncoderResult = cbor_encoder_close_container(&encoder, &doxmMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing DoxmMap."); if (CborNoError == cborEncoderResult) @@ -271,6 +294,7 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, CborParser parser; CborError cborFindResult = CborNoError; int cborLen = (size == 0) ? CBOR_SIZE : size; + char* strUuid = NULL; size_t len = 0; CborValue doxmCbor; cbor_parser_init(cborPayload, cborLen, 0, &parser, &doxmCbor); @@ -306,7 +330,7 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, } } - cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_OXM_NAME, &doxmMap); + cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_OXMS_NAME, &doxmMap); //Oxm -- not Mandatory if (CborNoError == cborFindResult && cbor_value_is_array(&doxmMap)) { @@ -380,24 +404,46 @@ OCStackResult CBORPayloadToDoxm(const uint8_t *cborPayload, size_t size, } cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_DEVICE_ID_NAME, &doxmMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&doxmMap)) + if (CborNoError == cborFindResult && cbor_value_is_text_string(&doxmMap)) + { + cborFindResult = cbor_value_dup_text_string(&doxmMap, &strUuid , &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Device Id Value."); + ret = ConvertStrToUuid(strUuid , &doxm->deviceID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + OICFree(strUuid ); + strUuid = NULL; + } + + cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_DEVOWNERID_NAME, &doxmMap); + if (CborNoError == cborFindResult && cbor_value_is_text_string(&doxmMap)) { - uint8_t *id = NULL; - cborFindResult = cbor_value_dup_byte_string(&doxmMap, &id, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding DeviceId Value.") - memcpy(doxm->deviceID.id, id, len); - OICFree(id); + cborFindResult = cbor_value_dup_text_string(&doxmMap, &strUuid , &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Owner Value."); + ret = ConvertStrToUuid(strUuid , &doxm->owner); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + OICFree(strUuid ); + strUuid = NULL; } - cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_OWNER_NAME, &doxmMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&doxmMap)) + + cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_ROWNERID_NAME, &doxmMap); + if (CborNoError == cborFindResult && cbor_value_is_text_string(&doxmMap)) { - uint8_t *id = NULL; - cborFindResult = cbor_value_dup_byte_string(&doxmMap, &id , &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Owner Name Value.") - memcpy(doxm->owner.id, id, len); - OICFree(id); + cborFindResult = cbor_value_dup_text_string(&doxmMap, &strUuid , &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding ROwner Value."); + ret = ConvertStrToUuid(strUuid , &doxm->rownerID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + OICFree(strUuid ); + strUuid = NULL; } + + cborFindResult = cbor_value_map_find_value(&doxmCbor, OIC_JSON_DEVICE_ID_FORMAT_NAME, &doxmMap); + if (CborNoError == cborFindResult && cbor_value_is_integer(&doxmMap)) + { + // TODO: handle "didformat" + } + + *secDoxm = doxm; ret = OC_STACK_OK; @@ -407,6 +453,7 @@ exit: OIC_LOG (ERROR, TAG, "CBORPayloadToDoxm failed!!!"); DeleteDoxmBinData(doxm); doxm = NULL; + *secDoxm = NULL; ret = OC_STACK_ERROR; } return ret; diff --git a/resource/csdk/security/src/dpairingresource.c b/resource/csdk/security/src/dpairingresource.c old mode 100755 new mode 100644 index 781289f..1507c75 --- a/resource/csdk/security/src/dpairingresource.c +++ b/resource/csdk/security/src/dpairingresource.c @@ -56,7 +56,7 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching belox max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 1024; /** Max cbor size payload. */ static const uint16_t CBOR_MAX_SIZE = 4400; @@ -204,33 +204,43 @@ OCStackResult DpairingToCBORPayload(const OicSecDpairing_t *dpair, uint8_t **pay VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - cborEncoderResult |= cbor_encoder_create_map(&encoder, &dpairMap, mapSize); + cborEncoderResult = cbor_encoder_create_map(&encoder, &dpairMap, mapSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating DPAIRING Map"); //spm -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&dpairMap, OIC_JSON_SPM_NAME, + cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_SPM_NAME, strlen(OIC_JSON_SPM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SPM name tag"); - cborEncoderResult |= cbor_encode_int(&dpairMap, dpair->spm); + cborEncoderResult = cbor_encode_int(&dpairMap, dpair->spm); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SPM value"); //PDEVICEID -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&dpairMap, OIC_JSON_PDEVICE_ID_NAME, + cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_PDEVICE_ID_NAME, strlen(OIC_JSON_PDEVICE_ID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PDeviceID tag"); - cborEncoderResult |= cbor_encode_byte_string(&dpairMap, dpair->pdeviceID.id, - sizeof(dpair->pdeviceID.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PDeviceID value"); + { + char *deviceId = NULL; + ret = ConvertUuidToStr(&dpair->pdeviceID, &deviceId); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&dpairMap, deviceId, strlen(deviceId)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode PDeviceID value"); + OICFree(deviceId); + } //ROWNER -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&dpairMap, OIC_JSON_ROWNER_NAME, - strlen(OIC_JSON_ROWNER_NAME)); + cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROWNER tag"); - cborEncoderResult |= cbor_encode_byte_string(&dpairMap, dpair->rowner.id, - sizeof(dpair->rowner.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Rowner ID value"); + { + char *rowner = NULL; + ret = ConvertUuidToStr(&dpair->rowner, &rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&dpairMap, rowner, strlen(rowner)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Rowner ID value"); + OICFree(rowner); + } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &dpairMap); + cborEncoderResult = cbor_encoder_close_container(&encoder, &dpairMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close dpairMap"); if (CborNoError == cborEncoderResult) @@ -293,13 +303,13 @@ OCStackResult CBORPayloadToDpair(const uint8_t *cborPayload, size_t size, { char *name = NULL; size_t len = 0; + CborType type = CborInvalidType; cborFindResult = cbor_value_dup_text_string(&dpairMap, &name, &len, NULL); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding tag name"); cborFindResult = cbor_value_advance(&dpairMap); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a value in DPair map"); - CborType type = cbor_value_get_type(&dpairMap); - + type = cbor_value_get_type(&dpairMap); if (0 == strcmp(OIC_JSON_SPM_NAME, name)) { cborFindResult = cbor_value_get_int(&dpairMap, (int *) &dpair->spm); @@ -308,19 +318,21 @@ OCStackResult CBORPayloadToDpair(const uint8_t *cborPayload, size_t size, if (0 == strcmp(OIC_JSON_PDEVICE_ID_NAME, name)) { - uint8_t *id = NULL; - cborFindResult = cbor_value_dup_byte_string(&dpairMap, &id, &len, NULL); + char *id = NULL; + cborFindResult = cbor_value_dup_text_string(&dpairMap, &id, &len, NULL); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding PDeviceID value"); - memcpy(dpair->pdeviceID.id, id, len); + ret = ConvertStrToUuid(id, &dpair->pdeviceID); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); OICFree(id); } - if (0 == strcmp(OIC_JSON_ROWNER_NAME, name)) + if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name)) { - uint8_t *id = NULL; - cborFindResult = cbor_value_dup_byte_string(&dpairMap, &id, &len, NULL); + char *id = NULL; + cborFindResult = cbor_value_dup_text_string(&dpairMap, &id, &len, NULL); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RownerID value"); - memcpy(dpair->rowner.id, id, len); + ret = ConvertStrToUuid(id, &dpair->rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); OICFree(id); } @@ -341,6 +353,7 @@ exit: OIC_LOG (ERROR, TAG, "CBORPayloadToDoxm failed"); DeleteDpairingBinData(dpair); dpair = NULL; + *secDpair = NULL; ret = OC_STACK_ERROR; } return ret; diff --git a/resource/csdk/security/src/pconfresource.c b/resource/csdk/security/src/pconfresource.c index 9ad996d..725adda 100644 --- a/resource/csdk/security/src/pconfresource.c +++ b/resource/csdk/security/src/pconfresource.c @@ -1,1101 +1,1212 @@ -/* ***************************************************************** - * - * Copyright 2016 Samsung Electronics All Rights Reserved. - * - * - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - * - * *****************************************************************/ - -#include -#include -#include "ocstack.h" -#include "logger.h" -#include "oic_malloc.h" -#include "oic_string.h" -#include "cJSON.h" -#include "base64.h" -#include "ocpayload.h" -#include "payload_logging.h" -#include "resourcemanager.h" -#include "pconfresource.h" -#include "psinterface.h" -#include "utlist.h" -#include "srmresourcestrings.h" -#include "doxmresource.h" -#include "srmutility.h" -#include "ocserverrequest.h" -#include -#include "psinterface.h" -#include "security_internals.h" -#ifdef WITH_ARDUINO -#include -#else -#include -#endif - -#define TAG "SRM-PCONF" - -static const uint64_t CBOR_SIZE = 255; -static const uint64_t CBOR_MAX_SIZE = 4400; -static const uint8_t PCONF_MAP_SIZE = 4; - -static OicSecPconf_t *gPconf = NULL; -static OCResourceHandle gPconfHandle = NULL; -static OicSecPconf_t gDefaultPconf = -{ - false, /* bool edp */ - NULL, /* OicSecPrm *prm */ - 0, /* size_t prmLen */ - {.val = {0}}, /* OicDpPin_t pin */ - NULL, /* OicSecPdAcl_t *pdacls */ - NULL, /* OicUuid_t *pddevs */ - 0, /* size_t pddevLen */ - {.id = {0}}, /* OicUuid_t deviceID */ - {.id = {0}}, /* OicUuid_t rowner */ -}; - -/** - * This function frees OicSecPdAcl_t object's fields and object itself. - */ -void FreePdAclList(OicSecPdAcl_t* pdacls) -{ - if (pdacls) - { - size_t i = 0; - - //Clean pdacl objecs - OicSecPdAcl_t *aclTmp1 = NULL; - OicSecPdAcl_t *aclTmp2 = NULL; - LL_FOREACH_SAFE(pdacls, aclTmp1, aclTmp2) - { - LL_DELETE(pdacls, aclTmp1); - - // Clean Resources - for (i = 0; i < aclTmp1->resourcesLen; i++) - { - OICFree(aclTmp1->resources[i]); - } - OICFree(aclTmp1->resources); - - //Clean Period - if(aclTmp1->periods) - { - for(i = 0; i < aclTmp1->prdRecrLen; i++) - { - OICFree(aclTmp1->periods[i]); - } - OICFree(aclTmp1->periods); - } - - //Clean Recurrence - if(aclTmp1->recurrences) - { - for(i = 0; i < aclTmp1->prdRecrLen; i++) - { - OICFree(aclTmp1->recurrences[i]); - } - OICFree(aclTmp1->recurrences); - } - } - - //Clean pconf itself - OICFree(pdacls); - } -} - -void DeletePconfBinData(OicSecPconf_t* pconf) -{ - if (pconf) - { - //Clean prm - OICFree(pconf->prm); - - //Clean pdacl - if (pconf->pdacls) - { - FreePdAclList(pconf->pdacls); - } - - //Clean pddev - OICFree(pconf->pddevs); - - //Clean pconf itself - OICFree(pconf); - } -} - -static size_t OicPdAclSize(const OicSecPdAcl_t *pdAcl) -{ - if (!pdAcl) - { - return 0; - } - - OicSecPdAcl_t *tmp = (OicSecPdAcl_t *)pdAcl; - size_t size = 0; - while (tmp) - { - size++; - tmp = tmp->next; - } - return size; -} - -OCStackResult PconfToCBORPayload(const OicSecPconf_t *pconf,uint8_t **payload,size_t *size) -{ - if (NULL == pconf || NULL == payload || NULL != *payload || NULL == size) - { - return OC_STACK_INVALID_PARAM; - } - size_t cborLen = *size; - if(0 == cborLen) - { - cborLen = CBOR_SIZE; - } - *payload = NULL; - - OCStackResult ret = OC_STACK_ERROR; - CborEncoder encoder = { {.ptr = NULL}, .end = 0}; - CborEncoder pconfMap = { {.ptr = NULL}, .end = 0}; - - int64_t cborEncoderResult = CborNoError; - uint8_t mapSize = PCONF_MAP_SIZE; - - if (pconf->prmLen > 0) - { - mapSize++; - } - if (pconf->pdacls) - { - mapSize++; - } - if (pconf->pddevs) - { - mapSize++; - } - - uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen); - VERIFY_NON_NULL(TAG, outPayload, ERROR); - - cbor_encoder_init(&encoder, outPayload, cborLen, 0); - cborEncoderResult = cbor_encoder_create_map(&encoder, &pconfMap, mapSize); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating Pconf Map."); - - //edp -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_EDP_NAME, - strlen(OIC_JSON_EDP_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Encode EDP String."); - cborEncoderResult |= cbor_encode_boolean(&pconfMap, pconf->edp); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert PconfEDP value"); - - //PRM type -- Not Mandatory - if(pconf->prmLen > 0) - { - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_PRM_NAME, - strlen(OIC_JSON_PRM_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM NAME"); - CborEncoder prm = { {.ptr = NULL }, .end = 0 }; - cborEncoderResult |= cbor_encoder_create_array(&pconfMap, &prm, pconf->prmLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM value"); - - for (size_t i = 0; i < pconf->prmLen; i++) - { - cborEncoderResult |= cbor_encode_int(&prm, pconf->prm[i]); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM Array"); - } - cborEncoderResult |= cbor_encoder_close_container(&pconfMap, &prm); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close encode array"); - } - - //PIN -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_PIN_NAME, - strlen(OIC_JSON_PIN_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PIN_NAME"); - cborEncoderResult |= cbor_encode_byte_string(&pconfMap, pconf->pin.val, sizeof(pconf->pin.val)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to convert pin value"); - - //PDACL -- Mandatory - if (pconf->pdacls) - { - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_PDACL_NAME, - strlen(OIC_JSON_PDACL_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PIN_NAME"); - OicSecPdAcl_t *pdacl = pconf->pdacls; - CborEncoder pdAclArray; - cborEncoderResult |= cbor_encoder_create_array(&pconfMap, &pdAclArray, - OicPdAclSize(pconf->pdacls)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to creeate _pdacl array"); - - while(pdacl) - { - CborEncoder pdAclMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; - // PDACL Map size - Number of mandatory items - uint8_t aclMapSize = 2; - - if (pdacl->prdRecrLen) - { - ++aclMapSize; - } - if (pdacl->recurrences) - { - ++aclMapSize; - } - - cborEncoderResult |= cbor_encoder_create_map(&pdAclArray, &pdAclMap, aclMapSize); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to creeate _pdacl array"); - - // Resources -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&pdAclMap, OIC_JSON_RESOURCES_NAME, - strlen(OIC_JSON_RESOURCES_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode resource result"); - - CborEncoder resources = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; - cborEncoderResult |= cbor_encoder_create_array(&pdAclMap, &resources, - pdacl->resourcesLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create resource array"); - - for (size_t i = 0; i < pdacl->resourcesLen; i++) - { - cborEncoderResult |= cbor_encode_text_string(&resources, pdacl->resources[i], - strlen(pdacl->resources[i])); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to convert resource array"); - } - cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &resources); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close resource array"); - - // Permissions -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&pdAclMap, OIC_JSON_PERMISSION_NAME, - strlen(OIC_JSON_PERMISSION_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create permition string"); - cborEncoderResult |= cbor_encode_int(&pdAclMap, pdacl->permission); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode permition calue"); - - // Period -- Not Mandatory - if (pdacl->periods) - { - CborEncoder period = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; - cborEncoderResult |= cbor_encode_text_string(&pdAclMap, OIC_JSON_PERIODS_NAME, - strlen(OIC_JSON_PERIODS_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period value"); - cborEncoderResult |= cbor_encoder_create_array(&pdAclMap, &period, - pdacl->prdRecrLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array"); - - for (size_t i = 0; i < pdacl->prdRecrLen; i++) - { - cborEncoderResult |= cbor_encode_text_string(&period, pdacl->periods[i], - strlen(pdacl->periods[i])); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period"); - } - cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &period); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to close period array"); - } - - // Period -- Not Mandatory - if(0 != pdacl->prdRecrLen && pdacl->recurrences) - { - CborEncoder recurrences = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; - cborEncoderResult |= cbor_encode_text_string(&pdAclMap, OIC_JSON_RECURRENCES_NAME, - strlen(OIC_JSON_RECURRENCES_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to encode recurrences"); - cborEncoderResult |= cbor_encoder_create_array(&pdAclMap, &recurrences, - pdacl->prdRecrLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create rec array"); - - for (size_t i = 0; i < pdacl->prdRecrLen; i++) - { - cborEncoderResult |= cbor_encode_text_string(&recurrences, - pdacl->recurrences[i], strlen(pdacl->recurrences[i])); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode recurrences"); - } - cborEncoderResult |= cbor_encoder_close_container(&pdAclMap, &recurrences); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close rec array"); - } - cborEncoderResult |= cbor_encoder_close_container(&pdAclArray, &pdAclMap); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl map"); - - pdacl = pdacl->next; - } - //clsoe the array - cborEncoderResult |= cbor_encoder_close_container(&pconfMap, &pdAclArray); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl array"); - } - - //PDDev -- Mandatory - //There may not be paired devices if it did not pairing before - if (pconf->pddevs && 0 < pconf->pddevLen) - { - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_PDDEV_LIST_NAME, - strlen(OIC_JSON_PDDEV_LIST_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode pddev"); - CborEncoder pddev = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; - cborEncoderResult |= cbor_encoder_create_array(&pconfMap, &pddev, pconf->pddevLen); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array"); - - for (size_t i = 0; i < pconf->pddevLen; i++) - { - cborEncoderResult |= cbor_encode_byte_string(&pddev, (uint8_t *)pconf->pddevs[i].id, - sizeof(pconf->pddevs[i].id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode pddev id"); - } - cborEncoderResult |= cbor_encoder_close_container(&pconfMap, &pddev); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pddev array"); - } - - //DeviceId -- Mandatory - //There may not be devicd id if caller is provisoning tool - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_DEVICE_ID_NAME, - strlen(OIC_JSON_DEVICE_ID_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode device id"); - cborEncoderResult |= cbor_encode_byte_string(&pconfMap, (uint8_t *)pconf->deviceID.id, - sizeof(pconf->deviceID.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode deviceID value"); - - //ROwner -- Mandatory - cborEncoderResult |= cbor_encode_text_string(&pconfMap, OIC_JSON_ROWNER_NAME, - strlen(OIC_JSON_ROWNER_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rowner string"); - cborEncoderResult |= cbor_encode_byte_string(&pconfMap, (uint8_t *)pconf->rowner.id, - sizeof(pconf->rowner.id)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rwoner value"); - - cborEncoderResult |= cbor_encoder_close_container(&encoder, &pconfMap); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pconfMap"); - - *size = encoder.ptr - outPayload; - *payload = outPayload; - ret = OC_STACK_OK; -exit: - if ((CborErrorOutOfMemory == cborEncoderResult) && (cborLen < CBOR_MAX_SIZE)) - { - // reallocate and try again! - OICFree(outPayload); - // Since the allocated initial memory failed, double the memory. - cborLen += encoder.ptr - encoder.end; - cborEncoderResult = CborNoError; - ret = PconfToCBORPayload(pconf, payload, &cborLen); - *size = cborLen; - } - if ((CborNoError != cborEncoderResult) || (OC_STACK_OK != ret)) - { - OICFree(outPayload); - outPayload = NULL; - *payload = NULL; - *size = 0; - ret = OC_STACK_ERROR; - } - return ret; -} - -OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSecPconf_t **secPconf) -{ - if (NULL == cborPayload || NULL == secPconf || NULL != *secPconf || 0 == size) - { - return OC_STACK_INVALID_PARAM; - } - OCStackResult ret = OC_STACK_ERROR; - *secPconf = NULL; - CborValue pconfCbor = { .parser = NULL }; - CborParser parser = { .end = NULL }; - CborError cborFindResult = CborNoError; - int cborLen = size; - - cbor_parser_init(cborPayload, cborLen, 0, &parser, &pconfCbor); - CborValue pconfMap = { .parser = NULL } ; - OicSecPconf_t *pconf = NULL; - cborFindResult = cbor_value_enter_container(&pconfCbor, &pconfMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter map"); - pconf = (OicSecPconf_t *)OICCalloc(1, sizeof(*pconf)); - VERIFY_NON_NULL(TAG, pconf, ERROR); - while (cbor_value_is_valid(&pconfMap)) - { - char *name = NULL; - size_t len = 0; - CborType type = cbor_value_get_type(&pconfMap); - if (type == CborTextStringType) - { - cborFindResult = cbor_value_dup_text_string(&pconfMap, &name, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - cborFindResult = cbor_value_advance(&pconfMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); - } - - if (name) - { - //EDP -- Mandatory - if(0 == strcmp(OIC_JSON_EDP_NAME, name)) - { - cborFindResult = cbor_value_get_boolean(&pconfMap, &pconf->edp); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - } - if (0 == strcmp(OIC_JSON_PRM_NAME, name)) - { - CborValue prm = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->prmLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); - VERIFY_SUCCESS(TAG, pconf->prmLen != 0, ERROR); - - pconf->prm = (OicSecPrm_t *)OICCalloc(pconf->prmLen, sizeof(OicSecPrm_t)); - VERIFY_NON_NULL(TAG, pconf->prm, ERROR); - cborFindResult = cbor_value_enter_container(&pconfMap, &prm); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to eneter array"); - int i = 0; - - while (cbor_value_is_valid(&prm)) - { - cborFindResult = cbor_value_get_int(&prm, (int *)&pconf->prm[i++]); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - cborFindResult = cbor_value_advance(&prm); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); - } - } - //PIN -- Mandatory - if (0 == strcmp(OIC_JSON_PIN_NAME, name)) - { - uint8_t *pin = NULL; - cborFindResult = cbor_value_dup_byte_string(&pconfMap, &pin, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - memcpy(pconf->pin.val, pin, len); - OICFree(pin); - } - - //PDACL -- Mandatory - if (0 == strcmp(OIC_JSON_PDACL_NAME, name)) - { - CborValue pdAclArray = { .parser = NULL}; - cborFindResult = cbor_value_enter_container(&pconfMap, &pdAclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - OicSecPdAcl_t *headPdacl = NULL; - - while (cbor_value_is_valid(&pdAclArray)) - { - CborValue pdAclMap = { .parser = NULL}; - cborFindResult = cbor_value_enter_container(&pdAclArray, &pdAclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - OicSecPdAcl_t *pdacl = (OicSecPdAcl_t *) OICCalloc(1, sizeof(OicSecPdAcl_t)); - VERIFY_NON_NULL(TAG, pdacl, ERROR); - - while (cbor_value_is_valid(&pdAclMap)) - { - char* name = NULL; - size_t len = 0; - CborType type = cbor_value_get_type(&pdAclMap); - if (type == CborTextStringType) - { - cborFindResult = cbor_value_dup_text_string(&pdAclMap, &name, - &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); - cborFindResult = cbor_value_advance(&pdAclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); - } - if (name) - { - // Resources -- Mandatory - if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0) - { - CborValue resources = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&pdAclMap, - &pdacl->resourcesLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); - cborFindResult = cbor_value_enter_container(&pdAclMap, &resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - pdacl->resources = (char **) OICCalloc(pdacl->resourcesLen, - sizeof(char*)); - VERIFY_NON_NULL(TAG, pdacl->resources, ERROR); - int i = 0; - while (cbor_value_is_text_string(&resources)) - { - cborFindResult = cbor_value_dup_text_string(&resources, - &pdacl->resources[i++], &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); - cborFindResult = cbor_value_advance(&resources); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - } - } - - // Permissions -- Mandatory - if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0) - { - cborFindResult = cbor_value_get_uint64(&pdAclMap, - (uint64_t *) &pdacl->permission); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - } - - // Period -- Not mandatory - if (strcmp(name, OIC_JSON_PERIODS_NAME) == 0) - { - CborValue period = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&pdAclMap, - &pdacl->prdRecrLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); - cborFindResult = cbor_value_enter_container(&pdAclMap, &period); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - pdacl->periods = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*)); - VERIFY_NON_NULL(TAG, pdacl->periods, ERROR); - int i = 0; - while (cbor_value_is_text_string(&period)) - { - cborFindResult = cbor_value_dup_text_string(&period, - &pdacl->periods[i++], &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); - cborFindResult = cbor_value_advance(&period); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - pdacl->prdRecrLen++; - } - } - - // Recurrence -- Not mandatory - if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0) - { - CborValue recurrences = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&pdAclMap, &pdacl->prdRecrLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); - cborFindResult = cbor_value_enter_container(&pdAclMap, &recurrences); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - pdacl->recurrences = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*)); - VERIFY_NON_NULL(TAG, pdacl->recurrences, ERROR); - int i = 0; - - while (cbor_value_is_text_string(&recurrences)) - { - cborFindResult = cbor_value_dup_text_string(&recurrences, - &pdacl->recurrences[i++], &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - cborFindResult = cbor_value_advance(&recurrences); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - } - } - if (type != CborMapType && cbor_value_is_valid(&pdAclMap)) - { - cborFindResult = cbor_value_advance(&pdAclMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - } - } - if (cbor_value_is_valid(&pdAclArray)) - { - cborFindResult = cbor_value_advance(&pdAclArray); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - } - OICFree(name); - name = NULL; - } - pdacl->next = NULL; - if (headPdacl == NULL) - { - headPdacl = pdacl; - } - else - { - OicSecPdAcl_t *temp = headPdacl; - while (temp->next) - { - temp = temp->next; - } - temp->next = pdacl; - } - } - pconf->pdacls = headPdacl; - } - - //PDDev -- Mandatory - if (strcmp(name, OIC_JSON_PDDEV_LIST_NAME) == 0) - { - CborValue pddevs = { .parser = NULL }; - cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->pddevLen); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); - cborFindResult = cbor_value_enter_container(&pconfMap, &pddevs); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); - int i = 0; - - pconf->pddevs = (OicUuid_t *)OICMalloc(pconf->pddevLen * sizeof(OicUuid_t)); - VERIFY_NON_NULL(TAG, pconf->pddevs, ERROR); - while (cbor_value_is_valid(&pddevs)) - { - uint8_t *pddev = NULL; - cborFindResult = cbor_value_dup_byte_string(&pddevs, &pddev, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); - cborFindResult = cbor_value_advance(&pddevs); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - memcpy(pconf->pddevs[i++].id, pddev, len); - OICFree(pddev); - } - } - - //Mandatory - Device Id - if (0 == strcmp(OIC_JSON_DEVICE_ID_NAME, name)) - { - uint8_t *deviceId = NULL; - cborFindResult = cbor_value_dup_byte_string(&pconfMap, &deviceId, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get deviceID"); - memcpy(pconf->deviceID.id, deviceId, len); - OICFree(deviceId); - } - - // ROwner -- Mandatory - if (0 == strcmp(OIC_JSON_ROWNER_NAME, name)) - { - uint8_t *rowner = NULL; - cborFindResult = cbor_value_dup_byte_string(&pconfMap, &rowner, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get rowner"); - memcpy(pconf->rowner.id, rowner, len); - OICFree(rowner); - } - } - if (CborMapType != type && cbor_value_is_valid(&pconfMap)) - { - cborFindResult = cbor_value_advance(&pconfMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); - } - OICFree(name); - name = NULL; - } - *secPconf=pconf; - ret = OC_STACK_OK; -exit: - if (CborNoError != cborFindResult) - { - OIC_LOG (ERROR, TAG, "CBORPayloadToPconf failed"); - DeletePconfBinData(pconf); - pconf = NULL; - ret = OC_STACK_ERROR; - } - return ret; -} - -static bool UpdatePersistentStorage(const OicSecPconf_t * pconf) -{ - bool ret = false; - - // Convert PCONF data into Cborpayload for update to persistent storage - uint8_t *payload = NULL; - size_t size = 0; - if (OC_STACK_OK == PconfToCBORPayload(pconf, &payload, &size) && NULL !=payload) - { - if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_PCONF_NAME, payload, size)) - { - ret = true; - } - OICFree(payload); - } - return ret; -} - -static OCEntityHandlerResult HandlePconfGetRequest (const OCEntityHandlerRequest * ehRequest) -{ - uint8_t* payload = NULL; - size_t size = 0; - OCEntityHandlerResult ehRet = OC_EH_OK; - - OicSecPconf_t pconf; - memset(&pconf, 0, sizeof(OicSecPconf_t)); - - OIC_LOG (DEBUG, TAG, "Pconf EntityHandle processing GET request"); - - if (true == GetDoxmResourceData()->dpc) - { - //Making response elements for Get request - if( (true == gPconf->edp) && (gPconf->prm && 0 < gPconf->prmLen) && - (0 < strlen((const char*)gPconf->deviceID.id)) && (0 < strlen((const char*)gPconf->rowner.id))) - { - pconf.edp = true; - pconf.prm = gPconf->prm; - pconf.prmLen = gPconf->prmLen; - memcpy(&pconf.deviceID, &gPconf->deviceID, sizeof(OicUuid_t)); - memcpy(&pconf.rowner, &gPconf->rowner, sizeof(OicUuid_t)); - OIC_LOG (DEBUG, TAG, "PCONF - direct pairing enabled"); - } - else if (false == gPconf->edp) - { - pconf.edp = false; - memcpy(&pconf.rowner, &gPconf->rowner, sizeof(OicUuid_t)); - OIC_LOG (DEBUG, TAG, "PCONF - direct pairing disable"); - } - else - { - ehRet= OC_EH_ERROR; - OIC_LOG (DEBUG, TAG, "PCONF - error"); - } - } - else - { - OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled"); - } - - - if (OC_STACK_OK != PconfToCBORPayload(gPconf, &payload, &size)) - { - ehRet = OC_EH_ERROR; - } - ehRet = (payload ? OC_EH_OK : OC_EH_ERROR); - - // Send response payload to request originator - SendSRMCBORResponse(ehRequest, ehRet, payload, size); - OIC_LOG_V(DEBUG, TAG, "%s RetVal %d", __func__, ehRet); - - return ehRet; -} - -static OCEntityHandlerResult HandlePconfPostRequest (const OCEntityHandlerRequest * ehRequest) -{ - OCEntityHandlerResult ehRet = OC_EH_OK; - OCStackResult res=OC_STACK_OK; - OicSecPconf_t* newPconf = NULL; - - if (true == GetDoxmResourceData()->dpc) - { - // Convert CBOR PCONF data into binary. This will also validate the PCONF data received. - uint8_t *payload = ((OCSecurityPayload *) ehRequest->payload)->securityData1; - size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize; - - if(payload){ - res = CBORPayloadToPconf(payload, size, &newPconf); - } - } - else - { - OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled"); - ehRet = OC_EH_ERROR; - } - - if (newPconf && res == OC_STACK_OK) - { - // Check if valid Post request - if ((true == newPconf->edp) && (0 < newPconf->prmLen) && - DP_PIN_LENGTH == sizeof((const char*)newPconf->pin.val)) - { - OicSecPrm_t *oldPrm = gPconf->prm; - OicSecPdAcl_t *oldPdacl = gPconf->pdacls; - - // Update local PCONF with new PCONF - gPconf->edp = true; - memcpy(&gPconf->pin, &newPconf->pin, sizeof(OicDpPin_t)); - gPconf->prm = newPconf->prm; - gPconf->prmLen = newPconf->prmLen; - gPconf->pdacls = newPconf->pdacls; - memcpy(&gPconf->rowner, &newPconf->rowner, sizeof(OicUuid_t)); - - // to delete old value(prm, pdacl) - newPconf->prm = oldPrm; - newPconf->pdacls = oldPdacl; - } - else if (false == newPconf->edp) - { - gPconf->edp = false; - } - else - { - ehRet = OC_EH_ERROR; - } - - // Update storage - if(OC_EH_ERROR != ehRet && true == UpdatePersistentStorage(gPconf)) - { - ehRet = OC_EH_RESOURCE_CREATED; - } - - DeletePconfBinData(newPconf); - } - else - { - ehRet = OC_EH_ERROR; - } - - // Send payload to request originator - SendSRMCBORResponse(ehRequest, ehRet, NULL, 0); - - OIC_LOG_V (DEBUG, TAG, "%s RetVal %d", __func__ , ehRet); - return ehRet; -} - -/* - * This internal method is the entity handler for PCONF resources and - * will handle REST request (POST) for them. - */ -OCEntityHandlerResult PconfEntityHandler (OCEntityHandlerFlag flag, - OCEntityHandlerRequest * ehRequest, - void* callbackParameter) -{ - OIC_LOG(DEBUG, TAG, "Received request PconfEntityHandler"); - (void)callbackParameter; - OCEntityHandlerResult ehRet = OC_EH_ERROR; - - if (!ehRequest) - { - return ehRet; - } - - if (flag & OC_REQUEST_FLAG) - { - OIC_LOG (DEBUG, TAG, "Flag includes OC_REQUEST_FLAG"); - switch (ehRequest->method) - { - case OC_REST_GET: - ehRet = HandlePconfGetRequest(ehRequest); - break; - - case OC_REST_POST: - ehRet = HandlePconfPostRequest(ehRequest); - break; - - case OC_REST_DELETE: - break; - - default: - ehRet = OC_EH_ERROR; - SendSRMCBORResponse(ehRequest, ehRet, NULL, 0); - } - } - - return ehRet; -} - -/* - * This internal method is used to create '/oic/sec/pconf' resource. - */ -OCStackResult CreatePconfResource() -{ - OCStackResult ret; - - ret = OCCreateResource(&gPconfHandle, - OIC_RSRC_TYPE_SEC_PCONF, - OIC_MI_DEF, - OIC_RSRC_PCONF_URI, - PconfEntityHandler, - NULL, - OC_SECURE | OC_EXPLICIT_DISCOVERABLE); - - if (OC_STACK_OK != ret) - { - OIC_LOG (ERROR, TAG, "Unable to instantiate PCONF resource"); - DeInitPconfResource(); - } - return ret; -} - -/** - * Get the default value. - * @retval the gDefaultPconf pointer; - */ -static OicSecPconf_t* GetPconfDefault() -{ - OIC_LOG (DEBUG, TAG, "GetPconfDefault"); - - return &gDefaultPconf; -} - -/** - * This method is used by SRM to retrieve PCONF resource data.. - * - * @retval reference to @ref OicSecPconf_t, binary format of Pconf resource data - */ -const OicSecPconf_t* GetPconfResourceData() -{ - return gPconf; -} - -/** - * Initialize PCONF resource by loading data from persistent storage. - * - * @retval OC_STACK_OK for Success, otherwise some error value - */ -OCStackResult InitPconfResource() -{ - OCStackResult ret = OC_STACK_ERROR; - - uint8_t *data = NULL; - size_t size = 0; - - ret = GetSecureVirtualDatabaseFromPS(OIC_JSON_PCONF_NAME, &data, &size); - // If database read failed - if (ret != OC_STACK_OK) - { - OIC_LOG(DEBUG, TAG, "ReadSVDataFromPS failed"); - } - if (data) - { - CBORPayloadToPconf(data, size, &gPconf); - } - - if (!data || !gPconf) - { - gPconf = GetPconfDefault(); - - // device id from doxm - OicUuid_t deviceId = {.id = {0}}; - OCStackResult ret = GetDoxmDeviceID( &deviceId); - VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); - memcpy(&gPconf->deviceID, &deviceId, sizeof(OicUuid_t)); - } - VERIFY_NON_NULL(TAG, gPconf, ERROR); - - // Instantiate 'oic.sec.pconf' - ret = CreatePconfResource(); - -exit: - if (OC_STACK_OK != ret) - { - DeInitPconfResource(); - } - OICFree(data); - return ret; -} - -/** - * Perform cleanup for PCONF resources. - * - * @return - * OC_STACK_OK - no error - * OC_STACK_ERROR - stack process error - * - */ -OCStackResult DeInitPconfResource() -{ - OCStackResult ret = OCDeleteResource(gPconfHandle); - if(gPconf!= &gDefaultPconf) - { - DeletePconfBinData(gPconf); - } - gPconf = NULL; - - if(OC_STACK_OK == ret) - { - return OC_STACK_OK; - } - else - { - return OC_STACK_ERROR; - } -} - -/** - * This method might be used to add a paired device id after direct-pairing process complete. - * - * @param pdeviceId ID of the paired device. - * - * @retval OC_STACK_OK for Success, otherwise some error value - */ -OCStackResult AddPairedDevice(OicUuid_t *pdeviceId) -{ - if (!gPconf || !pdeviceId) - { - return OC_STACK_INVALID_PARAM; - } - - - OicUuid_t *prevList = gPconf->pddevs; - gPconf->pddevs = (OicUuid_t *)OICCalloc(gPconf->pddevLen+1, sizeof(OicUuid_t)); - if(!gPconf->pddevs) - { - return OC_STACK_NO_MEMORY; - } - for (size_t i=0; ipddevLen; i++) - { - memcpy(&gPconf->pddevs[i], &prevList[i], sizeof(OicUuid_t)); - } - - // add new paired device id - memcpy(&gPconf->pddevs[gPconf->pddevLen], pdeviceId, sizeof(OicUuid_t)); - gPconf->pddevLen++; - - // Update storage - if(true != UpdatePersistentStorage(gPconf)) - { - OIC_LOG (ERROR, TAG, "Fail to update pconf resource"); - return OC_STACK_ERROR; - } - - OIC_LOG (ERROR, TAG, "Add paired device success"); - return OC_STACK_OK; -} - -/** - * This method might be used by PolicyEngine to retrieve PDACL for a Subject. - * - * @param subjectId ID of the subject for which PDACL is required. - * @param savePtr is used internally by @ref GetACLResourceData to maintain index between - * successive calls for same subjectId. - * - * @retval reference to @ref OicSecPdAcl_t if PDACL is found, else NULL - */ -const OicSecPdAcl_t* GetPdAclData(const OicUuid_t* subjectId, OicSecPdAcl_t **savePtr) -{ - OicSecPdAcl_t *pdacl = NULL; - - if ( NULL == subjectId) - { - return NULL; - } - - /* - * savePtr MUST point to NULL if this is the 'first' call to retrieve PDACL for - * subjectID. - */ - if (NULL == *savePtr) - { - pdacl = gPconf->pdacls; - - // Find if 'subjectID' is in paired device list. - for(size_t i=0; ipddevLen; i++) - { - if (memcmp(&(gPconf->pddevs[i]), subjectId, sizeof(OicUuid_t)) == 0) - { - *savePtr = pdacl; - return pdacl; - } - } - } - else - { - OicSecPdAcl_t *temp = NULL; - - /* - * If this is a 'successive' call, search for location pointed by - * savePtr and assign 'begin' to the next PDACL after it in the linked - * list and start searching from there. - */ - LL_FOREACH(gPconf->pdacls, temp) - { - if (temp == *savePtr) - { - pdacl = temp->next; - *savePtr = pdacl; - return pdacl; - } - } - } - - // Cleanup in case no PDACL is found - *savePtr = NULL; - return NULL; -} - -/** - * This method return whether device is paired or not. - * - * @param pdeviceId Target device ID to find in paired list. - * @retval ture if device is already paired, else false - */ -bool IsPairedDevice(const OicUuid_t* pdeviceId) -{ - // Find if 'pdeviceId' is in paired device list. - for(size_t i=0; ipddevLen; i++) - { - if (memcmp(&(gPconf->pddevs[i]), pdeviceId, sizeof(OicUuid_t)) == 0) - { - return true; - } - } - return false; -} +/* ***************************************************************** + * + * Copyright 2016 Samsung Electronics All Rights Reserved. + * + * + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + * *****************************************************************/ + +#include +#include +#include "ocstack.h" +#include "logger.h" +#include "oic_malloc.h" +#include "oic_string.h" +#include "cJSON.h" +#include "base64.h" +#include "ocpayload.h" +#include "payload_logging.h" +#include "resourcemanager.h" +#include "pconfresource.h" +#include "psinterface.h" +#include "utlist.h" +#include "srmresourcestrings.h" +#include "doxmresource.h" +#include "srmutility.h" +#include "ocserverrequest.h" +#include +#include "psinterface.h" +#include "security_internals.h" +#ifdef WITH_ARDUINO +#include +#else +#include +#endif + +#define TAG "SRM-PCONF" + +static const uint16_t CBOR_SIZE = 1024; +static const uint64_t CBOR_MAX_SIZE = 4400; +static const uint8_t PCONF_MAP_SIZE = 4; +static const uint8_t PCONF_RESOURCE_MAP_SIZE = 3; + +static OicSecPconf_t *gPconf = NULL; +static OCResourceHandle gPconfHandle = NULL; +static OicSecPconf_t gDefaultPconf = +{ + false, /* bool edp */ + NULL, /* OicSecPrm *prm */ + 0, /* size_t prmLen */ + {.val = {0}}, /* OicDpPin_t pin */ + NULL, /* OicSecPdAcl_t *pdacls */ + NULL, /* OicUuid_t *pddevs */ + 0, /* size_t pddevLen */ + {.id = {0}}, /* OicUuid_t deviceID */ + {.id = {0}}, /* OicUuid_t rowner */ +}; + +/** + * This function frees OicSecPdAcl_t object's fields and object itself. + */ +void FreePdAclList(OicSecPdAcl_t* pdacls) +{ + if (pdacls) + { + size_t i = 0; + + //Clean pdacl objecs + OicSecPdAcl_t *aclTmp1 = NULL; + OicSecPdAcl_t *aclTmp2 = NULL; + LL_FOREACH_SAFE(pdacls, aclTmp1, aclTmp2) + { + LL_DELETE(pdacls, aclTmp1); + + // Clean Resources + for (i = 0; i < aclTmp1->resourcesLen; i++) + { + OICFree(aclTmp1->resources[i]); + } + OICFree(aclTmp1->resources); + + //Clean Period + if(aclTmp1->periods) + { + for(i = 0; i < aclTmp1->prdRecrLen; i++) + { + OICFree(aclTmp1->periods[i]); + } + OICFree(aclTmp1->periods); + } + + //Clean Recurrence + if(aclTmp1->recurrences) + { + for(i = 0; i < aclTmp1->prdRecrLen; i++) + { + OICFree(aclTmp1->recurrences[i]); + } + OICFree(aclTmp1->recurrences); + } + } + + //Clean pconf itself + OICFree(pdacls); + } +} + +void DeletePconfBinData(OicSecPconf_t* pconf) +{ + if (pconf) + { + //Clean prm + OICFree(pconf->prm); + + //Clean pdacl + if (pconf->pdacls) + { + FreePdAclList(pconf->pdacls); + } + + //Clean pddev + OICFree(pconf->pddevs); + + //Clean pconf itself + OICFree(pconf); + } +} + +static size_t OicPdAclSize(const OicSecPdAcl_t *pdAcl) +{ + if (!pdAcl) + { + return 0; + } + + OicSecPdAcl_t *tmp = (OicSecPdAcl_t *)pdAcl; + size_t size = 0; + while (tmp) + { + size++; + tmp = tmp->next; + } + return size; +} + +OCStackResult PconfToCBORPayload(const OicSecPconf_t *pconf,uint8_t **payload,size_t *size) +{ + if (NULL == pconf || NULL == payload || NULL != *payload || NULL == size) + { + return OC_STACK_INVALID_PARAM; + } + size_t cborLen = *size; + if(0 == cborLen) + { + cborLen = CBOR_SIZE; + } + *payload = NULL; + + OCStackResult ret = OC_STACK_ERROR; + CborEncoder encoder = { {.ptr = NULL}, .end = 0}; + CborEncoder pconfMap = { {.ptr = NULL}, .end = 0}; + + int64_t cborEncoderResult = CborNoError; + uint8_t mapSize = PCONF_MAP_SIZE; + + if (pconf->prmLen > 0) + { + mapSize++; + } + if (pconf->pdacls) + { + mapSize++; + } + if (pconf->pddevs) + { + mapSize++; + } + + uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen); + VERIFY_NON_NULL(TAG, outPayload, ERROR); + + cbor_encoder_init(&encoder, outPayload, cborLen, 0); + cborEncoderResult = cbor_encoder_create_map(&encoder, &pconfMap, mapSize); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating Pconf Map."); + + //edp -- Mandatory + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_EDP_NAME, + strlen(OIC_JSON_EDP_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Encode EDP String."); + cborEncoderResult = cbor_encode_boolean(&pconfMap, pconf->edp); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert PconfEDP value"); + + //PRM type -- Not Mandatory + if(pconf->prmLen > 0) + { + CborEncoder prm = { {.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PRM_NAME, + strlen(OIC_JSON_PRM_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM NAME"); + cborEncoderResult = cbor_encoder_create_array(&pconfMap, &prm, pconf->prmLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM value"); + + for (size_t i = 0; i < pconf->prmLen; i++) + { + cborEncoderResult = cbor_encode_int(&prm, pconf->prm[i]); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM Array"); + } + cborEncoderResult = cbor_encoder_close_container(&pconfMap, &prm); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close encode array"); + } + + //PIN -- Mandatory + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PIN_NAME, + strlen(OIC_JSON_PIN_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PIN_NAME"); + cborEncoderResult = cbor_encode_byte_string(&pconfMap, pconf->pin.val, sizeof(pconf->pin.val)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to convert pin value"); + + //PDACL -- Mandatory + if (pconf->pdacls) + { + OicSecPdAcl_t *pdacl = pconf->pdacls; + CborEncoder pdAclArray = {{.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PDACL_NAME, + strlen(OIC_JSON_PDACL_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PDACL_NAME"); + cborEncoderResult = cbor_encoder_create_array(&pconfMap, &pdAclArray, + OicPdAclSize(pconf->pdacls)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to creeate _pdacl array"); + + while(pdacl) + { + CborEncoder pdAclMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + // PDACL Map size - Number of mandatory items + uint8_t aclMapSize = 2; + + if (pdacl->prdRecrLen) + { + ++aclMapSize; + } + if (pdacl->recurrences) + { + ++aclMapSize; + } + + cborEncoderResult = cbor_encoder_create_map(&pdAclArray, &pdAclMap, aclMapSize); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to creeate _pdacl array"); + + // Resources -- Mandatory + cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_RESOURCES_NAME, + strlen(OIC_JSON_RESOURCES_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode resource result"); + + CborEncoder resources = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &resources, + pdacl->resourcesLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create resource array"); + + for (size_t i = 0; i < pdacl->resourcesLen; i++) + { + CborEncoder rMap = { {.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encoder_create_map(&resources, &rMap, + PCONF_RESOURCE_MAP_SIZE); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME, + strlen(OIC_JSON_HREF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag."); + cborEncoderResult = cbor_encode_text_string(&rMap, pdacl->resources[i], + strlen(pdacl->resources[i])); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME, + strlen(OIC_JSON_RT_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag."); + + // TODO : Need to assign real value of RT + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value."); + + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME, + strlen(OIC_JSON_IF_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag."); + + // TODO : Need to assign real value of IF + cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING, + strlen(OIC_JSON_EMPTY_STRING)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value."); + + cborEncoderResult = cbor_encoder_close_container(&resources, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map."); + } + + cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &resources); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close resource array"); + + // Permissions -- Mandatory + cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_PERMISSION_NAME, + strlen(OIC_JSON_PERMISSION_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create permition string"); + cborEncoderResult = cbor_encode_int(&pdAclMap, pdacl->permission); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode permition calue"); + + // Period -- Not Mandatory + if (pdacl->periods) + { + CborEncoder period = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_PERIODS_NAME, + strlen(OIC_JSON_PERIODS_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period value"); + cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &period, + pdacl->prdRecrLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array"); + + for (size_t i = 0; i < pdacl->prdRecrLen; i++) + { + cborEncoderResult = cbor_encode_text_string(&period, pdacl->periods[i], + strlen(pdacl->periods[i])); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period"); + } + cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &period); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to close period array"); + } + + // Period -- Not Mandatory + if(0 != pdacl->prdRecrLen && pdacl->recurrences) + { + CborEncoder recurrences = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_RECURRENCES_NAME, + strlen(OIC_JSON_RECURRENCES_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to encode recurrences"); + cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &recurrences, + pdacl->prdRecrLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create rec array"); + + for (size_t i = 0; i < pdacl->prdRecrLen; i++) + { + cborEncoderResult = cbor_encode_text_string(&recurrences, + pdacl->recurrences[i], strlen(pdacl->recurrences[i])); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode recurrences"); + } + cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &recurrences); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close rec array"); + } + cborEncoderResult = cbor_encoder_close_container(&pdAclArray, &pdAclMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl map"); + + pdacl = pdacl->next; + } + //clsoe the array + cborEncoderResult = cbor_encoder_close_container(&pconfMap, &pdAclArray); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl array"); + } + + //PDDev -- Mandatory + //There may not be paired devices if it did not pairing before + if (pconf->pddevs && 0 < pconf->pddevLen) + { + CborEncoder pddev = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 }; + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PDDEV_LIST_NAME, + strlen(OIC_JSON_PDDEV_LIST_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode pddev"); + cborEncoderResult = cbor_encoder_create_array(&pconfMap, &pddev, pconf->pddevLen); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array"); + + for (size_t i = 0; i < pconf->pddevLen; i++) + { + char *pddevId = NULL; + ret = ConvertUuidToStr(&pconf->pddevs[i], &pddevId); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&pddev, pddevId, strlen(pddevId)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding pddev Id Value."); + OICFree(pddevId); + } + cborEncoderResult = cbor_encoder_close_container(&pconfMap, &pddev); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pddev array"); + } + + //DeviceId -- Mandatory + //There may not be devicd id if caller is provisoning tool + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_DEVICE_ID_NAME, + strlen(OIC_JSON_DEVICE_ID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode device id"); + { + char *deviceId = NULL; + ret = ConvertUuidToStr(&pconf->deviceID, &deviceId); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&pconfMap, deviceId, strlen(deviceId)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode deviceID value"); + OICFree(deviceId); + } + + //ROwner -- Mandatory + cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rowner string"); + { + char *rowner = NULL; + ret = ConvertUuidToStr(&pconf->rowner, &rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + cborEncoderResult = cbor_encode_text_string(&pconfMap, rowner, strlen(rowner)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rwoner value"); + OICFree(rowner); + } + + cborEncoderResult = cbor_encoder_close_container(&encoder, &pconfMap); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pconfMap"); + + *size = encoder.ptr - outPayload; + *payload = outPayload; + ret = OC_STACK_OK; +exit: + if ((CborErrorOutOfMemory == cborEncoderResult) && (cborLen < CBOR_MAX_SIZE)) + { + // reallocate and try again! + OICFree(outPayload); + // Since the allocated initial memory failed, double the memory. + cborLen += encoder.ptr - encoder.end; + cborEncoderResult = CborNoError; + ret = PconfToCBORPayload(pconf, payload, &cborLen); + *size = cborLen; + } + if ((CborNoError != cborEncoderResult) || (OC_STACK_OK != ret)) + { + OICFree(outPayload); + outPayload = NULL; + *payload = NULL; + *size = 0; + ret = OC_STACK_ERROR; + } + return ret; +} + +OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSecPconf_t **secPconf) +{ + if (NULL == cborPayload || NULL == secPconf || NULL != *secPconf || 0 == size) + { + return OC_STACK_INVALID_PARAM; + } + OCStackResult ret = OC_STACK_ERROR; + *secPconf = NULL; + CborValue pconfCbor = { .parser = NULL }; + CborParser parser = { .end = NULL }; + CborError cborFindResult = CborNoError; + int cborLen = size; + + cbor_parser_init(cborPayload, cborLen, 0, &parser, &pconfCbor); + CborValue pconfMap = { .parser = NULL } ; + OicSecPconf_t *pconf = NULL; + cborFindResult = cbor_value_enter_container(&pconfCbor, &pconfMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter map"); + pconf = (OicSecPconf_t *)OICCalloc(1, sizeof(*pconf)); + VERIFY_NON_NULL(TAG, pconf, ERROR); + while (cbor_value_is_valid(&pconfMap)) + { + char *name = NULL; + size_t len = 0; + CborType type = cbor_value_get_type(&pconfMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&pconfMap, &name, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + cborFindResult = cbor_value_advance(&pconfMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); + } + + if (name) + { + //EDP -- Mandatory + if(0 == strcmp(OIC_JSON_EDP_NAME, name)) + { + cborFindResult = cbor_value_get_boolean(&pconfMap, &pconf->edp); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + } + if (0 == strcmp(OIC_JSON_PRM_NAME, name)) + { + int i = 0; + CborValue prm = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->prmLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); + VERIFY_SUCCESS(TAG, pconf->prmLen != 0, ERROR); + + pconf->prm = (OicSecPrm_t *)OICCalloc(pconf->prmLen, sizeof(OicSecPrm_t)); + VERIFY_NON_NULL(TAG, pconf->prm, ERROR); + cborFindResult = cbor_value_enter_container(&pconfMap, &prm); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to eneter array"); + + while (cbor_value_is_valid(&prm)) + { + cborFindResult = cbor_value_get_int(&prm, (int *)&pconf->prm[i++]); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + cborFindResult = cbor_value_advance(&prm); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); + } + } + //PIN -- Mandatory + if (0 == strcmp(OIC_JSON_PIN_NAME, name)) + { + uint8_t *pin = NULL; + cborFindResult = cbor_value_dup_byte_string(&pconfMap, &pin, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + memcpy(pconf->pin.val, pin, len); + OICFree(pin); + } + + //PDACL -- Mandatory + if (0 == strcmp(OIC_JSON_PDACL_NAME, name)) + { + CborValue pdAclArray = { .parser = NULL}; + OicSecPdAcl_t *headPdacl = NULL; + + cborFindResult = cbor_value_enter_container(&pconfMap, &pdAclArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + + while (cbor_value_is_valid(&pdAclArray)) + { + CborValue pdAclMap = { .parser = NULL}; + OicSecPdAcl_t *pdacl = (OicSecPdAcl_t *) OICCalloc(1, sizeof(OicSecPdAcl_t)); + VERIFY_NON_NULL(TAG, pdacl, ERROR); + + cborFindResult = cbor_value_enter_container(&pdAclArray, &pdAclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + + while (cbor_value_is_valid(&pdAclMap)) + { + char* name = NULL; + size_t len = 0; + CborType type = cbor_value_get_type(&pdAclMap); + if (type == CborTextStringType) + { + cborFindResult = cbor_value_dup_text_string(&pdAclMap, &name, + &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); + cborFindResult = cbor_value_advance(&pdAclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value"); + } + if (name) + { + // Resources -- Mandatory + if (strcmp(name, OIC_JSON_RESOURCES_NAME) == 0) + { + int i = 0; + CborValue resources = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&pdAclMap, + &pdacl->resourcesLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); + cborFindResult = cbor_value_enter_container(&pdAclMap, &resources); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + pdacl->resources = (char **) OICCalloc(pdacl->resourcesLen, + sizeof(char*)); + VERIFY_NON_NULL(TAG, pdacl->resources, ERROR); + + while (cbor_value_is_valid(&resources)) + { + CborValue rMap = { .parser = NULL }; + cborFindResult = cbor_value_enter_container(&resources, &rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map"); + + while(cbor_value_is_valid(&rMap)) + { + char *rMapName = NULL; + size_t rMapNameLen = 0; + cborFindResult = cbor_value_dup_text_string(&rMap, &rMapName, &rMapNameLen, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Name Tag."); + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Value."); + + // "href" + if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecPdAcl_t based on RAML spec. + cborFindResult = cbor_value_dup_text_string(&rMap, &pdacl->resources[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value."); + } + + // "rt" + if (0 == strcmp(OIC_JSON_RT_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecPdAcl_t and assign based on RAML spec. + char *rtData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value."); + OICFree(rtData); + } + + // "if" + if (0 == strcmp(OIC_JSON_IF_NAME, rMapName)) + { + // TODO : Need to check data structure of OicSecPdAcl_t and assign based on RAML spec. + char *ifData = NULL; + cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value."); + OICFree(ifData); + } + + if (cbor_value_is_valid(&rMap)) + { + cborFindResult = cbor_value_advance(&rMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Rlist Map."); + } + OICFree(rMapName); + } + + if (cbor_value_is_valid(&resources)) + { + cborFindResult = cbor_value_advance(&resources); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + } + } + } + + // Permissions -- Mandatory + if (strcmp(name, OIC_JSON_PERMISSION_NAME) == 0) + { + cborFindResult = cbor_value_get_uint64(&pdAclMap, + (uint64_t *) &pdacl->permission); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + } + + // Period -- Not mandatory + if (strcmp(name, OIC_JSON_PERIODS_NAME) == 0) + { + int i = 0; + CborValue period = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&pdAclMap, + &pdacl->prdRecrLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); + cborFindResult = cbor_value_enter_container(&pdAclMap, &period); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + pdacl->periods = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*)); + VERIFY_NON_NULL(TAG, pdacl->periods, ERROR); + + while (cbor_value_is_text_string(&period)) + { + cborFindResult = cbor_value_dup_text_string(&period, + &pdacl->periods[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text"); + cborFindResult = cbor_value_advance(&period); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + pdacl->prdRecrLen++; + } + } + + // Recurrence -- Not mandatory + if (strcmp(name, OIC_JSON_RECURRENCES_NAME) == 0) + { + int i = 0; + CborValue recurrences = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&pdAclMap, &pdacl->prdRecrLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); + cborFindResult = cbor_value_enter_container(&pdAclMap, &recurrences); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + pdacl->recurrences = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*)); + VERIFY_NON_NULL(TAG, pdacl->recurrences, ERROR); + + while (cbor_value_is_text_string(&recurrences)) + { + cborFindResult = cbor_value_dup_text_string(&recurrences, + &pdacl->recurrences[i++], &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + cborFindResult = cbor_value_advance(&recurrences); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + } + } + if (type != CborMapType && cbor_value_is_valid(&pdAclMap)) + { + cborFindResult = cbor_value_advance(&pdAclMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + } + } + if (cbor_value_is_valid(&pdAclArray)) + { + cborFindResult = cbor_value_advance(&pdAclArray); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + } + OICFree(name); + name = NULL; + } + pdacl->next = NULL; + if (headPdacl == NULL) + { + headPdacl = pdacl; + } + else + { + OicSecPdAcl_t *temp = headPdacl; + while (temp->next) + { + temp = temp->next; + } + temp->next = pdacl; + } + } + pconf->pdacls = headPdacl; + } + + //PDDev -- Mandatory + if (strcmp(name, OIC_JSON_PDDEV_LIST_NAME) == 0) + { + int i = 0; + CborValue pddevs = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->pddevLen); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length"); + cborFindResult = cbor_value_enter_container(&pconfMap, &pddevs); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter"); + + pconf->pddevs = (OicUuid_t *)OICMalloc(pconf->pddevLen * sizeof(OicUuid_t)); + VERIFY_NON_NULL(TAG, pconf->pddevs, ERROR); + while (cbor_value_is_valid(&pddevs)) + { + char *pddev = NULL; + cborFindResult = cbor_value_dup_text_string(&pddevs, &pddev, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value"); + cborFindResult = cbor_value_advance(&pddevs); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + ret = ConvertStrToUuid(pddev, &pconf->pddevs[i++]); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(pddev); + } + } + + //Mandatory - Device Id + if (0 == strcmp(OIC_JSON_DEVICE_ID_NAME, name)) + { + char *deviceId = NULL; + cborFindResult = cbor_value_dup_text_string(&pconfMap, &deviceId, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get deviceID"); + ret = ConvertStrToUuid(deviceId, &pconf->deviceID); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(deviceId); + } + + // ROwner -- Mandatory + if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name)) + { + char *rowner = NULL; + cborFindResult = cbor_value_dup_text_string(&pconfMap, &rowner, &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get rowner"); + ret = ConvertStrToUuid(rowner, &pconf->rowner); + VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR); + OICFree(rowner); + } + } + if (CborMapType != type && cbor_value_is_valid(&pconfMap)) + { + cborFindResult = cbor_value_advance(&pconfMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance"); + } + OICFree(name); + name = NULL; + } + *secPconf=pconf; + ret = OC_STACK_OK; +exit: + if (CborNoError != cborFindResult) + { + OIC_LOG (ERROR, TAG, "CBORPayloadToPconf failed"); + DeletePconfBinData(pconf); + pconf = NULL; + *secPconf = NULL; + ret = OC_STACK_ERROR; + } + return ret; +} + +static bool UpdatePersistentStorage(const OicSecPconf_t * pconf) +{ + bool ret = false; + + // Convert PCONF data into Cborpayload for update to persistent storage + uint8_t *payload = NULL; + size_t size = 0; + if (OC_STACK_OK == PconfToCBORPayload(pconf, &payload, &size) && NULL !=payload) + { + if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_PCONF_NAME, payload, size)) + { + ret = true; + } + OICFree(payload); + } + return ret; +} + +static OCEntityHandlerResult HandlePconfGetRequest (const OCEntityHandlerRequest * ehRequest) +{ + uint8_t* payload = NULL; + size_t size = 0; + OCEntityHandlerResult ehRet = OC_EH_OK; + + OicSecPconf_t pconf; + memset(&pconf, 0, sizeof(OicSecPconf_t)); + + OIC_LOG (DEBUG, TAG, "Pconf EntityHandle processing GET request"); + + if (true == GetDoxmResourceData()->dpc) + { + //Making response elements for Get request + if( (true == gPconf->edp) && (gPconf->prm && 0 < gPconf->prmLen) && + (0 < strlen((const char*)gPconf->deviceID.id)) && (0 < strlen((const char*)gPconf->rowner.id))) + { + pconf.edp = true; + pconf.prm = gPconf->prm; + pconf.prmLen = gPconf->prmLen; + memcpy(&pconf.deviceID, &gPconf->deviceID, sizeof(OicUuid_t)); + memcpy(&pconf.rowner, &gPconf->rowner, sizeof(OicUuid_t)); + OIC_LOG (DEBUG, TAG, "PCONF - direct pairing enabled"); + } + else if (false == gPconf->edp) + { + pconf.edp = false; + memcpy(&pconf.rowner, &gPconf->rowner, sizeof(OicUuid_t)); + OIC_LOG (DEBUG, TAG, "PCONF - direct pairing disable"); + } + else + { + ehRet= OC_EH_ERROR; + OIC_LOG (DEBUG, TAG, "PCONF - error"); + } + } + else + { + OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled"); + } + + + if (OC_STACK_OK != PconfToCBORPayload(gPconf, &payload, &size)) + { + ehRet = OC_EH_ERROR; + } + + if(OC_EH_OK == ehRet) + { + ehRet = (payload ? OC_EH_OK : OC_EH_ERROR); + } + else + { + OICFree(payload); + payload = NULL; + size = 0; + } + + // Send response payload to request originator + SendSRMCBORResponse(ehRequest, ehRet, payload, size); + OIC_LOG_V(DEBUG, TAG, "%s RetVal %d", __func__, ehRet); + + return ehRet; +} + +static OCEntityHandlerResult HandlePconfPostRequest (const OCEntityHandlerRequest * ehRequest) +{ + OCEntityHandlerResult ehRet = OC_EH_OK; + OCStackResult res=OC_STACK_OK; + OicSecPconf_t* newPconf = NULL; + + if (true == GetDoxmResourceData()->dpc) + { + // Convert CBOR PCONF data into binary. This will also validate the PCONF data received. + uint8_t *payload = ((OCSecurityPayload *) ehRequest->payload)->securityData1; + size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize; + + if(payload){ + res = CBORPayloadToPconf(payload, size, &newPconf); + } + } + else + { + OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled"); + ehRet = OC_EH_ERROR; + } + + if (newPconf && res == OC_STACK_OK) + { + // Check if valid Post request + if ((true == newPconf->edp) && (0 < newPconf->prmLen) && + DP_PIN_LENGTH == sizeof((const char*)newPconf->pin.val)) + { + OicSecPrm_t *oldPrm = gPconf->prm; + OicSecPdAcl_t *oldPdacl = gPconf->pdacls; + + // Update local PCONF with new PCONF + gPconf->edp = true; + memcpy(&gPconf->pin, &newPconf->pin, sizeof(OicDpPin_t)); + gPconf->prm = newPconf->prm; + gPconf->prmLen = newPconf->prmLen; + gPconf->pdacls = newPconf->pdacls; + memcpy(&gPconf->rowner, &newPconf->rowner, sizeof(OicUuid_t)); + + // to delete old value(prm, pdacl) + newPconf->prm = oldPrm; + newPconf->pdacls = oldPdacl; + } + else if (false == newPconf->edp) + { + gPconf->edp = false; + } + else + { + ehRet = OC_EH_ERROR; + } + + // Update storage + if(OC_EH_ERROR != ehRet && true == UpdatePersistentStorage(gPconf)) + { + ehRet = OC_EH_RESOURCE_CREATED; + } + + DeletePconfBinData(newPconf); + } + else + { + ehRet = OC_EH_ERROR; + } + + // Send payload to request originator + SendSRMCBORResponse(ehRequest, ehRet, NULL, 0); + + OIC_LOG_V (DEBUG, TAG, "%s RetVal %d", __func__ , ehRet); + return ehRet; +} + +/* + * This internal method is the entity handler for PCONF resources and + * will handle REST request (POST) for them. + */ +OCEntityHandlerResult PconfEntityHandler (OCEntityHandlerFlag flag, + OCEntityHandlerRequest * ehRequest, + void* callbackParameter) +{ + OIC_LOG(DEBUG, TAG, "Received request PconfEntityHandler"); + (void)callbackParameter; + OCEntityHandlerResult ehRet = OC_EH_ERROR; + + if (!ehRequest) + { + return ehRet; + } + + if (flag & OC_REQUEST_FLAG) + { + OIC_LOG (DEBUG, TAG, "Flag includes OC_REQUEST_FLAG"); + switch (ehRequest->method) + { + case OC_REST_GET: + ehRet = HandlePconfGetRequest(ehRequest); + break; + + case OC_REST_POST: + ehRet = HandlePconfPostRequest(ehRequest); + break; + + case OC_REST_DELETE: + break; + + default: + ehRet = OC_EH_ERROR; + SendSRMCBORResponse(ehRequest, ehRet, NULL, 0); + } + } + + return ehRet; +} + +/* + * This internal method is used to create '/oic/sec/pconf' resource. + */ +OCStackResult CreatePconfResource() +{ + OCStackResult ret; + + ret = OCCreateResource(&gPconfHandle, + OIC_RSRC_TYPE_SEC_PCONF, + OIC_MI_DEF, + OIC_RSRC_PCONF_URI, + PconfEntityHandler, + NULL, + OC_SECURE | OC_EXPLICIT_DISCOVERABLE); + + if (OC_STACK_OK != ret) + { + OIC_LOG (ERROR, TAG, "Unable to instantiate PCONF resource"); + DeInitPconfResource(); + } + return ret; +} + +/** + * Get the default value. + * @retval the gDefaultPconf pointer; + */ +static OicSecPconf_t* GetPconfDefault() +{ + OIC_LOG (DEBUG, TAG, "GetPconfDefault"); + + return &gDefaultPconf; +} + +/** + * This method is used by SRM to retrieve PCONF resource data.. + * + * @retval reference to @ref OicSecPconf_t, binary format of Pconf resource data + */ +const OicSecPconf_t* GetPconfResourceData() +{ + return gPconf; +} + +/** + * Initialize PCONF resource by loading data from persistent storage. + * + * @retval OC_STACK_OK for Success, otherwise some error value + */ +OCStackResult InitPconfResource() +{ + OCStackResult ret = OC_STACK_ERROR; + + uint8_t *data = NULL; + size_t size = 0; + + ret = GetSecureVirtualDatabaseFromPS(OIC_JSON_PCONF_NAME, &data, &size); + // If database read failed + if (ret != OC_STACK_OK) + { + OIC_LOG(DEBUG, TAG, "ReadSVDataFromPS failed"); + } + if (data) + { + CBORPayloadToPconf(data, size, &gPconf); + } + + if (!data || !gPconf) + { + gPconf = GetPconfDefault(); + + // device id from doxm + OicUuid_t deviceId = {.id = {0}}; + OCStackResult ret = GetDoxmDeviceID( &deviceId); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + memcpy(&gPconf->deviceID, &deviceId, sizeof(OicUuid_t)); + } + VERIFY_NON_NULL(TAG, gPconf, ERROR); + + // Instantiate 'oic.sec.pconf' + ret = CreatePconfResource(); + +exit: + if (OC_STACK_OK != ret) + { + DeInitPconfResource(); + } + OICFree(data); + return ret; +} + +/** + * Perform cleanup for PCONF resources. + * + * @return + * OC_STACK_OK - no error + * OC_STACK_ERROR - stack process error + * + */ +OCStackResult DeInitPconfResource() +{ + OCStackResult ret = OCDeleteResource(gPconfHandle); + if(gPconf!= &gDefaultPconf) + { + DeletePconfBinData(gPconf); + } + gPconf = NULL; + + if(OC_STACK_OK == ret) + { + return OC_STACK_OK; + } + else + { + return OC_STACK_ERROR; + } +} + +/** + * This method might be used to add a paired device id after direct-pairing process complete. + * + * @param pdeviceId ID of the paired device. + * + * @retval OC_STACK_OK for Success, otherwise some error value + */ +OCStackResult AddPairedDevice(OicUuid_t *pdeviceId) +{ + if (!gPconf || !pdeviceId) + { + return OC_STACK_INVALID_PARAM; + } + + + OicUuid_t *prevList = gPconf->pddevs; + gPconf->pddevs = (OicUuid_t *)OICCalloc(gPconf->pddevLen+1, sizeof(OicUuid_t)); + if(!gPconf->pddevs) + { + return OC_STACK_NO_MEMORY; + } + for (size_t i=0; ipddevLen; i++) + { + memcpy(&gPconf->pddevs[i], &prevList[i], sizeof(OicUuid_t)); + } + + // add new paired device id + memcpy(&gPconf->pddevs[gPconf->pddevLen], pdeviceId, sizeof(OicUuid_t)); + gPconf->pddevLen++; + + // Update storage + if(true != UpdatePersistentStorage(gPconf)) + { + OIC_LOG (ERROR, TAG, "Fail to update pconf resource"); + return OC_STACK_ERROR; + } + + OIC_LOG (ERROR, TAG, "Add paired device success"); + return OC_STACK_OK; +} + +/** + * This method might be used by PolicyEngine to retrieve PDACL for a Subject. + * + * @param subjectId ID of the subject for which PDACL is required. + * @param savePtr is used internally by @ref GetACLResourceData to maintain index between + * successive calls for same subjectId. + * + * @retval reference to @ref OicSecPdAcl_t if PDACL is found, else NULL + */ +const OicSecPdAcl_t* GetPdAclData(const OicUuid_t* subjectId, OicSecPdAcl_t **savePtr) +{ + OicSecPdAcl_t *pdacl = NULL; + + if ( NULL == subjectId) + { + return NULL; + } + + /* + * savePtr MUST point to NULL if this is the 'first' call to retrieve PDACL for + * subjectID. + */ + if (NULL == *savePtr) + { + pdacl = gPconf->pdacls; + + // Find if 'subjectID' is in paired device list. + for(size_t i=0; ipddevLen; i++) + { + if (memcmp(&(gPconf->pddevs[i]), subjectId, sizeof(OicUuid_t)) == 0) + { + *savePtr = pdacl; + return pdacl; + } + } + } + else + { + OicSecPdAcl_t *temp = NULL; + + /* + * If this is a 'successive' call, search for location pointed by + * savePtr and assign 'begin' to the next PDACL after it in the linked + * list and start searching from there. + */ + LL_FOREACH(gPconf->pdacls, temp) + { + if (temp == *savePtr) + { + pdacl = temp->next; + *savePtr = pdacl; + return pdacl; + } + } + } + + // Cleanup in case no PDACL is found + *savePtr = NULL; + return NULL; +} + +/** + * This method return whether device is paired or not. + * + * @param pdeviceId Target device ID to find in paired list. + * @retval ture if device is already paired, else false + */ +bool IsPairedDevice(const OicUuid_t* pdeviceId) +{ + // Find if 'pdeviceId' is in paired device list. + for(size_t i=0; ipddevLen; i++) + { + if (memcmp(&(gPconf->pddevs[i]), pdeviceId, sizeof(OicUuid_t)) == 0) + { + return true; + } + } + return false; +} diff --git a/resource/csdk/security/src/psinterface.c b/resource/csdk/security/src/psinterface.c index 5b3169f..a3ec1b9 100644 --- a/resource/csdk/security/src/psinterface.c +++ b/resource/csdk/security/src/psinterface.c @@ -222,7 +222,6 @@ OCStackResult UpdateSecureResourceInPS(const char* rsrcName, const uint8_t* psPa cborFindResult = cbor_value_dup_byte_string(&curVal, &credCbor, &credCborLen, NULL); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CRED Name Value."); } - cborFindResult = cbor_value_map_find_value(&cbor, OIC_JSON_PCONF_NAME, &curVal); if (CborNoError == cborFindResult && cbor_value_is_byte_string(&curVal)) { @@ -234,7 +233,7 @@ OCStackResult UpdateSecureResourceInPS(const char* rsrcName, const uint8_t* psPa { size_t size = aclCborLen + pstatCborLen + doxmCborLen + amaclCborLen + svcCborLen - + credCborLen + pconfCborLen + psSize; + + credCborLen + pconfCborLen +psSize; // This is arbitrary value that is added to cover the name of the resource, map addition and ending. size += 255; diff --git a/resource/csdk/security/src/pstatresource.c b/resource/csdk/security/src/pstatresource.c index f51c8c7..d8ee23a 100644 --- a/resource/csdk/security/src/pstatresource.c +++ b/resource/csdk/security/src/pstatresource.c @@ -36,7 +36,7 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching below max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 512; // Max cbor size payload. static const uint16_t CBOR_MAX_SIZE = 4400; @@ -57,6 +57,7 @@ static OicSecPstat_t gDefaultPstat = 1, // the number of elts in Sms &gSm, // OicSecDpom_t *sm 0, // uint16_t commitHash + {.id = {0}}, // OicUuid_t rownerID }; static OicSecPstat_t *gPstat = NULL; @@ -95,6 +96,7 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; CborEncoder pstatMap = { {.ptr = NULL }, .end = 0 }; + char* strUuid = NULL; int64_t cborEncoderResult = CborNoError; @@ -102,63 +104,71 @@ OCStackResult PstatToCBORPayload(const OicSecPstat_t *pstat, uint8_t **payload, VERIFY_NON_NULL(TAG, outPayload, ERROR); cbor_encoder_init(&encoder, outPayload, cborLen, 0); - cborEncoderResult |= cbor_encoder_create_map(&encoder, &pstatMap, PSTAT_MAP_SIZE); + cborEncoderResult = cbor_encoder_create_map(&encoder, &pstatMap, PSTAT_MAP_SIZE); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Pstat Map."); - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_ISOP_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_ISOP_NAME, strlen(OIC_JSON_ISOP_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ISOP Name Tag."); - cborEncoderResult |= cbor_encode_boolean(&pstatMap, pstat->isOp); + cborEncoderResult = cbor_encode_boolean(&pstatMap, pstat->isOp); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ISOP Name Value."); - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_DEVICE_ID_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_DEVICE_ID_NAME, strlen(OIC_JSON_DEVICE_ID_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Tag."); - cborEncoderResult |= cbor_encode_byte_string(&pstatMap, (uint8_t *)pstat->deviceID.id, - sizeof(pstat->deviceID.id)); + ret = ConvertUuidToStr(&pstat->deviceID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Device Id Value."); + OICFree(strUuid); + strUuid = NULL; - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_COMMIT_HASH_NAME, - strlen(OIC_JSON_COMMIT_HASH_NAME)); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Commit Hash Tag."); - cborEncoderResult |= cbor_encode_int(&pstatMap, pstat->commitHash); - VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Commit Hash Value."); - - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_CM_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_CM_NAME, strlen(OIC_JSON_CM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding CM Name Tag."); - cborEncoderResult |= cbor_encode_int(&pstatMap, pstat->cm); + cborEncoderResult = cbor_encode_int(&pstatMap, pstat->cm); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding CM Name Value."); - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_TM_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_TM_NAME, strlen(OIC_JSON_TM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding TM Name Tag."); - cborEncoderResult |= cbor_encode_int(&pstatMap, pstat->tm); + cborEncoderResult = cbor_encode_int(&pstatMap, pstat->tm); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding TM Name Value."); - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_OM_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_OM_NAME, strlen(OIC_JSON_OM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding OM Name Tag."); - cborEncoderResult |= cbor_encode_int(&pstatMap, pstat->om); + cborEncoderResult = cbor_encode_int(&pstatMap, pstat->om); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding OM Name Value."); - cborEncoderResult |= cbor_encode_text_string(&pstatMap, OIC_JSON_SM_NAME, + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_SM_NAME, strlen(OIC_JSON_SM_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Name Tag."); { - CborEncoder sm; - cborEncoderResult |= cbor_encoder_create_array(&pstatMap, &sm, pstat->smLen); + CborEncoder sm = {{.ptr = NULL }, .end = 0 }; + cborEncoderResult = cbor_encoder_create_array(&pstatMap, &sm, pstat->smLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Array."); for (size_t i = 0; i < pstat->smLen; i++) { - cborEncoderResult |= cbor_encode_int(&sm, pstat->sm[i]); + cborEncoderResult = cbor_encode_int(&sm, pstat->sm[i]); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SM Value in Array."); } - cborEncoderResult |= cbor_encoder_close_container(&pstatMap, &sm); + cborEncoderResult = cbor_encoder_close_container(&pstatMap, &sm); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing SM Array."); } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &pstatMap); + + cborEncoderResult = cbor_encode_text_string(&pstatMap, OIC_JSON_ROWNERID_NAME, + strlen(OIC_JSON_ROWNERID_NAME)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Tag."); + ret = ConvertUuidToStr(&pstat->rownerID, &strUuid); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret , ERROR); + cborEncoderResult = cbor_encode_text_string(&pstatMap, strUuid, strlen(strUuid)); + VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROwner Id Value."); + OICFree(strUuid); + strUuid = NULL; + + cborEncoderResult = cbor_encoder_close_container(&encoder, &pstatMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Closing PSTAT Map."); if (CborNoError == cborEncoderResult) @@ -208,6 +218,7 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, CborValue pstatCbor; CborParser parser; CborError cborFindResult = CborNoError; + char *strUuid = NULL; int cborLen = size; size_t len = 0; if (0 == size) @@ -215,7 +226,7 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, cborLen = CBOR_SIZE; } cbor_parser_init(cborPayload, cborLen, 0, &parser, &pstatCbor); - CborValue pstatMap; + CborValue pstatMap = { .parser = NULL }; OicSecPstat_t *pstat = NULL; cborFindResult = cbor_value_enter_container(&pstatCbor, &pstatMap); @@ -232,27 +243,28 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_DEVICE_ID_NAME, &pstatMap); - if (CborNoError == cborFindResult && cbor_value_is_byte_string(&pstatMap)) + if (CborNoError == cborFindResult && cbor_value_is_text_string(&pstatMap)) { - uint8_t *subjectId = NULL; - cborFindResult = cbor_value_dup_byte_string(&pstatMap, &subjectId, &len, NULL); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding subjectId Value."); - memcpy(pstat->deviceID.id, subjectId, len); - OICFree(subjectId); + cborFindResult = cbor_value_dup_text_string(&pstatMap, &strUuid , &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Device Id Value."); + ret = ConvertStrToUuid(strUuid , &pstat->deviceID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + OICFree(strUuid ); + strUuid = NULL; } - cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_COMMIT_HASH_NAME, &pstatMap); + cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_CM_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_integer(&pstatMap)) { - cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->commitHash); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding commitHash."); + cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->cm); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CM."); } - cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_CM_NAME, &pstatMap); + cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_TM_NAME, &pstatMap); if (CborNoError == cborFindResult && cbor_value_is_integer(&pstatMap)) { - cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->cm); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CM."); + cborFindResult = cbor_value_get_int(&pstatMap, (int *) &pstat->tm); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding TM."); } cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_OM_NAME, &pstatMap); @@ -285,6 +297,17 @@ OCStackResult CBORPayloadToPstat(const uint8_t *cborPayload, const size_t size, } } + cborFindResult = cbor_value_map_find_value(&pstatCbor, OIC_JSON_ROWNERID_NAME, &pstatMap); + if (CborNoError == cborFindResult && cbor_value_is_text_string(&pstatMap)) + { + cborFindResult = cbor_value_dup_text_string(&pstatMap, &strUuid , &len, NULL); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding ROwner Id Value."); + ret = ConvertStrToUuid(strUuid , &pstat->rownerID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + OICFree(strUuid ); + strUuid = NULL; + } + *secPstat = pstat; ret = OC_STACK_OK; @@ -294,6 +317,7 @@ exit: OIC_LOG(ERROR, TAG, "CBORPayloadToPstat failed"); DeletePstatBinData(pstat); pstat = NULL; + *secPstat = NULL; ret = OC_STACK_ERROR; } diff --git a/resource/csdk/security/src/srmresourcestrings.c b/resource/csdk/security/src/srmresourcestrings.c index 7d7ab5e..07a8883 100644 --- a/resource/csdk/security/src/srmresourcestrings.c +++ b/resource/csdk/security/src/srmresourcestrings.c @@ -34,6 +34,8 @@ const char * OIC_JSON_AMACL_NAME = "amacl"; const char * OIC_RSRC_TYPE_SEC_ACL = "oic.sec.acl"; const char * OIC_RSRC_ACL_URI = "/oic/sec/acl"; const char * OIC_JSON_ACL_NAME = "acl"; +const char * OIC_JSON_ACLIST_NAME = "aclist"; +const char * OIC_JSON_ACES_NAME = "aces"; //Pstat const char * OIC_RSRC_TYPE_SEC_PSTAT = "oic.sec.pstat"; @@ -49,6 +51,7 @@ const char * OIC_JSON_DOXM_NAME = "doxm"; const char * OIC_RSRC_TYPE_SEC_CRED = "oic.sec.cred"; const char * OIC_RSRC_CRED_URI = "/oic/sec/cred"; const char * OIC_JSON_CRED_NAME = "cred"; +const char * OIC_JSON_CREDS_NAME = "creds"; //CRL const char * OIC_RSRC_TYPE_SEC_CRL = "oic.sec.crl"; @@ -76,17 +79,20 @@ const char * OIC_RSRC_DPAIRING_URI = "/oic/sec/dpairing"; const char * OIC_JSON_DPAIRING_NAME = "dpairing"; -const char * OIC_JSON_SUBJECT_NAME = "sub"; -const char * OIC_JSON_RESOURCES_NAME = "rsrc"; +const char * OIC_JSON_SUBJECT_NAME = "subject"; +const char * OIC_JSON_RESOURCES_NAME = "resources"; const char * OIC_JSON_AMSS_NAME = "amss"; -const char * OIC_JSON_PERMISSION_NAME = "perms"; +const char * OIC_JSON_AMS_NAME = "ams"; +const char * OIC_JSON_PERMISSION_NAME = "permission"; const char * OIC_JSON_OWNERS_NAME = "ownrs"; const char * OIC_JSON_OWNER_NAME = "ownr"; +const char * OIC_JSON_DEVOWNERID_NAME = "devownerid"; const char * OIC_JSON_OWNED_NAME = "owned"; const char * OIC_JSON_OXM_NAME = "oxm"; +const char * OIC_JSON_OXMS_NAME = "oxms"; const char * OIC_JSON_OXM_TYPE_NAME = "oxmtype"; const char * OIC_JSON_OXM_SEL_NAME = "oxmsel"; -const char * OIC_JSON_DEVICE_ID_FORMAT_NAME = "dvcidfrmt"; +const char * OIC_JSON_DEVICE_ID_FORMAT_NAME = "didformat"; const char * OIC_JSON_ISOP_NAME = "isop"; const char * OIC_JSON_COMMIT_HASH_NAME = "ch"; const char * OIC_JSON_DEVICE_ID_NAME = "deviceid"; @@ -95,16 +101,20 @@ const char * OIC_JSON_TM_NAME = "tm"; const char * OIC_JSON_OM_NAME = "om"; const char * OIC_JSON_SM_NAME = "sm"; const char * OIC_JSON_CREDID_NAME = "credid"; -const char * OIC_JSON_SUBJECTID_NAME = "subid"; +const char * OIC_JSON_SUBJECTID_NAME = "subjectid"; const char * OIC_JSON_ROLEIDS_NAME = "roleid"; -const char * OIC_JSON_CREDTYPE_NAME = "credtyp"; -const char * OIC_JSON_PUBLICDATA_NAME = "pbdata"; -const char * OIC_JSON_PRIVATEDATA_NAME = "pvdata"; +const char * OIC_JSON_CREDTYPE_NAME = "credtype"; +const char * OIC_JSON_PUBLICDATA_NAME = "publicdata"; +const char * OIC_JSON_PRIVATEDATA_NAME = "privatedata"; +const char * OIC_JSON_PUBDATA_NAME = "pubdata"; +const char * OIC_JSON_PRIVDATA_NAME = "privdata"; +const char * OIC_JSON_OPTDATA_NAME = "optdata"; const char * OIC_JSON_SERVICE_DEVICE_ID = "svcdid"; const char * OIC_JSON_SERVICE_TYPE = "svct"; -const char * OIC_JSON_PERIOD_NAME = "prd"; +const char * OIC_JSON_PERIOD_NAME = "period"; const char * OIC_JSON_PERIODS_NAME = "prds"; -const char * OIC_JSON_RECURRENCES_NAME = "recurs"; +const char * OIC_JSON_CRMS_NAME = "crms"; +const char * OIC_JSON_RECURRENCES_NAME = "recurrence"; const char * OIC_JSON_SUPPORTED_CRED_TYPE_NAME = "sct"; const char * OIC_JSON_DPC_NAME = "dpc"; const char * OIC_JSON_EDP_NAME = "edp"; @@ -115,6 +125,14 @@ const char * OIC_JSON_ROWNER_NAME = "rowner"; const char * OIC_JSON_PRM_NAME = "prm"; const char * OIC_JSON_SPM_NAME = "spm"; const char * OIC_JSON_PDEVICE_ID_NAME = "pdeviceid"; +const char * OIC_JSON_RLIST_NAME = "rlist"; +const char * OIC_JSON_HREF_NAME = "href"; +const char * OIC_JSON_RT_NAME = "rt"; +const char * OIC_JSON_IF_NAME = "if"; +const char * OIC_JSON_ROWNERID_NAME = "rownerid"; +const char * OIC_JSON_ENCODING_NAME = "encoding"; + +const char * OIC_JSON_EMPTY_STRING = ""; OicUuid_t WILDCARD_SUBJECT_ID = {"*"}; OicUuid_t WILDCARD_SUBJECT_B64_ID = { .id = {'2', '2', '2', '2', '2', '2', '2', '2', @@ -127,6 +145,10 @@ const char * OXM_JUST_WORKS = "oic.sec.doxm.jw"; const char * OXM_RANDOM_DEVICE_PIN = "oic.sec.doxm.rdp"; const char * OXM_MANUFACTURER_CERTIFICATE = "oic.sec.doxm.mfgcert"; +//Credential data encoding methods +const char * OIC_SEC_ENCODING_BASE64 = "oic.sec.encoding.base64"; +const char * OIC_SEC_ENCODING_BYTESTREAM = "oic.sec.encoding.bytestream"; + const char * OIC_SEC_TRUE = "true"; const char * OIC_SEC_FALSE = "false"; diff --git a/resource/csdk/security/src/srmutility.c b/resource/csdk/security/src/srmutility.c index f81b511..8c9e991 100644 --- a/resource/csdk/security/src/srmutility.c +++ b/resource/csdk/security/src/srmutility.c @@ -137,3 +137,62 @@ const char* GetOxmString(OicSecOxm_t oxmType) return NULL; } } + +OCStackResult ConvertUuidToStr(const OicUuid_t* uuid, char** strUuid) +{ + if(NULL == uuid || NULL == strUuid || NULL != *strUuid) + { + OIC_LOG(ERROR, TAG, "ConvertUuidToStr : Invalid param"); + return OC_STACK_INVALID_PARAM; + } + + size_t uuidIdx = 0; + size_t urnIdx = 0; + const size_t urnBufSize = (UUID_LENGTH * 2) + 4 + 1; + char* convertedUrn = (char*)OICCalloc(urnBufSize, sizeof(char)); + VERIFY_NON_NULL(TAG, convertedUrn, ERROR); + + for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH && urnIdx < urnBufSize; uuidIdx++, urnIdx+=2) + { + // canonical format for UUID has '8-4-4-4-12' + if(uuidIdx==4 || uuidIdx==6 || uuidIdx==8 || uuidIdx==10) + { + snprintf(convertedUrn + urnIdx, 2, "%c", '-'); + urnIdx++; + } + snprintf(convertedUrn + urnIdx, 3, "%02x", (uint8_t)(uuid->id[uuidIdx])); + } + convertedUrn[urnBufSize - 1] = '\0'; + + *strUuid = convertedUrn; + return OC_STACK_OK; + +exit: + return OC_STACK_NO_MEMORY; +} + +OCStackResult ConvertStrToUuid(const char* strUuid, OicUuid_t* uuid) +{ + if(NULL == strUuid || NULL == uuid) + { + OIC_LOG(ERROR, TAG, "ConvertStrToUuid : Invalid param"); + return OC_STACK_INVALID_PARAM; + } + + size_t urnIdx = 0; + size_t uuidIdx = 0; + char convertedUuid[UUID_LENGTH * 2] = {0}; + + for(uuidIdx=0, urnIdx=0; uuidIdx < UUID_LENGTH ; uuidIdx++, urnIdx+=2) + { + if(*(strUuid + urnIdx) == '-') + { + urnIdx++; + } + sscanf(strUuid + urnIdx, "%2hhx", &convertedUuid[uuidIdx]); + } + + memcpy(uuid->id, convertedUuid, UUID_LENGTH); + + return OC_STACK_OK; +} diff --git a/resource/csdk/security/src/svcresource.c b/resource/csdk/security/src/svcresource.c index 43f3fde..a9b32a9 100644 --- a/resource/csdk/security/src/svcresource.c +++ b/resource/csdk/security/src/svcresource.c @@ -37,7 +37,7 @@ /** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory. * The value of payload size is increased until reaching belox max cbor size. */ -static const uint8_t CBOR_SIZE = 255; +static const uint16_t CBOR_SIZE = 512; /** Max cbor size payload. */ static const uint16_t CBOR_MAX_SIZE = 4400; @@ -103,53 +103,54 @@ OCStackResult SVCToCBORPayload(const OicSecSvc_t *svc, uint8_t **cborPayload, cbor_encoder_init(&encoder, outPayload, cborLen, 0); // Create SVC Array - cborEncoderResult |= cbor_encoder_create_array(&encoder, &svcArray, svcElementsCount(svc)); + cborEncoderResult = cbor_encoder_create_array(&encoder, &svcArray, svcElementsCount(svc)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Create SVC Array."); while (svc) { - CborEncoder svcMap; - cborEncoderResult |= cbor_encoder_create_map(&svcArray, &svcMap, SVC_MAP_SIZE); + CborEncoder svcMap = {{.ptr = NULL }, .end = 0 }; + CborEncoder owners = {{.ptr = NULL }, .end = 0 }; + + cborEncoderResult = cbor_encoder_create_map(&svcArray, &svcMap, SVC_MAP_SIZE); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Create SVC Map."); // Service Device Identity - cborEncoderResult |= cbor_encode_text_string(&svcMap, OIC_JSON_SERVICE_DEVICE_ID, + cborEncoderResult = cbor_encode_text_string(&svcMap, OIC_JSON_SERVICE_DEVICE_ID, strlen(OIC_JSON_SERVICE_DEVICE_ID)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Device Id."); - cborEncoderResult |= cbor_encode_byte_string(&svcMap, (uint8_t *)svc->svcdid.id, + cborEncoderResult = cbor_encode_byte_string(&svcMap, (uint8_t *)svc->svcdid.id, sizeof(svc->svcdid.id)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to "); // Service Type - cborEncoderResult |= cbor_encode_text_string(&svcMap, OIC_JSON_SERVICE_TYPE, + cborEncoderResult = cbor_encode_text_string(&svcMap, OIC_JSON_SERVICE_TYPE, strlen(OIC_JSON_SERVICE_TYPE)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Serv Type Tag."); - cborEncoderResult |= cbor_encode_int(&svcMap, svc->svct); + cborEncoderResult = cbor_encode_int(&svcMap, svc->svct); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Serv Type Value."); // Owners - cborEncoderResult |= cbor_encode_text_string(&svcMap, OIC_JSON_OWNERS_NAME, + cborEncoderResult = cbor_encode_text_string(&svcMap, OIC_JSON_OWNERS_NAME, strlen(OIC_JSON_OWNERS_NAME)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Owners Tag."); - CborEncoder owners; - cborEncoderResult |= cbor_encoder_create_array(&svcMap, &owners, svc->ownersLen); + cborEncoderResult = cbor_encoder_create_array(&svcMap, &owners, svc->ownersLen); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Array."); for (size_t i = 0; i < svc->ownersLen; i++) { - cborEncoderResult |= cbor_encode_byte_string(&owners, (uint8_t *)svc->owners[i].id, + cborEncoderResult = cbor_encode_byte_string(&owners, (uint8_t *)svc->owners[i].id, sizeof(svc->owners[i].id)); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Add SVC Owners Value."); } - cborEncoderResult |= cbor_encoder_close_container(&svcMap, &owners); + cborEncoderResult = cbor_encoder_close_container(&svcMap, &owners); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Close SVC Array."); - cborEncoderResult |= cbor_encoder_close_container(&svcArray, &svcMap); + cborEncoderResult = cbor_encoder_close_container(&svcArray, &svcMap); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Close SVC Map."); svc = svc->next; } - cborEncoderResult |= cbor_encoder_close_container(&encoder, &svcArray); + cborEncoderResult = cbor_encoder_close_container(&encoder, &svcArray); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to Close SVC Array."); if (CborNoError == cborEncoderResult) @@ -196,8 +197,8 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size, OCStackResult ret = OC_STACK_ERROR; - CborValue svcCbor; - CborParser parser; + CborValue svcCbor = { .parser = NULL }; + CborParser parser = { .end = NULL }; CborError cborFindResult = CborNoError; int cborLen = size; if (0 == size) @@ -208,30 +209,30 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size, OicSecSvc_t *headSvc = NULL; - CborValue svcArray; + CborValue svcArray = { .parser = NULL }; cborFindResult = cbor_value_enter_container(&svcCbor, &svcArray); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Enter SVC Array."); while (cbor_value_is_valid(&svcArray)) { - CborValue svcMap; - cborFindResult = cbor_value_enter_container(&svcArray, &svcMap); - VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Enter SVC Map."); - + CborValue svcMap = { .parser = NULL }; OicSecSvc_t *svc = (OicSecSvc_t *) OICCalloc(1, sizeof(OicSecSvc_t)); VERIFY_NON_NULL(TAG, svc, ERROR); + cborFindResult = cbor_value_enter_container(&svcArray, &svcMap); + VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Enter SVC Map."); while (cbor_value_is_valid(&svcMap)) { char* name = NULL; size_t len = 0; + CborType type = CborInvalidType; + cborFindResult = cbor_value_dup_text_string(&svcMap, &name, &len, NULL); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Find Name."); cborFindResult = cbor_value_advance(&svcMap); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Advance."); - CborType type = cbor_value_get_type(&svcMap); - + type = cbor_value_get_type(&svcMap); // Service Device Identity if (0 == strcmp(OIC_JSON_SERVICE_DEVICE_ID, name)) { @@ -251,14 +252,16 @@ OCStackResult CBORPayloadToSVC(const uint8_t *cborPayload, size_t size, // Owners -- Mandatory if (0 == strcmp(OIC_JSON_OWNERS_NAME, name)) { + int i = 0; CborValue owners = { .parser = NULL }; + cborFindResult = cbor_value_get_array_length(&svcMap, &svc->ownersLen); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Find Owner Len."); cborFindResult = cbor_value_enter_container(&svcMap, &owners); VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to Enter Owner Array."); - int i = 0; svc->owners = (OicUuid_t *)OICCalloc(svc->ownersLen, sizeof(*svc->owners)); VERIFY_NON_NULL(TAG, svc->owners, ERROR); + while (cbor_value_is_valid(&owners)) { uint8_t *owner = NULL; @@ -306,6 +309,7 @@ exit: { DeleteSVCList(headSvc); headSvc = NULL; + *secSvc = NULL; ret = OC_STACK_ERROR; } return ret; diff --git a/resource/csdk/security/tool/json2cbor.c b/resource/csdk/security/tool/json2cbor.c index 61a9303..386aab4 100644 --- a/resource/csdk/security/tool/json2cbor.c +++ b/resource/csdk/security/tool/json2cbor.c @@ -114,7 +114,9 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName } jsonRoot = cJSON_Parse(jsonStr); + cJSON *value = cJSON_GetObjectItem(jsonRoot, OIC_JSON_ACL_NAME); + //printf("ACL json : \n%s\n", cJSON_PrintUnformatted(value)); size_t aclCborSize = 0; if (NULL != value) { @@ -130,6 +132,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName printf("ACL Cbor Size: %zd\n", aclCborSize); DeleteACLList(acl); } + value = cJSON_GetObjectItem(jsonRoot, OIC_JSON_PSTAT_NAME); size_t pstatCborSize = 0; if (NULL != value) @@ -195,6 +198,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName DeleteSVCList(svc); } value = cJSON_GetObjectItem(jsonRoot, OIC_JSON_CRED_NAME); + //printf("CRED json : \n%s\n", cJSON_PrintUnformatted(value)); size_t credCborSize = 0; if (NULL != value) { @@ -214,6 +218,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName cJSON_Delete(value); CborEncoder encoder = { {.ptr = NULL }, .end = 0 }; size_t cborSize = aclCborSize + pstatCborSize + doxmCborSize + svcCborSize + credCborSize + amaclCborSize; + printf("Total Cbor Size : %zd\n", cborSize); cborSize += 255; // buffer margin for adding map and byte string uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborSize); @@ -229,6 +234,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName cborEncoderResult = cbor_encode_byte_string(&map, aclCbor, aclCborSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ACL Value."); } + if (pstatCborSize > 0) { cborEncoderResult = cbor_encode_text_string(&map, OIC_JSON_PSTAT_NAME, strlen(OIC_JSON_PSTAT_NAME)); @@ -264,6 +270,7 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName cborEncoderResult = cbor_encode_byte_string(&map, credCbor, credCborSize); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding CRED Value."); } + cborEncoderResult = cbor_encoder_close_container(&encoder, &map); VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Container."); @@ -279,7 +286,8 @@ static void ConvertJsonToCBOR(const char *jsonFileName, const char *cborFileName fp1 = NULL; } exit: - // cJSON_Delete(jsonRoot); + + cJSON_Delete(jsonRoot); OICFree(aclCbor); OICFree(doxmCbor); OICFree(pstatCbor); @@ -293,21 +301,31 @@ exit: OicSecAcl_t* JSONToAclBin(const char * jsonStr) { OCStackResult ret = OC_STACK_ERROR; - OicSecAcl_t * headAcl = NULL; - OicSecAcl_t * prevAcl = NULL; + OicSecAcl_t * headAcl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t)); cJSON *jsonRoot = NULL; - cJSON *jsonAclArray = NULL; VERIFY_NON_NULL(TAG, jsonStr, ERROR); jsonRoot = cJSON_Parse(jsonStr); VERIFY_NON_NULL(TAG, jsonRoot, ERROR); - jsonAclArray = cJSON_GetObjectItem(jsonRoot, OIC_JSON_ACL_NAME); + cJSON *jsonAclMap = cJSON_GetObjectItem(jsonRoot, OIC_JSON_ACL_NAME); + VERIFY_NON_NULL(TAG, jsonAclMap, ERROR); + + cJSON *jsonAclObj = NULL; + + // aclist + jsonAclObj = cJSON_GetObjectItem(jsonAclMap, OIC_JSON_ACLIST_NAME); + VERIFY_NON_NULL(TAG, jsonAclObj, ERROR); + + // aclist-aces + cJSON *jsonAclArray = NULL; + jsonAclArray = cJSON_GetObjectItem(jsonAclObj, OIC_JSON_ACES_NAME); VERIFY_NON_NULL(TAG, jsonAclArray, ERROR); if (cJSON_Array == jsonAclArray->type) { + int numAcl = cJSON_GetArraySize(jsonAclArray); int idx = 0; @@ -317,36 +335,45 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr) cJSON *jsonAcl = cJSON_GetArrayItem(jsonAclArray, idx); VERIFY_NON_NULL(TAG, jsonAcl, ERROR); - OicSecAcl_t *acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t)); - VERIFY_NON_NULL(TAG, acl, ERROR); - - headAcl = (headAcl) ? headAcl : acl; - if (prevAcl) + OicSecAcl_t *acl = NULL; + if(idx == 0) { - prevAcl->next = acl; + acl = headAcl; + } + else + { + acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t)); + OicSecAcl_t *temp = headAcl; + while (temp->next) + { + temp = temp->next; + } + temp->next = acl; } + VERIFY_NON_NULL(TAG, acl, ERROR); + size_t jsonObjLen = 0; cJSON *jsonObj = NULL; - unsigned char base64Buff[sizeof(((OicUuid_t*)0)->id)] = {}; - uint32_t outLen = 0; - B64Result b64Ret = B64_OK; - jsonObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_SUBJECT_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR); - outLen = 0; - b64Ret = b64Decode(jsonObj->valuestring, strlen(jsonObj->valuestring), base64Buff, - sizeof(base64Buff), &outLen); - VERIFY_SUCCESS(TAG, (b64Ret == B64_OK && outLen <= sizeof(acl->subject.id)), ERROR); - memcpy(acl->subject.id, base64Buff, outLen); - + if(strcmp(jsonObj->valuestring, WILDCARD_RESOURCE_URI) == 0) + { + acl->subject.id[0] = '*'; + } + else + { + ret = ConvertStrToUuid(jsonObj->valuestring, &acl->subject); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + } // Resources -- Mandatory jsonObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_RESOURCES_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR); - acl->resourcesLen = cJSON_GetArraySize(jsonObj); + acl->resourcesLen = (size_t)cJSON_GetArraySize(jsonObj); + VERIFY_SUCCESS(TAG, acl->resourcesLen > 0, ERROR); acl->resources = (char**)OICCalloc(acl->resourcesLen, sizeof(char*)); VERIFY_NON_NULL(TAG, (acl->resources), ERROR); @@ -357,10 +384,17 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr) cJSON *jsonRsrc = cJSON_GetArrayItem(jsonObj, idxx); VERIFY_NON_NULL(TAG, jsonRsrc, ERROR); - jsonObjLen = strlen(jsonRsrc->valuestring) + 1; - acl->resources[idxx] = (char*)OICMalloc(jsonObjLen); + size_t jsonRsrcObjLen = 0; + cJSON *jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_HREF_NAME); + VERIFY_NON_NULL(TAG, jsonRsrcObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_String == jsonRsrcObj->type, ERROR); + + jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1; + acl->resources[idxx] = (char*)OICMalloc(jsonRsrcObjLen); + VERIFY_NON_NULL(TAG, (acl->resources[idxx]), ERROR); - OICStrcpy(acl->resources[idxx], jsonObjLen, jsonRsrc->valuestring); + OICStrcpy(acl->resources[idxx], jsonRsrcObjLen, jsonRsrcObj->valuestring); + } while ( ++idxx < acl->resourcesLen); // Permissions -- Mandatory @@ -368,9 +402,8 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr) VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); acl->permission = jsonObj->valueint; - //Period -- Not Mandatory - cJSON *jsonPeriodObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERIODS_NAME); + cJSON *jsonPeriodObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_PERIOD_NAME); if(jsonPeriodObj) { VERIFY_SUCCESS(TAG, cJSON_Array == jsonPeriodObj->type, ERROR); @@ -393,11 +426,11 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr) } } } - //Recurrence -- Not mandatory cJSON *jsonRecurObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_RECURRENCES_NAME); if(jsonRecurObj) { + VERIFY_SUCCESS(TAG, cJSON_Array == jsonRecurObj->type, ERROR); if(acl->prdRecrLen > 0) @@ -418,34 +451,23 @@ OicSecAcl_t* JSONToAclBin(const char * jsonStr) } } - // Owners -- Mandatory - jsonObj = cJSON_GetObjectItem(jsonAcl, OIC_JSON_OWNERS_NAME); - VERIFY_NON_NULL(TAG, jsonObj, ERROR); - VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR); - - acl->ownersLen = cJSON_GetArraySize(jsonObj); - VERIFY_SUCCESS(TAG, acl->ownersLen > 0, ERROR); - acl->owners = (OicUuid_t*)OICCalloc(acl->ownersLen, sizeof(OicUuid_t)); - VERIFY_NON_NULL(TAG, (acl->owners), ERROR); - - idxx = 0; - do - { - cJSON *jsonOwnr = cJSON_GetArrayItem(jsonObj, idxx); - VERIFY_NON_NULL(TAG, jsonOwnr, ERROR); - VERIFY_SUCCESS(TAG, cJSON_String == jsonOwnr->type, ERROR); - outLen = 0; - b64Ret = b64Decode(jsonOwnr->valuestring, strlen(jsonOwnr->valuestring), base64Buff, - sizeof(base64Buff), &outLen); - VERIFY_SUCCESS(TAG, (b64Ret == B64_OK && outLen <= sizeof(acl->owners[idxx].id)), - ERROR); - memcpy(acl->owners[idxx].id, base64Buff, outLen); - } while ( ++idxx < acl->ownersLen); + acl->next = NULL; - prevAcl = acl; } while( ++idx < numAcl); } + + // rownerid + jsonAclObj = cJSON_GetObjectItem(jsonAclMap, OIC_JSON_ROWNERID_NAME); + VERIFY_NON_NULL(TAG, jsonAclObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_String == jsonAclObj->type, ERROR); + headAcl->ownersLen = 1; + VERIFY_SUCCESS(TAG, headAcl->ownersLen > 0, ERROR); + headAcl->owners = (OicUuid_t*)OICCalloc(headAcl->ownersLen, sizeof(OicUuid_t)); + VERIFY_NON_NULL(TAG, (headAcl->owners), ERROR); + ret = ConvertStrToUuid(jsonAclObj->valuestring, &headAcl->owners[0]); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + ret = OC_STACK_OK; exit: @@ -460,6 +482,7 @@ exit: OicSecDoxm_t* JSONToDoxmBin(const char * jsonStr) { + printf("IN JSONToDoxmBin\n"); if (NULL == jsonStr) { return NULL; @@ -507,10 +530,10 @@ OicSecDoxm_t* JSONToDoxmBin(const char * jsonStr) } //Oxm -- not Mandatory - jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_OXM_NAME); + jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_OXMS_NAME); if (jsonObj && cJSON_Array == jsonObj->type) { - doxm->oxmLen = cJSON_GetArraySize(jsonObj); + doxm->oxmLen = (size_t)cJSON_GetArraySize(jsonObj); VERIFY_SUCCESS(TAG, doxm->oxmLen > 0, ERROR); doxm->oxm = (OicSecOxm_t*)OICCalloc(doxm->oxmLen, sizeof(OicSecOxm_t)); @@ -556,6 +579,14 @@ OicSecDoxm_t* JSONToDoxmBin(const char * jsonStr) doxm->dpc = jsonObj->valueint; } + //DidFormat -- Mandatory + jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_DEVICE_ID_FORMAT_NAME); + if (jsonObj) + { + VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); + //TODO: handle didformat value + } + //DeviceId -- Mandatory jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_DEVICE_ID_NAME); if (jsonObj) @@ -566,29 +597,34 @@ OicSecDoxm_t* JSONToDoxmBin(const char * jsonStr) //Check for empty string, in case DeviceId field has not been set yet if (jsonObj->valuestring[0]) { - outLen = 0; - b64Ret = b64Decode(jsonObj->valuestring, strlen(jsonObj->valuestring), base64Buff, - sizeof(base64Buff), &outLen); - VERIFY_SUCCESS(TAG, (b64Ret == B64_OK && outLen <= sizeof(doxm->deviceID.id)), - ERROR); - memcpy(doxm->deviceID.id, base64Buff, outLen); + ret = ConvertStrToUuid(jsonObj->valuestring, &doxm->deviceID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); } } } + //rowner -- Mandatory + jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_ROWNERID_NAME); + if (true == doxm->owned) + { + VERIFY_NON_NULL(TAG, jsonObj, ERROR); + } + if (jsonObj) + { + ret = ConvertStrToUuid(jsonObj->valuestring, &doxm->rownerID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); + } + //Owner -- will be empty when device status is unowned. - jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_OWNER_NAME); + jsonObj = cJSON_GetObjectItem(jsonDoxm, OIC_JSON_DEVOWNERID_NAME); if (true == doxm->owned) { VERIFY_NON_NULL(TAG, jsonObj, ERROR); } if (jsonObj) { - outLen = 0; - b64Ret = b64Decode(jsonObj->valuestring, strlen(jsonObj->valuestring), base64Buff, - sizeof(base64Buff), &outLen); - VERIFY_SUCCESS(TAG, ((b64Ret == B64_OK) && (outLen <= sizeof(doxm->owner.id))), ERROR); - memcpy(doxm->owner.id, base64Buff, outLen); + ret = ConvertStrToUuid(jsonObj->valuestring, &doxm->owner); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); } ret = OC_STACK_OK; @@ -600,12 +636,13 @@ exit: DeleteDoxmBinData(doxm); doxm = NULL; } - + printf("OUT JSONToDoxmBin\n"); return doxm; } OicSecPstat_t* JSONToPstatBin(const char * jsonStr) { + printf("IN JSONToPstatBin\n"); if(NULL == jsonStr) { return NULL; @@ -636,21 +673,25 @@ OicSecPstat_t* JSONToPstatBin(const char * jsonStr) jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_DEVICE_ID_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR); - b64Ret = b64Decode(jsonObj->valuestring, strlen(jsonObj->valuestring), base64Buff, - sizeof(base64Buff), &outLen); - VERIFY_SUCCESS(TAG, (b64Ret == B64_OK && outLen <= sizeof(pstat->deviceID.id)), ERROR); - memcpy(pstat->deviceID.id, base64Buff, outLen); + ret = ConvertStrToUuid(jsonObj->valuestring, &pstat->deviceID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); - jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_COMMIT_HASH_NAME); + jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_ROWNERID_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); - VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); - pstat->commitHash = jsonObj->valueint; + VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR); + ret = ConvertStrToUuid(jsonObj->valuestring, &pstat->rownerID); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_CM_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); pstat->cm = (OicSecDpm_t)jsonObj->valueint; + jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_TM_NAME); + VERIFY_NON_NULL(TAG, jsonObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); + pstat->tm = (OicSecDpm_t)jsonObj->valueint; + jsonObj = cJSON_GetObjectItem(jsonPstat, OIC_JSON_OM_NAME); VERIFY_NON_NULL(TAG, jsonObj, ERROR); VERIFY_SUCCESS(TAG, cJSON_Number == jsonObj->type, ERROR); @@ -680,6 +721,7 @@ exit: { OIC_LOG(ERROR, TAG, "JSONToPstatBin failed"); } + printf("OUT JSONToPstatBin\n"); return pstat; } @@ -959,75 +1001,85 @@ exit: static OicSecAmacl_t* JSONToAmaclBin(const char * jsonStr) { OCStackResult ret = OC_STACK_ERROR; - OicSecAmacl_t * headAmacl = NULL; - OicSecAmacl_t * prevAmacl = NULL; + OicSecAmacl_t * headAmacl = (OicSecAmacl_t*)OICCalloc(1, sizeof(OicSecAmacl_t)); + cJSON *jsonRoot = NULL; - cJSON *jsonAmaclArray = NULL; + cJSON *jsonAmacl = NULL; VERIFY_NON_NULL(TAG, jsonStr, ERROR); jsonRoot = cJSON_Parse(jsonStr); VERIFY_NON_NULL(TAG, jsonRoot, ERROR); - jsonAmaclArray = cJSON_GetObjectItem(jsonRoot, OIC_JSON_AMACL_NAME); - VERIFY_NON_NULL(TAG, jsonAmaclArray, INFO); + jsonAmacl = cJSON_GetObjectItem(jsonRoot, OIC_JSON_AMACL_NAME); + VERIFY_NON_NULL(TAG, jsonAmacl, INFO); + + size_t jsonObjLen = 0; + cJSON *jsonObj = NULL; + + // Resources -- Mandatory + jsonObj = cJSON_GetObjectItem(jsonAmacl, OIC_JSON_RESOURCES_NAME); + VERIFY_NON_NULL(TAG, jsonObj, ERROR); + + // Rlist + cJSON *jsonRlistArray = cJSON_GetObjectItem(jsonObj, OIC_JSON_RLIST_NAME); + VERIFY_NON_NULL(TAG, jsonRlistArray, ERROR); + VERIFY_SUCCESS(TAG, cJSON_Array == jsonRlistArray->type, ERROR); - if (cJSON_Array == jsonAmaclArray->type) + headAmacl->resourcesLen = (size_t)cJSON_GetArraySize(jsonRlistArray); + headAmacl->resources = (char**)OICCalloc(headAmacl->resourcesLen, sizeof(char*)); + size_t idxx = 0; + do { - int numAmacl = cJSON_GetArraySize(jsonAmaclArray); - int idx = 0; + cJSON *jsonRsrc = cJSON_GetArrayItem(jsonRlistArray, idxx); + VERIFY_NON_NULL(TAG, jsonRsrc, ERROR); - VERIFY_SUCCESS(TAG, numAmacl > 0, INFO); - do - { - cJSON *jsonAmacl = cJSON_GetArrayItem(jsonAmaclArray, idx); - VERIFY_NON_NULL(TAG, jsonAmacl, ERROR); + cJSON *jsonRsrcObj = cJSON_GetObjectItem(jsonRsrc, OIC_JSON_HREF_NAME); + VERIFY_NON_NULL(TAG, jsonRsrcObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_String == jsonRsrcObj->type, ERROR); - OicSecAmacl_t *amacl = (OicSecAmacl_t*)OICCalloc(1, sizeof(OicSecAmacl_t)); - VERIFY_NON_NULL(TAG, amacl, ERROR); + size_t jsonRsrcObjLen = 0; + jsonRsrcObjLen = strlen(jsonRsrcObj->valuestring) + 1; + headAmacl->resources[idxx] = (char*)OICMalloc(jsonRsrcObjLen); + VERIFY_NON_NULL(TAG, (headAmacl->resources[idxx]), ERROR); + OICStrcpy(headAmacl->resources[idxx], jsonRsrcObjLen, jsonRsrcObj->valuestring); - headAmacl = (headAmacl) ? headAmacl : amacl; - if (prevAmacl) - { - prevAmacl->next = amacl; - } + } while ( ++idxx < headAmacl->resourcesLen); - size_t jsonObjLen = 0; - cJSON *jsonObj = NULL; + // Ams -- Mandatory + jsonObj = cJSON_GetObjectItem(jsonAmacl, OIC_JSON_AMS_NAME); + VERIFY_NON_NULL(TAG, jsonObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR); - // Resources -- Mandatory - jsonObj = cJSON_GetObjectItem(jsonAmacl, OIC_JSON_RESOURCES_NAME); - VERIFY_NON_NULL(TAG, jsonObj, ERROR); - VERIFY_SUCCESS(TAG, cJSON_Array == jsonObj->type, ERROR); + headAmacl->amssLen = (size_t)cJSON_GetArraySize(jsonObj); + VERIFY_SUCCESS(TAG, headAmacl->amssLen > 0, ERROR); + headAmacl->amss = (OicUuid_t*)OICCalloc(headAmacl->amssLen, sizeof(OicUuid_t)); + VERIFY_NON_NULL(TAG, headAmacl->amss, ERROR); - amacl->resourcesLen = (size_t)cJSON_GetArraySize(jsonObj); - VERIFY_SUCCESS(TAG, amacl->resourcesLen > 0, ERROR); - amacl->resources = (char**)OICCalloc(amacl->resourcesLen, sizeof(char*)); - VERIFY_NON_NULL(TAG, (amacl->resources), ERROR); + idxx = 0; + do + { + cJSON *jsonAms = cJSON_GetArrayItem(jsonObj, idxx); + VERIFY_NON_NULL(TAG, jsonAms, ERROR); + VERIFY_SUCCESS(TAG, cJSON_String == jsonAms->type, ERROR); - size_t idxx = 0; - do - { - cJSON *jsonRsrc = cJSON_GetArrayItem(jsonObj, idxx); - VERIFY_NON_NULL(TAG, jsonRsrc, ERROR); + memcpy(headAmacl->amss[idxx].id, (OicUuid_t *)jsonAms->valuestring, strlen(jsonAms->valuestring)); + + } while ( ++idxx < headAmacl->amssLen); - jsonObjLen = strlen(jsonRsrc->valuestring) + 1; - amacl->resources[idxx] = (char*)OICMalloc(jsonObjLen); - VERIFY_NON_NULL(TAG, (amacl->resources[idxx]), ERROR); - OICStrcpy(amacl->resources[idxx], jsonObjLen, jsonRsrc->valuestring); - } while ( ++idxx < amacl->resourcesLen); - // Amss -- Mandatory - VERIFY_SUCCESS( TAG, OC_STACK_OK == AddUuidArray(jsonAmacl, OIC_JSON_AMSS_NAME, - &(amacl->amssLen), &(amacl->amss)), ERROR); + // Rowner -- Mandatory + jsonObj = cJSON_GetObjectItem(jsonAmacl, OIC_JSON_ROWNERID_NAME); + VERIFY_NON_NULL(TAG, jsonObj, ERROR); + VERIFY_SUCCESS(TAG, cJSON_String == jsonObj->type, ERROR); - // Owners -- Mandatory - VERIFY_SUCCESS( TAG, OC_STACK_OK == AddUuidArray(jsonAmacl, OIC_JSON_OWNERS_NAME, - &(amacl->ownersLen), &(amacl->owners)), ERROR); + headAmacl->ownersLen = 1; + VERIFY_SUCCESS(TAG, headAmacl->ownersLen > 0, ERROR); + headAmacl->owners = (OicUuid_t*)OICCalloc(headAmacl->ownersLen, sizeof(OicUuid_t)); + VERIFY_NON_NULL(TAG, (headAmacl->owners), ERROR); - prevAmacl = amacl; - } while( ++idx < numAmacl); - } + ret = ConvertStrToUuid(jsonObj->valuestring, &headAmacl->owners[0]); + VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR); ret = OC_STACK_OK; diff --git a/resource/csdk/security/unittest/aclresourcetest.cpp b/resource/csdk/security/unittest/aclresourcetest.cpp index 59bdada..009a329 100644 --- a/resource/csdk/security/unittest/aclresourcetest.cpp +++ b/resource/csdk/security/unittest/aclresourcetest.cpp @@ -78,26 +78,21 @@ TEST(ACLResourceTest, CBORDefaultACLConversion) size_t defaultAclSize = 0; uint8_t *defaultPsStorage = NULL; - EXPECT_EQ(OC_STACK_OK, AclToCBORPayload(defaultAcl, &defaultPsStorage, &defaultAclSize)); + OCStackResult convRet = AclToCBORPayload(defaultAcl, &defaultPsStorage, &defaultAclSize); + EXPECT_EQ(OC_STACK_OK, convRet); ASSERT_TRUE(defaultPsStorage != NULL); EXPECT_NE(0, defaultAclSize); - // This creates a default file oic_svr_db.dat, which is then needed by unit test. - CborEncoder encoder = { 0, 0, 0, 0}; - const size_t cborSize = 255; - uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborSize); - ASSERT_TRUE(outPayload != NULL); - cbor_encoder_init(&encoder, outPayload, cborSize, 0); - CborEncoder map = { 0, 0, 0, 0 }; - CborError cborEncoderResult = cbor_encoder_create_map(&encoder, &map, CborIndefiniteLength); - EXPECT_EQ(CborNoError, cborEncoderResult); - cborEncoderResult = cbor_encode_text_string(&map, OIC_JSON_ACL_NAME, strlen(OIC_JSON_ACL_NAME)); - EXPECT_EQ(CborNoError, cborEncoderResult); - cborEncoderResult = cbor_encode_byte_string(&map, defaultPsStorage, defaultAclSize); - EXPECT_EQ(CborNoError, cborEncoderResult); - cborEncoderResult = cbor_encoder_close_container(&encoder, &map); - EXPECT_EQ(CborNoError, cborEncoderResult); - OICFree(outPayload); + OicSecAcl_t* convertedAcl = CBORPayloadToAcl(defaultPsStorage, defaultAclSize); + ASSERT_TRUE(convertedAcl != NULL); + + EXPECT_EQ(defaultAcl->resourcesLen, convertedAcl->resourcesLen); + for(int i = 0; i < convertedAcl->resourcesLen; i++) + { + EXPECT_EQ(0, strcmp(defaultAcl->resources[i], convertedAcl->resources[i])); + } + + DeleteACLList(convertedAcl); DeleteACLList(defaultAcl); OICFree(defaultPsStorage); } @@ -233,7 +228,7 @@ TEST(ACLResourceTest, GetDefaultACLTests) // Verify if the SRM generated default ACL matches with unit test default if (acl && psAcl) { - EXPECT_TRUE(memcmp(&(acl->subject), &(psAcl->subject), sizeof(OicUuid_t)) == 0); + EXPECT_TRUE(strcmp((char*)acl->subject.id, (char*)psAcl->subject.id) == 0); EXPECT_EQ(acl->resourcesLen, psAcl->resourcesLen); for (size_t i = 0; i < acl->resourcesLen; i++) { @@ -447,7 +442,7 @@ TEST(ACLResourceTest, ACLDeleteWithMultiResourceTest) // Create Entity Handler DELETE request ehReq.method = OC_REST_DELETE; - char query[] = "sub=2222222222222222;rsrc=/a/led"; + char query[] = "subject=2222222222222222;resources=/a/led"; ehReq.query = (char *)OICMalloc(strlen(query)+1); ASSERT_TRUE(NULL != ehReq.query); OICStrcpy(ehReq.query, strlen(query)+1, query); diff --git a/resource/csdk/security/unittest/amaclresourcetest.cpp b/resource/csdk/security/unittest/amaclresourcetest.cpp index d76b162..493a8d1 100644 --- a/resource/csdk/security/unittest/amaclresourcetest.cpp +++ b/resource/csdk/security/unittest/amaclresourcetest.cpp @@ -151,14 +151,6 @@ TEST(AMACLResourceTest, CBORAMACLConversion) EXPECT_EQ(secAmacl->ownersLen, amacl->ownersLen); EXPECT_EQ(*secAmacl->owners[0].id, *amacl->owners[0].id); - EXPECT_EQ(secAmacl->next->amssLen, amacl->next->amssLen); - EXPECT_EQ(sizeof(secAmacl->next->amss[0].id), sizeof(amacl->next->amss[0].id)); - EXPECT_STREQ(secAmacl->next->resources[0], amacl->next->resources[0]); - EXPECT_STREQ(secAmacl->next->resources[1], amacl->next->resources[1]); - EXPECT_EQ(secAmacl->next->resourcesLen, amacl->next->resourcesLen); - EXPECT_EQ(secAmacl->next->ownersLen, amacl->next->ownersLen); - EXPECT_EQ(*secAmacl->next->owners[0].id, *amacl->next->owners[0].id); - DeleteAmaclList(secAmacl); DeleteAmaclList(amacl); OICFree(psStorage); diff --git a/resource/csdk/security/unittest/oic_svr_db.json b/resource/csdk/security/unittest/oic_svr_db.json index 0b0a4a6..6583da1 100644 --- a/resource/csdk/security/unittest/oic_svr_db.json +++ b/resource/csdk/security/unittest/oic_svr_db.json @@ -1,46 +1,80 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad" - ], - "perms": 2, - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + } + ], + "permission": 6 + } ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl" - ], - "perms": 6, - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" - ] - } - ], + "rownerid" : "756E6B6E-6F77-6564-4465-766963654964" + }, "pstat": { "isop": false, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 0, + "deviceid": "756E6B6E-6F77-6564-4465-766963654964", + "rownerid": "756E6B6E-6F77-6564-4465-766963654964", "cm": 0, "tm": 0, "om": 3, "sm": [3] }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": false, - "deviceid": "MjIyMjIyMjIyMjIyMjIyMg==" + "didformat": 0, + "deviceid": "756E6B6E-6F77-6564-4465-766963654964", + "rownerid": "756E6B6E-6F77-6564-4465-766963654964", + "dpc": false } } diff --git a/resource/csdk/security/unittest/oic_unittest.dat b/resource/csdk/security/unittest/oic_unittest.dat index 8d39ad7..0a8ea77 100644 Binary files a/resource/csdk/security/unittest/oic_unittest.dat and b/resource/csdk/security/unittest/oic_unittest.dat differ diff --git a/resource/csdk/security/unittest/oic_unittest.json b/resource/csdk/security/unittest/oic_unittest.json index 54cd36a..6285f52 100644 --- a/resource/csdk/security/unittest/oic_unittest.json +++ b/resource/csdk/security/unittest/oic_unittest.json @@ -1,77 +1,51 @@ { - "acl": [ - { - "sub": "MTExMTExMTExMTExMTExMQ==", - "rsrc": [ - "/oic/light", - "/oic/fan" - ], - "perms": 255, - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" + "acl": + { + "aclist":{ + "aces":[ + { + "subject": "31313131-3131-3131-3131-313131313131", + "resources": [ + { + "href": "/oic/light", + "rt": "", + "if": "" + }, + { + "href": "/oic/fan", + "rt": "", + "if": "" + } + ], + "permission": 31 + }, + { + "subject": "33333333-3333-3333-3333-333333333333", + "resources": [ + { + "href": "/oic/light", + "rt": "", + "if": "" + }, + { + "href": "/oic/garage", + "rt": "", + "if": "" + } + ], + "permission": 31 + } ] }, - { - "sub": "MzMzMzMzMzMzMzMzMzMzMw==", - "rsrc": [ - "/oic/light", - "/oic/garage" - ], - "perms": 255, - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==", - "NDQ0NDQ0NDQ0NDQ0NDQ0NA==" - ] - } - ], - - "pstat": { + "rownerid" : "32323232-3232-3232-3232-323232323232" + }, + "pstat": { "isop": false, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 1234, + "deviceid": "756E6B6E-6F77-6564-4465-766963654964", + "rownerid": "756E6B6E-6F77-6564-4465-766963654964", "cm": 63, "tm": 48, "om": 0, "sm": [3, 1] - }, - - "amacl": [ - { - "rsrc": ["/a/led", "/a/fan"], - "amss": [ - "NTU1NTU1NTU1NTU1NTU1NQ==", - "NjY2NjY2NjY2NjY2NjY2Ng==" - ], - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" - ] - }, - { - "rsrc": ["/b/led", "/b/fan"], - "amss": [ - "NTU1NTU1NTU1NTU1NTU1NQ==", - "NjY2NjY2NjY2NjY2NjY2Ng==" - ], - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" - ] - } - ], - -"svc": [ - { - "svcdid": "NTU1NTU1NTU1NTU1NTU1NQ==", - "svct": 1, - "ownrs" : [ - "OTk5OTk5OTk5OTk5OTk5OQ==" - ] - }, - { - "svcdid": "NjY2NjY2NjY2NjY2NjY2Ng==", - "svct": 1, - "ownrs" : [ - "OTk5OTk5OTk5OTk5OTk5OQ==" - ] - } - ] + } } diff --git a/resource/csdk/security/unittest/oic_unittest_acl1.dat b/resource/csdk/security/unittest/oic_unittest_acl1.dat index 14c6db7..bd5d359 100644 Binary files a/resource/csdk/security/unittest/oic_unittest_acl1.dat and b/resource/csdk/security/unittest/oic_unittest_acl1.dat differ diff --git a/resource/csdk/security/unittest/oic_unittest_acl1.json b/resource/csdk/security/unittest/oic_unittest_acl1.json index 91ee7b4..313830b 100644 --- a/resource/csdk/security/unittest/oic_unittest_acl1.json +++ b/resource/csdk/security/unittest/oic_unittest_acl1.json @@ -1,26 +1,94 @@ -[ - { - "sub":"Kg", - "rsrc":["/oic/res","/oic/d","/oic/p","/oic/res/types/d","/oic/ad","/oic/sec/acl"], - "perms":2, - "ownrs":["MjIyMjIyMjIyMjIyMjIyMg"] - }, - { - "sub":"Kg", - "rsrc":["/oic/sec/doxm","/oic/sec/pstat"], - "perms":6, - "ownrs":["MjIyMjIyMjIyMjIyMjIyMg"] - }, - { - "sub":"MTExMTExMTExMTExMTExMQ", - "rsrc":["/oic/light","/oic/fan"], - "perms":255, - "ownrs":["MjIyMjIyMjIyMjIyMjIyMg"] - }, - { - "sub":"MzMzMzMzMzMzMzMzMzMzMw", - "rsrc":["/oic/light","/oic/garage"], - "perms":255, - "ownrs":["MjIyMjIyMjIyMjIyMjIyMg","NDQ0NDQ0NDQ0NDQ0NDQ0NA"] - } -] +{ + "acl":{ + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 6 + }, + { + "subject": "31313131-3131-3131-3131-313131313131", + "resources": [ + { + "href": "/oic/light", + "rt": "", + "if": "" + }, + { + "href": "/oic/fan", + "rt": "", + "if": "" + } + ], + "permission": 31 + }, + { + "subject": "33333333-3333-3333-3333-333333333333", + "resources": [ + { + "href": "/oic/light", + "rt": "", + "if": "" + }, + { + "href": "/oic/garage", + "rt": "", + "if": "" + } + ], + "permission": 31 + } + ] + }, + "rownerid" : "32323232-3232-3232-3232-323232323232" + } +} + diff --git a/resource/csdk/security/unittest/oic_unittest_default_acl.dat b/resource/csdk/security/unittest/oic_unittest_default_acl.dat index f284271..e7f3a93 100644 Binary files a/resource/csdk/security/unittest/oic_unittest_default_acl.dat and b/resource/csdk/security/unittest/oic_unittest_default_acl.dat differ diff --git a/resource/csdk/security/unittest/oic_unittest_default_acl.json b/resource/csdk/security/unittest/oic_unittest_default_acl.json index 7f3d449..2003235 100644 --- a/resource/csdk/security/unittest/oic_unittest_default_acl.json +++ b/resource/csdk/security/unittest/oic_unittest_default_acl.json @@ -1,21 +1,55 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/acl", - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : [ - "MjIyMjIyMjIyMjIyMjIyMg==" + "acl":{ + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 2 + } ] - } - ] + }, + "rownerid" : "32323232-3232-3232-3232-323232323232" + } } diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat index 4a427c4..ed2d103 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat and b/resource/csdk/stack/samples/linux/secure/oic_amss_db.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json index 9543a87..9e417a6 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_amss_db.json +++ b/resource/csdk/stack/samples/linux/secure/oic_amss_db.json @@ -1,64 +1,67 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/acl", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] - }, - { - "sub": "MjIyMjIyMjIyMjIyMjIyMg==", - "rsrc": ["/oic/sec/acl", - "/oic/sec/cred"], - "perms": 8, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "sub": "NDQ0NDMzMzMyMjIyMTExMQ==", - "rsrc": ["/a/led"], - "perms": 6, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - } - ], - "pstat": { - "isop": true, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 0, - "cm": 0, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceid": "MTkxOTE5MTkxOTE5MTkxOQ==", - "ownr": "YWRtaW5EZXZpY2VVVUlEAA==" - }, - "cred": [{ - "credid": 1, - "sub": "MTExMTExMTExMTExMTExMQ==", - "credtyp": 1, - "pvdata": "QkJCQkJCQkJCQkJCQkJCQg==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }] + "acl": + { + "aclist": + { + "aces": + [ + { + "subject": "*", + "resources": + [ + {"href": "/oic/res", "rt": "", "if": ""}, + {"href": "/oic/d", "rt": "", "if": ""}, + {"href": "/oic/p", "rt": "", "if": ""}, + {"href": "/oic/res/types/d", "rt": "", "if": ""}, + {"href": "/oic/ad", "rt": "", "if": ""}, + {"href": "/oic/sec/acl", "rt": "", "if": ""}, + {"href": "/oic/sec/amacl", "rt": "", "if": ""} + ], + "permission": 2 + }, + { + "subject": "*", + "resources": + [ + {"href": "/oic/sec/doxm", "rt": "", "if": ""}, + {"href": "/oic/sec/pstat", "rt": "", "if": ""} + ], + "permission": 2 + } + ] + }, + "rownerid": "31393139-3139-3139-3139-313931393139" + }, + + "pstat": + { + "isop": true, + "deviceid": "31393139-3139-3139-3139-313931393139", + "cm": 0, + "tm": 0, + "om": 3, + "sm": [3], + "rownerid": "31393139-3139-3139-3139-313931393139" + }, + "doxm": + { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "didformat": 0, + "deviceid": "31393139-3139-3139-3139-313931393139", + "devownerid": "61646D69-6E44-6576-6963-655555494430", + "rownerid": "31393139-3139-3139-3139-313931393139" + }, + "cred": + [ + { + "credid": 1, + "subject": "MTExMTExMTExMTExMTExMQ==", + "credtype": 1, + "privatedata": "QkJCQkJCQkJCQkJCQkJCQg==", + "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] + } + ] } diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.dat index e2de34b..fe43881 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.json index ca8fed4..90f0f85 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client.json @@ -1,52 +1,70 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/acl", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - } - ], - "pstat": { - "isop": true, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 0, - "cm": 0, - "tm": 0, - "om": 3, - "sm": [3] + "acl": + { + "aclist": + { + "aces": + [ + { + "subject": "*", + "resources": + [ + {"href": "/oic/res", "rt": "", "if": ""}, + {"href": "/oic/d", "rt": "", "if": ""}, + {"href": "/oic/p", "rt": "", "if": ""}, + {"href": "/oic/res/types/d", "rt": "", "if": ""}, + {"href": "/oic/ad", "rt": "", "if": ""}, + {"href": "/oic/sec/acl", "rt": "", "if": ""}, + {"href": "/oic/sec/amacl", "rt": "", "if": ""} + ], + "permission": 2 + }, + { + "subject": "*", + "resources": + [ + {"href": "/oic/sec/doxm", "rt": "", "if": ""}, + {"href": "/oic/sec/pstat", "rt": "", "if": ""} + ], + "permission": 2 + } + ] + }, + "rownerid": "32323232-3232-3232-3232-323232323232" + }, + + "pstat": + { + "isop": true, + "deviceid": "32323232-3232-3232-3232-323232323232", + "cm": 2, + "tm": 0, + "om": 3, + "sm": [3], + "rownerid": "32323232-3232-3232-3232-323232323232" + }, + + "doxm": + { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "didformat": 0, + "deviceid": "32323232-3232-3232-3232-323232323232", + "devownerid": "32323232-3232-3232-3232-323232323232", + "rownerid": "32323232-3232-3232-3232-323232323232" }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceid": "MjIyMjIyMjIyMjIyMjIyMg==", - "ownr": "MjIyMjIyMjIyMjIyMjIyMg==" - }, - "cred": [{ - "credid": 1, - "sub": "MTExMTExMTExMTExMTExMQ==", - "credtyp": 1, - "prd": "20150630T060000/20990920T220000", - "pvdata": "QUFBQUFBQUFBQUFBQUFBQQ==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }] -} + + "cred": + [ + { + "credid": 1, + "subject": "MTExMTExMTExMTExMTExMQ==", + "credtype": 1, + "period": "20150630T060000/20990920T220000", + "privatedata": "QUFBQUFBQUFBQUFBQUFBQQ==", + "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] + } + ] +} \ No newline at end of file diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat index 59d7dea..aa67b48 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json index ad5519d..8280333 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_client_directpairing.json @@ -1,47 +1,80 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/res/d", - "/oic/res/types/d", - "/oic/presence" - ], - "perms": 2, - "ownrs" : [ - "ZGlyZWN0cGFpcmluZ0Rldg==" + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/presence", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/acl", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/cred", + "rt": "", + "if": "" + } + ], + "permission": 6 + } ] }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat", - "/oic/sec/acl", - "/oic/sec/cred" - ], - "perms": 6, - "ownrs" : [ - "ZGlyZWN0cGFpcmluZ0Rldg==" - ] - } - ], + "rownerid" : "64697265-6374-7061-6972-696e67446576" + }, "pstat": { "isop": false, - "deviceid": "ZGlyZWN0cGFpcmluZ0Rldg==", - "ch": 0, "cm": 2, "tm": 0, "om": 3, - "sm": [3] + "sm": [3], + "deviceid": "64697265-6374-7061-6972-696e67446576", + "rownerid": "64697265-6374-7061-6972-696e67446576" }, "doxm": { - "oxm": [0], + "oxms": [0], "oxmsel": 0, "sct": 1, "owned": false, - "deviceid": "ZGlyZWN0cGFpcmluZ0Rldg==", - "dpc": false + "didformat": 0, + "deviceid": "64697265-6374-7061-6972-696e67446576", + "dpc": false, + "devownerid": "" } } diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat index 935d98d..5add760 100644 Binary files a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat and b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.dat differ diff --git a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json index 9456b41..63228b6 100644 --- a/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json +++ b/resource/csdk/stack/samples/linux/secure/oic_svr_db_server.json @@ -1,113 +1,105 @@ { - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/acl", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : ["MTExMTExMTExMTExMTExMQ=="] - }, - { - "sub": "MjIyMjIyMjIyMjIyMjIyMg==", - "rsrc": ["/oic/sec/acl", - "/oic/sec/cred"], - "perms": 8, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "sub": "MjIyMjIyMjIyMjIyMjIyMg==", - "rsrc": ["/a/led"], - "perms": 6, - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "sub": "MTExMTIyMjIzMzMzNDQ0NA==", - "rsrc": ["/a/led"], - "perms": 6, - "prds" : ["20150630T060000/20150630T220000", "20150630T060000/20150630T200000"], - "recurs" : ["FREQ=DAILY; BYDAY=MO, WE, FR", "FREQ=DAILY; BYDAY=TU, TH; UNTIL=20160630"], - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "sub": "Nzc3Nzc3Nzc3Nzc3Nzc3Nw==", - "rsrc": ["/a/led"], - "perms": 6, - "prds" : ["20150630T060000/20150630T220000"], - "recurs" : ["FREQ=DAILY; UNTIL=20150630"], - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - } - ], - "amacl": [{ - "rsrc" : ["/a/led"], - "amss" : ["MTkxOTE5MTkxOTE5MTkxOQ=="], - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }], - "pstat": { - "isop": true, - "deviceid": "ZGV2aWNlaWQAAAAAABhanw==", - "ch": 0, - "cm": 0, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceid": "MTExMTExMTExMTExMTExMQ==", - "ownr": "YWRtaW5EZXZpY2VVVUlEAA==" - }, - "cred": [{ - "credid": 1, - "sub": "MjIyMjIyMjIyMjIyMjIyMg==", - "credtyp": 1, - "pvdata": "QUFBQUFBQUFBQUFBQUFBQQ==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, - { - "credid": 2, - "sub": "MTExMTIyMjIzMzMzNDQ0NA==", - "credtyp": 1, - "pvdata": "QUFBQUFBQUFBQUFBQUFBQQ==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, + "acl": { - "credid": 3, - "sub": "Nzc3Nzc3Nzc3Nzc3Nzc3Nw==", - "credtyp": 1, - "pvdata": "QUFBQUFBQUFBQUFBQUFBQQ==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, + "aclist": + { + "aces": + [ + { + "subject": "*", + "resources": + [ + {"href": "/oic/res", "rt": "", "if": ""}, + {"href": "/oic/res/d", "rt": "", "if": ""}, + {"href": "/oic/res/types/d", "rt": "", "if": ""}, + {"href": "/oic/ad", "rt": "", "if": ""}, + {"href": "/oic/sec/acl", "rt": "", "if": ""}, + {"href": "/oic/sec/amacl", "rt": "", "if": ""} + ], + "permission": 2 + }, + { + "subject": "*", + "resources": + [ + {"href": "/oic/sec/doxm", "rt": "", "if": ""}, + {"href": "/oic/sec/pstat", "rt": "", "if": ""} + ], + "permission": 2 + }, + { + "subject": "32323232-3232-3232-3232-323232323232", + "resources": + [ + {"href": "/oic/sec/acl", "rt": "", "if": ""}, + {"href": "/oic/sec/cred", "rt": "", "if": ""} + ], + "permission": 8 + }, + { + "subject": "31313131-3232-3232-3333-333334343434", + "resources": + [ + {"href": "/a/led", "rt": "", "if": ""} + ], + "permission": 6, + "period" : ["20150630T060000/20150630T220000", "20150630T060000/20150630T200000"], + "recurrence" : ["FREQ=DAILY; BYDAY=MO, WE, FR", "FREQ=DAILY; BYDAY=TU, TH; UNTIL=20160630"] + }, + { + "subject": "37373737-3737-3737-3737-373737373737", + "resources": + [ + {"href": "/a/led", "rt": "", "if": ""} + ], + "permission": 6, + "period" : ["20150630T060000/20150630T220000"], + "recurrence" : ["FREQ=DAILY; UNTIL=20150630"] + } + ] + }, + "rownerid": "31313131-3131-3131-3131-313131313131" + }, + + "pstat": { - "credid": 4, - "sub": "NDQ0NDMzMzMyMjIyMTExMQ==", - "credtyp": 1, - "pvdata": "QUFBQUFBQUFBQUFBQUFBQQ==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }, + "isop": true, + "deviceid": "31313131-3131-3131-3131-313131313131", + "cm": 0, + "tm": 0, + "om": 3, + "sm": [3], + "rownerid": "31313131-3131-3131-3131-313131313131" + }, + + "doxm": { - "credid": 5, - "sub": "MTkxOTE5MTkxOTE5MTkxOQ==", - "credtyp": 1, - "pvdata": "QkJCQkJCQkJCQkJCQkJCQg==", - "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] - }] -} + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "didformat": 0, + "deviceid": "31313131-3131-3131-3131-313131313131", + "devownerid": "32323232-3232-3232-3232-323232323232", + "rownerid": "31313131-3131-3131-3131-313131313131" + }, + "cred": + [ + { + "credid": 1, + "subject": "MjIyMjIyMjIyMjIyMjIyMg==", + "credtype": 1, + "period": "20150630T060000/20990920T220000", + "privatedata": "QUFBQUFBQUFBQUFBQUFBQQ==", + "ownrs" : ["MjIyMjIyMjIyMjIyMjIyMg=="] + }, + { + "credid": 2, + "subject": "MTkxOTE5MTkxOTE5MTkxOQ==", + "credtype": 1, + "period": "20150630T060000/20990920T220000", + "privatedata": "QkJCQkJCQkJCQkJCQkJCQg==", + "ownrs" : ["MTkxOTE5MTkxOTE5MTkxOQ=="] + } + ] +} \ No newline at end of file diff --git a/resource/provisioning/examples/oic_svr_db_client.dat b/resource/provisioning/examples/oic_svr_db_client.dat index 6a39661..19d6957 100644 Binary files a/resource/provisioning/examples/oic_svr_db_client.dat and b/resource/provisioning/examples/oic_svr_db_client.dat differ diff --git a/resource/provisioning/examples/oic_svr_db_client.json b/resource/provisioning/examples/oic_svr_db_client.json index 1219d6a..34243c3 100644 --- a/resource/provisioning/examples/oic_svr_db_client.json +++ b/resource/provisioning/examples/oic_svr_db_client.json @@ -1,43 +1,81 @@ -{ - "acl": [ - { - "sub": "Kg==", - "rsrc": [ - "/oic/res", - "/oic/d", - "/oic/p", - "/oic/res/types/d", - "/oic/ad", - "/oic/sec/amacl" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] - }, - { - "sub": "Kg==", - "rsrc": [ - "/oic/sec/doxm", - "/oic/sec/pstat" - ], - "perms": 2, - "ownrs" : ["YWRtaW5EZXZpY2VVVUlEMA=="] - } - ], - "pstat": { - "isop": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "ch": 0, - "cm": 0, - "tm": 0, - "om": 3, - "sm": [3] - }, - "doxm": { - "oxm": [0], - "oxmsel": 0, - "sct": 1, - "owned": true, - "deviceid": "YWRtaW5EZXZpY2VVVUlEMA==", - "ownr": "YWRtaW5EZXZpY2VVVUlEMA==" - } -} +{ + "acl": { + "aclist":{ + "aces":[ + { + "subject": "*", + "resources": [ + { + "href": "/oic/res", + "rt": "", + "if": "" + }, + { + "href": "/oic/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/p", + "rt": "", + "if": "" + }, + { + "href": "/oic/res/types/d", + "rt": "", + "if": "" + }, + { + "href": "/oic/ad", + "rt": "", + "if": "" + }, + { + "href": "/oic/sec/amacl", + "rt": "", + "if": "" + } + ], + "permission": 2 + }, + { + "subject": "*", + "resources": [ + { + "href": "/oic/sec/doxm", + "rt": "", + "if": "" + } , + { + "href": "/oic/sec/pstat", + "rt": "", + "if": "" + } + ], + "permission": 2 + } + ] + }, + "rownerid" : "61646D69-6E44-6576-6963-655575696430" + }, + "pstat": { + "isop": true, + "cm": 2, + "tm": 0, + "om": 3, + "sm": [3], + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" + }, + "doxm": { + "oxms": [0], + "oxmsel": 0, + "sct": 1, + "owned": true, + "didformat": 0, + "deviceid": "61646D69-6E44-6576-6963-655575696430", + "dpc": false, + "devownerid": "61646D69-6E44-6576-6963-655575696430", + "rownerid": "61646D69-6E44-6576-6963-655575696430" + } +}