From 52a031e1f25a07a8ed19c9f98b67fa253ba00181 Mon Sep 17 00:00:00 2001 From: Nathan Heldt-Sheller Date: Sat, 19 Mar 2016 15:25:52 -0700 Subject: [PATCH] Added "GetSvrTypeFromUri()" and supporting code. This is a necessary function for v1.1 functions to handle "pstat->isop" and "rowner" checks. Change-Id: I2b381fb6103e939bc554abaf6df0747a94f5a30e Signed-off-by: Nathan Heldt-Sheller Reviewed-on: https://gerrit.iotivity.org/gerrit/6101 Tested-by: jenkins-iotivity Reviewed-by: Randeep Singh --- .../csdk/security/include/internal/policyengine.h | 1 + .../include/internal/secureresourcemanager.h | 10 +- .../security/include/internal/srmresourcestrings.h | 5 + .../security/include/securevirtualresourcetypes.h | 15 +++ resource/csdk/security/src/secureresourcemanager.c | 133 +++++++++++++++++++++ resource/csdk/security/src/srmresourcestrings.c | 6 + 6 files changed, 169 insertions(+), 1 deletion(-) diff --git a/resource/csdk/security/include/internal/policyengine.h b/resource/csdk/security/include/internal/policyengine.h index 72aa01c..c99849d 100644 --- a/resource/csdk/security/include/internal/policyengine.h +++ b/resource/csdk/security/include/internal/policyengine.h @@ -44,6 +44,7 @@ typedef struct PEContext PEState_t state; OicUuid_t subject; char resource[MAX_URI_LENGTH]; + OicSecSvrType_t resourceType; uint16_t permission; bool matchingAclFound; bool amsProcessing; diff --git a/resource/csdk/security/include/internal/secureresourcemanager.h b/resource/csdk/security/include/internal/secureresourcemanager.h index 51f6a3f..7976452 100644 --- a/resource/csdk/security/include/internal/secureresourcemanager.h +++ b/resource/csdk/security/include/internal/secureresourcemanager.h @@ -105,8 +105,16 @@ void SRMRegisterProvisioningResponseHandler(SPResponseCallback respHandler); bool SRMIsSecurityResourceURI(const char* uri); /** + * Get the resource type from the URI. + * @param uri [IN] Pointers to security resource URI. + * @return SVR type (note that "NOT_A_SVR_RESOURCE" is returned if not a SVR) + */ +OicSecSvrType_t GetSvrTypeFromUri(const char* uri); + +/** * Sends Response - * @param resposeVal Response @ref SRMAccessResponse_t value. + * @param resposeVal SRMAccessResponse_t value + * @return NONE */ void SRMSendResponse(SRMAccessResponse_t responseVal); diff --git a/resource/csdk/security/include/internal/srmresourcestrings.h b/resource/csdk/security/include/internal/srmresourcestrings.h index a7a2df1..15cfa31 100644 --- a/resource/csdk/security/include/internal/srmresourcestrings.h +++ b/resource/csdk/security/include/internal/srmresourcestrings.h @@ -58,6 +58,11 @@ extern const char * OIC_RSRC_TYPE_SEC_CRL; extern const char * OIC_RSRC_CRL_URI; extern const char * OIC_JSON_CRL_NAME; +//SACL +extern const char * OIC_RSRC_TYPE_SEC_SACL; +extern const char * OIC_RSRC_SACL_URI; +extern const char * OIC_JSON_SACL_NAME; + //SVC extern const char * OIC_RSRC_TYPE_SEC_SVC; extern const char * OIC_RSRC_SVC_URI; diff --git a/resource/csdk/security/include/securevirtualresourcetypes.h b/resource/csdk/security/include/securevirtualresourcetypes.h index d16a1e8..5022883 100644 --- a/resource/csdk/security/include/securevirtualresourcetypes.h +++ b/resource/csdk/security/include/securevirtualresourcetypes.h @@ -239,6 +239,21 @@ typedef enum typedef enum { + NOT_A_SVR_RESOURCE = 0, + OIC_R_ACL_TYPE, + OIC_R_AMACL_TYPE, + OIC_R_CRED_TYPE, + OIC_R_CRL_TYPE, + OIC_R_DOXM_TYPE, + OIC_R_DPAIRING_TYPE, + OIC_R_PCONF_TYPE, + OIC_R_PSTAT_TYPE, + OIC_R_SACL_TYPE, + OIC_R_SVC_TYPE +}OicSecSvrType_t; + +typedef enum +{ OIC_JUST_WORKS = 0x0, OIC_RANDOM_DEVICE_PIN = 0x1, OIC_MANUFACTURER_CERTIFICATE = 0x2, diff --git a/resource/csdk/security/src/secureresourcemanager.c b/resource/csdk/security/src/secureresourcemanager.c index 7c233be..6e2feb2 100644 --- a/resource/csdk/security/src/secureresourcemanager.c +++ b/resource/csdk/security/src/secureresourcemanager.c @@ -56,6 +56,20 @@ static SPResponseCallback gSPResponseHandler = NULL; */ PEContext_t g_policyEngineContext; +/** + * Function to register provisoning API's response callback. + * @param respHandler response handler callback. + */ +void SRMRegisterProvisioningResponseHandler(SPResponseCallback respHandler) +{ + gSPResponseHandler = respHandler; +} + +void SetResourceRequestType(PEContext_t *context, const char *resourceUri) +{ + context->resourceType = GetSvrTypeFromUri(resourceUri); +} + static void SRMSendUnAuthorizedAccessresponse(PEContext_t *context) { CAResponseInfo_t responseInfo = {.result = CA_EMPTY}; @@ -151,6 +165,8 @@ void SRMRequestHandler(const CAEndpoint_t *endPoint, const CARequestInfo_t *requ char newUri[MAX_URI_LENGTH + 1]; OICStrcpyPartial(newUri, MAX_URI_LENGTH + 1, requestInfo->info.resourceUri, position); + SetResourceRequestType(&g_policyEngineContext, newUri); + //New request are only processed if the policy engine state is AWAITING_REQUEST. if (AWAITING_REQUEST == g_policyEngineContext.state) { @@ -369,3 +385,120 @@ bool SRMIsSecurityResourceURI(const char* uri) return false; } + +/** + * Get the Secure Virtual Resource (SVR) type from the URI. + * @param uri [IN] Pointer to URI in question. + * @return The OicSecSvrType_t of the URI passed (note: if not a Secure Virtual + Resource, e.g. /a/light, will return "NOT_A_SVR_TYPE" enum value) + */ +static const char URI_QUERY_CHAR = '?'; +OicSecSvrType_t GetSvrTypeFromUri(const char* uri) +{ + if (!uri) + { + return NOT_A_SVR_RESOURCE; + } + + // Remove query from Uri for resource string comparison + size_t uriLen = strlen(uri); + char *query = strchr (uri, URI_QUERY_CHAR); + if (query) + { + uriLen = query - uri; + } + + size_t svrLen = 0; + + svrLen = strlen(OIC_RSRC_ACL_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_ACL_URI, svrLen)) + { + return OIC_R_ACL_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_AMACL_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_AMACL_URI, svrLen)) + { + return OIC_R_AMACL_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_CRED_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_CRED_URI, svrLen)) + { + return OIC_R_CRED_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_CRL_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_CRL_URI, svrLen)) + { + return OIC_R_CRL_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_DOXM_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_DOXM_URI, svrLen)) + { + return OIC_R_DOXM_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_DPAIRING_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_DPAIRING_URI, svrLen)) + { + return OIC_R_DPAIRING_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_PCONF_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_PCONF_URI, svrLen)) + { + return OIC_R_PCONF_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_PSTAT_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_PSTAT_URI, svrLen)) + { + return OIC_R_PSTAT_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_SVC_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_SVC_URI, svrLen)) + { + return OIC_R_SVC_TYPE; + } + } + + svrLen = strlen(OIC_RSRC_SACL_URI); + if(uriLen == svrLen) + { + if(0 == strncmp(uri, OIC_RSRC_SACL_URI, svrLen)) + { + return OIC_R_SACL_TYPE; + } + } + + return NOT_A_SVR_RESOURCE; +} diff --git a/resource/csdk/security/src/srmresourcestrings.c b/resource/csdk/security/src/srmresourcestrings.c index b80e71e..7d7ab5e 100644 --- a/resource/csdk/security/src/srmresourcestrings.c +++ b/resource/csdk/security/src/srmresourcestrings.c @@ -54,6 +54,12 @@ const char * OIC_JSON_CRED_NAME = "cred"; const char * OIC_RSRC_TYPE_SEC_CRL = "oic.sec.crl"; const char * OIC_RSRC_CRL_URI = "/oic/sec/crl"; const char * OIC_JSON_CRL_NAME = "crl"; + +//SACL +const char * OIC_RSRC_TYPE_SEC_SACL = "oic.sec.sacl"; +const char * OIC_RSRC_SACL_URI = "/oic/sec/sacl"; +const char * OIC_JSON_SACL_NAME = "sacl"; + //svc const char * OIC_RSRC_TYPE_SEC_SVC = "oic.sec.svc"; const char * OIC_RSRC_SVC_URI = "/oic/sec/svc"; -- 2.7.4