From ddbd0e3d0229af916466602e33c8a20814c9e2bc Mon Sep 17 00:00:00 2001 From: Randeep Singh Date: Thu, 8 Sep 2016 18:36:02 +0530 Subject: [PATCH] Added CASelectCipherSuite for android Change-Id: I073d1191e6a114c3c34f67f48d1ab7c7443bf1d6 Signed-off-by: Randeep Singh Reviewed-on: https://gerrit.iotivity.org/gerrit/11605 Tested-by: jenkins-iotivity Reviewed-by: Ashwini Kumar Reviewed-by: jihwan seo (cherry picked from commit 7c4dd58b07c1b0f5c349bab2b6e8e93eb8fef543) Reviewed-on: https://gerrit.iotivity.org/gerrit/12327 --- android/android_api/base/jni/Android.mk | 7 ++++ android/android_api/base/jni/JniCaInterface.c | 15 +++++++++ android/android_api/base/jni/JniCaInterface.h | 8 +++++ .../src/main/java/org/iotivity/ca/CaInterface.java | 7 ++++ .../src/main/java/org/iotivity/ca/OicCipher.java | 38 ++++++++++++++++++++++ .../provisioningclient/ProvisioningClient.java | 8 +++++ .../csdk/connectivity/src/caconnectivitymanager.c | 6 +++- 7 files changed, 88 insertions(+), 1 deletion(-) create mode 100644 android/android_api/base/src/main/java/org/iotivity/ca/OicCipher.java diff --git a/android/android_api/base/jni/Android.mk b/android/android_api/base/jni/Android.mk index 1c43294..7039ac3 100644 --- a/android/android_api/base/jni/Android.mk +++ b/android/android_api/base/jni/Android.mk @@ -47,6 +47,9 @@ include $(PREBUILT_SHARED_LIBRARY) endif include $(CLEAR_VARS) +ifeq ($(SECURE), 1) + LOCAL_CFLAGS += -D__WITH_DTLS__ +endif OIC_SRC_PATH := ../../../resource LOCAL_MODULE := libca-interface LOCAL_SRC_FILES := JniCaInterface.c @@ -70,6 +73,10 @@ ifeq ($(WITH_TCP), 1) LOCAL_CPPFLAGS += -D__WITH_TLS__ endif +ifeq ($(SECURED), 1) + LOCAL_CPPFLAGS += -D__WITH_DTLS__ +endif + MQ_FLAG = 0 ifeq ($(WITH_MQ_PUB), 1) LOCAL_CFLAGS += -DWITH_MQ -DMQ_PUBLISHER diff --git a/android/android_api/base/jni/JniCaInterface.c b/android/android_api/base/jni/JniCaInterface.c index 06ff75b..9499b55 100644 --- a/android/android_api/base/jni/JniCaInterface.c +++ b/android/android_api/base/jni/JniCaInterface.c @@ -356,3 +356,18 @@ Java_org_iotivity_ca_CaInterface_setLeScanIntervalTimeImpl(JNIEnv *env, jclass c CAUtilSetLEScanInterval(intervalTime, workignCount); } +JNIEXPORT jint JNICALL Java_org_iotivity_ca_CaInterface_setCipherSuiteImpl + (JNIEnv *env, jclass clazz, jint cipherSuite, jint adapter) +{ + LOGI("setCipherSuiteImpl"); +#if defined(__WITH_DTLS__) || defined(__WITH_TLS__) + (void)env; + (void)clazz; + CAResult_t ret = CASelectCipherSuite(cipherSuite, (CATransportAdapter_t) adapter); + return ret; +#else + LOGE("Method not supported"); + return -1; +#endif // __WITH_DTLS__ || __WITH_TLS__ +} + diff --git a/android/android_api/base/jni/JniCaInterface.h b/android/android_api/base/jni/JniCaInterface.h index 2e8ba5b..663aef3 100644 --- a/android/android_api/base/jni/JniCaInterface.h +++ b/android/android_api/base/jni/JniCaInterface.h @@ -128,6 +128,14 @@ extern "C" { JNIEXPORT void JNICALL Java_org_iotivity_ca_CaInterface_setLeScanIntervalTimeImpl (JNIEnv *, jclass, jint, jint); + /* + * Class: org_iotivity_ca_CaInterface + * Method: setCipherSuiteImpl + * Signature: (Lorg/iotivity/ca/OicCipher;Lorg/iotivity/ca/CATransportAdapter;)I + */ + JNIEXPORT jint JNICALL Java_org_iotivity_ca_CaInterface_setCipherSuiteImpl + (JNIEnv *, jclass, jint, jint); + #ifdef __cplusplus } #endif diff --git a/android/android_api/base/src/main/java/org/iotivity/ca/CaInterface.java b/android/android_api/base/src/main/java/org/iotivity/ca/CaInterface.java index 3d62800..6924eb4 100644 --- a/android/android_api/base/src/main/java/org/iotivity/ca/CaInterface.java +++ b/android/android_api/base/src/main/java/org/iotivity/ca/CaInterface.java @@ -192,4 +192,11 @@ public class CaInterface { } private static native void setLeScanIntervalTimeImpl(int intervalTime, int workingCount); + + + public synchronized static int setCipherSuite(OicCipher cipher, OcConnectivityType connType){ + return CaInterface.setCipherSuiteImpl(cipher.getValue(), connType.getValue()); + } + private static native int setCipherSuiteImpl(int cipher, int adapter); + } diff --git a/android/android_api/base/src/main/java/org/iotivity/ca/OicCipher.java b/android/android_api/base/src/main/java/org/iotivity/ca/OicCipher.java new file mode 100644 index 0000000..60f9f16 --- /dev/null +++ b/android/android_api/base/src/main/java/org/iotivity/ca/OicCipher.java @@ -0,0 +1,38 @@ +/* **************************************************************** + * + * Copyright 2016 Samsung Electronics All Rights Reserved. + * + * + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + * + ******************************************************************/ + +package org.iotivity.ca; + +public enum OicCipher { + TLS_ECDH_anon_WITH_AES_128_CBC_SHA(0xC018), + TLS_PSK_WITH_AES_128_CCM_8(0xC0A8), + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8(0xC0AE), + TLS_RSA_WITH_AES_256_CBC_SHA(0x35); + + private int cipher; + + private OicCipher(int cipher) { + this.cipher = cipher; + } + + public int getValue(){ + return cipher; + } +} diff --git a/android/examples/provisioningclient/src/main/java/org/iotivity/base/examples/provisioningclient/ProvisioningClient.java b/android/examples/provisioningclient/src/main/java/org/iotivity/base/examples/provisioningclient/ProvisioningClient.java index dbd6a18..07ae29b 100644 --- a/android/examples/provisioningclient/src/main/java/org/iotivity/base/examples/provisioningclient/ProvisioningClient.java +++ b/android/examples/provisioningclient/src/main/java/org/iotivity/base/examples/provisioningclient/ProvisioningClient.java @@ -46,6 +46,11 @@ import java.util.ArrayList; import java.util.EnumSet; import java.util.List; +import org.iotivity.ca.OicCipher; +import org.iotivity.base.OcConnectivityType; +import org.iotivity.ca.CaInterface; + + public class ProvisioningClient extends Activity implements OcSecureResource.DoOwnershipTransferListener, OcSecureResource.ProvisionPairwiseDevicesListener { @@ -182,6 +187,9 @@ OcSecureResource.DoOwnershipTransferListener, OcSecureResource.ProvisionPairwise } initOICStack(); saveCertChain(); + int ret = CaInterface.setCipherSuite(OicCipher.TLS_ECDH_anon_WITH_AES_128_CBC_SHA, + OcConnectivityType.CT_ADAPTER_IP); + Log.e(TAG,"CaInterface.setCipherSuite returned = "+ret); } /** diff --git a/resource/csdk/connectivity/src/caconnectivitymanager.c b/resource/csdk/connectivity/src/caconnectivitymanager.c index a287608..0dc5a52 100644 --- a/resource/csdk/connectivity/src/caconnectivitymanager.c +++ b/resource/csdk/connectivity/src/caconnectivitymanager.c @@ -534,11 +534,13 @@ CAResult_t CAHandleRequestResponse() #if defined (__WITH_DTLS__) || defined(__WITH_TLS__) CAResult_t CASelectCipherSuite(const uint16_t cipher, CATransportAdapter_t adapter) { - OIC_LOG_V(DEBUG, TAG, "CASelectCipherSuite"); + OIC_LOG_V(DEBUG, TAG, "IN CASelectCipherSuite"); + OIC_LOG_V(DEBUG, TAG, "cipher : %d , CATransportAdapter : %d",cipher, adapter); if(CA_ADAPTER_IP == adapter) { if (CA_STATUS_OK != CADtlsSelectCipherSuite(cipher)) { + OIC_LOG_V(DEBUG, TAG, "CADtlsSelectCipherSuite failed"); return CA_STATUS_FAILED; } } @@ -547,10 +549,12 @@ CAResult_t CASelectCipherSuite(const uint16_t cipher, CATransportAdapter_t adapt { if (CA_STATUS_OK != CAsetTlsCipherSuite(cipher)) { + OIC_LOG_V(DEBUG, TAG, "CAsetTlsCipherSuite failed"); return CA_STATUS_FAILED; } } #endif + OIC_LOG_V(DEBUG, TAG, "CASelectCipherSuite OK"); return CA_STATUS_OK; } -- 2.7.4