1 //******************************************************************
3 // Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
5 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
7 // Licensed under the Apache License, Version 2.0 (the "License");
8 // you may not use this file except in compliance with the License.
9 // You may obtain a copy of the License at
11 // http://www.apache.org/licenses/LICENSE-2.0
13 // Unless required by applicable law or agreed to in writing, software
14 // distributed under the License is distributed on an "AS IS" BASIS,
15 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 // See the License for the specific language governing permissions and
17 // limitations under the License.
19 //-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
21 #ifndef IOTVT_SRM_ACLR_H
22 #define IOTVT_SRM_ACLR_H
29 * Initialize ACL resource by loading data from persistent storage.
31 * @return ::OC_STACK_OK for Success, otherwise some error value.
33 OCStackResult InitACLResource();
36 * Perform cleanup for ACL resources.
39 OCStackResult DeInitACLResource();
42 * This method is used by PolicyEngine to retrieve ACL for a Subject.
44 * @param subjectId ID of the subject for which ACL is required.
45 * @param savePtr is used internally by @ref GetACLResourceData to maintain index between
46 * successive calls for same subjectId.
48 * @note On the first call to @ref GetACLResourceData, savePtr should point to NULL.
50 * @return reference to @ref OicSecAce_t if ACE is found, else NULL.
52 const OicSecAce_t* GetACLResourceData(const OicUuid_t* subjectId, OicSecAce_t **savePtr);
55 * This function converts ACL data into CBOR format.
57 * @param acl instance of @ref OicSecAcl_t structure.
58 * @param outPayload is the pointer to allocated memory for cbor payload.
59 * @param size of the cbor payload.
61 * @return ::OC_STACK_OK for Success, otherwise some error value.
63 OCStackResult AclToCBORPayload(const OicSecAcl_t * acl, uint8_t **outPayload, size_t *size);
67 * Function to check the ACL access of SubOwner
69 * @param[in] uuid SubOwner's UUID
70 * @param[in] cborPayload CBOR payload of ACL
71 * @param[in] size Byte length of cborPayload
73 * @return ::true for valid access, otherwise invalid access
75 bool IsValidAclAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cborPayload, const size_t size);
76 #endif //MULTIPLE_OWNER
80 * This method removes ACE for the subject and resource from the ACL
82 * @param subject of the ACE
83 * @param resource of the ACE
86 * ::OC_STACK_RESOURCE_DELETED on success
87 * ::OC_STACK_NO_RESOURCE on failure to find the appropriate ACE
88 * ::OC_STACK_INVALID_PARAM on invalid parameter
90 OCStackResult RemoveACE(const OicUuid_t * subject, const char * resource);
93 * This function deletes ACL data.
95 * @param acl instance of @ref OicSecAcl_t structure to be deleted.
97 void DeleteACLList(OicSecAcl_t* acl);
100 * This function frees OicSecRsrc_t object's fields and object itself.
102 * @param rsrc instance of @ref OicSecRsrc_t structure to be deleted.
104 void FreeRsrc(OicSecRsrc_t *rsrc);
107 * Internal function to duplicate the ACE instance.
109 * @param ace instance of @ref OicSecAce_t structure to be duplicated.
110 * @return reference to @ref OicSecAce_t if ACE was successfully duplicated.
112 OicSecAce_t* DuplicateACE(const OicSecAce_t* ace);
116 * This function check the duplication with pre-installed ACL and installs only new ACEs.
118 * @param acl acl to install.
120 * @return ::OC_STACK_OK for Success, otherwise some error value
122 OCStackResult InstallACL(const OicSecAcl_t* acl);
125 * This function appends a new ACL.
127 * @param payload cbor value representing a new ACL.
128 * @param size of the cbor payload.
130 * @return ::OC_STACK_OK for Success, otherwise some error value
132 OCStackResult AppendACL(const uint8_t* payload, const size_t size);
135 * This function appends a new ACL.
137 * @param acl new acl to append.
139 * @return ::OC_STACK_OK for Success, otherwise some error value
141 OCStackResult AppendACL2(const OicSecAcl_t* acl);
144 * This function updates default ACE which is required for ownership transfer.
145 * This function should be invoked after OTM is complete to prevent anonymous user access.
147 * @retval OC_STACK_OK for Success, otherwise some error value
149 OCStackResult UpdateDefaultSecProvACE();
152 * Internal function to update resource owner
154 * @param newROwner new owner
156 * @retval ::OC_STACK_OK for Success, otherwise some error value
158 OCStackResult SetAclRownerId(const OicUuid_t* newROwner);
162 * Gets the OicUuid_t value for the rownerid of the acl resource.
164 * @param rowneruuid a pointer to be assigned to the rowneruuid property
165 * @return ::OC_STACK_OK if rowneruuid is assigned correctly, else ::OC_STACK_ERROR.
167 OCStackResult GetAclRownerId(OicUuid_t *rowneruuid);
170 * This function converts CBOR data into ACL.
172 * @param cborPayload is the pointer to cbor payload to parse.
173 * @param size of the cbor payload.
175 * @return ::acl instance of @ref OicSecAcl_t structure or NULL if error occurs
177 OicSecAcl_t* CBORPayloadToAcl2(const uint8_t *cborPayload, const size_t size);
180 * This function prints ACL to stdin
181 * For debug purposes only
183 * @param acl acl to print
185 void printACL(const OicSecAcl_t* acl);
191 #endif //IOTVT_SRM_ACLR_H