Merge branch '1.3-rel' (5fdb8a1)
[iotivity.git] / resource / csdk / security / src / doxmresource.c
index 5995391..59b967a 100644 (file)
@@ -1334,14 +1334,12 @@ OCEntityHandlerResult HandleDoxmPostRequestUpdatePS(bool fACE)
     }
 }
 
-OCEntityHandlerResult StartOTMJustWorks(OCEntityHandlerRequest *ehRequest,
-        bool isDuplicatedMsg)
+OCEntityHandlerResult StartOTMJustWorks(OCEntityHandlerRequest *ehRequest)
 {
     OIC_LOG_V(DEBUG, TAG, "%s: IN", __func__);
     OCEntityHandlerResult ehRet = OC_EH_OK;
 
 #if !(defined(__WITH_DTLS__) || defined(__WITH_TLS__))
-    OC_UNUSED(isDuplicatedMsg);
     OC_UNUSED(ehRequest);
 #endif // not __WITH_DTLS__ and not __WITH_TLS__
 
@@ -1357,20 +1355,11 @@ OCEntityHandlerResult StartOTMJustWorks(OCEntityHandlerRequest *ehRequest,
 #endif // __WITH_DTLS__ or __WITH_TLS__
         goto exit;
     }
-    // else if /doxm.devowneruuid != Nil UUID, disable Anon CipherSuite
     else
     {
 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
-        // Disable anonymous ECDH cipher since OTM is underway
-        RegisterOTMSslHandshakeCallback(NULL);
-        CAResult_t caRes = CA_STATUS_OK;
-        caRes = CAEnableAnonECDHCipherSuite(false);
-        VERIFY_SUCCESS(TAG, caRes == CA_STATUS_OK, ERROR);
-        OIC_LOG_V(INFO, TAG, "%s: ECDH_ANON CipherSuite is DISABLED", __func__);
-
         //In case of Mutual Verified Just-Works, verify mutualVerifNum
-        if (OIC_MV_JUST_WORKS == gDoxm->oxmSel && false == gDoxm->owned &&
-            false == isDuplicatedMsg)
+        if (OIC_MV_JUST_WORKS == gDoxm->oxmSel && false == gDoxm->owned)
         {
             uint8_t preMutualVerifNum[OWNER_PSK_LENGTH_128] = {0};
             uint8_t mutualVerifNum[MUTUAL_VERIF_NUM_LEN] = {0};
@@ -1424,14 +1413,12 @@ exit:
 }
 
 OCEntityHandlerResult HandleDoxmPostRequestRandomPin(OicSecDoxm_t *newDoxm,
-        OCEntityHandlerRequest *ehRequest,
-        bool isDuplicatedMsg)
+        OCEntityHandlerRequest *ehRequest)
 {
     OIC_LOG_V(DEBUG, TAG, "%s: IN", __func__);
     OCEntityHandlerResult ehRet = OC_EH_OK;
 
 #if !(defined(__WITH_DTLS__) || defined(__WITH_TLS__))
-    OC_UNUSED(isDuplicatedMsg);
     OC_UNUSED(ehRequest);
 #endif // not __WITH_DTLS__ and not __WITH_TLS__
 
@@ -1453,28 +1440,25 @@ OCEntityHandlerResult HandleDoxmPostRequestRandomPin(OicSecDoxm_t *newDoxm,
                                     (CATransportAdapter_t)ehRequest->devAddr.adapter);
         VERIFY_SUCCESS(TAG, caRes == CA_STATUS_OK, ERROR);
 
-        if (!isDuplicatedMsg)
+        char ranPin[OXM_RANDOM_PIN_MAX_SIZE + 1] = {0};
+        if (OC_STACK_OK == GeneratePin(ranPin, sizeof(ranPin)))
         {
-            char ranPin[OXM_RANDOM_PIN_MAX_SIZE + 1] = {0};
-            if (OC_STACK_OK == GeneratePin(ranPin, sizeof(ranPin)))
-            {
-                //Set the device id to derive temporal PSK
-                SetUuidForPinBasedOxm(&gDoxm->deviceID);
-
-                /**
-                 * Since PSK will be used directly by DTLS layer while PIN based ownership transfer,
-                 * Credential should not be saved into SVR.
-                 * For this reason, use a temporary get_psk_info callback to random PIN OxM.
-                 */
-                caRes = CAregisterPskCredentialsHandler(GetDtlsPskForRandomPinOxm);
-                VERIFY_SUCCESS(TAG, caRes == CA_STATUS_OK, ERROR);
-                ehRet = OC_EH_OK;
-            }
-            else
-            {
-                OIC_LOG(ERROR, TAG, "Failed to generate random PIN");
-                ehRet = OC_EH_ERROR;
-            }
+            //Set the device id to derive temporal PSK
+            SetUuidForPinBasedOxm(&gDoxm->deviceID);
+
+            /**
+             * Since PSK will be used directly by DTLS layer while PIN based ownership transfer,
+             * Credential should not be saved into SVR.
+             * For this reason, use a temporary get_psk_info callback to random PIN OxM.
+             */
+            caRes = CAregisterPskCredentialsHandler(GetDtlsPskForRandomPinOxm);
+            VERIFY_SUCCESS(TAG, caRes == CA_STATUS_OK, ERROR);
+            ehRet = OC_EH_OK;
+        }
+        else
+        {
+            OIC_LOG(ERROR, TAG, "Failed to generate random PIN");
+            ehRet = OC_EH_ERROR;
         }
 #endif // __WITH_DTLS__ or __WITH_TLS__
     }
@@ -1485,10 +1469,8 @@ OCEntityHandlerResult HandleDoxmPostRequestRandomPin(OicSecDoxm_t *newDoxm,
         memcpy(&(gDoxm->owner), &(newDoxm->owner), sizeof(OicUuid_t));
 
         // In case of random-pin based OTM, close the PIN display if callback is registered.
-        if (!isDuplicatedMsg)
-        {
-            ClosePinDisplay();
-        }
+        ClosePinDisplay();
+
     }
 #endif // __WITH_DTLS__ or __WITH_TLS__
     goto exit;
@@ -1499,16 +1481,14 @@ exit:
 
 #if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
 OCEntityHandlerResult HandleDoxmPostRequestMfg(OicSecDoxm_t *newDoxm,
-        OCEntityHandlerRequest *ehRequest,
-        bool isDuplicatedMsg)
+        OCEntityHandlerRequest *ehRequest)
 {
     OIC_LOG_V(DEBUG, TAG, "%s: IN", __func__);
     OCEntityHandlerResult ehRet = OC_EH_OK;
 
-
         //In case of Confirm Manufacturer Cert, get user confirmation
         if (OIC_CON_MFG_CERT == newDoxm->oxmSel && false == newDoxm->owned &&
-            false == isDuplicatedMsg && !IsNilUuid(&newDoxm->owner))
+            !IsNilUuid(&newDoxm->owner))
         {
             if (OC_STACK_OK != VerifyOwnershipTransfer(NULL, USER_CONFIRM))
             {
@@ -1546,8 +1526,7 @@ exit:
 
 // Do OTM specific initiation steps
 OCEntityHandlerResult StartOwnershipTransfer(OicSecDoxm_t *newDoxm,
-        OCEntityHandlerRequest *ehRequest,
-        bool isDuplicatedMsg)
+        OCEntityHandlerRequest *ehRequest)
 {
     OIC_LOG_V(DEBUG, TAG, "%s: IN", __func__);
     OCEntityHandlerResult ehRet = OC_EH_OK;
@@ -1556,15 +1535,15 @@ OCEntityHandlerResult StartOwnershipTransfer(OicSecDoxm_t *newDoxm,
     {
         case OIC_JUST_WORKS:
         case OIC_MV_JUST_WORKS:
-            ehRet = StartOTMJustWorks(ehRequest, isDuplicatedMsg);
+            ehRet = StartOTMJustWorks(ehRequest);
             break;
         case OIC_RANDOM_DEVICE_PIN:
-            ehRet = HandleDoxmPostRequestRandomPin(newDoxm, ehRequest, isDuplicatedMsg);
+            ehRet = HandleDoxmPostRequestRandomPin(newDoxm, ehRequest);
             break;
 #if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
         case OIC_MANUFACTURER_CERTIFICATE:
         case OIC_CON_MFG_CERT:
-            ehRet = HandleDoxmPostRequestMfg(newDoxm, ehRequest, isDuplicatedMsg);
+            ehRet = HandleDoxmPostRequestMfg(newDoxm, ehRequest);
             break;
 #endif // __WITH_DTLS__ or __WITH_TLS__
         default:
@@ -1580,8 +1559,6 @@ static OCEntityHandlerResult HandleDoxmPostRequest(OCEntityHandlerRequest *ehReq
 {
     OIC_LOG_V(DEBUG, TAG, "%s: IN", __func__);
     OCEntityHandlerResult ehRet = OC_EH_INTERNAL_SERVER_ERROR;
-    static uint16_t previousMsgId = 0;
-    bool isDuplicatedMsg = false;
     bool fACE = false;
     OicSecDoxm_t *newDoxm = NULL;
     bool roParsed = false;
@@ -1619,17 +1596,6 @@ static OCEntityHandlerResult HandleDoxmPostRequest(OCEntityHandlerRequest *ehReq
         goto exit;
     }
 
-    /*
-     * message ID is supported for CoAP over UDP only according to RFC 7252
-     * So we should check message ID to prevent duplicate request handling in case of OC_ADAPTER_IP.
-     * In case of other transport adapter, duplicate message check is not required.
-     */
-    if (OC_ADAPTER_IP == ehRequest->devAddr.adapter &&
-        previousMsgId == ehRequest->messageID)
-    {
-        isDuplicatedMsg = true;
-    }
-
     // Validate newDoxm->oxmsel first
     if (false == ValidateOxmsel(gDoxm->oxm, gDoxm->oxmLen, &newDoxm->oxmSel))
     {
@@ -1648,12 +1614,12 @@ static OCEntityHandlerResult HandleDoxmPostRequest(OCEntityHandlerRequest *ehReq
         goto exit;
     }
 
-    // If oxmsel was in Update payload, and the device is not owned,
-    // do the OTM-specific aspect of owner-transfer
-    if (oxmselParsed && (false == gDoxm->owned))
+    // If oxmsel was in Update payload, and the device is in RFOTM,
+    // start the OTM-specific aspect of owner-transfer.
+    if (oxmselParsed && (DOS_RFOTM == dos.state))
     {
-        OIC_LOG_V(INFO, TAG, "%s: Device not owned and oxmsel Updated... starting OTM!", __func__);
-        ehRet = StartOwnershipTransfer(newDoxm, ehRequest, isDuplicatedMsg);
+        OIC_LOG_V(INFO, TAG, "%s: Device in RFOTM, and oxmsel Updated... starting OTM!", __func__);
+        ehRet = StartOwnershipTransfer(newDoxm, ehRequest);
         VERIFY_SUCCESS(TAG, OC_EH_OK == ehRet, ERROR);
     }
 
@@ -1676,29 +1642,6 @@ static OCEntityHandlerResult HandleDoxmPostRequest(OCEntityHandlerRequest *ehReq
     ehRet = HandleDoxmPostRequestUpdatePS(fACE);
 
 exit:
-    if (OC_EH_OK != ehRet)
-    {
-        // If some error is occured during Update handler,
-        // revert /doxm and /pstat back to initial status.
-
-        if (gDoxm)
-        {
-            if (!isDuplicatedMsg)
-            {
-                RestoreDoxmToInitState();
-                RestorePstatToInitState();
-                OIC_LOG(WARNING, TAG, "DOXM will be reverted.");
-            }
-        }
-        else
-        {
-            OIC_LOG(ERROR, TAG, "Invalid DOXM resource.");
-        }
-    }
-    else
-    {
-        previousMsgId = ehRequest->messageID;
-    }
 
     //Send payload to request originator
     ehRet = ((SendSRMResponse(ehRequest, ehRet, NULL, 0)) == OC_STACK_OK) ?
@@ -2270,28 +2213,6 @@ exit:
 
 #endif //MULTIPLE_OWNER
 
-/**
- * Function to restore doxm resurce to initial status.
- * This function will use in case of error while ownership transfer
- */
-void RestoreDoxmToInitState()
-{
-    if(gDoxm)
-    {
-        OIC_LOG(INFO, TAG, "DOXM resource will revert back to initial status.");
-
-        OicUuid_t emptyUuid = {.id={0}};
-        memcpy(&(gDoxm->owner), &emptyUuid, sizeof(OicUuid_t));
-        gDoxm->owned = false;
-        gDoxm->oxmSel = OIC_JUST_WORKS;
-
-        if(!UpdatePersistentStorage(gDoxm))
-        {
-            OIC_LOG(ERROR, TAG, "Failed to revert DOXM in persistent storage");
-        }
-    }
-}
-
 OCStackResult SetDoxmSelfOwnership(const OicUuid_t* newROwner)
 {
     OCStackResult ret = OC_STACK_ERROR;