[IOT-2052] Update to support OCF 1.0 73/24273/14
authorv.riznyk <v.riznyk@samsung.com>
Wed, 7 Mar 2018 11:53:48 +0000 (13:53 +0200)
committerAleksey Volkov <a.volkov@samsung.com>
Tue, 10 Apr 2018 13:43:56 +0000 (13:43 +0000)
Update Cred recource with adding partial generating CBOR.

Change-Id: I25dcf3d020da09c67d0769eee8659d85253b4f5d
Signed-off-by: v.riznyk <v.riznyk@samsung.com>
resource/csdk/security/include/internal/credresource.h
resource/csdk/security/provisioning/src/multipleownershiptransfermanager.c
resource/csdk/security/provisioning/src/secureresourceprovider.c
resource/csdk/security/src/credresource.c

index 0307ad3..e461f33 100644 (file)
 extern "C" {
 #endif
 
+typedef enum{
+    CRED_CREDS = 0,
+    CRED_ROWNERUUID,
+#ifdef MULTIPLE_OWNER
+    CRED_EOWNERID,
+#endif
+    CRED_CREDID,
+    CRED_SUBJECTUUID,
+    CRED_ROLEID,
+    CRED_CREDTYPE,
+    CRED_CREDUSAGE,
+    CRED_PUBLICDATA,
+    CRED_PRIVATEDATA,
+    CRED_OPTIONALDATA,
+    CRED_PERIOD,
+    CRED_CRMS,
+    CRED_PROPERTY_COUNT
+} CredProperty_t;
+
 /**
  * Initialize credential resource by loading data from persistent storage.
  *
@@ -76,33 +95,39 @@ OicSecCred_t* GetCredResourceData(const OicUuid_t* subjectId);
 OicSecCred_t* GetCredEntryByCredId(const uint16_t credId);
 
 /**
- * This function converts credential data into CBOR format.
+ * This function converts credential data into CBOR format, including only the
+ * Properties marked "true" in the propertiesToInclude array.
  * Caller needs to invoke 'OICFree' when done using returned string.
- * Wrapper over the CredToCBORPayloadWithRowner.
  *
- * @param cred is the pointer to instance of OicSecCred_t structure.
+ * @param credS is the pointer to instance of OicSecCred_t structure.
+ * @param rownerId resource owner's UUID (set NULL for get value from global rowner)
  * @param cborPayload is the CBOR converted value.
  * @param cborSize is the size of the CBOR.
  * @param secureFlag shows fill or not private key.
- *
+ * @param propertiesToInclude Array of bools, size "CRED_PROPERTY_COUNT",
+ * where "true" indicates the corresponding property should be
+ * included in the CBOR representation that is created.
  * @return ::OC_STACK_OK if conversion is successful, else ::OC_STACK_ERROR if unsuccessful.
  */
-OCStackResult CredToCBORPayload(const OicSecCred_t* cred, uint8_t **cborPayload,
-                                size_t *cborSize, int secureFlag);
+
+OCStackResult CredToCBORPayloadPartial(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
+                                size_t *cborSize, int secureFlag, const bool *propertiesToInclude);
 
 /**
- * This function converts credential data into CBOR format.
- * Caller needs to invoke 'OICFree' when done using returned string.
+ * Converts CRED into the cbor payload, including all Properties for a
+ * full representation.
  *
- * @param cred is the pointer to instance of OicSecCred_t structure.
- * @param rownerId resource owner's UUID
+ * @param credS is the pointer to instance of OicSecCred_t structure.
  * @param cborPayload is the CBOR converted value.
  * @param cborSize is the size of the CBOR.
  * @param secureFlag shows fill or not private key.
  *
- * @return ::OC_STACK_OK if conversion is successful, else ::OC_STACK_ERROR if unsuccessful.
+ * @return ::OC_STACK_OK for Success, otherwise some error value.
  */
 
+OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload,
+                                size_t *cborSize, int secureFlag);
+
 OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
                                 size_t *cborSize, int secureFlag);
 
index 1e198d7..6e8e9e2 100644 (file)
@@ -489,9 +489,11 @@ static OCStackApplicationResult MOTProvisionPreconfigPINCB(void *ctx, OCDoHandle
     secPayload = (OCSecurityPayload *)OICCalloc(1, sizeof(OCSecurityPayload));
     VERIFY_NOT_NULL(TAG, secPayload, ERROR);
     secPayload->base.type = PAYLOAD_TYPE_SECURITY;
-
-    postCredRes = CredToCBORPayload(motCtx->cred, &secPayload->securityData, &secPayload->payloadSize,
-                                    false);
+    bool propertiesToInclude[DOXM_PROPERTY_COUNT];
+    memset(propertiesToInclude, 0, sizeof(propertiesToInclude));
+    propertiesToInclude[CRED_CREDS] = true;
+    postCredRes = CredToCBORPayloadPartial(motCtx->cred, NULL, &secPayload->securityData, &secPayload->payloadSize,
+                                    false, propertiesToInclude);
     VERIFY_SUCCESS(TAG, (OC_STACK_OK == postCredRes), ERROR);
 
     OIC_LOG(DEBUG, TAG, "Created Credential payload to register PIN credential:");
@@ -1103,7 +1105,7 @@ static OCStackApplicationResult PostSubOwnerCredentialCB(void *ctx, OCDoHandle h
 #endif
         //Send owner credential to new device : POST /oic/sec/cred [ owner credential ]
         if (OC_STACK_OK != CredToCBORPayload(&newCredential, &secPayload->securityData,
-                                             &secPayload->payloadSize, 0))
+                                            &secPayload->payloadSize, 0))
         {
             OICFree(secPayload);
             OIC_LOG(ERROR, TAG, "Error while converting bin to cbor.");
index 5167153..9e215a6 100644 (file)
@@ -612,11 +612,14 @@ static OCStackResult provisionCredentials(OicSecCred_t *cred,
         }
         secPayload->base.type = PAYLOAD_TYPE_SECURITY;
         int secureFlag = 0;
-        res = CredToCBORPayload(cred, &secPayload->securityData, &secPayload->payloadSize, secureFlag);
+        bool propertiesToInclude[DOXM_PROPERTY_COUNT];
+        memset(propertiesToInclude, 0, sizeof(propertiesToInclude));
+        propertiesToInclude[CRED_CREDS] = true;
+        res = CredToCBORPayloadPartial(cred, NULL, &secPayload->securityData, &secPayload->payloadSize, secureFlag, propertiesToInclude);
         if ((OC_STACK_OK != res) && (NULL == secPayload->securityData))
         {
             OCPayloadDestroy((OCPayload *)secPayload);
-            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload");
+            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayloadPartial");
             return OC_STACK_NO_MEMORY;
         }
 
@@ -688,11 +691,14 @@ static OCStackResult ProvisionCredentialsDos(void *ctx, OicSecCred_t *cred,
         }
         secPayload->base.type = PAYLOAD_TYPE_SECURITY;
         int secureFlag = 0;
-        res = CredToCBORPayload(cred, &secPayload->securityData, &secPayload->payloadSize, secureFlag);
+        bool propertiesToInclude[DOXM_PROPERTY_COUNT];
+        memset(propertiesToInclude, 0, sizeof(propertiesToInclude));
+        propertiesToInclude[CRED_CREDS] = true;
+        res = CredToCBORPayloadPartial(cred, NULL, &secPayload->securityData, &secPayload->payloadSize, secureFlag, propertiesToInclude);
         if ((OC_STACK_OK != res) && (NULL == secPayload->securityData))
         {
             OCPayloadDestroy((OCPayload *)secPayload);
-            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload");
+            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayloadPartial");
             return OC_STACK_NO_MEMORY;
         }
 
@@ -1195,12 +1201,15 @@ static OCStackApplicationResult ProvisionTrustChainCB(void *ctx, OCDoHandle UNUS
         }
         secPayload->base.type = PAYLOAD_TYPE_SECURITY;
         int secureFlag = 1; /* Don't send the private key to the device, if it happens to be present */
-        if (OC_STACK_OK != CredToCBORPayload(trustCertChainCred, &secPayload->securityData,
-                                             &secPayload->payloadSize, secureFlag))
+        bool propertiesToInclude[DOXM_PROPERTY_COUNT];
+        memset(propertiesToInclude, 0, sizeof(propertiesToInclude));
+        propertiesToInclude[CRED_CREDS] = true;
+        if (OC_STACK_OK != CredToCBORPayloadPartial(trustCertChainCred, NULL, &secPayload->securityData,
+                                             &secPayload->payloadSize, secureFlag, propertiesToInclude))
         {
             DeleteCredList(trustCertChainCred);
             OCPayloadDestroy((OCPayload *)secPayload);
-            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload");
+            OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayloadPartial");
             return OC_STACK_NO_MEMORY;
         }
         DeleteCredList(trustCertChainCred);
@@ -1618,8 +1627,11 @@ static OCStackApplicationResult ProvisionCertificateCB(void *ctx, OCDoHandle han
     secPayload->base.type = PAYLOAD_TYPE_SECURITY;
 
     int secureFlag = 0;//don't send private data(key)
-    VERIFY_SUCCESS(TAG, OC_STACK_OK == CredToCBORPayload(cred, &secPayload->securityData,
-                                             &secPayload->payloadSize, secureFlag), ERROR);
+    bool propertiesToInclude[DOXM_PROPERTY_COUNT];
+    memset(propertiesToInclude, 0, sizeof(propertiesToInclude));
+    propertiesToInclude[CRED_CREDS] = true;
+    VERIFY_SUCCESS(TAG, OC_STACK_OK == CredToCBORPayloadPartial(cred, NULL, &secPayload->securityData,
+                                             &secPayload->payloadSize, secureFlag, propertiesToInclude), ERROR);
     OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize);
 
     query = OICCalloc(1, DEFAULT_URI_LENGTH);
@@ -4283,10 +4295,10 @@ OCStackResult SRPReadTrustCertChain(uint16_t credId, uint8_t **trustCertChain,
     OIC_LOG(DEBUG, TAG, "IN SRPReadTrustCertChain");
 
     OCStackResult res = OC_STACK_ERROR;
-    int secureFlag = 0;
     OicSecCred_t* credData = GetCredEntryByCredId(credId);
     if(credData)
     {
+        int secureFlag = 0;
         res = CredToCBORPayload((const OicSecCred_t*) credData, trustCertChain,
                                 chainSize, secureFlag);
         if(OC_STACK_OK != res)
index 988b81d..f25ee75 100644 (file)
@@ -89,7 +89,7 @@ static const uint16_t CBOR_SIZE = 2048;
 
 /** CRED size - Number of mandatory items. */
 static const uint8_t CRED_ROOT_MAP_SIZE = 4;
-static const uint8_t CRED_MAP_SIZE = 3;
+static const uint8_t CRED_MAP_SIZE = 2;
 static const uint8_t ROLEID_MAP_SIZE = 1;
 
 
@@ -658,8 +658,8 @@ static void logCredMetadata(void)
 #endif
 }
 
-OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
-                                size_t *cborSize, int secureFlag)
+OCStackResult CredToCBORPayloadPartial(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
+                                size_t *cborSize, int secureFlag, const bool *propertiesToInclude)
 {
     OIC_LOG_V(DEBUG, TAG, "IN %s:", __func__);
     if (NULL == cborPayload || NULL != *cborPayload || NULL == cborSize)
@@ -714,7 +714,10 @@ OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUu
         {
             mapSize++;
         }
-
+        if(propertiesToInclude[CRED_ROWNERUUID])
+        {
+            mapSize++;
+        }
 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
 #ifdef MULTIPLE_OWNER
         if(cred->eownerID)
@@ -888,6 +891,7 @@ OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUu
     cred = credS;
 
     // Rownerid
+    if(propertiesToInclude[CRED_ROWNERUUID])
     {
         char *rowner = NULL;
         cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_ROWNERID_NAME,
@@ -940,28 +944,28 @@ OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUu
 
     if (CborNoError == cborEncoderResult)
     {
-        OIC_LOG(DEBUG, TAG, "CredToCBORPayload Successed");
+        OIC_LOG(DEBUG, TAG, "CredToCBORPayloadPartial Successed");
         *cborPayload = outPayload;
         *cborSize = cbor_encoder_get_buffer_size(&encoder, outPayload);
         ret = OC_STACK_OK;
     }
-    OIC_LOG(DEBUG, TAG, "CredToCBORPayload OUT");
+    OIC_LOG(DEBUG, TAG, "CredToCBORPayloadPartial OUT");
 exit:
     if (CborErrorOutOfMemory == cborEncoderResult)
     {
-        OIC_LOG(DEBUG, TAG, "CredToCBORPayload:CborErrorOutOfMemory : retry with more memory");
+        OIC_LOG(DEBUG, TAG, "CredToCBORPayloadPartial:CborErrorOutOfMemory : retry with more memory");
         // reallocate and try again!
         OICFree(outPayload);
         // Since the allocated initial memory failed, double the memory.
         cborLen += cbor_encoder_get_buffer_size(&encoder, encoder.end);
         cborEncoderResult = CborNoError;
-        ret = CredToCBORPayload(credS, cborPayload, &cborLen, secureFlag);
+        ret = CredToCBORPayloadPartial(credS, NULL, cborPayload, &cborLen, secureFlag, propertiesToInclude);
         *cborSize = cborLen;
     }
 
     if (CborNoError != cborEncoderResult)
     {
-        OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayload");
+        OIC_LOG(ERROR, TAG, "Failed to CredToCBORPayloadPartial");
         OICFree(outPayload);
         outPayload = NULL;
         *cborSize = 0;
@@ -980,6 +984,17 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload
     return CredToCBORPayloadWithRowner(credS, &gRownerId, cborPayload, cborSize, secureFlag);
 }
 
+OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
+                                size_t *cborSize, int secureFlag)
+{
+    bool allProps[PSTAT_PROPERTY_COUNT];
+
+    for (int i = 0; i < PSTAT_PROPERTY_COUNT; i++)
+    {
+        allProps[i] = true;
+    }
+    return CredToCBORPayloadPartial(credS, rownerId, cborPayload, cborSize, secureFlag, allProps);
+}
 
 OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
                                 OicSecCred_t **secCred, OicUuid_t **rownerid)