[IOT-2726] /cred resource rownerid fix 87/22587/8
authorAleksey Volkov <a.volkov@samsung.com>
Fri, 13 Oct 2017 14:30:33 +0000 (17:30 +0300)
committerNathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
Mon, 16 Oct 2017 17:49:38 +0000 (17:49 +0000)
Fixing usage rownerid.

Change-Id: I89f65d4f5ab404d2766fa179c26948439c16a686
Signed-off-by: Oleksandr Dmytrenko <o.dmytrenko@samsung.com>
Signed-off-by: Aleksey Volkov <a.volkov@samsung.com>
resource/csdk/security/include/experimental/securevirtualresourcetypes.h
resource/csdk/security/include/internal/credresource.h
resource/csdk/security/provisioning/include/internal/credentialgenerator.h
resource/csdk/security/provisioning/src/credentialgenerator.c
resource/csdk/security/provisioning/src/multipleownershiptransfermanager.c
resource/csdk/security/provisioning/src/ownershiptransfermanager.c
resource/csdk/security/provisioning/src/secureresourceprovider.c
resource/csdk/security/provisioning/unittest/credentialgeneratortest.cpp
resource/csdk/security/src/credresource.c
resource/csdk/security/src/csrresource.c
resource/csdk/security/unittest/credentialresource.cpp

index c7c0a06..db4a542 100644 (file)
@@ -562,7 +562,7 @@ struct OicSecCred
 #endif /* __WITH_DTLS__  or __WITH_TLS__*/
     OicSecKey_t         privateData;    // 6:R:S:N:oic.sec.key
     char                *period;        // 7:R:S:N:String
-    OicUuid_t            rownerID;      // 8:R:S:Y:oic.uuid
+//    OicUuid_t            rownerID;      // 8:R:S:Y:oic.uuid
 #ifdef MULTIPLE_OWNER
     OicUuid_t            *eownerID;     //9:R:S:N:oic.uuid
 #endif //MULTIPLE_OWNER
index 35f9450..b2bb3e9 100644 (file)
@@ -104,7 +104,6 @@ bool IsValidCredentialAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cb
  * @param credType credential type.
  * @param publicData public data such as public key.
  * @param privateData private data such as private key.
- * @param rownerID Resource owner's UUID.
  * @param eownerID Entry owner's UUID.
  *
  * @return pointer to instance of @ref OicSecCred_t if successful. else NULL in case of error.
@@ -112,7 +111,7 @@ bool IsValidCredentialAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cb
  */
 OicSecCred_t * GenerateCredential(const OicUuid_t* subject, OicSecCredType_t credType,
                      const OicSecKey_t * publicData, const OicSecKey_t * privateData,
-                     const OicUuid_t * rownerID, const OicUuid_t * eownerID);
+                     const OicUuid_t * eownerID);
 
 /**
  * This function adds the new cred to the credential list.
index 055f267..7586a61 100644 (file)
@@ -33,7 +33,6 @@ extern "C" {
  *
  * @param[in]  type           Type of credential.
  * @param[in]  keySize        size of key.
- * @param[in]  ptDeviceId     Device ID of provisioning tool.
  * @param[in]  firstDeviceId  DeviceID of the first device.
  * @param[in]  secondDeviceId DeviceID of the second device.
  * @param[in]  firstRole      Role to grant firstDeviceId when communicating with secondDeviceId; NULL for none
@@ -43,7 +42,6 @@ extern "C" {
  * @return  OC_STACK_OK on success
  */
 OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySize,
-                                       const OicUuid_t *ptDeviceId,
                                        const OicUuid_t *firstDeviceId,
                                        const OicUuid_t *secondDeviceId,
                                        const OicSecRole_t *firstRole,
index f723e31..58b418d 100644 (file)
 #define TAG "OIC_SRPAPI_CG"
 
 OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySize,
-        const OicUuid_t *ptDeviceId, const OicUuid_t *firstDeviceId,
+        const OicUuid_t *firstDeviceId,
         const OicUuid_t *secondDeviceId, 
         const OicSecRole_t *firstRole, const OicSecRole_t *secondRole,
         OicSecCred_t **firstCred, OicSecCred_t **secondCred)
 {
-    if (NULL == ptDeviceId || NULL == firstDeviceId || NULL == firstCred || NULL != *firstCred || \
+    if (NULL == firstDeviceId || NULL == firstCred || NULL != *firstCred || \
         NULL == secondDeviceId || NULL == secondCred || NULL != *secondCred)
     {
         OIC_LOG(INFO, TAG, "Invalid params");
@@ -71,11 +71,11 @@ OCStackResult PMGeneratePairWiseCredentials(OicSecCredType_t type, size_t keySiz
     }
 
     // TODO: currently owner array is 1. only provisioning tool's id.
-    tempFirstCred =  GenerateCredential(secondDeviceId, type, NULL, &privKey, ptDeviceId, NULL);
+    tempFirstCred =  GenerateCredential(secondDeviceId, type, NULL, &privKey, NULL);
     VERIFY_NOT_NULL(TAG, tempFirstCred, ERROR);
 
     // TODO: currently owner array is 1. only provisioning tool's id.
-    tempSecondCred =  GenerateCredential(firstDeviceId, type, NULL, &privKey, ptDeviceId, NULL);
+    tempSecondCred =  GenerateCredential(firstDeviceId, type, NULL, &privKey, NULL);
     VERIFY_NOT_NULL(TAG, tempSecondCred, ERROR);
 
     // firstRole and secondRole are the roles granted to the client when authenticating with this credential;
index edc5c16..6431c96 100644 (file)
@@ -877,7 +877,7 @@ static OCStackResult SaveSubOwnerPSK(OCProvisionDev_t *selectedDeviceInfo)
         //Generating new credential for provisioning tool
         OicSecCred_t *cred = GenerateCredential(&selectedDeviceInfo->doxm->deviceID,
                                                 SYMMETRIC_PAIR_WISE_KEY, NULL,
-                                                &ownerKey, &ownerDeviceID, &ownerDeviceID);
+                                                &ownerKey, &ownerDeviceID);
         VERIFY_NOT_NULL(TAG, cred, ERROR);
 
         size_t outSize = 0;
index 7f2c557..93eeff3 100644 (file)
@@ -478,19 +478,18 @@ static void SetResult(OTMContext_t* otmCtx, const OCStackResult res)
 {
     OIC_LOG_V(DEBUG, TAG, "IN SetResult : %d ", res);
 
-    if(NULL == otmCtx || NULL == otmCtx->selectedDeviceInfo)
-    {
-        OIC_LOG(WARNING, TAG, "OTMContext is NULL");
-        return;
-    }
+    VERIFY_NOT_NULL(TAG, otmCtx, ERROR);
+    VERIFY_NOT_NULL(TAG, otmCtx->selectedDeviceInfo, ERROR);
 
     //If OTM Context was removed from previous response handler, just exit the current OTM process.
-    if(NULL == GetOTMContext(otmCtx->selectedDeviceInfo->endpoint.addr,
+    if(NULL != GetOTMContext(otmCtx->selectedDeviceInfo->endpoint.addr,
                              getSecurePort(otmCtx->selectedDeviceInfo)))
     {
         OIC_LOG(WARNING, TAG, "Current OTM Process has already ended.");
     }
 
+    VERIFY_NOT_NULL(TAG, otmCtx->selectedDeviceInfo->doxm, ERROR);
+
     //Revert psk_info callback and new deivce uuid in case of random PIN OxM
     if(OIC_RANDOM_DEVICE_PIN == otmCtx->selectedDeviceInfo->doxm->oxmSel)
     {
@@ -574,7 +573,7 @@ static void SetResult(OTMContext_t* otmCtx, const OCStackResult res)
             OIC_LOG(ERROR, TAG, "Failed to StartOwnershipTransfer");
         }
     }
-
+exit:
     OIC_LOG(DEBUG, TAG, "OUT SetResult");
 }
 
@@ -831,7 +830,7 @@ static OCStackResult SaveOwnerPSK(OCProvisionDev_t *selectedDeviceInfo)
         //Generating new credential for provisioning tool
         OicSecCred_t *cred = GenerateCredential(&selectedDeviceInfo->doxm->deviceID,
                                   SYMMETRIC_PAIR_WISE_KEY, NULL,
-                                  &ownerKey, &ownerDeviceID, NULL);
+                                  &ownerKey, NULL);
         OICClearMemory(ownerPSK, sizeof(ownerPSK));
         VERIFY_NOT_NULL(TAG, cred, ERROR);
 
index f7eb8be..8d3a373 100644 (file)
@@ -1488,7 +1488,7 @@ OCStackResult SRPProvisionCertificate(void *ctx,
     deviceCert.encoding = OIC_ENCODING_PEM;
 
     OicSecCred_t *cred = GenerateCredential(&pDev->doxm->deviceID, SIGNED_ASYMMETRIC_KEY,
-        &deviceCert, NULL, &provTooldeviceID, NULL);
+        &deviceCert, NULL, NULL);
     VERIFY_NOT_NULL(TAG, cred, ERROR);
     certData->credInfo = cred;
 
@@ -1582,7 +1582,7 @@ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t k
 
             OicSecCred_t *firstCred = NULL;
             OicSecCred_t *secondCred = NULL;
-            OCStackResult res = PMGeneratePairWiseCredentials(type, keySize, &provTooldeviceID,
+            OCStackResult res = PMGeneratePairWiseCredentials(type, keySize, 
                     &firstDevice->doxm->deviceID, (NULL != secondDevice) ? &secondDevice->doxm->deviceID : &provTooldeviceID,
                     role1, role2,
                     &firstCred, &secondCred);
@@ -1645,7 +1645,7 @@ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t k
             /* Create a credential object */
             OicSecCred_t* cred =  GenerateCredential(&pDev1->doxm->deviceID, SIGNED_ASYMMETRIC_KEY,
                     &deviceCert, NULL, // oic.sec.cred.publicdata = deviceCert, .privatedata = NULL
-                    &provTooldeviceID, NULL); // rowner is the provisioning tool and no eowner
+                    NULL); // no eowner
             VERIFY_NOT_NULL_RETURN(TAG, cred, ERROR, OC_STACK_ERROR);
 
             cred->publicData.encoding = OIC_ENCODING_PEM;
@@ -1769,7 +1769,7 @@ OCStackResult SRPProvisionCredentialsDos(void *ctx, OicSecCredType_t type, size_
             data->type = PSK_TYPE;
             OicSecCred_t *firstCred = NULL;
             OicSecCred_t *secondCred = NULL;
-            OCStackResult res = PMGeneratePairWiseCredentials(type, keySize, &provTooldeviceID,
+            OCStackResult res = PMGeneratePairWiseCredentials(type, keySize,
                                 &pDev1->doxm->deviceID, (NULL != pDev2) ? &pDev2->doxm->deviceID :
                                 &provTooldeviceID,
                                 role1, role2,
index 9545a8f..07f7f7c 100644 (file)
 #include "oic_malloc.h"
 
 
-TEST(PMGeneratePairWiseCredentialsTest, InvalidProvisioningtoolDevID)
-{
-    OicUuid_t *firstDevID = (OicUuid_t*)OICMalloc(sizeof(OicUuid_t));
-    if(firstDevID)
-    {
-        firstDevID->id[0] = 1;
-    }
-    OicUuid_t *SecondDevID = (OicUuid_t*)OICMalloc(sizeof(OicUuid_t));
-    if(SecondDevID)
-    {
-        SecondDevID->id[0] = 2;
-    }
-    OicSecCred_t *cred1 = NULL;
-    OicSecCred_t *cred2 = NULL;
-    size_t keySize = OWNER_PSK_LENGTH_128;
-    EXPECT_EQ(OC_STACK_INVALID_PARAM, PMGeneratePairWiseCredentials(NO_SECURITY_MODE,
-             keySize, NULL, firstDevID, SecondDevID, NULL, NULL, &cred1, &cred2));
-    OICFree(firstDevID);
-    OICFree(SecondDevID);
-}
-
 TEST(PMGeneratePairWiseCredentialsTest, InvalidFirstDevID)
 {
     OicUuid_t *SecondDevID = (OicUuid_t*)OICMalloc(sizeof(OicUuid_t));
@@ -50,18 +29,12 @@ TEST(PMGeneratePairWiseCredentialsTest, InvalidFirstDevID)
     {
         SecondDevID->id[0] = 2;
     }
-    OicUuid_t *provisioningDevID = (OicUuid_t*)OICMalloc(sizeof(OicUuid_t));
-    if(provisioningDevID)
-    {
-        provisioningDevID->id[0] = 1;
-    }
     OicSecCred_t *cred1 = NULL;
     OicSecCred_t *cred2 = NULL;
     size_t keySize = OWNER_PSK_LENGTH_128;
     EXPECT_EQ(OC_STACK_INVALID_PARAM, PMGeneratePairWiseCredentials(NO_SECURITY_MODE,
-              keySize, provisioningDevID, NULL, SecondDevID, NULL, NULL, &cred1, &cred2));
+              keySize, NULL, SecondDevID, NULL, NULL, &cred1, &cred2));
     OICFree(SecondDevID);
-    OICFree(provisioningDevID);
 }
 
 TEST(PMGeneratePairWiseCredentialsTest, InvalidSecondDevID)
@@ -80,7 +53,7 @@ TEST(PMGeneratePairWiseCredentialsTest, InvalidSecondDevID)
     OicSecCred_t *cred2 = NULL;
     size_t keySize = OWNER_PSK_LENGTH_128;
     EXPECT_EQ(OC_STACK_INVALID_PARAM, PMGeneratePairWiseCredentials(NO_SECURITY_MODE, keySize,
-              provisioningDevID, firstDevID, NULL, NULL, NULL, &cred1, &cred2));
+              firstDevID, NULL, NULL, NULL, &cred1, &cred2));
     OICFree(firstDevID);
     OICFree(provisioningDevID);
 }
@@ -104,7 +77,7 @@ TEST(PMGeneratePairWiseCredentialsTest, InvalidCred)
     }
     size_t keySize = OWNER_PSK_LENGTH_128;
     EXPECT_EQ(OC_STACK_INVALID_PARAM, PMGeneratePairWiseCredentials(NO_SECURITY_MODE, keySize,
-              provisioningDevID, firstDevID, SecondDevID, NULL, NULL, NULL, NULL));
+              firstDevID, SecondDevID, NULL, NULL, NULL, NULL));
     OICFree(firstDevID);
     OICFree(SecondDevID);
     OICFree(provisioningDevID);
index 0a53f64..07f4b81 100644 (file)
@@ -1328,7 +1328,7 @@ exit:
 
 OicSecCred_t * GenerateCredential(const OicUuid_t * subject, OicSecCredType_t credType,
                                   const OicSecKey_t * publicData, const OicSecKey_t* privateData,
-                                  const OicUuid_t * rownerID, const OicUuid_t * eownerID)
+                                  const OicUuid_t * eownerID)
 {
     OIC_LOG(DEBUG, TAG, "IN GenerateCredential");
 
@@ -1370,9 +1370,6 @@ OicSecCred_t * GenerateCredential(const OicUuid_t * subject, OicSecCredType_t cr
         cred->privateData.encoding = privateData->encoding;
     }
 
-    VERIFY_NOT_NULL(TAG, rownerID, ERROR);
-    memcpy(&cred->rownerID, rownerID, sizeof(OicUuid_t));
-
 #ifdef MULTIPLE_OWNER
     if(eownerID)
     {
@@ -1738,15 +1735,7 @@ OCStackResult AddCredential(OicSecCred_t * newCred)
     OIC_LOG(DEBUG, TAG, "Adding New Cred");
     LL_APPEND(gCred, newCred);
 
-
-    OicUuid_t emptyOwner = { .id = {0} };
-    if (memcmp(&(newCred->rownerID), &emptyOwner, sizeof(OicUuid_t)) != 0)
-    {
-        memcpy(&(gRownerId), &(newCred->rownerID), sizeof(OicUuid_t));
-    }
-
 saveToDB:
-
     if (UpdatePersistentStorage(gCred))
     {
         result = OC_STACK_OK;
@@ -3087,7 +3076,7 @@ OCStackResult AddTmpPskWithPIN(const OicUuid_t* tmpSubject, OicSecCredType_t cre
     VERIFY_SUCCESS(TAG, (0 == dtlsRes) , ERROR);
 
     cred = GenerateCredential(tmpSubject, credType, NULL,
-                              &privKey, rownerID, NULL);
+                              &privKey, NULL);
     OICClearMemory(privData, sizeof(privData));
     if(NULL == cred)
     {
index a032513..7d6929e 100644 (file)
@@ -94,7 +94,7 @@ static OCStackResult StoreKeyPair(mbedtls_pk_context *keyPair, const OicUuid_t *
     privateData.len = ret;
     privateData.encoding = OIC_ENCODING_DER;
 
-    cred = GenerateCredential(myUuid, ASYMMETRIC_KEY, &publicData, &privateData, myUuid, NULL);
+    cred = GenerateCredential(myUuid, ASYMMETRIC_KEY, &publicData, &privateData,  NULL);
     VERIFY_NOT_NULL(TAG, cred, ERROR);
     cred->credUsage = OICStrdup(PRIMARY_CERT);
     VERIFY_NOT_NULL(TAG, cred->credUsage, ERROR);
@@ -504,4 +504,4 @@ OCStackResult DeInitCSRResource()
     gCsrHandle = NULL;
 
     return res;
-}
\ No newline at end of file
+}
index a10ac1b..3164178 100644 (file)
@@ -174,7 +174,7 @@ TEST(CredResourceTest, CredEntityHandlerDeleteTest)
     OicSecKey_t key = {privateKey, sizeof(privateKey), OIC_ENCODING_RAW};
 
     OicSecCred_t* subjectCred1 = GenerateCredential(&subjectId, SYMMETRIC_PAIR_WISE_KEY, NULL,
-                                                    &key, &rownerId, NULL);
+                                                    &key, NULL);
 
     EXPECT_EQ(OC_STACK_OK, AddCredential(subjectCred1));
     subjectCred1 = GetCredResourceData(&subjectCred1->subject);
@@ -329,7 +329,7 @@ TEST(CredResourceTest, GenerateCredentialValidInput)
 
     OicSecCred_t * cred  = NULL;
     cred = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
-                              &key, &rownerID, NULL);
+                              &key, NULL);
     printCred(cred);
 
     ASSERT_TRUE(NULL != cred);
@@ -351,7 +351,7 @@ TEST(CredResourceTest, GenerateAndAddCredentialValidInput)
     OicSecCred_t *headCred = NULL;
 
     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
-                               &key, &rownerID, NULL);
+                               &key, NULL);
 
     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
     headCred = cred1;
@@ -359,13 +359,13 @@ TEST(CredResourceTest, GenerateAndAddCredentialValidInput)
     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId22");
     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject22");
     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
-                               &key, &rownerID, NULL);
+                               &key, NULL);
     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
 
     OICStrcpy((char *)rownerID.id, sizeof(rownerID.id), "ownersId33");
     OICStrcpy((char *)subject.id, sizeof(subject.id), "subject33");
     cred1 = GenerateCredential(&subject, SYMMETRIC_PAIR_WISE_KEY, NULL,
-                               &key, &rownerID, NULL);
+                               &key, NULL);
     EXPECT_EQ(OC_STACK_OK, AddCredential(cred1));
 
     const OicSecCred_t* credList = GetCredResourceData(&headCred->subject);