security: Publish doxmresource.h as experimental 93/21193/10
authorPhilippe Coval <philippe.coval@osg.samsung.com>
Thu, 14 Jul 2016 22:45:28 +0000 (07:45 +0900)
committerMats Wichmann <mats@linux.com>
Mon, 30 Oct 2017 19:06:11 +0000 (19:06 +0000)
It was needed by tizen's IoT con, this is replacing downstream patch
that install internal security headers:

tizen: Ship more security headers if enabled

[youngman]
- Add header files related to security

[Philippe Coval]
- If built with security on, ships all headers or none
- To be used by iotcon
- Only ship them if usable (with security flag on)

Change-Id: I9c8edccddec5626119cb3adb39959437ab350413
Signed-off-by: youngman <yman.jung@samsung.com>
Credit-to: youngman <yman.jung@samsung.com>
Origin: https://review.tizen.org/gerrit/#/c/80131/
Signed-off-by: Philippe Coval <philippe.coval@osg.samsung.com>
41 files changed:
resource/csdk/security/SConscript
resource/csdk/security/include/experimental/doxmresource.h [moved from resource/csdk/security/include/internal/doxmresource.h with 100% similarity]
resource/csdk/security/provisioning/sample/cloud/cloudAuth.c
resource/csdk/security/provisioning/src/cloud/csr.c
resource/csdk/security/provisioning/src/cloud/utils.c
resource/csdk/security/provisioning/src/multipleownershiptransfermanager.c
resource/csdk/security/provisioning/src/ownershiptransfermanager.c
resource/csdk/security/provisioning/src/oxmjustworks.c
resource/csdk/security/provisioning/src/oxmmanufacturercert.c
resource/csdk/security/provisioning/src/oxmpreconfpin.c
resource/csdk/security/provisioning/src/oxmrandompin.c
resource/csdk/security/provisioning/src/pmutility.c
resource/csdk/security/provisioning/src/secureresourceprovider.c
resource/csdk/security/provisioning/unittest/otmunittest.cpp
resource/csdk/security/provisioning/unittest/pmutilitytest.cpp
resource/csdk/security/provisioning/unittest/sampleserver.cpp
resource/csdk/security/provisioning/unittest/sampleserver2.cpp
resource/csdk/security/src/aclresource.c
resource/csdk/security/src/credresource.c
resource/csdk/security/src/crlresource.c
resource/csdk/security/src/csrresource.c
resource/csdk/security/src/deviceonboardingstate.c
resource/csdk/security/src/directpairing.c [new file with mode: 0644]
resource/csdk/security/src/doxmresource.c
resource/csdk/security/src/dpairingresource.c [new file with mode: 0644]
resource/csdk/security/src/oxmpincommon.c
resource/csdk/security/src/pconfresource.c [new file with mode: 0644]
resource/csdk/security/src/policyengine.c
resource/csdk/security/src/psinterface.c
resource/csdk/security/src/pstatresource.c
resource/csdk/security/src/resourcemanager.c
resource/csdk/security/src/rolesresource.c
resource/csdk/security/src/srmutility.c
resource/csdk/security/tool/json2cbor.c
resource/csdk/security/tool/svrdbeditor_src/svrdbeditordoxm.c
resource/csdk/security/unittest/aclresourcetest.cpp
resource/csdk/security/unittest/doxmresource.cpp
resource/csdk/security/unittest/policyengine.cpp
resource/csdk/stack/src/ocstack.c
resource/provisioning/examples/cloudAuth.cpp
service/easy-setup/mediator/richsdk/src/EnrolleeSecurity.cpp

index 7408235..2a441f1 100644 (file)
@@ -150,3 +150,6 @@ libocsrm_env.InstallTarget(libocsrm, 'ocsrm')
 libocsrm_env.UserInstallTargetHeader(
     'include/experimental/securevirtualresourcetypes.h',
     'resource/stack/experimental', 'securevirtualresourcetypes.h')
+libocsrm_env.UserInstallTargetHeader(
+    'include/experimental/doxmresource.h',
+    'resource/stack/experimental', 'doxmresource.h')
index 2d45f3d..1f9e691 100644 (file)
@@ -25,7 +25,7 @@
 #include "ocpayload.h"
 #include "psinterface.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "oic_malloc.h"
 #include "oic_string.h"
 #include "pmutility.h"
index 96a484b..203a6e6 100644 (file)
@@ -29,7 +29,7 @@
 
 #include "ocpayload.h"
 #include "experimental/payload_logging.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pmutility.h"
 #include "secureresourceprovider.h"
 
index 5781a56..e10ee8f 100644 (file)
@@ -22,7 +22,7 @@
 #include "experimental/logger.h"
 #include "experimental/payload_logging.h"
 #include "oic_malloc.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "srmutility.h"
 #include "pmutility.h"
 
index a7e5607..670f725 100644 (file)
@@ -38,7 +38,7 @@
 #include "cainterface.h"
 #include "base64.h"
 #include "srmresourcestrings.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pstatresource.h"
 #include "credresource.h"
 #include "aclresource.h"
index ba65a47..84c9c34 100644 (file)
@@ -52,7 +52,7 @@
 #include "base64.h"
 #include "utlist.h"
 #include "srmresourcestrings.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pstatresource.h"
 #include "credresource.h"
 #include "aclresource.h"
index ff25171..4d54d2c 100644 (file)
@@ -21,7 +21,7 @@
 #include <memory.h>
 #include "ocstack.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "cacommon.h"
 #include "cainterface.h"
 #include "oic_malloc.h"
index ced8e69..4d99f2a 100644 (file)
@@ -22,7 +22,7 @@
 
 #include "ocstack.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credresource.h"
 #include "cacommon.h"
 #include "cainterface.h"
index 97255df..43cd988 100644 (file)
@@ -22,7 +22,7 @@
 
 #include "ocstack.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credresource.h"
 #include "cacommon.h"
 #include "cainterface.h"
index 7578e2a..36937eb 100644 (file)
@@ -22,7 +22,7 @@
 
 #include "ocstack.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credresource.h"
 #include "cacommon.h"
 #include "cainterface.h"
index 43d413f..b3f2efa 100644 (file)
@@ -43,7 +43,7 @@
 #include "ocpayload.h"
 
 #include "srmresourcestrings.h" //@note: SRM's internal header
-#include "doxmresource.h"       //@note: SRM's internal header
+#include "experimental/doxmresource.h"       //@note: SRM's internal header
 #include "pstatresource.h"      //@note: SRM's internal header
 
 #include "pmtypes.h"
index 996049b..0ad9f6f 100644 (file)
@@ -36,7 +36,7 @@
 #include "credresource.h"
 #include "csrresource.h"
 #include "rolesresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credentialgenerator.h"
 #include "cainterface.h"
 #include "oic_string.h"
index dd84df1..0f6189c 100644 (file)
@@ -34,7 +34,7 @@
 #include "multipleownershiptransfermanager.h"
 #endif //MULTIPLE_OWNER
 #include "srmutility.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pmtypes.h"
 #include "pmutility.h"
 #include "experimental/ocrandom.h"
index dafc6e8..7ae159a 100644 (file)
@@ -20,7 +20,7 @@
 #include <gtest/gtest.h>
 #include "pmutility.h"
 #include "pmutilityinternal.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "ocstack.h"
 #include "oic_malloc.h"
 #include "utlist.h"
index 60c5017..cc94764 100644 (file)
@@ -31,7 +31,7 @@
 #include "ocpayload.h"
 #include "oic_string.h"
 #include "srmutility.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "experimental/ocrandom.h"
 
 #ifdef HAVE_UNISTD_H
index 9e95f0c..b1c25a8 100644 (file)
@@ -31,7 +31,7 @@
 #include "ocpayload.h"
 #include "oic_string.h"
 
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "srmutility.h"
 
 #define TAG "UNITTEST_SERVER_2"
index 0d2fe3a..b2dddea 100644 (file)
@@ -39,7 +39,7 @@
 #include "experimental/payload_logging.h"
 #include "srmresourcestrings.h"
 #include "aclresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "rolesresource.h"
 #include "resourcemanager.h"
 #include "srmutility.h"
index bc923d8..17ab335 100644 (file)
@@ -44,7 +44,7 @@
 #include "ocpayloadcbor.h"
 #include "utlist.h"
 #include "credresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pstatresource.h"
 #include "iotvticalendar.h"
 #include "pbkdf2.h"
index 89072a5..f1efe0f 100644 (file)
@@ -25,7 +25,7 @@
 #include "resourcemanager.h"
 #include "srmresourcestrings.h"
 #include "srmutility.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "ocpayload.h"
 #include "ocpayloadcbor.h"
 #include "oic_malloc.h"
index 53dcee9..026e53d 100644 (file)
@@ -39,7 +39,7 @@
 #include "ocpayload.h"
 #include "ocpayloadcbor.h"
 #include "credresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "srmutility.h"
 #include "certhelpers.h"
 #include "csrresource.h"
index 5e88843..e66a801 100644 (file)
@@ -29,7 +29,7 @@
 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
 #include "crlresource.h"
 #endif /* (__WITH_DTLS__) || (__WITH_TLS__) */
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pstatresource.h"
 #include "resourcemanager.h"
 
diff --git a/resource/csdk/security/src/directpairing.c b/resource/csdk/security/src/directpairing.c
new file mode 100644 (file)
index 0000000..b296c35
--- /dev/null
@@ -0,0 +1,1061 @@
+/* *****************************************************************
+ *
+ * Copyright 2016 Samsung Electronics All Rights Reserved.
+ *
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * *****************************************************************/
+#ifndef _POSIX_C_SOURCE
+#define _POSIX_C_SOURCE 200112L
+#endif
+#include "iotivity_config.h"
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_TIME_H
+#include <time.h>
+#endif
+#ifdef HAVE_SYS_TIME_H
+#include <sys/time.h>
+#endif
+#ifdef HAVE_STRING_H
+#include <string.h>
+#endif
+
+#include "ocstack.h"
+#include "oic_malloc.h"
+#include "oic_string.h"
+#include "experimental/logger.h"
+#include "utlist.h"
+#include "ocpayload.h"
+#include "experimental/payload_logging.h"
+#include "cainterface.h"
+#include "directpairing.h"
+#include "srmresourcestrings.h" //@note: SRM's internal header
+#include "experimental/doxmresource.h"       //@note: SRM's internal header
+#include "pconfresource.h"       //@note: SRM's internal header
+#include "dpairingresource.h"       //@note: SRM's internal header
+#include "credresource.h"
+#include "pmtypes.h"
+#include "pmutility.h"
+#include "srmutility.h"
+#include "ocstackinternal.h"
+#if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
+#include <mbedtls/ssl_ciphersuites.h>
+#endif
+
+#define TAG ("OIC_DP")
+static const uint16_t CBOR_SIZE = 1024;
+
+/**
+ * Structure to carry direct-pairing API data to callback.
+ */
+typedef struct DPairData
+{
+    OCDirectPairingDev_t        *peer;                         /**< Pointer to pairing target info.**/
+    char                                  pin[DP_PIN_LENGTH];  /**< PIN **/
+    OCDirectPairingResultCB    resultCallback;           /**< Pointer to result callback.**/
+    void *userCtx;                                      /** < user context to pass in callback **/
+} DPairData_t;
+
+static OCDirectPairingDev_t *g_dp_paired = NULL;
+static OCDirectPairingDev_t *g_dp_discover = NULL;
+static DPairData_t *g_dp_proceed_ctx = NULL;
+
+
+/**
+ * Function to search node in linked list that matches given IP and port.
+ *
+ * @param[in] pList         List of OCProvisionDev_t.
+ * @param[in] addr          address of target device.
+ * @param[in] port          port of remote server.
+ *
+ * @return pointer of OCProvisionDev_t if exist, otherwise NULL
+ */
+OCDirectPairingDev_t* getDev(OCDirectPairingDev_t **ppList, const char* addr, const uint16_t port)
+{
+    if(NULL == addr)
+    {
+        OIC_LOG_V(ERROR, TAG, "Invalid Input parameters in [%s]\n", __FUNCTION__);
+        return NULL;
+    }
+
+    OCDirectPairingDev_t *ptr = NULL;
+    LL_FOREACH(*ppList, ptr)
+    {
+        if( strcmp(ptr->endpoint.addr, addr) == 0 && port == ptr->endpoint.port)
+        {
+            return ptr;
+        }
+    }
+
+    return NULL;
+}
+
+
+
+/**
+ * Add device information to list.
+ *
+ * @param[in] pList         List of OCProvisionDev_t.
+ * @param[in] addr          address of target device.
+ * @param[in] port          port of remote server.
+ * @param[in] adapter       adapter type of endpoint.
+ * @param[in] doxm          pointer to doxm instance.
+ * @param[in] connType  connectivity type of endpoint
+ *
+ * @return OC_STACK_OK for success and errorcode otherwise.
+ */
+OCStackResult addDev(OCDirectPairingDev_t **ppList, OCDevAddr *endpoint,
+                                      OCConnectivityType conn, OicSecPconf_t *pconf)
+{
+    if(NULL == endpoint || NULL == pconf)
+    {
+        OIC_LOG_V(ERROR, TAG, "Invalid Input parameters in [%s]\n", __FUNCTION__);
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OCDirectPairingDev_t *ptr = getDev(ppList, endpoint->addr, endpoint->port);
+    if(!ptr)
+    {
+        ptr = (OCDirectPairingDev_t *)OICCalloc(1, sizeof (OCDirectPairingDev_t));
+        if (NULL == ptr)
+        {
+            OIC_LOG(ERROR, TAG, "Error while allocating memory for linkedlist node !!");
+            return OC_STACK_NO_MEMORY;
+        }
+
+        memcpy(&ptr->endpoint, endpoint, sizeof(OCDevAddr));
+        ptr->connType = conn;
+        ptr->securePort = DEFAULT_SECURE_PORT;
+        ptr->edp = pconf->edp;
+        ptr->prm = pconf->prm;
+        pconf->prm = NULL;  // to prevent free
+        ptr->prmLen = pconf->prmLen;
+        memcpy(&ptr->deviceID, &pconf->deviceID, sizeof(OicUuid_t));
+        memcpy(&ptr->rowner, &pconf->rownerID, sizeof(OicUuid_t));
+        ptr->next = NULL;
+
+        LL_PREPEND(*ppList, ptr);
+        OIC_LOG(INFO, TAG, "device added !");
+    }
+
+    return OC_STACK_OK;
+}
+
+
+/**
+ * Add device information to list.
+ *
+ * @param[in] ppList         List of OCProvisionDev_t.
+ * @param[in] pDev          target device.
+ *
+ * @return OC_STACK_OK for success and errorcode otherwise.
+ */
+OCStackResult addDev2(OCDirectPairingDev_t **ppList, OCDirectPairingDev_t *pDev)
+{
+    if(NULL == pDev)
+    {
+        OIC_LOG_V(ERROR, TAG, "Invalid Input parameters in [%s]\n", __FUNCTION__);
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OCDirectPairingDev_t *ptr = getDev(ppList, pDev->endpoint.addr, pDev->endpoint.port);
+    if(!ptr)
+    {
+        ptr = (OCDirectPairingDev_t *)OICCalloc(1, sizeof (OCDirectPairingDev_t));
+        if (NULL == ptr)
+        {
+            OIC_LOG(ERROR, TAG, "Error while allocating memory for linkedlist node !!");
+            return OC_STACK_NO_MEMORY;
+        }
+
+        memcpy(&ptr->endpoint, &pDev->endpoint, sizeof(OCDevAddr));
+        ptr->connType = pDev->connType;
+        ptr->securePort = pDev->securePort;
+        ptr->edp = pDev->edp;
+        ptr->prmLen = pDev->prmLen;
+        ptr->prm = (OicSecPrm_t*)OICCalloc(ptr->prmLen, sizeof (OicSecPrm_t));
+        if (NULL == ptr->prm)
+        {
+            OIC_LOG(ERROR, TAG, "Error while allocating memory for prm !!");
+            return OC_STACK_NO_MEMORY;
+        }
+        memcpy(ptr->prm, pDev->prm, sizeof(OicSecPrm_t)*ptr->prmLen);
+        memcpy(&ptr->deviceID, &pDev->deviceID, sizeof(OicUuid_t));
+        memcpy(&ptr->rowner, &pDev->rowner, sizeof(OicUuid_t));
+        ptr->next = NULL;
+
+        LL_PREPEND(*ppList, ptr);
+        OIC_LOG(INFO, TAG, "device added !");
+    }
+
+    return OC_STACK_OK;
+}
+
+
+
+/**
+ * This function deletes list of provision target devices
+ *
+ * @param[in] pDevicesList         List of OCProvisionDev_t.
+ */
+void delList(OCDirectPairingDev_t *pList)
+{
+    if(pList)
+    {
+        OCDirectPairingDev_t *del = NULL, *tmp = NULL;
+        LL_FOREACH_SAFE(pList, del, tmp)
+        {
+            LL_DELETE(pList, del);
+            if (del && del->prm)
+            {
+                OICFree(del->prm);
+            }
+        }
+    }
+}
+
+bool DPGenerateQuery(bool isSecure,
+                     const char* address, const uint16_t port,
+                     const OCConnectivityType connType,
+                     char* buffer, size_t bufferSize, const char* uri)
+{
+    if(!address || !buffer || !uri)
+    {
+        OIC_LOG(ERROR, TAG, "DPGenerateQuery : Invalid parameters.");
+        return false;
+    }
+
+    static char QPREFIX_COAP[] =  "coap://";
+    static char QPREFIX_COAPS[] = "coaps://";
+    static char QPREFIX_COAP_TCP[] =  "coap+tcp://";
+    static char QPREFIX_COAPS_TCP[] = "coaps+tcp://";
+
+    int snRet = 0;
+    char* prefix = (isSecure == true) ? QPREFIX_COAPS : QPREFIX_COAP;
+
+    switch(connType & CT_MASK_ADAPTER)
+    {
+// @todo: Remove this ifdef. On Arduino, CT_ADAPTER_TCP resolves to the same value
+// as CT_ADAPTER_IP, resulting in a compiler error.
+#ifdef WITH_TCP
+#ifndef WITH_ARDUINO
+        case CT_ADAPTER_TCP:
+            prefix = (isSecure == true) ? QPREFIX_COAPS_TCP : QPREFIX_COAP_TCP;
+            // intentional fall through don't add break
+#endif
+#endif
+        case CT_ADAPTER_IP:
+            switch(connType & CT_MASK_FLAGS & ~CT_FLAG_SECURE)
+            {
+                case CT_IP_USE_V4:
+                    snRet = snprintf(buffer, bufferSize, "%s%s:%d%s",
+                                     prefix, address, port, uri);
+                    break;
+                case CT_IP_USE_V6:
+                {
+                    char addressEncoded[CA_MAX_URI_LENGTH] = {0};
+
+                    OCStackResult result = OCEncodeAddressForRFC6874(addressEncoded,
+                                                                     sizeof(addressEncoded),
+                                                                     address);
+                    if (OC_STACK_OK != result)
+                    {
+                        OIC_LOG_V(ERROR, TAG, "DPGenerateQuery : encoding error %d\n", result);
+                        return false;
+                    }
+
+                    snRet = snprintf(buffer, bufferSize, "%s[%s]:%d%s",
+                                     prefix, addressEncoded, port, uri);
+                    break;
+                }
+                default:
+                    OIC_LOG(ERROR, TAG, "Unknown address format.");
+                    return false;
+            }
+            // snprintf return value check
+            if (snRet < 0)
+            {
+                OIC_LOG_V(ERROR, TAG, "DPGenerateQuery : Error (snprintf) %d\n", snRet);
+                return false;
+            }
+            else if ((size_t)snRet >= bufferSize)
+            {
+                OIC_LOG_V(ERROR, TAG, "DPGenerateQuery : Truncated (snprintf) %d\n", snRet);
+                return false;
+            }
+
+            break;
+#ifndef WITH_ARDUINO
+        // TODO: We need to verify tinyDTLS in below cases
+        case CT_ADAPTER_GATT_BTLE:
+        case CT_ADAPTER_RFCOMM_BTEDR:
+            OIC_LOG(ERROR, TAG, "Not supported connectivity adapter.");
+            return false;
+#endif
+        default:
+            OIC_LOG(ERROR, TAG, "Unknown connectivity adapter.");
+            return false;
+    }
+
+    return true;
+}
+
+const OCDirectPairingDev_t* DPGetDiscoveredDevices()
+{
+    return g_dp_discover;
+}
+
+const OCDirectPairingDev_t* DPGetPairedDevices()
+{
+    return g_dp_paired;
+}
+
+void DPDeleteLists()
+{
+    delList(g_dp_discover);
+    delList(g_dp_paired);
+}
+
+/**
+ * Callback handler of FinalizeDirectPairing.
+ *
+ * @param[in] ctx             ctx value passed to callback from calling function.
+ * @param[in] UNUSED          handle to an invocation
+ * @param[in] clientResponse  Response from queries to remote servers.
+ * @return  OC_STACK_DELETE_TRANSACTION to delete the transaction
+ *          and  OC_STACK_KEEP_TRANSACTION to keep it.
+ */
+static OCStackApplicationResult DirectPairingFinalizeHandler(void *ctx, OCDoHandle UNUSED,
+                                                  OCClientResponse *clientResponse)
+{
+    OIC_LOG(INFO, TAG, "IN DirectPairingFinalizeHandler()");
+    (void)UNUSED;
+    if(NULL == ctx)
+    {
+        OIC_LOG(ERROR, TAG, "Context is Null");
+        return OC_STACK_DELETE_TRANSACTION;
+    }
+
+    OCStackResult res;
+    DPairData_t *dpairData = (DPairData_t*)ctx;
+    OCDirectPairingDev_t *peer = dpairData->peer;
+    OCDirectPairingResultCB resultCallback = dpairData->resultCallback;
+
+    if (clientResponse)
+    {
+        if(OC_STACK_RESOURCE_CHANGED == clientResponse->result)
+        {
+            // result
+            OIC_LOG(INFO, TAG, "DirectPairingFinalizeHandler : success PUT"
+                    " request to /oic/sec/dpairing");
+
+            CAEndpoint_t endpoint;
+            memset(&endpoint, 0x00, sizeof(CAEndpoint_t));
+            OICStrcpy(endpoint.addr, MAX_ADDR_STR_SIZE_CA, peer->endpoint.addr);
+            endpoint.addr[MAX_ADDR_STR_SIZE_CA - 1] = '\0';
+            endpoint.port = peer->securePort;
+
+            OicUuid_t ptDeviceID = {.id={0}};
+            if (OC_STACK_OK != GetDoxmDeviceID(&ptDeviceID))
+            {
+                OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
+                resultCallback(dpairData->userCtx, peer, OC_STACK_ERROR);
+                return OC_STACK_DELETE_TRANSACTION;
+            }
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+            OCDevAddr devAddr;
+            CopyEndpointToDevAddr(&endpoint, &devAddr);
+            res = SavePairingPSK(&devAddr, &peer->deviceID, &ptDeviceID, false);
+            if(OC_STACK_OK != res)
+            {
+                OIC_LOG(ERROR, TAG, "Failed to PairingPSK generation");
+                resultCallback(dpairData->userCtx, peer, res);
+                return OC_STACK_DELETE_TRANSACTION;
+            }
+
+            //  close temporary sesion
+            CAResult_t caResult = CAcloseSslSession(&endpoint);
+            if(CA_STATUS_OK != caResult)
+            {
+                OIC_LOG(INFO, TAG, "Fail to close temporary dtls session");
+            }
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+            OIC_LOG(INFO, TAG, "Direct-Papring was successfully completed.");
+
+            // update paired list
+            OCDirectPairingDev_t *dev = getDev(&g_dp_discover, peer->endpoint.addr,
+                    peer->endpoint.port);
+            res = addDev2(&g_dp_paired, dev);
+            if (OC_STACK_OK != res)
+            {
+                OIC_LOG(ERROR, TAG, "Error while adding a device to paired list.");
+            }
+
+            resultCallback(dpairData->userCtx, peer, OC_STACK_OK);
+
+            return OC_STACK_DELETE_TRANSACTION;
+        }
+        else
+        {
+            OIC_LOG(INFO, TAG, "Direct-Papring received error response.");
+        }
+    }
+    else
+    {
+        OIC_LOG(ERROR, TAG, "DirectPairingFinalizeHandler received Null clientResponse");
+    }
+
+    resultCallback(dpairData->userCtx, peer, OC_STACK_ERROR);
+    OICFree(dpairData);
+    return OC_STACK_DELETE_TRANSACTION;
+}
+
+/**
+ * Finalize direct-pairing .
+ *
+ * @param[in] peer  target device to establish direct-pairing.
+ * @param[in] resultCallback  result event callback.
+ *
+ * @return OC_STACK_OK on success otherwise error.
+ */
+OCStackResult FinalizeDirectPairing(void *ctx, OCDirectPairingDev_t* peer,
+                                                     OCDirectPairingResultCB resultCallback)
+{
+    if(NULL == peer)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OicUuid_t deviceID =   {.id={0}};
+    if (OC_STACK_OK != GetDoxmDeviceID(&deviceID))
+    {
+        OIC_LOG(ERROR, TAG, "Error while retrieving device ID");
+        return OC_STACK_ERROR;
+    }
+
+    OicSecDpairing_t dpair;
+    memset(&dpair, 0, sizeof(OicSecDpairing_t));
+    dpair.spm = (OicSecPrm_t)PRM_NOT_ALLOWED;
+    memcpy(&dpair.pdeviceID, &deviceID, sizeof(OicUuid_t));
+
+    OCSecurityPayload* secPayload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload));
+    if(!secPayload)
+    {
+        OIC_LOG(ERROR, TAG, "Failed to memory allocation");
+        return OC_STACK_NO_MEMORY;
+    }
+    secPayload->base.type = PAYLOAD_TYPE_SECURITY;
+
+    OCStackResult ret = DpairingToCBORPayload(&dpair, &(secPayload->securityData),
+            &(secPayload->payloadSize));
+
+    if(OC_STACK_OK != ret)
+    {
+        OICFree(secPayload);
+        OIC_LOG(ERROR, TAG, "Failed to DpairingToCBORPayload");
+        return OC_STACK_NO_MEMORY;
+    }
+    OIC_LOG(DEBUG, TAG, "DPARING CBOR data:");
+    OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize);
+
+    char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0};
+    if(!DPGenerateQuery(true,
+                        peer->endpoint.addr,
+                        peer->securePort,
+                        peer->connType,
+                        query, sizeof(query), OIC_RSRC_DPAIRING_URI))
+    {
+        OIC_LOG(ERROR, TAG, "DPDirectPairing : Failed to generate query");
+        return OC_STACK_ERROR;
+    }
+    OIC_LOG_V(DEBUG, TAG, "Query=%s", query);
+
+    DPairData_t *dpairData = (DPairData_t *) OICCalloc(1, sizeof(DPairData_t));
+    if (dpairData == NULL)
+    {
+        OICFree(secPayload->securityData);
+        OICFree(secPayload);
+        OIC_LOG(ERROR, TAG, "Unable to allocate memory");
+        return OC_STACK_NO_MEMORY;
+    }
+    dpairData->peer = peer;
+    dpairData->resultCallback = resultCallback;
+    dpairData->userCtx = ctx;
+
+    OCCallbackData cbData;
+    memset(&cbData, 0, sizeof(cbData));
+    cbData.cb = DirectPairingFinalizeHandler;
+    cbData.context = (void*)dpairData;
+    cbData.cd = NULL;
+
+    OCMethod method = OC_REST_PUT;
+    OCDoHandle handle = NULL;
+    OIC_LOG(DEBUG, TAG, "Sending DPAIRNG setting to resource server");
+    ret = OCDoResource(&handle, method, query,
+            &peer->endpoint, (OCPayload*)secPayload,
+            peer->connType, OC_LOW_QOS, &cbData, NULL, 0);
+    if(OC_STACK_OK != ret)
+    {
+        OIC_LOG(ERROR, TAG, "error in OCDoResource");
+        return OC_STACK_ERROR;
+    }
+
+    return OC_STACK_OK;
+ }
+
+/**
+ * Function to handle the handshake result in Direct-Pairing.
+ * This function will be invoked after DTLS handshake
+ * @param   endPoint  [IN] The remote endpoint.
+ * @param   errorInfo [IN] Error information from the endpoint.
+ * @return  NONE
+ */
+CAResult_t DirectPairingDTLSHandshakeCB(const CAEndpoint_t *endpoint, const CAErrorInfo_t *info)
+{
+    OIC_LOG(INFO, TAG, "IN DirectPairingDTLSHandshakeCB");
+    CAResult_t result = CA_STATUS_OK;
+
+    if(g_dp_proceed_ctx && g_dp_proceed_ctx->peer && endpoint && info)
+    {
+        OIC_LOG_V(INFO, TAG, "Received status from remote device(%s:%d) : %d",
+                 endpoint->addr, endpoint->port, info->result);
+
+        OCDirectPairingDev_t *peer = g_dp_proceed_ctx->peer;
+        OCDirectPairingResultCB resultCallback = g_dp_proceed_ctx->resultCallback;
+        OCStackResult res;
+
+        //Make sure the address matches.
+        if(strncmp(peer->endpoint.addr, endpoint->addr, sizeof(endpoint->addr)) == 0 &&
+                         peer->securePort == endpoint->port)
+        {
+            //In case of success, send next coaps request.
+            if(CA_STATUS_OK == info->result)
+            {
+                OIC_LOG(INFO, TAG, "Now, finalize Direct-Pairing procedure.");
+
+                res = FinalizeDirectPairing(g_dp_proceed_ctx->userCtx, peer, resultCallback);
+                if(OC_STACK_OK != res)
+                {
+                    OIC_LOG(ERROR, TAG, "Failed to finalize direct-pairing");
+                    result = CA_HANDLE_ERROR_OTHER_MODULE;
+                }
+            }
+            else if(CA_DTLS_AUTHENTICATION_FAILURE == info->result)
+            {
+                OIC_LOG(INFO, TAG, "DirectPairingDTLSHandshakeCB - Authentication failed");
+                result = CA_HANDLE_ERROR_OTHER_MODULE;
+            }
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+            CAregisterSslHandshakeCallback(NULL);
+#endif // __WITH_DTLS__ or __WITH_TLS__
+            res = RemoveCredential(&peer->deviceID);
+            if(OC_STACK_RESOURCE_DELETED != res)
+            {
+                OIC_LOG_V(ERROR, TAG, "Failed to remove temporal PSK : %d", res);
+            }
+
+            OICFree(g_dp_proceed_ctx);
+            g_dp_proceed_ctx = NULL;
+        }
+        else
+        {
+            OIC_LOG(INFO, TAG, "DirectPairingDTLSHandshakeCB - Not matched to peer address");
+        }
+    }
+
+    OIC_LOG(INFO, TAG, "OUT DirectPairingDTLSHandshakeCB");
+    return result;
+}
+
+/**
+ * Callback handler of DPDirectPairing.
+ *
+ * @param[in] ctx             ctx value passed to callback from calling function.
+ * @param[in] UNUSED          handle to an invocation
+ * @param[in] clientResponse  Response from queries to remote servers.
+ * @return  OC_STACK_DELETE_TRANSACTION to delete the transaction
+ *          and  OC_STACK_KEEP_TRANSACTION to keep it.
+ */
+static OCStackApplicationResult DirectPairingHandler(void *ctx, OCDoHandle UNUSED,
+                                                  OCClientResponse *clientResponse)
+{
+    OIC_LOG(INFO, TAG, "IN DirectPairingHandler.");
+    (void)UNUSED;
+    if(NULL == ctx)
+    {
+        OIC_LOG(ERROR, TAG, "Context is Null");
+        return OC_STACK_DELETE_TRANSACTION;
+    }
+
+    OCStackResult res = OC_STACK_ERROR;
+    DPairData_t *dpairData = (DPairData_t*)ctx;
+    OCDirectPairingResultCB resultCallback = (OCDirectPairingResultCB)dpairData->resultCallback;
+    OicUuid_t subjectId = {.id={0}};
+
+    if (clientResponse)
+    {
+        if(OC_STACK_RESOURCE_CHANGED == clientResponse->result)
+        {
+            // result
+            OIC_LOG(INFO, TAG, "DirectPairingHandler : success POST request to /oic/sec/dpairing");
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+            // Add temporary psk
+            res = AddTmpPskWithPIN(&dpairData->peer->deviceID,
+                           SYMMETRIC_PAIR_WISE_KEY,
+                           (char*)dpairData->pin, DP_PIN_LENGTH,
+                           &dpairData->peer->rowner, &subjectId);
+            VERIFY_SUCCESS(TAG, OC_STACK_OK == res, ERROR);
+
+
+            // Start to establish a secure channel with Pin-based PSK cipher suite
+            CAResult_t caresult;
+
+            caresult = CAEnableAnonECDHCipherSuite(false);
+            VERIFY_SUCCESS(TAG, CA_STATUS_OK == caresult, ERROR);
+
+            caresult = CASelectCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, CA_ADAPTER_IP);
+            VERIFY_SUCCESS(TAG, CA_STATUS_OK == caresult, ERROR);
+
+            //Register proceeding peer info. & DTLS event handler to catch the dtls event while handshake
+            g_dp_proceed_ctx = dpairData;
+            res = CAregisterSslHandshakeCallback(DirectPairingDTLSHandshakeCB);
+            VERIFY_SUCCESS(TAG, CA_STATUS_OK == caresult, ERROR);
+
+            // initiate dtls
+            CAEndpoint_t endpoint;
+            CopyDevAddrToEndpoint(&dpairData->peer->endpoint, &endpoint);
+            endpoint.port = dpairData->peer->securePort;
+            OIC_LOG_V(INFO, TAG, "Initiate DTLS handshake to %s(%d)", endpoint.addr,
+                    endpoint.port);
+            caresult = CAInitiateHandshake(&endpoint);
+            VERIFY_SUCCESS(TAG, CA_STATUS_OK == caresult, ERROR);
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+            res = OC_STACK_OK;
+        }
+        else
+        {
+            // result
+            OIC_LOG(INFO, TAG, "DirectPairingHandler : fail POST request to /oic/sec/dpairing");
+        }
+    }
+    else
+    {
+        OIC_LOG(ERROR, TAG, "DirectPairingHandler received Null clientResponse");
+    }
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+exit:
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+    if (OC_STACK_OK != res)
+    {
+        if (0 < strlen((const char*)subjectId.id))
+        {
+            RemoveCredential(&dpairData->peer->deviceID);
+            OICFree(dpairData);
+            g_dp_proceed_ctx = NULL;
+            OIC_LOG_V(INFO, TAG, "OUT DirectPairingHandler.");
+            return OC_STACK_DELETE_TRANSACTION;
+        }
+
+        resultCallback(dpairData->userCtx, dpairData->peer, res);
+    }
+    OIC_LOG(INFO, TAG, "OUT DirectPairingHandler.");
+    return OC_STACK_DELETE_TRANSACTION;
+}
+
+/**
+ * Start direct-pairing .
+ *
+ * @param[in] peer  target device to establish direct-pairing.
+ * @param[in] pmSel  selected pairing method.
+ * @param[in] pinNumber  secret value for dtls connection.
+ *
+ * @return OC_STACK_OK on success otherwise error.
+ */
+OCStackResult DPDirectPairing(void *ctx, OCDirectPairingDev_t* peer, OicSecPrm_t pmSel,
+                                char *pinNumber, OCDirectPairingResultCB resultCallback)
+{
+    if(NULL == peer || NULL == pinNumber)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OicUuid_t deviceID =   {.id={0}};
+    if (OC_STACK_OK != GetDoxmDeviceID(&deviceID))
+    {
+        OIC_LOG(ERROR, TAG, "Error while retrieving device ID");
+        return OC_STACK_ERROR;
+    }
+
+    OicSecDpairing_t dpair;
+    memset(&dpair, 0, sizeof(OicSecDpairing_t));
+    dpair.spm = pmSel;
+    memcpy(&dpair.pdeviceID, &deviceID, sizeof(OicUuid_t));
+
+    OCSecurityPayload* secPayload = (OCSecurityPayload*)OICCalloc(1, sizeof(OCSecurityPayload));
+    if(!secPayload)
+    {
+        OIC_LOG(ERROR, TAG, "Failed to memory allocation");
+        return OC_STACK_NO_MEMORY;
+    }
+    secPayload->base.type = PAYLOAD_TYPE_SECURITY;
+
+    OCStackResult ret = DpairingToCBORPayload(&dpair, &(secPayload->securityData),
+            &(secPayload->payloadSize));
+
+    if(OC_STACK_OK != ret)
+    {
+        OICFree(secPayload);
+        OIC_LOG(ERROR, TAG, "Failed to DpairingToCBORPayload");
+        return OC_STACK_NO_MEMORY;
+    }
+    OIC_LOG(DEBUG, TAG, "DPARING CBOR data:");
+    OIC_LOG_BUFFER(DEBUG, TAG, secPayload->securityData, secPayload->payloadSize);
+
+    char query[MAX_URI_LENGTH + MAX_QUERY_LENGTH] = {0};
+    if(!DPGenerateQuery(false,
+                        peer->endpoint.addr,
+                        peer->endpoint.port,
+                        //peer->securePort,
+                        peer->connType,
+                        query, sizeof(query), OIC_RSRC_DPAIRING_URI))
+    {
+        OIC_LOG(ERROR, TAG, "DPDirectPairing : Failed to generate query");
+        return OC_STACK_ERROR;
+    }
+    OIC_LOG_V(DEBUG, TAG, "Query=%s", query);
+
+    DPairData_t *dpairData = (DPairData_t *) OICCalloc(1, sizeof(DPairData_t));
+    if (dpairData == NULL)
+    {
+        OICFree(secPayload->securityData);
+        OICFree(secPayload);
+        OIC_LOG(ERROR, TAG, "Unable to allocate memory");
+        return OC_STACK_NO_MEMORY;
+    }
+    dpairData->peer = peer;
+    memcpy(dpairData->pin, pinNumber, DP_PIN_LENGTH);
+    dpairData->resultCallback = resultCallback;
+    dpairData->userCtx = ctx;
+
+    OCCallbackData cbData;
+    memset(&cbData, 0, sizeof(cbData));
+    cbData.cb = DirectPairingHandler;
+    cbData.context = (void*)dpairData;
+    cbData.cd = NULL;
+
+    OCMethod method = OC_REST_POST;
+    OCDoHandle handle = NULL;
+    OIC_LOG(DEBUG, TAG, "Sending DPAIRNG setting to resource server");
+    ret = OCDoResource(&handle, method, query,
+            &peer->endpoint, (OCPayload*)secPayload,
+            peer->connType, OC_LOW_QOS, &cbData, NULL, 0);
+    if(OC_STACK_OK != ret)
+    {
+        OIC_LOG(ERROR, TAG, "error in OCDoResource");
+        return OC_STACK_ERROR;
+    }
+
+    return OC_STACK_OK;
+
+ }
+
+/**
+ * Callback handler for getting secure port information using /oic/res discovery.
+ *
+ * @param[in] ctx             user context
+ * @param[in] handle          Handle for response
+ * @param[in] clientResponse  Response information(It will contain payload)
+ *
+ * @return OC_STACK_KEEP_TRANSACTION to keep transaction and
+ *         OC_STACK_DELETE_TRANSACTION to delete it.
+ */
+static OCStackApplicationResult DirectPairingPortDiscoveryHandler(void *ctx, OCDoHandle UNUSED,
+                                 OCClientResponse *clientResponse)
+{
+    OIC_LOG(INFO, TAG, "Callback Context for Direct-Pairing Secure Port DISCOVER "
+            "query recvd successfully");
+
+    (void)ctx;
+    (void)UNUSED;
+    if (clientResponse)
+    {
+        if  (NULL == clientResponse->payload)
+        {
+            OIC_LOG(INFO, TAG, "Skiping Null payload");
+        }
+        else
+        {
+            if (PAYLOAD_TYPE_DISCOVERY != clientResponse->payload->type)
+            {
+                OIC_LOG(INFO, TAG, "Wrong payload type");
+                return OC_STACK_DELETE_TRANSACTION;
+            }
+
+            uint16_t securePort = 0;
+            OCResourcePayload* resPayload = ((OCDiscoveryPayload*)clientResponse->payload)->resources;
+            OIC_LOG_PAYLOAD(INFO, clientResponse->payload);
+
+            if (resPayload && resPayload->secure)
+            {
+                securePort = resPayload->port;
+            }
+            else
+            {
+                OIC_LOG(INFO, TAG, "Can not find secure port information.");
+                return OC_STACK_DELETE_TRANSACTION;
+            }
+
+            OCDirectPairingDev_t *ptr = getDev(&g_dp_discover,
+                    clientResponse->devAddr.addr, clientResponse->devAddr.port);
+            if(!ptr)
+            {
+                OIC_LOG(ERROR, TAG, "Can not find device information in the discovery device list");
+                return OC_STACK_DELETE_TRANSACTION;
+            }
+            ptr->securePort = securePort;
+
+            OIC_LOG(INFO, TAG, "Exiting DirectPairingPortDiscoveryHandler.");
+        }
+
+        return  OC_STACK_DELETE_TRANSACTION;
+    }
+    else
+    {
+        OIC_LOG(INFO, TAG, "Skiping Null response");
+    }
+    return  OC_STACK_DELETE_TRANSACTION;
+}
+
+/**
+ * Callback handler for DPDeviceDiscovery API.
+ *
+ * @param[in] ctx             User context
+ * @param[in] handle          Handler for response
+ * @param[in] clientResponse  Response information (It will contain payload)
+ * @return OC_STACK_KEEP_TRANSACTION to keep transaction and
+ *         OC_STACK_DELETE_TRANSACTION to delete it.
+ */
+static OCStackApplicationResult DirectPairingDiscoveryHandler(void* ctx, OCDoHandle UNUSED,
+        OCClientResponse * clientResponse)
+{
+    OIC_LOG(INFO, TAG, "Callback Context for Direct-Pairing DISCOVER query recvd successfully");
+
+    (void)ctx;
+    (void)UNUSED;
+    if (clientResponse)
+    {
+        OIC_LOG_V(INFO, TAG, "StackResult: %d", clientResponse->result);
+        OIC_LOG_V(INFO, TAG,
+                "Device =============> Discovered @ %s:%d",
+                clientResponse->devAddr.addr,
+                clientResponse->devAddr.port);
+
+        if  (NULL == clientResponse->payload)
+        {
+            OIC_LOG(INFO, TAG, "Skiping Null payload");
+            return OC_STACK_KEEP_TRANSACTION;
+        }
+        if (OC_STACK_OK != clientResponse->result)
+        {
+            OIC_LOG(INFO, TAG, "Error in response");
+            return OC_STACK_KEEP_TRANSACTION;
+        }
+
+        OIC_LOG_PAYLOAD(INFO, clientResponse->payload);
+        OicSecPconf_t *pconf = NULL;
+
+        OCStackResult res = CBORPayloadToPconf(
+                ((OCSecurityPayload*)clientResponse->payload)->securityData,
+                CBOR_SIZE,&pconf);
+        if (OC_STACK_OK != res )
+        {
+            OIC_LOG(INFO, TAG, "Ignoring malformed CBOR");
+            return OC_STACK_KEEP_TRANSACTION;
+        }
+        else
+        {
+            if(pconf->edp)
+            {
+                OCDevAddr endpoint;
+                memcpy(&endpoint, &clientResponse->devAddr, sizeof(OCDevAddr));
+
+                res = addDev(&g_dp_discover, &endpoint, clientResponse->connType, pconf);
+                DeletePconfBinData(pconf);
+                if (OC_STACK_OK != res)
+                {
+                    OIC_LOG(ERROR, TAG, "Error while adding data to linkedlist.");
+                    return OC_STACK_KEEP_TRANSACTION;
+                }
+
+                char rsrc_uri[MAX_URI_LENGTH+1] = {0};
+                int wr_len = snprintf(rsrc_uri, sizeof(rsrc_uri), "%s?%s=%s",
+                          OC_RSRVD_WELL_KNOWN_URI, OC_RSRVD_RESOURCE_TYPE, OIC_RSRC_TYPE_SEC_DPAIRING);
+                if(wr_len <= 0 || (size_t)wr_len >= sizeof(rsrc_uri))
+                {
+                    OIC_LOG(ERROR, TAG, "rsrc_uri_string_print failed");
+                    return OC_STACK_KEEP_TRANSACTION;
+                }
+
+                //Try to the unicast discovery to getting secure port
+                char query[MAX_URI_LENGTH+MAX_QUERY_LENGTH+1] = {0};
+                if(!DPGenerateQuery(false,
+                                    clientResponse->devAddr.addr, clientResponse->devAddr.port,
+                                    clientResponse->connType,
+                                    query, sizeof(query), rsrc_uri))
+                {
+                    OIC_LOG(ERROR, TAG, "DirectPairingDiscoveryHandler : Failed to generate query");
+                    return OC_STACK_KEEP_TRANSACTION;
+                }
+                OIC_LOG_V(DEBUG, TAG, "Query=%s", query);
+
+                OCCallbackData cbData;
+                cbData.cb = &DirectPairingPortDiscoveryHandler;
+                cbData.context = NULL;
+                cbData.cd = NULL;
+                res = OCDoResource(NULL, OC_REST_DISCOVER, query, 0, 0,
+                        clientResponse->connType, OC_LOW_QOS, &cbData, NULL, 0);
+                if(OC_STACK_OK != res)
+                {
+                    OIC_LOG(ERROR, TAG, "Failed to Secure Port Discovery");
+                    return OC_STACK_KEEP_TRANSACTION;
+                }
+                else
+                {
+                    OIC_LOG_V(INFO, TAG, "OCDoResource with [%s] Success", query);
+                }
+            }
+            return  OC_STACK_KEEP_TRANSACTION;
+        }
+    }
+    else
+    {
+        OIC_LOG(INFO, TAG, "Skiping Null response");
+    }
+
+    return OC_STACK_DELETE_TRANSACTION;
+}
+#ifndef WITH_ARDUINO
+/**
+ * Discover direct-pairing devices in the same IP subnet. .
+ *
+ * @param[in] waittime  Timeout in seconds.
+ *
+ * @return OC_STACK_OK on success otherwise error.
+ */
+OCStackResult DPDeviceDiscovery(unsigned short waittime)
+{
+    OIC_LOG(DEBUG, TAG, "IN DPDeviceDiscovery");
+
+    if (g_dp_discover)
+    {
+        delList(g_dp_discover);
+        g_dp_discover = NULL;
+    }
+
+    OCStackResult ret;
+
+    const char DP_DISCOVERY_QUERY[] = "/oic/sec/pconf";
+
+    OCCallbackData cbData;
+    cbData.cb = DirectPairingDiscoveryHandler;
+    cbData.context = NULL;
+    cbData.cd = NULL;
+
+    /* Start a DP discovery query*/
+    OIC_LOG_V(INFO, TAG, "Initiating Direct-Pairing Discovery : %s\n", DP_DISCOVERY_QUERY);
+    OCDoHandle handle = NULL;
+    ret = OCDoResource(&handle, OC_REST_DISCOVER, DP_DISCOVERY_QUERY, 0, 0, CT_DEFAULT,
+                       OC_LOW_QOS, &cbData, NULL, 0);
+    if (ret != OC_STACK_OK)
+    {
+        OIC_LOG(ERROR, TAG, "OCStack resource error");
+        return ret;
+    }
+
+    // wait..
+
+    int clock_res = -1;
+#if defined(_MSC_VER)
+    time_t startTime = 0;
+    clock_res = (time(&startTime) == -1);
+#else
+    struct timespec startTime = {.tv_sec=0, .tv_nsec=0};
+#if defined(__ANDROID__) || _POSIX_TIMERS > 0
+    clock_res = clock_gettime(CLOCK_MONOTONIC, &startTime);
+#endif
+#endif
+    if (0 != clock_res)
+    {
+        OIC_LOG(ERROR, TAG, "clock error");
+        if(OC_STACK_OK !=  OCCancel(handle, OC_LOW_QOS, NULL, 0))
+        {
+            OIC_LOG(ERROR, TAG, "Failed to remove registered callback");
+        }
+        return OC_STACK_ERROR;
+    }
+
+    while (1)
+    {
+#if defined(_MSC_VER)
+        time_t currTime = 0;
+        clock_res = (time(&currTime) == -1);
+#else
+        struct timespec currTime  = {.tv_sec=0, .tv_nsec=0};
+#if defined(__ANDROID__) || _POSIX_TIMERS > 0
+        clock_res = clock_gettime(CLOCK_MONOTONIC, &currTime);
+#endif
+#endif
+        if (0 != clock_res)
+        {
+            OIC_LOG(ERROR, TAG, "clock error");
+            ret = OC_STACK_ERROR;
+            break;
+        }
+#if defined(_MSC_VER)
+        time_t elapsed = currTime - startTime;
+#else
+        time_t elapsed = (currTime.tv_sec - startTime.tv_sec);
+#endif
+        if (elapsed > waittime)
+        {
+            break;
+        }
+        else
+        {
+            struct timespec timeout = {.tv_sec=0, .tv_nsec=100000000L};
+            OCProcess();
+            nanosleep(&timeout, NULL);
+        }
+    }
+
+    // Waiting for each response.
+    ret = OCCancel(handle, OC_LOW_QOS, NULL, 0);
+    if (OC_STACK_OK != ret)
+    {
+        OIC_LOG(ERROR, TAG, "Failed to remove registered callback");
+    }
+    OIC_LOG(DEBUG, TAG, "OUT DPDeviceDiscovery");
+    return ret;
+}
+#endif
index f8c9d71..dd88acb 100644 (file)
@@ -36,7 +36,7 @@
 #include "cainterface.h"
 #include "ocserverrequest.h"
 #include "resourcemanager.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "pstatresource.h"
 #include "deviceonboardingstate.h"
 #include "aclresource.h"
@@ -100,7 +100,7 @@ static OicSecDoxm_t gDefaultDoxm =
 #define W PERMISSION_WRITE
 #define RW PERMISSION_READ | PERMISSION_WRITE
 
-// NOTE that this table must match the DoxmProperty_t enum in doxmresource.h
+// NOTE that this table must match the DoxmProperty_t enum in experimental/doxmresource.h
 static const uint8_t gDoxmPropertyAccessModes[DOXM_PROPERTY_COUNT][DOS_STATE_COUNT] =
 { // RESET RFOTM  RFPRO   RFNOP   SRESET
     { R,    R,      R,      R,      R   }, // .oxmtype TODO [IOT-2105]
diff --git a/resource/csdk/security/src/dpairingresource.c b/resource/csdk/security/src/dpairingresource.c
new file mode 100644 (file)
index 0000000..a77001d
--- /dev/null
@@ -0,0 +1,829 @@
+/* *****************************************************************
+ *
+ * Copyright 2016 Samsung Electronics All Rights Reserved.
+ *
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * *****************************************************************/
+
+#include "iotivity_config.h"
+#include <stdlib.h>
+#include <string.h>
+#include "ocstack.h"
+#include "experimental/logger.h"
+#include "oic_malloc.h"
+#include "oic_string.h"
+#include "base64.h"
+#include "resourcemanager.h"
+#include "dpairingresource.h"
+#include "psinterface.h"
+#include "utlist.h"
+#include "srmresourcestrings.h"
+#include "cainterface.h"
+#include "experimental/doxmresource.h"
+#include "pconfresource.h"
+#include "credresource.h"
+#include "aclresource.h"
+#include "srmutility.h"
+#include "ocserverrequest.h"
+#include "ocpayload.h"
+#include "ocpayloadcbor.h"
+#include "experimental/payload_logging.h"
+#include "ocstackinternal.h"
+#if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
+#include <mbedtls/ssl_ciphersuites.h>
+#endif
+
+#ifdef HAVE_STRINGS_H
+#include <strings.h>
+#endif
+
+#define TAG  "OIC_SRM_DPAIRING"
+
+/** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory.
+ * The value of payload size is increased until reaching belox max cbor size. */
+static const uint16_t CBOR_SIZE = 1024;
+
+/** Max cbor size payload. */
+static const uint16_t CBOR_MAX_SIZE = 4400;
+
+/** DOXM Map size - Number of mandatory items. */
+static const uint8_t DPAIR_MAP_SIZE = 3;
+
+static OicSecDpairing_t     *gDpair = NULL;
+static OCResourceHandle   gDpairHandle = NULL;
+static OicSecDpairing_t      gDefaultDpair =
+{
+    PRM_NOT_ALLOWED,       /* OicSecPrm_t spm */
+    {.id = {0}},                   /* OicUuid_t pdeviceID */
+    {.id = {0}},                   /* OicUuid_t rowner */
+};
+
+void DeleteDpairingBinData(OicSecDpairing_t* dpair)
+{
+    if (dpair)
+    {
+        //Clean dpairing itself
+        OICFree(dpair);
+    }
+}
+
+/**
+ * Get the default value.
+ * @retval  the gDefaultDpair pointer;
+ */
+static OicSecDpairing_t* GetDpairingDefault()
+{
+    OIC_LOG (DEBUG, TAG, "GetDpairingDefault");
+
+    return &gDefaultDpair;
+}
+
+/**
+ * This method is used by SRM to retrieve Dpairing resource data..
+ */
+void SetDpairingResourceOwner(OicUuid_t *rowner)
+{
+    OIC_LOG (DEBUG, TAG, "SetDpairingResourceOwner");
+    if (gDpair)
+    {
+        memcpy(&gDpair->rownerID, rowner, sizeof(OicUuid_t));
+    }
+}
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+/**
+ * Function to save PairingPSK.
+ *
+ * @param[in] devAddr   current endpoint.
+ * @param[in] peerDevID   peer device identitiy.
+ * @param[in] isPairingServer   indicate if it generates PairingPSK for server or client.
+ *
+ * @return  OC_STACK_OK on success
+ */
+OCStackResult SavePairingPSK(OCDevAddr *devAddr,
+            OicUuid_t *peerDevID, OicUuid_t *owner, bool isPairingServer)
+{
+    OIC_LOG(DEBUG, TAG, "IN SavePairingPSK");
+
+    if (NULL == devAddr || NULL == peerDevID || NULL == owner)
+    {
+        OIC_LOG_V(ERROR, TAG, "Invalid Input parameters in [%s]\n", __FUNCTION__);
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OCStackResult res = OC_STACK_ERROR;
+
+    OicUuid_t ptDeviceID = {.id={0}};
+    if (OC_STACK_OK != GetDoxmDeviceID(&ptDeviceID))
+    {
+        OIC_LOG(ERROR, TAG, "Error while retrieving provisioning tool's device ID");
+        return res;
+    }
+
+    uint8_t pairingPSK[OWNER_PSK_LENGTH_128] = {0};
+    OicSecKey_t pairingKey;
+    memset(&pairingKey, 0, sizeof(pairingKey));
+    pairingKey.data = pairingPSK;
+    pairingKey.len = OWNER_PSK_LENGTH_128;
+    pairingKey.encoding = OIC_ENCODING_RAW;
+
+    //Generating PairingPSK using OwnerPSK scheme
+    CAEndpoint_t endpoint = {.adapter = CA_DEFAULT_ADAPTER};
+    CopyDevAddrToEndpoint(devAddr, &endpoint);
+    CAResult_t pskRet = CAGenerateOwnerPSK(&endpoint,
+            (uint8_t *)OIC_RSRC_TYPE_SEC_DPAIRING,
+            strlen(OIC_RSRC_TYPE_SEC_DPAIRING),
+            (isPairingServer ? ptDeviceID.id : peerDevID->id), sizeof(OicUuid_t), // server
+            (isPairingServer ? peerDevID->id : ptDeviceID.id), sizeof(OicUuid_t), // client
+            pairingPSK, OWNER_PSK_LENGTH_128);
+
+    if (CA_STATUS_OK == pskRet)
+    {
+        OIC_LOG(DEBUG, TAG, "pairingPSK dump:\n");
+        OIC_LOG_BUFFER(DEBUG, TAG, pairingPSK, OWNER_PSK_LENGTH_128);
+        //Generating new credential for direct-pairing client
+
+        OicSecCred_t *cred = GenerateCredential(peerDevID,
+                SYMMETRIC_PAIR_WISE_KEY, NULL,
+                &pairingKey, owner, NULL);
+        OICClearMemory(pairingPSK, sizeof(pairingPSK));
+        VERIFY_NOT_NULL(TAG, cred, ERROR);
+
+        res = AddCredential(cred);
+        if(res != OC_STACK_OK)
+        {
+            DeleteCredList(cred);
+            return res;
+        }
+    }
+    else
+    {
+        OIC_LOG(ERROR, TAG, "CAGenerateOwnerPSK failed");
+    }
+
+    OIC_LOG(DEBUG, TAG, "OUT SavePairingPSK");
+exit:
+    return res;
+}
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+OCStackResult DpairingToCBORPayload(const OicSecDpairing_t *dpair, uint8_t **payload, size_t *size)
+{
+    if (NULL == dpair || NULL == payload || NULL != *payload || NULL == size)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    size_t cborLen = *size;
+    if (0 == cborLen)
+    {
+        cborLen = CBOR_SIZE;
+    }
+
+    *payload = NULL;
+    *size = 0;
+
+    OCStackResult ret = OC_STACK_ERROR;
+
+    CborEncoder encoder;
+    CborEncoder dpairMap;
+
+    int64_t cborEncoderResult = CborNoError;
+    uint8_t mapSize = DPAIR_MAP_SIZE;
+
+    uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen);
+    VERIFY_NOT_NULL_RETURN(TAG, outPayload, ERROR, OC_STACK_ERROR);
+
+    cbor_encoder_init(&encoder, outPayload, cborLen, 0);
+
+    cborEncoderResult = cbor_encoder_create_map(&encoder, &dpairMap, mapSize);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating DPAIRING Map");
+
+    //spm -- Mandatory
+    cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_SPM_NAME,
+        strlen(OIC_JSON_SPM_NAME));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SPM name tag");
+    cborEncoderResult = cbor_encode_int(&dpairMap, dpair->spm);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding SPM value");
+
+    //PDEVICEID -- Mandatory
+    cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_PDEVICE_ID_NAME,
+        strlen(OIC_JSON_PDEVICE_ID_NAME));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding PDeviceID tag");
+    {
+        char *deviceId = NULL;
+        ret = ConvertUuidToStr(&dpair->pdeviceID, &deviceId);
+        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+        cborEncoderResult = cbor_encode_text_string(&dpairMap, deviceId, strlen(deviceId));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode PDeviceID value");
+        OICFree(deviceId);
+    }
+
+    //ROWNER -- Mandatory
+    {
+        char *rowner = NULL;
+        cborEncoderResult = cbor_encode_text_string(&dpairMap, OIC_JSON_ROWNERID_NAME,
+            strlen(OIC_JSON_ROWNERID_NAME));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding ROWNER tag");
+        ret = ConvertUuidToStr(&dpair->rownerID, &rowner);
+        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+        cborEncoderResult = cbor_encode_text_string(&dpairMap, rowner, strlen(rowner));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Adding Rowner ID value");
+        OICFree(rowner);
+    }
+
+    cborEncoderResult = cbor_encoder_close_container(&encoder, &dpairMap);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close dpairMap");
+
+     if (CborNoError == cborEncoderResult)
+    {
+        *size = cbor_encoder_get_buffer_size(&encoder, outPayload);
+        *payload = outPayload;
+        ret = OC_STACK_OK;
+    }
+
+exit:
+    if ((CborErrorOutOfMemory == cborEncoderResult) && (cborLen < CBOR_MAX_SIZE))
+    {
+       // reallocate and try again!
+       OICFree(outPayload);
+       outPayload = NULL;
+       // Since the allocated initial memory failed, double the memory.
+       cborLen += cbor_encoder_get_buffer_size(&encoder, encoder.end);
+       cborEncoderResult = CborNoError;
+       ret = DpairingToCBORPayload(dpair, payload, &cborLen);
+       *size = cborLen;
+    }
+
+    if ((CborNoError != cborEncoderResult) || (OC_STACK_OK != ret))
+    {
+       OICFree(outPayload);
+       outPayload = NULL;
+       *payload = NULL;
+       *size = 0;
+       ret = OC_STACK_ERROR;
+    }
+
+    return ret;
+}
+
+OCStackResult CBORPayloadToDpair(const uint8_t *cborPayload, size_t size,
+                                OicSecDpairing_t **secDpair)
+{
+    if (NULL == cborPayload || NULL == secDpair || NULL != *secDpair || 0 == size)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+
+    OCStackResult ret = OC_STACK_ERROR;
+    *secDpair = NULL;
+
+    CborValue dpairCbor = { .parser = NULL };
+    CborParser parser = { .end = NULL };
+    CborError cborFindResult = CborNoError;
+
+    cbor_parser_init(cborPayload, size, 0, &parser, &dpairCbor);
+    CborValue dpairMap = { .parser = NULL };
+    OicSecDpairing_t *dpair = NULL;
+    cborFindResult = cbor_value_enter_container(&dpairCbor, &dpairMap);
+    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering DPairing Map");
+
+    dpair = (OicSecDpairing_t *)OICCalloc(1, sizeof(*dpair));
+    VERIFY_NOT_NULL(TAG, dpair, ERROR);
+
+    while (cbor_value_is_valid(&dpairMap) && cbor_value_is_text_string(&dpairMap))
+    {
+        char *name = NULL;
+        size_t len = 0;
+        CborType type = CborInvalidType;
+        cborFindResult = cbor_value_dup_text_string(&dpairMap, &name, &len, NULL);
+        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding tag name");
+        cborFindResult = cbor_value_advance(&dpairMap);
+        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing a value in DPair map");
+
+        type = cbor_value_get_type(&dpairMap);
+        if (0 == strcmp(OIC_JSON_SPM_NAME, name) && cbor_value_is_integer(&dpairMap))
+        {
+            int spm;
+
+            cborFindResult = cbor_value_get_int(&dpairMap, &spm);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding SPM Value");
+            dpair->spm = (OicSecPrm_t)spm;
+        }
+
+        if (0 == strcmp(OIC_JSON_PDEVICE_ID_NAME, name))
+        {
+            char *id = NULL;
+            cborFindResult = cbor_value_dup_text_string(&dpairMap, &id, &len, NULL);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding PDeviceID value");
+            ret = ConvertStrToUuid(id, &dpair->pdeviceID);
+            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+            OICFree(id);
+        }
+
+        if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name))
+        {
+            char *id = NULL;
+            cborFindResult = cbor_value_dup_text_string(&dpairMap, &id, &len, NULL);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RownerID value");
+            ret = ConvertStrToUuid(id, &dpair->rownerID);
+            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+            OICFree(id);
+        }
+
+        if (CborMapType != type && cbor_value_is_valid(&dpairMap))
+        {
+            cborFindResult = cbor_value_advance(&dpairMap);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing the Dpair Map");
+        }
+        OICFree(name);
+    }
+
+    *secDpair = dpair;
+    ret = OC_STACK_OK;
+
+exit:
+    if (CborNoError != cborFindResult)
+    {
+        OIC_LOG (ERROR, TAG, "CBORPayloadToDoxm failed");
+        DeleteDpairingBinData(dpair);
+        dpair = NULL;
+        *secDpair = NULL;
+        ret = OC_STACK_ERROR;
+    }
+    return ret;
+}
+/**
+ * Function to handle the handshake result in Direct-Pairing.
+ * This function will be invoked after DTLS handshake
+ * @param   endPoint  [IN] The remote endpoint.
+ * @param   errorInfo [IN] Error information from the endpoint.
+ * @return  NONE
+ */
+CAResult_t DPairingDTLSHandshakeCB(const CAEndpoint_t *endpoint, const CAErrorInfo_t *info)
+{
+    OIC_LOG(INFO, TAG, "IN DPairingDTLSHandshakeCB");
+
+    if(gDpair && endpoint && info)
+    {
+        OIC_LOG_V(INFO, TAG, "Received status from remote device(%s:%d) : %d",
+                 endpoint->addr, endpoint->port, info->result);
+
+        if(CA_STATUS_OK == info->result)
+        {
+            OIC_LOG(INFO, TAG, "DPairingDTLSHandshakeCB - Connection success.");
+        }
+        else if(CA_DTLS_AUTHENTICATION_FAILURE == info->result)
+        {
+            OIC_LOG(INFO, TAG, "DPairingDTLSHandshakeCB - Authentication failed");
+
+        }
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+        CAregisterSslHandshakeCallback(NULL);
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+        // delete temporary key
+        RemoveCredential(&gDpair->pdeviceID);
+    }
+
+    OIC_LOG(INFO, TAG, "OUT DPairingDTLSHandshakeCB");
+    return CA_STATUS_OK;
+}
+
+static OCEntityHandlerResult HandleDpairingPostRequest (const OCEntityHandlerRequest * ehRequest)
+{
+    OIC_LOG (DEBUG, TAG, "Dpairing EntityHandle  processing POST request");
+    OCEntityHandlerResult ehRet = OC_EH_ERROR;
+    OicSecDpairing_t* newDpair = NULL;
+    OCStackResult res = OC_STACK_OK;
+
+    const OicSecPconf_t *pconf = GetPconfResourceData();
+    if (true == pconf->edp)
+    {
+        uint8_t *payload = ((OCSecurityPayload*)ehRequest->payload)->securityData;
+        size_t size = ((OCSecurityPayload*)ehRequest->payload)->payloadSize;
+        if (payload)
+        {
+            res = CBORPayloadToDpair(payload, size, &newDpair);
+        }
+    }
+    else
+    {
+        OIC_LOG (DEBUG, TAG, "EDP == false : Direct-Pairing Disabled");
+        ehRet = OC_EH_ERROR;
+    }
+
+    if (OC_STACK_OK == res && newDpair && false == IsPairedDevice(&newDpair->pdeviceID))
+    {
+        // Check if valid Post request
+        bool prmMached = false;
+        for (size_t i=0; i<pconf->prmLen; i++)
+        {
+            if (newDpair->spm == pconf->prm[i])
+            {
+                prmMached = true;
+                break;
+            }
+        }
+        OIC_LOG_V(DEBUG, TAG, "Parsed spm is %s", prmMached ? "valid" :
+                "invalid, send error response");
+
+        // Update local Dpairing with new Dpairing & prepare dtls session
+        if (prmMached && '\0' != (char)newDpair->pdeviceID.id[0])
+        {
+            if(!gDpair)
+            {
+                gDpair = GetDpairingDefault();
+            }
+            gDpair->spm = newDpair->spm;
+            memcpy(&gDpair->pdeviceID, &newDpair->pdeviceID, sizeof(OicUuid_t));
+            memcpy(&gDpair->rownerID, &pconf->rownerID, sizeof(OicUuid_t));
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+            // Add temporary psk
+            OCStackResult result;
+            OicUuid_t subjectId = {.id={0}};
+            result = AddTmpPskWithPIN(&gDpair->pdeviceID,
+                           SYMMETRIC_PAIR_WISE_KEY,
+                           (char*)pconf->pin.val, DP_PIN_LENGTH,
+                           &gDpair->rownerID, &subjectId);
+            if(result != OC_STACK_OK ||
+                    memcmp(&gDpair->pdeviceID, &subjectId, sizeof(OicUuid_t)))
+            {
+                OIC_LOG_V(ERROR, TAG, "Failed to save the temporal PSK : %d", result);
+                goto exit;
+            }
+
+            // Prepare to establish a secure channel with Pin-based PSK cipher suite
+            if (CA_STATUS_OK != CAEnableAnonECDHCipherSuite(false) ||
+                CA_STATUS_OK != CASelectCipherSuite(MBEDTLS_TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256, CA_ADAPTER_IP))
+            {
+                OIC_LOG_V(ERROR, TAG, "Failed to select TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA_256");
+                goto exit;
+            }
+
+            if(CA_STATUS_OK != CAregisterSslHandshakeCallback(DPairingDTLSHandshakeCB))
+            {
+                OIC_LOG(WARNING, TAG, "DirectPairingHandler : Failed to register"
+                        " DTLS handshake callback.");
+                goto exit;
+            }
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+            // should be lock /oic/sec/dpairing resource if Direct-Pairing starts normally ?
+            OIC_LOG (DEBUG, TAG, "/oic/sec/dpairing resource created");
+
+            ehRet = OC_EH_RESOURCE_CREATED;
+        }
+        else
+        {
+            OIC_LOG(ERROR, TAG, "Error in request check");
+        }
+    }
+
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+exit:
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+    // Send payload to request originator
+    if(OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, NULL, 0))
+    {
+        ehRet = OC_EH_ERROR;
+        OIC_LOG (ERROR, TAG, "SendSRMResponse failed in HandleDpairingPostRequest");
+    }
+
+    if (OC_EH_ERROR == ehRet && gDpair)
+    {
+        RemoveCredential(&gDpair->pdeviceID);
+        gDpair = NULL;
+    }
+
+    DeleteDpairingBinData(newDpair);
+    OIC_LOG_V (DEBUG, TAG, "%s RetVal %d", __func__ , ehRet);
+    return ehRet;
+}
+
+static OCEntityHandlerResult HandleDpairingPutRequest (const OCEntityHandlerRequest * ehRequest)
+{
+    OIC_LOG (DEBUG, TAG, "Dpairing EntityHandle  processing PUT request (Comfirmation)");
+
+    OCEntityHandlerResult ehRet = OC_EH_ERROR;
+    OicSecDpairing_t* newDpair = NULL;
+    OCStackResult res = OC_STACK_OK;
+
+    const OicSecPconf_t *pconf = GetPconfResourceData();
+    if (true == pconf->edp)
+    {
+        uint8_t *payload = ((OCSecurityPayload*)ehRequest->payload)->securityData;
+        size_t size = ((OCSecurityPayload*)ehRequest->payload)->payloadSize;
+        if (payload)
+        {
+            res = CBORPayloadToDpair(payload, size, &newDpair);
+        }
+    }
+    else
+    {
+        OIC_LOG (DEBUG, TAG, "EDP == false : Direct-Pairing Disabled");
+        ehRet = OC_EH_ERROR;
+    }
+
+
+    if ((OC_STACK_OK == res) && gDpair && newDpair)
+    {
+        OIC_LOG(DEBUG, TAG, "Received direct-pairing finalization request");
+
+        // Check if valid Put request
+        VERIFY_SUCCESS(TAG, PRM_NOT_ALLOWED == newDpair->spm, ERROR);
+
+        const OicSecPconf_t *secPconf = GetPconfResourceData();
+        VERIFY_NOT_NULL(TAG, secPconf, ERROR);
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
+        OCServerRequest * request = (OCServerRequest *)ehRequest->requestHandle;
+        VERIFY_SUCCESS(TAG, (request->devAddr.flags | OC_FLAG_SECURE), ERROR);
+
+        //Generate new credential
+        OIC_LOG_V(INFO, TAG, "SavePairingPSK for %s(%d)", request->devAddr.addr,
+                request->devAddr.port);
+        OCStackResult result = SavePairingPSK(&request->devAddr, &newDpair->pdeviceID,
+                (OicUuid_t *)&secPconf->rownerID, true);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == result, ERROR);
+#endif // __WITH_DTLS__ or __WITH_TLS__
+
+        //Generate new acl
+        OicSecPdAcl_t *pdAcl;
+        LL_FOREACH(secPconf->pdacls, pdAcl)
+        {
+            OicSecAcl_t* acl = (OicSecAcl_t*)OICCalloc(1, sizeof(OicSecAcl_t));
+            VERIFY_NOT_NULL(TAG, acl, ERROR);
+
+            OicSecAce_t* ace = (OicSecAce_t*)OICCalloc(1, sizeof(OicSecAce_t));
+            VERIFY_NOT_NULL(TAG, ace, ERROR);
+
+            LL_APPEND(acl->aces, ace);
+
+            ace->subjectType = OicSecAceUuidSubject;
+            memcpy(&ace->subjectuuid, &gDpair->pdeviceID, sizeof(OicUuid_t));
+
+            for(size_t i = 0; i < pdAcl->resourcesLen; i++)
+            {
+                OicSecRsrc_t* rsrc = (OicSecRsrc_t*)OICCalloc(1, sizeof(OicSecRsrc_t));
+                VERIFY_NOT_NULL(TAG, rsrc, ERROR);
+                LL_APPEND(ace->resources, rsrc);
+
+                //href
+                rsrc->href = OICStrdup(pdAcl->resources[i]);
+
+                // TODO: Append 'if' and 'rt' as workaround
+                // if
+                rsrc->interfaceLen = 1;
+                rsrc->interfaces = (char**)OICCalloc(rsrc->interfaceLen, sizeof(char));
+                VERIFY_NOT_NULL(TAG, (rsrc->interfaces), ERROR);
+                rsrc->interfaces[0] = OICStrdup(OC_RSRVD_INTERFACE_DEFAULT);
+                VERIFY_NOT_NULL(TAG, (rsrc->interfaces[0]), ERROR);
+
+                //rt
+                rsrc->typeLen = 1;
+                rsrc->types = (char**)OICCalloc(rsrc->typeLen, sizeof(char));
+                VERIFY_NOT_NULL(TAG, (rsrc->types), ERROR);
+                rsrc->types[0] = OICStrdup("oic.core");
+                VERIFY_NOT_NULL(TAG, (rsrc->types[0]), ERROR);
+            }
+
+            ace->permission = pdAcl->permission;
+
+            //Copy the validity
+            if(pdAcl->periods || pdAcl->recurrences)
+            {
+                OicSecValidity_t* validity = (OicSecValidity_t*)OICCalloc(1, sizeof(OicSecValidity_t));
+                VERIFY_NOT_NULL(TAG, validity, ERROR);
+
+                if(pdAcl->periods && pdAcl->periods[0])
+                {
+                    validity->period = OICStrdup(pdAcl->periods[0]);
+                    VERIFY_NOT_NULL(TAG, (validity->period), ERROR);
+                }
+
+                if(pdAcl->recurrences && 0 < pdAcl->prdRecrLen)
+                {
+                    validity->recurrenceLen = pdAcl->prdRecrLen;
+                    validity->recurrences = (char**)OICMalloc(sizeof(char*) * pdAcl->prdRecrLen);
+                    VERIFY_NOT_NULL(TAG, (validity->recurrences), ERROR);
+
+                    for(size_t i = 0; i < pdAcl->prdRecrLen; i++)
+                    {
+                        validity->recurrences[i] = OICStrdup(pdAcl->recurrences[i]);
+                        VERIFY_NOT_NULL(TAG, (validity->recurrences[i]), ERROR);
+                    }
+                }
+
+                LL_APPEND(ace->validities, validity);
+            }
+
+            size_t size = 0;
+            uint8_t *payload = NULL;
+            // TODO IOT-2052 update to /acl2
+            if (OC_STACK_OK == AclToCBORPayload(acl, OIC_SEC_ACL_V1, &payload, &size))
+            {
+                AppendACL(payload, size);
+                OICFree(payload);
+            }
+            DeleteACLList(acl);
+        }
+
+        //update pconf device list
+        AddPairedDevice(&newDpair->pdeviceID);
+
+        //Initialize dpairing resource
+        gDpair = NULL;
+
+        OIC_LOG (DEBUG, TAG, "/oic/sec/dpairing resource updated,"
+                "direct-pairing finalization success");
+        ehRet = OC_EH_OK;
+    }
+
+exit:
+
+    //Send payload to request originator
+    if(OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, NULL, 0))
+    {
+        ehRet = OC_EH_ERROR;
+        OIC_LOG (ERROR, TAG, "SendSRMResponse failed in HandleDpairingPutRequest");
+    }
+
+    DeleteDpairingBinData(newDpair);
+    OIC_LOG_V (DEBUG, TAG, "%s RetVal %d", __func__ , ehRet);
+    return ehRet;
+}
+/*
+ * This internal method is the entity handler for Dpairing resources and
+ * will handle REST request (GET/POST) for them.
+ */
+OCEntityHandlerResult DpairingEntityHandler (OCEntityHandlerFlag flag,
+                                        OCEntityHandlerRequest * ehRequest,
+                                        void* callbackParameter)
+{
+    OIC_LOG(DEBUG, TAG, "Received request DpairingEntityHandler");
+    (void)callbackParameter;
+    OCEntityHandlerResult ehRet = OC_EH_ERROR;
+
+    if (!ehRequest)
+    {
+        return ehRet;
+    }
+
+    if (flag & OC_REQUEST_FLAG)
+    {
+        OIC_LOG (DEBUG, TAG, "Flag includes OC_REQUEST_FLAG");
+        switch (ehRequest->method)
+        {
+            case OC_REST_GET:
+                break;
+
+            case OC_REST_POST:
+                ehRet = HandleDpairingPostRequest(ehRequest);
+                break;
+
+            case OC_REST_PUT:
+                ehRet = HandleDpairingPutRequest(ehRequest);
+                break;
+
+            case OC_REST_DELETE:
+                break;
+
+            default:
+                ehRet = OC_EH_ERROR;
+                SendSRMResponse(ehRequest, ehRet, NULL, 0);
+        }
+    }
+
+    return ehRet;
+}
+
+/*
+ * This internal method is used to create '/oic/sec/dpairing' resource.
+ */
+OCStackResult CreateDpairingResource()
+{
+    OCStackResult ret;
+
+    ret = OCCreateResource(&gDpairHandle,
+                           OIC_RSRC_TYPE_SEC_DPAIRING,
+                           OC_RSRVD_INTERFACE_DEFAULT,
+                           OIC_RSRC_DPAIRING_URI,
+                           DpairingEntityHandler,
+                           NULL,
+                           OC_SECURE | OC_EXPLICIT_DISCOVERABLE);
+
+    if (OC_STACK_OK != ret)
+    {
+        OIC_LOG (ERROR, TAG, "Unable to instantiate Dpairing resource");
+        DeInitDpairingResource();
+    }
+    return ret;
+}
+
+/**
+ * Initialize Dpairing resource by loading data from persistent storage.
+ *
+ * @retval  OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult InitDpairingResource()
+{
+    OCStackResult ret = OC_STACK_ERROR;
+
+    // Instantiate 'oic.sec.dpairing'
+    ret = CreateDpairingResource();
+    if (OC_STACK_OK != ret)
+    {
+        DeInitDpairingResource();
+    }
+    return ret;
+}
+
+/**
+ * Perform cleanup for Dpairing resources.
+ *
+ * @return
+ * OC_STACK_OK    - no error
+ * OC_STACK_ERROR - stack process error
+ *
+ */
+OCStackResult DeInitDpairingResource()
+{
+    OCStackResult ret = OCDeleteResource(gDpairHandle);
+    gDpair = NULL;
+
+    if(OC_STACK_OK == ret)
+    {
+        return OC_STACK_OK;
+    }
+    else
+    {
+        return OC_STACK_ERROR;
+    }
+}
+
+OCStackResult SetDpairingRownerId(const OicUuid_t* newROwner)
+{
+    OCStackResult ret = OC_STACK_ERROR;
+    uint8_t *cborPayload = NULL;
+    size_t size = 0;
+    OicUuid_t prevId = {.id={0}};
+
+    if(NULL == newROwner)
+    {
+        ret = OC_STACK_INVALID_PARAM;
+    }
+    if(NULL == gDpair)
+    {
+        ret = OC_STACK_NO_RESOURCE;
+    }
+
+    if(newROwner && gDpair)
+    {
+        memcpy(prevId.id, gDpair->rownerID.id, sizeof(prevId.id));
+        memcpy(gDpair->rownerID.id, newROwner->id, sizeof(newROwner->id));
+
+        ret = DpairingToCBORPayload(gDpair, &cborPayload, &size);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+        ret = UpdateSecureResourceInPS(OIC_JSON_DPAIRING_NAME, cborPayload, size);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+        OICFree(cborPayload);
+    }
+
+    return ret;
+
+exit:
+    OICFree(cborPayload);
+    memcpy(gDpair->rownerID.id, prevId.id, sizeof(prevId.id));
+    return ret;
+}
+
+OCStackResult GetDpairingRownerId(OicUuid_t *rowneruuid)
+{
+    OCStackResult retVal = OC_STACK_ERROR;
+    if (gDpair)
+    {
+        *rowneruuid = gDpair->rownerID;
+        retVal = OC_STACK_OK;
+    }
+    return retVal;
+}
index b18ae4b..9942472 100644 (file)
@@ -30,7 +30,7 @@
 #include "pbkdf2.h"
 #include "base64.h"
 #include "srmresourcestrings.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credresource.h"
 #include "cainterface.h"
 #include "oic_string.h"
diff --git a/resource/csdk/security/src/pconfresource.c b/resource/csdk/security/src/pconfresource.c
new file mode 100644 (file)
index 0000000..ecd6940
--- /dev/null
@@ -0,0 +1,1304 @@
+/* *****************************************************************
+ *
+ * Copyright 2016 Samsung Electronics All Rights Reserved.
+ *
+ *
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * *****************************************************************/
+
+#include "iotivity_config.h"
+#include <stdlib.h>
+#include <string.h>
+#include "ocstack.h"
+#include "experimental/logger.h"
+#include "oic_malloc.h"
+#include "oic_string.h"
+#include "base64.h"
+#include "ocpayload.h"
+#include "ocpayloadcbor.h"
+#include "experimental/payload_logging.h"
+#include "resourcemanager.h"
+#include "pconfresource.h"
+#include "psinterface.h"
+#include "utlist.h"
+#include "srmresourcestrings.h"
+#include "experimental/doxmresource.h"
+#include "srmutility.h"
+#include "ocserverrequest.h"
+#include "psinterface.h"
+#include "security_internals.h"
+#ifdef HAVE_STRINGS_H
+#include <strings.h>
+#endif
+
+#define TAG  "OIC_SRM_PCONF"
+
+static const uint16_t CBOR_SIZE = 1024;
+static const uint64_t CBOR_MAX_SIZE = 4400;
+static const uint8_t  PCONF_MAP_SIZE = 4;
+static const uint8_t  PCONF_RESOURCE_MAP_SIZE = 4;
+
+static OicSecPconf_t          *gPconf = NULL;
+static OCResourceHandle   gPconfHandle = NULL;
+static OicSecPconf_t         gDefaultPconf =
+{
+    false,                  /* bool edp */
+    NULL,                  /* OicSecPrm *prm */
+    0,                       /* size_t prmLen */
+    {.val = {0}},       /* OicDpPin_t pin */
+    NULL,                  /* OicSecPdAcl_t *pdacls */
+    NULL,                  /* OicUuid_t *pddevs */
+    0,                       /* size_t pddevLen */
+    {.id = {0}},        /* OicUuid_t deviceID */
+    {.id = {0}},        /* OicUuid_t rowner */
+};
+
+/**
+ * This function frees OicSecPdAcl_t object's fields and object itself.
+ */
+void FreePdAclList(OicSecPdAcl_t* pdacls)
+{
+    if (pdacls)
+    {
+        size_t i = 0;
+
+        //Clean pdacl objecs
+        OicSecPdAcl_t *aclTmp1 = NULL;
+        OicSecPdAcl_t *aclTmp2 = NULL;
+        LL_FOREACH_SAFE(pdacls, aclTmp1, aclTmp2)
+        {
+            LL_DELETE(pdacls, aclTmp1);
+
+            // Clean Resources
+            for (i = 0; i < aclTmp1->resourcesLen; i++)
+            {
+                OICFree(aclTmp1->resources[i]);
+            }
+            OICFree(aclTmp1->resources);
+
+            //Clean Period
+            if(aclTmp1->periods)
+            {
+                for(i = 0; i < aclTmp1->prdRecrLen; i++)
+                {
+                    OICFree(aclTmp1->periods[i]);
+                }
+                OICFree(aclTmp1->periods);
+            }
+
+            //Clean Recurrence
+            if(aclTmp1->recurrences)
+            {
+                for(i = 0; i < aclTmp1->prdRecrLen; i++)
+                {
+                    OICFree(aclTmp1->recurrences[i]);
+                }
+                OICFree(aclTmp1->recurrences);
+            }
+        }
+
+        //Clean pconf itself
+        OICFree(pdacls);
+    }
+}
+
+void DeletePconfBinData(OicSecPconf_t* pconf)
+{
+    if (pconf)
+    {
+        //Clean prm
+        OICFree(pconf->prm);
+
+        //Clean pdacl
+        if (pconf->pdacls)
+        {
+            FreePdAclList(pconf->pdacls);
+        }
+
+        //Clean pddev
+        OICFree(pconf->pddevs);
+
+        //Clean pconf itself
+        OICFree(pconf);
+    }
+}
+
+static size_t OicPdAclSize(const OicSecPdAcl_t *pdAcl)
+{
+    if (!pdAcl)
+    {
+        return 0;
+    }
+
+    OicSecPdAcl_t *tmp = (OicSecPdAcl_t *)pdAcl;
+    size_t size = 0;
+    while (tmp)
+    {
+        size++;
+        tmp = tmp->next;
+    }
+    return size;
+}
+
+OCStackResult PconfToCBORPayload(const OicSecPconf_t *pconf,uint8_t **payload,size_t *size)
+{
+    if (NULL == pconf || NULL == payload || NULL != *payload || NULL == size)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+    size_t cborLen = *size;
+    if(0 == cborLen)
+    {
+        cborLen = CBOR_SIZE;
+    }
+    *payload = NULL;
+
+    OCStackResult ret = OC_STACK_ERROR;
+    CborEncoder encoder;
+    CborEncoder pconfMap;
+
+    int64_t cborEncoderResult = CborNoError;
+    uint8_t mapSize = PCONF_MAP_SIZE;
+
+    if (pconf->prmLen > 0)
+    {
+        mapSize++;
+    }
+    if (pconf->pdacls)
+    {
+        mapSize++;
+    }
+    if (pconf->pddevs)
+    {
+        mapSize++;
+    }
+
+    uint8_t *outPayload = (uint8_t *)OICCalloc(1, cborLen);
+    VERIFY_NOT_NULL_RETURN(TAG, outPayload, ERROR, OC_STACK_ERROR);
+
+    cbor_encoder_init(&encoder, outPayload, cborLen, 0);
+    cborEncoderResult = cbor_encoder_create_map(&encoder, &pconfMap, mapSize);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Creating Pconf Map.");
+
+    //edp  -- Mandatory
+    cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_EDP_NAME,
+            strlen(OIC_JSON_EDP_NAME));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Encode EDP String.");
+    cborEncoderResult = cbor_encode_boolean(&pconfMap, pconf->edp);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert PconfEDP value");
+
+    //PRM type -- Not Mandatory
+    if(pconf->prmLen > 0)
+    {
+        CborEncoder prm;
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PRM_NAME,
+                strlen(OIC_JSON_PRM_NAME));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM NAME");
+        cborEncoderResult = cbor_encoder_create_array(&pconfMap, &prm, pconf->prmLen);
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM value");
+
+        for (size_t i = 0; i < pconf->prmLen; i++)
+        {
+            cborEncoderResult = cbor_encode_int(&prm, pconf->prm[i]);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Convert Pconf PRM Array");
+        }
+        cborEncoderResult = cbor_encoder_close_container(&pconfMap, &prm);
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close encode array");
+    }
+
+    //PIN -- Mandatory
+    cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PIN_NAME,
+            strlen(OIC_JSON_PIN_NAME));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PIN_NAME");
+    cborEncoderResult = cbor_encode_byte_string(&pconfMap, pconf->pin.val, sizeof(pconf->pin.val));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to convert pin value");
+
+    //PDACL -- Mandatory
+    if (pconf->pdacls)
+    {
+        OicSecPdAcl_t *pdacl = pconf->pdacls;
+        CborEncoder pdAclArray;
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PDACL_NAME,
+                strlen(OIC_JSON_PDACL_NAME));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create OIC_JSON_PDACL_NAME");
+        cborEncoderResult = cbor_encoder_create_array(&pconfMap, &pdAclArray,
+                OicPdAclSize(pconf->pdacls));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to creeate _pdacl array");
+
+        while(pdacl)
+        {
+            CborEncoder pdAclMap;
+            // PDACL Map size - Number of mandatory items
+            uint8_t aclMapSize = 2;
+
+            if (pdacl->prdRecrLen)
+            {
+                ++aclMapSize;
+            }
+            if (pdacl->recurrences)
+            {
+                ++aclMapSize;
+            }
+
+            cborEncoderResult = cbor_encoder_create_map(&pdAclArray, &pdAclMap, aclMapSize);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,  "Failed to creeate _pdacl array");
+
+            // Resources -- Mandatory
+            cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_RESOURCES_NAME,
+                    strlen(OIC_JSON_RESOURCES_NAME));
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,  "Failed to encode resource result");
+
+            CborEncoder resources;
+            cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &resources,
+                    pdacl->resourcesLen);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,  "Failed to create resource array");
+
+            for (size_t i = 0; i < pdacl->resourcesLen; i++)
+            {
+                CborEncoder rMap;
+                cborEncoderResult = cbor_encoder_create_map(&resources, &rMap,
+                        PCONF_RESOURCE_MAP_SIZE);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding Resource Map.");
+
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_HREF_NAME,
+                        strlen(OIC_JSON_HREF_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Name Tag.");
+                cborEncoderResult = cbor_encode_text_string(&rMap, pdacl->resources[i],
+                        strlen(pdacl->resources[i]));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding HREF Value in Map.");
+
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_REL_NAME,
+                        strlen(OIC_JSON_REL_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Name Tag.");
+
+                // TODO : Need to assign real value of REL
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
+                        strlen(OIC_JSON_EMPTY_STRING));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding REL Value.");
+
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_RT_NAME,
+                        strlen(OIC_JSON_RT_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Name Tag.");
+
+                // TODO : Need to assign real value of RT
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
+                        strlen(OIC_JSON_EMPTY_STRING));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding RT Value.");
+
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_IF_NAME,
+                        strlen(OIC_JSON_IF_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Name Tag.");
+
+                // TODO : Need to assign real value of IF
+                cborEncoderResult = cbor_encode_text_string(&rMap, OIC_JSON_EMPTY_STRING,
+                        strlen(OIC_JSON_EMPTY_STRING));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding IF Value.");
+
+                cborEncoderResult = cbor_encoder_close_container(&resources, &rMap);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Closing Resource Map.");
+            }
+
+            cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &resources);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,  "Failed to close resource array");
+
+            // Permissions -- Mandatory
+            cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_PERMISSION_NAME,
+                    strlen(OIC_JSON_PERMISSION_NAME));
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,  "Failed to create permition string");
+            cborEncoderResult = cbor_encode_int(&pdAclMap, pdacl->permission);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode permition calue");
+
+            // Period -- Not Mandatory
+            if (pdacl->periods)
+            {
+                CborEncoder period;
+                cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_PERIODS_NAME,
+                        strlen(OIC_JSON_PERIODS_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period value");
+                cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &period,
+                        pdacl->prdRecrLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array");
+
+                for (size_t i = 0; i < pdacl->prdRecrLen; i++)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&period, pdacl->periods[i],
+                            strlen(pdacl->periods[i]));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode period");
+                }
+                cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &period);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to close period array");
+            }
+
+            // Period -- Not Mandatory
+            if(0 != pdacl->prdRecrLen && pdacl->recurrences)
+            {
+                CborEncoder recurrences;
+                cborEncoderResult = cbor_encode_text_string(&pdAclMap, OIC_JSON_RECURRENCES_NAME,
+                        strlen(OIC_JSON_RECURRENCES_NAME));
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult,"Failed to encode recurrences");
+                cborEncoderResult = cbor_encoder_create_array(&pdAclMap, &recurrences,
+                        pdacl->prdRecrLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create rec array");
+
+                for (size_t i = 0; i < pdacl->prdRecrLen; i++)
+                {
+                    cborEncoderResult = cbor_encode_text_string(&recurrences,
+                            pdacl->recurrences[i], strlen(pdacl->recurrences[i]));
+                    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode recurrences");
+                }
+                cborEncoderResult = cbor_encoder_close_container(&pdAclMap, &recurrences);
+                VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close rec array");
+            }
+            cborEncoderResult = cbor_encoder_close_container(&pdAclArray, &pdAclMap);
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl map");
+
+            pdacl = pdacl->next;
+        }
+        //clsoe the array
+        cborEncoderResult = cbor_encoder_close_container(&pconfMap, &pdAclArray);
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close acl array");
+    }
+
+    //PDDev -- Mandatory
+    //There may not be paired devices if it did not pairing before
+    if (pconf->pddevs && 0 < pconf->pddevLen)
+    {
+        CborEncoder pddev;
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_PDDEV_LIST_NAME,
+                strlen(OIC_JSON_PDDEV_LIST_NAME));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode pddev");
+        cborEncoderResult = cbor_encoder_create_array(&pconfMap, &pddev,  pconf->pddevLen);
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to create array");
+
+        for (size_t i = 0; i < pconf->pddevLen; i++)
+        {
+            char *pddevId = NULL;
+            ret = ConvertUuidToStr(&pconf->pddevs[i], &pddevId);
+            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+            cborEncoderResult = cbor_encode_text_string(&pddev, pddevId, strlen(pddevId));
+            VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed Addding pddev Id Value.");
+            OICFree(pddevId);
+        }
+        cborEncoderResult = cbor_encoder_close_container(&pconfMap, &pddev);
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pddev array");
+    }
+
+    //DeviceId -- Mandatory
+    //There may not be devicd id if caller is provisoning tool
+    cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_DEVICE_ID_NAME,
+            strlen(OIC_JSON_DEVICE_ID_NAME));
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode device id");
+    {
+        char *deviceId = NULL;
+        ret = ConvertUuidToStr(&pconf->deviceID, &deviceId);
+        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, deviceId, strlen(deviceId));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode deviceID value");
+        OICFree(deviceId);
+    }
+
+    //ROwner -- Mandatory
+    {
+        char *rowner = NULL;
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, OIC_JSON_ROWNERID_NAME,
+                strlen(OIC_JSON_ROWNERID_NAME));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rowner string");
+        ret = ConvertUuidToStr(&pconf->rownerID, &rowner);
+        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+        cborEncoderResult = cbor_encode_text_string(&pconfMap, rowner, strlen(rowner));
+        VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to encode rwoner value");
+        OICFree(rowner);
+    }
+
+    cborEncoderResult = cbor_encoder_close_container(&encoder, &pconfMap);
+    VERIFY_CBOR_SUCCESS(TAG, cborEncoderResult, "Failed to close pconfMap");
+
+    *size = cbor_encoder_get_buffer_size(&encoder, outPayload);
+    *payload = outPayload;
+    ret = OC_STACK_OK;
+exit:
+    if ((CborErrorOutOfMemory == cborEncoderResult) && (cborLen < CBOR_MAX_SIZE))
+    {
+        // reallocate and try again!
+        OICFree(outPayload);
+        // Since the allocated initial memory failed, double the memory.
+        cborLen += cbor_encoder_get_buffer_size(&encoder, encoder.end);
+        cborEncoderResult = CborNoError;
+        ret = PconfToCBORPayload(pconf, payload, &cborLen);
+        *size = cborLen;
+    }
+    if ((CborNoError != cborEncoderResult) || (OC_STACK_OK != ret))
+    {
+        OICFree(outPayload);
+        outPayload = NULL;
+        *payload = NULL;
+        *size = 0;
+        ret = OC_STACK_ERROR;
+    }
+    return ret;
+}
+
+OCStackResult CBORPayloadToPconf(const uint8_t *cborPayload, size_t size, OicSecPconf_t **secPconf)
+{
+    if (NULL == cborPayload || NULL == secPconf || NULL != *secPconf || 0 == size)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+    OCStackResult ret = OC_STACK_ERROR;
+    *secPconf = NULL;
+    CborValue pconfCbor = { .parser = NULL };
+    CborParser parser = { .end = NULL };
+    CborError cborFindResult = CborNoError;
+
+    cbor_parser_init(cborPayload, size, 0, &parser, &pconfCbor);
+    CborValue pconfMap = { .parser = NULL } ;
+    OicSecPconf_t *pconf = NULL;
+    cborFindResult = cbor_value_enter_container(&pconfCbor, &pconfMap);
+    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter map");
+    pconf = (OicSecPconf_t *)OICCalloc(1, sizeof(*pconf));
+    VERIFY_NOT_NULL(TAG, pconf, ERROR);
+    while (cbor_value_is_valid(&pconfMap))
+    {
+        char *name = NULL;
+        size_t len = 0;
+        CborType type = cbor_value_get_type(&pconfMap);
+        if (type == CborTextStringType && cbor_value_is_text_string(&pconfMap))
+        {
+            cborFindResult = cbor_value_dup_text_string(&pconfMap, &name, &len, NULL);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+            cborFindResult = cbor_value_advance(&pconfMap);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value");
+        }
+
+        if (name)
+        {
+            //EDP -- Mandatory
+            if(0 == strcmp(OIC_JSON_EDP_NAME, name) && cbor_value_is_boolean(&pconfMap))
+            {
+                cborFindResult = cbor_value_get_boolean(&pconfMap, &pconf->edp);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+            }
+            if (0 == strcmp(OIC_JSON_PRM_NAME, name))
+            {
+                int i = 0;
+                CborValue prm = { .parser = NULL };
+                cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->prmLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length");
+                VERIFY_SUCCESS(TAG, pconf->prmLen != 0, ERROR);
+
+                pconf->prm = (OicSecPrm_t *)OICCalloc(pconf->prmLen, sizeof(OicSecPrm_t));
+                VERIFY_NOT_NULL(TAG, pconf->prm, ERROR);
+                cborFindResult = cbor_value_enter_container(&pconfMap, &prm);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to eneter array");
+
+                while (cbor_value_is_valid(&prm) && cbor_value_is_integer(&prm))
+                {
+                    int prm_val;
+
+                    cborFindResult = cbor_value_get_int(&prm, &prm_val);
+                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+                    pconf->prm[i++] = (OicSecPrm_t)prm_val;
+                    cborFindResult = cbor_value_advance(&prm);
+                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value");
+                }
+            }
+            //PIN -- Mandatory
+            if (0 == strcmp(OIC_JSON_PIN_NAME, name) && cbor_value_is_byte_string(&pconfMap))
+            {
+                uint8_t *pin = NULL;
+                cborFindResult = cbor_value_dup_byte_string(&pconfMap, &pin, &len, NULL);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+                if (sizeof(pconf->pin.val) < len)
+                {
+                    OIC_LOG (ERROR, TAG, "PIN length is too long");
+                    goto exit;
+                }
+                memcpy(pconf->pin.val, pin, len);
+                OICFree(pin);
+            }
+
+            //PDACL -- Mandatory
+            if (0 == strcmp(OIC_JSON_PDACL_NAME, name))
+            {
+                CborValue pdAclArray = { .parser = NULL};
+                OicSecPdAcl_t *headPdacl = NULL;
+
+                cborFindResult = cbor_value_enter_container(&pconfMap, &pdAclArray);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+
+                while (cbor_value_is_valid(&pdAclArray))
+                {
+                    CborValue pdAclMap = { .parser = NULL };
+                    OicSecPdAcl_t *pdacl = (OicSecPdAcl_t *) OICCalloc(1, sizeof(OicSecPdAcl_t));
+                    VERIFY_NOT_NULL(TAG, pdacl, ERROR);
+
+                    cborFindResult = cbor_value_enter_container(&pdAclArray, &pdAclMap);
+                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+
+                    while (cbor_value_is_valid(&pdAclMap))
+                    {
+                        char* pdAclMapName = NULL;
+                        size_t tempLen = 0;
+                        CborType pdAclMapType = cbor_value_get_type(&pdAclMap);
+                        if ((pdAclMapType == CborTextStringType) && cbor_value_is_text_string(&pdAclMap))
+                        {
+                            cborFindResult = cbor_value_dup_text_string(&pdAclMap, &pdAclMapName,
+                                    &tempLen, NULL);
+                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text");
+                            cborFindResult = cbor_value_advance(&pdAclMap);
+                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance value");
+                        }
+                        if (pdAclMapName)
+                        {
+                            // Resources -- Mandatory
+                            if (strcmp(pdAclMapName, OIC_JSON_RESOURCES_NAME) == 0 && cbor_value_is_array(&pdAclMap))
+                            {
+                                int i = 0;
+                                CborValue resources = { .parser = NULL };
+                                cborFindResult = cbor_value_get_array_length(&pdAclMap,
+                                        &pdacl->resourcesLen);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length");
+                                cborFindResult = cbor_value_enter_container(&pdAclMap, &resources);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+                                pdacl->resources = (char **) OICCalloc(pdacl->resourcesLen,
+                                        sizeof(char*));
+                                VERIFY_NOT_NULL(TAG, pdacl->resources, ERROR);
+
+                                while (cbor_value_is_valid(&resources))
+                                {
+                                    CborValue rMap = { .parser = NULL  };
+                                    cborFindResult = cbor_value_enter_container(&resources, &rMap);
+                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Entering Resource Map");
+
+                                    while(cbor_value_is_valid(&rMap) && cbor_value_is_text_string(&rMap))
+                                    {
+                                        char *rMapName = NULL;
+                                        size_t rMapNameLen = 0;
+                                        cborFindResult = cbor_value_dup_text_string(&rMap, &rMapName, &rMapNameLen, NULL);
+                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Name Tag.");
+                                        cborFindResult = cbor_value_advance(&rMap);
+                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RMap Data Value.");
+
+                                        // "href"
+                                        if (0 == strcmp(OIC_JSON_HREF_NAME, rMapName))
+                                        {
+                                            // TODO : Need to check data structure of OicSecPdAcl_t based on RAML spec.
+                                            cborFindResult = cbor_value_dup_text_string(&rMap, &pdacl->resources[i++], &tempLen, NULL);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding Href Value.");
+                                        }
+
+                                        // "rel"
+                                        if (0 == strcmp(OIC_JSON_REL_NAME, rMapName))
+                                        {
+                                            // TODO : Need to check data structure of OicSecPdAcl_t and assign based on RAML spec.
+                                            char *relData = NULL;
+                                            cborFindResult = cbor_value_dup_text_string(&rMap, &relData, &len, NULL);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding REL Value.");
+                                            OICFree(relData);
+                                        }
+
+                                        // "rt"
+                                        if (0 == strcmp(OIC_JSON_RT_NAME, rMapName))
+                                        {
+                                            // TODO : Need to check data structure of OicSecPdAcl_t and assign based on RAML spec.
+                                            char *rtData = NULL;
+                                            cborFindResult = cbor_value_dup_text_string(&rMap, &rtData, &tempLen, NULL);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding RT Value.");
+                                            OICFree(rtData);
+                                        }
+
+                                        // "if"
+                                        if (0 == strcmp(OIC_JSON_IF_NAME, rMapName))
+                                        {
+                                            // TODO : Need to check data structure of OicSecPdAcl_t and assign based on RAML spec.
+                                            char *ifData = NULL;
+                                            cborFindResult = cbor_value_dup_text_string(&rMap, &ifData, &tempLen, NULL);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding IF Value.");
+                                            OICFree(ifData);
+                                        }
+
+                                        if (cbor_value_is_valid(&rMap))
+                                        {
+                                            cborFindResult = cbor_value_advance(&rMap);
+                                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Rlist Map.");
+                                        }
+                                        OICFree(rMapName);
+                                    }
+
+                                    if (cbor_value_is_valid(&resources))
+                                    {
+                                        cborFindResult = cbor_value_advance(&resources);
+                                        VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                                    }
+                                }
+                            }
+
+                            // Permissions -- Mandatory
+                            if (strcmp(pdAclMapName, OIC_JSON_PERMISSION_NAME) == 0 && cbor_value_is_unsigned_integer(&pdAclMap))
+                            {
+                                uint64_t permission = 0;
+                                cborFindResult = cbor_value_get_uint64(&pdAclMap, &permission);
+                                pdacl->permission = (uint16_t)permission;
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+                            }
+
+                            // Period -- Not mandatory
+                            if (strcmp(pdAclMapName, OIC_JSON_PERIODS_NAME) == 0 && cbor_value_is_array(&pdAclMap))
+                            {
+                                int i = 0;
+                                CborValue period = { .parser = NULL };
+                                cborFindResult = cbor_value_get_array_length(&pdAclMap,
+                                        &pdacl->prdRecrLen);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length");
+                                cborFindResult = cbor_value_enter_container(&pdAclMap, &period);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+                                pdacl->periods = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*));
+                                VERIFY_NOT_NULL(TAG, pdacl->periods, ERROR);
+
+                                while (cbor_value_is_text_string(&period) && cbor_value_is_text_string(&period))
+                                {
+                                    cborFindResult = cbor_value_dup_text_string(&period,
+                                            &pdacl->periods[i++], &tempLen, NULL);
+                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get text");
+                                    cborFindResult = cbor_value_advance(&period);
+                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                                    pdacl->prdRecrLen++;
+                                }
+                            }
+
+                            // Recurrence -- Not mandatory
+                            if (strcmp(pdAclMapName, OIC_JSON_RECURRENCES_NAME) == 0 && cbor_value_is_array(&pdAclMap))
+                            {
+                                int i = 0;
+                                CborValue recurrences = { .parser = NULL };
+                                cborFindResult = cbor_value_get_array_length(&pdAclMap, &pdacl->prdRecrLen);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length");
+                                cborFindResult = cbor_value_enter_container(&pdAclMap, &recurrences);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+                                pdacl->recurrences = (char **) OICCalloc(pdacl->prdRecrLen, sizeof(char*));
+                                VERIFY_NOT_NULL(TAG, pdacl->recurrences, ERROR);
+
+                                while (cbor_value_is_text_string(&recurrences) && cbor_value_is_text_string(&recurrences))
+                                {
+                                    cborFindResult = cbor_value_dup_text_string(&recurrences,
+                                            &pdacl->recurrences[i++], &tempLen, NULL);
+                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+                                    cborFindResult = cbor_value_advance(&recurrences);
+                                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                                }
+                            }
+                            if (pdAclMapType != CborMapType && cbor_value_is_valid(&pdAclMap))
+                            {
+                                cborFindResult = cbor_value_advance(&pdAclMap);
+                                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                            }
+                        }
+                        if (cbor_value_is_valid(&pdAclArray))
+                        {
+                            cborFindResult = cbor_value_advance(&pdAclArray);
+                            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                        }
+                        OICFree(pdAclMapName);
+                        pdAclMapName = NULL;
+                    }
+                    pdacl->next = NULL;
+                    if (headPdacl == NULL)
+                    {
+                        headPdacl = pdacl;
+                    }
+                    else
+                    {
+                        OicSecPdAcl_t *temp = headPdacl;
+                        while (temp->next)
+                        {
+                            temp = temp->next;
+                        }
+                        temp->next = pdacl;
+                    }
+                }
+                pconf->pdacls = headPdacl;
+            }
+
+            //PDDev -- Mandatory
+            if (strcmp(name, OIC_JSON_PDDEV_LIST_NAME) == 0 && cbor_value_is_array(&pconfMap))
+            {
+                int i = 0;
+                CborValue pddevs = { .parser = NULL };
+                cborFindResult = cbor_value_get_array_length(&pconfMap, &pconf->pddevLen);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get length");
+                cborFindResult = cbor_value_enter_container(&pconfMap, &pddevs);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to enter");
+
+                pconf->pddevs = (OicUuid_t *)OICMalloc(pconf->pddevLen * sizeof(OicUuid_t));
+                VERIFY_NOT_NULL(TAG, pconf->pddevs, ERROR);
+                while (cbor_value_is_valid(&pddevs) && cbor_value_is_text_string(&pddevs))
+                {
+                    char *pddev = NULL;
+                    cborFindResult = cbor_value_dup_text_string(&pddevs, &pddev, &len, NULL);
+                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get value");
+                    cborFindResult = cbor_value_advance(&pddevs);
+                    VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+                    ret = ConvertStrToUuid(pddev, &pconf->pddevs[i++]);
+                    VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+                    OICFree(pddev);
+                }
+            }
+
+            //Mandatory - Device Id
+            if (0 == strcmp(OIC_JSON_DEVICE_ID_NAME, name) && cbor_value_is_text_string(&pconfMap))
+            {
+                char *deviceId = NULL;
+                cborFindResult = cbor_value_dup_text_string(&pconfMap, &deviceId, &len, NULL);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get deviceID");
+                ret = ConvertStrToUuid(deviceId, &pconf->deviceID);
+                VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+                OICFree(deviceId);
+            }
+
+            // ROwner -- Mandatory
+            if (0 == strcmp(OIC_JSON_ROWNERID_NAME, name) && cbor_value_is_text_string(&pconfMap))
+            {
+                char *rowner = NULL;
+                cborFindResult = cbor_value_dup_text_string(&pconfMap, &rowner, &len, NULL);
+                VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to get rowner");
+                ret = ConvertStrToUuid(rowner, &pconf->rownerID);
+                VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
+                OICFree(rowner);
+            }
+        }
+        if (CborMapType != type && cbor_value_is_valid(&pconfMap))
+        {
+            cborFindResult = cbor_value_advance(&pconfMap);
+            VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed to advance");
+        }
+        OICFree(name);
+        name = NULL;
+    }
+    *secPconf=pconf;
+    ret = OC_STACK_OK;
+exit:
+    if (CborNoError != cborFindResult)
+    {
+        OIC_LOG (ERROR, TAG, "CBORPayloadToPconf failed");
+        DeletePconfBinData(pconf);
+        pconf = NULL;
+        *secPconf = NULL;
+        ret = OC_STACK_ERROR;
+    }
+    return ret;
+}
+
+static bool UpdatePersistentStorage(const OicSecPconf_t * pconf)
+{
+    bool ret = false;
+
+    // Convert PCONF data into Cborpayload for update to persistent storage
+    uint8_t *payload = NULL;
+    size_t size = 0;
+    if (OC_STACK_OK == PconfToCBORPayload(pconf, &payload, &size) && NULL !=payload)
+    {
+        if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_JSON_PCONF_NAME, payload, size))
+        {
+            ret = true;
+        }
+        OICFree(payload);
+    }
+    return ret;
+}
+
+static OCEntityHandlerResult HandlePconfGetRequest (const OCEntityHandlerRequest * ehRequest)
+{
+    uint8_t* payload = NULL;
+    size_t size = 0;
+    const OicSecDoxm_t *m_doxm = NULL;
+    OCEntityHandlerResult ehRet = OC_EH_OK;
+
+    OicSecPconf_t pconf;
+    memset(&pconf, 0, sizeof(OicSecPconf_t));
+
+    OIC_LOG (DEBUG, TAG, "Pconf EntityHandle processing GET request");
+
+    m_doxm = GetDoxmResourceData();
+    if (NULL == m_doxm)
+    {
+      OIC_LOG (DEBUG, TAG, "Doxm resource Data is NULL");
+    }
+
+    if ((m_doxm) && (true == m_doxm->dpc))
+    {
+        //Making response elements for Get request
+        if( (true == gPconf->edp) &&
+            (gPconf->prm && 0 < gPconf->prmLen) &&
+            (0 < strlen((const char*)gPconf->deviceID.id)) &&
+            (0 < strlen((const char*)gPconf->rownerID.id)))
+        {
+            pconf.edp = true;
+            pconf.prm = gPconf->prm;
+            pconf.prmLen = gPconf->prmLen;
+            memcpy(&pconf.deviceID, &gPconf->deviceID, sizeof(OicUuid_t));
+            memcpy(&pconf.rownerID, &gPconf->rownerID, sizeof(OicUuid_t));
+            OIC_LOG (DEBUG, TAG, "PCONF - direct pairing enabled");
+        }
+        else if (false == gPconf->edp)
+        {
+            pconf.edp = false;
+            memcpy(&pconf.rownerID, &gPconf->rownerID, sizeof(OicUuid_t));
+            OIC_LOG (DEBUG, TAG, "PCONF - direct pairing disable");
+        }
+        else
+        {
+            ehRet= OC_EH_ERROR;
+            OIC_LOG (DEBUG, TAG, "PCONF - error");
+        }
+    }
+    else
+    {
+        OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled");
+    }
+
+
+    if (OC_STACK_OK != PconfToCBORPayload(gPconf, &payload, &size))
+    {
+        ehRet = OC_EH_ERROR;
+    }
+
+    if(OC_EH_OK == ehRet)
+    {
+        ehRet = (payload ? OC_EH_OK : OC_EH_ERROR);
+    }
+    else
+    {
+        OICFree(payload);
+        payload = NULL;
+        size = 0;
+    }
+
+    // Send response payload to request originator
+    if (OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, payload, size))
+    {
+        ehRet = OC_EH_ERROR;
+        OIC_LOG(ERROR, TAG, "SendSRMResponse failed in HandlePconfGetRequest");
+    }
+    OIC_LOG_V(DEBUG, TAG, "%s RetVal %d", __func__, ehRet);
+
+    OICFree(payload);
+    return ehRet;
+}
+
+static OCEntityHandlerResult HandlePconfPostRequest (const OCEntityHandlerRequest * ehRequest)
+{
+    OCEntityHandlerResult ehRet = OC_EH_OK;
+    OCStackResult res=OC_STACK_OK;
+    OicSecPconf_t* newPconf = NULL;
+
+    if (NULL != GetDoxmResourceData() && true == GetDoxmResourceData()->dpc)
+    {
+        // Convert CBOR PCONF data into binary. This will also validate the PCONF data received.
+        uint8_t *payload = ((OCSecurityPayload *) ehRequest->payload)->securityData;
+        size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize;
+
+        if(payload){
+            res = CBORPayloadToPconf(payload, size, &newPconf);
+        }
+    }
+    else
+    {
+        OIC_LOG (DEBUG, TAG, "DPC == false : Direct-Pairing Disabled");
+        ehRet = OC_EH_ERROR;
+    }
+
+    if (newPconf && res == OC_STACK_OK)
+    {
+        // Check if valid Post request
+        if ((true == newPconf->edp) && (0 < newPconf->prmLen) &&
+                DP_PIN_LENGTH == sizeof(newPconf->pin.val))
+        {
+            OicSecPrm_t *oldPrm = gPconf->prm;
+            OicSecPdAcl_t *oldPdacl = gPconf->pdacls;
+
+            // Update local PCONF with new PCONF
+            gPconf->edp = true;
+            memcpy(&gPconf->pin, &newPconf->pin, sizeof(OicDpPin_t));
+            gPconf->prm = newPconf->prm;
+            gPconf->prmLen = newPconf->prmLen;
+            gPconf->pdacls = newPconf->pdacls;
+            memcpy(&gPconf->rownerID, &newPconf->rownerID, sizeof(OicUuid_t));
+
+            // to delete old value(prm, pdacl)
+            newPconf->prm = oldPrm;
+            newPconf->pdacls = oldPdacl;
+        }
+        else if (false == newPconf->edp)
+        {
+            gPconf->edp = false;
+        }
+        else
+        {
+            ehRet = OC_EH_ERROR;
+        }
+
+        // Update storage
+        if(OC_EH_ERROR != ehRet && true == UpdatePersistentStorage(gPconf))
+        {
+            ehRet = OC_EH_CHANGED;
+        }
+
+        DeletePconfBinData(newPconf);
+    }
+    else
+    {
+        ehRet = OC_EH_ERROR;
+    }
+
+    // Send payload to request originator
+    if (OC_STACK_OK != SendSRMResponse(ehRequest, ehRet, NULL, 0))
+    {
+        ehRet = OC_EH_ERROR;
+        OIC_LOG(ERROR, TAG, "SendSRMResponse failed in HandlePconfPostRequest");
+    }
+
+    OIC_LOG_V (DEBUG, TAG, "%s RetVal %d", __func__ , ehRet);
+    return ehRet;
+}
+
+/*
+ * This internal method is the entity handler for PCONF resources and
+ * will handle REST request (POST) for them.
+ */
+OCEntityHandlerResult PconfEntityHandler (OCEntityHandlerFlag flag,
+                                        OCEntityHandlerRequest * ehRequest,
+                                        void* callbackParameter)
+{
+    OIC_LOG(DEBUG, TAG, "Received request PconfEntityHandler");
+    (void)callbackParameter;
+    OCEntityHandlerResult ehRet = OC_EH_ERROR;
+
+    if (!ehRequest)
+    {
+        return ehRet;
+    }
+
+    if (flag & OC_REQUEST_FLAG)
+    {
+        OIC_LOG (DEBUG, TAG, "Flag includes OC_REQUEST_FLAG");
+        switch (ehRequest->method)
+        {
+            case OC_REST_GET:
+                ehRet = HandlePconfGetRequest(ehRequest);
+                break;
+
+            case OC_REST_POST:
+                ehRet = HandlePconfPostRequest(ehRequest);
+                break;
+
+            case OC_REST_DELETE:
+                break;
+
+            default:
+                ehRet = OC_EH_ERROR;
+                SendSRMResponse(ehRequest, ehRet, NULL, 0);
+        }
+    }
+
+    return ehRet;
+}
+
+/*
+ * This internal method is used to create '/oic/sec/pconf' resource.
+ */
+OCStackResult CreatePconfResource()
+{
+    OCStackResult ret;
+
+    ret = OCCreateResource(&gPconfHandle,
+                           OIC_RSRC_TYPE_SEC_PCONF,
+                           OC_RSRVD_INTERFACE_DEFAULT,
+                           OIC_RSRC_PCONF_URI,
+                           PconfEntityHandler,
+                           NULL,
+                           OC_SECURE | OC_EXPLICIT_DISCOVERABLE);
+
+    if (OC_STACK_OK != ret)
+    {
+        OIC_LOG (ERROR, TAG, "Unable to instantiate PCONF resource");
+        DeInitPconfResource();
+    }
+    return ret;
+}
+
+/**
+ * Get the default value.
+ * @retval  the gDefaultPconf pointer;
+ */
+static OicSecPconf_t* GetPconfDefault()
+{
+    OIC_LOG (DEBUG, TAG, "GetPconfDefault");
+
+    return &gDefaultPconf;
+}
+
+/**
+ * This method is used by SRM to retrieve PCONF resource data..
+ *
+ * @retval  reference to @ref OicSecPconf_t, binary format of Pconf resource data
+ */
+const OicSecPconf_t* GetPconfResourceData()
+{
+    return gPconf;
+}
+
+/**
+ * Initialize PCONF resource by loading data from persistent storage.
+ *
+ * @retval  OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult InitPconfResource()
+{
+    OCStackResult ret = OC_STACK_ERROR;
+
+    uint8_t *data = NULL;
+    size_t size = 0;
+
+    ret = GetSecureVirtualDatabaseFromPS(OIC_JSON_PCONF_NAME, &data, &size);
+    // If database read failed
+    if (ret != OC_STACK_OK)
+    {
+        OIC_LOG(DEBUG, TAG, "ReadSVDataFromPS failed");
+    }
+    if (data)
+    {
+        CBORPayloadToPconf(data, size, &gPconf);
+    }
+
+    if (!data || !gPconf)
+    {
+        gPconf = GetPconfDefault();
+
+        // Device id from doxm
+        OicUuid_t deviceId = {.id = {0}};
+        ret = GetDoxmDeviceID(&deviceId);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+        memcpy(&gPconf->deviceID, &deviceId, sizeof(OicUuid_t));
+    }
+    VERIFY_NOT_NULL(TAG, gPconf, ERROR);
+
+    // Instantiate 'oic.sec.pconf'
+    ret = CreatePconfResource();
+
+exit:
+    if (OC_STACK_OK != ret)
+    {
+        DeInitPconfResource();
+    }
+    OICFree(data);
+    return ret;
+}
+
+/**
+ * Perform cleanup for PCONF resources.
+ *
+ * @return
+ * OC_STACK_OK    - no error
+ * OC_STACK_ERROR - stack process error
+ *
+ */
+OCStackResult DeInitPconfResource()
+{
+    OCStackResult ret = OCDeleteResource(gPconfHandle);
+    if(gPconf!= &gDefaultPconf)
+    {
+        DeletePconfBinData(gPconf);
+    }
+    gPconf = NULL;
+
+    if(OC_STACK_OK == ret)
+    {
+        return OC_STACK_OK;
+    }
+    else
+    {
+        return OC_STACK_ERROR;
+    }
+}
+
+/**
+ * This method might be used to add a paired device id after direct-pairing process complete.
+ *
+ * @param pdeviceId ID of the paired device.
+ *
+ * @retval  OC_STACK_OK for Success, otherwise some error value
+ */
+OCStackResult AddPairedDevice(OicUuid_t *pdeviceId)
+{
+    if (!gPconf || !pdeviceId)
+    {
+        return OC_STACK_INVALID_PARAM;
+    }
+
+
+    OicUuid_t *prevList = gPconf->pddevs;
+    gPconf->pddevs = (OicUuid_t *)OICCalloc(gPconf->pddevLen+1, sizeof(OicUuid_t));
+    if(!gPconf->pddevs)
+    {
+        return OC_STACK_NO_MEMORY;
+    }
+    for (size_t i=0; i<gPconf->pddevLen; i++)
+    {
+        memcpy(&gPconf->pddevs[i], &prevList[i], sizeof(OicUuid_t));
+    }
+
+    // add new paired device id
+    memcpy(&gPconf->pddevs[gPconf->pddevLen], pdeviceId, sizeof(OicUuid_t));
+    gPconf->pddevLen++;
+
+    // Update storage
+    if(true != UpdatePersistentStorage(gPconf))
+    {
+        OIC_LOG (ERROR, TAG, "Fail to update pconf resource");
+        return OC_STACK_ERROR;
+    }
+
+    OIC_LOG (ERROR, TAG, "Add paired device success");
+    return OC_STACK_OK;
+}
+
+/**
+ * This method might be used by PolicyEngine to retrieve PDACL for a Subject.
+ *
+ * @param subjectId ID of the subject for which PDACL is required.
+ * @param savePtr is used internally by @ref GetACLResourceData to maintain index between
+ *                successive calls for same subjectId.
+ *
+ * @retval  reference to @ref OicSecPdAcl_t if PDACL is found, else NULL
+ */
+const OicSecPdAcl_t* GetPdAclData(const OicUuid_t* subjectId, OicSecPdAcl_t **savePtr)
+{
+    OicSecPdAcl_t *pdacl = NULL;
+
+    if ( NULL == subjectId)
+    {
+        return NULL;
+    }
+
+    /*
+     * savePtr MUST point to NULL if this is the 'first' call to retrieve PDACL for
+     * subjectID.
+     */
+    if (NULL == *savePtr)
+    {
+        pdacl = gPconf->pdacls;
+
+        // Find if 'subjectID' is in paired device list.
+        for(size_t i=0; i<gPconf->pddevLen; i++)
+        {
+            if (memcmp(&(gPconf->pddevs[i]), subjectId, sizeof(OicUuid_t)) == 0)
+            {
+                *savePtr = pdacl;
+                return pdacl;
+            }
+        }
+    }
+    else
+    {
+        OicSecPdAcl_t *temp = NULL;
+
+        /*
+         * If this is a 'successive' call, search for location pointed by
+         * savePtr and assign 'begin' to the next PDACL after it in the linked
+         * list and start searching from there.
+         */
+        LL_FOREACH(gPconf->pdacls, temp)
+        {
+            if (temp == *savePtr)
+            {
+                pdacl = temp->next;
+                *savePtr = pdacl;
+                return pdacl;
+            }
+        }
+    }
+
+    // Cleanup in case no PDACL is found
+    *savePtr = NULL;
+    return NULL;
+}
+
+/**
+ * This method return whether device is paired or not.
+ *
+ * @param pdeviceId Target device ID to find in paired list.
+ * @retval  ture if device is already paired, else false
+ */
+bool IsPairedDevice(const OicUuid_t* pdeviceId)
+{
+    // Find if 'pdeviceId' is in paired device list.
+    for(size_t i=0; i<gPconf->pddevLen; i++)
+    {
+        if (memcmp(&(gPconf->pddevs[i]), pdeviceId, sizeof(OicUuid_t)) == 0)
+        {
+            return true;
+        }
+    }
+    return false;
+}
+
+OCStackResult SetPconfRownerId(const OicUuid_t* newROwner)
+{
+    OCStackResult ret = OC_STACK_ERROR;
+    uint8_t *cborPayload = NULL;
+    size_t size = 0;
+    OicUuid_t prevId = {.id={0}};
+
+    if(NULL == newROwner)
+    {
+        ret = OC_STACK_INVALID_PARAM;
+    }
+    if(NULL == gPconf)
+    {
+        ret = OC_STACK_NO_RESOURCE;
+    }
+
+    if(newROwner && gPconf)
+    {
+        memcpy(prevId.id, gPconf->rownerID.id, sizeof(prevId.id));
+        memcpy(gPconf->rownerID.id, newROwner->id, sizeof(newROwner->id));
+
+        ret = PconfToCBORPayload(gPconf, &cborPayload, &size);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+        ret = UpdateSecureResourceInPS(OIC_JSON_PCONF_NAME, cborPayload, size);
+        VERIFY_SUCCESS(TAG, OC_STACK_OK == ret, ERROR);
+
+        OICFree(cborPayload);
+    }
+
+    return ret;
+
+exit:
+    OICFree(cborPayload);
+    memcpy(gPconf->rownerID.id, prevId.id, sizeof(prevId.id));
+    return ret;
+}
+
+OCStackResult GetPconfRownerId(OicUuid_t *rowneruuid)
+{
+    OCStackResult retVal = OC_STACK_ERROR;
+    if (gPconf)
+    {
+        *rowneruuid = gPconf->rownerID;
+        retVal = OC_STACK_OK;
+    }
+    return retVal;
+}
index 4f47bcf..6ecd42a 100644 (file)
@@ -29,7 +29,7 @@
 #include "experimental/logger.h"
 #include "aclresource.h"
 #include "srmutility.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "iotvticalendar.h"
 #include "pstatresource.h"
 #include "amaclresource.h"
index caa5c39..e9aa85f 100644 (file)
@@ -38,7 +38,7 @@
 #include "srmresourcestrings.h"
 #include "srmutility.h"
 #include "pstatresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "ocresourcehandler.h"
 
 #define TAG  "OIC_SRM_PSI"
index cf24f9a..b80cba8 100644 (file)
@@ -31,7 +31,7 @@
 #include "experimental/payload_logging.h"
 #include "resourcemanager.h"
 #include "pstatresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "psinterface.h"
 #include "srmresourcestrings.h"
 #include "srmutility.h"
index 756be28..b39d5ab 100644 (file)
@@ -22,7 +22,7 @@
 #include "resourcemanager.h"
 #include "aclresource.h"
 #include "pstatresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "credresource.h"
 #include "amaclresource.h"
 #include "oic_malloc.h"
index 5a0fe8d..b0994c1 100644 (file)
@@ -40,7 +40,7 @@
 #include "ocpayload.h"
 #include "ocpayloadcbor.h"
 #include "credresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "srmutility.h"
 #include "certhelpers.h"
 #include "resourcemanager.h"
index 2e2fdab..2bd8397 100644 (file)
@@ -26,7 +26,7 @@
 #include "oic_malloc.h"
 #include "base64.h"
 #include "experimental/ocrandom.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 
 #define TAG  "OIC_SRM_UTILITY"
 
index 87db4c7..28a1672 100644 (file)
@@ -36,7 +36,7 @@
 #include "srmutility.h"
 #include "aclresource.h"
 #include "pstatresource.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "amaclresource.h"
 #include "credresource.h"
 #include "security_internals.h"
index 93a69dc..24f3ec7 100644 (file)
@@ -23,8 +23,7 @@
 #include "oic_malloc.h"
 
 #include "psinterface.h"
-
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "svrdbeditordoxm.h"
 
 #ifdef MULTIPLE_OWNER
index fc5600c..b8c07e6 100644 (file)
@@ -34,7 +34,7 @@
 #include "srmtestcommon.h"
 #include "srmutility.h"
 #include "experimental/logger.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "ocpayload.h"
 #include "ocpayloadcbor.h"
 #include "experimental/payload_logging.h"
index 1a8ab28..5d5ce33 100644 (file)
@@ -25,7 +25,7 @@
 #include "oic_malloc.h"
 #include "resourcemanager.h"
 #include "srmresourcestrings.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "security_internals.h"
 #include "experimental/ocrandom.h"
 
index 2c9eafa..a9936dd 100644 (file)
@@ -32,7 +32,7 @@ extern "C" {
 #endif
 
 #include "policyengine.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 
 // test parameters
 // PEContext_t g_peContext;
index f3b9a89..9da2eb8 100644 (file)
@@ -58,7 +58,7 @@
 #include "ocserverrequest.h"
 #include "secureresourcemanager.h"
 #include "psinterface.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "cacommon.h"
 #include "cainterface.h"
 #include "ocpayload.h"
index 7913a3d..6560183 100644 (file)
@@ -25,7 +25,7 @@
 #include "ocpayload.h"
 //#include "psinterface.h"
 #include "experimental/securevirtualresourcetypes.h"
-#include "doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "oic_malloc.h"
 #include "oic_string.h"
 #include "srmutility.h"
index d52b707..b3ae416 100644 (file)
@@ -32,7 +32,7 @@
 #include "coap/utlist.h"
 #include "srmutility.h"
 #include "aclresource.h"
-#include "internal/doxmresource.h"
+#include "experimental/doxmresource.h"
 #include "experimental/ocrandom.h"
 
 namespace OIC