credresource.c 132 KB
Newer Older
Sachin Agrawal's avatar
Sachin Agrawal committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
//******************************************************************
//
// Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

21
#define __STDC_LIMIT_MACROS
Sahil Bansal's avatar
Sahil Bansal committed
22

23
#include "iotivity_config.h"
Sahil Bansal's avatar
Sahil Bansal committed
24
#include <stdlib.h>
25
#ifdef HAVE_STRING_H
Sahil Bansal's avatar
Sahil Bansal committed
26
#include <string.h>
27 28
#endif
#ifdef HAVE_STRINGS_H
Sahil Bansal's avatar
Sahil Bansal committed
29 30 31
#include <strings.h>
#endif
#include <stdint.h>
Andrii Shtompel's avatar
Andrii Shtompel committed
32
#include <stdbool.h>
George Nash's avatar
George Nash committed
33
#include <inttypes.h>
Sahil Bansal's avatar
Sahil Bansal committed
34 35

#include "cainterface.h"
36
#include "experimental/payload_logging.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
37
#include "ocstack.h"
38
#include "experimental/ocrandom.h"
Sahil Bansal's avatar
Sahil Bansal committed
39 40
#include "base64.h"
#include "ocserverrequest.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
41
#include "oic_malloc.h"
42
#include "oic_string.h"
Sahil Bansal's avatar
Sahil Bansal committed
43
#include "ocpayload.h"
44
#include "ocpayloadcbor.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
45 46 47
#include "utlist.h"
#include "credresource.h"
#include "doxmresource.h"
Sahil Bansal's avatar
Sahil Bansal committed
48
#include "pstatresource.h"
leechul's avatar
leechul committed
49
#include "iotvticalendar.h"
Sahil Bansal's avatar
Sahil Bansal committed
50 51 52 53 54 55
#include "pbkdf2.h"
#include "resourcemanager.h"
#include "srmresourcestrings.h"
#include "srmutility.h"
#include "psinterface.h"
#include "pinoxmcommon.h"
Kevin Kane's avatar
Kevin Kane committed
56 57
#include "certhelpers.h"
#include "cacommon.h"
58
#include "secureresourcemanager.h"
59
#include "deviceonboardingstate.h"
60

Andrii Shtompel's avatar
Andrii Shtompel committed
61 62 63 64 65 66 67
#ifdef __unix__
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#endif

68 69
#if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
#include <mbedtls/ssl_ciphersuites.h>
70 71 72
#include <mbedtls/pk.h>
#include <mbedtls/base64.h>
#include <mbedtls/pem.h>
73 74 75
#include "parsechain.h"
static const char PEM_BEGIN_CRT[] = "-----BEGIN CERTIFICATE-----";
static const char PEM_END_CRT[] = "-----END CERTIFICATE-----";
Sahil Bansal's avatar
Sahil Bansal committed
76
#endif
leechul's avatar
leechul committed
77

78
#define TAG  "OIC_SRM_CREDL"
Sahil Bansal's avatar
Sahil Bansal committed
79

80 81
#ifdef HAVE_WINDOWS_H
#include <wincrypt.h>
82
#include <intsafe.h>
83 84
#endif

Andrii Shtompel's avatar
Andrii Shtompel committed
85 86
/** Max credential types number used for TLS */
#define MAX_TYPE 2
Sahil Bansal's avatar
Sahil Bansal committed
87 88
/** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory.
 * The value of payload size is increased until reaching belox max cbor size. */
leechul's avatar
leechul committed
89
static const uint16_t CBOR_SIZE = 2048;
90

leechul's avatar
leechul committed
91
/** CRED size - Number of mandatory items. */
Randeep's avatar
Randeep committed
92
static const uint8_t CRED_ROOT_MAP_SIZE = 4;
leechul's avatar
leechul committed
93
static const uint8_t CRED_MAP_SIZE = 3;
94
static const uint8_t ROLEID_MAP_SIZE = 1;
leechul's avatar
leechul committed
95

Shilpa Sodani's avatar
Shilpa Sodani committed
96

Sachin Agrawal's avatar
Sachin Agrawal committed
97 98
static OicSecCred_t        *gCred = NULL;
static OCResourceHandle    gCredHandle = NULL;
99
static OicUuid_t           gRownerId = { .id = { 0 } };
Sachin Agrawal's avatar
Sachin Agrawal committed
100

101 102 103 104 105 106
typedef enum CredCompareResult{
    CRED_CMP_EQUAL = 0,
    CRED_CMP_NOT_EQUAL = 1,
    CRED_CMP_ERROR = 2
}CredCompareResult_t;

107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129
typedef struct CredIdList CredIdList_t;

struct CredIdList
{
    uint16_t credId;
    CredIdList_t *next;
};

static void DeleteCredIdList(CredIdList_t** list)
{
    if (list)
    {
        CredIdList_t *head = *list;

        while (head)
        {
            CredIdList_t *tmp = head->next;
            OICFree(head);
            head = tmp;
        }
    }
}

130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146
/**
 * Internal function to check a subject of SIGNED_ASYMMETRIC_KEY(Certificate).
 * If that subject is NULL or wildcard, set it to own deviceID.
 * @param cred credential on SVR DB file
 * @param deviceID own deviceuuid of doxm resource
 *
 * @return
 *     true successfully done
 *     false Invalid cred
 */

static bool CheckSubjectOfCertificate(OicSecCred_t* cred, OicUuid_t deviceID)
{
    OIC_LOG(DEBUG, TAG, "IN CheckSubjectOfCertificate");
    VERIFY_NOT_NULL(TAG, cred, ERROR);

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
147 148
    const OicUuid_t emptyUuid = { .id = { 0 } };

149 150 151 152 153 154 155 156
    if ( SIGNED_ASYMMETRIC_KEY == cred->credType)
    {
        if((0 == memcmp(cred->subject.id, emptyUuid.id, sizeof(cred->subject.id))) ||
            (0 == memcmp(cred->subject.id, &WILDCARD_SUBJECT_ID, sizeof(cred->subject.id))))
        {
            memcpy(cred->subject.id, deviceID.id, sizeof(deviceID.id));
        }
    }
157 158
#else
    OC_UNUSED(deviceID);
159 160 161 162 163 164 165 166 167
#endif

    OIC_LOG(DEBUG, TAG, "OUT CheckSubjectOfCertificate");
    return true;
exit:
    OIC_LOG(ERROR, TAG, "OUT CheckSubjectOfCertificate");
    return false;
}

168 169 170
/**
 * Internal function to check credential
 */
171
static bool IsValidCredential(const OicSecCred_t* cred)
172 173 174 175
{
    OicUuid_t emptyUuid = {.id={0}};


176
    OIC_LOG(DEBUG, TAG, "IN IsValidCredential");
177

178
    VERIFY_NOT_NULL(TAG, cred, ERROR);
179 180 181 182 183 184 185 186 187 188 189 190
    VERIFY_SUCCESS(TAG, 0 != cred->credId, ERROR);
    OIC_LOG_V(DEBUG, TAG, "Cred ID = %d", cred->credId);

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
    OIC_LOG_V(DEBUG, TAG, "Cred Type = %d", cred->credType);

    switch(cred->credType)
    {
        case SYMMETRIC_PAIR_WISE_KEY:
        case SYMMETRIC_GROUP_KEY:
        case PIN_PASSWORD:
        {
191
            VERIFY_NOT_NULL(TAG, cred->privateData.data, ERROR);
192 193 194 195 196 197 198 199 200
            VERIFY_SUCCESS(TAG, 0 != cred->privateData.len, ERROR);
            VERIFY_SUCCESS(TAG, \
                           (OIC_ENCODING_RAW == cred->privateData.encoding || \
                           OIC_ENCODING_BASE64 == cred->privateData.encoding), \
                           ERROR);
            break;
        }
        case ASYMMETRIC_KEY:
        {
201
            VERIFY_NOT_NULL(TAG, cred->publicData.data, ERROR);
202
            VERIFY_SUCCESS(TAG, 0 != cred->publicData.len, ERROR);
203 204 205 206
            VERIFY_SUCCESS(TAG, \
                           (OIC_ENCODING_UNKNOW < cred->publicData.encoding && \
                            OIC_ENCODING_DER >= cred->publicData.encoding),
                           ERROR);
207 208 209 210 211 212 213 214 215 216
            break;
        }
        case SIGNED_ASYMMETRIC_KEY:
        {
            VERIFY_SUCCESS(TAG, (NULL != cred->publicData.data ||NULL != cred->optionalData.data) , ERROR);
            VERIFY_SUCCESS(TAG, (0 != cred->publicData.len || 0 != cred->optionalData.len), ERROR);

            if(NULL != cred->optionalData.data)
            {
                VERIFY_SUCCESS(TAG, \
217 218
                               (OIC_ENCODING_UNKNOW < cred->optionalData.encoding && \
                                OIC_ENCODING_DER >= cred->optionalData.encoding),
219 220 221 222 223 224
                               ERROR);
            }
            break;
        }
        case ASYMMETRIC_ENCRYPTION_KEY:
        {
225
            VERIFY_NOT_NULL(TAG, cred->privateData.data, ERROR);
226 227
            VERIFY_SUCCESS(TAG, 0 != cred->privateData.len, ERROR);
            VERIFY_SUCCESS(TAG, \
228 229
                           (OIC_ENCODING_UNKNOW < cred->privateData.encoding && \
                            OIC_ENCODING_DER >= cred->privateData.encoding),
230 231 232 233 234 235 236 237 238 239 240 241 242
                           ERROR);
            break;
        }
        default:
        {
            OIC_LOG(WARNING, TAG, "Unknown credential type");
            return false;
        }
    }
#endif

    VERIFY_SUCCESS(TAG, 0 != memcmp(emptyUuid.id, cred->subject.id, sizeof(cred->subject.id)), ERROR);

243
    OIC_LOG(DEBUG, TAG, "OUT IsValidCredential");
244 245
    return true;
exit:
246
    OIC_LOG(WARNING, TAG, "OUT IsValidCredential : Invalid Credential detected.");
247 248 249
    return false;
}

250
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
251 252 253 254 255
static bool IsEmptyCred(const OicSecCred_t* cred)
{
    OicUuid_t emptyUuid = {.id={0}};

    VERIFY_SUCCESS(TAG, (0 == memcmp(cred->subject.id, emptyUuid.id, sizeof(emptyUuid))), ERROR);
256
    VERIFY_SUCCESS(TAG, !IsNonEmptyRole(&cred->roleId), ERROR);
257 258 259 260 261 262 263 264 265 266
    VERIFY_SUCCESS(TAG, (0 == cred->credId), ERROR);
    VERIFY_SUCCESS(TAG, (0 == cred->credType), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->privateData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->publicData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->optionalData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->credUsage), ERROR);
    return true;
exit:
    return false;
}
267
#endif // __WITH_DTLS__ or __WITH_TLS__
268

269 270 271
/**
 * This function frees OicSecCred_t object's fields and object itself.
 */
272
void FreeCred(OicSecCred_t *cred)
Sachin Agrawal's avatar
Sachin Agrawal committed
273
{
274
    if(NULL == cred)
Sachin Agrawal's avatar
Sachin Agrawal committed
275
    {
Sahil Bansal's avatar
Sahil Bansal committed
276
        OIC_LOG(ERROR, TAG, "Invalid Parameter");
277 278 279
        return;
    }
    //Note: Need further clarification on roleID data type
Sachin Agrawal's avatar
Sachin Agrawal committed
280
#if 0
281 282
    //Clean roleIds
    OICFree(cred->roleIds);
Sachin Agrawal's avatar
Sachin Agrawal committed
283 284
#endif

285
    //Clean PublicData/OptionalData/Credusage
286
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
287
     // TODO: Need to check credUsage.
288
    OICFree(cred->publicData.data);
289 290 291
    OICFree(cred->optionalData.data);
    OICFree(cred->credUsage);

292
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
Sachin Agrawal's avatar
Sachin Agrawal committed
293

294
    //Clean PrivateData
295
    OICClearMemory(cred->privateData.data, cred->privateData.len);
296
    OICFree(cred->privateData.data);
Sachin Agrawal's avatar
Sachin Agrawal committed
297

298 299
    //Clean Period
    OICFree(cred->period);
Sachin Agrawal's avatar
Sachin Agrawal committed
300

saurabh.s9's avatar
saurabh.s9 committed
301
#ifdef MULTIPLE_OWNER
302 303 304 305
    //Clean eowner
    OICFree(cred->eownerID);
#endif

306 307
    cred->next = NULL;

308 309 310
    //Clean Cred node itself
    OICFree(cred);
}
Sachin Agrawal's avatar
Sachin Agrawal committed
311

312 313 314 315 316 317 318 319 320
void DeleteCredList(OicSecCred_t* cred)
{
    if (cred)
    {
        OicSecCred_t *credTmp1 = NULL, *credTmp2 = NULL;
        LL_FOREACH_SAFE(cred, credTmp1, credTmp2)
        {
            LL_DELETE(cred, credTmp1);
            FreeCred(credTmp1);
Sachin Agrawal's avatar
Sachin Agrawal committed
321 322 323 324
        }
    }
}

Andrii Shtompel's avatar
Andrii Shtompel committed
325 326 327 328 329 330 331 332 333 334 335 336
size_t GetCredKeyDataSize(const OicSecCred_t* cred)
{
    size_t size = 0;
    if (cred)
    {
        OicSecCred_t *credPtr = NULL, *credTmp = NULL;
        LL_FOREACH_SAFE((OicSecCred_t*)cred, credPtr, credTmp)
        {
            if (credPtr->privateData.data && 0 < credPtr->privateData.len)
            {
                size += credPtr->privateData.len;
            }
337
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
Andrii Shtompel's avatar
Andrii Shtompel committed
338 339 340 341 342 343 344 345 346 347 348
            if (credPtr->publicData.data && 0 < credPtr->publicData.len)
            {
                size += credPtr->publicData.len;
            }
            if (credPtr->optionalData.data && 0 < credPtr->optionalData.len)
            {
                size += credPtr->optionalData.len;
            }
#endif
        }
    }
349
    OIC_LOG_V(DEBUG, TAG, "Cred Key Data Size : %u", (unsigned int) size);
Andrii Shtompel's avatar
Andrii Shtompel committed
350 351 352
    return size;
}

Sahil Bansal's avatar
Sahil Bansal committed
353
static size_t OicSecCredCount(const OicSecCred_t *secCred)
Sachin Agrawal's avatar
Sachin Agrawal committed
354
{
Sahil Bansal's avatar
Sahil Bansal committed
355 356
    size_t size = 0;
    for (const OicSecCred_t *cred = secCred; cred; cred = cred->next)
Sachin Agrawal's avatar
Sachin Agrawal committed
357
    {
Sahil Bansal's avatar
Sahil Bansal committed
358 359 360 361
        size++;
    }
    return size;
}
362

363
static const char* EncodingValueToString(OicEncodingType_t encoding)
364 365 366
{
    switch (encoding)
    {
367 368 369 370 371
        case OIC_ENCODING_RAW:    return OIC_SEC_ENCODING_RAW;
        case OIC_ENCODING_BASE64: return OIC_SEC_ENCODING_BASE64;
        case OIC_ENCODING_DER:    return OIC_SEC_ENCODING_DER;
        case OIC_ENCODING_PEM:    return OIC_SEC_ENCODING_PEM;
        default:                  return NULL;
372 373 374 375 376 377
    }
}

static CborError SerializeEncodingToCborInternal(CborEncoder *map, const OicSecKey_t *value)
{
    CborError cborEncoderResult = CborNoError;
378
    const char *encoding = EncodingValueToString(value->encoding);
379 380 381 382
    if (encoding)
    {
        cborEncoderResult = cbor_encode_text_string(map, OIC_JSON_ENCODING_NAME,
            strlen(OIC_JSON_ENCODING_NAME));
383
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Encoding Tag.");
384 385
        cborEncoderResult = cbor_encode_text_string(map, encoding,
            strlen(encoding));
386
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Encoding Value.");
387 388 389

        cborEncoderResult = cbor_encode_text_string(map, OIC_JSON_DATA_NAME,
            strlen(OIC_JSON_DATA_NAME));
390
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Name Tag.");
391 392 393 394 395 396 397 398 399 400 401
        if (OIC_ENCODING_DER == value->encoding ||
            OIC_ENCODING_RAW == value->encoding)
        {
            cborEncoderResult = cbor_encode_byte_string(map,
                    value->data, value->len);
        }
        else
        {
            cborEncoderResult = cbor_encode_text_string(map,
                    (char*)value->data, value->len);
        }
402
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Name Value.");
403 404 405
    }
    else
    {
406
        OIC_LOG_V(ERROR, TAG, "%s: Unknown encoding type: %u.", __func__, value->encoding);
407
        return CborErrorUnknownType;
408 409 410 411 412
    }
    exit:
    return cborEncoderResult;
}

413
CborError SerializeEncodingToCbor(CborEncoder *rootMap, const char* tag, const OicSecKey_t *value)
414 415 416 417 418 419
{
    CborError cborEncoderResult = CborNoError;
    CborEncoder map;
    const size_t mapSize = 2;

    cborEncoderResult = cbor_encode_text_string(rootMap, tag, strlen(tag));
420
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
421 422

    cborEncoderResult = cbor_encoder_create_map(rootMap, &map, mapSize);
423
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Map");
424

425
    cborEncoderResult = SerializeEncodingToCborInternal(&map, value);
426
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding OicSecKey_t structure");
427 428

    cborEncoderResult = cbor_encoder_close_container(rootMap, &map);
429
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Map.");
430 431 432 433 434

    exit:
    return cborEncoderResult;
}

435
CborError SerializeSecOptToCbor(CborEncoder *rootMap, const char* tag, const OicSecOpt_t *value)
436 437 438 439 440 441
{
    CborError cborEncoderResult = CborNoError;
    CborEncoder map;
    const size_t mapSize = 3;

    cborEncoderResult = cbor_encode_text_string(rootMap, tag, strlen(tag));
442
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
443 444

    cborEncoderResult = cbor_encoder_create_map(rootMap, &map, mapSize);
445
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Map");
446 447 448 449 450 451

    OicSecKey_t in;
    in.data = value->data;
    in.encoding = value->encoding;
    in.len = value->len;

452
    cborEncoderResult = SerializeEncodingToCborInternal(&map, &in);
453
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding OicSecKey_t structure");
454 455 456

    cborEncoderResult = cbor_encode_text_string(&map, OIC_JSON_REVOCATION_STATUS_NAME,
        strlen(OIC_JSON_REVOCATION_STATUS_NAME));
457
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding optional revstat Tag.");
458
    cborEncoderResult = cbor_encode_boolean(&map, value->revstat);
459
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding optional revstat Value.");
460 461

    cborEncoderResult = cbor_encoder_close_container(rootMap, &map);
462
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Map.");
463 464 465 466 467 468 469 470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490

    exit:
    return cborEncoderResult;
}

static CborError DeserializeEncodingFromCborInternal(CborValue *map, char *name, OicSecKey_t *value)
{
    size_t len = 0;
    CborError cborFindResult = CborNoError;

    // data -- Mandatory
    if (strcmp(name, OIC_JSON_DATA_NAME) == 0)
    {
        if(cbor_value_is_byte_string(map))
        {
            cborFindResult = cbor_value_dup_byte_string(map, &value->data,
                &value->len, NULL);
        }
        else if(cbor_value_is_text_string(map))
        {
            cborFindResult = cbor_value_dup_text_string(map, (char**)(&value->data),
                &value->len, NULL);
        }
        else
        {
            cborFindResult = CborErrorUnknownType;
            OIC_LOG(ERROR, TAG, "Unknown type for private data.");
        }
491
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding PrivateData.");
492 493 494 495 496 497 498
    }

    // encoding -- Mandatory
    if (strcmp(name, OIC_JSON_ENCODING_NAME) == 0)
    {
        char* strEncoding = NULL;
        cborFindResult = cbor_value_dup_text_string(map, &strEncoding, &len, NULL);
499
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding EncodingType");
500 501 502 503 504 505 506 507 508 509 510 511 512 513 514 515 516 517 518 519 520

        if(strcmp(strEncoding, OIC_SEC_ENCODING_RAW) == 0)
        {
            value->encoding = OIC_ENCODING_RAW;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_BASE64) == 0)
        {
            value->encoding = OIC_ENCODING_BASE64;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_DER) == 0)
        {
            value->encoding = OIC_ENCODING_DER;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_PEM) == 0)
        {
            value->encoding = OIC_ENCODING_PEM;
        }
        else
        {
            //For unit test
            value->encoding = OIC_ENCODING_RAW;
521
            OIC_LOG_V(WARNING, TAG, "%s: Unknown encoding type detected.", __func__);
522
        }
523 524
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(strEncoding);
525 526 527 528 529
    }
    exit:
    return cborFindResult;
}

530
CborError DeserializeEncodingFromCbor(CborValue *rootMap, OicSecKey_t *value)
531 532 533 534 535 536 537 538 539 540 541 542
{
    CborValue map = { .parser = NULL };
    CborError cborFindResult = cbor_value_enter_container(rootMap, &map);
    size_t len = 0;

    while (cbor_value_is_valid(&map))
    {
        char* name = NULL;
        CborType type = cbor_value_get_type(&map);
        if (type == CborTextStringType && cbor_value_is_text_string(&map))
        {
            cborFindResult = cbor_value_dup_text_string(&map, &name, &len, NULL);
543
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to get text");
544
            cborFindResult = cbor_value_advance(&map);
545
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to advance value");
546 547 548
        }
        if (name)
        {
549
            cborFindResult = DeserializeEncodingFromCborInternal(&map, name, value);
550
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to read OicSecKey_t value");
551 552 553 554
        }
        if (cbor_value_is_valid(&map))
        {
            cborFindResult = cbor_value_advance(&map);
555
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Advancing Map.");
556
        }
557 558
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(name);
559 560 561 562 563
    }
    exit:
    return cborFindResult;
}

564
CborError DeserializeSecOptFromCbor(CborValue *rootMap, OicSecOpt_t *value)
565 566 567 568 569 570 571 572 573 574 575 576 577
{
    CborValue map = { .parser = NULL };
    CborError cborFindResult = cbor_value_enter_container(rootMap, &map);
    size_t len = 0;
    value->revstat = false;

    while (cbor_value_is_valid(&map))
    {
        char* name = NULL;
        CborType type = cbor_value_get_type(&map);
        if (type == CborTextStringType && cbor_value_is_text_string(&map))
        {
            cborFindResult = cbor_value_dup_text_string(&map, &name, &len, NULL);
578
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to get text");
579
            cborFindResult = cbor_value_advance(&map);
580
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to advance value");
581 582 583 584 585 586 587
        }
        if (name)
        {
            // OptionalData::revstat -- Mandatory
            if (strcmp(name, OIC_JSON_REVOCATION_STATUS_NAME) == 0)
            {
                cborFindResult = cbor_value_get_boolean(&map, &value->revstat);
588
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding revstat Value.")
589 590
            }
            OicSecKey_t out;
591
            cborFindResult = DeserializeEncodingFromCborInternal(&map, name, &out);
592
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to read OicSecKey_t value");
593 594 595 596 597 598 599 600

            value->data = out.data;
            value->encoding = out.encoding;
            value->len = out.len;
        }
        if (cbor_value_is_valid(&map))
        {
            cborFindResult = cbor_value_advance(&map);
601
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Advancing Map.");
602
        }
603 604
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(name);
605 606 607 608 609
    }
    exit:
    return cborFindResult;
}

610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634
/* Produce debugging output for all credentials, output metadata. */
static void logCredMetadata()
{
#if defined(TB_LOG)
    OicSecCred_t * temp = NULL;
    size_t count = 0;
    char uuidString[UUID_STRING_SIZE];
    OicUuid_t ownUuid;

    OIC_LOG_V(DEBUG, TAG, "IN %s:", __func__);

    if (GetDoxmDeviceID(&ownUuid) == OC_STACK_OK && OCConvertUuidToString(ownUuid.id, uuidString))
    {
        OIC_LOG_V(DEBUG, TAG, "Own UUID: %s", uuidString);
    }

    LL_FOREACH(gCred, temp)
    {
        count++;
        OIC_LOG(DEBUG, TAG, " ");
        OIC_LOG_V(DEBUG, TAG, "Cred ID: %d", temp->credId);
        if (OCConvertUuidToString(temp->subject.id, uuidString))
        {
            OIC_LOG_V(DEBUG, TAG, "Subject UUID: %s", uuidString);
        }
635 636 637 638 639
        if (IsNonEmptyRole(&temp->roleId))
        {
            OIC_LOG_V(DEBUG, TAG, "Role ID: %s", temp->roleId.id);
            OIC_LOG_V(DEBUG, TAG, "Role authority: %s", temp->roleId.authority);
        }
640
        OIC_LOG_V(DEBUG, TAG, "Cred Type: %d", temp->credType);
641
        OIC_LOG_V(DEBUG, TAG, "privateData length: %" PRIuPTR ", encoding: %d", temp->privateData.len, temp->privateData.encoding);
642 643

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
644
        OIC_LOG_V(DEBUG, TAG, "publicData length: %" PRIuPTR ", encoding: %d", temp->publicData.len, temp->publicData.encoding);
645 646 647 648 649
        if (temp->credUsage)
        {
            OIC_LOG_V(DEBUG, TAG, "credUsage: %s", temp->credUsage);
        }

650
        OIC_LOG_V(DEBUG, TAG, "optionalData length: %" PRIuPTR", encoding: %d" PRIuPTR, temp->optionalData.len, temp->optionalData.encoding);
651 652 653 654
#endif

    }

655
    OIC_LOG_V(DEBUG, TAG, "Found %" PRIuPTR " credentials.", count);
656 657 658 659 660

    OIC_LOG_V(DEBUG, TAG, "OUT %s:", __func__);
#endif
}

661
OCStackResult CredToCBORPayloadWithRowner(const OicSecCred_t *credS, const OicUuid_t *rownerId, uint8_t **cborPayload,
662
                                size_t *cborSize, int secureFlag)
Sahil Bansal's avatar
Sahil Bansal committed
663
{
664
    OIC_LOG_V(DEBUG, TAG, "IN %s:", __func__);
665
    if (NULL == cborPayload || NULL != *cborPayload || NULL == cborSize)
Sahil Bansal's avatar
Sahil Bansal committed
666 667 668
    {
        return OC_STACK_INVALID_PARAM;
    }
669

Sahil Bansal's avatar
Sahil Bansal committed
670
    OCStackResult ret = OC_STACK_ERROR;
Sachin Agrawal's avatar
Sachin Agrawal committed
671

leechul's avatar
leechul committed
672 673 674
    CborError cborEncoderResult = CborNoError;
    uint8_t *outPayload = NULL;
    size_t cborLen = *cborSize;
Sahil Bansal's avatar
Sahil Bansal committed
675 676
    *cborSize = 0;
    *cborPayload = NULL;
leechul's avatar
leechul committed
677
    const OicSecCred_t *cred = credS;
678 679 680
    CborEncoder encoder;
    CborEncoder credArray;
    CborEncoder credRootMap;
681
    CborEncoder roleIdMap;
Sachin Agrawal's avatar
Sachin Agrawal committed
682

leechul's avatar
leechul committed
683 684 685 686 687 688
    if (0 == cborLen)
    {
        cborLen = CBOR_SIZE;
    }

    outPayload = (uint8_t *)OICCalloc(1, cborLen);
689 690
    VERIFY_NOT_NULL_RETURN(TAG, outPayload, ERROR, OC_STACK_ERROR);

Sahil Bansal's avatar
Sahil Bansal committed
691
    cbor_encoder_init(&encoder, outPayload, cborLen, 0);
Sachin Agrawal's avatar
Sachin Agrawal committed
692

693
    size_t credRootMapSize = CRED_ROOT_MAP_SIZE;
694

leechul's avatar
leechul committed
695
    // Create CRED Root Map (creds, rownerid)
696
    cborEncoderResult = cbor_encoder_create_map(&encoder, &credRootMap, credRootMapSize);
697
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Root Map");
leechul's avatar
leechul committed
698 699 700 701

    // creds
    cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_CREDS_NAME,
        strlen(OIC_JSON_CREDS_NAME));
702
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding creds Name Tag.");
leechul's avatar
leechul committed
703 704 705

    // creds array
    cborEncoderResult = cbor_encoder_create_array(&credRootMap, &credArray, OicSecCredCount(cred));
706
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Array.");
leechul's avatar
leechul committed
707

Sahil Bansal's avatar
Sahil Bansal committed
708 709
    while (cred)
    {
710
        CborEncoder credMap;
Sahil Bansal's avatar
Sahil Bansal committed
711
        size_t mapSize = CRED_MAP_SIZE;
712
        size_t inLen = 0;
Sahil Bansal's avatar
Sahil Bansal committed
713 714 715 716
        if (cred->period)
        {
            mapSize++;
        }
717

718
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
saurabh.s9's avatar
saurabh.s9 committed
719
#ifdef MULTIPLE_OWNER
720 721 722 723
        if(cred->eownerID)
        {
            mapSize++;
        }
saurabh.s9's avatar
saurabh.s9 committed
724
#endif //MULTIPLE_OWNER
725

726
        if ((SIGNED_ASYMMETRIC_KEY == cred->credType || ASYMMETRIC_KEY == cred->credType)
Kevin Kane's avatar
Kevin Kane committed
727
            && cred->publicData.data)
Sahil Bansal's avatar
Sahil Bansal committed
728 729 730
        {
            mapSize++;
        }
731 732 733 734 735 736 737 738
        if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->optionalData.data)
        {
            mapSize++;
        }
        if (cred->credUsage)
        {
            mapSize++;
        }
739 740 741 742
        if (IsNonEmptyRole(&cred->roleId))
        {
            mapSize++;
        }
743
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
744
        if (!secureFlag && cred->privateData.data)
Sahil Bansal's avatar
Sahil Bansal committed
745 746 747
        {
            mapSize++;
        }
leechul's avatar
leechul committed
748
        cborEncoderResult = cbor_encoder_create_map(&credArray, &credMap, mapSize);
749
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Map");
Sahil Bansal's avatar
Sahil Bansal committed
750 751

        //CredID -- Mandatory
leechul's avatar
leechul committed
752
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDID_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
753
            strlen(OIC_JSON_CREDID_NAME));
754
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Id Tag. ");
leechul's avatar
leechul committed
755
        cborEncoderResult = cbor_encode_int(&credMap, cred->credId);
756
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Id Value.");
Sahil Bansal's avatar
Sahil Bansal committed
757 758

        //Subject -- Mandatory
leechul's avatar
leechul committed
759 760
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_SUBJECTID_NAME,
            strlen(OIC_JSON_SUBJECTID_NAME));
761
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Subject Tag.");
762
        inLen = (memcmp(&(cred->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
763 764 765 766 767
            WILDCARD_SUBJECT_ID_LEN : sizeof(OicUuid_t);
        if(inLen == WILDCARD_SUBJECT_ID_LEN)
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, WILDCARD_RESOURCE_URI,
                strlen(WILDCARD_RESOURCE_URI));
768
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding Subject Id wildcard Value.");
769 770 771 772 773 774 775
        }
        else
        {
            char *subject = NULL;
            ret = ConvertUuidToStr(&cred->subject, &subject);
            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
            cborEncoderResult = cbor_encode_text_string(&credMap, subject, strlen(subject));
776
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding Subject Id Value.");
777 778
            OICFree(subject);
        }
Sahil Bansal's avatar
Sahil Bansal committed
779

780 781 782 783 784
        //Role ID -- optional
        if (IsNonEmptyRole(&cred->roleId))
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_ROLEID_NAME,
                strlen(OIC_JSON_ROLEID_NAME));
785
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role ID map tag");
786 787 788

            bool includeAuthority = (0 != memcmp(&cred->roleId.authority, &EMPTY_ROLE.authority, sizeof(EMPTY_ROLE.authority)));

789
            cborEncoderResult = cbor_encoder_create_map(&credMap, &roleIdMap, ROLEID_MAP_SIZE + (includeAuthority ? 1 : 0));
790
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role ID map");
791 792

            cborEncoderResult = cbor_encode_text_string(&roleIdMap, OIC_JSON_ROLE_NAME, strlen(OIC_JSON_ROLE_NAME));
793
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role tag");
794

795
            cborEncoderResult = cbor_encode_text_string(&roleIdMap, cred->roleId.id, strlen(cred->roleId.id));
796
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role value");
797 798 799 800

            if (includeAuthority)
            {
                cborEncoderResult = cbor_encode_text_string(&roleIdMap, OIC_JSON_AUTHORITY_NAME, strlen(OIC_JSON_AUTHORITY_NAME));
801
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding authority tag");
802 803

                cborEncoderResult = cbor_encode_text_string(&roleIdMap, cred->roleId.authority, strlen(cred->roleId.authority));
804
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding authority value");
805 806 807
            }

            cborEncoderResult = cbor_encoder_close_container(&credMap, &roleIdMap);
808
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed closing role ID map");
809 810
        }

Sahil Bansal's avatar
Sahil Bansal committed
811
        //CredType -- Mandatory
leechul's avatar
leechul committed
812
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDTYPE_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
813
            strlen(OIC_JSON_CREDTYPE_NAME));
814
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Type Tag.");
leechul's avatar
leechul committed
815
        cborEncoderResult = cbor_encode_int(&credMap, cred->credType);
816
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Type Value.");
Sachin Agrawal's avatar
Sachin Agrawal committed
817

818
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
Sahil Bansal's avatar
Sahil Bansal committed
819
        //PublicData -- Not Mandatory
820
        if ((SIGNED_ASYMMETRIC_KEY == cred->credType || ASYMMETRIC_KEY == cred->credType)
Kevin Kane's avatar
Kevin Kane committed
821
            && cred->publicData.data)
Sahil Bansal's avatar
Sahil Bansal committed
822
        {
823 824
            cborEncoderResult = SerializeEncodingToCbor(&credMap,
                                         OIC_JSON_PUBLICDATA_NAME, &cred->publicData);
825
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PublicData Tag.");
Sahil Bansal's avatar
Sahil Bansal committed
826
        }
827 828 829
        //OptionalData -- Not Mandatory
        if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->optionalData.data)
        {
830 831
            cborEncoderResult = SerializeSecOptToCbor(&credMap,
                                         OIC_JSON_OPTDATA_NAME, &cred->optionalData);
832
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding OptionalData Tag.");
833 834 835 836 837 838
        }
        //CredUsage -- Not Mandatory
        if(cred->credUsage)
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDUSAGE_NAME,
                strlen(OIC_JSON_CREDUSAGE_NAME));
839
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Credusage Name Tag.");
840 841
            cborEncoderResult = cbor_encode_text_string(&credMap, cred->credUsage,
                strlen(cred->credUsage));
842
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Credusage Name Value.");
843
        }
844
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
Sahil Bansal's avatar
Sahil Bansal committed
845
        //PrivateData -- Not Mandatory
846
        if(!secureFlag && cred->privateData.data)
Sahil Bansal's avatar
Sahil Bansal committed
847
        {
848 849
            cborEncoderResult = SerializeEncodingToCbor(&credMap,
                                         OIC_JSON_PRIVATEDATA_NAME, &cred->privateData);
850
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
Sahil Bansal's avatar
Sahil Bansal committed
851
        }
Sachin Agrawal's avatar
Sachin Agrawal committed
852

Sahil Bansal's avatar
Sahil Bansal committed
853 854 855
        //Period -- Not Mandatory
        if(cred->period)
        {
leechul's avatar
leechul committed
856
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PERIOD_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
857
                strlen(OIC_JSON_PERIOD_NAME));
858
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Period Name Tag.");
leechul's avatar
leechul committed
859
            cborEncoderResult = cbor_encode_text_string(&credMap, cred->period,
Sahil Bansal's avatar
Sahil Bansal committed
860
                strlen(cred->period));
861
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Period Name Value.");
Sahil Bansal's avatar
Sahil Bansal committed
862
        }
Sachin Agrawal's avatar
Sachin Agrawal committed
863

saurabh.s9's avatar
saurabh.s9 committed
864
#ifdef MULTIPLE_OWNER
865 866 867 868 869 870
        // Eownerid -- Not Mandatory
        if(cred->eownerID)
        {
            char *eowner = NULL;
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_EOWNERID_NAME,
                strlen(OIC_JSON_EOWNERID_NAME));
871
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding eownerId Name Tag.");
872 873 874
            ret = ConvertUuidToStr(cred->eownerID, &eowner);
            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
            cborEncoderResult = cbor_encode_text_string(&credMap, eowner, strlen(eowner));
875
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding eownerId Value.");
876 877
            OICFree(eowner);
        }
saurabh.s9's avatar
saurabh.s9 committed
878
#endif //MULTIPLE_OWNER
leechul's avatar
leechul committed
879 880

        cborEncoderResult = cbor_encoder_close_container(&credArray, &credMap);
881
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Cred Map.");
882

Sahil Bansal's avatar
Sahil Bansal committed
883
        cred = cred->next;
leechul's avatar
leechul committed
884 885
    }
    cborEncoderResult = cbor_encoder_close_container(&credRootMap, &credArray);
886
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Cred Array.");
leechul's avatar
leechul committed
887 888

    cred = credS;
889

leechul's avatar
leechul committed
890 891 892 893 894
    // Rownerid
    {
        char *rowner = NULL;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_ROWNERID_NAME,
            strlen(OIC_JSON_ROWNERID_NAME));
895
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding rownerid Name.");
896
        ret = ConvertUuidToStr(rownerId, &rowner);
leechul's avatar
leechul committed
897 898
        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
        cborEncoderResult = cbor_encode_text_string(&credRootMap, rowner, strlen(rowner));
899
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding rownerid Value.");
leechul's avatar
leechul committed
900 901 902
        OICFree(rowner);
    }

Randeep's avatar
Randeep committed
903
    {
904 905 906 907
        //RT -- Mandatory
        CborEncoder rtArray;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_RT_NAME,
                strlen(OIC_JSON_RT_NAME));
908
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding RT Name Tag.");
909
        cborEncoderResult = cbor_encoder_create_array(&credRootMap, &rtArray, 1);
910
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding RT Value.");
911 912 913 914
        for (size_t i = 0; i < 1; i++)
        {
            cborEncoderResult = cbor_encode_text_string(&rtArray, OIC_RSRC_TYPE_SEC_CRED,
                    strlen(OIC_RSRC_TYPE_SEC_CRED));
915
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding RT Value.");
916 917
        }
        cborEncoderResult = cbor_encoder_close_container(&credRootMap, &rtArray);
918
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing RT.");
Randeep's avatar
Randeep committed
919

920 921 922 923
        //IF-- Mandatory
        CborEncoder ifArray;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_IF_NAME,
                 strlen(OIC_JSON_IF_NAME));
924
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding IF Name Tag.");
925
        cborEncoderResult = cbor_encoder_create_array(&credRootMap, &ifArray, 1);
926
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding IF Value.");
927 928 929 930
        for (size_t i = 0; i < 1; i++)
        {
            cborEncoderResult = cbor_encode_text_string(&ifArray, OC_RSRVD_INTERFACE_DEFAULT,
                    strlen(OC_RSRVD_INTERFACE_DEFAULT));
931
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding IF Value.");
932 933
        }
        cborEncoderResult = cbor_encoder_close_container(&credRootMap, &ifArray);
934
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing IF.");
Randeep's avatar
Randeep committed
935 936
    }

leechul's avatar
leechul committed
937 938
    // Close CRED Root Map
    cborEncoderResult = cbor_encoder_close_container(&encoder, &credRootMap);
939
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing CRED Root Map.");
leechul's avatar
leechul committed
940 941 942 943 944

    if (CborNoError == cborEncoderResult)
    {
        OIC_LOG(DEBUG, TAG, "CredToCBORPayload Successed");
        *cborPayload = outPayload;
945
        *cborSize = cbor_encoder_get_buffer_size(&encoder, outPayload);
Sahil Bansal's avatar
Sahil Bansal committed
946 947 948
        ret = OC_STACK_OK;
    }
    OIC_LOG(DEBUG, TAG, "CredToCBORPayload OUT");
Sachin Agrawal's avatar
Sachin Agrawal committed
949
exit:
leechul's avatar
leechul committed
950
    if (CborErrorOutOfMemory == cborEncoderResult)
951
    {
leechul's avatar
leechul committed
952 953 954 955
        OIC_LOG(DEBUG, TAG, "CredToCBORPayload:CborErrorOutOfMemory : retry with more memory");
        // reallocate and try again!
        OICFree(outPayload);
        // Since the allocated initial memory failed, double the memory.
956
        cborLen += cbor_encoder_get_buffer_size(&encoder, encoder.end);
leechul's avatar
leechul committed