credresource.c 131 KB
Newer Older
Sachin Agrawal's avatar
Sachin Agrawal committed
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
//******************************************************************
//
// Copyright 2015 Intel Mobile Communications GmbH All Rights Reserved.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//      http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
//-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

21
#define __STDC_LIMIT_MACROS
Sahil Bansal's avatar
Sahil Bansal committed
22

23
#include "iotivity_config.h"
Sahil Bansal's avatar
Sahil Bansal committed
24
#include <stdlib.h>
25
#ifdef HAVE_STRING_H
Sahil Bansal's avatar
Sahil Bansal committed
26
#include <string.h>
27 28
#endif
#ifdef HAVE_STRINGS_H
Sahil Bansal's avatar
Sahil Bansal committed
29 30 31
#include <strings.h>
#endif
#include <stdint.h>
Andrii Shtompel's avatar
Andrii Shtompel committed
32
#include <stdbool.h>
George Nash's avatar
George Nash committed
33
#include <inttypes.h>
Sahil Bansal's avatar
Sahil Bansal committed
34 35 36

#include "cainterface.h"
#include "payload_logging.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
37
#include "ocstack.h"
Sahil Bansal's avatar
Sahil Bansal committed
38 39 40
#include "ocrandom.h"
#include "base64.h"
#include "ocserverrequest.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
41
#include "oic_malloc.h"
42
#include "oic_string.h"
Sahil Bansal's avatar
Sahil Bansal committed
43
#include "ocpayload.h"
44
#include "ocpayloadcbor.h"
Sachin Agrawal's avatar
Sachin Agrawal committed
45 46 47
#include "utlist.h"
#include "credresource.h"
#include "doxmresource.h"
Sahil Bansal's avatar
Sahil Bansal committed
48
#include "pstatresource.h"
leechul's avatar
leechul committed
49
#include "iotvticalendar.h"
Sahil Bansal's avatar
Sahil Bansal committed
50 51 52 53 54 55
#include "pbkdf2.h"
#include "resourcemanager.h"
#include "srmresourcestrings.h"
#include "srmutility.h"
#include "psinterface.h"
#include "pinoxmcommon.h"
Kevin Kane's avatar
Kevin Kane committed
56 57
#include "certhelpers.h"
#include "cacommon.h"
58
#include "secureresourcemanager.h"
59
#include "deviceonboardingstate.h"
60

Andrii Shtompel's avatar
Andrii Shtompel committed
61 62 63 64 65 66 67
#ifdef __unix__
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#endif

68 69
#if defined(__WITH_DTLS__) || defined (__WITH_TLS__)
#include <mbedtls/ssl_ciphersuites.h>
70 71 72
#include <mbedtls/pk.h>
#include <mbedtls/base64.h>
#include <mbedtls/pem.h>
Sahil Bansal's avatar
Sahil Bansal committed
73
#endif
leechul's avatar
leechul committed
74

75
#define TAG  "OIC_SRM_CREDL"
Sahil Bansal's avatar
Sahil Bansal committed
76

77 78
#ifdef HAVE_WINDOWS_H
#include <wincrypt.h>
79
#include <intsafe.h>
80 81
#endif

Andrii Shtompel's avatar
Andrii Shtompel committed
82 83
/** Max credential types number used for TLS */
#define MAX_TYPE 2
Sahil Bansal's avatar
Sahil Bansal committed
84 85
/** Default cbor payload size. This value is increased in case of CborErrorOutOfMemory.
 * The value of payload size is increased until reaching belox max cbor size. */
leechul's avatar
leechul committed
86
static const uint16_t CBOR_SIZE = 2048;
87

leechul's avatar
leechul committed
88
/** CRED size - Number of mandatory items. */
Randeep's avatar
Randeep committed
89
static const uint8_t CRED_ROOT_MAP_SIZE = 4;
leechul's avatar
leechul committed
90
static const uint8_t CRED_MAP_SIZE = 3;
91
static const uint8_t ROLEID_MAP_SIZE = 1;
leechul's avatar
leechul committed
92

Shilpa Sodani's avatar
Shilpa Sodani committed
93

Sachin Agrawal's avatar
Sachin Agrawal committed
94 95
static OicSecCred_t        *gCred = NULL;
static OCResourceHandle    gCredHandle = NULL;
96
static OicUuid_t           gRownerId = { .id = { 0 } };
Sachin Agrawal's avatar
Sachin Agrawal committed
97

98 99 100 101 102 103
typedef enum CredCompareResult{
    CRED_CMP_EQUAL = 0,
    CRED_CMP_NOT_EQUAL = 1,
    CRED_CMP_ERROR = 2
}CredCompareResult_t;

104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126
typedef struct CredIdList CredIdList_t;

struct CredIdList
{
    uint16_t credId;
    CredIdList_t *next;
};

static void DeleteCredIdList(CredIdList_t** list)
{
    if (list)
    {
        CredIdList_t *head = *list;

        while (head)
        {
            CredIdList_t *tmp = head->next;
            OICFree(head);
            head = tmp;
        }
    }
}

127 128 129 130
static bool ValueWithinBounds(uint64_t value, uint64_t maxValue)
{
    if (value > maxValue)
    {
131
        OIC_LOG_V(ERROR, TAG, "The value (%" PRId64 ") is greater than allowed maximum of %" PRId64 ".", value, maxValue);
132 133 134 135 136 137
        return false;
    }

    return true;
}

138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154
/**
 * Internal function to check a subject of SIGNED_ASYMMETRIC_KEY(Certificate).
 * If that subject is NULL or wildcard, set it to own deviceID.
 * @param cred credential on SVR DB file
 * @param deviceID own deviceuuid of doxm resource
 *
 * @return
 *     true successfully done
 *     false Invalid cred
 */

static bool CheckSubjectOfCertificate(OicSecCred_t* cred, OicUuid_t deviceID)
{
    OIC_LOG(DEBUG, TAG, "IN CheckSubjectOfCertificate");
    VERIFY_NOT_NULL(TAG, cred, ERROR);

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
155 156
    const OicUuid_t emptyUuid = { .id = { 0 } };

157 158 159 160 161 162 163 164
    if ( SIGNED_ASYMMETRIC_KEY == cred->credType)
    {
        if((0 == memcmp(cred->subject.id, emptyUuid.id, sizeof(cred->subject.id))) ||
            (0 == memcmp(cred->subject.id, &WILDCARD_SUBJECT_ID, sizeof(cred->subject.id))))
        {
            memcpy(cred->subject.id, deviceID.id, sizeof(deviceID.id));
        }
    }
165 166
#else
    OC_UNUSED(deviceID);
167 168 169 170 171 172 173 174 175
#endif

    OIC_LOG(DEBUG, TAG, "OUT CheckSubjectOfCertificate");
    return true;
exit:
    OIC_LOG(ERROR, TAG, "OUT CheckSubjectOfCertificate");
    return false;
}

176 177 178
/**
 * Internal function to check credential
 */
179
static bool IsValidCredential(const OicSecCred_t* cred)
180 181 182 183
{
    OicUuid_t emptyUuid = {.id={0}};


184
    OIC_LOG(DEBUG, TAG, "IN IsValidCredential");
185

186
    VERIFY_NOT_NULL(TAG, cred, ERROR);
187 188 189 190 191 192 193 194 195 196 197 198
    VERIFY_SUCCESS(TAG, 0 != cred->credId, ERROR);
    OIC_LOG_V(DEBUG, TAG, "Cred ID = %d", cred->credId);

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
    OIC_LOG_V(DEBUG, TAG, "Cred Type = %d", cred->credType);

    switch(cred->credType)
    {
        case SYMMETRIC_PAIR_WISE_KEY:
        case SYMMETRIC_GROUP_KEY:
        case PIN_PASSWORD:
        {
199
            VERIFY_NOT_NULL(TAG, cred->privateData.data, ERROR);
200 201 202 203 204 205 206 207 208
            VERIFY_SUCCESS(TAG, 0 != cred->privateData.len, ERROR);
            VERIFY_SUCCESS(TAG, \
                           (OIC_ENCODING_RAW == cred->privateData.encoding || \
                           OIC_ENCODING_BASE64 == cred->privateData.encoding), \
                           ERROR);
            break;
        }
        case ASYMMETRIC_KEY:
        {
209
            VERIFY_NOT_NULL(TAG, cred->publicData.data, ERROR);
210
            VERIFY_SUCCESS(TAG, 0 != cred->publicData.len, ERROR);
211 212 213 214
            VERIFY_SUCCESS(TAG, \
                           (OIC_ENCODING_UNKNOW < cred->publicData.encoding && \
                            OIC_ENCODING_DER >= cred->publicData.encoding),
                           ERROR);
215 216 217 218 219 220 221 222 223 224
            break;
        }
        case SIGNED_ASYMMETRIC_KEY:
        {
            VERIFY_SUCCESS(TAG, (NULL != cred->publicData.data ||NULL != cred->optionalData.data) , ERROR);
            VERIFY_SUCCESS(TAG, (0 != cred->publicData.len || 0 != cred->optionalData.len), ERROR);

            if(NULL != cred->optionalData.data)
            {
                VERIFY_SUCCESS(TAG, \
225 226
                               (OIC_ENCODING_UNKNOW < cred->optionalData.encoding && \
                                OIC_ENCODING_DER >= cred->optionalData.encoding),
227 228 229 230 231 232
                               ERROR);
            }
            break;
        }
        case ASYMMETRIC_ENCRYPTION_KEY:
        {
233
            VERIFY_NOT_NULL(TAG, cred->privateData.data, ERROR);
234 235
            VERIFY_SUCCESS(TAG, 0 != cred->privateData.len, ERROR);
            VERIFY_SUCCESS(TAG, \
236 237
                           (OIC_ENCODING_UNKNOW < cred->privateData.encoding && \
                            OIC_ENCODING_DER >= cred->privateData.encoding),
238 239 240 241 242 243 244 245 246 247 248 249 250
                           ERROR);
            break;
        }
        default:
        {
            OIC_LOG(WARNING, TAG, "Unknown credential type");
            return false;
        }
    }
#endif

    VERIFY_SUCCESS(TAG, 0 != memcmp(emptyUuid.id, cred->subject.id, sizeof(cred->subject.id)), ERROR);

251
    OIC_LOG(DEBUG, TAG, "OUT IsValidCredential");
252 253
    return true;
exit:
254
    OIC_LOG(WARNING, TAG, "OUT IsValidCredential : Invalid Credential detected.");
255 256 257
    return false;
}

258 259 260 261 262
static bool IsEmptyCred(const OicSecCred_t* cred)
{
    OicUuid_t emptyUuid = {.id={0}};

    VERIFY_SUCCESS(TAG, (0 == memcmp(cred->subject.id, emptyUuid.id, sizeof(emptyUuid))), ERROR);
263
    VERIFY_SUCCESS(TAG, !IsNonEmptyRole(&cred->roleId), ERROR);
264 265 266 267 268 269 270 271 272 273 274 275 276
    VERIFY_SUCCESS(TAG, (0 == cred->credId), ERROR);
    VERIFY_SUCCESS(TAG, (0 == cred->credType), ERROR);
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
    VERIFY_SUCCESS(TAG, (NULL == cred->privateData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->publicData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->optionalData.data), ERROR);
    VERIFY_SUCCESS(TAG, (NULL == cred->credUsage), ERROR);
#endif
    return true;
exit:
    return false;
}

277 278 279
/**
 * This function frees OicSecCred_t object's fields and object itself.
 */
280
void FreeCred(OicSecCred_t *cred)
Sachin Agrawal's avatar
Sachin Agrawal committed
281
{
282
    if(NULL == cred)
Sachin Agrawal's avatar
Sachin Agrawal committed
283
    {
Sahil Bansal's avatar
Sahil Bansal committed
284
        OIC_LOG(ERROR, TAG, "Invalid Parameter");
285 286 287
        return;
    }
    //Note: Need further clarification on roleID data type
Sachin Agrawal's avatar
Sachin Agrawal committed
288
#if 0
289 290
    //Clean roleIds
    OICFree(cred->roleIds);
Sachin Agrawal's avatar
Sachin Agrawal committed
291 292
#endif

293
    //Clean PublicData/OptionalData/Credusage
294
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
295
     // TODO: Need to check credUsage.
296
    OICFree(cred->publicData.data);
297 298 299
    OICFree(cred->optionalData.data);
    OICFree(cred->credUsage);

300
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
Sachin Agrawal's avatar
Sachin Agrawal committed
301

302
    //Clean PrivateData
303
    OICClearMemory(cred->privateData.data, cred->privateData.len);
304
    OICFree(cred->privateData.data);
Sachin Agrawal's avatar
Sachin Agrawal committed
305

306 307
    //Clean Period
    OICFree(cred->period);
Sachin Agrawal's avatar
Sachin Agrawal committed
308

saurabh.s9's avatar
saurabh.s9 committed
309
#ifdef MULTIPLE_OWNER
310 311 312 313
    //Clean eowner
    OICFree(cred->eownerID);
#endif

314 315
    cred->next = NULL;

316 317 318
    //Clean Cred node itself
    OICFree(cred);
}
Sachin Agrawal's avatar
Sachin Agrawal committed
319

320 321 322 323 324 325 326 327 328
void DeleteCredList(OicSecCred_t* cred)
{
    if (cred)
    {
        OicSecCred_t *credTmp1 = NULL, *credTmp2 = NULL;
        LL_FOREACH_SAFE(cred, credTmp1, credTmp2)
        {
            LL_DELETE(cred, credTmp1);
            FreeCred(credTmp1);
Sachin Agrawal's avatar
Sachin Agrawal committed
329 330 331 332
        }
    }
}

Andrii Shtompel's avatar
Andrii Shtompel committed
333 334 335 336 337 338 339 340 341 342 343 344
size_t GetCredKeyDataSize(const OicSecCred_t* cred)
{
    size_t size = 0;
    if (cred)
    {
        OicSecCred_t *credPtr = NULL, *credTmp = NULL;
        LL_FOREACH_SAFE((OicSecCred_t*)cred, credPtr, credTmp)
        {
            if (credPtr->privateData.data && 0 < credPtr->privateData.len)
            {
                size += credPtr->privateData.len;
            }
345
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
Andrii Shtompel's avatar
Andrii Shtompel committed
346 347 348 349 350 351 352 353 354 355 356
            if (credPtr->publicData.data && 0 < credPtr->publicData.len)
            {
                size += credPtr->publicData.len;
            }
            if (credPtr->optionalData.data && 0 < credPtr->optionalData.len)
            {
                size += credPtr->optionalData.len;
            }
#endif
        }
    }
357
    OIC_LOG_V(DEBUG, TAG, "Cred Key Data Size : %u", (unsigned int) size);
Andrii Shtompel's avatar
Andrii Shtompel committed
358 359 360
    return size;
}

Sahil Bansal's avatar
Sahil Bansal committed
361
static size_t OicSecCredCount(const OicSecCred_t *secCred)
Sachin Agrawal's avatar
Sachin Agrawal committed
362
{
Sahil Bansal's avatar
Sahil Bansal committed
363 364
    size_t size = 0;
    for (const OicSecCred_t *cred = secCred; cred; cred = cred->next)
Sachin Agrawal's avatar
Sachin Agrawal committed
365
    {
Sahil Bansal's avatar
Sahil Bansal committed
366 367 368 369
        size++;
    }
    return size;
}
370

371
static const char* EncodingValueToString(OicEncodingType_t encoding)
372 373 374
{
    switch (encoding)
    {
375 376 377 378 379
        case OIC_ENCODING_RAW:    return OIC_SEC_ENCODING_RAW;
        case OIC_ENCODING_BASE64: return OIC_SEC_ENCODING_BASE64;
        case OIC_ENCODING_DER:    return OIC_SEC_ENCODING_DER;
        case OIC_ENCODING_PEM:    return OIC_SEC_ENCODING_PEM;
        default:                  return NULL;
380 381 382 383 384 385
    }
}

static CborError SerializeEncodingToCborInternal(CborEncoder *map, const OicSecKey_t *value)
{
    CborError cborEncoderResult = CborNoError;
386
    const char *encoding = EncodingValueToString(value->encoding);
387 388 389 390
    if (encoding)
    {
        cborEncoderResult = cbor_encode_text_string(map, OIC_JSON_ENCODING_NAME,
            strlen(OIC_JSON_ENCODING_NAME));
391
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Encoding Tag.");
392 393
        cborEncoderResult = cbor_encode_text_string(map, encoding,
            strlen(encoding));
394
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Encoding Value.");
395 396 397

        cborEncoderResult = cbor_encode_text_string(map, OIC_JSON_DATA_NAME,
            strlen(OIC_JSON_DATA_NAME));
398
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Name Tag.");
399 400 401 402 403 404 405 406 407 408 409
        if (OIC_ENCODING_DER == value->encoding ||
            OIC_ENCODING_RAW == value->encoding)
        {
            cborEncoderResult = cbor_encode_byte_string(map,
                    value->data, value->len);
        }
        else
        {
            cborEncoderResult = cbor_encode_text_string(map,
                    (char*)value->data, value->len);
        }
410
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Name Value.");
411 412 413
    }
    else
    {
414
        OIC_LOG_V(ERROR, TAG, "%s: Unknown encoding type: %u.", __func__, value->encoding);
415
        return CborErrorUnknownType;
416 417 418 419 420
    }
    exit:
    return cborEncoderResult;
}

421
CborError SerializeEncodingToCbor(CborEncoder *rootMap, const char* tag, const OicSecKey_t *value)
422 423 424 425 426 427
{
    CborError cborEncoderResult = CborNoError;
    CborEncoder map;
    const size_t mapSize = 2;

    cborEncoderResult = cbor_encode_text_string(rootMap, tag, strlen(tag));
428
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
429 430

    cborEncoderResult = cbor_encoder_create_map(rootMap, &map, mapSize);
431
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Map");
432

433
    cborEncoderResult = SerializeEncodingToCborInternal(&map, value);
434
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding OicSecKey_t structure");
435 436

    cborEncoderResult = cbor_encoder_close_container(rootMap, &map);
437
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Map.");
438 439 440 441 442

    exit:
    return cborEncoderResult;
}

443
CborError SerializeSecOptToCbor(CborEncoder *rootMap, const char* tag, const OicSecOpt_t *value)
444 445 446 447 448 449
{
    CborError cborEncoderResult = CborNoError;
    CborEncoder map;
    const size_t mapSize = 3;

    cborEncoderResult = cbor_encode_text_string(rootMap, tag, strlen(tag));
450
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
451 452

    cborEncoderResult = cbor_encoder_create_map(rootMap, &map, mapSize);
453
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Map");
454 455 456 457 458 459

    OicSecKey_t in;
    in.data = value->data;
    in.encoding = value->encoding;
    in.len = value->len;

460
    cborEncoderResult = SerializeEncodingToCborInternal(&map, &in);
461
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding OicSecKey_t structure");
462 463 464

    cborEncoderResult = cbor_encode_text_string(&map, OIC_JSON_REVOCATION_STATUS_NAME,
        strlen(OIC_JSON_REVOCATION_STATUS_NAME));
465
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding optional revstat Tag.");
466
    cborEncoderResult = cbor_encode_boolean(&map, value->revstat);
467
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding optional revstat Value.");
468 469

    cborEncoderResult = cbor_encoder_close_container(rootMap, &map);
470
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Map.");
471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 488 489 490 491 492 493 494 495 496 497 498

    exit:
    return cborEncoderResult;
}

static CborError DeserializeEncodingFromCborInternal(CborValue *map, char *name, OicSecKey_t *value)
{
    size_t len = 0;
    CborError cborFindResult = CborNoError;

    // data -- Mandatory
    if (strcmp(name, OIC_JSON_DATA_NAME) == 0)
    {
        if(cbor_value_is_byte_string(map))
        {
            cborFindResult = cbor_value_dup_byte_string(map, &value->data,
                &value->len, NULL);
        }
        else if(cbor_value_is_text_string(map))
        {
            cborFindResult = cbor_value_dup_text_string(map, (char**)(&value->data),
                &value->len, NULL);
        }
        else
        {
            cborFindResult = CborErrorUnknownType;
            OIC_LOG(ERROR, TAG, "Unknown type for private data.");
        }
499
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding PrivateData.");
500 501 502 503 504 505 506
    }

    // encoding -- Mandatory
    if (strcmp(name, OIC_JSON_ENCODING_NAME) == 0)
    {
        char* strEncoding = NULL;
        cborFindResult = cbor_value_dup_text_string(map, &strEncoding, &len, NULL);
507
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding EncodingType");
508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528

        if(strcmp(strEncoding, OIC_SEC_ENCODING_RAW) == 0)
        {
            value->encoding = OIC_ENCODING_RAW;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_BASE64) == 0)
        {
            value->encoding = OIC_ENCODING_BASE64;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_DER) == 0)
        {
            value->encoding = OIC_ENCODING_DER;
        }
        else if(strcmp(strEncoding, OIC_SEC_ENCODING_PEM) == 0)
        {
            value->encoding = OIC_ENCODING_PEM;
        }
        else
        {
            //For unit test
            value->encoding = OIC_ENCODING_RAW;
529
            OIC_LOG_V(WARNING, TAG, "%s: Unknown encoding type detected.", __func__);
530
        }
531 532
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(strEncoding);
533 534 535 536 537
    }
    exit:
    return cborFindResult;
}

538
CborError DeserializeEncodingFromCbor(CborValue *rootMap, OicSecKey_t *value)
539 540 541 542 543 544 545 546 547 548 549 550
{
    CborValue map = { .parser = NULL };
    CborError cborFindResult = cbor_value_enter_container(rootMap, &map);
    size_t len = 0;

    while (cbor_value_is_valid(&map))
    {
        char* name = NULL;
        CborType type = cbor_value_get_type(&map);
        if (type == CborTextStringType && cbor_value_is_text_string(&map))
        {
            cborFindResult = cbor_value_dup_text_string(&map, &name, &len, NULL);
551
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to get text");
552
            cborFindResult = cbor_value_advance(&map);
553
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to advance value");
554 555 556
        }
        if (name)
        {
557
            cborFindResult = DeserializeEncodingFromCborInternal(&map, name, value);
558
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to read OicSecKey_t value");
559 560 561 562
        }
        if (cbor_value_is_valid(&map))
        {
            cborFindResult = cbor_value_advance(&map);
563
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Advancing Map.");
564
        }
565 566
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(name);
567 568 569 570 571
    }
    exit:
    return cborFindResult;
}

572
CborError DeserializeSecOptFromCbor(CborValue *rootMap, OicSecOpt_t *value)
573 574 575 576 577 578 579 580 581 582 583 584 585
{
    CborValue map = { .parser = NULL };
    CborError cborFindResult = cbor_value_enter_container(rootMap, &map);
    size_t len = 0;
    value->revstat = false;

    while (cbor_value_is_valid(&map))
    {
        char* name = NULL;
        CborType type = cbor_value_get_type(&map);
        if (type == CborTextStringType && cbor_value_is_text_string(&map))
        {
            cborFindResult = cbor_value_dup_text_string(&map, &name, &len, NULL);
586
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to get text");
587
            cborFindResult = cbor_value_advance(&map);
588
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to advance value");
589 590 591 592 593 594 595
        }
        if (name)
        {
            // OptionalData::revstat -- Mandatory
            if (strcmp(name, OIC_JSON_REVOCATION_STATUS_NAME) == 0)
            {
                cborFindResult = cbor_value_get_boolean(&map, &value->revstat);
596
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Finding revstat Value.")
597 598
            }
            OicSecKey_t out;
599
            cborFindResult = DeserializeEncodingFromCborInternal(&map, name, &out);
600
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed to read OicSecKey_t value");
601 602 603 604 605 606 607 608

            value->data = out.data;
            value->encoding = out.encoding;
            value->len = out.len;
        }
        if (cbor_value_is_valid(&map))
        {
            cborFindResult = cbor_value_advance(&map);
609
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborFindResult, "Failed Advancing Map.");
610
        }
611 612
        //Because cbor using malloc directly, it is required to use free() instead of OICFree
        free(name);
613 614 615 616 617
    }
    exit:
    return cborFindResult;
}

618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642
/* Produce debugging output for all credentials, output metadata. */
static void logCredMetadata()
{
#if defined(TB_LOG)
    OicSecCred_t * temp = NULL;
    size_t count = 0;
    char uuidString[UUID_STRING_SIZE];
    OicUuid_t ownUuid;

    OIC_LOG_V(DEBUG, TAG, "IN %s:", __func__);

    if (GetDoxmDeviceID(&ownUuid) == OC_STACK_OK && OCConvertUuidToString(ownUuid.id, uuidString))
    {
        OIC_LOG_V(DEBUG, TAG, "Own UUID: %s", uuidString);
    }

    LL_FOREACH(gCred, temp)
    {
        count++;
        OIC_LOG(DEBUG, TAG, " ");
        OIC_LOG_V(DEBUG, TAG, "Cred ID: %d", temp->credId);
        if (OCConvertUuidToString(temp->subject.id, uuidString))
        {
            OIC_LOG_V(DEBUG, TAG, "Subject UUID: %s", uuidString);
        }
643 644 645 646 647
        if (IsNonEmptyRole(&temp->roleId))
        {
            OIC_LOG_V(DEBUG, TAG, "Role ID: %s", temp->roleId.id);
            OIC_LOG_V(DEBUG, TAG, "Role authority: %s", temp->roleId.authority);
        }
648
        OIC_LOG_V(DEBUG, TAG, "Cred Type: %d", temp->credType);
649
        OIC_LOG_V(DEBUG, TAG, "privateData length: %" PRIuPTR ", encoding: %d", temp->privateData.len, temp->privateData.encoding);
650 651

#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
652
        OIC_LOG_V(DEBUG, TAG, "publicData length: %" PRIuPTR ", encoding: %d", temp->publicData.len, temp->publicData.encoding);
653 654 655 656 657
        if (temp->credUsage)
        {
            OIC_LOG_V(DEBUG, TAG, "credUsage: %s", temp->credUsage);
        }

658
        OIC_LOG_V(DEBUG, TAG, "optionalData length: %" PRIuPTR", encoding: %d" PRIuPTR, temp->optionalData.len, temp->optionalData.encoding);
659 660 661 662
#endif

    }

663
    OIC_LOG_V(DEBUG, TAG, "Found %" PRIuPTR " credentials.", count);
664 665 666 667 668

    OIC_LOG_V(DEBUG, TAG, "OUT %s:", __func__);
#endif
}

Sahil Bansal's avatar
Sahil Bansal committed
669
OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload,
670
                                size_t *cborSize, int secureFlag)
Sahil Bansal's avatar
Sahil Bansal committed
671
{
672
    OIC_LOG_V(DEBUG, TAG, "IN %s:", __func__);
673
    if (NULL == cborPayload || NULL != *cborPayload || NULL == cborSize)
Sahil Bansal's avatar
Sahil Bansal committed
674 675 676
    {
        return OC_STACK_INVALID_PARAM;
    }
677

Sahil Bansal's avatar
Sahil Bansal committed
678
    OCStackResult ret = OC_STACK_ERROR;
Sachin Agrawal's avatar
Sachin Agrawal committed
679

leechul's avatar
leechul committed
680 681 682
    CborError cborEncoderResult = CborNoError;
    uint8_t *outPayload = NULL;
    size_t cborLen = *cborSize;
Sahil Bansal's avatar
Sahil Bansal committed
683 684
    *cborSize = 0;
    *cborPayload = NULL;
leechul's avatar
leechul committed
685
    const OicSecCred_t *cred = credS;
686 687 688
    CborEncoder encoder;
    CborEncoder credArray;
    CborEncoder credRootMap;
689
    CborEncoder roleIdMap;
Sachin Agrawal's avatar
Sachin Agrawal committed
690

leechul's avatar
leechul committed
691 692 693 694 695 696
    if (0 == cborLen)
    {
        cborLen = CBOR_SIZE;
    }

    outPayload = (uint8_t *)OICCalloc(1, cborLen);
697 698
    VERIFY_NOT_NULL_RETURN(TAG, outPayload, ERROR, OC_STACK_ERROR);

Sahil Bansal's avatar
Sahil Bansal committed
699
    cbor_encoder_init(&encoder, outPayload, cborLen, 0);
Sachin Agrawal's avatar
Sachin Agrawal committed
700

701
    size_t credRootMapSize = CRED_ROOT_MAP_SIZE;
702

leechul's avatar
leechul committed
703
    // Create CRED Root Map (creds, rownerid)
704
    cborEncoderResult = cbor_encoder_create_map(&encoder, &credRootMap, credRootMapSize);
705
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Root Map");
leechul's avatar
leechul committed
706 707 708 709

    // creds
    cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_CREDS_NAME,
        strlen(OIC_JSON_CREDS_NAME));
710
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding creds Name Tag.");
leechul's avatar
leechul committed
711 712 713

    // creds array
    cborEncoderResult = cbor_encoder_create_array(&credRootMap, &credArray, OicSecCredCount(cred));
714
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Array.");
leechul's avatar
leechul committed
715

Sahil Bansal's avatar
Sahil Bansal committed
716 717
    while (cred)
    {
718
        CborEncoder credMap;
Sahil Bansal's avatar
Sahil Bansal committed
719
        size_t mapSize = CRED_MAP_SIZE;
720
        size_t inLen = 0;
Sahil Bansal's avatar
Sahil Bansal committed
721 722 723 724
        if (cred->period)
        {
            mapSize++;
        }
725

726
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
saurabh.s9's avatar
saurabh.s9 committed
727
#ifdef MULTIPLE_OWNER
728 729 730 731
        if(cred->eownerID)
        {
            mapSize++;
        }
saurabh.s9's avatar
saurabh.s9 committed
732
#endif //MULTIPLE_OWNER
733

734
        if ((SIGNED_ASYMMETRIC_KEY == cred->credType || ASYMMETRIC_KEY == cred->credType)
Kevin Kane's avatar
Kevin Kane committed
735
            && cred->publicData.data)
Sahil Bansal's avatar
Sahil Bansal committed
736 737 738
        {
            mapSize++;
        }
739 740 741 742 743 744 745 746
        if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->optionalData.data)
        {
            mapSize++;
        }
        if (cred->credUsage)
        {
            mapSize++;
        }
747 748 749 750
        if (IsNonEmptyRole(&cred->roleId))
        {
            mapSize++;
        }
751
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
752
        if (!secureFlag && cred->privateData.data)
Sahil Bansal's avatar
Sahil Bansal committed
753 754 755
        {
            mapSize++;
        }
leechul's avatar
leechul committed
756
        cborEncoderResult = cbor_encoder_create_map(&credArray, &credMap, mapSize);
757
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Map");
Sahil Bansal's avatar
Sahil Bansal committed
758 759

        //CredID -- Mandatory
leechul's avatar
leechul committed
760
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDID_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
761
            strlen(OIC_JSON_CREDID_NAME));
762
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Id Tag. ");
leechul's avatar
leechul committed
763
        cborEncoderResult = cbor_encode_int(&credMap, cred->credId);
764
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Id Value.");
Sahil Bansal's avatar
Sahil Bansal committed
765 766

        //Subject -- Mandatory
leechul's avatar
leechul committed
767 768
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_SUBJECTID_NAME,
            strlen(OIC_JSON_SUBJECTID_NAME));
769
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Subject Tag.");
770
        inLen = (memcmp(&(cred->subject), &WILDCARD_SUBJECT_ID, sizeof(OicUuid_t)) == 0) ?
771 772 773 774 775
            WILDCARD_SUBJECT_ID_LEN : sizeof(OicUuid_t);
        if(inLen == WILDCARD_SUBJECT_ID_LEN)
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, WILDCARD_RESOURCE_URI,
                strlen(WILDCARD_RESOURCE_URI));
776
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding Subject Id wildcard Value.");
777 778 779 780 781 782 783
        }
        else
        {
            char *subject = NULL;
            ret = ConvertUuidToStr(&cred->subject, &subject);
            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
            cborEncoderResult = cbor_encode_text_string(&credMap, subject, strlen(subject));
784
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding Subject Id Value.");
785 786
            OICFree(subject);
        }
Sahil Bansal's avatar
Sahil Bansal committed
787

788 789 790 791 792
        //Role ID -- optional
        if (IsNonEmptyRole(&cred->roleId))
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_ROLEID_NAME,
                strlen(OIC_JSON_ROLEID_NAME));
793
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role ID map tag");
794 795 796

            bool includeAuthority = (0 != memcmp(&cred->roleId.authority, &EMPTY_ROLE.authority, sizeof(EMPTY_ROLE.authority)));

797
            cborEncoderResult = cbor_encoder_create_map(&credMap, &roleIdMap, ROLEID_MAP_SIZE + (includeAuthority ? 1 : 0));
798
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role ID map");
799 800

            cborEncoderResult = cbor_encode_text_string(&roleIdMap, OIC_JSON_ROLE_NAME, strlen(OIC_JSON_ROLE_NAME));
801
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role tag");
802

803
            cborEncoderResult = cbor_encode_text_string(&roleIdMap, cred->roleId.id, strlen(cred->roleId.id));
804
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding role value");
805 806 807 808

            if (includeAuthority)
            {
                cborEncoderResult = cbor_encode_text_string(&roleIdMap, OIC_JSON_AUTHORITY_NAME, strlen(OIC_JSON_AUTHORITY_NAME));
809
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding authority tag");
810 811

                cborEncoderResult = cbor_encode_text_string(&roleIdMap, cred->roleId.authority, strlen(cred->roleId.authority));
812
                VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed adding authority value");
813 814 815
            }

            cborEncoderResult = cbor_encoder_close_container(&credMap, &roleIdMap);
816
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed closing role ID map");
817 818
        }

Sahil Bansal's avatar
Sahil Bansal committed
819
        //CredType -- Mandatory
leechul's avatar
leechul committed
820
        cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDTYPE_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
821
            strlen(OIC_JSON_CREDTYPE_NAME));
822
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Type Tag.");
leechul's avatar
leechul committed
823
        cborEncoderResult = cbor_encode_int(&credMap, cred->credType);
824
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Cred Type Value.");
Sachin Agrawal's avatar
Sachin Agrawal committed
825

826
#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
Sahil Bansal's avatar
Sahil Bansal committed
827
        //PublicData -- Not Mandatory
828
        if ((SIGNED_ASYMMETRIC_KEY == cred->credType || ASYMMETRIC_KEY == cred->credType)
Kevin Kane's avatar
Kevin Kane committed
829
            && cred->publicData.data)
Sahil Bansal's avatar
Sahil Bansal committed
830
        {
831 832
            cborEncoderResult = SerializeEncodingToCbor(&credMap,
                                         OIC_JSON_PUBLICDATA_NAME, &cred->publicData);
833
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PublicData Tag.");
Sahil Bansal's avatar
Sahil Bansal committed
834
        }
835 836 837
        //OptionalData -- Not Mandatory
        if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->optionalData.data)
        {
838 839
            cborEncoderResult = SerializeSecOptToCbor(&credMap,
                                         OIC_JSON_OPTDATA_NAME, &cred->optionalData);
840
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding OptionalData Tag.");
841 842 843 844 845 846
        }
        //CredUsage -- Not Mandatory
        if(cred->credUsage)
        {
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_CREDUSAGE_NAME,
                strlen(OIC_JSON_CREDUSAGE_NAME));
847
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Credusage Name Tag.");
848 849
            cborEncoderResult = cbor_encode_text_string(&credMap, cred->credUsage,
                strlen(cred->credUsage));
850
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Credusage Name Value.");
851
        }
852
#endif /* __WITH_DTLS__ ||  __WITH_TLS__*/
Sahil Bansal's avatar
Sahil Bansal committed
853
        //PrivateData -- Not Mandatory
854
        if(!secureFlag && cred->privateData.data)
Sahil Bansal's avatar
Sahil Bansal committed
855
        {
856 857
            cborEncoderResult = SerializeEncodingToCbor(&credMap,
                                         OIC_JSON_PRIVATEDATA_NAME, &cred->privateData);
858
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding PrivateData Tag.");
Sahil Bansal's avatar
Sahil Bansal committed
859
        }
Sachin Agrawal's avatar
Sachin Agrawal committed
860

Sahil Bansal's avatar
Sahil Bansal committed
861 862 863
        //Period -- Not Mandatory
        if(cred->period)
        {
leechul's avatar
leechul committed
864
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_PERIOD_NAME,
Sahil Bansal's avatar
Sahil Bansal committed
865
                strlen(OIC_JSON_PERIOD_NAME));
866
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Period Name Tag.");
leechul's avatar
leechul committed
867
            cborEncoderResult = cbor_encode_text_string(&credMap, cred->period,
Sahil Bansal's avatar
Sahil Bansal committed
868
                strlen(cred->period));
869
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding Period Name Value.");
Sahil Bansal's avatar
Sahil Bansal committed
870
        }
Sachin Agrawal's avatar
Sachin Agrawal committed
871

saurabh.s9's avatar
saurabh.s9 committed
872
#ifdef MULTIPLE_OWNER
873 874 875 876 877 878
        // Eownerid -- Not Mandatory
        if(cred->eownerID)
        {
            char *eowner = NULL;
            cborEncoderResult = cbor_encode_text_string(&credMap, OIC_JSON_EOWNERID_NAME,
                strlen(OIC_JSON_EOWNERID_NAME));
879
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding eownerId Name Tag.");
880 881 882
            ret = ConvertUuidToStr(cred->eownerID, &eowner);
            VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
            cborEncoderResult = cbor_encode_text_string(&credMap, eowner, strlen(eowner));
883
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding eownerId Value.");
884 885
            OICFree(eowner);
        }
saurabh.s9's avatar
saurabh.s9 committed
886
#endif //MULTIPLE_OWNER
leechul's avatar
leechul committed
887 888

        cborEncoderResult = cbor_encoder_close_container(&credArray, &credMap);
889
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Cred Map.");
890

Sahil Bansal's avatar
Sahil Bansal committed
891
        cred = cred->next;
leechul's avatar
leechul committed
892 893
    }
    cborEncoderResult = cbor_encoder_close_container(&credRootMap, &credArray);
894
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing Cred Array.");
leechul's avatar
leechul committed
895 896

    cred = credS;
897

leechul's avatar
leechul committed
898 899 900 901 902
    // Rownerid
    {
        char *rowner = NULL;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_ROWNERID_NAME,
            strlen(OIC_JSON_ROWNERID_NAME));
903
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding rownerid Name.");
904
        ret = ConvertUuidToStr(&gRownerId, &rowner);
leechul's avatar
leechul committed
905 906
        VERIFY_SUCCESS(TAG, ret == OC_STACK_OK, ERROR);
        cborEncoderResult = cbor_encode_text_string(&credRootMap, rowner, strlen(rowner));
907
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding rownerid Value.");
leechul's avatar
leechul committed
908 909 910
        OICFree(rowner);
    }

Randeep's avatar
Randeep committed
911
    {
912 913 914 915
        //RT -- Mandatory
        CborEncoder rtArray;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_RT_NAME,
                strlen(OIC_JSON_RT_NAME));
916
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding RT Name Tag.");
917
        cborEncoderResult = cbor_encoder_create_array(&credRootMap, &rtArray, 1);
918
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding RT Value.");
919 920 921 922
        for (size_t i = 0; i < 1; i++)
        {
            cborEncoderResult = cbor_encode_text_string(&rtArray, OIC_RSRC_TYPE_SEC_CRED,
                    strlen(OIC_RSRC_TYPE_SEC_CRED));
923
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding RT Value.");
924 925
        }
        cborEncoderResult = cbor_encoder_close_container(&credRootMap, &rtArray);
926
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing RT.");
Randeep's avatar
Randeep committed
927

928 929 930 931
        //IF-- Mandatory
        CborEncoder ifArray;
        cborEncoderResult = cbor_encode_text_string(&credRootMap, OIC_JSON_IF_NAME,
                 strlen(OIC_JSON_IF_NAME));
932
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding IF Name Tag.");
933
        cborEncoderResult = cbor_encoder_create_array(&credRootMap, &ifArray, 1);
934
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Addding IF Value.");
935 936 937 938
        for (size_t i = 0; i < 1; i++)
        {
            cborEncoderResult = cbor_encode_text_string(&ifArray, OC_RSRVD_INTERFACE_DEFAULT,
                    strlen(OC_RSRVD_INTERFACE_DEFAULT));
939
            VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Adding IF Value.");
940 941
        }
        cborEncoderResult = cbor_encoder_close_container(&credRootMap, &ifArray);
942
        VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing IF.");
Randeep's avatar
Randeep committed
943 944
    }

leechul's avatar
leechul committed
945 946
    // Close CRED Root Map
    cborEncoderResult = cbor_encoder_close_container(&encoder, &credRootMap);
947
    VERIFY_CBOR_SUCCESS_OR_OUT_OF_MEMORY(TAG, cborEncoderResult, "Failed Closing CRED Root Map.");
leechul's avatar
leechul committed
948 949 950 951 952

    if (CborNoError == cborEncoderResult)
    {
        OIC_LOG(DEBUG, TAG, "CredToCBORPayload Successed");
        *cborPayload = outPayload;
953
        *cborSize = cbor_encoder_get_buffer_size(&encoder, outPayload);
Sahil Bansal's avatar
Sahil Bansal committed
954 955 956
        ret = OC_STACK_OK;
    }
    OIC_LOG(DEBUG, TAG, "CredToCBORPayload OUT");
Sachin Agrawal's avatar
Sachin Agrawal committed
957
exit:
leechul's avatar
leechul committed
958
    if (CborErrorOutOfMemory == cborEncoderResult)
959
    {
leechul's avatar
leechul committed
960 961 962 963
        OIC_LOG(DEBUG, TAG, "CredToCBORPayload:CborErrorOutOfMemory : retry with more memory");
        // reallocate and try again!
        OICFree(outPayload);
        // Since the allocated initial memory failed, double the memory.
964
        cborLen += cbor_encoder_get_buffer_size(&encoder, encoder.end);
leechul's avatar
leechul committed
965
        cborEncoderResult = CborNoError;