• leechul's avatar
    Modify OTM & SRM to resolve gap in ownership transfer sequence. · c69938d0
    leechul authored
    According to OIC security spec B,
    Current IoTivity security module(OTM/SRM) has gap in ownership transfer sequence.
    
    This patch includes the following modifications to remove the gap :
      1. Modify to update the 'Owned' as TRUE after owner credential is determined.
      2. In case of PIN based OxM, We should not create a temporal credential.
         It will be handled directly in dtls layer.
         It means we should use another get_psk_info callback
         instead of GetDtlsPskCredentials during PIN based OxM.
      3. The PT(OBT) transmits the owner credential(OwnerPSK) directly to the client.
         The client will only need to verify recevied OwnerPSK.
      4. Modify to include the 'cm' when update pstat in end of security provisioning.
    
    NOTE1 : Please refer to the Figure 9, Table 3 and Figure 10, Table 4 in Spec B.
    NOTE2 : IMHO, The current spec B document is not perfect in implementation perspective.
    So we've proposed a updated ownership transfer sequence in details through CR document.
    And it is expected to be accepted.
    We should be update again when spec document is released or CR codument is accepted.
    Please keep this in mind.
    
    [Patch #1] : Initial upload.
    [Patch #2~#4] : Remove the compile errors and warnings.
    [Patch #5] : Retrigger
    [Patch #6] : Remove the compile error in doxmresource for arduino
    [Patch #7] : Modify according to review comments.
    [Patch #8~#9] : Retrigger
    
    Change-Id: If88e7028b55d830d21643a915444a81dc912a948
    Signed-off-by: default avatarleechul <chuls.lee@samsung.com>
    Reviewed-on: https://gerrit.iotivity.org/gerrit/5149Reviewed-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
    Tested-by: Randeep's avatarRandeep Singh <randeep.s@samsung.com>
    c69938d0
credresource.c 39.8 KB