Commit 14af5d46 authored by Dmitriy Zhuravlev's avatar Dmitriy Zhuravlev

Revert "Fix PKIX provision"

This reverts commit 2e7005a0.

Change-Id: I3e94a2c70a9c8de5e700ad9c1314b1e42ae17408
Signed-off-by: default avatarDmitriy Zhuravlev <d.zhuravlev@samsung.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/6285
parent 2e7005a0
......@@ -29,6 +29,7 @@ extern "C" {
#endif //__cplusplus
#ifdef X509_DEBUG
#warning "DEBUG is enabled"
#include <stdio.h> // <printf>
#endif
......
......@@ -42,19 +42,6 @@ extern "C"
OCStackResult SRPProvisionACL(void *ctx, const OCProvisionDev_t *selectedDeviceInfo,
OicSecAcl_t *acl, OCProvisionResultCB resultCallback);
#ifdef __WITH_X509__
/**
* API to send CRL information to resource.
*
* @param[in] selectedDeviceInfo Selected target device.
* @param[in] crl CRL to provision.
* @param[in] resultCallback callback provided by API user, callback will be called when
* provisioning request recieves a response from resource server.
* @return OC_STACK_OK in case of success and other value otherwise.
*/
OCStackResult SRPProvisionCRL(void *ctx, const OCProvisionDev_t *selectedDeviceInfo,
OicSecCrl_t *crl, OCProvisionResultCB resultCallback);
#endif // __WITH_X509__
/**
* API to send Direct-Pairing Configuration to a device.
*
......
......@@ -177,18 +177,18 @@ static OCStackResult GenerateCertificateAndKeys(const OicUuid_t * subject, OicSe
numCert ++;
uint32_t len = 0;
for (size_t i = 0; i < numCert; i++)
for (size_t i = 0; i < numCert; ++i)
{
certificateChain->data = (uint8_t *) OICRealloc(certificateChain->data,
len + cert[i].len + CERT_LEN_PREFIX);
certificateChain->data = (uint8_t *) OICRealloc(certificateChain->data, len + cert[i].len + CERT_LEN_PREFIX);
if (NULL == certificateChain->data)
{
OIC_LOG(ERROR, TAG, "Error while memory allocation");
return OC_STACK_ERROR;
}
uint32_t appendedLen = appendCert2Chain(certificateChain->data + len,
cert[i].data, cert[i].len);
uint32_t appendedLen = appendCert2Chain(certificateChain->data + len, cert[i].data,
cert[i].len);
//TODO function check len
if (0 == appendedLen)
{
OIC_LOG(ERROR, TAG, "Error while certifiacate chain creation.");
......
......@@ -629,19 +629,17 @@ OCStackResult SRPProvisionCredentials(void *ctx, OicSecCredType_t type, size_t k
const OCProvisionDev_t *pDev2,
OCProvisionResultCB resultCallback)
{
VERIFY_NON_NULL(TAG, pDev1, ERROR, OC_STACK_INVALID_PARAM);
if (SYMMETRIC_PAIR_WISE_KEY == type)
if (!pDev1 || !pDev2 || !pDev1->doxm || !pDev2->doxm)
{
VERIFY_NON_NULL(TAG, pDev2, ERROR, OC_STACK_INVALID_PARAM);
OIC_LOG(INFO, TAG, "SRPUnlinkDevices : NULL parameters");
return OC_STACK_INVALID_PARAM;
}
VERIFY_NON_NULL(TAG, resultCallback, ERROR, OC_STACK_INVALID_CALLBACK);
if (!resultCallback)
{
OIC_LOG(INFO, TAG, "SRPUnlinkDevices : NULL Callback");
return OC_STACK_INVALID_CALLBACK;
}
if (SYMMETRIC_PAIR_WISE_KEY == type &&
0 == memcmp(&pDev1->doxm->deviceID, &pDev2->doxm->deviceID, sizeof(OicUuid_t)))
if (0 == memcmp(&pDev1->doxm->deviceID, &pDev2->doxm->deviceID, sizeof(OicUuid_t)))
{
OIC_LOG(INFO, TAG, "SRPUnlinkDevices : Same device ID");
return OC_STACK_INVALID_PARAM;
......
......@@ -133,7 +133,7 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload
{
return OC_STACK_INVALID_PARAM;
}
OIC_LOG(DEBUG, TAG, "CredToCBORPayload IN");
OCStackResult ret = OC_STACK_ERROR;
CborError cborEncoderResult = CborNoError;
......@@ -178,7 +178,7 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload
mapSize++;
}
#ifdef __WITH_X509__
if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->publicData.data)
if (cred->publicData.data)
{
mapSize++;
}
......@@ -216,7 +216,7 @@ OCStackResult CredToCBORPayload(const OicSecCred_t *credS, uint8_t **cborPayload
#ifdef __WITH_X509__
//PublicData -- Not Mandatory
if (SIGNED_ASYMMETRIC_KEY == cred->credType && cred->publicData.data)
if (cred->publicData.data)
{
CborEncoder publicMap = { {.ptr = NULL }, .end = 0, .added = 0, .flags = 0 };
const size_t publicMapSize = 2;
......@@ -360,9 +360,6 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
{
return OC_STACK_INVALID_PARAM;
}
OIC_LOG(DEBUG, TAG, "CBORPayloadToCred IN");
*secCred = NULL;
OCStackResult ret = OC_STACK_ERROR;
CborValue credCbor = { .parser = NULL };
......@@ -594,8 +591,6 @@ OCStackResult CBORPayloadToCred(const uint8_t *cborPayload, size_t size,
*secCred = headCred;
ret = OC_STACK_OK;
OIC_LOG(DEBUG, TAG, "CBORPayloadToCred OUT");
exit:
if (CborNoError != cborFindResult)
{
......@@ -1408,10 +1403,9 @@ int GetDtlsX509Credentials(CADtlsX509Creds_t *credInfo)
{
goto exit;
}
credInfo->chainLen = 2;
memcpy(credInfo->certificateChain, cred->publicData.data, cred->publicData.len);
memcpy(credInfo->devicePrivateKey, cred->privateData.data, cred->privateData.len);
credInfo->certificateChainLen = cred->publicData.len;
credInfo->certificateChainLen = parseCertPrefix(cred->publicData.data);
GetCAPublicKeyData(credInfo);
ret = 0;
exit:
......
......@@ -26,7 +26,6 @@
#include "srmutility.h"
#include "doxmresource.h"
#include "ocpayload.h"
#include "oic_malloc.h"
#ifdef __WITH_X509__
#include "crlresource.h"
#include "crl.h"
......@@ -42,7 +41,7 @@
#define OIC_CBOR_CRL_ID "CRLId"
#define OIC_CBOR_CRL_THIS_UPDATE "ThisUpdate"
#define OIC_CBOR_CRL_DATA "CRLData"
#define CRL_DEFAULT_CRL_ID (1)
#define CRL_DEFAULT_CRL_ID 1
#define CRL_DEFAULT_THIS_UPDATE "150101000000Z"
#define CRL_DEFAULT_CRL_DATA "-"
......@@ -168,13 +167,18 @@ OCStackResult CBORPayloadToCrl(const uint8_t *cborPayload, const size_t size,
OCStackResult ret = OC_STACK_ERROR;
*secCrl = NULL;
CborValue crlCbor = {.parser = NULL};
CborParser parser = {.end = NULL};
CborValue crlCbor = { .parser = NULL };
CborParser parser = { .end = NULL };
CborError cborFindResult = CborNoError;
int cborLen = (size == 0) ? CBOR_SIZE : size;
int cborLen = size;
if (0 == size)
{
cborLen = CBOR_SIZE;
}
cbor_parser_init(cborPayload, cborLen, 0, &parser, &crlCbor);
CborValue crlMap = { .parser = NULL};
CborValue crlMap = { .parser = NULL } ;
OicSecCrl_t *crl = NULL;
char *name = NULL;
size_t outLen = 0;
cborFindResult = cbor_value_enter_container(&crlCbor, &crlMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
......@@ -182,81 +186,90 @@ OCStackResult CBORPayloadToCrl(const uint8_t *cborPayload, const size_t size,
crl = (OicSecCrl_t *)OICCalloc(1, sizeof(OicSecCrl_t));
VERIFY_NON_NULL(TAG, crl, ERROR);
cborFindResult = cbor_value_map_find_value(&crlCbor, OIC_CBOR_CRL_ID, &crlMap);
if (CborNoError == cborFindResult && cbor_value_is_integer(&crlMap))
while (cbor_value_is_valid(&crlMap))
{
size_t len = 0;
cborFindResult = cbor_value_dup_text_string(&crlMap, &name, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
cborFindResult = cbor_value_advance(&crlMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
CborType type = cbor_value_get_type(&crlMap);
if (0 == strcmp(OIC_CBOR_CRL_ID, name))
{
cborFindResult = cbor_value_get_int(&crlMap, (int *) &crl->CrlId);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Finding CrlId.");
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
}
cborFindResult = cbor_value_map_find_value(&crlCbor, OIC_CBOR_CRL_THIS_UPDATE, &crlMap);
if (CborNoError == cborFindResult && cbor_value_is_byte_string(&crlMap))
if (0 == strcmp(OIC_CBOR_CRL_THIS_UPDATE, name))
{
cborFindResult = cbor_value_dup_byte_string(&crlMap,
&crl->ThisUpdate.data, &crl->ThisUpdate.len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Byte Array.");
uint8_t *crlByte = NULL;
cborFindResult = cbor_value_dup_byte_string(&crlMap, &crlByte, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
crl->ThisUpdate.data = (uint8_t*) OICMalloc(len);
VERIFY_NON_NULL(TAG, crl->ThisUpdate.data, ERROR);
memcpy(crl->ThisUpdate.data, crlByte, len);
crl->ThisUpdate.len = len;
OICFree(crlByte);
}
cborFindResult = cbor_value_map_find_value(&crlCbor, OIC_CBOR_CRL_DATA, &crlMap);
if (CborNoError == cborFindResult && cbor_value_is_byte_string(&crlMap))
if (0 == strcmp(OIC_CBOR_CRL_DATA, name))
{
cborFindResult = cbor_value_dup_byte_string(&crlMap,
&crl->CrlData.data, &crl->CrlData.len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, "Failed Advancing Byte Array.");
uint8_t *crlByte = NULL;
cborFindResult = cbor_value_dup_byte_string(&crlMap, &crlByte, &len, NULL);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
crl->CrlData.data = (uint8_t*) OICMalloc(len);
VERIFY_NON_NULL(TAG, crl->CrlData.data, ERROR);
memcpy(crl->CrlData.data, crlByte, len);
crl->CrlData.len = len;
OICFree(crlByte);
}
*secCrl = crl;
ret = OC_STACK_OK;
exit:
if (CborNoError != cborFindResult)
if (CborMapType != type && cbor_value_is_valid(&crlMap))
{
cborFindResult = cbor_value_advance(&crlMap);
VERIFY_CBOR_SUCCESS(TAG, cborFindResult, ERROR);
}
OICFree(name);
name = NULL;
}
// PUT/POST CBOR may not have mandatory values set default values.
if (gCrl)
if (!crl->CrlId)
{
OIC_LOG (DEBUG, TAG, "Set default values");
VERIFY_NON_NULL(TAG, gCrl, ERROR);
crl->CrlId = gCrl->CrlId;
if (crl->ThisUpdate.data)
{
OICFree(crl->ThisUpdate.data);
}
if (!crl->ThisUpdate.data)
{
VERIFY_NON_NULL(TAG, gCrl, ERROR);
outLen = gCrl->ThisUpdate.len;
crl->ThisUpdate.data = (uint8_t*) OICMalloc(outLen);
if (crl->ThisUpdate.data)
{
VERIFY_NON_NULL(TAG, crl->ThisUpdate.data, ERROR);
memcpy(crl->ThisUpdate.data, gCrl->ThisUpdate.data, outLen);
crl->ThisUpdate.len = outLen;
}
else
{
crl->ThisUpdate.len = 0;
OIC_LOG(ERROR, TAG, "Set default failed");
}
if (crl->CrlData.data)
if (!crl->CrlData.data)
{
OICFree(crl->CrlData.data);
}
VERIFY_NON_NULL(TAG, gCrl, ERROR);
outLen = gCrl->CrlData.len;
crl->CrlData.data = (uint8_t*) OICMalloc(outLen);
if (crl->CrlData.data && gCrl->CrlData.data)
{
VERIFY_NON_NULL(TAG, crl->CrlData.data, ERROR);
memcpy(crl->CrlData.data, gCrl->CrlData.data, outLen);
crl->CrlData.len = outLen;
}
else
{
crl->CrlData.len = 0;
OIC_LOG (ERROR, TAG, "Set default failed");
}
*secCrl = crl;
ret = OC_STACK_OK;
}
else
exit:
if (CborNoError != cborFindResult)
{
OIC_LOG (ERROR, TAG, "CBORPayloadToCrl failed");
DeleteCrlBinData(crl);
crl = NULL;
*secCrl = NULL;
ret = OC_STACK_ERROR;
}
if (name)
{
OICFree(name);
}
return ret;
}
......@@ -280,12 +293,11 @@ static OCEntityHandlerResult HandleCRLPostRequest(const OCEntityHandlerRequest *
OCEntityHandlerResult ehRet = OC_EH_ERROR;
OicSecCrl_t *crl = NULL;
uint8_t *payload = ((OCSecurityPayload *)ehRequest->payload)->securityData1;
size_t size = ((OCSecurityPayload *) ehRequest->payload)->payloadSize;
if (payload)
{
OIC_LOG(INFO, TAG, "UpdateSVRDB...");
CBORPayloadToCrl(payload, size, &crl);
CBORPayloadToCrl(payload, CBOR_SIZE, &crl);
VERIFY_NON_NULL(TAG, crl, ERROR);
gCrl->CrlId = crl->CrlId;
......@@ -303,9 +315,10 @@ static OCEntityHandlerResult HandleCRLPostRequest(const OCEntityHandlerRequest *
memcpy(gCrl->CrlData.data, crl->CrlData.data, crl->CrlData.len);
gCrl->CrlData.len = crl->CrlData.len;
size_t size = 0;
if (OC_STACK_OK == UpdateSecureResourceInPS(OIC_CBOR_CRL_NAME, payload, size))
{
ehRet = OC_EH_RESOURCE_CREATED;
ehRet = OC_EH_OK;
}
DeleteCrlBinData(crl);
......@@ -314,7 +327,7 @@ static OCEntityHandlerResult HandleCRLPostRequest(const OCEntityHandlerRequest *
exit:
// Send payload to request originator
SendSRMCBORResponse(ehRequest, ehRet, NULL, 0);
SendSRMResponse(ehRequest, ehRet, NULL);
OIC_LOG_V(INFO, TAG, "%s RetVal %d", __func__, ehRet);
return ehRet;
......@@ -356,7 +369,7 @@ static OCEntityHandlerResult CRLEntityHandler(OCEntityHandlerFlag flag,
default:
ehRet = OC_EH_ERROR;
SendSRMCBORResponse(ehRequest, ehRet, NULL, 0);
SendSRMResponse(ehRequest, ehRet, NULL);
}
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment