Add PEM support to credential publicData

Change-Id: Id5bfd6b1a08c295b49981bd7b938ec5d23522db4 Signed-off-by: Andrii Shtompel <a.shtompel@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15945Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by: Jongsung Lee <js126.lee@samsung.com> Reviewed-by: Chul Lee <chuls.lee@samsung.com> Reviewed-by: Randeep Singh <randeep.s@samsung.com> (cherry picked from commit 33a394c8) Reviewed-on: https://gerrit.iotivity.org/gerrit/16429

Add PEM support to credential publicData
Change-Id: Id5bfd6b1a08c295b49981bd7b938ec5d23522db4 Signed-off-by: Andrii Shtompel <a.shtompel@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/15945Tested-by: jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by: Jongsung Lee <js126.lee@samsung.com> Reviewed-by: Chul Lee <chuls.lee@samsung.com> Reviewed-by: Randeep Singh <randeep.s@samsung.com> (cherry picked from commit 33a394c8) Reviewed-on: https://gerrit.iotivity.org/gerrit/16429
819ab0c9 · Andrii Shtompel · Randeep · 971533b0 · 819ab0c9 · 819ab0c9
Commit 819ab0c9 authored Dec 26, 2016 by Andrii Shtompel Committed by Randeep Jan 17, 2017
9 changed files
--- a/resource/csdk/security/include/internal/credresource.h
+++ b/resource/csdk/security/include/internal/credresource.h
@@ -109,7 +109,7 @@ bool IsValidCredentialAccessForSubOwner(const OicUuid_t* uuid, const uint8_t *cb

 */
 OicSecCred_t * GenerateCredential(const OicUuid_t* subject, OicSecCredType_t credType,
-                     const OicSecCert_t * publicData, const OicSecKey_t * privateData,
+                     const OicSecKey_t * publicData, const OicSecKey_t * privateData,
                     const OicUuid_t * rownerID, const OicUuid_t * eownerID);

 /**

--- a/resource/csdk/security/include/securevirtualresourcetypes.h
+++ b/resource/csdk/security/include/securevirtualresourcetypes.h
@@ -455,7 +455,7 @@ struct OicSecCred
    //OicSecRole_t        *roleIds;       // 2:R:M:N:oic.sec.role
    OicSecCredType_t    credType;       // 3:R:S:Y:oic.sec.credtype
 #if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
-    OicSecCert_t        publicData;     // own cerificate chain
+    OicSecKey_t         publicData;     // own cerificate chain
    char            *credUsage;            // 4:R:S:N:String
    OicSecOpt_t        optionalData;   // CA's cerificate chain
 #endif /* __WITH_DTLS__  or __WITH_TLS__*/

--- a/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h
+++ b/resource/csdk/security/provisioning/include/internal/secureresourceprovider.h
@@ -111,7 +111,7 @@ OCStackResult SRPSaveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
 * @param[out] credId CredId of saved trust certificate chain in Cred of SVR.
 * @return  OC_STACK_OK in case of success and other value otherwise.
 */
-OCStackResult SRPSaveOwnCertChain(OicSecCert_t * cert, OicSecKey_t * key, uint16_t *credId);
+OCStackResult SRPSaveOwnCertChain(OicSecKey_t * cert, OicSecKey_t * key, uint16_t *credId);

 /**
 * function to register callback, for getting notification for TrustCertChain change.

--- a/resource/csdk/security/provisioning/src/cloud/csr.c
+++ b/resource/csdk/security/provisioning/src/cloud/csr.c
@@ -349,17 +349,11 @@ static OCStackResult HandleCertificateIssueRequest(void *ctx, void **data, OCCli
            OIC_ENCODING_DER
        };

-        OicSecCert_t cert1 =
-        {
-            cert.data,
-            cert.len,
-        };
-
        uint16_t credId;
-        result = SRPSaveOwnCertChain(&cert1, &key, &credId);
+        result = SRPSaveOwnCertChain(&cert, &key, &credId);
        if (result != OC_STACK_OK)
        {
-            OIC_LOG(ERROR, TAG, "Cann't add cert");
+            OIC_LOG(ERROR, TAG, "Can't add cert");
        }
    }

@@ -368,7 +362,7 @@ static OCStackResult HandleCertificateIssueRequest(void *ctx, void **data, OCCli
    if (!OCRepPayloadGetPropPubDataType((OCRepPayload *)response->payload,
                                   OC_RSRVD_CACERT, &caCert))
    {
-        OIC_LOG_V(ERROR, TAG, "Cann't get: %s", OC_RSRVD_CACERT);
+        OIC_LOG_V(ERROR, TAG, "Can't get: %s", OC_RSRVD_CACERT);
        result = OC_STACK_ERROR;
    }
    else

--- a/resource/csdk/security/provisioning/src/multipleownershiptransfermanager.c
+++ b/resource/csdk/security/provisioning/src/multipleownershiptransfermanager.c
@@ -838,9 +838,11 @@ static OCStackResult PostSubOwnerCredential(OTMContext_t* motCtx)
        newCredential.privateData.data = "";
        newCredential.privateData.len = 0;
        newCredential.privateData.encoding = ownerCredential->privateData.encoding;
-#ifdef __WITH_X509__
+
+#if defined(__WITH_DTLS__) || defined(__WITH_TLS__)
        newCredential.publicData.data = NULL;
        newCredential.publicData.len = 0;
+        newCredential.publicData.encoding = ownerCredential->publicData.encoding;
 #endif
        //Send owner credential to new device : POST /oic/sec/cred [ owner credential ]
        if (OC_STACK_OK != CredToCBORPayload(&newCredential, &secPayload->securityData,

--- a/resource/csdk/security/provisioning/src/ownershiptransfermanager.c
+++ b/resource/csdk/security/provisioning/src/ownershiptransfermanager.c
@@ -1433,6 +1433,7 @@ static OCStackResult PostOwnerCredential(OTMContext_t* otmCtx)

        newCredential.publicData.data = NULL;
        newCredential.publicData.len = 0;
+        newCredential.publicData.encoding = ownerCredential->publicData.encoding;

        int secureFlag = 0;
        //Send owner credential to new device : POST /oic/sec/cred [ owner credential ]

--- a/resource/csdk/security/provisioning/src/secureresourceprovider.c
+++ b/resource/csdk/security/provisioning/src/secureresourceprovider.c
@@ -609,7 +609,7 @@ OCStackResult SRPSaveTrustCertChain(uint8_t *trustCertChain, size_t chainSize,
 }


-OCStackResult SRPSaveOwnCertChain(OicSecCert_t * cert, OicSecKey_t * key, uint16_t *credId)
+OCStackResult SRPSaveOwnCertChain(OicSecKey_t * cert, OicSecKey_t * key, uint16_t *credId)
 {
    OIC_LOG_V(DEBUG, TAG, "In %s", __func__);
    VERIFY_NON_NULL_RET(TAG, cert, ERROR,  OC_STACK_INVALID_PARAM);
@@ -636,11 +636,12 @@ OCStackResult SRPSaveOwnCertChain(OicSecCert_t * cert, OicSecKey_t * key, uint16

    cred->credType = SIGNED_ASYMMETRIC_KEY;

-    OicSecCert_t *publicData = &cred->publicData;
+    OicSecKey_t *publicData = &cred->publicData;
    publicData->data = (uint8_t *)OICCalloc(1, cert->len);
    VERIFY_NON_NULL_RET(TAG, publicData->data, ERROR, OC_STACK_NO_MEMORY);
    memcpy(publicData->data, cert->data, cert->len);
    publicData->len = cert->len;
+    publicData->encoding = cert->encoding;

    OicSecKey_t *privateData = &cred->privateData;
    privateData->data = (uint8_t *)OICCalloc(1, key->len);

--- a/resource/csdk/security/provisioning/unittest/secureresourceprovider.cpp
+++ b/resource/csdk/security/provisioning/unittest/secureresourceprovider.cpp
@@ -302,7 +302,7 @@ TEST_F(SRPTest, SRPSaveOwnCertChainTest)
 {
    int result;
    uint16_t credId;
-    OicSecCert_t cert;
+    OicSecKey_t cert;
    OicSecKey_t key;

    cert.data = certData;
@@ -334,7 +334,7 @@ TEST_F(SRPTest, SRPSaveOwnCertChainTestNullCertData)
 {
    int result;
    uint16_t credId;
-    OicSecCert_t cert;
+    OicSecKey_t cert;
    OicSecKey_t key;

    cert.data = NULL;
@@ -351,7 +351,7 @@ TEST_F(SRPTest, SRPSaveOwnCertChainTestNullKey)
 {
    int result;
    uint16_t credId;
-    OicSecCert_t cert;
+    OicSecKey_t cert;

    cert.data = certData;
    cert.len = sizeof(certData);
@@ -365,7 +365,7 @@ TEST_F(SRPTest, SRPSaveOwnCertChainTestNullKeyData)
 {
    int result;
    uint16_t credId;
-    OicSecCert_t cert;
+    OicSecKey_t cert;
    OicSecKey_t key;

    cert.data = certData;
@@ -381,7 +381,7 @@ TEST_F(SRPTest, SRPSaveOwnCertChainTestNullKeyData)
 TEST_F(SRPTest, SRPSaveOwnCertChainTestNullCredId)
 {
    int result;
-    OicSecCert_t cert;
+    OicSecKey_t cert;
    OicSecKey_t key;

    cert.data = certData;

--- a/resource/csdk/security/src/credresource.c
+++ b/resource/csdk/security/src/credresource.c