- 26 Feb, 2019 1 commit
-
-
Oleksii Beketov authored
Added callback to return peer's UUID on SSL connection closure Change-Id: Ib31250c639b9c2633e1459f0d555424ca429fb26 Signed-off-by:Oleksii Beketov <ol.beketov@samsung.com>
-
- 06 Nov, 2018 1 commit
-
-
Oleksii Beketov authored
PEM/DER casting removed, allowing mbedtls to manage certificate conversion by itself. Credresource loads certificates that could be either PEM or DER encoded to a linked list instead of pushing them to a buffer. Change-Id: I200f9ef8798b20bf894b8ef2cf85e42e13749f38 Signed-off-by:
-
- 24 Jan, 2018 1 commit
-
-
Philippe Coval authored
Functions in payload_logging.h can be used in examples, so it's installed in "experimental" sub namespace along dependencies. Bug: https://jira.iotivity.org/browse/IOT-1745 Change-Id: If3a9e4309601c356ab9a2faaa9fbe26283408633 Signed-off-by:
Philippe Coval <philippe.coval@osg.samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/21195Tested-by:
jenkins-iotivity <jenkins@iotivity.org> Reviewed-by:
George Nash <george.nash@intel.com>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
-
- 15 Nov, 2017 1 commit
-
-
Nathan Heldt-Sheller authored
This reverts commit 7f9d8c71. 22967 caused a regression in the CTT; we'll fix and re-submit after regression testing. Change-Id: Ie06cf59b6463072c54b23c61d322bdb7f09cc22f Signed-off-by:
Nathan Heldt-Sheller <nathan.heldt-sheller@intel.com>
-
- 14 Nov, 2017 1 commit
-
-
Oleksii Beketov authored
Allow to parse all CA certificates when SVR DB contains more than one root CA. Change-Id: Ie82632b459a9a064a90ff14e100e4db9ab60492d Signed-off-by:
-
- 13 Oct, 2017 1 commit
-
-
Oleksii Beketov authored
Added callback to check peer's certificate Common Name field. Change-Id: Idb316438a76d70fcc7a91a2e119aadd0c771bde6 Signed-off-by:
akk0rd <v.riznyk@samsung.com> Signed-off-by:
-
- 14 Sep, 2017 1 commit
-
-
saurabh.s9 authored
Purpose: Errors happens during OCDoResource calls should be returned to app layer Previously, session errors (handshake failed) didn't returned properly to app layer and this cause side effects (CA retransmission works in cases when it should not) Current state: 1. Source code builds ok 2. Secure stack samples (UDP/TCP) works well (both positive/negative cases) 3. Provisioning (OTM, 20th menu item) works well for following: a. justworks positive UDP/TCP, negative UDP case b. mfg positive UDP/TCP, negative UDP case c. mv_justworks positive UDP/TCP, negative UDP case d. randompin positive UDP/TCP, negative UDP case 4. OTM in provisioning via TCP - negative case - should work properly after fix IOT-2454 How to test: 1. Positive case - just test samples (f.e secure stack samples) & provisioning with all servers 2. Negative case - add following code which artificially breaks handshake (to ca_adapter_net_ssl.c) if (peer->ssl.state == MBEDTLS_SSL_CERTIFICATE_REQUEST) { ret = MBEDTLS_SSL_ALERT_MSG_INTERNAL_ERROR; } And again test all samples and provisioning with all servers. As result - you should see an error returned to app immidiately (without timeouts, etc) and there should be no CA retransmission attempts (UDP case) Change-Id: Ia1fe1c7c58f9e40040a0be5e7e83abbc66f80bfe Signed-off-by:Andrii Shtompel <a.shtompel@samsung.com> Signed-off-by:
saurabh.s9 <saurabh.s9@samsung.com>
-
- 29 Aug, 2017 1 commit
-
-
George Nash authoredIt is common to do a compair with a const value in unit tests. For example EXPECT_EQ(3, value). If `value` is an unsigned type this will produce the sign-compare compiler warning. The compiler defaults to treating constant numbers as a signed data type. Adding a sufix u (i.e. 3u) will tell the compiler to treat the constant as an unsigned data type. In other cases the type is cast to an unsigned or signed value before the comparison. In aclresourcetest.cpp the return type for GetNumberOfResource function was updated to return size_t since in all the test conditions it is compared with variable of size_t or a constant number. Bug: https://jira.iotivity.org/browse/IOT-2539 Change-Id: I7e47bfb9f027304abd975eb0d8e577cbd484545a Signed-off-by:
George Nash <george.nash@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/21689Tested-by:
-
- 14 Aug, 2017 1 commit
-
-
Philippe Coval authored
Functions in payload_logging.h can be used in examples, so it's installed in "experimental" sub namespace along dependencies. Bug: https://jira.iotivity.org/browse/IOT-1745 Change-Id: If3a9e4309601c356ab9a2faaa9fbe26283408633 Signed-off-by:
George Nash <george.nash@intel.com>
Reviewed-by:
-
- 12 Aug, 2017 1 commit
-
-
George Nash authored
It is common to do a compair with a const value in unit tests. For example EXPECT_EQ(3, value). If `value` is an unsigned type this will produce the sign-compare compiler warning. The compiler defaults to treating constant numbers as a signed data type. Adding a sufix u (i.e. 3u) will tell the compiler to treat the constant as an unsigned data type. In other cases the type is cast to an unsigned or signed value before the comparison. In aclresourcetest.cpp the return type for GetNumberOfResource function was updated to return size_t since in all the test conditions it is compared with variable of size_t or a constant number. Bug: https://jira.iotivity.org/browse/IOT-2539 Change-Id: I7e47bfb9f027304abd975eb0d8e577cbd484545a Signed-off-by:
George Nash <george.nash@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/21689Tested-by:
-
- 27 Jun, 2017 1 commit
-
-
Oleksandr Dmytrenko authored
Fix memory leak: cert/key/CRL information returned by cred resource https://jira.iotivity.org/browse/IOT-1917 Change-Id: Ic563b5e5b79ccac8855ebb5b215e475d1b4e57be Signed-off-by:
Oleksandr Dmytrenko <o.dmytrenko@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/18057Reviewed-by:
Kevin Kane <kkane@microsoft.com> Tested-by:
Greg Zaverucha <gregz@microsoft.com> (cherry picked from commit dba44fd8) Reviewed-on: https://gerrit.iotivity.org/gerrit/20933Reviewed-by:
-
- 18 Jun, 2017 1 commit
-
-
Philippe Coval authored
Change-Id: If22cffaa199d1057497019fd45c502b8ae69b8de Signed-off-by:
-
- 16 Jun, 2017 1 commit
-
-
Philippe Coval authored
Change-Id: If22cffaa199d1057497019fd45c502b8ae69b8de Signed-off-by:
-
- 24 May, 2017 1 commit
-
-
ol.beketov authored
Change-Id: I4cf4a6a01c64e8e455e51a3fca88e512b516e60c Signed-off-by:
Uze Choi <uzchoi@samsung.com>
-
- 22 May, 2017 1 commit
-
-
Philippe Coval authored
Change-Id: I5177f05d782fc22507e2032b2924d7d900000003 Signed-off-by:
-
- 15 May, 2017 2 commits
-
-
Dan Mihai authored
Fixing: D:\GitRoot\1.3-rel\extlibs\gtest\googletest-release-1.7.0\include\ gtest/gtest.h(1577): error C2220: warning treated as error - no 'object' file generated resource\csdk\connectivity\test\ssladapter_test.cpp(3194): note: see reference to function template instantiation 'testing::AssertionResult testing::internal::CmpHelperNE<int,bool>( const char *,const char *,const T1 &,const T2 &)' being compiled with [ T1=int, T2=bool ] D:\GitRoot\1.3-rel\extlibs\gtest\googletest-release-1.7.0\include\ gtest/gtest.h(1577): warning C4805: '!=': unsafe mix of type 'const int' and type 'const bool' in operation Change-Id: I055105a058c16242ef17ee01a1e9267178a48751 Signed-off-by:Ibrahim Esmat <iesmat@microsoft.com> Reviewed-by:
Way Vadhanasin <wayvad@microsoft.com> Tested-by:
-
Oleksandr Dmytrenko authored
Change-Id: I4d6379193291d01d50ecbca2df25a51dc20b75c8 Signed-off-by:
-
- 12 Apr, 2017 2 commits
-
-
Alex Kelley authored
These changes include the following: - Fix W4 warnings under resource/csdk/connectivity. - Fix W4 warnings under resource/csdk/connectivity/test. - Enable /W4 /WX on resource/csdk/connectivity. - Enable /W4 /WX on resource/csdk/connectivity/test. - Update build_common/Windows/SConscript. Change-Id: I98d93f4df6fc938f004ef2f6844ba120bb5e788a Signed-off-by:
Alex Kelley <alexke@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/18535Tested-by:
Mike Fenelon <mike.fenelon@microsoft.com> (cherry picked from commit 7a811cc5) Reviewed-on: https://gerrit.iotivity.org/gerrit/18749Reviewed-by:
Dave Thaler <dthaler@microsoft.com>
-
Oleksandr Dmytrenko authored
Fix memory leak: cert/key/CRL information returned by cred resource https://jira.iotivity.org/browse/IOT-1917 Change-Id: Ic563b5e5b79ccac8855ebb5b215e475d1b4e57be Signed-off-by:
-
- 11 Apr, 2017 1 commit
-
-
Alex Kelley authored
These changes include the following: - Fix W4 warnings under resource/csdk/connectivity. - Fix W4 warnings under resource/csdk/connectivity/test. - Enable /W4 /WX on resource/csdk/connectivity. - Enable /W4 /WX on resource/csdk/connectivity/test. - Update build_common/Windows/SConscript. Change-Id: I98d93f4df6fc938f004ef2f6844ba120bb5e788a Signed-off-by:
-
- 07 Apr, 2017 1 commit
-
-
Kevin Kane authored
mbedTLS insists on newlines in PEM data, and the lack thereof is causing SSL adapter tests to fail. Add newlines to the test certs for correct parsing. Change-Id: I5c42dbd648bf111ac00f746d4e59fc4a9a224208 Signed-off-by:
-
- 04 Apr, 2017 1 commit
-
-
Andrii Shtompel authored
Checking identity added to avoid including PSK suite if no appropriate PSK in SVR DB. Change-Id: I118c4b5864929cc8fdd0597af855f3c06b9332dc Signed-off-by:
Dmitriy Zhuravlev <d.zhuravlev@samsung.com> Signed-off-by:
Randeep Singh <randeep.s@samsung.com>
-
- 29 Mar, 2017 1 commit
-
-
Greg Zaverucha authored
Add unit test to exercise certificate provisioning and use (previously only provisioning was tested). Fixed bugs in credresource and ca_adapter_net_ssl. Configure mbedtls to use OCF certificate EKUs. Added more logging in many places. Exposed API to remove credentials locally for use by test code. Change-Id: Ia55c7f3a7518f12c99f60280062f156954bdf4ac Signed-off-by:
-
- 23 Mar, 2017 2 commits
-
-
Kevin Kane authored
Change cred resource to always provide own certificate as a PEM string, and no longer require ParseChain to heuristically parse a mixed bag of DER and PEM certs. Also, go back to having ParseChain return an int rather than a size_t which was changed during /W4 warning cleanup; it must be able to return negative values to indicate errors. Change-Id: Id36962ed580eb3bccc110aac0350349b05674ee7 Signed-off-by:
-
ol.beketov authored
Unit tests for various cipher suites updated in correspondence to changes from the patch 16251 "Support for multiple ciphersuites". Change-Id: Ie65bb0df79cb9a17d88d41fde9f791c75a04db17 Signed-off-by:
-
- 10 Mar, 2017 2 commits
-
-
Kevin Kane authored
Also change "ret == 0" to "0 == ret" for IOT-1870; opened from a previous code review. Change-Id: I829192698b9a8fed920e865f9cd4c2b968f8c951 Signed-off-by:
-
Pawel Winogrodzki authored
Removing the /W3 warnings in order to add the /WX option to prevent new ones from being added inside the resource/csdk/connectivity/ directory. Change-Id: Ie1bce977c027e985cd5ba14458d2026b5d391d4f Signed-off-by:
Pawel Winogrodzki <pawelwi@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/17549Tested-by:
-
- 06 Mar, 2017 1 commit
-
-
Pawel Winogrodzki authored
Disable SRPSaveTrustCertChain* which always fail (IOT-1846) Fix typo in "TLSAdaper" Disable TLSAdapter tests that have socket bugs (IOT-1848) Change exit() calls to EXPECT calls so tests continue gracefully Make socketOpen_server() work on Windows Change-Id: Ie2b027a4539845975667709ef60497c345fae2b0 Signed-off-by:
-
- 04 Mar, 2017 1 commit
-
-
Pawel Winogrodzki authored
Removing the /W3 warnings in order to add the /WX option to prevent new ones from being added inside the resource/csdk/connectivity/ directory. Change-Id: Ibd53ad378b5d960ea59f2e2c61254a9257d03a3e Signed-off-by:
-
- 21 Feb, 2017 1 commit
-
-
Dan Mihai authored
1. Use the initial Ownership Transfer session even after setting-up the Owner Credential, when onboarding Servers based on OCF 1.0 - rather than closing that session and establishing a new one. 2. Posting the Owner Credential ACL might fail for older Servers. In that case, close the initial Ownership Transfer session and establish a new session, for compatibility with those older Servers. Change-Id: If242c0af4ec05ad9ca144c274ee5385bc7738d92 Signed-off-by:
-
- 27 Jan, 2017 1 commit
-
-
Oleksii Beketov authored
Ssladapter unit tests updated to correspond new ciphersuites list Change-Id: I0f4a6327f0eb9aa6038974db89a8b3bb2c6814c3 Signed-off-by:
Chul Lee <chuls.lee@samsung.com> Reviewed-by:
-
- 23 Jan, 2017 1 commit
-
-
Oleksii Beketov authored
1. ParseChain modified to get rid of 0x0 termination restriction. Upon now the certificate chain may contain mix of PEM or DER certificates with or without any separating symbols. 2. Add unit test for ParseChain Change-Id: I6a2d6664c323e415e79fbddf63842b29fe15e338 Signed-off-by:
jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by:
Jongsung Lee <js126.lee@samsung.com> Reviewed-by:
-
- 19 Jan, 2017 2 commits
-
-
Alex Kelley authored
- Add APIs to do MOT discovery of a specific device. - Add APIs to check to see if the caller is a subowner. - Add context to display and input pin callbacks. - Add device information to input pin callback. - Enable C++ security APIs to be built for Windows. - Update ProvisioningClient and Sampleserver_RandomPin to use the new APIs. - Enable MOT to always build on Windows. Change-Id: I27af9d3c2c7065b8643f77be3ac4c9b2dc5ffe80 Signed-off-by:
-
Oleksii Beketov authored
1. Suites added: TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_256 0xC027 2. Removed: TLS_RSA_WITH_AES_256_CBC_SHA 0x35 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 3. SSL code refactored 4. Added unit tests for new cipher suites 5. CAsslGenerateOwnerPsk modified to support all suites Change-Id: If22925d175751a08121c66b90cc2907dd27ebee5 Signed-off-by:
-
- 10 Jan, 2017 1 commit
-
-
Dave Thaler authored
Port the tcp_adapter directory using similar code as was done in ip_adapter Enable building the relevant directories for Windows as target Change-Id: Ibae7a30cf353a6088bfa133c27edb1ac2449efaa Signed-off-by:
-
- 15 Dec, 2016 1 commit
-
-
Greg Zaverucha authored
Adds a new version of the mbedtls config.h file specialized to IoTivity. Library features that are not required by IoTivity are removed from the build. The new file is extlibs/mbedtls/config-iotivity.h. Changes to config.h made by ocf.patch are now made directly in config-iotivity.h. Update the scons file to copy this to mbedtls/include/mbedtls/config.h. Update ssaladapter tests so that they don't allow unsupported TLS versions. TLS renegotiation was being disabled at runtime, now it is disabled at build. To review the changes that IoTivity makes to config.h relative to the default, diff extlibs/mbedtls/config-iotivity.h and extlibs/mbedtlsmbedtls/include/mbedtls/config.h. Change-Id: I9e6190e7c0e145443d5e164ccf47314a3bfcf53e Signed-off-by:
-
- 25 Nov, 2016 1 commit
-
-
Chul Lee authored
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 and TLS_ECDHE_ECDSA_WITH_AES_128_CCM cipher suites were added in order to support manufacturer certificate based OxM. Change-Id: I3ec5ddce982e5bfd5f7591b493448eec5468653f Signed-off-by:
-
- 11 Nov, 2016 1 commit
-
-
hyuna0213.jo authored
Modified ssl adapter along with modified return type. Change-Id: I68d0d1ab73f1a858c42b3340947f01ca61974987 Signed-off-by:
hyuna0213.jo <hyuna0213.jo@samsung.com> Signed-off-by:
Joonghwan Lee <jh05.lee@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/13991Tested-by:
jihwan seo <jihwan.seo@samsung.com> Reviewed-by:
Jaehong Jo <jaehong.jo@samsung.com> Reviewed-by:
Ashok Babu Channa <ashok.channa@samsung.com>
-
- 25 Oct, 2016 1 commit
-
-
Oleksii Beketov authored
caTrustedCrl discarded due to needlessness Change-Id: I7b7e9bb0d85474a6f0ecf8f23019b072715c08bd Signed-off-by:
-
- 18 Oct, 2016 1 commit
-
-
Oleksii Beketov authored
Change-Id: Ib108dd1ce76632f1393383e6402e73c7ba2e60d7 Signed-off-by:
-
