- 19 Jul, 2017 1 commit
-
-
Andrii Shtompel authored
Verified using CTT 1.5.11 test CT1.7.9.3 DELETE delete all credentials return PASSED Change-Id: Ie52c6af9fb9205a650b766acf0084e0ac2dcdcf1 Signed-off-by:
Andrii Shtompel <a.shtompel@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/21403Reviewed-by:
Aleksey Volkov <a.volkov@samsung.com> Tested-by:
jenkins-iotivity <jenkins@iotivity.org> Reviewed-by:
Nathan Heldt-Sheller <nathan.heldt-sheller@intel.com> Reviewed-by:
Oleksii Beketov <ol.beketov@samsung.com> Reviewed-by:
Randeep Singh <randeep.s@samsung.com>
-
- 15 Jun, 2017 1 commit
-
-
Nathan Heldt-Sheller authored
The CTT was posting an Update to /acl2 that included only rowneruuid in the payload. The IUT was rejecting because it could not determine that the payload was /acl2 (vs. /acl v1). This is wrong behavior by IUT because such a payload is actually valid /acl2 and/or /acl v1 payload. This patch changes the logic so that it only rejects an Update based on version if it can determine it is an incompatible version - in this case, v1 - and accepts it otherwise. A similar problem exists in the /cred Update handler, which (in a particular state) treats a payload containing just rowneruuid as a failed attempt to Update the Owner credential. This patch changes that logic too, to no longer treat a "NO_SECURITY_MODE" credType as an Owner credential. Change-Id: Ica9bde112cb87bd6ad6ee014cf7526928545d786 Signed-off-by:
Dan Mihai <Daniel.Mihai@microsoft.com> Reviewed-by:
Mushfiqul Islam <i.mushfiq@samsung.com> Reviewed-by:
Kevin Kane <kkane@microsoft.com>
-
- 21 May, 2017 1 commit
-
-
Dmitriy Zhuravlev authored
Fix compiler warnings in credresource.c Change-Id: Ibf6d9a115771c444e656329950a8f5c88e9f5ff6 Signed-off-by:
Dmitriy Zhuravlev <d.zhuravlev@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/20195Reviewed-by:
-
- 20 May, 2017 3 commits
-
-
Dmitriy Zhuravlev authored
Updates provisioning flow for: 1) Trust Chain 2) PSK 3) ACL Change-Id: Id1824b3ef7974658857a203125d36ca25a653add Signed-off-by:
-
ol.beketov authored
Fix for manufacturer certificate ownership transfer Patch 4: remove workaround and fixed original issue for certOTM Change-Id: I44bcc2c09f75c3170644e48fc297c8ac323b7405 Signed-off-by:
Jongsung Lee <js126.lee@samsung.com> Signed-off-by:
dongik Lee <dongik.lee@samsung.com> Reviewed-by:
-
ol.beketov authored
Fix return value in GetDtlsPskCredentials() from credresource.c missed in patchset #19785 Change-Id: Id79111409f574ce49f037adb6602a4195666db0c Signed-off-by:
-
- 18 May, 2017 2 commits
-
-
ol.beketov authored
Change-Id: Ie1b99a3815c8126e35576d4c3daa91c73ad66c6d Signed-off-by:
Phil Coval <philippe.coval@osg.samsung.com> Reviewed-by:
-
ol.beketov authored
Change-Id: I539a8f21fd149b7d468d96b52e7bcadc964f6931 Signed-off-by:
-
- 15 May, 2017 2 commits
-
-
Dmitriy Zhuravlev authored
Workaround to pass Easy-Setup samples Change-Id: Ib62f8de9f8a039ec9c6d1f7e6eb0a2f5544a905c Signed-off-by:
Jihun Ha <jihun.ha@samsung.com> Tested-by:
Uze Choi <uzchoi@samsung.com>
-
Dmitriy Zhuravlev authored
Allow to load PSK suites in case of empty deviceId Change-Id: Idaf55bb3624c2f1d1a1825b0cdcaaa1bdd7d5caf Signed-off-by:
Senthil Kumar G S <senthil.gs@samsung.com> Tested-by:
-
- 09 May, 2017 1 commit
-
-
Alex Kelley authored
These changes do the following: 1. Pass additional information in the request to add a Preconfigured Pin to identify it as an update to a Preconfigured Pin credential. 2. Add additional checks to determine if the credential being updated is a Preconfigured Pin credential. 3. Remove an existing Preconfigured Pin credential (if it exists) before adding a new one. Change-Id: I75bfc8a55e25a2da0ec366fa6628e98430c29d00 Signed-off-by:Alex Kelley <alexke@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/19537Reviewed-by:
-
- 04 May, 2017 1 commit
-
-
Nathan Heldt-Sheller authored
Implementation of CR 22 feature to deny UPDATE to /cred if any Property in the POST representation is read-only in the current /pstat.dos.s state. Change-Id: I2acb34b8ceff1eeba0a4b12101fa60d7c2dee9dc Signed-off-by:
-
- 25 Apr, 2017 1 commit
-
-
Nathan Heldt-Sheller authored
Implements CR1616 which requires all SVRs to be marked "Discoverable", and also to expose a Secure Endpoint. Change-Id: I0cae25b0ac83ac194fd03ed45245bcb9afc98eeb Signed-off-by:
-
- 18 Apr, 2017 2 commits
-
-
Nathan Heldt-Sheller authored
Implementation of CR 32 "Device Offboarding and Soft Reset". Note that there are a handful of minor updates still to be done after the provisioning tool is fully updated, but this can be done during QA cycle after merge to 1.3-rel. See [IOT-2023]. Note also that the unit tests are not written yet; however, the critical onboarding path from RFOTM->RFPRO->RFNOP has been verified using the provisioning tool sample app. See [IOT-2024]. patch set 2,3: rebase patch set 4,5: address review comments patch set 6,7: fix jenkins issues patch set 8: rebase patch set 9: fix jenkins issues patch set 10: rebase patsh set 11: address review comments Change-Id: I7dc8adb5ad90bd168f3ab485461568b9ab7805e0 Signed-off-by:
-
Greg Zaverucha authored
If a role certificate is added a second time to the roles resource, do not add it again. Change-Id: Ifce27b93404216fb2bbac5b02aeb414a75f0398c Signed-off-by:
Greg Zaverucha <gregz@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/18831Reviewed-by:
-
- 07 Apr, 2017 2 commits
-
-
Kevin Kane authored
Implement roleId property of an oic.sec.cred object. Fix error path bugs in CRED<->CBOR code to fail properly if certain serialization subroutines fail; error codes were being ignored. Fix error path memory leaks. Also fix the ACL/ACL2<->CBOR code to use the correct JSON field names per the schema. Fix error path memory leaks. Change-Id: Ie9aa8baba5903c482acb3adc6ef617a1ced7db31 Signed-off-by:
Dave Thaler <dthaler@microsoft.com> Reviewed-by:
-
Greg Zaverucha authored
GetCredEntryByCredId was using WITH_X509 instead of WITH_DTLS, causing a block of code to not be included in certain build configurations. Change-Id: I16c05f38c7d2e317a727d6480289151e30229d71 Signed-off-by:
-
- 04 Apr, 2017 1 commit
-
-
Andrii Shtompel authored
Checking identity added to avoid including PSK suite if no appropriate PSK in SVR DB. Change-Id: I118c4b5864929cc8fdd0597af855f3c06b9332dc Signed-off-by:
-
- 31 Mar, 2017 1 commit
-
-
Greg Zaverucha authored
Add end-to-end testing of role certificate scenario: - provision role certs - test role-based ACLs provisioning and enforcement - test assertion of role certificates Fix bugs and add new functions as necessary. Added the ROLE_CERT usage to distinguish role certs (which can't be used for TLS) from identity certs. Previously they were both saved as PRIMARY_CERT. Some small changes to save and retrieve role certificates locally. Add functionality to assert roles (POST the certs to /oic/sec/roles). Change-Id: I9080e0ca6b0809608621eb8b23dd4bbbfbbb176c Signed-off-by:
-
- 29 Mar, 2017 1 commit
-
-
Greg Zaverucha authored
Add unit test to exercise certificate provisioning and use (previously only provisioning was tested). Fixed bugs in credresource and ca_adapter_net_ssl. Configure mbedtls to use OCF certificate EKUs. Added more logging in many places. Exposed API to remove credentials locally for use by test code. Change-Id: Ia55c7f3a7518f12c99f60280062f156954bdf4ac Signed-off-by:
-
- 23 Mar, 2017 1 commit
-
-
Kevin Kane authored
Change cred resource to always provide own certificate as a PEM string, and no longer require ParseChain to heuristically parse a mixed bag of DER and PEM certs. Also, go back to having ParseChain return an int rather than a size_t which was changed during /W4 warning cleanup; it must be able to return negative values to indicate errors. Change-Id: Id36962ed580eb3bccc110aac0350349b05674ee7 Signed-off-by:
-
- 22 Mar, 2017 1 commit
-
-
js126.lee authored
Issue : If the first character of deviceuuid generated ramdomly is *(2a) in PT, subjectuuid of cred is set to * wrongly instead of actual deviceuuid during generating cred payload during OT. Change-Id: Idc6587d71456a1eb7a816bd083bfcbb5c94e9c34 Signed-off-by:
-
- 10 Mar, 2017 1 commit
-
-
Kevin Kane authored
Also change "ret == 0" to "0 == ret" for IOT-1870; opened from a previous code review. Change-Id: I829192698b9a8fed920e865f9cd4c2b968f8c951 Signed-off-by:
Way Vadhanasin <wayvad@microsoft.com> Reviewed-by:
-
- 09 Mar, 2017 2 commits
-
-
Greg Zaverucha authored
- Shell script to create IoTivity identity certificates using OpenSSL command line tools. - Partial unit test for providing credentails to the CA adapter layer. Tests loading of PEM cert and key. - Misc changes and fixes to the cred resource - updated provisioning client to provision certs - helper code to create certs from CSRs Change-Id: I7d3ab4810c7f7d6247ed90420cb97cbdb5f829a4 Signed-off-by:
-
Oleksii Beketov authored
Some minor defects (NULL checks and double frees) fixed. Change-Id: I066a238a9379d45d1f377cc5a144c0bc0a97ccb7 Signed-off-by:
-
- 08 Mar, 2017 1 commit
-
-
Alex Kelley authored
Change-Id: I70ff36b675418f7e441b1af594d922c231430918 Signed-off-by:
-
- 02 Mar, 2017 1 commit
-
-
Jongmin Choi authored
SetupCipher() modified to support multiple ciphersuites rather than using a fixed one Patch #1: initial upload Patch #2: Rebased and SetupCipher() related changes applied Patch #3: Rebased Change-Id: I6cb57605984c273bcdb98c5130da9a9995ae50db Signed-off-by:
Jongmin Choi <jminl.choi@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/16251Tested-by:
-
- 01 Mar, 2017 1 commit
-
-
Pawel Winogrodzki authored
A fix for the broken Windows build, if run.bat was used with the "-logging" option. Change-Id: Ic8d506535889c9dd948310461d6b60516b597096 Signed-off-by:
Pawel Winogrodzki <pawelwi@microsoft.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/17545Tested-by:
Mike Fenelon <mike.fenelon@microsoft.com> Reviewed-by:
-
- 28 Feb, 2017 1 commit
-
-
Alex Kelley authored
These changes include the following: - Prepare resource/csdk/security/SConscript to enable /W4. - Fix W4 warnings under resource/csdk/security/src - Fix W4 warnings under resource/csdk/security/tool Changes to resource/csdk/security/provisioning will come in another review. Change-Id: I3a26fa952103b3b218569155cd1341aa696944e1 Signed-off-by:
-
- 23 Feb, 2017 2 commits
-
-
Philippe Coval authored
[Chul Lee] Remove tinydtls library [Philippe Coval] Ported from 1.2-rel branch to master, and removed presence is other SConscript. Conflicts: service/coap-http-proxy/unittests/SConscript resource/csdk/SConscript resource/csdk/connectivity/src/SConscript resource/csdk/stack/test/SConscript resource/csdk/security/src/doxmresource.c Change-Id: I78f470af822587f2cd50eac6e9b1fb4ff5b87219 Signed-off-by:
Chul Lee <chuls.lee@samsung.com> Reviewed-on: https://gerrit.iotivity.org/gerrit/16137Tested-by:
jenkins-iotivity <jenkins-iotivity@opendaylight.org> Reviewed-by:
Ashwini Kumar <k.ashwini@samsung.com> Reviewed-by:
Ziran Sun <ziran.sun@samsung.com>
-
Kevin Kane authored
Change-Id: I04a98127e2414c2e3c35f00c4d702bb228fb7dec Signed-off-by:
-
- 21 Feb, 2017 1 commit
-
-
Dan Mihai authored
Restore the error code expected by the unit test, recently modified by change df063552. Change-Id: If5393030a4019485aad5dc0c13159b5b895dc2f8 Signed-off-by:
-
- 20 Feb, 2017 1 commit
-
-
Pawel Winogrodzki authored
Removing the /W3 warnings and adding a /WX option to prevent new ones from being added inside the resource/csdk/stack/ directory. Change-Id: I59190795483086a9f5a4f3293091e3a84e7013a7 Signed-off-by:
-
- 16 Feb, 2017 1 commit
-
-
js126.lee authored
Issue : If deviceuuid is null and required pre-install certificate in SVR DB, it is impossible to set a subject of SIGNED_ASYMMETRIC_KEY type (certificate). According to OCF Security Spec and Raml, subject of Cred allows UUID format only, so CTT decides a failure in case of wildcard(*). But, it is not clear how to set a subject of cred in case of SIGNED_ASYMMETRIC_KEY on spec. So, this patch set it with own deviceuuid in case of NULL or wildcard, because own deviceuuid is only UUID a device knows at all time. Patch 1,2: Upload patch Patch 3 : Set subject of cred with own deviceuuid in case of NULL or wildcard Patch 4: Apply review comment Patch 5-8 : Re-trigger jenkins build Change-Id: Idb09357a821be81bb9f05489ebb40403e66c3514 Signed-off-by:
-
- 01 Feb, 2017 2 commits
-
-
Andrii Shtompel authored
Change-Id: Ibebbad962e6c9626f8387e16aabd558f496de667 Signed-off-by:
-
Pawel Winogrodzki authored
I'm also refactoring some SConscript files in order to enable /W3 and /WX only for specific directories and I'm adding _CRT_NONSTDC_NO_WARNINGS to disable warnings about issues we cannot change anyway, because the code has to build for multiple platforms. Change-Id: Ifef66b6c59540df2ceb40a54af47865d56a302d7 Signed-off-by:
-
- 30 Jan, 2017 1 commit
-
-
George Nash authoredRemoved the CBOR_MAX_SIZE const variable. In other parts of the code the CBOR_MAX_SIZE is used to check if realocation can be used to resolve an out-of-memory cborEncoderResult. In credresource.c it is not used and can be removed. Change-Id: I967b84375dd7f3d3532f191aa503d2d80542ffb1 Signed-off-by:
George Nash <george.nash@intel.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/16805Tested-by:
-
- 19 Jan, 2017 1 commit
-
-
Oleksii Beketov authored
1. Suites added: TLS_RSA_WITH_AES_256_CBC_SHA256 0x3D TLS_RSA_WITH_AES_128_GCM_SHA256 0x009C TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 0xC02B TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 0xC024 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 0xC02C TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_256 0xC027 2. Removed: TLS_RSA_WITH_AES_256_CBC_SHA 0x35 TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA 0xC009 3. SSL code refactored 4. Added unit tests for new cipher suites 5. CAsslGenerateOwnerPsk modified to support all suites Change-Id: If22925d175751a08121c66b90cc2907dd27ebee5 Signed-off-by:
-
- 17 Jan, 2017 1 commit
-
-
Andrii Shtompel authored
Change-Id: Id5bfd6b1a08c295b49981bd7b938ec5d23522db4 Signed-off-by:
-
- 09 Jan, 2017 1 commit
-
-
Chul Lee authored
Patch #1 : initial upload. Patch #2 : retrigger. Patch #3~4 : update according to comments. Patch #5 : rebase Change-Id: Ie5009c484f50d40c8a2e2f9ac7c361cd9a712d93 Signed-off-by:
-
