Commit a33af367 authored by Kishen Maloor's avatar Kishen Maloor

oc_cred: expose cred structs to public API

Change-Id: I0611352816392e0fbee89fc3eb2a0936805c55dc
Signed-off-by: Kishen Maloor's avatarKishen Maloor <kishen.maloor@intel.com>
parent 8b6b1ed2
/*
// Copyright (c) 2017-2019 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
*/
/**
@file
*/
#ifndef OC_CRED_COMMON_H
#define OC_CRED_COMMON_H
#include "oc_ri.h"
#include "oc_uuid.h"
#include "util/oc_list.h"
#ifdef __cplusplus
extern "C"
{
#endif
typedef enum oc_sec_credtype_t {
OC_CREDTYPE_NULL = 0,
OC_CREDTYPE_PSK = 1,
OC_CREDTYPE_CERT = 8
} oc_sec_credtype_t;
typedef enum oc_sec_credusage_t {
OC_CREDUSAGE_NULL = 0,
OC_CREDUSAGE_TRUSTCA = 1 << 1,
OC_CREDUSAGE_IDENTITY_CERT = 1 << 2,
OC_CREDUSAGE_ROLE_CERT = 1 << 3,
OC_CREDUSAGE_MFG_TRUSTCA = 1 << 4,
OC_CREDUSAGE_MFG_CERT = 1 << 5
} oc_sec_credusage_t;
typedef enum oc_sec_encoding_t {
OC_ENCODING_UNSUPPORTED = 0,
OC_ENCODING_BASE64,
OC_ENCODING_RAW,
OC_ENCODING_PEM,
OC_ENCODING_HANDLE
} oc_sec_encoding_t;
typedef struct oc_cred_data_t
{
oc_string_t data;
oc_sec_encoding_t encoding;
} oc_cred_data_t;
typedef struct oc_sec_cred_t
{
struct oc_sec_cred_t *next;
struct
{
oc_string_t role;
oc_string_t authority;
} role;
oc_cred_data_t privatedata;
#ifdef OC_PKI
oc_cred_data_t publicdata;
oc_sec_credusage_t credusage;
struct oc_sec_cred_t *chain;
struct oc_sec_cred_t *child;
void *ctx;
#endif /* OC_PKI */
int credid;
oc_sec_credtype_t credtype;
oc_uuid_t subjectuuid;
bool owner_cred;
} oc_sec_cred_t;
typedef struct oc_sec_creds_t
{
OC_LIST_STRUCT(creds);
oc_uuid_t rowneruuid;
} oc_sec_creds_t;
const char *oc_cred_read_credusage(oc_sec_credusage_t credusage);
const char *oc_cred_read_encoding(oc_sec_encoding_t encoding);
oc_sec_credusage_t oc_cred_parse_credusage(oc_string_t *credusage_string);
oc_sec_encoding_t oc_cred_parse_encoding(oc_string_t *encoding_string);
const char *oc_cred_credtype_string(oc_sec_credtype_t credtype);
#ifdef __cplusplus
}
#endif
#endif /* OC_CRED_COMMON_H */
......@@ -21,6 +21,7 @@
#include "oc_acl_common.h"
#include "oc_api.h"
#include "oc_cred_common.h"
#include "oc_pki.h"
#include "oc_uuid.h"
......
/*
// Copyright (c) 2017 Intel Corporation
// Copyright (c) 2017-2019 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
......@@ -580,10 +580,20 @@ oc_sec_add_new_cred(size_t device, bool roles_resource, oc_tls_peer_t *client,
return cred->credid;
}
#ifdef OC_PKI
const char *
oc_cred_credtype_string(oc_sec_credtype_t credtype)
{
if (credtype == 1) {
return "Symmetric pair-wise key";
} else if (credtype == 8) {
return "Asymmetric signing key with certificate";
}
return "Unknown";
}
static const char *
return_credusage_string(oc_sec_credusage_t credusage)
#ifdef OC_PKI
const char *
oc_cred_read_credusage(oc_sec_credusage_t credusage)
{
switch (credusage) {
case OC_CREDUSAGE_TRUSTCA:
......@@ -599,12 +609,12 @@ return_credusage_string(oc_sec_credusage_t credusage)
default:
break;
}
return NULL;
return "None";
}
#endif /* OC_PKI */
static const char *
return_encoding_string(oc_sec_encoding_t encoding)
const char *
oc_cred_read_encoding(oc_sec_encoding_t encoding)
{
switch (encoding) {
case OC_ENCODING_BASE64:
......@@ -620,7 +630,7 @@ return_encoding_string(oc_sec_encoding_t encoding)
default:
break;
}
return NULL;
return "Unknown";
}
#ifdef OC_PKI
......@@ -639,8 +649,8 @@ oc_sec_encode_roles(oc_tls_peer_t *client, size_t device)
/* credtype */
oc_rep_set_int(roles, credtype, cr->credtype);
/* credusage */
const char *credusage_string = return_credusage_string(cr->credusage);
if (credusage_string) {
const char *credusage_string = oc_cred_read_credusage(cr->credusage);
if (strlen(credusage_string) > 4) {
oc_rep_set_text_string(roles, credusage, credusage_string);
}
/* publicdata */
......@@ -655,8 +665,8 @@ oc_sec_encode_roles(oc_tls_peer_t *client, size_t device)
oc_string_len(cr->publicdata.data));
}
const char *encoding_string =
return_encoding_string(cr->publicdata.encoding);
if (encoding_string) {
oc_cred_read_encoding(cr->publicdata.encoding);
if (strlen(encoding_string) > 7) {
oc_rep_set_text_string(publicdata, encoding, encoding_string);
}
oc_rep_close_object(roles, publicdata);
......@@ -722,8 +732,8 @@ oc_sec_encode_cred(bool persist, size_t device)
}
}
const char *encoding_string =
return_encoding_string(cr->privatedata.encoding);
if (encoding_string) {
oc_cred_read_encoding(cr->privatedata.encoding);
if (strlen(encoding_string) > 7) {
oc_rep_set_text_string(privatedata, encoding, encoding_string);
} else {
oc_rep_set_text_string(privatedata, encoding, "oic.sec.encoding.raw");
......@@ -731,8 +741,8 @@ oc_sec_encode_cred(bool persist, size_t device)
oc_rep_close_object(creds, privatedata);
#ifdef OC_PKI
/* credusage */
const char *credusage_string = return_credusage_string(cr->credusage);
if (credusage_string) {
const char *credusage_string = oc_cred_read_credusage(cr->credusage);
if (strlen(credusage_string) > 4) {
oc_rep_set_text_string(creds, credusage, credusage_string);
}
/* publicdata */
......@@ -747,8 +757,8 @@ oc_sec_encode_cred(bool persist, size_t device)
oc_string_len(cr->publicdata.data));
}
const char *encoding_string =
return_encoding_string(cr->publicdata.encoding);
if (encoding_string) {
oc_cred_read_encoding(cr->publicdata.encoding);
if (strlen(encoding_string) > 7) {
oc_rep_set_text_string(publicdata, encoding, encoding_string);
}
oc_rep_close_object(creds, publicdata);
......@@ -768,8 +778,8 @@ oc_sec_encode_cred(bool persist, size_t device)
}
#ifdef OC_PKI
static oc_sec_credusage_t
parse_credusage_property(oc_string_t *credusage_string)
oc_sec_credusage_t
oc_cred_parse_credusage(oc_string_t *credusage_string)
{
oc_sec_credusage_t credusage = 0;
if (oc_string_len(*credusage_string) == 20 &&
......@@ -796,8 +806,8 @@ parse_credusage_property(oc_string_t *credusage_string)
}
#endif /* OC_PKI */
static oc_sec_encoding_t
parse_encoding_property(oc_string_t *encoding_string)
oc_sec_encoding_t
oc_cred_parse_encoding(oc_string_t *encoding_string)
{
oc_sec_encoding_t encoding = 0;
if (oc_string_len(*encoding_string) == 23 &&
......@@ -911,7 +921,7 @@ oc_sec_decode_cred(oc_rep_t *rep, oc_sec_cred_t **owner, bool from_storage,
#ifdef OC_PKI
else if (len == 9 &&
memcmp(oc_string(cred->name), "credusage", 9) == 0) {
credusage = parse_credusage_property(&cred->value.string);
credusage = oc_cred_parse_credusage(&cred->value.string);
}
#endif /* OC_PKI */
break;
......@@ -945,7 +955,7 @@ oc_sec_decode_cred(oc_rep_t *rep, oc_sec_cred_t **owner, bool from_storage,
case OC_REP_STRING: {
if (oc_string_len(data->name) == 8 &&
memcmp("encoding", oc_string(data->name), 8) == 0) {
*encoding = parse_encoding_property(&data->value.string);
*encoding = oc_cred_parse_encoding(&data->value.string);
if (*encoding == 0) {
/* Unsupported encoding */
return false;
......
/*
// Copyright (c) 2017 Intel Corporation
// Copyright (c) 2017-2019 Intel Corporation
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
......@@ -17,6 +17,7 @@
#ifndef OC_CRED_H
#define OC_CRED_H
#include "oc_cred_common.h"
#include "oc_ri.h"
#include "oc_uuid.h"
#include <stdint.h>
......@@ -26,63 +27,6 @@ extern "C"
{
#endif
typedef enum oc_sec_credtype_t {
OC_CREDTYPE_NULL = 0,
OC_CREDTYPE_PSK = 1,
OC_CREDTYPE_CERT = 8
} oc_sec_credtype_t;
typedef enum oc_sec_credusage_t {
OC_CREDUSAGE_NULL = 0,
OC_CREDUSAGE_TRUSTCA = 1 << 1,
OC_CREDUSAGE_IDENTITY_CERT = 1 << 2,
OC_CREDUSAGE_ROLE_CERT = 1 << 3,
OC_CREDUSAGE_MFG_TRUSTCA = 1 << 4,
OC_CREDUSAGE_MFG_CERT = 1 << 5
} oc_sec_credusage_t;
typedef enum oc_sec_encoding_t {
OC_ENCODING_UNSUPPORTED = 0,
OC_ENCODING_BASE64,
OC_ENCODING_RAW,
OC_ENCODING_PEM,
OC_ENCODING_HANDLE
} oc_sec_encoding_t;
typedef struct oc_cred_data_t
{
oc_string_t data;
oc_sec_encoding_t encoding;
} oc_cred_data_t;
typedef struct oc_sec_cred_t
{
struct oc_sec_cred_t *next;
struct
{
oc_string_t role;
oc_string_t authority;
} role;
oc_cred_data_t privatedata;
#ifdef OC_PKI
oc_cred_data_t publicdata;
oc_sec_credusage_t credusage;
struct oc_sec_cred_t *chain;
struct oc_sec_cred_t *child;
void *ctx;
#endif /* OC_PKI */
int credid;
oc_sec_credtype_t credtype;
oc_uuid_t subjectuuid;
bool owner_cred;
} oc_sec_cred_t;
typedef struct
{
OC_LIST_STRUCT(creds);
oc_uuid_t rowneruuid;
} oc_sec_creds_t;
struct oc_tls_peer_t;
int oc_sec_add_new_cred(size_t device, bool roles_resource,
......@@ -117,6 +61,7 @@ oc_sec_cred_t *oc_sec_allocate_cred(oc_uuid_t *subjectuuid,
oc_sec_credtype_t credtype,
oc_sec_credusage_t credusage,
size_t device);
void put_cred(oc_request_t *request, oc_interface_mask_t iface_mask,
void *data);
void post_cred(oc_request_t *request, oc_interface_mask_t iface_mask,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment