Unverified Commit 1988bfe4 authored by Javier Guerra's avatar Javier Guerra Committed by GitHub

Merge pull request #9 from openconnectivity/develop

Merge develop into master
parents 8f3befba eb4f9643
Package: OTGC
Version: 2.0.7
Version: 2.0.8
Section: custom
Priority: optional
Architecture: amd64
......
......@@ -11,7 +11,7 @@
# Constants
PROJECT_NAME="otgc"
VERSION="2.0.7"
VERSION="2.0.8"
program=$0
......
......@@ -6,7 +6,7 @@
<groupId>otgc</groupId>
<artifactId>otgc</artifactId>
<version>2.0.7</version>
<version>2.0.8</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
......
......@@ -91,6 +91,18 @@ public class IORepository {
});
}
public Single<byte[]> getBytesFromFile(String path) {
return Single.fromCallable(() -> {
byte[] fileBytes;
try (InputStream inputStream = new FileInputStream(OtgcConstant.DATA_PATH + path)) {
fileBytes = new byte[inputStream.available()];
inputStream.read(fileBytes);
}
return fileBytes;
});
}
public Single<CBORObject> getAssetSvrAsCbor(String resource, long device) {
return Single.create(emitter -> {
try (FileInputStream stream = new FileInputStream(OtgcConstant.OTGC_CREDS_DIR + File.separator + resource + "_" + device)) {
......
......@@ -101,6 +101,7 @@ public class IotivityRepository {
byte[] introspectionData = Files.readAllBytes(introspectionFile.toPath());
OCIntrospection.setIntrospectionData(0 /* First device */, introspectionData);
OCBufferSettings.setMaxAppDataSize(16384); // 16 KB
OCMain.setConResAnnounced(false); // Disable /oc/con resource
int ret = OCMain.mainInit(new OCMainInitHandler() {
@Override
......
......@@ -20,10 +20,6 @@
package org.openconnectivity.otgc.domain.usecase;
import io.reactivex.Completable;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
import org.bouncycastle.asn1.sec.ECPrivateKey;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.iotivity.OCFactoryPresetsHandler;
import org.iotivity.OCObt;
import org.iotivity.OCPki;
......@@ -32,24 +28,18 @@ import org.openconnectivity.otgc.data.repository.*;
import org.openconnectivity.otgc.utils.constant.OtgcMode;
import javax.inject.Inject;
import java.security.*;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
public class InitOicStackUseCase {
private final IotivityRepository iotivityRepository;
private final CertRepository certRepository;
private final IORepository ioRepository;
private final SettingRepository settingRepository;
@Inject
public InitOicStackUseCase(IotivityRepository iotivityRepository,
CertRepository certRepository,
IORepository ioRepository,
SettingRepository settingRepository) {
this.iotivityRepository = iotivityRepository;
this.certRepository = certRepository;
this.ioRepository = ioRepository;
this.settingRepository = settingRepository;
}
......@@ -79,38 +69,29 @@ public class InitOicStackUseCase {
}
});
private void factoryResetHandler(long device) throws Exception {
String uuid = iotivityRepository.getDeviceId().blockingGet();
/* my cert */
byte[] eeCertificate = ioRepository.getBytesFromFile(OtgcConstant.KYRIO_EE_CERTIFICATE).blockingGet();
// Store root CA as trusted anchor
X509Certificate caCertificate = ioRepository.getAssetAsX509Certificate(OtgcConstant.ROOT_CERTIFICATE).blockingGet();
PrivateKey caPrivateKey = ioRepository.getAssetAsPrivateKey(OtgcConstant.ROOT_PRIVATE_KEY).blockingGet();
/* private key of my cert */
byte[] eeKey = ioRepository.getBytesFromFile(OtgcConstant.KYRIO_EE_KEY).blockingGet();
String strCACertificate = certRepository.x509CertificateToPemString(caCertificate).blockingGet();
if (OCPki.addTrustAnchor(device, strCACertificate.getBytes()) == -1) {
throw new Exception("Add trust anchor error");
/* intermediate cert */
byte[] subcaCertificate = ioRepository.getBytesFromFile(OtgcConstant.KYRIO_SUBCA_CERTIFICATE).blockingGet();
/* root cert */
byte[] rootcaCertificate = ioRepository.getBytesFromFile(OtgcConstant.KYRIO_ROOT_CERTIFICATE).blockingGet();
int credid = OCPki.addMfgCert(device, eeCertificate, eeKey);
if (credid == -1) {
throw new Exception("Add identity certificate error");
}
if (OCPki.addMfgTrustAnchor(device, strCACertificate.getBytes()) == -1) {
throw new Exception("Add manufacturer trust anchor error");
if (OCPki.addMfgIntermediateCert(device, credid, subcaCertificate) == -1) {
throw new Exception("Add intermediate certificate error");
}
// public/private key pair that we are creating certificate for
ECGenParameterSpec ecParamSpec = new ECGenParameterSpec("secp256r1");
KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", BouncyCastleProvider.PROVIDER_NAME);
keyPairGenerator.initialize(ecParamSpec);
KeyPair keyPair = keyPairGenerator.generateKeyPair();
// Public key
PublicKey publicKey = keyPair.getPublic();
// PrivateKey
ASN1Sequence pkSeq = (ASN1Sequence)ASN1Sequence.fromByteArray(keyPair.getPrivate().getEncoded());
PrivateKeyInfo pkInfo = PrivateKeyInfo.getInstance(pkSeq);
ECPrivateKey privateKey = ECPrivateKey.getInstance(pkInfo.parsePrivateKey());
String strPrivateKey = certRepository.privateKeyToPemString(privateKey).blockingGet();
X509Certificate identityCertificate = certRepository.generateIdentityCertificate(uuid, publicKey, caPrivateKey).blockingGet();
String strIdentityCertificate = certRepository.x509CertificateToPemString(identityCertificate).blockingGet();
if (OCPki.addMfgCert(device, strIdentityCertificate.getBytes(), strPrivateKey.getBytes()) == -1) {
throw new Exception("Add identity certificate error");
if (OCPki.addMfgTrustAnchor(device, rootcaCertificate) == -1) {
throw new Exception("Add root certificate error");
}
OCObt.shutdown();
......
......@@ -30,19 +30,17 @@ public class OtgcConstant {
}
// Data resource path
private static final String DATA_PATH = "." + File.separator + "data" + File.separator;
public static final String DATA_PATH = "." + File.separator + "data" + File.separator;
// Credential directory
public static final String OTGC_CREDS_DIR = DATA_PATH + "otgc_creds";
// File databases for IoTivity
public static final String OIC_CLIENT_JSON_DB_FILE = DATA_PATH + "oic_svr_db_client.json";
public static final String OIC_CLIENT_CBOR_DB_FILE = DATA_PATH + "oic_svr_db_client.dat";
public static final String INTROSPECTION_CBOR_FILE = DATA_PATH + "introspection.dat";
public static final String OIC_SQL_DB_FILE = "Pdm.db";
// Root certificate and keypair
public static String ROOT_CERTIFICATE = "root.crt";
public static String ROOT_PRIVATE_KEY = "root.prv";
public static String ROOT_PUBLIC_KEY = "root.pub";
/* Kyrio certificate chain */
public static String KYRIO_ROOT_CERTIFICATE = "kyrio-root-cert.pem";
public static String KYRIO_SUBCA_CERTIFICATE = "kyrio-subca-cert.pem";
public static String KYRIO_EE_CERTIFICATE = "kyrio-ee-cert.pem";
public static String KYRIO_EE_KEY = "kyrio-ee-key.pem";
}
-----BEGIN CERTIFICATE-----
MIIEEzCCA7mgAwIBAgIJAI0K+3tTskzXMAoGCCqGSM49BAMCMFsxDDAKBgNVBAoM
A09DRjEiMCAGA1UECwwZS3lyaW8gVGVzdCBJbmZyYXN0cnVjdHVyZTEnMCUGA1UE
AwweS3lyaW8gVEVTVCBJbnRlcm1lZGlhdGUgQ0EwMDAyMB4XDTE5MDkyMzA5MjUx
OFoXDTE5MTAyMzA5MjUxOFowYTEMMAoGA1UECgwDT0NGMSIwIAYDVQQLDBlLeXJp
byBUZXN0IEluZnJhc3RydWN0dXJlMS0wKwYDVQQDDCQxZTFiZWJmYi04ZjAzLTQ3
ODUtNWZhNy0xYjcwNGU2NTQzNjAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAQj
V7MJwkO4J4PWR4KgbVHrFHSQipHMRNu704OPmnAQQ3tnEhjnYxn0TODDvN8YekE5
voDDOX98mYpxhPa5hz52o4ICXjCCAlowCQYDVR0TBAIwADAOBgNVHQ8BAf8EBAMC
A4gwKQYDVR0lBCIwIAYIKwYBBQUHAwIGCCsGAQUFBwMBBgorBgEEAYLefAEGMB0G
A1UdDgQWBBRjlMq7Dkw3IN1X1CTuDLEITgjQGTAfBgNVHSMEGDAWgBQZc2oEGgsH
cE9TeVM2h/wMunyuCzCBlgYIKwYBBQUHAQEEgYkwgYYwXQYIKwYBBQUHMAKGUWh0
dHA6Ly90ZXN0cGtpLmt5cmlvLmNvbS9vY2YvY2FjZXJ0cy9CQkU2NEY5QTdFRTM3
RDI5QTA1RTRCQjc3NTk1RjMwOEJFNDFFQjA3LmNydDAlBggrBgEFBQcwAYYZaHR0
cDovL3Rlc3RvY3NwLmt5cmlvLmNvbTBfBgNVHR8EWDBWMFSgUqBQhk5odHRwOi8v
dGVzdHBraS5reXJpby5jb20vb2NmL2NybHMvQkJFNjRGOUE3RUUzN0QyOUEwNUU0
QkI3NzU5NUYzMDhCRTQxRUIwNy5jcmwwGAYDVR0gBBEwDzANBgsrBgEEAYORVgAB
AjBgBgorBgEEAYORVgEABFIwUDAJAgECAgEAAgEAMDYMGTEuMy42LjEuNC4xLjUx
NDE0LjAuMC4xLjAMGTEuMy42LjEuNC4xLjUxNDE0LjAuMC4yLjAMBE9UR0MMBURF
S1JBMCoGCisGAQQBg5FWAQEEHDAaBgsrBgEEAYORVgEBAAYLKwYBBAGDkVYBAQEw
MAYKKwYBBAGDkVYBAgQiMCAMDjEuMy42LjEuNC4xLjcxDAlEaXNjb3ZlcnkMAzEu
MDAKBggqhkjOPQQDAgNIADBFAiBLKD1R5LUOUJdMq2VWlzbzpZjvLeN1CFQIPS4y
cjbm9wIhANmGPf7y8/s/fKWy/dEaIGjo79lButKOe0JWZaburW3P
-----END CERTIFICATE-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIChO1xeRf0WA/npKbjLKPzlnTDhE7v95O5ZG2fhZbBjLoAoGCCqGSM49
AwEHoUQDQgAEI1ezCcJDuCeD1keCoG1R6xR0kIqRzETbu9ODj5pwEEN7ZxIY52MZ
9Ezgw7zfGHpBOb6Awzl/fJmKcYT2uYc+dg==
-----END EC PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
MIIB3zCCAYWgAwIBAgIJAPObjMBXKhGyMAoGCCqGSM49BAMCMFMxDDAKBgNVBAoM
A09DRjEiMCAGA1UECwwZS3lyaW8gVGVzdCBJbmZyYXN0cnVjdHVyZTEfMB0GA1UE
AwwWS3lyaW8gVEVTVCBST09UIENBMDAwMjAeFw0xODExMzAxNzMxMDVaFw0yODEx
MjcxNzMxMDVaMFMxDDAKBgNVBAoMA09DRjEiMCAGA1UECwwZS3lyaW8gVGVzdCBJ
bmZyYXN0cnVjdHVyZTEfMB0GA1UEAwwWS3lyaW8gVEVTVCBST09UIENBMDAwMjBZ
MBMGByqGSM49AgEGCCqGSM49AwEHA0IABGt1sU2QhQcK/kflKSF9TCrvKaDckLWd
ZoyvP6z0OrqNdtBscZgVYsSHMQZ1R19wWxsflvNr8bMVW1K3HWMkpsijQjBAMA8G
A1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgGGMB0GA1UdDgQWBBQoSOTlJ1jZ
CO4JNOSxuz1ZZh/I9TAKBggqhkjOPQQDAgNIADBFAiAlMUwgVeL8d5W4jZdFJ5Zg
clk7XT66LNMfGkExSjU1ngIhANOvTmd32A0kEtIpHbiKA8+RFDCPJWjN4loxrBC7
v0JE
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIC+jCCAqGgAwIBAgIJAPObjMBXKhG1MAoGCCqGSM49BAMCMFMxDDAKBgNVBAoM
A09DRjEiMCAGA1UECwwZS3lyaW8gVGVzdCBJbmZyYXN0cnVjdHVyZTEfMB0GA1UE
AwwWS3lyaW8gVEVTVCBST09UIENBMDAwMjAeFw0xODExMzAxODEyMTVaFw0yODEx
MjYxODEyMTVaMFsxDDAKBgNVBAoMA09DRjEiMCAGA1UECwwZS3lyaW8gVGVzdCBJ
bmZyYXN0cnVjdHVyZTEnMCUGA1UEAwweS3lyaW8gVEVTVCBJbnRlcm1lZGlhdGUg
Q0EwMDAyMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEvA+Gn3ofRpH40XuVppBR
f78mDtfclOkBd7/32yQcmK2LQ0wm/uyl2cyeABPuN6NFcR9+LYkXZ5P4Ovy9R43Q
vqOCAVQwggFQMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMB0G
A1UdDgQWBBQZc2oEGgsHcE9TeVM2h/wMunyuCzAfBgNVHSMEGDAWgBQoSOTlJ1jZ
CO4JNOSxuz1ZZh/I9TCBjQYIKwYBBQUHAQEEgYAwfjBVBggrBgEFBQcwAoZJaHR0
cDovL3Rlc3Rwa2kua3lyaW8uY29tL29jZi80RTY4RTNGQ0YwRjJFNEY4MEE4RDE0
MzhGNkExQkE1Njk1NzEzRDYzLmNydDAlBggrBgEFBQcwAYYZaHR0cDovL3Rlc3Rv
Y3NwLmt5cmlvLmNvbTBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vdGVzdHBraS5r
eXJpby5jb20vb2NmLzRFNjhFM0ZDRjBGMkU0RjgwQThEMTQzOEY2QTFCQTU2OTU3
MTNENjMuY3JsMAoGCCqGSM49BAMCA0cAMEQCHwXkRYd+u5pOPH544wBmBRJz/b0j
ppvUIHx8IUH0CioCIQDC8CnMVTOC5aIoo5Yg4k7BDDNxbRQoPujYes0OTVGgPA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIBxDCCAWugAwIBAgIJAOCtdsLGkAHVMAoGCCqGSM49BAMCMEYxCzAJBgNVBAYT
AlVTMSUwIwYDVQQKDBxPcGVuIENvbm5lY3Rpdml0eSBGb3VuZGF0aW9uMRAwDgYD
VQQDDAdSb290IENBMB4XDTE5MDUyMjA4MDY1NFoXDTI5MDUxOTA4MDY1NFowRjEL
MAkGA1UEBhMCVVMxJTAjBgNVBAoMHE9wZW4gQ29ubmVjdGl2aXR5IEZvdW5kYXRp
b24xEDAOBgNVBAMMB1Jvb3QgQ0EwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAS7
0B6uWQzda/OaUHs0gRhWt5DzuUgou3M1aBF5HFCHRJ8IFpG5nRDhbbCRLu6xyj1p
4BQaARhfwLfjBGHrdHHPo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
AwIBhjAdBgNVHQ4EFgQUUX9CUMUNAmLssx+15jZuJh8eAR8wCgYIKoZIzj0EAwID
RwAwRAIgOCJ4e6o9rm+i9fICRSTI/JoS18MUi3JX/EmnBa2aGzkCIEw8XrZDwP7l
hKESMzNh2IZJelimA+mPY/49iF6qPtK4
-----END CERTIFICATE-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIKdtJZE9IghVFGRm0LZRfnhwQEZK6DqjSe96i+oBlFVPoAoGCCqGSM49
AwEHoUQDQgAEu9AerlkM3WvzmlB7NIEYVreQ87lIKLtzNWgReRxQh0SfCBaRuZ0Q
4W2wkS7usco9aeAUGgEYX8C34wRh63Rxzw==
-----END EC PRIVATE KEY-----
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment