IoTivity-Lite
Data Structures | Typedefs | Enumerations | Functions
oc_cred.h File Reference
#include "oc_export.h"
#include "oc_ri.h"
#include "oc_uuid.h"
#include "util/oc_list.h"
#include <stdbool.h>
#include <stddef.h>
#include <stdint.h>

Data Structures

struct  oc_cred_data_t
 credential data info More...
 
struct  oc_sec_certs_data_t
 Selected certificate data used for verification. More...
 
struct  oc_sec_cred_t
 security credential information More...
 
struct  oc_sec_creds_t
 credential and rowner information More...
 

Typedefs

typedef struct oc_cred_data_t oc_cred_data_t
 credential data info More...
 
typedef struct oc_sec_certs_data_t oc_sec_certs_data_t
 Selected certificate data used for verification. More...
 
typedef bool(* oc_sec_cred_filter_t) (const oc_sec_cred_t *cred, void *user_data)
 Security credential filtering function. More...
 
typedef struct oc_sec_cred_t oc_sec_cred_t
 security credential information More...
 
typedef struct oc_sec_creds_t oc_sec_creds_t
 credential and rowner information More...
 
typedef enum oc_sec_credtype_t oc_sec_credtype_t
 credential type information More...
 
typedef enum oc_sec_credusage_t oc_sec_credusage_t
 credential usage More...
 
typedef enum oc_sec_encoding_t oc_sec_encoding_t
 Security encoding information. More...
 
typedef void(* oc_sec_on_apply_cred_cb_t) (oc_sec_on_apply_cred_data_t data, void *user_data)
 callback invoked with a created / updated credential More...
 
typedef struct oc_sec_on_apply_cred_data_t oc_sec_on_apply_cred_data_t
 
typedef bool(* oc_verify_sec_certs_data_fn_t) (const oc_sec_certs_data_t *data, void *user_data)
 Callback function to verify a single certificate. More...
 

Enumerations

enum  oc_sec_credtype_t {
  OC_CREDTYPE_NULL = 0 , OC_CREDTYPE_PSK = 1 , OC_CREDTYPE_CERT = 8 , OC_CREDTYPE_OSCORE = 64 ,
  OC_CREDTYPE_OSCORE_MCAST_CLIENT = 128 , OC_CREDTYPE_OSCORE_MCAST_SERVER = 256
}
 credential type information More...
 
enum  oc_sec_credusage_t {
  OC_CREDUSAGE_NULL = 0 , OC_CREDUSAGE_TRUSTCA = 1 << 1 , OC_CREDUSAGE_IDENTITY_CERT = 1 << 2 , OC_CREDUSAGE_ROLE_CERT = 1 << 3 ,
  OC_CREDUSAGE_MFG_TRUSTCA , OC_CREDUSAGE_MFG_CERT = 1 << 5
}
 credential usage More...
 
enum  oc_sec_encoding_t {
  OC_ENCODING_UNSUPPORTED = 0 , OC_ENCODING_BASE64 , OC_ENCODING_RAW , OC_ENCODING_PEM ,
  OC_ENCODING_HANDLE
}
 Security encoding information. More...
 

Functions

const char * oc_cred_credtype_string (oc_sec_credtype_t credtype)
 credential type to string More...
 
oc_sec_credusage_t oc_cred_parse_credusage (const oc_string_t *credusage_string)
 parse credential string to type More...
 
oc_sec_encoding_t oc_cred_parse_encoding (const oc_string_t *encoding_string)
 parse credential encoding string to type More...
 
const char * oc_cred_read_credusage (oc_sec_credusage_t credusage)
 read credential usage More...
 
const char * oc_cred_read_encoding (oc_sec_encoding_t encoding)
 read credential encoding More...
 
int oc_cred_verify_certificate_chain (const oc_sec_cred_t *cred, oc_verify_sec_certs_data_fn_t verify_cert, void *user_data)
 Verify the certificate chain associated with the credential. More...
 
int oc_sec_apply_cred (const oc_rep_t *rep, const oc_resource_t *resource, const oc_endpoint_t *endpoint, oc_sec_on_apply_cred_cb_t on_apply_cred_cb, void *on_apply_cred_data)
 parse payload and add/update credentials More...
 
void oc_sec_cred_clear (size_t device, oc_sec_cred_filter_t filter, void *user_data)
 remove credentials matching filter from given device More...
 
oc_sec_cred_toc_sec_get_cred_by_credid (int credid, size_t device)
 get credential by credid from given device More...
 
oc_sec_creds_toc_sec_get_creds (size_t device)
 get all credentials of given device More...
 
void oc_sec_remove_cred (oc_sec_cred_t *cred, size_t device)
 remove credential from given device More...
 
bool oc_sec_remove_cred_by_credid (int credid, size_t device)
 remove credential with credid from given device More...
 

Typedef Documentation

◆ oc_cred_data_t

typedef struct oc_cred_data_t oc_cred_data_t

credential data info

◆ oc_sec_certs_data_t

typedef struct oc_sec_certs_data_t oc_sec_certs_data_t

Selected certificate data used for verification.

◆ oc_sec_cred_filter_t

typedef bool(* oc_sec_cred_filter_t) (const oc_sec_cred_t *cred, void *user_data)

Security credential filtering function.

Parameters
credsecurity credential to check
user_datauser data passed from the caller
Returns
true if security credential matches the filter
false otherwise

◆ oc_sec_cred_t

typedef struct oc_sec_cred_t oc_sec_cred_t

security credential information

◆ oc_sec_creds_t

typedef struct oc_sec_creds_t oc_sec_creds_t

credential and rowner information

◆ oc_sec_credtype_t

typedef enum oc_sec_credtype_t oc_sec_credtype_t

credential type information

◆ oc_sec_credusage_t

typedef enum oc_sec_credusage_t oc_sec_credusage_t

credential usage

◆ oc_sec_encoding_t

typedef enum oc_sec_encoding_t oc_sec_encoding_t

Security encoding information.

◆ oc_sec_on_apply_cred_cb_t

typedef void(* oc_sec_on_apply_cred_cb_t) (oc_sec_on_apply_cred_data_t data, void *user_data)

callback invoked with a created / updated credential

Parameters
datadata with new/updated credential data
user_datauser data passed from the caller

◆ oc_verify_sec_certs_data_fn_t

typedef bool(* oc_verify_sec_certs_data_fn_t) (const oc_sec_certs_data_t *data, void *user_data)

Callback function to verify a single certificate.

Return true if certificate is valid, return false otherwise.

Enumeration Type Documentation

◆ oc_sec_credtype_t

enum oc_sec_credtype_t

credential type information

Enumerator
OC_CREDTYPE_NULL 

no credential

OC_CREDTYPE_PSK 

PSK (personal)

◆ oc_sec_credusage_t

enum oc_sec_credusage_t

credential usage

Enumerator
OC_CREDUSAGE_NULL 

no usage

OC_CREDUSAGE_TRUSTCA 

trust anchor oic.sec.cred.trustca

OC_CREDUSAGE_IDENTITY_CERT 

Certificate oic.sec.cred.cert.

OC_CREDUSAGE_ROLE_CERT 

Role Certificate oic.sec.cred.rolecert.

OC_CREDUSAGE_MFG_TRUSTCA 

Manufacturer Trust CA oic.sec.cred.mfgtrustca.

OC_CREDUSAGE_MFG_CERT 

Manufacturer CA oic.sec.cred.mfgcert.

◆ oc_sec_encoding_t

enum oc_sec_encoding_t

Security encoding information.

Enumerator
OC_ENCODING_UNSUPPORTED 

not supported

OC_ENCODING_BASE64 

oic.sec.encoding.base64

OC_ENCODING_RAW 

oic.sec.encoding.raw

OC_ENCODING_PEM 

oic.sec.encoding.pem

OC_ENCODING_HANDLE 

oic.sec.encoding.handle – Data is contained in a storage sub-system referenced using a handle

Function Documentation

◆ oc_cred_credtype_string()

const char* oc_cred_credtype_string ( oc_sec_credtype_t  credtype)

credential type to string

Parameters
credtypethe credential type as type
Returns
const char* credential type as string

◆ oc_cred_parse_credusage()

oc_sec_credusage_t oc_cred_parse_credusage ( const oc_string_t credusage_string)

parse credential string to type

Parameters
credusage_stringcredential usage as string
Returns
oc_sec_credusage_t credential usage type

◆ oc_cred_parse_encoding()

oc_sec_encoding_t oc_cred_parse_encoding ( const oc_string_t encoding_string)

parse credential encoding string to type

Parameters
encoding_stringcredential encoding string
Returns
oc_sec_encoding_t credential encoding type

◆ oc_cred_read_credusage()

const char* oc_cred_read_credusage ( oc_sec_credusage_t  credusage)

read credential usage

Parameters
credusagecredential usage as type
Returns
const char* credential usage as string

◆ oc_cred_read_encoding()

const char* oc_cred_read_encoding ( oc_sec_encoding_t  encoding)

read credential encoding

Parameters
encodingcredential encoding as type
Returns
const char* credential encoding as string

◆ oc_cred_verify_certificate_chain()

int oc_cred_verify_certificate_chain ( const oc_sec_cred_t cred,
oc_verify_sec_certs_data_fn_t  verify_cert,
void *  user_data 
)

Verify the certificate chain associated with the credential.

Parameters
credcredential associated with the certificate chain (cannot be NULL)
verify_certfunction used to verify a single certificate (cannot be NULL)
user_datauser data from the caller passed to the verify_cert callback
Returns
0 all certificates in the chain are valid
1 at least one certificate in the chain is not valid
-1 on error

◆ oc_sec_apply_cred()

int oc_sec_apply_cred ( const oc_rep_t *  rep,
const oc_resource_t resource,
const oc_endpoint_t endpoint,
oc_sec_on_apply_cred_cb_t  on_apply_cred_cb,
void *  on_apply_cred_data 
)

parse payload and add/update credentials

Parameters
reppayload to parse
resourceresource of the credentials
endpointendpoint of the credentials owner
on_apply_cred_cbcallback invoked when a new credential is added or updated
on_apply_cred_datauser data passed to the on_apply_cred_cb function
Returns
int -1 on failure
int 0 payload was successfully parsed

◆ oc_sec_cred_clear()

void oc_sec_cred_clear ( size_t  device,
oc_sec_cred_filter_t  filter,
void *  user_data 
)

remove credentials matching filter from given device

Parameters
deviceindex of the device
filterfiltering function (if NULL all existing credentials match)
user_datauser data passed from the caller

◆ oc_sec_get_cred_by_credid()

oc_sec_cred_t* oc_sec_get_cred_by_credid ( int  credid,
size_t  device 
)

get credential by credid from given device

Parameters
credidcredential id
deviceindex of the device
Returns
oc_sec_cred_t* found credential or NULL

◆ oc_sec_get_creds()

oc_sec_creds_t* oc_sec_get_creds ( size_t  device)

get all credentials of given device

Parameters
deviceindex of the device
Returns
oc_sec_creds_t* list of credentials

◆ oc_sec_remove_cred()

void oc_sec_remove_cred ( oc_sec_cred_t cred,
size_t  device 
)

remove credential from given device

Parameters
credcredential to remove
deviceindex of the device

◆ oc_sec_remove_cred_by_credid()

bool oc_sec_remove_cred_by_credid ( int  credid,
size_t  device 
)

remove credential with credid from given device

Parameters
credidcredential id
deviceindex of the device
Returns
bool true credential with given id was found and removed
bool false otherwise