IoTivity-Lite
|
#include <stddef.h>
Enumerations | |
enum | oc_sp_types_t { OC_SP_BASELINE = 1 << 1, OC_SP_BLACK = 1 << 2, OC_SP_BLUE = 1 << 3, OC_SP_PURPLE = 1 << 4 } |
OCF defined security profiles. More... | |
Functions | |
int | oc_pki_add_mfg_cert (size_t device, const unsigned char *cert, size_t cert_size, const unsigned char *key, size_t key_size) |
Add the manufactures PKI identity certificate. More... | |
int | oc_pki_add_mfg_intermediate_cert (size_t device, int credid, const unsigned char *cert, size_t cert_size) |
Add an intermediate manufacture CA certificate. More... | |
int | oc_pki_add_mfg_trust_anchor (size_t device, const unsigned char *cert, size_t cert_size) |
Add manufacture trust anchor CA. More... | |
int | oc_pki_add_trust_anchor (size_t device, const unsigned char *cert, size_t cert_size) |
Add trust anchor CA. More... | |
void | oc_pki_set_security_profile (size_t device, oc_sp_types_t supported_profiles, oc_sp_types_t current_profile, int mfg_credid) |
Set the OCF Security Profile. More... | |
OCF public key infrastructure (PKI) functions
Collection of functions used to add public key infrastructure (PKI) support to devices.
enum oc_sp_types_t |
OCF defined security profiles.
Security Profiles differentiate devices based on requirements from different verticals such as industrial, health care, or smart home.
See oc_pki_set_security_profile() for a description of the each of the security profiles or reference the security profiles section of the OCF Security Specification.
Enumerator | |
---|---|
OC_SP_BASELINE | The OCF Baseline Security Profile. |
OC_SP_BLACK | The OCF Black Security Profile. |
OC_SP_BLUE | The OCF Blue Security Profile. |
OC_SP_PURPLE | The OCF Purple Security Profile. |
int oc_pki_add_mfg_cert | ( | size_t | device, |
const unsigned char * | cert, | ||
size_t | cert_size, | ||
const unsigned char * | key, | ||
size_t | key_size | ||
) |
Add the manufactures PKI identity certificate.
[in] | device | index of the logical device the identity certificate belongs to |
[in] | cert | pointer to a string containing a PEM encoded identity certificate |
[in] | cert_size | the size of the cert string |
[in] | key | the PEM encoded private key associated with this certificate |
[in] | key_size | the size of the key string |
-1
on failure int oc_pki_add_mfg_intermediate_cert | ( | size_t | device, |
int | credid, | ||
const unsigned char * | cert, | ||
size_t | cert_size | ||
) |
Add an intermediate manufacture CA certificate.
[in] | device | index of the logical device the certificate chain belongs to |
[in] | credid | the credential ID of the /oic/sec/cred entry containing the end-entity certificate |
[in] | cert | pointer to a string containing a PEM encoded certificate |
[in] | cert_size | the size of the cert string |
-1
on failure int oc_pki_add_mfg_trust_anchor | ( | size_t | device, |
const unsigned char * | cert, | ||
size_t | cert_size | ||
) |
Add manufacture trust anchor CA.
[in] | device | index of the logical device the trust anchor CA belongs to |
[in] | cert | pointer to a string containing a PEM encoded certificate |
[in] | cert_size | the size of the cert string |
-1
on failure int oc_pki_add_trust_anchor | ( | size_t | device, |
const unsigned char * | cert, | ||
size_t | cert_size | ||
) |
Add trust anchor CA.
[in] | device | index of the logical device the trust anchor CA belongs to |
[in] | cert | pointer to a string containing a PEM encoded certificate |
[in] | cert_size | the size of the cert strung |
-1
on failure void oc_pki_set_security_profile | ( | size_t | device, |
oc_sp_types_t | supported_profiles, | ||
oc_sp_types_t | current_profile, | ||
int | mfg_credid | ||
) |
Set the OCF Security Profile.
The OCF Security Specification defines several Security Profiles that can be selected based on the security requirements of different verticals such as such as industrial, health care, or smart home.
There are currently five types of Security Profiles specified by OCF.
Following, is a non-exhaustive summary of each Security Profile type. For more details see OCF Security Specification section regarding Security Profiles.
0
[in] | device | index of the logical device the security profile is be set on |
[in] | supported_profiles | a bitwise OR list of oc_sp_types_t that are supported by the device. The current_profile value may be changed to one of the other supported_profiles during the onboarding process. |
[in] | current_profile | the currently selected security profile |
[in] | mfg_credid | the credential ID of the /oic/sec/cred entry containing the manufactures end-entity certificate |