fixup! Migrate device provisioning service

.dockerignore

@@ -7,7 +7,6 @@
 sonar-project.properties
 Dockerfile.*
 build*/
-docker/
 images/
 port/esp32/build/
 port/esp32/esp-idf/

.github/workflows/android.yml

@@ -8,11 +8,11 @@ concurrency:
 
 # Controls when the action will run.
 on:
-  # push:
-  #   branches:
-  #     - master
-  # pull_request:
-  #   types: [opened, synchronize, reopened]
+  push:
+    branches:
+      - master
+  pull_request:
+    types: [opened, synchronize, reopened]
 
   # Allows you to run this workflow manually from the Actions tab
   workflow_dispatch:

api/plgd/device-provisioning-client/plgd_dps_pki.c

@@ -64,10 +64,8 @@ dps_pki_send_csr(plgd_dps_context_t *ctx, oc_response_handler_t handler)
 
   // NOLINTNEXTLINE(readability-magic-numbers)
   unsigned char csr_data[1024];
-  int ret =
-    oc_sec_csr_generate(ctx->device, oc_sec_certs_md_signature_algorithm(),
-                        csr_data, sizeof(csr_data));
-  if (ret != 0) {
+  if (oc_sec_csr_generate(ctx->device, oc_sec_certs_md_signature_algorithm(),
+                          csr_data, sizeof(csr_data)) != 0) {
     return false;
   }
 
@@ -154,7 +152,6 @@ dps_pki_validate_certificate(dps_pki_configuration_t cfg, uint64_t valid_from,
 static void
 dps_on_apply_cred(oc_sec_on_apply_cred_data_t cred_data, void *user_data)
 {
-  (void)user_data;
   if (cred_data.cred == NULL) {
     return;
   }

api/plgd/device-provisioning-client/plgd_dps_provision.c

@@ -207,10 +207,13 @@ static bool
 dps_get_acls(plgd_dps_context_t *ctx)
 {
   DPS_INFO("Get acls");
-  const oc_sec_pstat_t *pstat = oc_sec_get_pstat(ctx->device);
-  if (pstat->s != OC_DOS_RFNOP) {
+#ifdef OC_SECURITY
+  if (!oc_device_is_in_dos_state(ctx->device,
+                                 OC_PSTAT_DOS_ID_FLAG(OC_DOS_RFNOP))) {
+    DPS_ERR("device is not in RFNOP state");
     return false;
   }
+#endif /* OC_SECURITY */
 
   dps_setup_tls(ctx);
   if (!oc_do_get_with_timeout(PLGD_DPS_ACLS_URI, ctx->endpoint, NULL,
@@ -315,10 +318,13 @@ static bool
 dps_get_credentials(plgd_dps_context_t *ctx)
 {
   DPS_INFO("Get credentials");
-  const oc_sec_pstat_t *pstat = oc_sec_get_pstat(ctx->device);
-  if (pstat->s != OC_DOS_RFNOP) {
+#ifdef OC_SECURITY
+  if (!oc_device_is_in_dos_state(ctx->device,
+                                 OC_PSTAT_DOS_ID_FLAG(OC_DOS_RFNOP))) {
+    DPS_ERR("device is not in RFNOP state");
     return false;
   }
+#endif /* OC_SECURITY */
   if (!dps_pki_send_csr(ctx, dps_get_credentials_handler)) {
     return false;
   }

api/plgd/device-provisioning-client/plgd_dps_provision_cloud.c

@@ -378,11 +378,13 @@ dps_provisioning_set_cloud(plgd_dps_context_t *ctx)
 {
   DPS_INFO("Get cloud configuration");
   assert(ctx->endpoint != NULL);
-  const oc_sec_pstat_t *pstat = oc_sec_get_pstat(ctx->device);
-  if (pstat->s != OC_DOS_RFNOP) {
+#ifdef OC_SECURITY
+  if (!oc_device_is_in_dos_state(ctx->device,
+                                 OC_PSTAT_DOS_ID_FLAG(OC_DOS_RFNOP))) {
     DPS_ERR("device is not in RFNOP state");
     return false;
   }
+#endif /* OC_SECURITY */
 
   if (!oc_init_post(PLGD_DPS_CLOUD_URI, ctx->endpoint, NULL,
                     dps_set_cloud_handler, LOW_QOS, ctx)) {

api/plgd/device-provisioning-client/plgd_dps_provision_owner.c

@@ -156,10 +156,13 @@ bool
 dps_get_owner(plgd_dps_context_t *ctx)
 {
   DPS_INFO("Get owner");
-  const oc_sec_pstat_t *pstat = oc_sec_get_pstat(ctx->device);
-  if (pstat->s != OC_DOS_RFNOP) {
+#ifdef OC_SECURITY
+  if (!oc_device_is_in_dos_state(ctx->device,
+                                 OC_PSTAT_DOS_ID_FLAG(OC_DOS_RFNOP))) {
+    DPS_ERR("device is not in RFNOP state");
     return false;
   }
+#endif /* OC_SECURITY */
 
   dps_setup_tls(ctx);
   if (!oc_do_get_with_timeout(PLGD_DPS_OWNERSHIP_URI, ctx->endpoint, NULL,

api/plgd/device-provisioning-client/plgd_dps_time.c

@@ -176,10 +176,13 @@ dps_get_plgd_time(plgd_dps_context_t *ctx)
 {
   assert(ctx != NULL);
   DPS_INFO("Get time");
-  const oc_sec_pstat_t *pstat = oc_sec_get_pstat(ctx->device);
-  if (pstat->s != OC_DOS_RFNOP) {
+#ifdef OC_SECURITY
+  if (!oc_device_is_in_dos_state(ctx->device,
+                                 OC_PSTAT_DOS_ID_FLAG(OC_DOS_RFNOP))) {
+    DPS_ERR("device is not in RFNOP state");
     return false;
   }
+#endif /* OC_SECURITY */
 
   oc_tls_select_cloud_ciphersuite();
 

api/plgd/unittest/plgd_dps_pki.cpp

@@ -0,0 +1,49 @@
+/****************************************************************************
+ *
+ * Copyright (c) 2022-2024 plgd.dev, s.r.o.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License"),
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
+ * either express or implied. See the License for the specific
+ * language governing permissions and limitations under the License.
+ *
+ ****************************************************************************/
+
+#include "util/oc_features.h"
+
+#ifdef OC_HAS_FEATURE_PLGD_DEVICE_PROVISIONING
+
+#include "api/oc_runtime_internal.h"
+#include "api/plgd/device-provisioning-client/plgd_dps_context_internal.h"
+#include "api/plgd/device-provisioning-client/plgd_dps_pki_internal.h"
+
+#include "gtest/gtest.h"
+
+static constexpr size_t kDeviceID = 0;
+
+class TestPKI : public testing::Test {
+protected:
+  void SetUp() override { oc_runtime_init(); }
+  void TearDown() override { oc_runtime_shutdown(); }
+
+public:
+};
+
+TEST_F(TestPKI, SendCSR_FailInvalidDeviceID)
+{
+  plgd_dps_context_t ctx{};
+  ctx.device = 42;
+
+  EXPECT_FALSE(dps_pki_send_csr(&ctx, [](oc_client_response_t *) {
+    // no-op
+  }));
+}
+
+#endif /* OC_HAS_FEATURE_PLGD_DEVICE_PROVISIONING */

api/plgd/unittest/plgd_dps_provision_cloud.cpp

@@ -377,4 +377,4 @@ TEST_F(DPSProvisionCloudWithServerTest, SetCloud)
   EXPECT_TRUE(dps_provisioning_set_cloud(ctx.get()));
 }
 
-#endif /* OC_HAS_FEATURE_PLGD_DEVICE_PROVISIONING */
+#endif /* OC_HAS_FEATURE_PLGD_DEVICE_PROVISIONING */