Re: [dev] FW: Android SECURED mode

...@mobileink.com] Sent: Tuesday, January 23, 2018 5:16 AM To: Tonny Tzeng Cc: Chiayu Wu (吳嘉彧); iotivity-dev; Derek Lin (林俊文) Subject: Re: [dev] FW: Android SECURED mode On Jan 22, 2018 12:37 AM, "Tonny Tzeng" mailto:tonny.tz...@gmail.com>> wrote: I'm pretty sure, from my experiments, t

Re: [dev] FW: Android SECURED mode

: [dev] FW: Android SECURED mode I'm pretty sure, from my experiments, the device owner can't access to an application resource if it does not have proper ACE setup. Our smart home companion app<https://github.com/intel/SmartHome-Demo/tree/master/smarthome-companion> has two rol

Re: [dev] FW: Android SECURED mode

On Jan 20, 2018 11:59 PM, wrote: Dear Gregg, According to https://wiki.iotivity.org/security_resource_manager |Requests from DevOwner are allowed without checking ACL. * |Requests from NonDevOwner are checked against ACL against subjectuuid, permission and period-recurrence. * The SVRs database

Re: [dev] FW: Android SECURED mode

On Jan 22, 2018 12:37 AM, "Tonny Tzeng" wrote: I'm pretty sure, from my experiments, the device owner can't access to an application resource if it does not have proper ACE setup. Our smart home companion app has two roles

Re: [dev] FW: Android SECURED mode

I'm pretty sure, from my experiments, the device owner can't access to an application resource if it does not have proper ACE setup. Our smart home companion app has two roles -- a resource client, and a provisioning client,

Re: [dev] FW: Android SECURED mode

On Jan 20, 2018 11:59 PM, wrote: Dear Gregg, According to https://wiki.iotivity.org/security_resource_manager |Requests from DevOwner are allowed without checking ACL. I believe that is only half-true. It's true for (some?) SVRs, but (only?) during onboarding. I think it is never true for appl

Re: [dev] FW: Android SECURED mode

Dear Tonny, Thank you for sharing the blog, but I got "404 Oops, we couldn't find that page" even after I logined to 01.org. >> Did you specify the use of secure endpoint while registering the Server? I think Yes, because I followed steps from https://wiki.iotivity.org/steps_for_enabling_securi

Re: [dev] FW: Android SECURED mode

Dear Gregg, According to https://wiki.iotivity.org/security_resource_manager |Requests from DevOwner are allowed without checking ACL. * |Requests from NonDevOwner are checked against ACL against subjectuuid, permission and period-recurrence. * The SVRs databases which I used are sample from "i

Re: [dev] FW: Android SECURED mode

HI Chiayu, Did you specify the use of secure endpoint while registering the Server? If yes, when the Client received the discovered server resource info, the Client should designate the use of the secure endpoint using setHost() method. Then, if the Server has proper "auth-crypt" connection type A

Re: [dev] FW: Android SECURED mode

On Jan 18, 2018 12:00 AM, wrote: Dear all, I have questions about Android SECURED mode, too. Dunno anything about it, but since nobody else has responded here goes: Unauthorized is not the same as DTLS handshake failure. The former comes from ACL checking, the latter from cred checking. >Fr

[dev] FW: Android SECURED mode

Dear all, I have questions about Android SECURED mode, too. I’m using IoTivity-1.3.1 SECURED=1 to create Android client/server apps with the sample SVRs databases from iotivity-1.3.1\resource\csdk\stack\samples\linux\secure\ Scenario1: Android client, sample oic_svr_db_client_devowner Android s

Re: [dev] FW: Android SECURED mode

Nathan > > > > *From:* Arthur Barros Lapprand [mailto:a...@cin.ufpe.br] > *Sent:* Friday, January 5, 2018 3:06 PM > *To:* Heldt-Sheller, Nathan > *Cc:* Nash, George ; iotivity < > iotivity-dev@lists.iotivity.org>; Rami Alshafi > > > *Subject:* Re: [dev] FW: Android

Re: [dev] FW: Android SECURED mode

> > > > *From:* iotivity-dev-boun...@lists.iotivity.org [mailto: > iotivity-dev-boun...@lists.iotivity.org] *On Behalf Of *Arthur Barros > Lapprand > *Sent:* Friday, January 5, 2018 12:18 PM > *To:* Nash, George > *Cc:* iotivity ; Rami Alshafi < > ralsh...@vtmgroup.co

Re: [dev] FW: Android SECURED mode

; > > *From:* Arthur Barros Lapprand [mailto:a...@cin.ufpe.br] > *Sent:* Friday, January 5, 2018 11:51 AM > > > *To:* Nash, George > *Cc:* Rami Alshafi ; iotivity < > iotivity-dev@lists.iotivity.org> > *Subject:* Re: [dev] FW: Android SECURED mode > > >

Re: [dev] FW: Android SECURED mode

language is Java. > > > > *From:* Arthur Barros Lapprand [mailto:a...@cin.ufpe.br] > *Sent:* Friday, January 5, 2018 11:34 AM > *To:* Nash, George > *Cc:* Rami Alshafi ; iotivity < > iotivity-dev@lists.iotivity.org> > > > *Subject:* Re: [dev] FW: Android SECURED

Re: [dev] FW: Android SECURED mode

*Sent:* Wednesday, December 27, 2017 8:43 AM > *To:* Rami Alshafi > *Cc:* iotivity > > > *Subject:* Re: [dev] FW: Android SECURED mode > > > > Hi Rami, > > I have looked the fopen() functions and I'm currently in doubt on how to > do it in Java since I&#

Re: [dev] FW: Android SECURED mode

To: Rami Alshafi Cc: Morrow, Joseph L ; Tonny Tzeng ; iotivity ; Matthews, Michael L Subject: Re: [dev] FW: Android SECURED mode Hi Rami, Yes indeed, I'll have a look at it and try to implement as soon as I can. If the device properties file is the same as the introspection file J

Re: [dev] FW: Android SECURED mode

mailto:iotivity-dev@lists.iotivity.org>>, Rami Alshafi mailto:ralsh...@vtmgroup.com>>, "Matthews, Michael L" mailto:michael.l.matth...@intel.com>> Subject: Re: [dev] FW: Android SECURED mode Hi Joseph, I couldn't find the error code but I did look into the error=ERROR flag whic

Re: [dev] FW: Android SECURED mode

and [mailto:a...@cin.ufpe.br] >> *Sent:* Tuesday, December 26, 2017 4:48 PM >> *To:* Rami Alshafi >> *Cc:* Morrow, Joseph L ; Tonny Tzeng < >> tonny.tz...@gmail.com>; iotivity ; >> Matthews, Michael L >> >> >> *Subject:* Re: [dev] FW: Android SE

Re: [dev] FW: Android SECURED mode

t; tonny.tz...@gmail.com>; iotivity ; > Matthews, Michael L > > > *Subject:* Re: [dev] FW: Android SECURED mode > > > > Hi Rami, > > Yes indeed, I'll have a look at it and try to implement as soon as I can. > If the device properties file is the same as the intr

Re: [dev] FW: Android SECURED mode

ur Barros Lapprand [mailto:a...@cin.ufpe.br] > *Sent:* Tuesday, December 26, 2017 4:02 PM > *To:* Morrow, Joseph L > *Cc:* Tonny Tzeng ; iotivity < > iotivity-dev@lists.iotivity.org>; Rami Alshafi ; > Matthews, Michael L > > *Subject:* Re: [dev] FW: Android SECURED mode

Re: [dev] FW: Android SECURED mode

orrow > > From: Arthur Barros Lapprand > Date: Tuesday, December 26, 2017 at 10:48 AM > > To: Joseph L Morrow > Cc: Tonny Tzeng , iotivity < > iotivity-dev@lists.iotivity.org>, Rami Alshafi , > "Matthews, Michael L" > Subject: Re: [dev] FW: Androi

Re: [dev] FW: Android SECURED mode

Tzeng mailto:tonny.tz...@gmail.com>>, iotivity mailto:iotivity-dev@lists.iotivity.org>>, Rami Alshafi mailto:ralsh...@vtmgroup.com>>, "Matthews, Michael L" mailto:michael.l.matth...@intel.com>> Subject: Re: [dev] FW: Android SECURED mode Hi Joseph, I couldn't

Re: [dev] FW: Android SECURED mode

file, make sure they match on both sides (server & client). > > Thanks, > > Joey Morrow > > From: Arthur Barros Lapprand > Date: Tuesday, December 26, 2017 at 5:04 AM > To: Joseph L Morrow > Cc: Tonny Tzeng , iotivity < > iotivity-dev@lists.iotivity.org>, Rami A

Re: [dev] FW: Android SECURED mode

:04 AM To: Joseph L Morrow mailto:joseph.l.mor...@intel.com>> Cc: Tonny Tzeng mailto:tonny.tz...@gmail.com>>, iotivity mailto:iotivity-dev@lists.iotivity.org>>, Rami Alshafi mailto:ralsh...@vtmgroup.com>>, "Matthews, Michael L" mailto:michael.l.matth...@intel.com>

Re: [dev] FW: Android SECURED mode

the copy of > it here for you to use later in your application. > > MyDiscoveredResources.push_back(resource); // For a quick test, just call > "resource.get()" and see if the server side is honoring your request now. > > > } > > Thanks, > > Joey M

Re: [dev] FW: Android SECURED mode

tivity.org>> on behalf of Arthur Barros Lapprand mailto:a...@cin.ufpe.br>> Date: Sunday, December 24, 2017 at 6:51 PM To: Tonny Tzeng mailto:tonny.tz...@gmail.com>> Cc: iotivity mailto:iotivity-dev@lists.iotivity.org>>, Rami Alshafi mailto:ralsh...@vtmgroup.com>> Sub

Re: [dev] FW: Android SECURED mode

I am using both OC_NONSECURE and OC_SECURE flags when registering the resources and attempting a GET request with the OcResource I get from the OnResourceFound callback. Odd, isn't it? Thank you, A. Lapprand Em dom, 24 de dez de 2017 às 23:46, Tonny Tzeng escreveu: > What flags did you pass to

Re: [dev] FW: Android SECURED mode

What flags did you pass to the registerResource() function? note that if you want to communicate over non-secure endpoint, you need to pass OC_NONSECURE flag explicitly while registering the resource. The simpleserver server doesn't work in non-secure mode for the same reason, no passing OC_SECURE

Re: [dev] FW: Android SECURED mode

Hi all, I got to test the ACLs Rami provided while changing the server json by adding these ACEs: { "aceid": 6, "subject": {"conntype": "anon-clear"}, "resources":[ { "href":"*"} ], "permission": 14 }, { "aceid": 7, "subject": {"conntype": "auth-crypt"}, "r