Re: [dev] Security in IoTivity-Constrained

Kishen Maloor Mon, 18 Feb 2019 08:48:56 -0800

Hello,

In IoTivity-Constrained you don't have to create any files by hand to initialize
the security context.


> I saw in the examples that all I need to add is the folder on where the 
> security files
> should be in e.g. the ACL, cred, etc using the function as written in the
> "simpleserver.c"
> "oc_storage_config("./simpleserver_creds");"

Yes, that is precisely all that you need to do in an application to support
"just-works" onboarding.
The stack writes to/reads from relevant files in that directory at runtime.

Having done the above, you have to use an onboarding tool to onboard/provision 
Clients
and Servers so they can communicate securely. The project includes an 
onboarding tool
sample. For e.g. in port/linux, run ./onboarding_tool. It is an interactive, 
command-line
tool.

As for the steps you have to follow, below is the only documentation I can 
point you to:
https://github.com/iotivity/iotivity-constrained/tree/swig/swig

Look under the "Onboarding and Provisioning" section.
That text needs to be updated slightly, but from it you should get
a pretty good idea of what needs to be done. Feel free to seek clarification if 
you get stuck.

Thanks,
-Kishen.


--
Kishen Maloor
Intel Open Source Technology Center

From: <iotivity-dev@lists.iotivity.org> on behalf of "Mohamed A." 
<e.m.apo...@gmail.com>
Date: Saturday, February 16, 2019 at 7:31 PM
To: IoTivity-dev <iotivity-dev@lists.iotivity.org>
Subject: [dev] Security in IoTivity-Constrained

 Good day

I'm trying to use the secured IoTivity-Constrained, but I'm still not able to 
find documentation on how to implement it. I did use implement secured IoTivity 
by using  json2cbor tools on the Jason file I wrote using IoTivity 
documentation. but it was not the same on IoTivity-Constrained and didn't find 
examples on how to implement the secure version of  IoTivity-Constrained.
I saw in the examples that all I need to add is the folder on where the 
security files should be in e.g. the ACL, cred, etc using the function as 
written in the "simpleserver.c"
"oc_storage_config("./simpleserver_creds");"

My question is:

  *   how many files I need to prepare to make server and client able to 
communicate securely
  *   what is the structure of these files
  *   and is there a tool such as "json2cbor" as in IoTivity to be used in 
IoTivity-Constrained
  *   is there extra steps to be done besides using this function 
"oc_storage_config"

Thank you very much
Mohamed A.


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.

View/Reply Online (#10173): 
https://lists.iotivity.org/g/iotivity-dev/message/10173
Mute This Topic: https://lists.iotivity.org/mt/29879797/21656
Group Owner: iotivity-dev+ow...@lists.iotivity.org
Unsubscribe: https://lists.iotivity.org/g/iotivity-dev/unsub  
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [dev] Security in IoTivity-Constrained

Reply via email to