1.3.2 OcaSecurityManager

Class Hierarchy:

OcaRoot → OcaManager → OcaSecurityManager

class OcaSecurityManager : OcaManager

Manager that collects and controls security settings (including security keys).

• Must be instantiated in every device that supports secure control and monitoring; otherwise, is optional.

• May be instantiated at most once in any device.

• If instantiated, object number must be 2.

Properties:

static const OcaClassID ClassID = "1.3.2"

Number that uniquely identifies the class. Note that this differs from the object number, which identifies the instantiated object. This property is an override of the OcaRoot property.

This property has id 3.1.

static const OcaClassVersionNumber ClassVersion = 2

Identifies the interface version of the class. Any change to the class definition leads to a higher class version. This property is an override of the OcaRoot property.

This property has id 3.2.

OcaBoolean secureControlData

Indicates whether the OCA control data in the system is secured.

This property has id 3.1.

Properties inherited from OcaRoot:

• OcaONo OcaRoot::ObjectNumber

• OcaBoolean OcaRoot::Lockable

• OcaString OcaRoot::Role

Methods:

OcaStatus AddPreSharedKey(OcaString identity, OcaBlob key)

Adds a pre-shared key (identified by the passed identity) to the device. By having multiple PSKs the device is able to participate in multiple secure systems. Note that adding a PSK over the network will only work if the controller has a secure connection to the device and control security has been turned on. If this is not the case the method will return DeviceError.

This method has id 3.4.

Parameters

• OcaString identity – Input parameter.

• OcaBlob key – Input parameter.

OcaStatus ChangePreSharedKey(OcaString identity, OcaBlob newKey)

Changes the pre-shared key identified by the passed identity. Note that changing a PSK over the network will only work if the controller has a secure connection to the device and control security has been turned on. If this is not the case the method will return DeviceError.

This method has id 3.3.

Parameters

• OcaString identity – Input parameter.

• OcaBlob newKey – Input parameter.

OcaStatus DeletePreSharedKey(OcaString identity)

Deletes a pre-shared key (identified by the passed identity) on the device. After deleting the pre-shared key the device will no longer be able to participate in the secure system that uses the PSK. Note that deleting a PSK over the network will only work if the controller has a secure connection to the device and control security has been turned on. If this is not the case the method will return DeviceError.

This method has id 3.5.

Parameters

OcaString identity – Input parameter.

OcaStatus DisableControlSecurity()

Disables security of control data (OCA messages). After calling this method all OCA messages can be sent and received both on insecure and secure connections. The return value indicates whether the operation succeeded. If the operation fails security is not disabled.

This method has id 3.2.

OcaStatus EnableControlSecurity()

Enables security of control data (OCA messages). After calling this method all OCA messages are sent and received using a secure connection. The return value indicates whether the operation succeeded. If the operation fails security is not enabled.

This method has id 3.1.

Methods inherited from OcaRoot:

• OcaRoot::GetClassIdentification(ClassIdentification)

• OcaRoot::GetLockable(lockable)

• OcaRoot::LockTotal()

• OcaRoot::Unlock()

• OcaRoot::GetRole(Role)

• OcaRoot::LockReadonly()