libcoap 4.3.5-develop-1ba3158
Loading...
Searching...
No Matches
coap_gnutls.c
Go to the documentation of this file.
1/*
2 * coap_gnutls.c -- GnuTLS Datagram Transport Layer Support for libcoap
3 *
4 * Copyright (C) 2017 Dag Bjorklund <dag.bjorklund@comsel.fi>
5 * Copyright (C) 2018-2025 Jon Shallow <supjps-libcoap@jpshallow.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
18/*
19 * Naming used to prevent confusion between coap sessions, gnutls sessions etc.
20 * when reading the code.
21 *
22 * c_context A coap_context_t *
23 * c_session A coap_session_t *
24 * g_context A coap_gnutls_context_t * (held in c_context->dtls_context)
25 * g_session A gnutls_session_t (which has the * in the typedef)
26 * g_env A coap_gnutls_env_t * (held in c_session->tls)
27 */
28
29/*
30 * Notes
31 *
32 * There is a memory leak in GnuTLS prior to 3.3.26 when hint is not freed off
33 * when server psk credentials are freed off.
34 *
35 * ca_path in coap_dtls_context_set_pki_root_cas() is not supported until 3.3.6
36 *
37 * Identity Hint is not provided if using DH and versions prior to 3.4.4
38 *
39 * 3.5.5 or later is required to interoperate with TinyDTLS as CCM algorithm
40 * support is required.
41 *
42 * TLS 1.3 is properly supported from 3.6.5 onwards
43 * (but is not enabled by default in 3.6.4)
44 *
45 * Starting with 3.6.3, fixed in 3.6.13, Client Hellos may fail with some
46 * server implementations (e.g. Californium) as random value is all zeros
47 * - CVE-2020-11501 - a security weakness.
48 * 3.6.6 or later is required to support Raw Public Key(RPK)
49 */
50
51#include "coap3/coap_libcoap_build.h"
52
53#ifdef COAP_WITH_LIBGNUTLS
54
55#define MIN_GNUTLS_VERSION "3.3.0"
56
57#include <stdio.h>
58#include <gnutls/gnutls.h>
59#include <gnutls/x509.h>
60#include <gnutls/dtls.h>
61#include <gnutls/pkcs11.h>
62#include <gnutls/crypto.h>
63#include <gnutls/abstract.h>
64#include <unistd.h>
65#if (GNUTLS_VERSION_NUMBER >= 0x030606)
66#define COAP_GNUTLS_KEY_RPK GNUTLS_KEY_DIGITAL_SIGNATURE | \
67 GNUTLS_KEY_NON_REPUDIATION | \
68 GNUTLS_KEY_KEY_ENCIPHERMENT | \
69 GNUTLS_KEY_DATA_ENCIPHERMENT | \
70 GNUTLS_KEY_KEY_AGREEMENT | \
71 GNUTLS_KEY_KEY_CERT_SIGN
72#endif /* GNUTLS_VERSION_NUMBER >= 0x030606 */
73
74#ifndef GNUTLS_CRT_RAW
75#define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK
76#endif /* GNUTLS_CRT_RAW */
77
78#ifdef _WIN32
79#define strcasecmp _stricmp
80#endif
81
82typedef struct coap_ssl_t {
83 const uint8_t *pdu;
84 unsigned pdu_len;
85 unsigned peekmode;
86 gnutls_datum_t cookie_key;
87} coap_ssl_t;
88
89/*
90 * This structure encapsulates the GnuTLS session object.
91 * It handles both TLS and DTLS.
92 * c_session->tls points to this.
93 */
94typedef struct coap_gnutls_env_t {
95 gnutls_session_t g_session;
96 gnutls_psk_client_credentials_t psk_cl_credentials;
97 gnutls_psk_server_credentials_t psk_sv_credentials;
98 gnutls_certificate_credentials_t pki_credentials;
99 coap_ssl_t coap_ssl_data;
100 /* If not set, need to do gnutls_handshake */
101 int established;
102 int doing_dtls_timeout;
103 coap_tick_t last_timeout;
104 int sent_alert;
105} coap_gnutls_env_t;
106
107#define IS_PSK (1 << 0)
108#define IS_PKI (1 << 1)
109#define IS_CLIENT (1 << 6)
110#define IS_SERVER (1 << 7)
111
112typedef struct pki_sni_entry {
113 char *sni;
114 coap_dtls_key_t pki_key;
115 gnutls_certificate_credentials_t pki_credentials;
116} pki_sni_entry;
117
118typedef struct psk_sni_entry {
119 char *sni;
120 coap_dtls_spsk_info_t psk_info;
121 gnutls_psk_server_credentials_t psk_credentials;
122} psk_sni_entry;
123
124typedef struct coap_gnutls_context_t {
125 coap_dtls_pki_t setup_data;
126 int psk_pki_enabled;
127 size_t pki_sni_count;
128 pki_sni_entry *pki_sni_entry_list;
129 size_t psk_sni_count;
130 psk_sni_entry *psk_sni_entry_list;
131 gnutls_datum_t alpn_proto; /* Will be "coap", but that is a const */
132 char *root_ca_file;
133 char *root_ca_path;
134 int trust_store_defined;
135 gnutls_priority_t priority_cache;
136} coap_gnutls_context_t;
137
138typedef enum coap_free_bye_t {
139 COAP_FREE_BYE_AS_TCP,
140 COAP_FREE_BYE_AS_UDP,
141 COAP_FREE_BYE_NONE
142} coap_free_bye_t;
143
144#define VARIANTS_3_6_6 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL:+SHA256"
145#define VARIANTS_3_5_5 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8"
146#define VARIANTS_BASE "NORMAL:+ECDHE-PSK:+PSK"
147
148#define VARIANTS_NO_TLS13_3_6_6 VARIANTS_3_6_6 ":-VERS-TLS1.3"
149#define VARIANTS_NO_TLS13_3_6_4 VARIANTS_3_5_5 ":-VERS-TLS1.3"
150
151#define G_ACTION(xx) do { \
152 ret = (xx); \
153 } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
154
155#define G_CHECK(xx,func) do { \
156 if ((ret = (xx)) < 0) { \
157 coap_log_warn("%s: '%s'\n", func, gnutls_strerror(ret)); \
158 goto fail; \
159 } \
160 } while (0)
161
162#define G_ACTION_CHECK(xx,func) do { \
163 G_ACTION(xx); \
164 G_CHECK(xx, func); \
165 } while 0
166
167static coap_log_t dtls_log_level = COAP_LOG_EMERG;
168
169#if COAP_SERVER_SUPPORT
170static int post_client_hello_gnutls_pki(gnutls_session_t g_session);
171static int post_client_hello_gnutls_psk(gnutls_session_t g_session);
172static int psk_server_callback(gnutls_session_t g_session,
173 const char *identity,
174 gnutls_datum_t *key);
175#endif /* COAP_SERVER_SUPPORT */
176
177/*
178 * return 0 failed
179 * 1 passed
180 */
181int
182coap_dtls_is_supported(void) {
183 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
184 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
185 return 0;
186 }
187 return 1;
188}
189
190/*
191 * return 0 failed
192 * 1 passed
193 */
194int
195coap_tls_is_supported(void) {
196#if !COAP_DISABLE_TCP
197 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
198 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
199 return 0;
200 }
201 return 1;
202#else /* COAP_DISABLE_TCP */
203 return 0;
204#endif /* COAP_DISABLE_TCP */
205}
206
207/*
208 * return 0 failed
209 * 1 passed
210 */
211int
212coap_dtls_psk_is_supported(void) {
213 return 1;
214}
215
216/*
217 * return 0 failed
218 * 1 passed
219 */
220int
221coap_dtls_pki_is_supported(void) {
222 return 1;
223}
224
225/*
226 * return 0 failed
227 * 1 passed
228 */
229int
230coap_dtls_pkcs11_is_supported(void) {
231 return 1;
232}
233
234/*
235 * return 0 failed
236 * 1 passed
237 */
238int
239coap_dtls_rpk_is_supported(void) {
240#if (GNUTLS_VERSION_NUMBER >= 0x030606)
241 return 1;
242#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
243 return 0;
244#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
245}
246
247/*
248 * return 0 failed
249 * 1 passed
250 */
251int
252coap_dtls_cid_is_supported(void) {
253 return 0;
254}
255
256#if COAP_CLIENT_SUPPORT
257int
258coap_dtls_set_cid_tuple_change(coap_context_t *c_context, uint8_t every) {
259 (void)c_context;
260 (void)every;
261 return 0;
262}
263#endif /* COAP_CLIENT_SUPPORT */
264
265coap_tls_version_t *
266coap_get_tls_library_version(void) {
267 static coap_tls_version_t version;
268 const char *vers = gnutls_check_version(NULL);
269
270 version.version = 0;
271 if (vers) {
272 int p1, p2, p3;
273
274 sscanf(vers, "%d.%d.%d", &p1, &p2, &p3);
275 version.version = (p1 << 16) | (p2 << 8) | p3;
276 }
277 version.built_version = GNUTLS_VERSION_NUMBER;
278 version.type = COAP_TLS_LIBRARY_GNUTLS;
279 return &version;
280}
281
282static void
283coap_gnutls_audit_log_func(gnutls_session_t g_session, const char *text) {
284#if COAP_MAX_LOGGING_LEVEL > 0
285 if (g_session) {
286 coap_session_t *c_session =
287 (coap_session_t *)gnutls_transport_get_ptr(g_session);
288 coap_log_warn("** %s: %s",
289 coap_session_str(c_session), text);
290 } else {
291 coap_log_warn("** (null): %s", text);
292 }
293#else /* COAP_MAX_LOGGING_LEVEL == 0 */
294 (void)g_session;
295 (void)text;
296#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
297}
298
299static void
300coap_gnutls_log_func(int level, const char *text) {
301 /* Things get noisy, even at level 1 */
302 if (level > 0)
303 level += COAP_LOG_WARN;
304 if (level > COAP_LOG_DEBUG)
305 level = COAP_LOG_DEBUG;
306 coap_dtls_log(level, "%s", text);
307}
308
309/*
310 * return 0 failed
311 * 1 passed
312 */
313int
314coap_dtls_context_set_pki(coap_context_t *c_context,
315 const coap_dtls_pki_t *setup_data,
316 const coap_dtls_role_t role COAP_UNUSED) {
317 coap_dtls_key_t key;
318 coap_gnutls_context_t *g_context =
319 ((coap_gnutls_context_t *)c_context->dtls_context);
320
321 if (!g_context || !setup_data)
322 return 0;
323
324 g_context->setup_data = *setup_data;
325 if (!g_context->setup_data.verify_peer_cert) {
326 /* Needs to be clear so that no CA DNs are transmitted */
327 g_context->setup_data.check_common_ca = 0;
328 if (g_context->setup_data.is_rpk_not_cert) {
329 /* Disable all of these as they cannot be checked */
330 g_context->setup_data.allow_self_signed = 0;
331 g_context->setup_data.allow_expired_certs = 0;
332 g_context->setup_data.cert_chain_validation = 0;
333 g_context->setup_data.cert_chain_verify_depth = 0;
334 g_context->setup_data.check_cert_revocation = 0;
335 g_context->setup_data.allow_no_crl = 0;
336 g_context->setup_data.allow_expired_crl = 0;
337 g_context->setup_data.allow_bad_md_hash = 0;
338 g_context->setup_data.allow_short_rsa_length = 0;
339 } else {
340 /* Allow all of these but warn if issue */
341 g_context->setup_data.allow_self_signed = 1;
342 g_context->setup_data.allow_expired_certs = 1;
343 g_context->setup_data.cert_chain_validation = 1;
344 g_context->setup_data.cert_chain_verify_depth = 10;
345 g_context->setup_data.check_cert_revocation = 1;
346 g_context->setup_data.allow_no_crl = 1;
347 g_context->setup_data.allow_expired_crl = 1;
348 g_context->setup_data.allow_bad_md_hash = 1;
349 g_context->setup_data.allow_short_rsa_length = 1;
350 }
351 }
352 /* Map over to the new define format to save code duplication */
353 coap_dtls_map_key_type_to_define(&g_context->setup_data, &key);
354 g_context->setup_data.pki_key = key;
355 g_context->psk_pki_enabled |= IS_PKI;
356 if (setup_data->use_cid) {
357 coap_log_warn("GnuTLS has no Connection-ID support\n");
358 }
359 return 1;
360}
361
362/*
363 * return 0 failed
364 * 1 passed
365 */
366int
367coap_dtls_context_set_pki_root_cas(coap_context_t *c_context,
368 const char *ca_file,
369 const char *ca_path) {
370 coap_gnutls_context_t *g_context =
371 ((coap_gnutls_context_t *)c_context->dtls_context);
372 if (!g_context) {
373 coap_log_warn("coap_context_set_pki_root_cas: (D)TLS environment "
374 "not set up\n");
375 return 0;
376 }
377
378 if (ca_file == NULL && ca_path == NULL) {
379 coap_log_warn("coap_context_set_pki_root_cas: ca_file and/or ca_path "
380 "not defined\n");
381 return 0;
382 }
383 if (g_context->root_ca_file) {
384 gnutls_free(g_context->root_ca_file);
385 g_context->root_ca_file = NULL;
386 }
387 if (ca_file) {
388 g_context->root_ca_file = gnutls_strdup(ca_file);
389 }
390 if (g_context->root_ca_path) {
391 gnutls_free(g_context->root_ca_path);
392 g_context->root_ca_path = NULL;
393 }
394 if (ca_path) {
395#if (GNUTLS_VERSION_NUMBER >= 0x030306)
396 g_context->root_ca_path = gnutls_strdup(ca_path);
397#else
398 coap_log_err("ca_path not supported in GnuTLS < 3.3.6\n");
399#endif
400 }
401 return 1;
402}
403
404/*
405 * return 0 failed
406 * 1 passed
407 */
408int
409coap_dtls_context_load_pki_trust_store(coap_context_t *c_context) {
410 coap_gnutls_context_t *g_context =
411 ((coap_gnutls_context_t *)c_context->dtls_context);
412 if (!g_context) {
413 coap_log_warn("coap_context_set_pki_trust_store: (D)TLS environment "
414 "not set up\n");
415 return 0;
416 }
417
418#if (GNUTLS_VERSION_NUMBER >= 0x030020)
419 g_context->trust_store_defined = 1;
420 return 1;
421#else
422 coap_log_warn("coap_context_set_pki_trust_store(): (D)TLS environment "
423 "not supported for GnuTLS < v3.0.20\n");
424 return 0;
425#endif
426}
427
428#if COAP_SERVER_SUPPORT
429/*
430 * return 0 failed
431 * 1 passed
432 */
433int
434coap_dtls_context_set_spsk(coap_context_t *c_context,
435 coap_dtls_spsk_t *setup_data
436 ) {
437 coap_gnutls_context_t *g_context =
438 ((coap_gnutls_context_t *)c_context->dtls_context);
439
440 if (!g_context || !setup_data)
441 return 0;
442
443 if (setup_data->ec_jpake) {
444 coap_log_warn("GnuTLS has no EC-JPAKE support\n");
445 }
446 g_context->psk_pki_enabled |= IS_PSK;
447 return 1;
448}
449#endif /* COAP_SERVER_SUPPORT */
450
451#if COAP_CLIENT_SUPPORT
452/*
453 * return 0 failed
454 * 1 passed
455 */
456int
457coap_dtls_context_set_cpsk(coap_context_t *c_context,
458 coap_dtls_cpsk_t *setup_data
459 ) {
460 coap_gnutls_context_t *g_context =
461 ((coap_gnutls_context_t *)c_context->dtls_context);
462
463 if (!g_context || !setup_data)
464 return 0;
465
466 if (setup_data->ec_jpake) {
467 coap_log_warn("GnuTLS has no EC-JPAKE support\n");
468 }
469 if (setup_data->use_cid) {
470 coap_log_warn("GnuTLS has no Connection-ID support\n");
471 }
472 g_context->psk_pki_enabled |= IS_PSK;
473 return 1;
474}
475#endif /* COAP_CLIENT_SUPPORT */
476
477/*
478 * return 0 failed
479 * 1 passed
480 */
481int
482coap_dtls_context_check_keys_enabled(coap_context_t *c_context) {
483 coap_gnutls_context_t *g_context =
484 ((coap_gnutls_context_t *)c_context->dtls_context);
485 return g_context->psk_pki_enabled ? 1 : 0;
486}
487
488void
489coap_dtls_startup(void) {
490 gnutls_global_set_audit_log_function(coap_gnutls_audit_log_func);
491 gnutls_global_set_log_function(coap_gnutls_log_func);
492}
493
494void
495coap_dtls_shutdown(void) {
496 coap_dtls_set_log_level(COAP_LOG_EMERG);
497}
498
499void *
500coap_dtls_get_tls(const coap_session_t *c_session,
501 coap_tls_library_t *tls_lib) {
502 if (tls_lib)
503 *tls_lib = COAP_TLS_LIBRARY_GNUTLS;
504 if (c_session && c_session->tls) {
505 const coap_gnutls_env_t *g_env = (const coap_gnutls_env_t *)c_session->tls;
506
507 return g_env->g_session;
508 }
509 return NULL;
510}
511
512void
513coap_dtls_set_log_level(coap_log_t level) {
514 dtls_log_level = level;
515 gnutls_global_set_log_level(dtls_log_level);
516}
517
518/*
519 * return current logging level
520 */
521coap_log_t
522coap_dtls_get_log_level(void) {
523 return dtls_log_level;
524}
525
526/*
527 * return +ve new g_context
528 * NULL failure
529 */
530void *
531coap_dtls_new_context(coap_context_t *c_context COAP_UNUSED) {
532 const char *err;
533 int ret;
534 coap_gnutls_context_t *g_context =
535 (coap_gnutls_context_t *)
536 gnutls_malloc(sizeof(coap_gnutls_context_t));
537
538 if (g_context) {
539 coap_tls_version_t *tls_version = coap_get_tls_library_version();
540 const char *priority;
541
542 G_CHECK(gnutls_global_init(), "gnutls_global_init");
543 memset(g_context, 0, sizeof(coap_gnutls_context_t));
544 g_context->alpn_proto.data = gnutls_malloc(4);
545 if (g_context->alpn_proto.data) {
546 memcpy(g_context->alpn_proto.data, "coap", 4);
547 g_context->alpn_proto.size = 4;
548 }
549
550 if (tls_version->version >= 0x030606) {
551 priority = VARIANTS_3_6_6;
552 } else if (tls_version->version >= 0x030505) {
553 priority = VARIANTS_3_5_5;
554 } else {
555 priority = VARIANTS_BASE;
556 }
557 ret = gnutls_priority_init(&g_context->priority_cache, priority, &err);
558 if (ret != GNUTLS_E_SUCCESS) {
559 if (ret == GNUTLS_E_INVALID_REQUEST)
560 coap_log_warn("gnutls_priority_init: Syntax error at: %s\n", err);
561 else
562 coap_log_warn("gnutls_priority_init: %s\n", gnutls_strerror(ret));
563 goto fail;
564 }
565 }
566 return g_context;
567
568fail:
569 if (g_context)
570 coap_dtls_free_context(g_context);
571 return NULL;
572}
573
574void
575coap_dtls_free_context(void *handle) {
576 size_t i;
577 coap_gnutls_context_t *g_context = (coap_gnutls_context_t *)handle;
578
579 gnutls_free(g_context->alpn_proto.data);
580 gnutls_free(g_context->root_ca_file);
581 gnutls_free(g_context->root_ca_path);
582 for (i = 0; i < g_context->pki_sni_count; i++) {
583 gnutls_free(g_context->pki_sni_entry_list[i].sni);
584 gnutls_certificate_free_credentials(
585 g_context->pki_sni_entry_list[i].pki_credentials);
586 }
587 if (g_context->pki_sni_entry_list)
588 gnutls_free(g_context->pki_sni_entry_list);
589
590 for (i = 0; i < g_context->psk_sni_count; i++) {
591 gnutls_free(g_context->psk_sni_entry_list[i].sni);
592 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
593 gnutls_psk_free_server_credentials(
594 g_context->psk_sni_entry_list[i].psk_credentials);
595 }
596 if (g_context->psk_sni_entry_list)
597 gnutls_free(g_context->psk_sni_entry_list);
598
599 gnutls_priority_deinit(g_context->priority_cache);
600
601 gnutls_global_deinit();
602 gnutls_free(g_context);
603}
604
605#if COAP_CLIENT_SUPPORT
606/*
607 * gnutls_psk_client_credentials_function return values
608 * (see gnutls_psk_set_client_credentials_function())
609 *
610 * return -1 failed
611 * 0 passed
612 */
613static int
614psk_client_callback(gnutls_session_t g_session,
615 char **username, gnutls_datum_t *key) {
616 coap_session_t *c_session =
617 (coap_session_t *)gnutls_transport_get_ptr(g_session);
618 coap_gnutls_context_t *g_context;
619 coap_dtls_cpsk_t *setup_data;
620 const char *hint = gnutls_psk_client_get_hint(g_session);
621 coap_bin_const_t temp;
622 const coap_bin_const_t *psk_key;
623 const coap_bin_const_t *psk_identity;
624 const coap_dtls_cpsk_info_t *cpsk_info;
625
626 /* Initialize result parameters. */
627 *username = NULL;
628 key->data = NULL;
629
630 if (c_session == NULL)
631 return -1;
632
633 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
634 if (g_context == NULL)
635 return -1;
636
637 setup_data = &c_session->cpsk_setup_data;
638
639 temp.s = hint ? (const uint8_t *)hint : (const uint8_t *)"";
640 temp.length = strlen((const char *)temp.s);
641 coap_session_refresh_psk_hint(c_session, &temp);
642
643 coap_log_debug("got psk_identity_hint: '%.*s'\n", (int)temp.length,
644 (const char *)temp.s);
645
646 if (setup_data->validate_ih_call_back) {
647 coap_str_const_t lhint;
648
649 lhint.length = temp.length;
650 lhint.s = temp.s;
651 coap_lock_callback_ret(cpsk_info, c_session->context,
652 setup_data->validate_ih_call_back(&lhint,
653 c_session,
654 setup_data->ih_call_back_arg));
655
656 if (cpsk_info == NULL)
657 return -1;
658
659 coap_session_refresh_psk_identity(c_session, &cpsk_info->identity);
660 coap_session_refresh_psk_key(c_session, &cpsk_info->key);
661 psk_identity = &cpsk_info->identity;
662 psk_key = &cpsk_info->key;
663 } else {
664 psk_identity = coap_get_session_client_psk_identity(c_session);
665 psk_key = coap_get_session_client_psk_key(c_session);
666 }
667
668 if (psk_identity == NULL || psk_key == NULL) {
669 coap_log_warn("no PSK available\n");
670 return -1;
671 }
672
673 *username = gnutls_malloc(psk_identity->length+1);
674 if (*username == NULL)
675 return -1;
676 memcpy(*username, psk_identity->s, psk_identity->length);
677 (*username)[psk_identity->length] = '\000';
678
679 key->data = gnutls_malloc(psk_key->length);
680 if (key->data == NULL) {
681 gnutls_free(*username);
682 *username = NULL;
683 return -1;
684 }
685 memcpy(key->data, psk_key->s, psk_key->length);
686 key->size = psk_key->length;
687 return 0;
688}
689#endif /* COAP_CLIENT_SUPPORT */
690
691typedef struct {
692 gnutls_certificate_type_t certificate_type;
693 char *san_or_cn;
694 const gnutls_datum_t *cert_list;
695 unsigned int cert_list_size;
696 int self_signed; /* 1 if cert self-signed, 0 otherwise */
697} coap_gnutls_certificate_info_t;
698
699/*
700 * return Type of certificate and SAN or CN if appropriate derived from
701 * certificate. GNUTLS_CRT_UNKNOWN if failure.
702 */
703static gnutls_certificate_type_t
704get_san_or_cn(gnutls_session_t g_session,
705 coap_gnutls_certificate_info_t *cert_info) {
706 gnutls_x509_crt_t cert;
707 char dn[256];
708 size_t size;
709 int n;
710 char *cn;
711 int ret;
712
713#if (GNUTLS_VERSION_NUMBER >= 0x030606)
714 cert_info->certificate_type = gnutls_certificate_type_get2(g_session,
715 GNUTLS_CTYPE_PEERS);
716#else /* < 3.6.6 */
717 cert_info->certificate_type = gnutls_certificate_type_get(g_session);
718#endif /* < 3.6.6 */
719
720 cert_info->san_or_cn = NULL;
721
722 cert_info->cert_list = gnutls_certificate_get_peers(g_session,
723 &cert_info->cert_list_size);
724 if (cert_info->cert_list_size == 0) {
725 return GNUTLS_CRT_UNKNOWN;
726 }
727
728 if (cert_info->certificate_type != GNUTLS_CRT_X509)
729 return cert_info->certificate_type;
730
731 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
732
733 /* Interested only in first cert in chain */
734 G_CHECK(gnutls_x509_crt_import(cert, &cert_info->cert_list[0],
735 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
736
737 cert_info->self_signed = gnutls_x509_crt_check_issuer(cert, cert);
738
739 size = sizeof(dn) -1;
740 /* See if there is a Subject Alt Name first */
741 ret = gnutls_x509_crt_get_subject_alt_name(cert, 0, dn, &size, NULL);
742 if (ret >= 0) {
743 dn[size] = '\000';
744 gnutls_x509_crt_deinit(cert);
745 cert_info->san_or_cn = gnutls_strdup(dn);
746 return cert_info->certificate_type;
747 }
748
749 size = sizeof(dn);
750 G_CHECK(gnutls_x509_crt_get_dn(cert, dn, &size), "gnutls_x509_crt_get_dn");
751
752 gnutls_x509_crt_deinit(cert);
753
754 /* Need to emulate strcasestr() here. Looking for CN= */
755 n = strlen(dn) - 3;
756 cn = dn;
757 while (n > 0) {
758 if (((cn[0] == 'C') || (cn[0] == 'c')) &&
759 ((cn[1] == 'N') || (cn[1] == 'n')) &&
760 (cn[2] == '=')) {
761 cn += 3;
762 break;
763 }
764 cn++;
765 n--;
766 }
767 if (n > 0) {
768 char *ecn = strchr(cn, ',');
769 if (ecn) {
770 cn[ecn-cn] = '\000';
771 }
772 cert_info->san_or_cn = gnutls_strdup(cn);
773 return cert_info->certificate_type;
774 }
775 return GNUTLS_CRT_UNKNOWN;
776
777fail:
778 return GNUTLS_CRT_UNKNOWN;
779}
780
781#if (GNUTLS_VERSION_NUMBER >= 0x030606)
782#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
783 cert_info.san_or_cn : \
784 cert_type == GNUTLS_CRT_RAW ? \
785 COAP_DTLS_RPK_CERT_CN : "?")
786#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
787#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
788 cert_info.san_or_cn : "?")
789#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
790
791#if (GNUTLS_VERSION_NUMBER >= 0x030606)
792static int
793check_rpk_cert(coap_gnutls_context_t *g_context,
794 coap_gnutls_certificate_info_t *cert_info,
795 coap_session_t *c_session) {
796 int ret;
797
798 if (g_context->setup_data.validate_cn_call_back) {
799 gnutls_pcert_st pcert;
800 uint8_t der[2048];
801 size_t size;
802
803 G_CHECK(gnutls_pcert_import_rawpk_raw(&pcert, &cert_info->cert_list[0],
804 GNUTLS_X509_FMT_DER, 0, 0),
805 "gnutls_pcert_import_rawpk_raw");
806
807 size = sizeof(der);
808 G_CHECK(gnutls_pubkey_export(pcert.pubkey, GNUTLS_X509_FMT_DER, der, &size),
809 "gnutls_pubkey_export");
810 gnutls_pcert_deinit(&pcert);
811 coap_lock_callback_ret(ret, c_session->context,
812 g_context->setup_data.validate_cn_call_back(COAP_DTLS_RPK_CERT_CN,
813 der,
814 size,
815 c_session,
816 0,
817 1,
818 g_context->setup_data.cn_call_back_arg));
819 if (!ret) {
820 return 0;
821 }
822 }
823 return 1;
824fail:
825 return 0;
826}
827#endif /* >= 3.6.6 */
828
829/*
830 * return 0 failed
831 * 1 passed
832 */
833static int
834cert_verify_gnutls(gnutls_session_t g_session) {
835 unsigned int status = 0;
836 unsigned int fail = 0;
837 coap_session_t *c_session =
838 (coap_session_t *)gnutls_transport_get_ptr(g_session);
839 coap_gnutls_context_t *g_context =
840 (coap_gnutls_context_t *)c_session->context->dtls_context;
841 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
842 int alert = GNUTLS_A_BAD_CERTIFICATE;
843 int ret;
844 coap_gnutls_certificate_info_t cert_info;
845 gnutls_certificate_type_t cert_type;
846
847 memset(&cert_info, 0, sizeof(cert_info));
848 cert_type = get_san_or_cn(g_session, &cert_info);
849#if (GNUTLS_VERSION_NUMBER >= 0x030606)
850 if (cert_type == GNUTLS_CRT_RAW) {
851 if (!check_rpk_cert(g_context, &cert_info, c_session)) {
852 alert = GNUTLS_A_ACCESS_DENIED;
853 goto fail;
854 }
855 goto ok;
856 }
857#endif /* >= 3.6.6 */
858
859 if (cert_info.cert_list_size == 0 && !g_context->setup_data.verify_peer_cert)
860 goto ok;
861
862 G_CHECK(gnutls_certificate_verify_peers(g_session, NULL, 0, &status),
863 "gnutls_certificate_verify_peers");
864
865 coap_dtls_log(COAP_LOG_DEBUG, "error %x cert '%s'\n",
866 status, cert_info.san_or_cn);
867 if (status) {
868 status &= ~(GNUTLS_CERT_INVALID);
869 if (status & (GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED)) {
870 status &= ~(GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED);
871 if (g_context->setup_data.allow_expired_certs) {
872 coap_log_info(" %s: %s: overridden: '%s'\n",
873 coap_session_str(c_session),
874 "The certificate has an invalid usage date",
875 OUTPUT_CERT_NAME);
876 } else {
877 fail = 1;
878 coap_log_warn(" %s: %s: '%s'\n",
879 coap_session_str(c_session),
880 "The certificate has an invalid usage date",
881 OUTPUT_CERT_NAME);
882 }
883 }
884 if (status & (GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
885 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE)) {
886 status &= ~(GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
887 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE);
888 if (g_context->setup_data.allow_expired_crl) {
889 coap_log_info(" %s: %s: overridden: '%s'\n",
890 coap_session_str(c_session),
891 "The certificate's CRL entry has an invalid usage date",
892 OUTPUT_CERT_NAME);
893 } else {
894 fail = 1;
895 coap_log_warn(" %s: %s: '%s'\n",
896 coap_session_str(c_session),
897 "The certificate's CRL entry has an invalid usage date",
898 OUTPUT_CERT_NAME);
899 }
900 }
901 if (status & (GNUTLS_CERT_SIGNER_NOT_FOUND)) {
902 status &= ~(GNUTLS_CERT_SIGNER_NOT_FOUND);
903 if (cert_info.self_signed) {
904 if (g_context->setup_data.allow_self_signed &&
905 !g_context->setup_data.check_common_ca) {
906 coap_log_info(" %s: %s: overridden: '%s'\n",
907 coap_session_str(c_session),
908 "Self-signed",
909 OUTPUT_CERT_NAME);
910 } else {
911 fail = 1;
912 alert = GNUTLS_A_UNKNOWN_CA;
913 coap_log_warn(" %s: %s: '%s'\n",
914 coap_session_str(c_session),
915 "Self-signed",
916 OUTPUT_CERT_NAME);
917 }
918 } else {
919 if (!g_context->setup_data.verify_peer_cert) {
920 coap_log_info(" %s: %s: overridden: '%s'\n",
921 coap_session_str(c_session),
922 "The peer certificate's CA is unknown",
923 OUTPUT_CERT_NAME);
924 } else {
925 fail = 1;
926 alert = GNUTLS_A_UNKNOWN_CA;
927 coap_log_warn(" %s: %s: '%s'\n",
928 coap_session_str(c_session),
929 "The peer certificate's CA is unknown",
930 OUTPUT_CERT_NAME);
931 }
932 }
933 }
934 if (status & (GNUTLS_CERT_INSECURE_ALGORITHM)) {
935 status &= ~(GNUTLS_CERT_INSECURE_ALGORITHM);
936 fail = 1;
937 coap_log_warn(" %s: %s: '%s'\n",
938 coap_session_str(c_session),
939 "The certificate uses an insecure algorithm",
940 OUTPUT_CERT_NAME);
941 }
942
943 if (status) {
944 fail = 1;
945 coap_log_warn(" %s: gnutls_certificate_verify_peers() status 0x%x: '%s'\n",
946 coap_session_str(c_session),
947 status, OUTPUT_CERT_NAME);
948 }
949 }
950
951 if (fail)
952 goto fail;
953
954 if (g_context->setup_data.validate_cn_call_back) {
955 gnutls_x509_crt_t cert;
956 uint8_t der[2048];
957 size_t size;
958 /* status == 0 indicates that the certificate passed to
959 * setup_data.validate_cn_call_back has been validated. */
960 const int cert_is_trusted = !status;
961
962 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
963
964 /* Interested only in first cert in chain */
965 G_CHECK(gnutls_x509_crt_import(cert, &cert_info.cert_list[0],
966 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
967
968 size = sizeof(der);
969 G_CHECK(gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, der, &size),
970 "gnutls_x509_crt_export");
971 gnutls_x509_crt_deinit(cert);
972 coap_lock_callback_ret(ret, c_session->context,
973 g_context->setup_data.validate_cn_call_back(OUTPUT_CERT_NAME,
974 der,
975 size,
976 c_session,
977 0,
978 cert_is_trusted,
979 g_context->setup_data.cn_call_back_arg));
980 if (!ret) {
981 alert = GNUTLS_A_ACCESS_DENIED;
982 goto fail;
983 }
984 }
985
986 if (g_context->setup_data.additional_tls_setup_call_back) {
987 /* Additional application setup wanted */
988 if (!g_context->setup_data.additional_tls_setup_call_back(g_session,
989 &g_context->setup_data)) {
990 goto fail;
991 }
992 }
993
994ok:
995 if (cert_info.san_or_cn)
996 gnutls_free(cert_info.san_or_cn);
997
998 return 1;
999
1000fail:
1001 if (cert_info.san_or_cn)
1002 gnutls_free(cert_info.san_or_cn);
1003
1004 if (!g_env->sent_alert) {
1005 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL, alert));
1006 g_env->sent_alert = 1;
1007 }
1008 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
1009 return 0;
1010}
1011
1012/*
1013 * gnutls_certificate_verify_function return values
1014 * (see gnutls_certificate_set_verify_function())
1015 *
1016 * return -1 failed
1017 * 0 passed
1018 */
1019static int
1020cert_verify_callback_gnutls(gnutls_session_t g_session) {
1021 if (gnutls_auth_get_type(g_session) == GNUTLS_CRD_CERTIFICATE) {
1022 if (cert_verify_gnutls(g_session) == 0) {
1023 return -1;
1024 }
1025 }
1026 return 0;
1027}
1028
1029#ifndef min
1030#define min(a,b) ((a) < (b) ? (a) : (b))
1031#endif
1032
1033static int
1034pin_callback(void *user_data, int attempt,
1035 const char *token_url COAP_UNUSED,
1036 const char *token_label COAP_UNUSED,
1037 unsigned int flags COAP_UNUSED,
1038 char *pin,
1039 size_t pin_max) {
1040 coap_dtls_key_t *key = (coap_dtls_key_t *)user_data;
1041
1042 /* Only do this on first attempt to prevent token lockout */
1043 if (attempt == 0 && key && key->key.define.user_pin) {
1044 int len = min(pin_max - 1, strlen(key->key.define.user_pin));
1045
1046 memcpy(pin, key->key.define.user_pin, len);
1047 pin[len] = 0;
1048 return 0;
1049 }
1050 return -1;
1051}
1052
1053static int
1054check_null_memory(gnutls_datum_t *datum,
1055 const uint8_t *buf, size_t len, int *alloced) {
1056 datum->size = len;
1057 *alloced = 0;
1058 if (buf[len-1] != '\000') {
1059 /* Need to allocate memory, rather than just copying pointers across */
1060 *alloced = 1;
1061 datum->data = gnutls_malloc(len + 1);
1062 if (!datum->data) {
1063 coap_log_err("gnutls_malloc failure\n");
1064 return GNUTLS_E_MEMORY_ERROR;
1065 }
1066 memcpy(datum->data, buf, len);
1067 datum->data[len] = '\000';
1068 datum->size++;
1069 } else {
1070 /* To get around const issue */
1071 memcpy(&datum->data,
1072 &buf, sizeof(datum->data));
1073 }
1074 return 0;
1075}
1076
1077/*
1078 * return 0 Success (GNUTLS_E_SUCCESS)
1079 * neg GNUTLS_E_* error code
1080 */
1081static int
1082setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
1083 gnutls_session_t g_session,
1084 coap_gnutls_context_t *g_context,
1085 coap_dtls_pki_t *setup_data, coap_dtls_role_t role) {
1086 coap_dtls_key_t key;
1087 int ret;
1088 gnutls_datum_t cert;
1089 gnutls_datum_t pkey;
1090 gnutls_datum_t ca;
1091 int alloced_cert_memory = 0;
1092 int alloced_pkey_memory = 0;
1093 int alloced_ca_memory = 0;
1094 int have_done_key = 0;
1095
1096 /* Map over to the new define format to save code duplication */
1097 coap_dtls_map_key_type_to_define(setup_data, &key);
1098
1099 assert(key.key_type == COAP_PKI_KEY_DEFINE);
1100
1101 G_CHECK(gnutls_certificate_allocate_credentials(pki_credentials),
1102 "gnutls_certificate_allocate_credentials");
1103
1104 /*
1105 * Configure the Private Key
1106 */
1107 if (key.key.define.private_key.u_byte &&
1108 key.key.define.private_key.u_byte[0]) {
1109 switch (key.key.define.private_key_def) {
1110 case COAP_PKI_KEY_DEF_PEM: /* define private key */
1111 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
1112 case COAP_PKI_KEY_DEF_DER: /* define private key */
1113 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
1114 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
1115 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
1116 /* Handled under public key */
1117 break;
1118 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
1119#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1120 /* Handled under public key */
1121 break;
1122#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1123 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1124 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1125 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1126 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1127#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1128 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
1129 default:
1130 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1131 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1132 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1133 }
1134 } else if (role == COAP_DTLS_ROLE_SERVER ||
1135 (key.key.define.public_cert.u_byte &&
1136 key.key.define.public_cert.u_byte[0])) {
1137 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1138 COAP_DEFINE_FAIL_NONE,
1139 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1140 }
1141
1142 /*
1143 * Configure the Public Certificate / Key
1144 */
1145 if (key.key.define.public_cert.u_byte &&
1146 key.key.define.public_cert.u_byte[0]) {
1147 /* Both Public and Private keys are handled here and MUST be the same type */
1148 if (!(key.key.define.private_key.s_byte &&
1149 key.key.define.private_key.s_byte[0] &&
1150 key.key.define.private_key_def == key.key.define.public_cert_def)) {
1151 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1152 COAP_DEFINE_FAIL_NONE,
1153 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1154 }
1155 switch (key.key.define.public_cert_def) {
1156 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
1157 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1158 key.key.define.public_cert.s_byte,
1159 key.key.define.private_key.s_byte,
1160 GNUTLS_X509_FMT_PEM)) < 0) {
1161 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1162 COAP_DEFINE_FAIL_BAD,
1163 &key, role, ret);
1164 }
1165 break;
1166 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
1167 if ((ret = check_null_memory(&cert,
1168 key.key.define.public_cert.u_byte,
1169 key.key.define.public_cert_len,
1170 &alloced_cert_memory)) < 0) {
1171 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1172 COAP_DEFINE_FAIL_BAD,
1173 &key, role, ret);
1174 }
1175 if ((ret = check_null_memory(&pkey,
1176 key.key.define.private_key.u_byte,
1177 key.key.define.private_key_len,
1178 &alloced_pkey_memory)) < 0) {
1179 if (alloced_cert_memory)
1180 gnutls_free(cert.data);
1181 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1182 COAP_DEFINE_FAIL_BAD,
1183 &key, role, ret);
1184 }
1185 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1186 &cert,
1187 &pkey,
1188 GNUTLS_X509_FMT_PEM)) < 0) {
1189 if (alloced_cert_memory)
1190 gnutls_free(cert.data);
1191 if (alloced_pkey_memory)
1192 gnutls_free(pkey.data);
1193 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1194 COAP_DEFINE_FAIL_BAD,
1195 &key, role, ret);
1196 }
1197 if (alloced_cert_memory)
1198 gnutls_free(cert.data);
1199 if (alloced_pkey_memory)
1200 gnutls_free(pkey.data);
1201 break;
1202 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
1203#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1204 if ((ret = check_null_memory(&cert,
1205 key.key.define.public_cert.u_byte,
1206 key.key.define.public_cert_len,
1207 &alloced_cert_memory)) < 0) {
1208 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1209 COAP_DEFINE_FAIL_BAD,
1210 &key, role, ret);
1211 }
1212 if ((ret = check_null_memory(&pkey,
1213 key.key.define.private_key.u_byte,
1214 key.key.define.private_key_len,
1215 &alloced_pkey_memory)) < 0) {
1216 if (alloced_cert_memory)
1217 gnutls_free(cert.data);
1218 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1219 COAP_DEFINE_FAIL_BAD,
1220 &key, role, ret);
1221 }
1222 if (strstr((char *)pkey.data, "-----BEGIN EC PRIVATE KEY-----")) {
1223 gnutls_datum_t der_private;
1224
1225 if (gnutls_pem_base64_decode2("EC PRIVATE KEY", &pkey,
1226 &der_private) == 0) {
1227 coap_binary_t *spki = get_asn1_spki(der_private.data,
1228 der_private.size);
1229
1230 if (spki) {
1231 gnutls_datum_t tspki;
1232
1233 tspki.data = spki->s;
1234 tspki.size = spki->length;
1235 ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1236 &tspki,
1237 &der_private,
1238 GNUTLS_X509_FMT_DER, NULL,
1239 COAP_GNUTLS_KEY_RPK,
1240 NULL, 0, 0);
1241 if (ret >= 0) {
1242 have_done_key = 1;
1243 }
1244 coap_delete_binary(spki);
1245 }
1246 gnutls_free(der_private.data);
1247 }
1248 }
1249 if (!have_done_key) {
1250 if ((ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1251 &cert,
1252 &pkey,
1253 GNUTLS_X509_FMT_PEM, NULL,
1254 COAP_GNUTLS_KEY_RPK,
1255 NULL, 0, 0)) < 0) {
1256 if (alloced_cert_memory)
1257 gnutls_free(cert.data);
1258 if (alloced_pkey_memory)
1259 gnutls_free(pkey.data);
1260 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1261 COAP_DEFINE_FAIL_BAD,
1262 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1263 }
1264 }
1265 if (alloced_cert_memory)
1266 gnutls_free(cert.data);
1267 if (alloced_pkey_memory)
1268 gnutls_free(pkey.data);
1269 break;
1270#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1271 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1272 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1273 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1274 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1275#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1276 case COAP_PKI_KEY_DEF_DER: /* define public cert */
1277 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1278 key.key.define.public_cert.s_byte,
1279 key.key.define.private_key.s_byte,
1280 GNUTLS_X509_FMT_DER) < 0)) {
1281 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1282 COAP_DEFINE_FAIL_BAD,
1283 &key, role, ret);
1284 }
1285 break;
1286 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
1287 if ((ret = check_null_memory(&cert,
1288 key.key.define.public_cert.u_byte,
1289 key.key.define.public_cert_len,
1290 &alloced_cert_memory)) < 0) {
1291 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1292 COAP_DEFINE_FAIL_BAD,
1293 &key, role, ret);
1294 }
1295 if ((ret = check_null_memory(&pkey,
1296 key.key.define.private_key.u_byte,
1297 key.key.define.private_key_len,
1298 &alloced_pkey_memory)) < 0) {
1299 if (alloced_cert_memory)
1300 gnutls_free(cert.data);
1301 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1302 COAP_DEFINE_FAIL_BAD,
1303 &key, role, ret);
1304 }
1305 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1306 &cert,
1307 &pkey,
1308 GNUTLS_X509_FMT_DER)) < 0) {
1309 if (alloced_cert_memory)
1310 gnutls_free(cert.data);
1311 if (alloced_pkey_memory)
1312 gnutls_free(pkey.data);
1313 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1314 COAP_DEFINE_FAIL_NONE,
1315 &key, role, ret);
1316 }
1317 if (alloced_cert_memory)
1318 gnutls_free(cert.data);
1319 if (alloced_pkey_memory)
1320 gnutls_free(pkey.data);
1321 break;
1322 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
1323 gnutls_pkcs11_set_pin_function(pin_callback, &setup_data->pki_key);
1324 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1325 key.key.define.public_cert.s_byte,
1326 key.key.define.private_key.s_byte,
1327 GNUTLS_X509_FMT_DER)) < 0) {
1328 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1329 COAP_DEFINE_FAIL_BAD,
1330 &key, role, ret);
1331 }
1332 break;
1333 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
1334#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1335 gnutls_pkcs11_set_pin_function(pin_callback, setup_data);
1336 if ((ret = gnutls_certificate_set_rawpk_key_file(*pki_credentials,
1337 key.key.define.public_cert.s_byte,
1338 key.key.define.private_key.s_byte,
1339 GNUTLS_X509_FMT_PEM, NULL,
1340 COAP_GNUTLS_KEY_RPK,
1341 NULL, 0, GNUTLS_PKCS_PLAIN, 0))) {
1342 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1343 COAP_DEFINE_FAIL_BAD,
1344 &key, role, ret);
1345 }
1346#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1347 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1348 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
1349#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1350 break;
1351 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
1352 default:
1353 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1354 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1355 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1356 }
1357 }
1358
1359 /*
1360 * Configure the CA
1361 */
1362 if (key.key.define.ca.u_byte &&
1363 key.key.define.ca.u_byte[0]) {
1364 switch (key.key.define.ca_def) {
1365 case COAP_PKI_KEY_DEF_PEM:
1366 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1367 key.key.define.ca.s_byte,
1368 GNUTLS_X509_FMT_PEM) < 0)) {
1369 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1370 COAP_DEFINE_FAIL_BAD,
1371 &key, role, ret);
1372 }
1373 break;
1374 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
1375 if ((ret = check_null_memory(&ca,
1376 key.key.define.ca.u_byte,
1377 key.key.define.ca_len,
1378 &alloced_ca_memory)) < 0) {
1379 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1380 COAP_DEFINE_FAIL_BAD,
1381 &key, role, ret);
1382 }
1383 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1384 &ca,
1385 GNUTLS_X509_FMT_PEM)) < 0) {
1386 if (alloced_ca_memory)
1387 gnutls_free(ca.data);
1388 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1389 COAP_DEFINE_FAIL_BAD,
1390 &key, role, ret);
1391 }
1392 if (alloced_ca_memory)
1393 gnutls_free(ca.data);
1394 break;
1395 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
1396 /* Ignore if set */
1397 break;
1398 case COAP_PKI_KEY_DEF_DER: /* define ca */
1399 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1400 key.key.define.ca.s_byte,
1401 GNUTLS_X509_FMT_DER) < 0)) {
1402 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1403 COAP_DEFINE_FAIL_BAD,
1404 &key, role, ret);
1405 }
1406 break;
1407 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
1408 if ((ret = check_null_memory(&ca,
1409 key.key.define.ca.u_byte,
1410 key.key.define.ca_len,
1411 &alloced_ca_memory)) < 0) {
1412 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1413 COAP_DEFINE_FAIL_BAD,
1414 &key, role, ret);
1415 }
1416 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1417 &ca,
1418 GNUTLS_X509_FMT_DER)) <= 0) {
1419 if (alloced_ca_memory)
1420 gnutls_free(ca.data);
1421 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1422 COAP_DEFINE_FAIL_BAD,
1423 &key, role, ret);
1424 }
1425 if (alloced_ca_memory)
1426 gnutls_free(ca.data);
1427 break;
1428 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
1429 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1430 key.key.define.ca.s_byte,
1431 GNUTLS_X509_FMT_DER)) <= 0) {
1432 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1433 COAP_DEFINE_FAIL_BAD,
1434 &key, role, ret);
1435 }
1436 break;
1437 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
1438 /* Ignore if set */
1439 break;
1440 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
1441 default:
1442 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1443 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1444 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1445 }
1446 }
1447
1448#if (GNUTLS_VERSION_NUMBER >= 0x030020)
1449 if (g_context->trust_store_defined) {
1450 G_CHECK(gnutls_certificate_set_x509_system_trust(*pki_credentials),
1451 "gnutls_certificate_set_x509_system_trust");
1452 }
1453#endif
1454 if (g_context->root_ca_file) {
1455 ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1456 g_context->root_ca_file,
1457 GNUTLS_X509_FMT_PEM);
1458 if (ret == 0) {
1459 coap_log_warn("gnutls_certificate_set_x509_trust_file: Root CA: No certificates found\n");
1460 }
1461 }
1462 if (g_context->root_ca_path) {
1463#if (GNUTLS_VERSION_NUMBER >= 0x030306)
1464 G_CHECK(gnutls_certificate_set_x509_trust_dir(*pki_credentials,
1465 g_context->root_ca_path,
1466 GNUTLS_X509_FMT_PEM),
1467 "gnutls_certificate_set_x509_trust_dir");
1468#endif
1469 }
1470 gnutls_certificate_send_x509_rdn_sequence(g_session,
1471 setup_data->check_common_ca ? 0 : 1);
1472#if (GNUTLS_VERSION_NUMBER >= 0x030020)
1473 if (!(g_context->psk_pki_enabled & IS_PKI) && !g_context->trust_store_defined) {
1474 /* No PKI defined at all - still need a trust set up for 3.6.0 or later */
1475 G_CHECK(gnutls_certificate_set_x509_system_trust(*pki_credentials),
1476 "gnutls_certificate_set_x509_system_trust");
1477 }
1478#endif
1479
1480 /* Verify Peer */
1481 gnutls_certificate_set_verify_function(*pki_credentials,
1482 cert_verify_callback_gnutls);
1483
1484 /* Cert chain checking (can raise GNUTLS_E_CONSTRAINT_ERROR) */
1485 if (setup_data->cert_chain_validation) {
1486 gnutls_certificate_set_verify_limits(*pki_credentials,
1487 0,
1488 setup_data->cert_chain_verify_depth + 2);
1489 }
1490
1491 /*
1492 * Check for self signed
1493 * CRL checking (can raise GNUTLS_CERT_MISSING_OCSP_STATUS)
1494 */
1495 gnutls_certificate_set_verify_flags(*pki_credentials,
1496 (setup_data->check_cert_revocation == 0 ?
1497 GNUTLS_VERIFY_DISABLE_CRL_CHECKS : 0)
1498 );
1499
1500 return GNUTLS_E_SUCCESS;
1501
1502fail:
1503 return ret;
1504}
1505
1506#if COAP_SERVER_SUPPORT
1507/*
1508 * return 0 Success (GNUTLS_E_SUCCESS)
1509 * neg GNUTLS_E_* error code
1510 */
1511static int
1512setup_psk_credentials(gnutls_psk_server_credentials_t *psk_credentials,
1513 coap_gnutls_context_t *g_context COAP_UNUSED,
1514 coap_dtls_spsk_t *setup_data) {
1515 int ret;
1516 char hint[COAP_DTLS_HINT_LENGTH];
1517
1518 G_CHECK(gnutls_psk_allocate_server_credentials(psk_credentials),
1519 "gnutls_psk_allocate_server_credentials");
1520 gnutls_psk_set_server_credentials_function(*psk_credentials,
1521 psk_server_callback);
1522 if (setup_data->psk_info.hint.s) {
1523 snprintf(hint, sizeof(hint), "%.*s", (int)setup_data->psk_info.hint.length,
1524 setup_data->psk_info.hint.s);
1525 G_CHECK(gnutls_psk_set_server_credentials_hint(*psk_credentials, hint),
1526 "gnutls_psk_set_server_credentials_hint");
1527 }
1528
1529 return GNUTLS_E_SUCCESS;
1530
1531fail:
1532 return ret;
1533}
1534
1535/*
1536 * return 0 Success (GNUTLS_E_SUCCESS)
1537 * neg GNUTLS_E_* error code
1538 */
1539static int
1540post_client_hello_gnutls_psk(gnutls_session_t g_session) {
1541 coap_session_t *c_session =
1542 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1543 coap_gnutls_context_t *g_context =
1544 (coap_gnutls_context_t *)c_session->context->dtls_context;
1545 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1546 int ret = GNUTLS_E_SUCCESS;
1547 char *name = NULL;
1548
1549 if (c_session->context->spsk_setup_data.validate_sni_call_back) {
1550 coap_dtls_spsk_t sni_setup_data;
1551 /* DNS names (only type supported) may be at most 256 byte long */
1552 size_t len = 256;
1553 unsigned int type;
1554 unsigned int i;
1555
1556 name = gnutls_malloc(len);
1557 if (name == NULL)
1558 return GNUTLS_E_MEMORY_ERROR;
1559
1560 for (i=0; ;) {
1561 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1562 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1563 char *new_name;
1564 new_name = gnutls_realloc(name, len);
1565 if (new_name == NULL) {
1566 ret = GNUTLS_E_MEMORY_ERROR;
1567 goto end;
1568 }
1569 name = new_name;
1570 continue; /* retry call with same index */
1571 }
1572
1573 /* check if it is the last entry in list */
1574 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1575 break;
1576 i++;
1577 if (ret != GNUTLS_E_SUCCESS)
1578 goto end;
1579 /* unknown types need to be ignored */
1580 if (type != GNUTLS_NAME_DNS)
1581 continue;
1582
1583 }
1584 /* If no extension provided, make it a dummy entry */
1585 if (i == 0) {
1586 name[0] = '\000';
1587 len = 0;
1588 }
1589
1590 /* Is this a cached entry? */
1591 for (i = 0; i < g_context->psk_sni_count; i++) {
1592 if (strcasecmp(name, g_context->psk_sni_entry_list[i].sni) == 0) {
1593 break;
1594 }
1595 }
1596 if (i == g_context->psk_sni_count) {
1597 /*
1598 * New SNI request
1599 */
1600 const coap_dtls_spsk_info_t *new_entry;
1601
1602 coap_lock_callback_ret(new_entry, c_session->context,
1603 c_session->context->spsk_setup_data.validate_sni_call_back(name,
1604 c_session,
1605 c_session->context->spsk_setup_data.sni_call_back_arg));
1606 if (!new_entry) {
1607 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1608 GNUTLS_A_UNRECOGNIZED_NAME));
1609 g_env->sent_alert = 1;
1610 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1611 goto end;
1612 }
1613
1614 g_context->psk_sni_entry_list =
1615 gnutls_realloc(g_context->psk_sni_entry_list,
1616 (i+1)*sizeof(psk_sni_entry));
1617 g_context->psk_sni_entry_list[i].sni = gnutls_strdup(name);
1618 g_context->psk_sni_entry_list[i].psk_info = *new_entry;
1619 sni_setup_data = c_session->context->spsk_setup_data;
1620 sni_setup_data.psk_info = *new_entry;
1621 if ((ret = setup_psk_credentials(
1622 &g_context->psk_sni_entry_list[i].psk_credentials,
1623 g_context,
1624 &sni_setup_data)) < 0) {
1625 int keep_ret = ret;
1626 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1627 GNUTLS_A_BAD_CERTIFICATE));
1628 g_env->sent_alert = 1;
1629 ret = keep_ret;
1630 goto end;
1631 }
1632 g_context->psk_sni_count++;
1633 }
1634 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1635 g_context->psk_sni_entry_list[i].psk_credentials),
1636 "gnutls_credentials_set");
1637 coap_session_refresh_psk_hint(c_session,
1638 &g_context->psk_sni_entry_list[i].psk_info.hint);
1639 coap_session_refresh_psk_key(c_session,
1640 &g_context->psk_sni_entry_list[i].psk_info.key);
1641 }
1642
1643end:
1644 free(name);
1645 return ret;
1646
1647fail:
1648 return ret;
1649}
1650
1651/*
1652 * return 0 Success (GNUTLS_E_SUCCESS)
1653 * neg GNUTLS_E_* error code
1654 */
1655static int
1656post_client_hello_gnutls_pki(gnutls_session_t g_session) {
1657 coap_session_t *c_session =
1658 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1659 coap_gnutls_context_t *g_context =
1660 (coap_gnutls_context_t *)c_session->context->dtls_context;
1661 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1662 int ret = GNUTLS_E_SUCCESS;
1663 char *name = NULL;
1664
1665 if (g_context->setup_data.validate_sni_call_back) {
1666 /* DNS names (only type supported) may be at most 256 byte long */
1667 size_t len = 256;
1668 unsigned int type;
1669 unsigned int i;
1670 coap_dtls_pki_t sni_setup_data;
1671
1672 name = gnutls_malloc(len);
1673 if (name == NULL)
1674 return GNUTLS_E_MEMORY_ERROR;
1675
1676 for (i=0; ;) {
1677 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1678 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1679 char *new_name;
1680 new_name = gnutls_realloc(name, len);
1681 if (new_name == NULL) {
1682 ret = GNUTLS_E_MEMORY_ERROR;
1683 goto end;
1684 }
1685 name = new_name;
1686 continue; /* retry call with same index */
1687 }
1688
1689 /* check if it is the last entry in list */
1690 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1691 break;
1692 i++;
1693 if (ret != GNUTLS_E_SUCCESS)
1694 goto end;
1695 /* unknown types need to be ignored */
1696 if (type != GNUTLS_NAME_DNS)
1697 continue;
1698
1699 }
1700 /* If no extension provided, make it a dummy entry */
1701 if (i == 0) {
1702 name[0] = '\000';
1703 len = 0;
1704 }
1705
1706 /* Is this a cached entry? */
1707 for (i = 0; i < g_context->pki_sni_count; i++) {
1708 if (strcasecmp(name, g_context->pki_sni_entry_list[i].sni) == 0) {
1709 break;
1710 }
1711 }
1712 if (i == g_context->pki_sni_count) {
1713 /*
1714 * New SNI request
1715 */
1716 coap_dtls_key_t *new_entry;
1717
1718 coap_lock_callback_ret(new_entry, c_session->context,
1719 g_context->setup_data.validate_sni_call_back(name,
1720 g_context->setup_data.sni_call_back_arg));
1721 if (!new_entry) {
1722 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1723 GNUTLS_A_UNRECOGNIZED_NAME));
1724 g_env->sent_alert = 1;
1725 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1726 goto end;
1727 }
1728
1729 g_context->pki_sni_entry_list = gnutls_realloc(
1730 g_context->pki_sni_entry_list,
1731 (i+1)*sizeof(pki_sni_entry));
1732 g_context->pki_sni_entry_list[i].sni = gnutls_strdup(name);
1733 g_context->pki_sni_entry_list[i].pki_key = *new_entry;
1734 sni_setup_data = g_context->setup_data;
1735 sni_setup_data.pki_key = *new_entry;
1736 if ((ret = setup_pki_credentials(&g_context->pki_sni_entry_list[i].pki_credentials,
1737 g_session,
1738 g_context,
1739 &sni_setup_data, COAP_DTLS_ROLE_SERVER)) < 0) {
1740 int keep_ret = ret;
1741 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1742 GNUTLS_A_BAD_CERTIFICATE));
1743 g_env->sent_alert = 1;
1744 ret = keep_ret;
1745 goto end;
1746 }
1747 g_context->pki_sni_count++;
1748 }
1749 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1750 g_context->pki_sni_entry_list[i].pki_credentials),
1751 "gnutls_credentials_set");
1752 }
1753
1754end:
1755 free(name);
1756 return ret;
1757
1758fail:
1759 return ret;
1760}
1761#endif /* COAP_SERVER_SUPPORT */
1762
1763#if COAP_CLIENT_SUPPORT
1764/*
1765 * return 0 Success (GNUTLS_E_SUCCESS)
1766 * neg GNUTLS_E_* error code
1767 */
1768static int
1769setup_client_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1770 coap_gnutls_context_t *g_context =
1771 (coap_gnutls_context_t *)c_session->context->dtls_context;
1772 int ret;
1773
1774 g_context->psk_pki_enabled |= IS_CLIENT;
1775 if (g_context->psk_pki_enabled & IS_PSK) {
1776 coap_dtls_cpsk_t *setup_data = &c_session->cpsk_setup_data;
1777 G_CHECK(gnutls_psk_allocate_client_credentials(&g_env->psk_cl_credentials),
1778 "gnutls_psk_allocate_client_credentials");
1779 gnutls_psk_set_client_credentials_function(g_env->psk_cl_credentials,
1780 psk_client_callback);
1781 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1782 g_env->psk_cl_credentials),
1783 "gnutls_credentials_set");
1784 /* Issue SNI if requested */
1785 if (setup_data->client_sni) {
1786 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1787 setup_data->client_sni,
1788 strlen(setup_data->client_sni)),
1789 "gnutls_server_name_set");
1790 }
1791 if (setup_data->validate_ih_call_back) {
1792 const char *err;
1793 coap_tls_version_t *tls_version = coap_get_tls_library_version();
1794
1795 if (tls_version->version >= 0x030604) {
1796 /* Disable TLS1.3 if Identity Hint Callback set */
1797 const char *priority;
1798
1799 if (tls_version->version >= 0x030606) {
1800 priority = VARIANTS_NO_TLS13_3_6_6;
1801 } else {
1802 priority = VARIANTS_NO_TLS13_3_6_4;
1803 }
1804 ret = gnutls_priority_set_direct(g_env->g_session,
1805 priority, &err);
1806 if (ret < 0) {
1807 if (ret == GNUTLS_E_INVALID_REQUEST)
1808 coap_log_warn("gnutls_priority_set_direct: Syntax error at: %s\n", err);
1809 else
1810 coap_log_warn("gnutls_priority_set_direct: %s\n", gnutls_strerror(ret));
1811 goto fail;
1812 }
1813 }
1814 }
1815 }
1816
1817 if ((g_context->psk_pki_enabled & IS_PKI) ||
1818 (g_context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
1819 /*
1820 * If neither PSK or PKI have been set up, use PKI basics.
1821 * This works providing COAP_PKI_KEY_PEM has a value of 0.
1822 */
1823 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1824
1825 if (!(g_context->psk_pki_enabled & IS_PKI)) {
1826 /* PKI not defined - set up some defaults */
1827 setup_data->verify_peer_cert = 1;
1828 setup_data->check_common_ca = 0;
1829 setup_data->allow_self_signed = 1;
1830 setup_data->allow_expired_certs = 1;
1831 setup_data->cert_chain_validation = 1;
1832 setup_data->cert_chain_verify_depth = 2;
1833 setup_data->check_cert_revocation = 1;
1834 setup_data->allow_no_crl = 1;
1835 setup_data->allow_expired_crl = 1;
1836 setup_data->is_rpk_not_cert = 0;
1837 setup_data->use_cid = 0;
1838 }
1839 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1840 g_context, setup_data,
1841 COAP_DTLS_ROLE_CLIENT),
1842 "setup_pki_credentials");
1843
1844 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1845 g_env->pki_credentials),
1846 "gnutls_credentials_set");
1847
1848 if (c_session->proto == COAP_PROTO_TLS)
1849 G_CHECK(gnutls_alpn_set_protocols(g_env->g_session,
1850 &g_context->alpn_proto, 1, 0),
1851 "gnutls_alpn_set_protocols");
1852
1853 /* Issue SNI if requested (only happens if PKI defined) */
1854 if (setup_data->client_sni) {
1855 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1856 setup_data->client_sni,
1857 strlen(setup_data->client_sni)),
1858 "gnutls_server_name_set");
1859 }
1860 }
1861 return GNUTLS_E_SUCCESS;
1862
1863fail:
1864 return ret;
1865}
1866#endif /* COAP_CLIENT_SUPPORT */
1867
1868#if COAP_SERVER_SUPPORT
1869/*
1870 * gnutls_psk_server_credentials_function return values
1871 * (see gnutls_psk_set_server_credentials_function())
1872 *
1873 * return -1 failed
1874 * 0 passed
1875 */
1876static int
1877psk_server_callback(gnutls_session_t g_session,
1878 const char *identity,
1879 gnutls_datum_t *key) {
1880 coap_session_t *c_session =
1881 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1882 coap_gnutls_context_t *g_context;
1883 coap_dtls_spsk_t *setup_data;
1884 coap_bin_const_t lidentity;
1885 const coap_bin_const_t *psk_key;
1886
1887 if (c_session == NULL)
1888 return -1;
1889
1890 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
1891 if (g_context == NULL)
1892 return -1;
1893 setup_data = &c_session->context->spsk_setup_data;
1894
1895
1896 /* Track the Identity being used */
1897 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
1898 lidentity.length = strlen((const char *)lidentity.s);
1899 coap_session_refresh_psk_identity(c_session, &lidentity);
1900
1901 coap_log_debug("got psk_identity: '%.*s'\n",
1902 (int)lidentity.length, (const char *)lidentity.s);
1903
1904 if (setup_data->validate_id_call_back) {
1905 psk_key = setup_data->validate_id_call_back(&lidentity,
1906 c_session,
1907 setup_data->id_call_back_arg);
1908
1909 coap_session_refresh_psk_key(c_session, psk_key);
1910 } else {
1911 psk_key = coap_get_session_server_psk_key(c_session);
1912 }
1913
1914 if (psk_key == NULL)
1915 return -1;
1916
1917 key->data = gnutls_malloc(psk_key->length);
1918 if (key->data == NULL)
1919 return -1;
1920 memcpy(key->data, psk_key->s, psk_key->length);
1921 key->size = psk_key->length;
1922 return 0;
1923}
1924
1925/*
1926 * return 0 Success (GNUTLS_E_SUCCESS)
1927 * neg GNUTLS_E_* error code
1928 */
1929static int
1930setup_server_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1931 coap_gnutls_context_t *g_context =
1932 (coap_gnutls_context_t *)c_session->context->dtls_context;
1933 int ret = GNUTLS_E_SUCCESS;
1934
1935 g_context->psk_pki_enabled |= IS_SERVER;
1936 if (g_context->psk_pki_enabled & IS_PSK) {
1937 G_CHECK(setup_psk_credentials(
1938 &g_env->psk_sv_credentials,
1939 g_context,
1940 &c_session->context->spsk_setup_data),
1941 "setup_psk_credentials\n");
1942 G_CHECK(gnutls_credentials_set(g_env->g_session,
1943 GNUTLS_CRD_PSK,
1944 g_env->psk_sv_credentials),
1945 "gnutls_credentials_set\n");
1946 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1947 post_client_hello_gnutls_psk);
1948 }
1949
1950 if (g_context->psk_pki_enabled & IS_PKI) {
1951 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1952 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1953 g_context, setup_data,
1954 COAP_DTLS_ROLE_SERVER),
1955 "setup_pki_credentials");
1956
1957 if (setup_data->verify_peer_cert) {
1958 gnutls_certificate_server_set_request(g_env->g_session,
1959 GNUTLS_CERT_REQUIRE);
1960 } else if (setup_data->is_rpk_not_cert) {
1961 gnutls_certificate_server_set_request(g_env->g_session,
1962 GNUTLS_CERT_REQUEST);
1963 } else {
1964 gnutls_certificate_server_set_request(g_env->g_session,
1965 GNUTLS_CERT_IGNORE);
1966 }
1967
1968 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1969 post_client_hello_gnutls_pki);
1970
1971 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1972 g_env->pki_credentials),
1973 "gnutls_credentials_set\n");
1974 }
1975 return GNUTLS_E_SUCCESS;
1976
1977fail:
1978 return ret;
1979}
1980#endif /* COAP_SERVER_SUPPORT */
1981
1982/*
1983 * return +ve data amount
1984 * 0 no more
1985 * -1 error (error in errno)
1986 */
1987static ssize_t
1988coap_dgram_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
1989 ssize_t ret = 0;
1990 coap_session_t *c_session = (coap_session_t *)context;
1991 coap_ssl_t *data;
1992
1993 if (!c_session->tls) {
1994 errno = EAGAIN;
1995 return -1;
1996 }
1997 data = &((coap_gnutls_env_t *)c_session->tls)->coap_ssl_data;
1998
1999 if (out != NULL) {
2000 if (data != NULL && data->pdu_len > 0) {
2001 if (outl < data->pdu_len) {
2002 memcpy(out, data->pdu, outl);
2003 ret = outl;
2004 if (!data->peekmode) {
2005 data->pdu += outl;
2006 data->pdu_len -= outl;
2007 }
2008 } else {
2009 memcpy(out, data->pdu, data->pdu_len);
2010 ret = data->pdu_len;
2011 if (!data->peekmode) {
2012 data->pdu_len = 0;
2013 data->pdu = NULL;
2014 }
2015 }
2016 } else {
2017 errno = EAGAIN;
2018 ret = -1;
2019 }
2020 }
2021 return ret;
2022}
2023
2024/*
2025 * return +ve data amount
2026 * 0 no more
2027 * -1 error (error in errno)
2028 */
2029/* callback function given to gnutls for sending data over socket */
2030static ssize_t
2031coap_dgram_write(gnutls_transport_ptr_t context, const void *send_buffer,
2032 size_t send_buffer_length) {
2033 ssize_t result = -1;
2034 coap_session_t *c_session = (coap_session_t *)context;
2035
2036 if (c_session) {
2037 if (!coap_netif_available(c_session)
2038#if COAP_SERVER_SUPPORT
2039 && c_session->endpoint == NULL
2040#endif /* COAP_SERVER_SUPPORT */
2041 ) {
2042 /* socket was closed on client due to error */
2043 errno = ECONNRESET;
2044 return -1;
2045 }
2046 result = c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
2047 send_buffer, send_buffer_length);
2048 if (result != (int)send_buffer_length) {
2049 int keep_errno = errno;
2050
2051 coap_log_warn("coap_netif_dgrm_write failed (%zd != %zu)\n",
2052 result, send_buffer_length);
2053 errno = keep_errno;
2054 if (result < 0) {
2055 return -1;
2056 } else {
2057 result = 0;
2058 }
2059 }
2060 } else {
2061 result = 0;
2062 }
2063 return result;
2064}
2065
2066/*
2067 * return 1 fd has activity
2068 * 0 timeout
2069 * -1 error (error in errno)
2070 */
2071static int
2072receive_timeout(gnutls_transport_ptr_t context, unsigned int ms COAP_UNUSED) {
2073 coap_session_t *c_session = (coap_session_t *)context;
2074
2075 if (c_session) {
2076 fd_set readfds, writefds, exceptfds;
2077 struct timeval tv;
2078 int nfds = c_session->sock.fd +1;
2079 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2080
2081 /* If data has been read in by libcoap ahead of GnuTLS, say it is there */
2082 if (c_session->proto == COAP_PROTO_DTLS && g_env &&
2083 g_env->coap_ssl_data.pdu_len > 0) {
2084 return 1;
2085 }
2086
2087 FD_ZERO(&readfds);
2088 FD_ZERO(&writefds);
2089 FD_ZERO(&exceptfds);
2090 FD_SET(c_session->sock.fd, &readfds);
2091 if (!(g_env && g_env->doing_dtls_timeout)) {
2092 FD_SET(c_session->sock.fd, &writefds);
2093 FD_SET(c_session->sock.fd, &exceptfds);
2094 }
2095 /* Polling */
2096 tv.tv_sec = 0;
2097 tv.tv_usec = 0;
2098
2099 return select(nfds, &readfds, &writefds, &exceptfds, &tv);
2100 }
2101 return 1;
2102}
2103
2104static coap_gnutls_env_t *
2105coap_dtls_new_gnutls_env(coap_session_t *c_session, int type) {
2106 coap_gnutls_context_t *g_context =
2107 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2108 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2109#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2110 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2111#else /* < 3.6.6 */
2112 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK;
2113#endif /* < 3.6.6 */
2114 int ret;
2115
2116 if (g_env)
2117 return g_env;
2118
2119 g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2120 if (!g_env)
2121 return NULL;
2122
2123 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2124
2125 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2126
2127 gnutls_transport_set_pull_function(g_env->g_session, coap_dgram_read);
2128 gnutls_transport_set_push_function(g_env->g_session, coap_dgram_write);
2129 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2130 /* So we can track the coap_session_t in callbacks */
2131 gnutls_transport_set_ptr(g_env->g_session, c_session);
2132
2133 G_CHECK(gnutls_priority_set(g_env->g_session, g_context->priority_cache),
2134 "gnutls_priority_set");
2135
2136 if (type == GNUTLS_SERVER) {
2137#if COAP_SERVER_SUPPORT
2138 G_CHECK(setup_server_ssl_session(c_session, g_env),
2139 "setup_server_ssl_session");
2140#else /* ! COAP_SERVER_SUPPORT */
2141 goto fail;
2142#endif /* ! COAP_SERVER_SUPPORT */
2143 } else {
2144#if COAP_CLIENT_SUPPORT
2145 G_CHECK(setup_client_ssl_session(c_session, g_env),
2146 "setup_client_ssl_session");
2147#else /* COAP_CLIENT_SUPPORT */
2148 goto fail;
2149#endif /* COAP_CLIENT_SUPPORT */
2150 }
2151
2152 gnutls_handshake_set_timeout(g_env->g_session,
2153 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2154 gnutls_dtls_set_timeouts(g_env->g_session, COAP_DTLS_RETRANSMIT_MS,
2155 COAP_DTLS_RETRANSMIT_TOTAL_MS);
2156
2157 return g_env;
2158
2159fail:
2160 if (g_env)
2161 gnutls_free(g_env);
2162 return NULL;
2163}
2164
2165static void
2166coap_dtls_free_gnutls_env(coap_gnutls_context_t *g_context,
2167 coap_gnutls_env_t *g_env,
2168 coap_free_bye_t free_bye) {
2169 if (g_env) {
2170 /* It is suggested not to use GNUTLS_SHUT_RDWR in DTLS
2171 * connections because the peer's closure message might
2172 * be lost */
2173 if (free_bye != COAP_FREE_BYE_NONE && !g_env->sent_alert) {
2174 /* Only do this if appropriate */
2175 gnutls_bye(g_env->g_session, free_bye == COAP_FREE_BYE_AS_UDP ?
2176 GNUTLS_SHUT_WR : GNUTLS_SHUT_RDWR);
2177 }
2178 gnutls_deinit(g_env->g_session);
2179 g_env->g_session = NULL;
2180 if (g_context->psk_pki_enabled & IS_PSK) {
2181 if ((g_context->psk_pki_enabled & IS_CLIENT) &&
2182 g_env->psk_cl_credentials != NULL) {
2183 gnutls_psk_free_client_credentials(g_env->psk_cl_credentials);
2184 g_env->psk_cl_credentials = NULL;
2185 } else {
2186 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
2187 if (g_env->psk_sv_credentials != NULL)
2188 gnutls_psk_free_server_credentials(g_env->psk_sv_credentials);
2189 g_env->psk_sv_credentials = NULL;
2190 }
2191 }
2192 if ((g_context->psk_pki_enabled & IS_PKI) ||
2193 (g_context->psk_pki_enabled &
2194 (IS_PSK | IS_PKI | IS_CLIENT)) == IS_CLIENT) {
2195 gnutls_certificate_free_credentials(g_env->pki_credentials);
2196 g_env->pki_credentials = NULL;
2197 }
2198 gnutls_free(g_env->coap_ssl_data.cookie_key.data);
2199 gnutls_free(g_env);
2200 }
2201}
2202
2203#if COAP_SERVER_SUPPORT
2204void *
2205coap_dtls_new_server_session(coap_session_t *c_session) {
2206 coap_gnutls_env_t *g_env =
2207 (coap_gnutls_env_t *)c_session->tls;
2208
2209 gnutls_transport_set_ptr(g_env->g_session, c_session);
2210
2211 return g_env;
2212}
2213#endif /* COAP_SERVER_SUPPORT */
2214
2215static void
2216log_last_alert(coap_session_t *c_session,
2217 gnutls_session_t g_session) {
2218#if COAP_MAX_LOGGING_LEVEL > 0
2219 int last_alert = gnutls_alert_get(g_session);
2220
2221 if (last_alert == GNUTLS_A_CLOSE_NOTIFY)
2222 coap_log_debug("***%s: Alert '%d': %s\n",
2223 coap_session_str(c_session),
2224 last_alert, gnutls_alert_get_name(last_alert));
2225 else
2226 coap_log_warn("***%s: Alert '%d': %s\n",
2227 coap_session_str(c_session),
2228 last_alert, gnutls_alert_get_name(last_alert));
2229#else /* COAP_MAX_LOGGING_LEVEL == 0 */
2230 (void)c_session;
2231 (void)g_session;
2232#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
2233}
2234
2235/*
2236 * return -1 failure
2237 * 0 not completed
2238 * 1 established
2239 */
2240static int
2241do_gnutls_handshake(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
2242 int ret;
2243
2244 ret = gnutls_handshake(g_env->g_session);
2245 switch (ret) {
2246 case GNUTLS_E_SUCCESS:
2247 g_env->established = 1;
2248 coap_log_debug("* %s: GnuTLS established\n",
2249 coap_session_str(c_session));
2250 ret = 1;
2251 break;
2252 case GNUTLS_E_INTERRUPTED:
2253 errno = EINTR;
2254 ret = 0;
2255 break;
2256 case GNUTLS_E_AGAIN:
2257 errno = EAGAIN;
2258 ret = 0;
2259 break;
2260 case GNUTLS_E_INSUFFICIENT_CREDENTIALS:
2261 coap_log_warn("Insufficient credentials provided.\n");
2262 ret = -1;
2263 break;
2264 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2265 /* Stop the sending of an alert on closedown */
2266 g_env->sent_alert = 1;
2267 log_last_alert(c_session, g_env->g_session);
2268 /* Fall through */
2269 case GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET:
2270 case GNUTLS_E_UNEXPECTED_PACKET:
2271 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2272 ret = -1;
2273 break;
2274 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2275 log_last_alert(c_session, g_env->g_session);
2276 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2277 ret = 0;
2278 break;
2279 case GNUTLS_E_NO_CERTIFICATE_FOUND:
2280#if (GNUTLS_VERSION_NUMBER > 0x030606)
2281 case GNUTLS_E_CERTIFICATE_REQUIRED:
2282#endif /* GNUTLS_VERSION_NUMBER > 0x030606 */
2283 coap_log_warn("Client Certificate requested and required, but not provided\n"
2284 );
2285 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2286 GNUTLS_A_BAD_CERTIFICATE));
2287 g_env->sent_alert = 1;
2288 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2289 ret = -1;
2290 break;
2291 case GNUTLS_E_DECRYPTION_FAILED:
2292 coap_log_warn("do_gnutls_handshake: session establish "
2293 "returned '%s'\n",
2294 gnutls_strerror(ret));
2295 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2296 GNUTLS_A_DECRYPT_ERROR));
2297 g_env->sent_alert = 1;
2298 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2299 ret = -1;
2300 break;
2301 case GNUTLS_E_CERTIFICATE_ERROR:
2302 if (g_env->sent_alert) {
2303 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2304 ret = -1;
2305 break;
2306 }
2307 /* Fall through */
2308 case GNUTLS_E_UNKNOWN_CIPHER_SUITE:
2309 case GNUTLS_E_NO_CIPHER_SUITES:
2310 case GNUTLS_E_INVALID_SESSION:
2311 coap_log_warn("do_gnutls_handshake: session establish "
2312 "returned '%s'\n",
2313 gnutls_strerror(ret));
2314 if (!g_env->sent_alert) {
2315 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2316 GNUTLS_A_HANDSHAKE_FAILURE));
2317 g_env->sent_alert = 1;
2318 }
2319 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2320 ret = -1;
2321 break;
2322 case GNUTLS_E_SESSION_EOF:
2323 case GNUTLS_E_PREMATURE_TERMINATION:
2324 case GNUTLS_E_TIMEDOUT:
2325 case GNUTLS_E_PULL_ERROR:
2326 case GNUTLS_E_PUSH_ERROR:
2327 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2328 ret = -1;
2329 break;
2330 default:
2331 coap_log_warn("do_gnutls_handshake: session establish "
2332 "returned %d: '%s'\n",
2333 ret, gnutls_strerror(ret));
2334 ret = -1;
2335 break;
2336 }
2337 return ret;
2338}
2339
2340#if COAP_CLIENT_SUPPORT
2341void *
2342coap_dtls_new_client_session(coap_session_t *c_session) {
2343 coap_gnutls_env_t *g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_CLIENT);
2344 int ret;
2345
2346 if (g_env) {
2347 ret = do_gnutls_handshake(c_session, g_env);
2348 if (ret == -1) {
2349 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2350 g_env,
2351 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2352 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2353 return NULL;
2354 }
2355 }
2356 return g_env;
2357}
2358#endif /* COAP_CLIENT_SUPPORT */
2359
2360void
2361coap_dtls_free_session(coap_session_t *c_session) {
2362 if (c_session && c_session->context && c_session->tls) {
2363 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2364 c_session->tls,
2365 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2366 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2367 c_session->tls = NULL;
2368 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CLOSED, c_session);
2369 }
2370}
2371
2372void
2373coap_dtls_session_update_mtu(coap_session_t *c_session) {
2374 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2375 int ret;
2376
2377 if (g_env)
2378 G_CHECK(gnutls_dtls_set_data_mtu(g_env->g_session,
2379 (unsigned int)c_session->mtu),
2380 "gnutls_dtls_set_data_mtu");
2381fail:
2382 ;;
2383}
2384
2385/*
2386 * return +ve data amount
2387 * 0 no more
2388 * -1 error
2389 */
2390ssize_t
2391coap_dtls_send(coap_session_t *c_session,
2392 const uint8_t *data, size_t data_len) {
2393 int ret;
2394 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2395
2396 assert(g_env != NULL);
2397
2398 c_session->dtls_event = -1;
2399 coap_log_debug("* %s: dtls: sent %4d bytes\n",
2400 coap_session_str(c_session), (int)data_len);
2401 if (g_env->established) {
2402 ret = gnutls_record_send(g_env->g_session, data, data_len);
2403
2404 if (ret <= 0) {
2405 switch (ret) {
2406 case GNUTLS_E_AGAIN:
2407 ret = 0;
2408 break;
2409 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2410 /* Stop the sending of an alert on closedown */
2411 g_env->sent_alert = 1;
2412 log_last_alert(c_session, g_env->g_session);
2413 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2414 ret = -1;
2415 break;
2416 default:
2417 coap_log_debug("coap_dtls_send: gnutls_record_send "
2418 "returned %d: '%s'\n",
2419 ret, gnutls_strerror(ret));
2420 ret = -1;
2421 break;
2422 }
2423 if (ret == -1) {
2424 coap_log_warn("coap_dtls_send: cannot send PDU\n");
2425 }
2426 }
2427 } else {
2428 ret = do_gnutls_handshake(c_session, g_env);
2429 if (ret == 1) {
2430 /* Just connected, so send the data */
2431 return coap_dtls_send(c_session, data, data_len);
2432 }
2433 ret = -1;
2434 }
2435
2436 if (c_session->dtls_event >= 0) {
2437 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2438 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2439 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2440 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2441 ret = -1;
2442 }
2443 }
2444
2445 return ret;
2446}
2447
2448int
2449coap_dtls_is_context_timeout(void) {
2450 return 0;
2451}
2452
2453coap_tick_t
2454coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED) {
2455 return 0;
2456}
2457
2458coap_tick_t
2459coap_dtls_get_timeout(coap_session_t *c_session, coap_tick_t now) {
2460 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2461
2462 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2463 if (g_env && g_env->g_session) {
2464 unsigned int rem_ms = gnutls_dtls_get_timeout(g_env->g_session);
2465
2466 if (rem_ms == 0) {
2467 /*
2468 * Need to make sure that we do not do this too frequently as some
2469 * versions of gnutls reset retransmit if a spurious packet is received
2470 * (e.g. duplicate Client Hello), but last_transmit does not get updated
2471 * when gnutls_handshake() is called and there is 'nothing' to resend.
2472 */
2473 if (g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS > now)
2474 return g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS;
2475 }
2476 /* Reset for the next time */
2477 g_env->last_timeout = now;
2478 return now + rem_ms;
2479 }
2480
2481 return 0;
2482}
2483
2484/*
2485 * return 1 timed out
2486 * 0 still timing out
2487 */
2488int
2489coap_dtls_handle_timeout(coap_session_t *c_session) {
2490 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2491
2492 assert(g_env != NULL && c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2493 g_env->doing_dtls_timeout = 1;
2494 if ((++c_session->dtls_timeout_count > c_session->max_retransmit) ||
2495 (do_gnutls_handshake(c_session, g_env) < 0)) {
2496 /* Too many retries */
2497 g_env->doing_dtls_timeout = 0;
2498 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2499 return 1;
2500 } else {
2501 g_env->doing_dtls_timeout = 0;
2502 return 0;
2503 }
2504}
2505
2506/*
2507 * return +ve data amount
2508 * 0 no more
2509 * -1 error
2510 */
2511int
2512coap_dtls_receive(coap_session_t *c_session, const uint8_t *data,
2513 size_t data_len) {
2514 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2515 int ret = 0;
2516 coap_ssl_t *ssl_data = &g_env->coap_ssl_data;
2517
2518 uint8_t pdu[COAP_RXBUFFER_SIZE];
2519
2520 assert(g_env != NULL);
2521
2522 if (ssl_data->pdu_len)
2523 coap_log_err("** %s: Previous data not read %u bytes\n",
2524 coap_session_str(c_session), ssl_data->pdu_len);
2525 ssl_data->pdu = data;
2526 ssl_data->pdu_len = data_len;
2527
2528 c_session->dtls_event = -1;
2529 if (g_env->established) {
2530 if (c_session->state == COAP_SESSION_STATE_HANDSHAKE) {
2531 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2532 c_session);
2533 gnutls_transport_set_ptr(g_env->g_session, c_session);
2534 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2535 }
2536 ret = gnutls_record_recv(g_env->g_session, pdu, (int)sizeof(pdu));
2537 if (ret > 0) {
2538 coap_log_debug("* %s: dtls: recv %4d bytes\n",
2539 coap_session_str(c_session), ret);
2540 return coap_handle_dgram(c_session->context, c_session, pdu, (size_t)ret);
2541 } else if (ret == 0) {
2542 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2543 } else {
2544 switch (ret) {
2545 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2546 /* Stop the sending of an alert on closedown */
2547 g_env->sent_alert = 1;
2548 log_last_alert(c_session, g_env->g_session);
2549 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2550 ret = -1;
2551 break;
2552 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2553 log_last_alert(c_session, g_env->g_session);
2554 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2555 ret = 0;
2556 break;
2557 default:
2558 coap_log_warn("coap_dtls_receive: gnutls_record_recv returned %d\n", ret);
2559 ret = -1;
2560 break;
2561 }
2562 }
2563 } else {
2564 ret = do_gnutls_handshake(c_session, g_env);
2565 if (ret == 1) {
2566 coap_session_connected(c_session);
2567 } else {
2568 ret = -1;
2569 if (ssl_data->pdu_len && !g_env->sent_alert) {
2570 /* Do the handshake again incase of internal timeout */
2571 ret = do_gnutls_handshake(c_session, g_env);
2572 if (ret == 1) {
2573 /* Just connected, so send the data */
2574 coap_session_connected(c_session);
2575 }
2576 }
2577 }
2578 }
2579
2580 if (c_session->dtls_event >= 0) {
2581 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2582 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2583 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2584 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2585 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2586 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2587 ssl_data = NULL;
2588 ret = -1;
2589 }
2590 }
2591 if (ssl_data && ssl_data->pdu_len) {
2592 /* pdu data is held on stack which will not stay there */
2593 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2594 ssl_data->pdu_len = 0;
2595 ssl_data->pdu = NULL;
2596 }
2597 return ret;
2598}
2599
2600#if COAP_SERVER_SUPPORT
2601/*
2602 * return -1 failure
2603 * 0 not completed
2604 * 1 client hello seen
2605 */
2606int
2607coap_dtls_hello(coap_session_t *c_session,
2608 const uint8_t *data,
2609 size_t data_len
2610 ) {
2611 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2612 coap_ssl_t *ssl_data;
2613 int ret;
2614
2615 if (!g_env) {
2616 g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_SERVER);
2617 if (g_env) {
2618 c_session->tls = g_env;
2619 gnutls_key_generate(&g_env->coap_ssl_data.cookie_key,
2620 GNUTLS_COOKIE_KEY_SIZE);
2621 } else {
2622 /* error should have already been reported */
2623 return -1;
2624 }
2625 }
2626 if (data_len > 0) {
2627 gnutls_dtls_prestate_st prestate;
2628 uint8_t *data_rw;
2629
2630 memset(&prestate, 0, sizeof(prestate));
2631 /* Need to do this to not get a compiler warning about const parameters */
2632 memcpy(&data_rw, &data, sizeof(data_rw));
2633 ret = gnutls_dtls_cookie_verify(&g_env->coap_ssl_data.cookie_key,
2634 &c_session->addr_info,
2635 sizeof(c_session->addr_info),
2636 data_rw, data_len,
2637 &prestate);
2638 if (ret < 0) { /* cookie not valid */
2639 coap_log_debug("Invalid Cookie - sending Hello Verify\n");
2640 gnutls_dtls_cookie_send(&g_env->coap_ssl_data.cookie_key,
2641 &c_session->addr_info,
2642 sizeof(c_session->addr_info),
2643 &prestate,
2644 c_session,
2645 coap_dgram_write);
2646 return 0;
2647 }
2648 gnutls_dtls_prestate_set(g_env->g_session, &prestate);
2649 }
2650
2651 ssl_data = &g_env->coap_ssl_data;
2652 ssl_data->pdu = data;
2653 ssl_data->pdu_len = data_len;
2654
2655 ret = do_gnutls_handshake(c_session, g_env);
2656 if (ret < 0) {
2657 /*
2658 * as the above failed, need to remove g_env to clean up any
2659 * pollution of the information
2660 */
2661 coap_dtls_free_gnutls_env(((coap_gnutls_context_t *)c_session->context->dtls_context),
2662 g_env, COAP_FREE_BYE_NONE);
2663 c_session->tls = NULL;
2664 ssl_data = NULL;
2665 ret = -1;
2666 } else {
2667 /* Client Hello has been seen */
2668 ret = 1;
2669 }
2670
2671 if (ssl_data && ssl_data->pdu_len) {
2672 /* pdu data is held on stack which will not stay there */
2673 coap_log_debug("coap_dtls_hello: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2674 ssl_data->pdu_len = 0;
2675 ssl_data->pdu = NULL;
2676 }
2677 return ret;
2678}
2679#endif /* COAP_SERVER_SUPPORT */
2680
2681unsigned int
2682coap_dtls_get_overhead(coap_session_t *c_session COAP_UNUSED) {
2683 return 37;
2684}
2685
2686#if !COAP_DISABLE_TCP
2687/*
2688 * strm
2689 * return +ve data amount
2690 * 0 connection closed
2691 * -1 error (error in errno)
2692 */
2693static ssize_t
2694coap_sock_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
2695 int ret = 0;
2696 coap_session_t *c_session = (coap_session_t *)context;
2697
2698 if (out != NULL) {
2699 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_read(c_session, out, outl);
2700 /* Translate layer returns into what GnuTLS expects */
2701 if (ret == 0) {
2702 errno = EAGAIN;
2703 ret = -1;
2704 }
2705 }
2706 return ret;
2707}
2708
2709/*
2710 * strm
2711 * return +ve data amount
2712 * 0 no more
2713 * -1 error (error in errno)
2714 */
2715static ssize_t
2716coap_sock_write(gnutls_transport_ptr_t context, const void *in, size_t inl) {
2717 int ret = 0;
2718 coap_session_t *c_session = (coap_session_t *)context;
2719
2720 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session, in, inl);
2721 /* Translate layer what returns into what GnuTLS expects */
2722 if (ret < 0) {
2723 if ((c_session->state == COAP_SESSION_STATE_CSM ||
2724 c_session->state == COAP_SESSION_STATE_HANDSHAKE) &&
2725 (errno == EPIPE || errno == ECONNRESET)) {
2726 /*
2727 * Need to handle a TCP timing window where an agent continues with
2728 * the sending of the next handshake or a CSM.
2729 * However, the peer does not like a certificate and so sends a
2730 * fatal alert and closes the TCP session.
2731 * The sending of the next handshake or CSM may get terminated because
2732 * of the closed TCP session, but there is still an outstanding alert
2733 * to be read in and reported on.
2734 * In this case, pretend that sending the info was fine so that the
2735 * alert can be read (which effectively is what happens with DTLS).
2736 */
2737 ret = inl;
2738 } else {
2739 coap_log_debug("* %s: failed to send %zd bytes (%s) state %d\n",
2740 coap_session_str(c_session), inl, coap_socket_strerror(),
2741 c_session->state);
2742 }
2743 }
2744 if (ret == 0) {
2745 errno = EAGAIN;
2746 ret = -1;
2747 }
2748 return ret;
2749}
2750
2751#if COAP_CLIENT_SUPPORT
2752void *
2753coap_tls_new_client_session(coap_session_t *c_session) {
2754 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2755 coap_gnutls_context_t *g_context =
2756 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2757#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2758 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2759#else /* < 3.6.6 */
2760 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK;
2761#endif /* < 3.6.6 */
2762 int ret;
2763
2764 if (!g_env) {
2765 return NULL;
2766 }
2767 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2768
2769 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2770
2771 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2772 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2773 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2774 /* So we can track the coap_session_t in callbacks */
2775 gnutls_transport_set_ptr(g_env->g_session, c_session);
2776
2777 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2778 setup_client_ssl_session(c_session, g_env);
2779
2780 gnutls_handshake_set_timeout(g_env->g_session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2781
2782 c_session->tls = g_env;
2783 ret = do_gnutls_handshake(c_session, g_env);
2784 if (ret == 1) {
2785 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED, c_session);
2786 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2787 }
2788 return g_env;
2789
2790fail:
2791 if (g_env)
2792 gnutls_free(g_env);
2793 return NULL;
2794}
2795#endif /* COAP_CLIENT_SUPPORT */
2796
2797#if COAP_SERVER_SUPPORT
2798void *
2799coap_tls_new_server_session(coap_session_t *c_session) {
2800 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2801 coap_gnutls_context_t *g_context =
2802 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2803#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2804 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2805#else /* < 3.6.6 */
2806 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK;
2807#endif /* < 3.6.6 */
2808 int ret;
2809
2810 if (!g_env)
2811 return NULL;
2812 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2813
2814 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2815
2816 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2817 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2818 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2819 /* So we can track the coap_session_t in callbacks */
2820 gnutls_transport_set_ptr(g_env->g_session, c_session);
2821
2822 setup_server_ssl_session(c_session, g_env);
2823
2824 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2825 gnutls_handshake_set_timeout(g_env->g_session,
2826 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2827
2828 c_session->tls = g_env;
2829 ret = do_gnutls_handshake(c_session, g_env);
2830 if (ret == 1) {
2831 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED, c_session);
2832 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2833 }
2834 return g_env;
2835
2836fail:
2837 return NULL;
2838}
2839#endif /* COAP_SERVER_SUPPORT */
2840
2841void
2842coap_tls_free_session(coap_session_t *c_session) {
2843 coap_dtls_free_session(c_session);
2844 return;
2845}
2846
2847/*
2848 * strm
2849 * return +ve Number of bytes written.
2850 * -1 Error (error in errno).
2851 */
2852ssize_t
2853coap_tls_write(coap_session_t *c_session, const uint8_t *data,
2854 size_t data_len) {
2855 int ret;
2856 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2857
2858 assert(g_env != NULL);
2859
2860 c_session->dtls_event = -1;
2861 if (g_env->established) {
2862 ret = gnutls_record_send(g_env->g_session, data, data_len);
2863
2864 if (ret <= 0) {
2865 switch (ret) {
2866 case GNUTLS_E_AGAIN:
2867 ret = 0;
2868 break;
2869 case GNUTLS_E_PUSH_ERROR:
2870 case GNUTLS_E_PULL_ERROR:
2871 case GNUTLS_E_PREMATURE_TERMINATION:
2872 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2873 break;
2874 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2875 /* Stop the sending of an alert on closedown */
2876 g_env->sent_alert = 1;
2877 log_last_alert(c_session, g_env->g_session);
2878 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2879 break;
2880 default:
2881 coap_log_warn("coap_tls_write: gnutls_record_send "
2882 "returned %d: '%s'\n",
2883 ret, gnutls_strerror(ret));
2884 ret = -1;
2885 break;
2886 }
2887 if (ret == -1) {
2888 coap_log_info("coap_tls_write: cannot send PDU\n");
2889 }
2890 }
2891 } else {
2892 ret = do_gnutls_handshake(c_session, g_env);
2893 if (ret == 1) {
2894 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2895 c_session);
2896 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2897 ret = 0;
2898 } else {
2899 ret = -1;
2900 }
2901 }
2902
2903 if (c_session->dtls_event >= 0) {
2904 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2905 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2906 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2907 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2908 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2909 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2910 ret = -1;
2911 }
2912 }
2913
2914 if (ret > 0) {
2915 if (ret == (ssize_t)data_len)
2916 coap_log_debug("* %s: tls: sent %4d bytes\n",
2917 coap_session_str(c_session), ret);
2918 else
2919 coap_log_debug("* %s: tls: sent %4d of %4zd bytes\n",
2920 coap_session_str(c_session), ret, data_len);
2921 }
2922 return ret;
2923}
2924
2925/*
2926 * strm
2927 * return >=0 Number of bytes read.
2928 * -1 Error (error in errno).
2929 */
2930ssize_t
2931coap_tls_read(coap_session_t *c_session, uint8_t *data, size_t data_len) {
2932 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2933 int ret = -1;
2934
2935 if (!g_env) {
2936 errno = ENXIO;
2937 return -1;
2938 }
2939
2940 c_session->dtls_event = -1;
2941 if (!g_env->established && !g_env->sent_alert) {
2942 ret = do_gnutls_handshake(c_session, g_env);
2943 if (ret == 1) {
2944 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2945 c_session);
2946 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2947 ret = 0;
2948 }
2949 }
2950 if (c_session->state != COAP_SESSION_STATE_NONE && g_env->established) {
2951 ret = gnutls_record_recv(g_env->g_session, data, (int)data_len);
2952 if (ret <= 0) {
2953 switch (ret) {
2954 case 0:
2955 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2956 break;
2957 case GNUTLS_E_AGAIN:
2958 errno = EAGAIN;
2959 ret = 0;
2960 break;
2961 case GNUTLS_E_PULL_ERROR:
2962 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2963 break;
2964 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2965 /* Stop the sending of an alert on closedown */
2966 g_env->sent_alert = 1;
2967 log_last_alert(c_session, g_env->g_session);
2968 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2969 break;
2970 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2971 log_last_alert(c_session, g_env->g_session);
2972 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2973 break;
2974 default:
2975 coap_log_warn("coap_tls_read: gnutls_record_recv "
2976 "returned %d: '%s'\n",
2977 ret, gnutls_strerror(ret));
2978 ret = -1;
2979 break;
2980 }
2981 }
2982 }
2983
2984 if (c_session->dtls_event >= 0) {
2985 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2986 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2987 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2988 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2989 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2990 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2991 ret = -1;
2992 }
2993 }
2994 if (ret > 0) {
2995 coap_log_debug("* %s: tls: recv %4d bytes\n",
2996 coap_session_str(c_session), ret);
2997 }
2998 return ret;
2999}
3000#endif /* !COAP_DISABLE_TCP */
3001
3002#if COAP_SERVER_SUPPORT
3003coap_digest_ctx_t *
3004coap_digest_setup(void) {
3005 gnutls_hash_hd_t digest_ctx;
3006
3007 if (gnutls_hash_init(&digest_ctx, GNUTLS_DIG_SHA256)) {
3008 return NULL;
3009 }
3010 return digest_ctx;
3011}
3012
3013void
3014coap_digest_free(coap_digest_ctx_t *digest_ctx) {
3015 if (digest_ctx)
3016 gnutls_hash_deinit(digest_ctx, NULL);
3017}
3018
3019int
3020coap_digest_update(coap_digest_ctx_t *digest_ctx,
3021 const uint8_t *data,
3022 size_t data_len) {
3023 int ret = gnutls_hash(digest_ctx, data, data_len);
3024
3025 return ret == 0;
3026}
3027
3028int
3029coap_digest_final(coap_digest_ctx_t *digest_ctx,
3030 coap_digest_t *digest_buffer) {
3031 gnutls_hash_output(digest_ctx, (uint8_t *)digest_buffer);
3032
3033 coap_digest_free(digest_ctx);
3034 return 1;
3035}
3036#endif /* COAP_SERVER_SUPPORT */
3037
3038#if COAP_WS_SUPPORT
3039/*
3040 * The struct hash_algs and the function get_hash_alg() are used to
3041 * determine which hash type to use for creating the required hash object.
3042 */
3043static struct hash_algs {
3044 cose_alg_t alg;
3045 gnutls_digest_algorithm_t dig_type;
3046 size_t dig_size;
3047} hashs[] = {
3048 {COSE_ALGORITHM_SHA_1, GNUTLS_DIG_SHA1, 20},
3049 {COSE_ALGORITHM_SHA_256_256, GNUTLS_DIG_SHA256, 32},
3050 {COSE_ALGORITHM_SHA_512, GNUTLS_DIG_SHA512, 64},
3051};
3052
3053static gnutls_digest_algorithm_t
3054get_hash_alg(cose_alg_t alg, size_t *hash_len) {
3055 size_t idx;
3056
3057 for (idx = 0; idx < sizeof(hashs) / sizeof(struct hash_algs); idx++) {
3058 if (hashs[idx].alg == alg) {
3059 *hash_len = hashs[idx].dig_size;
3060 return hashs[idx].dig_type;
3061 }
3062 }
3063 coap_log_debug("get_hash_alg: COSE hash %d not supported\n", alg);
3064 return GNUTLS_DIG_UNKNOWN;
3065}
3066
3067int
3068coap_crypto_hash(cose_alg_t alg,
3069 const coap_bin_const_t *data,
3070 coap_bin_const_t **hash) {
3071 size_t hash_length;
3072 gnutls_digest_algorithm_t dig_type = get_hash_alg(alg, &hash_length);
3073 gnutls_hash_hd_t digest_ctx;
3074 coap_binary_t *dummy = NULL;
3075 int ret;
3076
3077 if (dig_type == GNUTLS_DIG_UNKNOWN) {
3078 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
3079 return 0;
3080 }
3081
3082 if (gnutls_hash_init(&digest_ctx, dig_type)) {
3083 return 0;
3084 }
3085 ret = gnutls_hash(digest_ctx, data->s, data->length);
3086 if (ret != 0)
3087 goto error;
3088
3089 dummy = coap_new_binary(hash_length);
3090 if (!dummy)
3091 goto error;
3092 gnutls_hash_output(digest_ctx, dummy->s);
3093
3094 *hash = (coap_bin_const_t *)(dummy);
3095 gnutls_hash_deinit(digest_ctx, NULL);
3096 return 1;
3097
3098error:
3099 coap_delete_binary(dummy);
3100 gnutls_hash_deinit(digest_ctx, NULL);
3101 return 0;
3102}
3103#endif /* COAP_WS_SUPPORT */
3104
3105#if COAP_OSCORE_SUPPORT
3106int
3107coap_oscore_is_supported(void) {
3108 return 1;
3109}
3110
3111/*
3112 * The struct cipher_algs and the function get_cipher_alg() are used to
3113 * determine which cipher type to use for creating the required cipher
3114 * suite object.
3115 */
3116static struct cipher_algs {
3117 cose_alg_t alg;
3118 gnutls_cipher_algorithm_t cipher_type;
3119} ciphers[] = {{COSE_ALGORITHM_AES_CCM_16_64_128, GNUTLS_CIPHER_AES_128_CCM_8},
3120 {COSE_ALGORITHM_AES_CCM_16_64_256, GNUTLS_CIPHER_AES_256_CCM_8}
3121};
3122
3123static gnutls_cipher_algorithm_t
3124get_cipher_alg(cose_alg_t alg) {
3125 size_t idx;
3126
3127 for (idx = 0; idx < sizeof(ciphers) / sizeof(struct cipher_algs); idx++) {
3128 if (ciphers[idx].alg == alg)
3129 return ciphers[idx].cipher_type;
3130 }
3131 coap_log_debug("get_cipher_alg: COSE cipher %d not supported\n", alg);
3132 return 0;
3133}
3134
3135/*
3136 * The struct hmac_algs and the function get_hmac_alg() are used to
3137 * determine which hmac type to use for creating the required hmac
3138 * suite object.
3139 */
3140static struct hmac_algs {
3141 cose_hmac_alg_t hmac_alg;
3142 gnutls_mac_algorithm_t hmac_type;
3143} hmacs[] = {
3144 {COSE_HMAC_ALG_HMAC256_256, GNUTLS_MAC_SHA256},
3145 {COSE_HMAC_ALG_HMAC512_512, GNUTLS_MAC_SHA512},
3146};
3147
3148static gnutls_mac_algorithm_t
3149get_hmac_alg(cose_hmac_alg_t hmac_alg) {
3150 size_t idx;
3151
3152 for (idx = 0; idx < sizeof(hmacs) / sizeof(struct hmac_algs); idx++) {
3153 if (hmacs[idx].hmac_alg == hmac_alg)
3154 return hmacs[idx].hmac_type;
3155 }
3156 coap_log_debug("get_hmac_alg: COSE HMAC %d not supported\n", hmac_alg);
3157 return 0;
3158}
3159
3160int
3161coap_crypto_check_cipher_alg(cose_alg_t alg) {
3162 return get_cipher_alg(alg);
3163}
3164
3165int
3166coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg) {
3167 cose_hmac_alg_t hmac_alg;
3168
3169 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
3170 return 0;
3171 return get_hmac_alg(hmac_alg);
3172}
3173
3174int
3175coap_crypto_aead_encrypt(const coap_crypto_param_t *params,
3176 coap_bin_const_t *data,
3177 coap_bin_const_t *aad,
3178 uint8_t *result,
3179 size_t *max_result_len) {
3180 gnutls_aead_cipher_hd_t ctx;
3181 gnutls_datum_t key;
3182 const coap_crypto_aes_ccm_t *ccm;
3183 int ret = 0;
3184 size_t result_len = *max_result_len;
3185 gnutls_cipher_algorithm_t algo;
3186 unsigned tag_size;
3187 uint8_t *key_data_rw;
3188 coap_bin_const_t laad;
3189
3190 if (data == NULL)
3191 return 0;
3192
3193 assert(params != NULL);
3194 if (!params) {
3195 return 0;
3196 }
3197 if ((algo = get_cipher_alg(params->alg)) == 0) {
3198 coap_log_debug("coap_crypto_encrypt: algorithm %d not supported\n",
3199 params->alg);
3200 return 0;
3201 }
3202 tag_size = gnutls_cipher_get_tag_size(algo);
3203 ccm = &params->params.aes;
3204
3205 /* Get a RW copy of data */
3206 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3207 key.data = key_data_rw;
3208 key.size = ccm->key.length;
3209
3210 if (aad) {
3211 laad = *aad;
3212 } else {
3213 laad.s = NULL;
3214 laad.length = 0;
3215 }
3216
3217 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3218
3219 G_CHECK(gnutls_aead_cipher_encrypt(ctx,
3220 ccm->nonce,
3221 15 - ccm->l, /* iv */
3222 laad.s,
3223 laad.length, /* ad */
3224 tag_size,
3225 data->s,
3226 data->length, /* input */
3227 result,
3228 &result_len), /* output */
3229 "gnutls_aead_cipher_encrypt");
3230 *max_result_len = result_len;
3231 ret = 1;
3232fail:
3233 gnutls_aead_cipher_deinit(ctx);
3234 return ret == 1 ? 1 : 0;
3235}
3236
3237int
3238coap_crypto_aead_decrypt(const coap_crypto_param_t *params,
3239 coap_bin_const_t *data,
3240 coap_bin_const_t *aad,
3241 uint8_t *result,
3242 size_t *max_result_len) {
3243 gnutls_aead_cipher_hd_t ctx;
3244 gnutls_datum_t key;
3245 const coap_crypto_aes_ccm_t *ccm;
3246 int ret = 0;
3247 size_t result_len = *max_result_len;
3248 gnutls_cipher_algorithm_t algo;
3249 unsigned tag_size;
3250 uint8_t *key_data_rw;
3251 coap_bin_const_t laad;
3252
3253 if (data == NULL)
3254 return 0;
3255
3256 assert(params != NULL);
3257
3258 if (!params) {
3259 return 0;
3260 }
3261 if ((algo = get_cipher_alg(params->alg)) == 0) {
3262 coap_log_debug("coap_crypto_decrypt: algorithm %d not supported\n",
3263 params->alg);
3264 return 0;
3265 }
3266 tag_size = gnutls_cipher_get_tag_size(algo);
3267 ccm = &params->params.aes;
3268
3269 /* Get a RW copy of data */
3270 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3271 key.data = key_data_rw;
3272 key.size = ccm->key.length;
3273
3274 if (aad) {
3275 laad = *aad;
3276 } else {
3277 laad.s = NULL;
3278 laad.length = 0;
3279 }
3280
3281 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3282
3283 G_CHECK(gnutls_aead_cipher_decrypt(ctx,
3284 ccm->nonce,
3285 15 - ccm->l, /* iv */
3286 laad.s,
3287 laad.length, /* ad */
3288 tag_size,
3289 data->s,
3290 data->length, /* input */
3291 result,
3292 &result_len), /* output */
3293 "gnutls_aead_cipher_decrypt");
3294 *max_result_len = result_len;
3295 ret = 1;
3296fail:
3297 gnutls_aead_cipher_deinit(ctx);
3298 return ret == 1 ? 1 : 0;
3299}
3300
3301int
3302coap_crypto_hmac(cose_hmac_alg_t hmac_alg,
3303 coap_bin_const_t *key,
3304 coap_bin_const_t *data,
3305 coap_bin_const_t **hmac) {
3306 gnutls_hmac_hd_t ctx;
3307 int ret = 0;
3308 unsigned len;
3309 gnutls_mac_algorithm_t mac_algo;
3310 coap_binary_t *dummy = NULL;
3311
3312 if (data == NULL)
3313 return 0;
3314
3315 if ((mac_algo = get_hmac_alg(hmac_alg)) == 0) {
3316 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
3317 return 0;
3318 }
3319 len = gnutls_hmac_get_len(mac_algo);
3320 if (len == 0)
3321 return 0;
3322
3323 dummy = coap_new_binary(len);
3324 if (dummy == NULL)
3325 return 0;
3326 G_CHECK(gnutls_hmac_init(&ctx, mac_algo, key->s, key->length),
3327 "gnutls_hmac_init");
3328 G_CHECK(gnutls_hmac(ctx, data->s, data->length), "gnutls_hmac");
3329 gnutls_hmac_output(ctx, dummy->s);
3330 *hmac = (coap_bin_const_t *)dummy;
3331 dummy = NULL;
3332 ret = 1;
3333fail:
3334 coap_delete_binary(dummy);
3335 gnutls_hmac_deinit(ctx, NULL);
3336 return ret == 1 ? 1 : 0;
3337}
3338
3339#endif /* COAP_OSCORE_SUPPORT */
3340
3341#else /* !COAP_WITH_LIBGNUTLS */
3342
3343#ifdef __clang__
3344/* Make compilers happy that do not like empty modules. As this function is
3345 * never used, we ignore -Wunused-function at the end of compiling this file
3346 */
3347#pragma GCC diagnostic ignored "-Wunused-function"
3348#endif
3349static inline void
3350dummy(void) {
3351}
3352
3353#endif /* !COAP_WITH_LIBGNUTLS */
min
#define min(a, b)
Definition coap_block.c:19
dummy
static void dummy(void)
Definition coap_gnutls.c:3350
coap_socket_strerror
const char * coap_socket_strerror(void)
Definition coap_io.c:2291
COAP_RXBUFFER_SIZE
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:29
COAP_NACK_TLS_FAILED
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:66
COAP_LAYER_TLS
@ COAP_LAYER_TLS
Definition coap_layers_internal.h:25
coap_libcoap_build.h
Library specific build wrapper for coap_internal.h.
coap_dtls_context_set_pki
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:108
coap_dtls_get_timeout
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:229
coap_tls_read
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:301
coap_dtls_get_context_timeout
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:224
coap_dtls_receive
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:243
coap_dtls_get_tls
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:158
coap_dtls_get_overhead
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:261
coap_dtls_context_load_pki_trust_store
int coap_dtls_context_load_pki_trust_store(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:124
dtls_log_level
static coap_log_t dtls_log_level
Definition coap_notls.c:151
coap_dtls_context_check_keys_enabled
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:147
coap_dtls_send
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:212
coap_tls_write
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:289
coap_dtls_session_update_mtu
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:208
coap_dtls_context_set_pki_root_cas
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:116
coap_dtls_handle_timeout
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:238
coap_dtls_free_context
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:186
coap_dtls_free_session
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:204
coap_dtls_new_context
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:181
coap_tls_free_session
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:280
get_asn1_spki
coap_binary_t * get_asn1_spki(const uint8_t *data, size_t size)
Abstract SPKI public key from the ASN1.
Definition coap_asn1.c:122
coap_digest_free
void coap_digest_free(coap_digest_ctx_t *digest_ctx)
Free off coap_digest_ctx_t.
coap_digest_final
int coap_digest_final(coap_digest_ctx_t *digest_ctx, coap_digest_t *digest_buffer)
Finalize the coap_digest information into the provided digest_buffer.
coap_digest_update
int coap_digest_update(coap_digest_ctx_t *digest_ctx, const uint8_t *data, size_t data_len)
Update the coap_digest information with the next chunk of data.
coap_digest_ctx_t
void coap_digest_ctx_t
Definition coap_cache_internal.h:164
coap_digest_setup
coap_digest_ctx_t * coap_digest_setup(void)
Initialize a coap_digest.
coap_tick_t
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:143
coap_handle_event_lkd
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:4707
coap_handle_dgram
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:2746
coap_crypto_hmac
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
coap_crypto_aead_decrypt
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
coap_crypto_aead_encrypt
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
coap_crypto_hash
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
coap_crypto_check_hkdf_alg
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
coap_crypto_check_cipher_alg
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
coap_tls_new_server_session
void * coap_tls_new_server_session(coap_session_t *coap_session)
Create a TLS new server-side session.
coap_get_session_client_psk_identity
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *coap_session)
Get the current client's PSK identity.
coap_dtls_startup
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:154
coap_dtls_define_issue
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
coap_dtls_new_client_session
void * coap_dtls_new_client_session(coap_session_t *coap_session)
Create a new client-side session.
coap_dtls_new_server_session
void * coap_dtls_new_server_session(coap_session_t *coap_session)
Create a new DTLS server-side session.
coap_dtls_hello
int coap_dtls_hello(coap_session_t *coap_session, const uint8_t *data, size_t data_len)
Handling client HELLO messages from a new candiate peer.
coap_dtls_set_cid_tuple_change
int coap_dtls_set_cid_tuple_change(coap_context_t *context, uint8_t every)
Set the Connection ID client tuple frequency change for testing CIDs.
coap_dtls_is_context_timeout
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:219
coap_dtls_context_set_cpsk
int coap_dtls_context_set_cpsk(coap_context_t *coap_context, coap_dtls_cpsk_t *setup_data)
Set the DTLS context's default client PSK information.
coap_dtls_context_set_spsk
int coap_dtls_context_set_spsk(coap_context_t *coap_context, coap_dtls_spsk_t *setup_data)
Set the DTLS context's default server PSK information.
coap_dtls_shutdown
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:166
coap_get_session_client_psk_key
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
coap_tls_new_client_session
void * coap_tls_new_client_session(coap_session_t *coap_session)
Create a new TLS client-side session.
COAP_DTLS_RETRANSMIT_COAP_TICKS
#define COAP_DTLS_RETRANSMIT_COAP_TICKS
Definition coap_dtls_internal.h:39
coap_dtls_map_key_type_to_define
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
coap_get_session_server_psk_key
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_PRIVATE
Definition coap_dtls_internal.h:50
COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_CA
Definition coap_dtls_internal.h:47
COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_KEY_PUBLIC
Definition coap_dtls_internal.h:49
COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NONE
Definition coap_dtls_internal.h:56
COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
Definition coap_dtls_internal.h:55
COAP_DEFINE_FAIL_BAD
@ COAP_DEFINE_FAIL_BAD
Definition coap_dtls_internal.h:54
COAP_DTLS_HINT_LENGTH
#define COAP_DTLS_HINT_LENGTH
Definition coap_dtls.h:35
coap_get_tls_library_version
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:100
coap_dtls_role_t
coap_dtls_role_t
Definition coap_dtls.h:44
COAP_DTLS_RPK_CERT_CN
#define COAP_DTLS_RPK_CERT_CN
Definition coap_dtls.h:49
coap_tls_library_t
coap_tls_library_t
Definition coap_dtls.h:70
COAP_PKI_KEY_DEF_PKCS11
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:245
COAP_PKI_KEY_DEF_DER_BUF
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:242
COAP_PKI_KEY_DEF_PEM_BUF
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:236
COAP_PKI_KEY_DEF_PEM
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:234
COAP_PKI_KEY_DEF_ENGINE
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:251
COAP_PKI_KEY_DEF_RPK_BUF
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:238
COAP_PKI_KEY_DEF_DER
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:240
COAP_PKI_KEY_DEF_PKCS11_RPK
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:248
COAP_DTLS_ROLE_SERVER
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:46
COAP_DTLS_ROLE_CLIENT
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:45
COAP_PKI_KEY_DEFINE
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:172
COAP_TLS_LIBRARY_GNUTLS
@ COAP_TLS_LIBRARY_GNUTLS
Using GnuTLS library.
Definition coap_dtls.h:74
COAP_EVENT_DTLS_CLOSED
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:39
COAP_EVENT_DTLS_CONNECTED
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:41
COAP_EVENT_DTLS_ERROR
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:45
coap_lock_callback_ret
#define coap_lock_callback_ret(r, c, func)
Dummy for no thread-safe code.
Definition coap_threadsafe_internal.h:520
coap_log_debug
#define coap_log_debug(...)
Definition coap_debug.h:120
coap_log_t
coap_log_t
Logging type.
Definition coap_debug.h:50
coap_dtls_get_log_level
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:176
coap_dtls_log
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:300
coap_dtls_set_log_level
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:171
coap_session_str
const char * coap_session_str(const coap_session_t *session)
Get session description.
Definition coap_session.c:2338
coap_log_info
#define coap_log_info(...)
Definition coap_debug.h:108
coap_log_warn
#define coap_log_warn(...)
Definition coap_debug.h:102
coap_log_err
#define coap_log_err(...)
Definition coap_debug.h:96
COAP_LOG_EMERG
@ COAP_LOG_EMERG
Definition coap_debug.h:51
COAP_LOG_DEBUG
@ COAP_LOG_DEBUG
Definition coap_debug.h:58
COAP_LOG_WARN
@ COAP_LOG_WARN
Definition coap_debug.h:55
coap_netif_available
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
cose_get_hmac_alg_for_hkdf
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
Definition oscore_cose.c:179
cose_hkdf_alg_t
cose_hkdf_alg_t
Definition oscore_cose.h:165
cose_hmac_alg_t
cose_hmac_alg_t
Definition oscore_cose.h:157
cose_alg_t
cose_alg_t
Definition oscore_cose.h:126
COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC256_256
Definition oscore_cose.h:159
COSE_HMAC_ALG_HMAC512_512
@ COSE_HMAC_ALG_HMAC512_512
Definition oscore_cose.h:161
COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_256_256
Definition oscore_cose.h:134
COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_SHA_1
Definition oscore_cose.h:136
COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_AES_CCM_16_64_128
Definition oscore_cose.h:145
COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_SHA_512
Definition oscore_cose.h:128
COSE_ALGORITHM_AES_CCM_16_64_256
@ COSE_ALGORITHM_AES_CCM_16_64_256
Definition oscore_cose.h:146
COAP_PROTO_DTLS
@ COAP_PROTO_DTLS
Definition coap_pdu.h:315
COAP_PROTO_TLS
@ COAP_PROTO_TLS
Definition coap_pdu.h:317
coap_session_refresh_psk_hint
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
Definition coap_session.c:1761
coap_session_refresh_psk_key
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
Definition coap_session.c:1790
coap_session_connected
void coap_session_connected(coap_session_t *session)
Notify session that it has just connected or reconnected.
Definition coap_session.c:890
coap_session_refresh_psk_identity
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
Definition coap_session.c:1818
coap_session_disconnected_lkd
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
Definition coap_session.c:1011
COAP_PROTO_NOT_RELIABLE
#define COAP_PROTO_NOT_RELIABLE(p)
Definition coap_session.h:37
COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_HANDSHAKE
Definition coap_session.h:58
COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_CSM
Definition coap_session.h:59
COAP_SESSION_STATE_NONE
@ COAP_SESSION_STATE_NONE
Definition coap_session.h:56
coap_new_binary
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:77
coap_delete_binary
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
Definition coap_str.c:105
coap_dtls_cid_is_supported
int coap_dtls_cid_is_supported(void)
Check whether (D)TLS CID is available.
Definition coap_notls.c:86
coap_dtls_psk_is_supported
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
coap_tls_is_supported
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
coap_oscore_is_supported
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
Definition coap_oscore.c:2197
coap_dtls_is_supported
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
coap_dtls_pki_is_supported
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
coap_dtls_rpk_is_supported
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
coap_dtls_pkcs11_is_supported
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
COAP_UNUSED
#define COAP_UNUSED
Definition libcoap.h:70
coap_bin_const_t
CoAP binary data definition with const data.
Definition coap_str.h:64
coap_bin_const_t::length
size_t length
length of binary data
Definition coap_str.h:65
coap_bin_const_t::s
const uint8_t * s
read-only binary data
Definition coap_str.h:66
coap_binary_t
CoAP binary data definition.
Definition coap_str.h:56
coap_binary_t::length
size_t length
length of binary data
Definition coap_str.h:57
coap_binary_t::s
uint8_t * s
binary data
Definition coap_str.h:58
coap_context_t
The CoAP stack's global state is stored in a coap_context_t object.
Definition coap_net_internal.h:50
coap_context_t::dtls_context
void * dtls_context
Definition coap_net_internal.h:144
coap_context_t::spsk_setup_data
coap_dtls_spsk_t spsk_setup_data
Contains the initial PSK server setup data.
Definition coap_net_internal.h:147
coap_crypto_aes_ccm_t
The structure that holds the AES Crypto information.
Definition coap_crypto_internal.h:49
coap_crypto_aes_ccm_t::l
size_t l
The number of bytes in the length field.
Definition coap_crypto_internal.h:53
coap_crypto_aes_ccm_t::nonce
const uint8_t * nonce
must be exactly 15 - l bytes
Definition coap_crypto_internal.h:51
coap_crypto_aes_ccm_t::key
coap_crypto_key_t key
The Key to use.
Definition coap_crypto_internal.h:50
coap_crypto_param_t
The common structure that holds the Crypto information.
Definition coap_crypto_internal.h:59
coap_crypto_param_t::params
union coap_crypto_param_t::@2 params
coap_crypto_param_t::aes
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
Definition coap_crypto_internal.h:62
coap_crypto_param_t::alg
cose_alg_t alg
The COSE algorith to use.
Definition coap_crypto_internal.h:60
coap_digest_t
Definition coap_cache_internal.h:33
coap_dtls_cpsk_info_t
The structure that holds the Client PSK information.
Definition coap_dtls.h:379
coap_dtls_cpsk_info_t::key
coap_bin_const_t key
Definition coap_dtls.h:381
coap_dtls_cpsk_info_t::identity
coap_bin_const_t identity
Definition coap_dtls.h:380
coap_dtls_cpsk_t
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:410
coap_dtls_cpsk_t::use_cid
uint8_t use_cid
Set to 1 if DTLS Connection ID is to be used.
Definition coap_dtls.h:417
coap_dtls_cpsk_t::ih_call_back_arg
void * ih_call_back_arg
Passed in to the Identity Hint callback function.
Definition coap_dtls.h:434
coap_dtls_cpsk_t::client_sni
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:437
coap_dtls_cpsk_t::validate_ih_call_back
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:433
coap_dtls_cpsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_CPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:415
coap_dtls_key_t
The structure that holds the PKI key information.
Definition coap_dtls.h:279
coap_dtls_key_t::define
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:286
coap_dtls_key_t::key
union coap_dtls_key_t::@3 key
coap_dtls_key_t::key_type
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:280
coap_dtls_pki_t
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:312
coap_dtls_pki_t::allow_no_crl
uint8_t allow_no_crl
1 ignore if CRL not there
Definition coap_dtls.h:326
coap_dtls_pki_t::cert_chain_validation
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:323
coap_dtls_pki_t::use_cid
uint8_t use_cid
1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
Definition coap_dtls.h:333
coap_dtls_pki_t::check_cert_revocation
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:325
coap_dtls_pki_t::cert_chain_verify_depth
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:324
coap_dtls_pki_t::allow_expired_certs
uint8_t allow_expired_certs
1 if expired certs are allowed
Definition coap_dtls.h:322
coap_dtls_pki_t::verify_peer_cert
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:317
coap_dtls_pki_t::client_sni
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:368
coap_dtls_pki_t::allow_self_signed
uint8_t allow_self_signed
1 if self-signed certs are allowed.
Definition coap_dtls.h:320
coap_dtls_pki_t::allow_expired_crl
uint8_t allow_expired_crl
1 if expired crl is allowed
Definition coap_dtls.h:327
coap_dtls_pki_t::is_rpk_not_cert
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:330
coap_dtls_pki_t::check_common_ca
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:318
coap_dtls_pki_t::pki_key
coap_dtls_key_t pki_key
PKI key definition.
Definition coap_dtls.h:373
coap_dtls_spsk_info_t
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:450
coap_dtls_spsk_info_t::hint
coap_bin_const_t hint
Definition coap_dtls.h:451
coap_dtls_spsk_t
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:501
coap_dtls_spsk_t::validate_sni_call_back
coap_dtls_psk_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:530
coap_dtls_spsk_t::validate_id_call_back
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:522
coap_dtls_spsk_t::id_call_back_arg
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:523
coap_dtls_spsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_SPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:506
coap_dtls_spsk_t::sni_call_back_arg
void * sni_call_back_arg
Passed in to the SNI callback function.
Definition coap_dtls.h:531
coap_dtls_spsk_t::psk_info
coap_dtls_spsk_info_t psk_info
Server PSK definition.
Definition coap_dtls.h:533
coap_layer_func_t::l_read
coap_layer_read_t l_read
Definition coap_layers_internal.h:107
coap_layer_func_t::l_write
coap_layer_write_t l_write
Definition coap_layers_internal.h:108
coap_layer_func_t::l_establish
coap_layer_establish_t l_establish
Definition coap_layers_internal.h:109
coap_pki_key_define_t::public_cert
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:261
coap_pki_key_define_t::user_pin
const char * user_pin
define: User pin to access type PKCS11.
Definition coap_dtls.h:271
coap_pki_key_define_t::private_key
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:262
coap_pki_key_define_t::ca
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:260
coap_pki_key_define_t::public_cert_len
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:264
coap_pki_key_define_t::ca_len
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:263
coap_pki_key_define_t::private_key_def
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:268
coap_pki_key_define_t::private_key_len
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:265
coap_pki_key_define_t::ca_def
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:266
coap_pki_key_define_t::public_cert_def
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:267
coap_session_t
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
Definition coap_session_internal.h:68
coap_session_t::dtls_timeout_count
unsigned int dtls_timeout_count
dtls setup retry counter
Definition coap_session_internal.h:177
coap_session_t::endpoint
coap_endpoint_t * endpoint
session's endpoint
Definition coap_session_internal.h:85
coap_session_t::sock
coap_socket_t sock
socket object for the session, if any
Definition coap_session_internal.h:82
coap_session_t::state
coap_session_state_t state
current state of relationship with peer
Definition coap_session_internal.h:71
coap_session_t::addr_info
coap_addr_tuple_t addr_info
remote/local address info
Definition coap_session_internal.h:79
coap_session_t::proto
coap_proto_t proto
protocol used
Definition coap_session_internal.h:69
coap_session_t::cpsk_setup_data
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
Definition coap_session_internal.h:117
coap_session_t::mtu
size_t mtu
path or CSM mtu (xmt)
Definition coap_session_internal.h:75
coap_session_t::dtls_event
int dtls_event
Tracking any (D)TLS events on this session.
Definition coap_session_internal.h:178
coap_session_t::tls
void * tls
security parameters
Definition coap_session_internal.h:88
coap_session_t::max_retransmit
uint16_t max_retransmit
maximum re-transmit count (default 4)
Definition coap_session_internal.h:152
coap_session_t::context
coap_context_t * context
session's context
Definition coap_session_internal.h:87
coap_socket_t::lfunc
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
Definition coap_io_internal.h:68
coap_socket_t::fd
coap_fd_t fd
Definition coap_io_internal.h:57
coap_str_const_t
CoAP string data definition with const data.
Definition coap_str.h:46
coap_str_const_t::s
const uint8_t * s
read-only string data
Definition coap_str.h:48
coap_str_const_t::length
size_t length
length of string
Definition coap_str.h:47
coap_tls_version_t
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:83
coap_tls_version_t::built_version
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:86
coap_tls_version_t::type
coap_tls_library_t type
Library type.
Definition coap_dtls.h:85
coap_tls_version_t::version
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:84
coap_const_char_ptr_t::s_byte
const char * s_byte
signed char ptr
Definition coap_str.h:73
coap_const_char_ptr_t::u_byte
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:74