libcoap 4.3.5-develop-72190a8
Loading...
Searching...
No Matches
coap_gnutls.c
Go to the documentation of this file.
1/*
2 * coap_gnutls.c -- GnuTLS Datagram Transport Layer Support for libcoap
3 *
4 * Copyright (C) 2017 Dag Bjorklund <dag.bjorklund@comsel.fi>
5 * Copyright (C) 2018-2024 Jon Shallow <supjps-libcoap@jpshallow.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
18/*
19 * Naming used to prevent confusion between coap sessions, gnutls sessions etc.
20 * when reading the code.
21 *
22 * c_context A coap_context_t *
23 * c_session A coap_session_t *
24 * g_context A coap_gnutls_context_t * (held in c_context->dtls_context)
25 * g_session A gnutls_session_t (which has the * in the typedef)
26 * g_env A coap_gnutls_env_t * (held in c_session->tls)
27 */
28
29/*
30 * Notes
31 *
32 * There is a memory leak in GnuTLS prior to 3.3.26 when hint is not freed off
33 * when server psk credentials are freed off.
34 *
35 * ca_path in coap_dtls_context_set_pki_root_cas() is not supported until 3.3.6
36 *
37 * Identity Hint is not provided if using DH and versions prior to 3.4.4
38 *
39 * 3.5.5 or later is required to interoperate with TinyDTLS as CCM algorithm
40 * support is required.
41 *
42 * TLS 1.3 is properly supported from 3.6.5 onwards
43 * (but is not enabled by default in 3.6.4)
44 *
45 * Starting with 3.6.3, fixed in 3.6.13, Client Hellos may fail with some
46 * server implementations (e.g. Californium) as random value is all zeros
47 * - CVE-2020-11501 - a security weakness.
48 * 3.6.6 or later is required to support Raw Public Key(RPK)
49 */
50
52
53#ifdef COAP_WITH_LIBGNUTLS
54
55#define MIN_GNUTLS_VERSION "3.3.0"
56
57#include <stdio.h>
58#include <gnutls/gnutls.h>
59#include <gnutls/x509.h>
60#include <gnutls/dtls.h>
61#include <gnutls/pkcs11.h>
62#include <gnutls/crypto.h>
63#include <gnutls/abstract.h>
64#include <unistd.h>
65#if (GNUTLS_VERSION_NUMBER >= 0x030606)
66#define COAP_GNUTLS_KEY_RPK GNUTLS_KEY_DIGITAL_SIGNATURE | \
67 GNUTLS_KEY_NON_REPUDIATION | \
68 GNUTLS_KEY_KEY_ENCIPHERMENT | \
69 GNUTLS_KEY_DATA_ENCIPHERMENT | \
70 GNUTLS_KEY_KEY_AGREEMENT | \
71 GNUTLS_KEY_KEY_CERT_SIGN
72#endif /* GNUTLS_VERSION_NUMBER >= 0x030606 */
73
74#ifndef GNUTLS_CRT_RAW
75#define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK
76#endif /* GNUTLS_CRT_RAW */
77
78#ifdef _WIN32
79#define strcasecmp _stricmp
80#endif
81
82typedef struct coap_ssl_t {
83 const uint8_t *pdu;
84 unsigned pdu_len;
85 unsigned peekmode;
86 gnutls_datum_t cookie_key;
87} coap_ssl_t;
88
89/*
90 * This structure encapsulates the GnuTLS session object.
91 * It handles both TLS and DTLS.
92 * c_session->tls points to this.
93 */
94typedef struct coap_gnutls_env_t {
95 gnutls_session_t g_session;
96 gnutls_psk_client_credentials_t psk_cl_credentials;
97 gnutls_psk_server_credentials_t psk_sv_credentials;
98 gnutls_certificate_credentials_t pki_credentials;
99 coap_ssl_t coap_ssl_data;
100 /* If not set, need to do gnutls_handshake */
101 int established;
102 int doing_dtls_timeout;
103 coap_tick_t last_timeout;
104 int sent_alert;
105} coap_gnutls_env_t;
106
107#define IS_PSK (1 << 0)
108#define IS_PKI (1 << 1)
109#define IS_CLIENT (1 << 6)
110#define IS_SERVER (1 << 7)
111
112typedef struct pki_sni_entry {
113 char *sni;
114 coap_dtls_key_t pki_key;
115 gnutls_certificate_credentials_t pki_credentials;
116} pki_sni_entry;
117
118typedef struct psk_sni_entry {
119 char *sni;
120 coap_dtls_spsk_info_t psk_info;
121 gnutls_psk_server_credentials_t psk_credentials;
122} psk_sni_entry;
123
124typedef struct coap_gnutls_context_t {
125 coap_dtls_pki_t setup_data;
126 int psk_pki_enabled;
127 size_t pki_sni_count;
128 pki_sni_entry *pki_sni_entry_list;
129 size_t psk_sni_count;
130 psk_sni_entry *psk_sni_entry_list;
131 gnutls_datum_t alpn_proto; /* Will be "coap", but that is a const */
132 char *root_ca_file;
133 char *root_ca_path;
134 gnutls_priority_t priority_cache;
135} coap_gnutls_context_t;
136
137typedef enum coap_free_bye_t {
138 COAP_FREE_BYE_AS_TCP,
139 COAP_FREE_BYE_AS_UDP,
140 COAP_FREE_BYE_NONE
141} coap_free_bye_t;
142
143#define VARIANTS_3_6_6 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL:+SHA256"
144#define VARIANTS_3_5_5 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8"
145#define VARIANTS_BASE "NORMAL:+ECDHE-PSK:+PSK"
146
147#define VARIANTS_NO_TLS13_3_6_6 VARIANTS_3_6_6 ":-VERS-TLS1.3"
148#define VARIANTS_NO_TLS13_3_6_4 VARIANTS_3_5_5 ":-VERS-TLS1.3"
149
150#define G_ACTION(xx) do { \
151 ret = (xx); \
152 } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
153
154#define G_CHECK(xx,func) do { \
155 if ((ret = (xx)) < 0) { \
156 coap_log_warn("%s: '%s'\n", func, gnutls_strerror(ret)); \
157 goto fail; \
158 } \
159 } while (0)
160
161#define G_ACTION_CHECK(xx,func) do { \
162 G_ACTION(xx); \
163 G_CHECK(xx, func); \
164 } while 0
165
167
168#if COAP_SERVER_SUPPORT
169static int post_client_hello_gnutls_pki(gnutls_session_t g_session);
170static int post_client_hello_gnutls_psk(gnutls_session_t g_session);
171static int psk_server_callback(gnutls_session_t g_session,
172 const char *identity,
173 gnutls_datum_t *key);
174#endif /* COAP_SERVER_SUPPORT */
175
176/*
177 * return 0 failed
178 * 1 passed
179 */
180int
182 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
183 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
184 return 0;
185 }
186 return 1;
187}
188
189/*
190 * return 0 failed
191 * 1 passed
192 */
193int
195#if !COAP_DISABLE_TCP
196 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
197 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
198 return 0;
199 }
200 return 1;
201#else /* COAP_DISABLE_TCP */
202 return 0;
203#endif /* COAP_DISABLE_TCP */
204}
205
206/*
207 * return 0 failed
208 * 1 passed
209 */
210int
212 return 1;
213}
214
215/*
216 * return 0 failed
217 * 1 passed
218 */
219int
221 return 1;
222}
223
224/*
225 * return 0 failed
226 * 1 passed
227 */
228int
230 return 1;
231}
232
233/*
234 * return 0 failed
235 * 1 passed
236 */
237int
239#if (GNUTLS_VERSION_NUMBER >= 0x030606)
240 return 1;
241#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
242 return 0;
243#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
244}
245
246/*
247 * return 0 failed
248 * 1 passed
249 */
250int
252 return 0;
253}
254
255#if COAP_CLIENT_SUPPORT
256int
257coap_dtls_set_cid_tuple_change(coap_context_t *c_context, uint8_t every) {
258 (void)c_context;
259 (void)every;
260 return 0;
261}
262#endif /* COAP_CLIENT_SUPPORT */
263
266 static coap_tls_version_t version;
267 const char *vers = gnutls_check_version(NULL);
268
269 version.version = 0;
270 if (vers) {
271 int p1, p2, p3;
272
273 sscanf(vers, "%d.%d.%d", &p1, &p2, &p3);
274 version.version = (p1 << 16) | (p2 << 8) | p3;
275 }
276 version.built_version = GNUTLS_VERSION_NUMBER;
278 return &version;
279}
280
281static void
282coap_gnutls_audit_log_func(gnutls_session_t g_session, const char *text) {
283#if COAP_MAX_LOGGING_LEVEL > 0
284 if (g_session) {
285 coap_session_t *c_session =
286 (coap_session_t *)gnutls_transport_get_ptr(g_session);
287 coap_log_warn("** %s: %s",
288 coap_session_str(c_session), text);
289 } else {
290 coap_log_warn("** (null): %s", text);
291 }
292#else /* COAP_MAX_LOGGING_LEVEL == 0 */
293 (void)g_session;
294 (void)text;
295#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
296}
297
298static void
299coap_gnutls_log_func(int level, const char *text) {
300 /* Things get noisy, even at level 1 */
301 if (level > 0)
302 level += COAP_LOG_WARN;
303 if (level > COAP_LOG_DEBUG)
304 level = COAP_LOG_DEBUG;
305 coap_dtls_log(level, "%s", text);
306}
307
308/*
309 * return 0 failed
310 * 1 passed
311 */
312int
314 const coap_dtls_pki_t *setup_data,
315 const coap_dtls_role_t role COAP_UNUSED) {
316 coap_dtls_key_t key;
317 coap_gnutls_context_t *g_context =
318 ((coap_gnutls_context_t *)c_context->dtls_context);
319
320 if (!g_context || !setup_data)
321 return 0;
322
323 g_context->setup_data = *setup_data;
324 if (!g_context->setup_data.verify_peer_cert) {
325 /* Needs to be clear so that no CA DNs are transmitted */
326 g_context->setup_data.check_common_ca = 0;
327 if (g_context->setup_data.is_rpk_not_cert) {
328 /* Disable all of these as they cannot be checked */
329 g_context->setup_data.allow_self_signed = 0;
330 g_context->setup_data.allow_expired_certs = 0;
331 g_context->setup_data.cert_chain_validation = 0;
332 g_context->setup_data.cert_chain_verify_depth = 0;
333 g_context->setup_data.check_cert_revocation = 0;
334 g_context->setup_data.allow_no_crl = 0;
335 g_context->setup_data.allow_expired_crl = 0;
336 g_context->setup_data.allow_bad_md_hash = 0;
337 g_context->setup_data.allow_short_rsa_length = 0;
338 } else {
339 /* Allow all of these but warn if issue */
340 g_context->setup_data.allow_self_signed = 1;
341 g_context->setup_data.allow_expired_certs = 1;
342 g_context->setup_data.cert_chain_validation = 1;
343 g_context->setup_data.cert_chain_verify_depth = 10;
344 g_context->setup_data.check_cert_revocation = 1;
345 g_context->setup_data.allow_no_crl = 1;
346 g_context->setup_data.allow_expired_crl = 1;
347 g_context->setup_data.allow_bad_md_hash = 1;
348 g_context->setup_data.allow_short_rsa_length = 1;
349 }
350 }
351 /* Map over to the new define format to save code duplication */
352 coap_dtls_map_key_type_to_define(&g_context->setup_data, &key);
353 g_context->setup_data.pki_key = key;
354 g_context->psk_pki_enabled |= IS_PKI;
355 if (setup_data->use_cid) {
356 coap_log_warn("GnuTLS has no Connection-ID support\n");
357 }
358 return 1;
359}
360
361/*
362 * return 0 failed
363 * 1 passed
364 */
365int
367 const char *ca_file,
368 const char *ca_path) {
369 coap_gnutls_context_t *g_context =
370 ((coap_gnutls_context_t *)c_context->dtls_context);
371 if (!g_context) {
372 coap_log_warn("coap_context_set_pki_root_cas: (D)TLS environment "
373 "not set up\n");
374 return 0;
375 }
376
377 if (ca_file == NULL && ca_path == NULL) {
378 coap_log_warn("coap_context_set_pki_root_cas: ca_file and/or ca_path "
379 "not defined\n");
380 return 0;
381 }
382 if (g_context->root_ca_file) {
383 gnutls_free(g_context->root_ca_file);
384 g_context->root_ca_file = NULL;
385 }
386 if (ca_file) {
387 g_context->root_ca_file = gnutls_strdup(ca_file);
388 }
389 if (g_context->root_ca_path) {
390 gnutls_free(g_context->root_ca_path);
391 g_context->root_ca_path = NULL;
392 }
393 if (ca_path) {
394#if (GNUTLS_VERSION_NUMBER >= 0x030306)
395 g_context->root_ca_path = gnutls_strdup(ca_path);
396#else
397 coap_log_err("ca_path not supported in GnuTLS < 3.3.6\n");
398#endif
399 }
400 return 1;
401}
402
403#if COAP_SERVER_SUPPORT
404/*
405 * return 0 failed
406 * 1 passed
407 */
408int
410 coap_dtls_spsk_t *setup_data
411 ) {
412 coap_gnutls_context_t *g_context =
413 ((coap_gnutls_context_t *)c_context->dtls_context);
414
415 if (!g_context || !setup_data)
416 return 0;
417
418 if (setup_data->ec_jpake) {
419 coap_log_warn("GnuTLS has no EC-JPAKE support\n");
420 }
421 g_context->psk_pki_enabled |= IS_PSK;
422 return 1;
423}
424#endif /* COAP_SERVER_SUPPORT */
425
426#if COAP_CLIENT_SUPPORT
427/*
428 * return 0 failed
429 * 1 passed
430 */
431int
433 coap_dtls_cpsk_t *setup_data
434 ) {
435 coap_gnutls_context_t *g_context =
436 ((coap_gnutls_context_t *)c_context->dtls_context);
437
438 if (!g_context || !setup_data)
439 return 0;
440
441 if (setup_data->ec_jpake) {
442 coap_log_warn("GnuTLS has no EC-JPAKE support\n");
443 }
444 if (setup_data->use_cid) {
445 coap_log_warn("GnuTLS has no Connection-ID support\n");
446 }
447 g_context->psk_pki_enabled |= IS_PSK;
448 return 1;
449}
450#endif /* COAP_CLIENT_SUPPORT */
451
452/*
453 * return 0 failed
454 * 1 passed
455 */
456int
458 coap_gnutls_context_t *g_context =
459 ((coap_gnutls_context_t *)c_context->dtls_context);
460 return g_context->psk_pki_enabled ? 1 : 0;
461}
462
463void
464coap_dtls_startup(void) {
465 gnutls_global_set_audit_log_function(coap_gnutls_audit_log_func);
466 gnutls_global_set_log_function(coap_gnutls_log_func);
467}
468
469void
470coap_dtls_shutdown(void) {
472}
473
474void *
475coap_dtls_get_tls(const coap_session_t *c_session,
476 coap_tls_library_t *tls_lib) {
477 if (tls_lib)
478 *tls_lib = COAP_TLS_LIBRARY_GNUTLS;
479 if (c_session && c_session->tls) {
480 const coap_gnutls_env_t *g_env = (const coap_gnutls_env_t *)c_session->tls;
481
482 return g_env->g_session;
483 }
484 return NULL;
485}
486
487void
489 dtls_log_level = level;
490 gnutls_global_set_log_level(dtls_log_level);
491}
492
493/*
494 * return current logging level
495 */
498 return dtls_log_level;
499}
500
501/*
502 * return +ve new g_context
503 * NULL failure
504 */
505void *
507 const char *err;
508 int ret;
509 coap_gnutls_context_t *g_context =
510 (coap_gnutls_context_t *)
511 gnutls_malloc(sizeof(coap_gnutls_context_t));
512
513 if (g_context) {
515 const char *priority;
516
517 G_CHECK(gnutls_global_init(), "gnutls_global_init");
518 memset(g_context, 0, sizeof(coap_gnutls_context_t));
519 g_context->alpn_proto.data = gnutls_malloc(4);
520 if (g_context->alpn_proto.data) {
521 memcpy(g_context->alpn_proto.data, "coap", 4);
522 g_context->alpn_proto.size = 4;
523 }
524
525 if (tls_version->version >= 0x030606) {
526 priority = VARIANTS_3_6_6;
527 } else if (tls_version->version >= 0x030505) {
528 priority = VARIANTS_3_5_5;
529 } else {
530 priority = VARIANTS_BASE;
531 }
532 ret = gnutls_priority_init(&g_context->priority_cache, priority, &err);
533 if (ret != GNUTLS_E_SUCCESS) {
534 if (ret == GNUTLS_E_INVALID_REQUEST)
535 coap_log_warn("gnutls_priority_init: Syntax error at: %s\n", err);
536 else
537 coap_log_warn("gnutls_priority_init: %s\n", gnutls_strerror(ret));
538 goto fail;
539 }
540 }
541 return g_context;
542
543fail:
544 if (g_context)
545 coap_dtls_free_context(g_context);
546 return NULL;
547}
548
549void
550coap_dtls_free_context(void *handle) {
551 size_t i;
552 coap_gnutls_context_t *g_context = (coap_gnutls_context_t *)handle;
553
554 gnutls_free(g_context->alpn_proto.data);
555 gnutls_free(g_context->root_ca_file);
556 gnutls_free(g_context->root_ca_path);
557 for (i = 0; i < g_context->pki_sni_count; i++) {
558 gnutls_free(g_context->pki_sni_entry_list[i].sni);
559 gnutls_certificate_free_credentials(
560 g_context->pki_sni_entry_list[i].pki_credentials);
561 }
562 if (g_context->pki_sni_entry_list)
563 gnutls_free(g_context->pki_sni_entry_list);
564
565 for (i = 0; i < g_context->psk_sni_count; i++) {
566 gnutls_free(g_context->psk_sni_entry_list[i].sni);
567 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
568 gnutls_psk_free_server_credentials(
569 g_context->psk_sni_entry_list[i].psk_credentials);
570 }
571 if (g_context->psk_sni_entry_list)
572 gnutls_free(g_context->psk_sni_entry_list);
573
574 gnutls_priority_deinit(g_context->priority_cache);
575
576 gnutls_global_deinit();
577 gnutls_free(g_context);
578}
579
580#if COAP_CLIENT_SUPPORT
581/*
582 * gnutls_psk_client_credentials_function return values
583 * (see gnutls_psk_set_client_credentials_function())
584 *
585 * return -1 failed
586 * 0 passed
587 */
588static int
589psk_client_callback(gnutls_session_t g_session,
590 char **username, gnutls_datum_t *key) {
591 coap_session_t *c_session =
592 (coap_session_t *)gnutls_transport_get_ptr(g_session);
593 coap_gnutls_context_t *g_context;
594 coap_dtls_cpsk_t *setup_data;
595 const char *hint = gnutls_psk_client_get_hint(g_session);
596 coap_bin_const_t temp;
597 const coap_bin_const_t *psk_key;
598 const coap_bin_const_t *psk_identity;
599 const coap_dtls_cpsk_info_t *cpsk_info;
600
601 /* Initialize result parameters. */
602 *username = NULL;
603 key->data = NULL;
604
605 if (c_session == NULL)
606 return -1;
607
608 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
609 if (g_context == NULL)
610 return -1;
611
612 setup_data = &c_session->cpsk_setup_data;
613
614 temp.s = hint ? (const uint8_t *)hint : (const uint8_t *)"";
615 temp.length = strlen((const char *)temp.s);
616 coap_session_refresh_psk_hint(c_session, &temp);
617
618 coap_log_debug("got psk_identity_hint: '%.*s'\n", (int)temp.length,
619 (const char *)temp.s);
620
621 if (setup_data->validate_ih_call_back) {
622 coap_str_const_t lhint;
623
624 lhint.length = temp.length;
625 lhint.s = temp.s;
626 coap_lock_callback_ret(cpsk_info, c_session->context,
627 setup_data->validate_ih_call_back(&lhint,
628 c_session,
629 setup_data->ih_call_back_arg));
630
631 if (cpsk_info == NULL)
632 return -1;
633
634 coap_session_refresh_psk_identity(c_session, &cpsk_info->identity);
635 coap_session_refresh_psk_key(c_session, &cpsk_info->key);
636 psk_identity = &cpsk_info->identity;
637 psk_key = &cpsk_info->key;
638 } else {
639 psk_identity = coap_get_session_client_psk_identity(c_session);
640 psk_key = coap_get_session_client_psk_key(c_session);
641 }
642
643 if (psk_identity == NULL || psk_key == NULL) {
644 coap_log_warn("no PSK available\n");
645 return -1;
646 }
647
648 *username = gnutls_malloc(psk_identity->length+1);
649 if (*username == NULL)
650 return -1;
651 memcpy(*username, psk_identity->s, psk_identity->length);
652 (*username)[psk_identity->length] = '\000';
653
654 key->data = gnutls_malloc(psk_key->length);
655 if (key->data == NULL) {
656 gnutls_free(*username);
657 *username = NULL;
658 return -1;
659 }
660 memcpy(key->data, psk_key->s, psk_key->length);
661 key->size = psk_key->length;
662 return 0;
663}
664#endif /* COAP_CLIENT_SUPPORT */
665
666typedef struct {
667 gnutls_certificate_type_t certificate_type;
668 char *san_or_cn;
669 const gnutls_datum_t *cert_list;
670 unsigned int cert_list_size;
671 int self_signed; /* 1 if cert self-signed, 0 otherwise */
672} coap_gnutls_certificate_info_t;
673
674/*
675 * return Type of certificate and SAN or CN if appropriate derived from
676 * certificate. GNUTLS_CRT_UNKNOWN if failure.
677 */
678static gnutls_certificate_type_t
679get_san_or_cn(gnutls_session_t g_session,
680 coap_gnutls_certificate_info_t *cert_info) {
681 gnutls_x509_crt_t cert;
682 char dn[256];
683 size_t size;
684 int n;
685 char *cn;
686 int ret;
687
688#if (GNUTLS_VERSION_NUMBER >= 0x030606)
689 cert_info->certificate_type = gnutls_certificate_type_get2(g_session,
690 GNUTLS_CTYPE_PEERS);
691#else /* < 3.6.6 */
692 cert_info->certificate_type = gnutls_certificate_type_get(g_session);
693#endif /* < 3.6.6 */
694
695 cert_info->san_or_cn = NULL;
696
697 cert_info->cert_list = gnutls_certificate_get_peers(g_session,
698 &cert_info->cert_list_size);
699 if (cert_info->cert_list_size == 0) {
700 return GNUTLS_CRT_UNKNOWN;
701 }
702
703 if (cert_info->certificate_type != GNUTLS_CRT_X509)
704 return cert_info->certificate_type;
705
706 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
707
708 /* Interested only in first cert in chain */
709 G_CHECK(gnutls_x509_crt_import(cert, &cert_info->cert_list[0],
710 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
711
712 cert_info->self_signed = gnutls_x509_crt_check_issuer(cert, cert);
713
714 size = sizeof(dn) -1;
715 /* See if there is a Subject Alt Name first */
716 ret = gnutls_x509_crt_get_subject_alt_name(cert, 0, dn, &size, NULL);
717 if (ret >= 0) {
718 dn[size] = '\000';
719 gnutls_x509_crt_deinit(cert);
720 cert_info->san_or_cn = gnutls_strdup(dn);
721 return cert_info->certificate_type;
722 }
723
724 size = sizeof(dn);
725 G_CHECK(gnutls_x509_crt_get_dn(cert, dn, &size), "gnutls_x509_crt_get_dn");
726
727 gnutls_x509_crt_deinit(cert);
728
729 /* Need to emulate strcasestr() here. Looking for CN= */
730 n = strlen(dn) - 3;
731 cn = dn;
732 while (n > 0) {
733 if (((cn[0] == 'C') || (cn[0] == 'c')) &&
734 ((cn[1] == 'N') || (cn[1] == 'n')) &&
735 (cn[2] == '=')) {
736 cn += 3;
737 break;
738 }
739 cn++;
740 n--;
741 }
742 if (n > 0) {
743 char *ecn = strchr(cn, ',');
744 if (ecn) {
745 cn[ecn-cn] = '\000';
746 }
747 cert_info->san_or_cn = gnutls_strdup(cn);
748 return cert_info->certificate_type;
749 }
750 return GNUTLS_CRT_UNKNOWN;
751
752fail:
753 return GNUTLS_CRT_UNKNOWN;
754}
755
756#if (GNUTLS_VERSION_NUMBER >= 0x030606)
757#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
758 cert_info.san_or_cn : \
759 cert_type == GNUTLS_CRT_RAW ? \
760 COAP_DTLS_RPK_CERT_CN : "?")
761#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
762#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
763 cert_info.san_or_cn : "?")
764#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
765
766#if (GNUTLS_VERSION_NUMBER >= 0x030606)
767static int
768check_rpk_cert(coap_gnutls_context_t *g_context,
769 coap_gnutls_certificate_info_t *cert_info,
770 coap_session_t *c_session) {
771 int ret;
772
773 if (g_context->setup_data.validate_cn_call_back) {
774 gnutls_pcert_st pcert;
775 uint8_t der[2048];
776 size_t size;
777
778 G_CHECK(gnutls_pcert_import_rawpk_raw(&pcert, &cert_info->cert_list[0],
779 GNUTLS_X509_FMT_DER, 0, 0),
780 "gnutls_pcert_import_rawpk_raw");
781
782 size = sizeof(der);
783 G_CHECK(gnutls_pubkey_export(pcert.pubkey, GNUTLS_X509_FMT_DER, der, &size),
784 "gnutls_pubkey_export");
785 gnutls_pcert_deinit(&pcert);
786 coap_lock_callback_ret(ret, c_session->context,
787 g_context->setup_data.validate_cn_call_back(COAP_DTLS_RPK_CERT_CN,
788 der,
789 size,
790 c_session,
791 0,
792 1,
793 g_context->setup_data.cn_call_back_arg));
794 if (!ret) {
795 return 0;
796 }
797 }
798 return 1;
799fail:
800 return 0;
801}
802#endif /* >= 3.6.6 */
803
804/*
805 * return 0 failed
806 * 1 passed
807 */
808static int
809cert_verify_gnutls(gnutls_session_t g_session) {
810 unsigned int status = 0;
811 unsigned int fail = 0;
812 coap_session_t *c_session =
813 (coap_session_t *)gnutls_transport_get_ptr(g_session);
814 coap_gnutls_context_t *g_context =
815 (coap_gnutls_context_t *)c_session->context->dtls_context;
816 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
817 int alert = GNUTLS_A_BAD_CERTIFICATE;
818 int ret;
819 coap_gnutls_certificate_info_t cert_info;
820 gnutls_certificate_type_t cert_type;
821
822 memset(&cert_info, 0, sizeof(cert_info));
823 cert_type = get_san_or_cn(g_session, &cert_info);
824#if (GNUTLS_VERSION_NUMBER >= 0x030606)
825 if (cert_type == GNUTLS_CRT_RAW) {
826 if (!check_rpk_cert(g_context, &cert_info, c_session)) {
827 alert = GNUTLS_A_ACCESS_DENIED;
828 goto fail;
829 }
830 goto ok;
831 }
832#endif /* >= 3.6.6 */
833
834 if (cert_info.cert_list_size == 0 && !g_context->setup_data.verify_peer_cert)
835 goto ok;
836
837 G_CHECK(gnutls_certificate_verify_peers(g_session, NULL, 0, &status),
838 "gnutls_certificate_verify_peers");
839
840 if (status) {
841 status &= ~(GNUTLS_CERT_INVALID);
842 if (status & (GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED)) {
843 status &= ~(GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED);
844 if (g_context->setup_data.allow_expired_certs) {
845 coap_log_info(" %s: %s: overridden: '%s'\n",
846 coap_session_str(c_session),
847 "The certificate has an invalid usage date",
848 OUTPUT_CERT_NAME);
849 } else {
850 fail = 1;
851 coap_log_warn(" %s: %s: '%s'\n",
852 coap_session_str(c_session),
853 "The certificate has an invalid usage date",
854 OUTPUT_CERT_NAME);
855 }
856 }
857 if (status & (GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
858 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE)) {
859 status &= ~(GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
860 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE);
861 if (g_context->setup_data.allow_expired_crl) {
862 coap_log_info(" %s: %s: overridden: '%s'\n",
863 coap_session_str(c_session),
864 "The certificate's CRL entry has an invalid usage date",
865 OUTPUT_CERT_NAME);
866 } else {
867 fail = 1;
868 coap_log_warn(" %s: %s: '%s'\n",
869 coap_session_str(c_session),
870 "The certificate's CRL entry has an invalid usage date",
871 OUTPUT_CERT_NAME);
872 }
873 }
874 if (status & (GNUTLS_CERT_SIGNER_NOT_FOUND)) {
875 status &= ~(GNUTLS_CERT_SIGNER_NOT_FOUND);
876 if (cert_info.self_signed) {
877 if (g_context->setup_data.allow_self_signed &&
878 !g_context->setup_data.check_common_ca) {
879 coap_log_info(" %s: %s: overridden: '%s'\n",
880 coap_session_str(c_session),
881 "Self-signed",
882 OUTPUT_CERT_NAME);
883 } else {
884 fail = 1;
885 alert = GNUTLS_A_UNKNOWN_CA;
886 coap_log_warn(" %s: %s: '%s'\n",
887 coap_session_str(c_session),
888 "Self-signed",
889 OUTPUT_CERT_NAME);
890 }
891 } else {
892 if (!g_context->setup_data.verify_peer_cert) {
893 coap_log_info(" %s: %s: overridden: '%s'\n",
894 coap_session_str(c_session),
895 "The peer certificate's CA is unknown",
896 OUTPUT_CERT_NAME);
897 } else {
898 fail = 1;
899 alert = GNUTLS_A_UNKNOWN_CA;
900 coap_log_warn(" %s: %s: '%s'\n",
901 coap_session_str(c_session),
902 "The peer certificate's CA is unknown",
903 OUTPUT_CERT_NAME);
904 }
905 }
906 }
907 if (status & (GNUTLS_CERT_INSECURE_ALGORITHM)) {
908 status &= ~(GNUTLS_CERT_INSECURE_ALGORITHM);
909 fail = 1;
910 coap_log_warn(" %s: %s: '%s'\n",
911 coap_session_str(c_session),
912 "The certificate uses an insecure algorithm",
913 OUTPUT_CERT_NAME);
914 }
915
916 if (status) {
917 fail = 1;
918 coap_log_warn(" %s: gnutls_certificate_verify_peers() status 0x%x: '%s'\n",
919 coap_session_str(c_session),
920 status, OUTPUT_CERT_NAME);
921 }
922 }
923
924 if (fail)
925 goto fail;
926
927 if (g_context->setup_data.validate_cn_call_back) {
928 gnutls_x509_crt_t cert;
929 uint8_t der[2048];
930 size_t size;
931 /* status == 0 indicates that the certificate passed to
932 * setup_data.validate_cn_call_back has been validated. */
933 const int cert_is_trusted = !status;
934
935 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
936
937 /* Interested only in first cert in chain */
938 G_CHECK(gnutls_x509_crt_import(cert, &cert_info.cert_list[0],
939 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
940
941 size = sizeof(der);
942 G_CHECK(gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, der, &size),
943 "gnutls_x509_crt_export");
944 gnutls_x509_crt_deinit(cert);
945 coap_lock_callback_ret(ret, c_session->context,
946 g_context->setup_data.validate_cn_call_back(OUTPUT_CERT_NAME,
947 der,
948 size,
949 c_session,
950 0,
951 cert_is_trusted,
952 g_context->setup_data.cn_call_back_arg));
953 if (!ret) {
954 alert = GNUTLS_A_ACCESS_DENIED;
955 goto fail;
956 }
957 }
958
959 if (g_context->setup_data.additional_tls_setup_call_back) {
960 /* Additional application setup wanted */
961 if (!g_context->setup_data.additional_tls_setup_call_back(g_session,
962 &g_context->setup_data)) {
963 goto fail;
964 }
965 }
966
967ok:
968 if (cert_info.san_or_cn)
969 gnutls_free(cert_info.san_or_cn);
970
971 return 1;
972
973fail:
974 if (cert_info.san_or_cn)
975 gnutls_free(cert_info.san_or_cn);
976
977 if (!g_env->sent_alert) {
978 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL, alert));
979 g_env->sent_alert = 1;
980 }
982 return 0;
983}
984
985/*
986 * gnutls_certificate_verify_function return values
987 * (see gnutls_certificate_set_verify_function())
988 *
989 * return -1 failed
990 * 0 passed
991 */
992static int
993cert_verify_callback_gnutls(gnutls_session_t g_session) {
994 if (gnutls_auth_get_type(g_session) == GNUTLS_CRD_CERTIFICATE) {
995 if (cert_verify_gnutls(g_session) == 0) {
996 return -1;
997 }
998 }
999 return 0;
1000}
1001
1002#ifndef min
1003#define min(a,b) ((a) < (b) ? (a) : (b))
1004#endif
1005
1006static int
1007pin_callback(void *user_data, int attempt,
1008 const char *token_url COAP_UNUSED,
1009 const char *token_label COAP_UNUSED,
1010 unsigned int flags COAP_UNUSED,
1011 char *pin,
1012 size_t pin_max) {
1013 coap_dtls_key_t *key = (coap_dtls_key_t *)user_data;
1014
1015 /* Only do this on first attempt to prevent token lockout */
1016 if (attempt == 0 && key && key->key.define.user_pin) {
1017 int len = min(pin_max - 1, strlen(key->key.define.user_pin));
1018
1019 memcpy(pin, key->key.define.user_pin, len);
1020 pin[len] = 0;
1021 return 0;
1022 }
1023 return -1;
1024}
1025
1026static int
1027check_null_memory(gnutls_datum_t *datum,
1028 const uint8_t *buf, size_t len, int *alloced) {
1029 datum->size = len;
1030 *alloced = 0;
1031 if (buf[len-1] != '\000') {
1032 /* Need to allocate memory, rather than just copying pointers across */
1033 *alloced = 1;
1034 datum->data = gnutls_malloc(len + 1);
1035 if (!datum->data) {
1036 coap_log_err("gnutls_malloc failure\n");
1037 return GNUTLS_E_MEMORY_ERROR;
1038 }
1039 memcpy(datum->data, buf, len);
1040 datum->data[len] = '\000';
1041 datum->size++;
1042 } else {
1043 /* To get around const issue */
1044 memcpy(&datum->data,
1045 &buf, sizeof(datum->data));
1046 }
1047 return 0;
1048}
1049
1050/*
1051 * return 0 Success (GNUTLS_E_SUCCESS)
1052 * neg GNUTLS_E_* error code
1053 */
1054static int
1055setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
1056 gnutls_session_t g_session,
1057 coap_gnutls_context_t *g_context,
1058 coap_dtls_pki_t *setup_data, coap_dtls_role_t role) {
1059 coap_dtls_key_t key;
1060 int ret;
1061 gnutls_datum_t cert;
1062 gnutls_datum_t pkey;
1063 gnutls_datum_t ca;
1064 int alloced_cert_memory = 0;
1065 int alloced_pkey_memory = 0;
1066 int alloced_ca_memory = 0;
1067 int have_done_key = 0;
1068
1069 /* Map over to the new define format to save code duplication */
1070 coap_dtls_map_key_type_to_define(setup_data, &key);
1071
1072 assert(key.key_type == COAP_PKI_KEY_DEFINE);
1073
1074 G_CHECK(gnutls_certificate_allocate_credentials(pki_credentials),
1075 "gnutls_certificate_allocate_credentials");
1076
1077 /*
1078 * Configure the Private Key
1079 */
1080 if (key.key.define.private_key.u_byte &&
1081 key.key.define.private_key.u_byte[0]) {
1082 switch (key.key.define.private_key_def) {
1083 case COAP_PKI_KEY_DEF_PEM: /* define private key */
1084 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
1085 case COAP_PKI_KEY_DEF_DER: /* define private key */
1086 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
1087 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
1088 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
1089 /* Handled under public key */
1090 break;
1091 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
1092#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1093 /* Handled under public key */
1094 break;
1095#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1096 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1099 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1100#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1101 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
1102 default:
1105 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1106 }
1107 } else if (role == COAP_DTLS_ROLE_SERVER ||
1109 key.key.define.public_cert.u_byte[0])) {
1112 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1113 }
1114
1115 /*
1116 * Configure the Public Certificate / Key
1117 */
1118 if (key.key.define.public_cert.u_byte &&
1119 key.key.define.public_cert.u_byte[0]) {
1120 /* Both Public and Private keys are handled here and MUST be the same type */
1121 if (!(key.key.define.private_key.s_byte &&
1122 key.key.define.private_key.s_byte[0] &&
1126 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1127 }
1128 switch (key.key.define.public_cert_def) {
1129 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
1130 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1133 GNUTLS_X509_FMT_PEM) < 0)) {
1136 &key, role, ret);
1137 }
1138 break;
1139 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
1140 if ((ret = check_null_memory(&cert,
1143 &alloced_cert_memory)) < 0) {
1146 &key, role, ret);
1147 }
1148 if ((ret = check_null_memory(&pkey,
1151 &alloced_pkey_memory)) < 0) {
1152 if (alloced_cert_memory)
1153 gnutls_free(cert.data);
1156 &key, role, ret);
1157 }
1158 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1159 &cert,
1160 &pkey,
1161 GNUTLS_X509_FMT_PEM)) < 0) {
1162 if (alloced_cert_memory)
1163 gnutls_free(cert.data);
1164 if (alloced_pkey_memory)
1165 gnutls_free(pkey.data);
1168 &key, role, ret);
1169 }
1170 if (alloced_cert_memory)
1171 gnutls_free(cert.data);
1172 if (alloced_pkey_memory)
1173 gnutls_free(pkey.data);
1174 break;
1175 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
1176#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1177 if ((ret = check_null_memory(&cert,
1180 &alloced_cert_memory)) < 0) {
1183 &key, role, ret);
1184 }
1185 if ((ret = check_null_memory(&pkey,
1188 &alloced_pkey_memory)) < 0) {
1189 if (alloced_cert_memory)
1190 gnutls_free(cert.data);
1193 &key, role, ret);
1194 }
1195 if (strstr((char *)pkey.data, "-----BEGIN EC PRIVATE KEY-----")) {
1196 gnutls_datum_t der_private;
1197
1198 if (gnutls_pem_base64_decode2("EC PRIVATE KEY", &pkey,
1199 &der_private) == 0) {
1200 coap_binary_t *spki = get_asn1_spki(der_private.data,
1201 der_private.size);
1202
1203 if (spki) {
1204 gnutls_datum_t tspki;
1205
1206 tspki.data = spki->s;
1207 tspki.size = spki->length;
1208 ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1209 &tspki,
1210 &der_private,
1211 GNUTLS_X509_FMT_DER, NULL,
1212 COAP_GNUTLS_KEY_RPK,
1213 NULL, 0, 0);
1214 if (ret >= 0) {
1215 have_done_key = 1;
1216 }
1217 coap_delete_binary(spki);
1218 }
1219 gnutls_free(der_private.data);
1220 }
1221 }
1222 if (!have_done_key) {
1223 if ((ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1224 &cert,
1225 &pkey,
1226 GNUTLS_X509_FMT_PEM, NULL,
1227 COAP_GNUTLS_KEY_RPK,
1228 NULL, 0, 0)) < 0) {
1229 if (alloced_cert_memory)
1230 gnutls_free(cert.data);
1231 if (alloced_pkey_memory)
1232 gnutls_free(pkey.data);
1235 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1236 }
1237 }
1238 if (alloced_cert_memory)
1239 gnutls_free(cert.data);
1240 if (alloced_pkey_memory)
1241 gnutls_free(pkey.data);
1242 break;
1243#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1244 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1247 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1248#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1249 case COAP_PKI_KEY_DEF_DER: /* define public cert */
1250 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1253 GNUTLS_X509_FMT_DER) < 0)) {
1256 &key, role, ret);
1257 }
1258 break;
1259 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
1260 if ((ret = check_null_memory(&cert,
1263 &alloced_cert_memory)) < 0) {
1266 &key, role, ret);
1267 }
1268 if ((ret = check_null_memory(&pkey,
1271 &alloced_pkey_memory)) < 0) {
1272 if (alloced_cert_memory)
1273 gnutls_free(cert.data);
1276 &key, role, ret);
1277 }
1278 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1279 &cert,
1280 &pkey,
1281 GNUTLS_X509_FMT_DER)) < 0) {
1282 if (alloced_cert_memory)
1283 gnutls_free(cert.data);
1284 if (alloced_pkey_memory)
1285 gnutls_free(pkey.data);
1288 &key, role, ret);
1289 }
1290 if (alloced_cert_memory)
1291 gnutls_free(cert.data);
1292 if (alloced_pkey_memory)
1293 gnutls_free(pkey.data);
1294 break;
1295 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
1296 gnutls_pkcs11_set_pin_function(pin_callback, &setup_data->pki_key);
1297 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1300 GNUTLS_X509_FMT_DER)) < 0) {
1303 &key, role, ret);
1304 }
1305 break;
1306 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
1307#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1308 gnutls_pkcs11_set_pin_function(pin_callback, setup_data);
1309 if ((ret = gnutls_certificate_set_rawpk_key_file(*pki_credentials,
1312 GNUTLS_X509_FMT_PEM, NULL,
1313 COAP_GNUTLS_KEY_RPK,
1314 NULL, 0, GNUTLS_PKCS_PLAIN, 0))) {
1317 &key, role, ret);
1318 }
1319#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1320 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1321 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
1322#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1323 break;
1324 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
1325 default:
1328 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1329 }
1330 }
1331
1332 /*
1333 * Configure the CA
1334 */
1335 if (setup_data->check_common_ca && key.key.define.ca.u_byte &&
1336 key.key.define.ca.u_byte[0]) {
1337 switch (key.key.define.ca_def) {
1339 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1340 key.key.define.ca.s_byte,
1341 GNUTLS_X509_FMT_PEM) < 0)) {
1344 &key, role, ret);
1345 }
1346 break;
1347 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
1348 if ((ret = check_null_memory(&ca,
1349 key.key.define.ca.u_byte,
1350 key.key.define.ca_len,
1351 &alloced_ca_memory)) < 0) {
1354 &key, role, ret);
1355 }
1356 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1357 &ca,
1358 GNUTLS_X509_FMT_PEM)) < 0) {
1359 if (alloced_ca_memory)
1360 gnutls_free(ca.data);
1363 &key, role, ret);
1364 }
1365 if (alloced_ca_memory)
1366 gnutls_free(ca.data);
1367 break;
1368 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
1369 /* Ignore if set */
1370 break;
1371 case COAP_PKI_KEY_DEF_DER: /* define ca */
1372 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1373 key.key.define.ca.s_byte,
1374 GNUTLS_X509_FMT_DER) < 0)) {
1377 &key, role, ret);
1378 }
1379 break;
1380 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
1381 if ((ret = check_null_memory(&ca,
1382 key.key.define.ca.u_byte,
1383 key.key.define.ca_len,
1384 &alloced_ca_memory)) < 0) {
1387 &key, role, ret);
1388 }
1389 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1390 &ca,
1391 GNUTLS_X509_FMT_DER)) <= 0) {
1392 if (alloced_ca_memory)
1393 gnutls_free(ca.data);
1396 &key, role, ret);
1397 }
1398 if (alloced_ca_memory)
1399 gnutls_free(ca.data);
1400 break;
1401 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
1402 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1403 key.key.define.ca.s_byte,
1404 GNUTLS_X509_FMT_DER)) <= 0) {
1407 &key, role, ret);
1408 }
1409 break;
1410 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
1411 /* Ignore if set */
1412 break;
1413 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
1414 default:
1417 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1418 }
1419 }
1420
1421 if (g_context->root_ca_file) {
1422 ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1423 g_context->root_ca_file,
1424 GNUTLS_X509_FMT_PEM);
1425 if (ret == 0) {
1426 coap_log_warn("gnutls_certificate_set_x509_trust_file: Root CA: No certificates found\n");
1427 }
1428 }
1429 if (g_context->root_ca_path) {
1430#if (GNUTLS_VERSION_NUMBER >= 0x030306)
1431 G_CHECK(gnutls_certificate_set_x509_trust_dir(*pki_credentials,
1432 g_context->root_ca_path,
1433 GNUTLS_X509_FMT_PEM),
1434 "gnutls_certificate_set_x509_trust_dir");
1435#endif
1436 }
1437 gnutls_certificate_send_x509_rdn_sequence(g_session,
1438 setup_data->check_common_ca ? 0 : 1);
1439 if (!(g_context->psk_pki_enabled & IS_PKI)) {
1440 /* No PKI defined at all - still need a trust set up for 3.6.0 or later */
1441 G_CHECK(gnutls_certificate_set_x509_system_trust(*pki_credentials),
1442 "gnutls_certificate_set_x509_system_trust");
1443 }
1444
1445 /* Verify Peer */
1446 gnutls_certificate_set_verify_function(*pki_credentials,
1447 cert_verify_callback_gnutls);
1448
1449 /* Cert chain checking (can raise GNUTLS_E_CONSTRAINT_ERROR) */
1450 if (setup_data->cert_chain_validation) {
1451 gnutls_certificate_set_verify_limits(*pki_credentials,
1452 0,
1453 setup_data->cert_chain_verify_depth + 2);
1454 }
1455
1456 /*
1457 * Check for self signed
1458 * CRL checking (can raise GNUTLS_CERT_MISSING_OCSP_STATUS)
1459 */
1460 gnutls_certificate_set_verify_flags(*pki_credentials,
1461 (setup_data->check_cert_revocation == 0 ?
1462 GNUTLS_VERIFY_DISABLE_CRL_CHECKS : 0)
1463 );
1464
1465 return GNUTLS_E_SUCCESS;
1466
1467fail:
1468 return ret;
1469}
1470
1471#if COAP_SERVER_SUPPORT
1472/*
1473 * return 0 Success (GNUTLS_E_SUCCESS)
1474 * neg GNUTLS_E_* error code
1475 */
1476static int
1477setup_psk_credentials(gnutls_psk_server_credentials_t *psk_credentials,
1478 coap_gnutls_context_t *g_context COAP_UNUSED,
1479 coap_dtls_spsk_t *setup_data) {
1480 int ret;
1481 char hint[COAP_DTLS_HINT_LENGTH];
1482
1483 G_CHECK(gnutls_psk_allocate_server_credentials(psk_credentials),
1484 "gnutls_psk_allocate_server_credentials");
1485 gnutls_psk_set_server_credentials_function(*psk_credentials,
1486 psk_server_callback);
1487 if (setup_data->psk_info.hint.s) {
1488 snprintf(hint, sizeof(hint), "%.*s", (int)setup_data->psk_info.hint.length,
1489 setup_data->psk_info.hint.s);
1490 G_CHECK(gnutls_psk_set_server_credentials_hint(*psk_credentials, hint),
1491 "gnutls_psk_set_server_credentials_hint");
1492 }
1493
1494 return GNUTLS_E_SUCCESS;
1495
1496fail:
1497 return ret;
1498}
1499
1500/*
1501 * return 0 Success (GNUTLS_E_SUCCESS)
1502 * neg GNUTLS_E_* error code
1503 */
1504static int
1505post_client_hello_gnutls_psk(gnutls_session_t g_session) {
1506 coap_session_t *c_session =
1507 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1508 coap_gnutls_context_t *g_context =
1509 (coap_gnutls_context_t *)c_session->context->dtls_context;
1510 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1511 int ret = GNUTLS_E_SUCCESS;
1512 char *name = NULL;
1513
1515 coap_dtls_spsk_t sni_setup_data;
1516 /* DNS names (only type supported) may be at most 256 byte long */
1517 size_t len = 256;
1518 unsigned int type;
1519 unsigned int i;
1520
1521 name = gnutls_malloc(len);
1522 if (name == NULL)
1523 return GNUTLS_E_MEMORY_ERROR;
1524
1525 for (i=0; ;) {
1526 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1527 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1528 char *new_name;
1529 new_name = gnutls_realloc(name, len);
1530 if (new_name == NULL) {
1531 ret = GNUTLS_E_MEMORY_ERROR;
1532 goto end;
1533 }
1534 name = new_name;
1535 continue; /* retry call with same index */
1536 }
1537
1538 /* check if it is the last entry in list */
1539 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1540 break;
1541 i++;
1542 if (ret != GNUTLS_E_SUCCESS)
1543 goto end;
1544 /* unknown types need to be ignored */
1545 if (type != GNUTLS_NAME_DNS)
1546 continue;
1547
1548 }
1549 /* If no extension provided, make it a dummy entry */
1550 if (i == 0) {
1551 name[0] = '\000';
1552 len = 0;
1553 }
1554
1555 /* Is this a cached entry? */
1556 for (i = 0; i < g_context->psk_sni_count; i++) {
1557 if (strcasecmp(name, g_context->psk_sni_entry_list[i].sni) == 0) {
1558 break;
1559 }
1560 }
1561 if (i == g_context->psk_sni_count) {
1562 /*
1563 * New SNI request
1564 */
1565 const coap_dtls_spsk_info_t *new_entry;
1566
1567 coap_lock_callback_ret(new_entry, c_session->context,
1569 c_session,
1571 if (!new_entry) {
1572 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1573 GNUTLS_A_UNRECOGNIZED_NAME));
1574 g_env->sent_alert = 1;
1575 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1576 goto end;
1577 }
1578
1579 g_context->psk_sni_entry_list =
1580 gnutls_realloc(g_context->psk_sni_entry_list,
1581 (i+1)*sizeof(psk_sni_entry));
1582 g_context->psk_sni_entry_list[i].sni = gnutls_strdup(name);
1583 g_context->psk_sni_entry_list[i].psk_info = *new_entry;
1584 sni_setup_data = c_session->context->spsk_setup_data;
1585 sni_setup_data.psk_info = *new_entry;
1586 if ((ret = setup_psk_credentials(
1587 &g_context->psk_sni_entry_list[i].psk_credentials,
1588 g_context,
1589 &sni_setup_data)) < 0) {
1590 int keep_ret = ret;
1591 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1592 GNUTLS_A_BAD_CERTIFICATE));
1593 g_env->sent_alert = 1;
1594 ret = keep_ret;
1595 goto end;
1596 }
1597 g_context->psk_sni_count++;
1598 }
1599 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1600 g_context->psk_sni_entry_list[i].psk_credentials),
1601 "gnutls_credentials_set");
1603 &g_context->psk_sni_entry_list[i].psk_info.hint);
1605 &g_context->psk_sni_entry_list[i].psk_info.key);
1606 }
1607
1608end:
1609 free(name);
1610 return ret;
1611
1612fail:
1613 return ret;
1614}
1615
1616/*
1617 * return 0 Success (GNUTLS_E_SUCCESS)
1618 * neg GNUTLS_E_* error code
1619 */
1620static int
1621post_client_hello_gnutls_pki(gnutls_session_t g_session) {
1622 coap_session_t *c_session =
1623 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1624 coap_gnutls_context_t *g_context =
1625 (coap_gnutls_context_t *)c_session->context->dtls_context;
1626 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1627 int ret = GNUTLS_E_SUCCESS;
1628 char *name = NULL;
1629
1630 if (g_context->setup_data.validate_sni_call_back) {
1631 /* DNS names (only type supported) may be at most 256 byte long */
1632 size_t len = 256;
1633 unsigned int type;
1634 unsigned int i;
1635 coap_dtls_pki_t sni_setup_data;
1636
1637 name = gnutls_malloc(len);
1638 if (name == NULL)
1639 return GNUTLS_E_MEMORY_ERROR;
1640
1641 for (i=0; ;) {
1642 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1643 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1644 char *new_name;
1645 new_name = gnutls_realloc(name, len);
1646 if (new_name == NULL) {
1647 ret = GNUTLS_E_MEMORY_ERROR;
1648 goto end;
1649 }
1650 name = new_name;
1651 continue; /* retry call with same index */
1652 }
1653
1654 /* check if it is the last entry in list */
1655 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1656 break;
1657 i++;
1658 if (ret != GNUTLS_E_SUCCESS)
1659 goto end;
1660 /* unknown types need to be ignored */
1661 if (type != GNUTLS_NAME_DNS)
1662 continue;
1663
1664 }
1665 /* If no extension provided, make it a dummy entry */
1666 if (i == 0) {
1667 name[0] = '\000';
1668 len = 0;
1669 }
1670
1671 /* Is this a cached entry? */
1672 for (i = 0; i < g_context->pki_sni_count; i++) {
1673 if (strcasecmp(name, g_context->pki_sni_entry_list[i].sni) == 0) {
1674 break;
1675 }
1676 }
1677 if (i == g_context->pki_sni_count) {
1678 /*
1679 * New SNI request
1680 */
1681 coap_dtls_key_t *new_entry;
1682
1683 coap_lock_callback_ret(new_entry, c_session->context,
1684 g_context->setup_data.validate_sni_call_back(name,
1685 g_context->setup_data.sni_call_back_arg));
1686 if (!new_entry) {
1687 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1688 GNUTLS_A_UNRECOGNIZED_NAME));
1689 g_env->sent_alert = 1;
1690 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1691 goto end;
1692 }
1693
1694 g_context->pki_sni_entry_list = gnutls_realloc(
1695 g_context->pki_sni_entry_list,
1696 (i+1)*sizeof(pki_sni_entry));
1697 g_context->pki_sni_entry_list[i].sni = gnutls_strdup(name);
1698 g_context->pki_sni_entry_list[i].pki_key = *new_entry;
1699 sni_setup_data = g_context->setup_data;
1700 sni_setup_data.pki_key = *new_entry;
1701 if ((ret = setup_pki_credentials(&g_context->pki_sni_entry_list[i].pki_credentials,
1702 g_session,
1703 g_context,
1704 &sni_setup_data, COAP_DTLS_ROLE_SERVER)) < 0) {
1705 int keep_ret = ret;
1706 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1707 GNUTLS_A_BAD_CERTIFICATE));
1708 g_env->sent_alert = 1;
1709 ret = keep_ret;
1710 goto end;
1711 }
1712 g_context->pki_sni_count++;
1713 }
1714 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1715 g_context->pki_sni_entry_list[i].pki_credentials),
1716 "gnutls_credentials_set");
1717 }
1718
1719end:
1720 free(name);
1721 return ret;
1722
1723fail:
1724 return ret;
1725}
1726#endif /* COAP_SERVER_SUPPORT */
1727
1728#if COAP_CLIENT_SUPPORT
1729/*
1730 * return 0 Success (GNUTLS_E_SUCCESS)
1731 * neg GNUTLS_E_* error code
1732 */
1733static int
1734setup_client_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1735 coap_gnutls_context_t *g_context =
1736 (coap_gnutls_context_t *)c_session->context->dtls_context;
1737 int ret;
1738
1739 g_context->psk_pki_enabled |= IS_CLIENT;
1740 if (g_context->psk_pki_enabled & IS_PSK) {
1741 coap_dtls_cpsk_t *setup_data = &c_session->cpsk_setup_data;
1742 G_CHECK(gnutls_psk_allocate_client_credentials(&g_env->psk_cl_credentials),
1743 "gnutls_psk_allocate_client_credentials");
1744 gnutls_psk_set_client_credentials_function(g_env->psk_cl_credentials,
1745 psk_client_callback);
1746 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1747 g_env->psk_cl_credentials),
1748 "gnutls_credentials_set");
1749 /* Issue SNI if requested */
1750 if (setup_data->client_sni) {
1751 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1752 setup_data->client_sni,
1753 strlen(setup_data->client_sni)),
1754 "gnutls_server_name_set");
1755 }
1756 if (setup_data->validate_ih_call_back) {
1757 const char *err;
1759
1760 if (tls_version->version >= 0x030604) {
1761 /* Disable TLS1.3 if Identity Hint Callback set */
1762 const char *priority;
1763
1764 if (tls_version->version >= 0x030606) {
1765 priority = VARIANTS_NO_TLS13_3_6_6;
1766 } else {
1767 priority = VARIANTS_NO_TLS13_3_6_4;
1768 }
1769 ret = gnutls_priority_set_direct(g_env->g_session,
1770 priority, &err);
1771 if (ret < 0) {
1772 if (ret == GNUTLS_E_INVALID_REQUEST)
1773 coap_log_warn("gnutls_priority_set_direct: Syntax error at: %s\n", err);
1774 else
1775 coap_log_warn("gnutls_priority_set_direct: %s\n", gnutls_strerror(ret));
1776 goto fail;
1777 }
1778 }
1779 }
1780 }
1781
1782 if ((g_context->psk_pki_enabled & IS_PKI) ||
1783 (g_context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
1784 /*
1785 * If neither PSK or PKI have been set up, use PKI basics.
1786 * This works providing COAP_PKI_KEY_PEM has a value of 0.
1787 */
1788 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1789 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1790 g_context, setup_data,
1792 "setup_pki_credentials");
1793
1794 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1795 g_env->pki_credentials),
1796 "gnutls_credentials_set");
1797
1798 if (c_session->proto == COAP_PROTO_TLS)
1799 G_CHECK(gnutls_alpn_set_protocols(g_env->g_session,
1800 &g_context->alpn_proto, 1, 0),
1801 "gnutls_alpn_set_protocols");
1802
1803 /* Issue SNI if requested (only happens if PKI defined) */
1804 if (setup_data->client_sni) {
1805 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1806 setup_data->client_sni,
1807 strlen(setup_data->client_sni)),
1808 "gnutls_server_name_set");
1809 }
1810 }
1811 return GNUTLS_E_SUCCESS;
1812
1813fail:
1814 return ret;
1815}
1816#endif /* COAP_CLIENT_SUPPORT */
1817
1818#if COAP_SERVER_SUPPORT
1819/*
1820 * gnutls_psk_server_credentials_function return values
1821 * (see gnutls_psk_set_server_credentials_function())
1822 *
1823 * return -1 failed
1824 * 0 passed
1825 */
1826static int
1827psk_server_callback(gnutls_session_t g_session,
1828 const char *identity,
1829 gnutls_datum_t *key) {
1830 coap_session_t *c_session =
1831 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1832 coap_gnutls_context_t *g_context;
1833 coap_dtls_spsk_t *setup_data;
1834 coap_bin_const_t lidentity;
1835 const coap_bin_const_t *psk_key;
1836
1837 if (c_session == NULL)
1838 return -1;
1839
1840 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
1841 if (g_context == NULL)
1842 return -1;
1843 setup_data = &c_session->context->spsk_setup_data;
1844
1845
1846 /* Track the Identity being used */
1847 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
1848 lidentity.length = strlen((const char *)lidentity.s);
1849 coap_session_refresh_psk_identity(c_session, &lidentity);
1850
1851 coap_log_debug("got psk_identity: '%.*s'\n",
1852 (int)lidentity.length, (const char *)lidentity.s);
1853
1854 if (setup_data->validate_id_call_back) {
1855 psk_key = setup_data->validate_id_call_back(&lidentity,
1856 c_session,
1857 setup_data->id_call_back_arg);
1858
1859 coap_session_refresh_psk_key(c_session, psk_key);
1860 } else {
1861 psk_key = coap_get_session_server_psk_key(c_session);
1862 }
1863
1864 if (psk_key == NULL)
1865 return -1;
1866
1867 key->data = gnutls_malloc(psk_key->length);
1868 if (key->data == NULL)
1869 return -1;
1870 memcpy(key->data, psk_key->s, psk_key->length);
1871 key->size = psk_key->length;
1872 return 0;
1873}
1874
1875/*
1876 * return 0 Success (GNUTLS_E_SUCCESS)
1877 * neg GNUTLS_E_* error code
1878 */
1879static int
1880setup_server_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1881 coap_gnutls_context_t *g_context =
1882 (coap_gnutls_context_t *)c_session->context->dtls_context;
1883 int ret = GNUTLS_E_SUCCESS;
1884
1885 g_context->psk_pki_enabled |= IS_SERVER;
1886 if (g_context->psk_pki_enabled & IS_PSK) {
1887 G_CHECK(setup_psk_credentials(
1888 &g_env->psk_sv_credentials,
1889 g_context,
1890 &c_session->context->spsk_setup_data),
1891 "setup_psk_credentials\n");
1892 G_CHECK(gnutls_credentials_set(g_env->g_session,
1893 GNUTLS_CRD_PSK,
1894 g_env->psk_sv_credentials),
1895 "gnutls_credentials_set\n");
1896 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1897 post_client_hello_gnutls_psk);
1898 }
1899
1900 if (g_context->psk_pki_enabled & IS_PKI) {
1901 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1902 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1903 g_context, setup_data,
1905 "setup_pki_credentials");
1906
1907 if (setup_data->verify_peer_cert) {
1908 gnutls_certificate_server_set_request(g_env->g_session,
1909 GNUTLS_CERT_REQUIRE);
1910 } else if (setup_data->is_rpk_not_cert) {
1911 gnutls_certificate_server_set_request(g_env->g_session,
1912 GNUTLS_CERT_REQUEST);
1913 } else {
1914 gnutls_certificate_server_set_request(g_env->g_session,
1915 GNUTLS_CERT_IGNORE);
1916 }
1917
1918 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1919 post_client_hello_gnutls_pki);
1920
1921 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1922 g_env->pki_credentials),
1923 "gnutls_credentials_set\n");
1924 }
1925 return GNUTLS_E_SUCCESS;
1926
1927fail:
1928 return ret;
1929}
1930#endif /* COAP_SERVER_SUPPORT */
1931
1932/*
1933 * return +ve data amount
1934 * 0 no more
1935 * -1 error (error in errno)
1936 */
1937static ssize_t
1938coap_dgram_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
1939 ssize_t ret = 0;
1940 coap_session_t *c_session = (coap_session_t *)context;
1941 coap_ssl_t *data;
1942
1943 if (!c_session->tls) {
1944 errno = EAGAIN;
1945 return -1;
1946 }
1947 data = &((coap_gnutls_env_t *)c_session->tls)->coap_ssl_data;
1948
1949 if (out != NULL) {
1950 if (data != NULL && data->pdu_len > 0) {
1951 if (outl < data->pdu_len) {
1952 memcpy(out, data->pdu, outl);
1953 ret = outl;
1954 if (!data->peekmode) {
1955 data->pdu += outl;
1956 data->pdu_len -= outl;
1957 }
1958 } else {
1959 memcpy(out, data->pdu, data->pdu_len);
1960 ret = data->pdu_len;
1961 if (!data->peekmode) {
1962 data->pdu_len = 0;
1963 data->pdu = NULL;
1964 }
1965 }
1966 } else {
1967 errno = EAGAIN;
1968 ret = -1;
1969 }
1970 }
1971 return ret;
1972}
1973
1974/*
1975 * return +ve data amount
1976 * 0 no more
1977 * -1 error (error in errno)
1978 */
1979/* callback function given to gnutls for sending data over socket */
1980static ssize_t
1981coap_dgram_write(gnutls_transport_ptr_t context, const void *send_buffer,
1982 size_t send_buffer_length) {
1983 ssize_t result = -1;
1984 coap_session_t *c_session = (coap_session_t *)context;
1985
1986 if (c_session) {
1987 if (!coap_netif_available(c_session)
1988#if COAP_SERVER_SUPPORT
1989 && c_session->endpoint == NULL
1990#endif /* COAP_SERVER_SUPPORT */
1991 ) {
1992 /* socket was closed on client due to error */
1993 errno = ECONNRESET;
1994 return -1;
1995 }
1996 result = c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
1997 send_buffer, send_buffer_length);
1998 if (result != (int)send_buffer_length) {
1999 int keep_errno = errno;
2000
2001 coap_log_warn("coap_netif_dgrm_write failed (%zd != %zu)\n",
2002 result, send_buffer_length);
2003 errno = keep_errno;
2004 if (result < 0) {
2005 return -1;
2006 } else {
2007 result = 0;
2008 }
2009 }
2010 } else {
2011 result = 0;
2012 }
2013 return result;
2014}
2015
2016/*
2017 * return 1 fd has activity
2018 * 0 timeout
2019 * -1 error (error in errno)
2020 */
2021static int
2022receive_timeout(gnutls_transport_ptr_t context, unsigned int ms COAP_UNUSED) {
2023 coap_session_t *c_session = (coap_session_t *)context;
2024
2025 if (c_session) {
2026 fd_set readfds, writefds, exceptfds;
2027 struct timeval tv;
2028 int nfds = c_session->sock.fd +1;
2029 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2030
2031 /* If data has been read in by libcoap ahead of GnuTLS, say it is there */
2032 if (c_session->proto == COAP_PROTO_DTLS && g_env &&
2033 g_env->coap_ssl_data.pdu_len > 0) {
2034 return 1;
2035 }
2036
2037 FD_ZERO(&readfds);
2038 FD_ZERO(&writefds);
2039 FD_ZERO(&exceptfds);
2040 FD_SET(c_session->sock.fd, &readfds);
2041 if (!(g_env && g_env->doing_dtls_timeout)) {
2042 FD_SET(c_session->sock.fd, &writefds);
2043 FD_SET(c_session->sock.fd, &exceptfds);
2044 }
2045 /* Polling */
2046 tv.tv_sec = 0;
2047 tv.tv_usec = 0;
2048
2049 return select(nfds, &readfds, &writefds, &exceptfds, &tv);
2050 }
2051 return 1;
2052}
2053
2054static coap_gnutls_env_t *
2055coap_dtls_new_gnutls_env(coap_session_t *c_session, int type) {
2056 coap_gnutls_context_t *g_context =
2057 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2058 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2059#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2060 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2061#else /* < 3.6.6 */
2062 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK;
2063#endif /* < 3.6.6 */
2064 int ret;
2065
2066 if (g_env)
2067 return g_env;
2068
2069 g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2070 if (!g_env)
2071 return NULL;
2072
2073 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2074
2075 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2076
2077 gnutls_transport_set_pull_function(g_env->g_session, coap_dgram_read);
2078 gnutls_transport_set_push_function(g_env->g_session, coap_dgram_write);
2079 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2080 /* So we can track the coap_session_t in callbacks */
2081 gnutls_transport_set_ptr(g_env->g_session, c_session);
2082
2083 G_CHECK(gnutls_priority_set(g_env->g_session, g_context->priority_cache),
2084 "gnutls_priority_set");
2085
2086 if (type == GNUTLS_SERVER) {
2087#if COAP_SERVER_SUPPORT
2088 G_CHECK(setup_server_ssl_session(c_session, g_env),
2089 "setup_server_ssl_session");
2090#else /* ! COAP_SERVER_SUPPORT */
2091 goto fail;
2092#endif /* ! COAP_SERVER_SUPPORT */
2093 } else {
2094#if COAP_CLIENT_SUPPORT
2095 G_CHECK(setup_client_ssl_session(c_session, g_env),
2096 "setup_client_ssl_session");
2097#else /* COAP_CLIENT_SUPPORT */
2098 goto fail;
2099#endif /* COAP_CLIENT_SUPPORT */
2100 }
2101
2102 gnutls_handshake_set_timeout(g_env->g_session,
2103 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2104 gnutls_dtls_set_timeouts(g_env->g_session, COAP_DTLS_RETRANSMIT_MS,
2105 COAP_DTLS_RETRANSMIT_TOTAL_MS);
2106
2107 return g_env;
2108
2109fail:
2110 if (g_env)
2111 gnutls_free(g_env);
2112 return NULL;
2113}
2114
2115static void
2116coap_dtls_free_gnutls_env(coap_gnutls_context_t *g_context,
2117 coap_gnutls_env_t *g_env,
2118 coap_free_bye_t free_bye) {
2119 if (g_env) {
2120 /* It is suggested not to use GNUTLS_SHUT_RDWR in DTLS
2121 * connections because the peer's closure message might
2122 * be lost */
2123 if (free_bye != COAP_FREE_BYE_NONE && !g_env->sent_alert) {
2124 /* Only do this if appropriate */
2125 gnutls_bye(g_env->g_session, free_bye == COAP_FREE_BYE_AS_UDP ?
2126 GNUTLS_SHUT_WR : GNUTLS_SHUT_RDWR);
2127 }
2128 gnutls_deinit(g_env->g_session);
2129 g_env->g_session = NULL;
2130 if (g_context->psk_pki_enabled & IS_PSK) {
2131 if ((g_context->psk_pki_enabled & IS_CLIENT) &&
2132 g_env->psk_cl_credentials != NULL) {
2133 gnutls_psk_free_client_credentials(g_env->psk_cl_credentials);
2134 g_env->psk_cl_credentials = NULL;
2135 } else {
2136 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
2137 if (g_env->psk_sv_credentials != NULL)
2138 gnutls_psk_free_server_credentials(g_env->psk_sv_credentials);
2139 g_env->psk_sv_credentials = NULL;
2140 }
2141 }
2142 if ((g_context->psk_pki_enabled & IS_PKI) ||
2143 (g_context->psk_pki_enabled &
2144 (IS_PSK | IS_PKI | IS_CLIENT)) == IS_CLIENT) {
2145 gnutls_certificate_free_credentials(g_env->pki_credentials);
2146 g_env->pki_credentials = NULL;
2147 }
2148 gnutls_free(g_env->coap_ssl_data.cookie_key.data);
2149 gnutls_free(g_env);
2150 }
2151}
2152
2153#if COAP_SERVER_SUPPORT
2154void *
2156 coap_gnutls_env_t *g_env =
2157 (coap_gnutls_env_t *)c_session->tls;
2158
2159 gnutls_transport_set_ptr(g_env->g_session, c_session);
2160
2161 return g_env;
2162}
2163#endif /* COAP_SERVER_SUPPORT */
2164
2165static void
2166log_last_alert(coap_session_t *c_session,
2167 gnutls_session_t g_session) {
2168#if COAP_MAX_LOGGING_LEVEL > 0
2169 int last_alert = gnutls_alert_get(g_session);
2170
2171 if (last_alert == GNUTLS_A_CLOSE_NOTIFY)
2172 coap_log_debug("***%s: Alert '%d': %s\n",
2173 coap_session_str(c_session),
2174 last_alert, gnutls_alert_get_name(last_alert));
2175 else
2176 coap_log_warn("***%s: Alert '%d': %s\n",
2177 coap_session_str(c_session),
2178 last_alert, gnutls_alert_get_name(last_alert));
2179#else /* COAP_MAX_LOGGING_LEVEL == 0 */
2180 (void)c_session;
2181 (void)g_session;
2182#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
2183}
2184
2185/*
2186 * return -1 failure
2187 * 0 not completed
2188 * 1 established
2189 */
2190static int
2191do_gnutls_handshake(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
2192 int ret;
2193
2194 ret = gnutls_handshake(g_env->g_session);
2195 switch (ret) {
2196 case GNUTLS_E_SUCCESS:
2197 g_env->established = 1;
2198 coap_log_debug("* %s: GnuTLS established\n",
2199 coap_session_str(c_session));
2200 ret = 1;
2201 break;
2202 case GNUTLS_E_INTERRUPTED:
2203 errno = EINTR;
2204 ret = 0;
2205 break;
2206 case GNUTLS_E_AGAIN:
2207 errno = EAGAIN;
2208 ret = 0;
2209 break;
2210 case GNUTLS_E_INSUFFICIENT_CREDENTIALS:
2211 coap_log_warn("Insufficient credentials provided.\n");
2212 ret = -1;
2213 break;
2214 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2215 /* Stop the sending of an alert on closedown */
2216 g_env->sent_alert = 1;
2217 log_last_alert(c_session, g_env->g_session);
2218 /* Fall through */
2219 case GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET:
2220 case GNUTLS_E_UNEXPECTED_PACKET:
2222 ret = -1;
2223 break;
2224 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2225 log_last_alert(c_session, g_env->g_session);
2226 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2227 ret = 0;
2228 break;
2229 case GNUTLS_E_NO_CERTIFICATE_FOUND:
2230#if (GNUTLS_VERSION_NUMBER > 0x030606)
2231 case GNUTLS_E_CERTIFICATE_REQUIRED:
2232#endif /* GNUTLS_VERSION_NUMBER > 0x030606 */
2233 coap_log_warn("Client Certificate requested and required, but not provided\n"
2234 );
2235 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2236 GNUTLS_A_BAD_CERTIFICATE));
2237 g_env->sent_alert = 1;
2239 ret = -1;
2240 break;
2241 case GNUTLS_E_DECRYPTION_FAILED:
2242 coap_log_warn("do_gnutls_handshake: session establish "
2243 "returned '%s'\n",
2244 gnutls_strerror(ret));
2245 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2246 GNUTLS_A_DECRYPT_ERROR));
2247 g_env->sent_alert = 1;
2249 ret = -1;
2250 break;
2251 case GNUTLS_E_CERTIFICATE_ERROR:
2252 if (g_env->sent_alert) {
2254 ret = -1;
2255 break;
2256 }
2257 /* Fall through */
2258 case GNUTLS_E_UNKNOWN_CIPHER_SUITE:
2259 case GNUTLS_E_NO_CIPHER_SUITES:
2260 case GNUTLS_E_INVALID_SESSION:
2261 coap_log_warn("do_gnutls_handshake: session establish "
2262 "returned '%s'\n",
2263 gnutls_strerror(ret));
2264 if (!g_env->sent_alert) {
2265 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2266 GNUTLS_A_HANDSHAKE_FAILURE));
2267 g_env->sent_alert = 1;
2268 }
2270 ret = -1;
2271 break;
2272 case GNUTLS_E_SESSION_EOF:
2273 case GNUTLS_E_PREMATURE_TERMINATION:
2274 case GNUTLS_E_TIMEDOUT:
2275 case GNUTLS_E_PULL_ERROR:
2276 case GNUTLS_E_PUSH_ERROR:
2278 ret = -1;
2279 break;
2280 default:
2281 coap_log_warn("do_gnutls_handshake: session establish "
2282 "returned %d: '%s'\n",
2283 ret, gnutls_strerror(ret));
2284 ret = -1;
2285 break;
2286 }
2287 return ret;
2288}
2289
2290#if COAP_CLIENT_SUPPORT
2291void *
2293 coap_gnutls_env_t *g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_CLIENT);
2294 int ret;
2295
2296 if (g_env) {
2297 ret = do_gnutls_handshake(c_session, g_env);
2298 if (ret == -1) {
2299 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2300 g_env,
2301 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2302 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2303 return NULL;
2304 }
2305 }
2306 return g_env;
2307}
2308#endif /* COAP_CLIENT_SUPPORT */
2309
2310void
2312 if (c_session && c_session->context && c_session->tls) {
2313 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2314 c_session->tls,
2315 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2316 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2317 c_session->tls = NULL;
2319 }
2320}
2321
2322void
2324 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2325 int ret;
2326
2327 if (g_env)
2328 G_CHECK(gnutls_dtls_set_data_mtu(g_env->g_session,
2329 (unsigned int)c_session->mtu),
2330 "gnutls_dtls_set_data_mtu");
2331fail:
2332 ;;
2333}
2334
2335/*
2336 * return +ve data amount
2337 * 0 no more
2338 * -1 error
2339 */
2340ssize_t
2342 const uint8_t *data, size_t data_len) {
2343 int ret;
2344 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2345
2346 assert(g_env != NULL);
2347
2348 c_session->dtls_event = -1;
2349 coap_log_debug("* %s: dtls: sent %4d bytes\n",
2350 coap_session_str(c_session), (int)data_len);
2351 if (g_env->established) {
2352 ret = gnutls_record_send(g_env->g_session, data, data_len);
2353
2354 if (ret <= 0) {
2355 switch (ret) {
2356 case GNUTLS_E_AGAIN:
2357 ret = 0;
2358 break;
2359 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2360 /* Stop the sending of an alert on closedown */
2361 g_env->sent_alert = 1;
2362 log_last_alert(c_session, g_env->g_session);
2364 ret = -1;
2365 break;
2366 default:
2367 coap_log_debug("coap_dtls_send: gnutls_record_send "
2368 "returned %d: '%s'\n",
2369 ret, gnutls_strerror(ret));
2370 ret = -1;
2371 break;
2372 }
2373 if (ret == -1) {
2374 coap_log_warn("coap_dtls_send: cannot send PDU\n");
2375 }
2376 }
2377 } else {
2378 ret = do_gnutls_handshake(c_session, g_env);
2379 if (ret == 1) {
2380 /* Just connected, so send the data */
2381 return coap_dtls_send(c_session, data, data_len);
2382 }
2383 ret = -1;
2384 }
2385
2386 if (c_session->dtls_event >= 0) {
2387 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2388 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2389 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2391 ret = -1;
2392 }
2393 }
2394
2395 return ret;
2396}
2397
2398int
2400 return 0;
2401}
2402
2404coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED) {
2405 return 0;
2406}
2407
2410 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2411
2412 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2413 if (g_env && g_env->g_session) {
2414 unsigned int rem_ms = gnutls_dtls_get_timeout(g_env->g_session);
2415
2416 if (rem_ms == 0) {
2417 /*
2418 * Need to make sure that we do not do this too frequently as some
2419 * versions of gnutls reset retransmit if a spurious packet is received
2420 * (e.g. duplicate Client Hello), but last_transmit does not get updated
2421 * when gnutls_handshake() is called and there is 'nothing' to resend.
2422 */
2423 if (g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS > now)
2424 return g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS;
2425 }
2426 /* Reset for the next time */
2427 g_env->last_timeout = now;
2428 return now + rem_ms;
2429 }
2430
2431 return 0;
2432}
2433
2434/*
2435 * return 1 timed out
2436 * 0 still timing out
2437 */
2438int
2440 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2441
2442 assert(g_env != NULL && c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2443 g_env->doing_dtls_timeout = 1;
2444 if ((++c_session->dtls_timeout_count > c_session->max_retransmit) ||
2445 (do_gnutls_handshake(c_session, g_env) < 0)) {
2446 /* Too many retries */
2447 g_env->doing_dtls_timeout = 0;
2449 return 1;
2450 } else {
2451 g_env->doing_dtls_timeout = 0;
2452 return 0;
2453 }
2454}
2455
2456/*
2457 * return +ve data amount
2458 * 0 no more
2459 * -1 error
2460 */
2461int
2462coap_dtls_receive(coap_session_t *c_session, const uint8_t *data,
2463 size_t data_len) {
2464 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2465 int ret = 0;
2466 coap_ssl_t *ssl_data = &g_env->coap_ssl_data;
2467
2468 uint8_t pdu[COAP_RXBUFFER_SIZE];
2469
2470 assert(g_env != NULL);
2471
2472 if (ssl_data->pdu_len)
2473 coap_log_err("** %s: Previous data not read %u bytes\n",
2474 coap_session_str(c_session), ssl_data->pdu_len);
2475 ssl_data->pdu = data;
2476 ssl_data->pdu_len = data_len;
2477
2478 c_session->dtls_event = -1;
2479 if (g_env->established) {
2480 if (c_session->state == COAP_SESSION_STATE_HANDSHAKE) {
2482 c_session);
2483 gnutls_transport_set_ptr(g_env->g_session, c_session);
2484 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2485 }
2486 ret = gnutls_record_recv(g_env->g_session, pdu, (int)sizeof(pdu));
2487 if (ret > 0) {
2488 return coap_handle_dgram(c_session->context, c_session, pdu, (size_t)ret);
2489 } else if (ret == 0) {
2491 } else {
2492 switch (ret) {
2493 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2494 /* Stop the sending of an alert on closedown */
2495 g_env->sent_alert = 1;
2496 log_last_alert(c_session, g_env->g_session);
2498 ret = -1;
2499 break;
2500 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2501 log_last_alert(c_session, g_env->g_session);
2502 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2503 ret = 0;
2504 break;
2505 default:
2506 coap_log_warn("coap_dtls_receive: gnutls_record_recv returned %d\n", ret);
2507 ret = -1;
2508 break;
2509 }
2510 }
2511 } else {
2512 ret = do_gnutls_handshake(c_session, g_env);
2513 if (ret == 1) {
2514 coap_session_connected(c_session);
2515 } else {
2516 ret = -1;
2517 if (ssl_data->pdu_len && !g_env->sent_alert) {
2518 /* Do the handshake again incase of internal timeout */
2519 ret = do_gnutls_handshake(c_session, g_env);
2520 if (ret == 1) {
2521 /* Just connected, so send the data */
2522 coap_session_connected(c_session);
2523 }
2524 }
2525 }
2526 }
2527
2528 if (c_session->dtls_event >= 0) {
2529 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2530 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2531 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2532 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2533 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2535 ssl_data = NULL;
2536 ret = -1;
2537 }
2538 }
2539 if (ssl_data && ssl_data->pdu_len) {
2540 /* pdu data is held on stack which will not stay there */
2541 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2542 ssl_data->pdu_len = 0;
2543 ssl_data->pdu = NULL;
2544 }
2545 if (ret > 0) {
2546 coap_log_debug("* %s: dtls: recv %4d bytes\n",
2547 coap_session_str(c_session), ret);
2548 }
2549 return ret;
2550}
2551
2552#if COAP_SERVER_SUPPORT
2553/*
2554 * return -1 failure
2555 * 0 not completed
2556 * 1 client hello seen
2557 */
2558int
2560 const uint8_t *data,
2561 size_t data_len
2562 ) {
2563 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2564 coap_ssl_t *ssl_data;
2565 int ret;
2566
2567 if (!g_env) {
2568 g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_SERVER);
2569 if (g_env) {
2570 c_session->tls = g_env;
2571 gnutls_key_generate(&g_env->coap_ssl_data.cookie_key,
2572 GNUTLS_COOKIE_KEY_SIZE);
2573 } else {
2574 /* error should have already been reported */
2575 return -1;
2576 }
2577 }
2578 if (data_len > 0) {
2579 gnutls_dtls_prestate_st prestate;
2580 uint8_t *data_rw;
2581
2582 memset(&prestate, 0, sizeof(prestate));
2583 /* Need to do this to not get a compiler warning about const parameters */
2584 memcpy(&data_rw, &data, sizeof(data_rw));
2585 ret = gnutls_dtls_cookie_verify(&g_env->coap_ssl_data.cookie_key,
2586 &c_session->addr_info,
2587 sizeof(c_session->addr_info),
2588 data_rw, data_len,
2589 &prestate);
2590 if (ret < 0) { /* cookie not valid */
2591 coap_log_debug("Invalid Cookie - sending Hello Verify\n");
2592 gnutls_dtls_cookie_send(&g_env->coap_ssl_data.cookie_key,
2593 &c_session->addr_info,
2594 sizeof(c_session->addr_info),
2595 &prestate,
2596 c_session,
2597 coap_dgram_write);
2598 return 0;
2599 }
2600 gnutls_dtls_prestate_set(g_env->g_session, &prestate);
2601 }
2602
2603 ssl_data = &g_env->coap_ssl_data;
2604 ssl_data->pdu = data;
2605 ssl_data->pdu_len = data_len;
2606
2607 ret = do_gnutls_handshake(c_session, g_env);
2608 if (ret < 0) {
2609 /*
2610 * as the above failed, need to remove g_env to clean up any
2611 * pollution of the information
2612 */
2613 coap_dtls_free_gnutls_env(((coap_gnutls_context_t *)c_session->context->dtls_context),
2614 g_env, COAP_FREE_BYE_NONE);
2615 c_session->tls = NULL;
2616 ssl_data = NULL;
2617 ret = -1;
2618 } else {
2619 /* Client Hello has been seen */
2620 ret = 1;
2621 }
2622
2623 if (ssl_data && ssl_data->pdu_len) {
2624 /* pdu data is held on stack which will not stay there */
2625 coap_log_debug("coap_dtls_hello: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2626 ssl_data->pdu_len = 0;
2627 ssl_data->pdu = NULL;
2628 }
2629 return ret;
2630}
2631#endif /* COAP_SERVER_SUPPORT */
2632
2633unsigned int
2635 return 37;
2636}
2637
2638#if !COAP_DISABLE_TCP
2639/*
2640 * strm
2641 * return +ve data amount
2642 * 0 connection closed
2643 * -1 error (error in errno)
2644 */
2645static ssize_t
2646coap_sock_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
2647 int ret = 0;
2648 coap_session_t *c_session = (coap_session_t *)context;
2649
2650 if (out != NULL) {
2651 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_read(c_session, out, outl);
2652 /* Translate layer returns into what GnuTLS expects */
2653 if (ret == 0) {
2654 errno = EAGAIN;
2655 ret = -1;
2656 }
2657 }
2658 return ret;
2659}
2660
2661/*
2662 * strm
2663 * return +ve data amount
2664 * 0 no more
2665 * -1 error (error in errno)
2666 */
2667static ssize_t
2668coap_sock_write(gnutls_transport_ptr_t context, const void *in, size_t inl) {
2669 int ret = 0;
2670 coap_session_t *c_session = (coap_session_t *)context;
2671
2672 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session, in, inl);
2673 /* Translate layer what returns into what GnuTLS expects */
2674 if (ret < 0) {
2675 if ((c_session->state == COAP_SESSION_STATE_CSM ||
2676 c_session->state == COAP_SESSION_STATE_HANDSHAKE) &&
2677 (errno == EPIPE || errno == ECONNRESET)) {
2678 /*
2679 * Need to handle a TCP timing window where an agent continues with
2680 * the sending of the next handshake or a CSM.
2681 * However, the peer does not like a certificate and so sends a
2682 * fatal alert and closes the TCP session.
2683 * The sending of the next handshake or CSM may get terminated because
2684 * of the closed TCP session, but there is still an outstanding alert
2685 * to be read in and reported on.
2686 * In this case, pretend that sending the info was fine so that the
2687 * alert can be read (which effectively is what happens with DTLS).
2688 */
2689 ret = inl;
2690 } else {
2691 coap_log_debug("* %s: failed to send %zd bytes (%s) state %d\n",
2692 coap_session_str(c_session), inl, coap_socket_strerror(),
2693 c_session->state);
2694 }
2695 }
2696 if (ret == 0) {
2697 errno = EAGAIN;
2698 ret = -1;
2699 }
2700 return ret;
2701}
2702
2703#if COAP_CLIENT_SUPPORT
2704void *
2706 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2707 coap_gnutls_context_t *g_context =
2708 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2709#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2710 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2711#else /* < 3.6.6 */
2712 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK;
2713#endif /* < 3.6.6 */
2714 int ret;
2715
2716 if (!g_env) {
2717 return NULL;
2718 }
2719 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2720
2721 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2722
2723 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2724 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2725 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2726 /* So we can track the coap_session_t in callbacks */
2727 gnutls_transport_set_ptr(g_env->g_session, c_session);
2728
2729 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2730 setup_client_ssl_session(c_session, g_env);
2731
2732 gnutls_handshake_set_timeout(g_env->g_session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2733
2734 c_session->tls = g_env;
2735 ret = do_gnutls_handshake(c_session, g_env);
2736 if (ret == 1) {
2738 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2739 }
2740 return g_env;
2741
2742fail:
2743 if (g_env)
2744 gnutls_free(g_env);
2745 return NULL;
2746}
2747#endif /* COAP_CLIENT_SUPPORT */
2748
2749#if COAP_SERVER_SUPPORT
2750void *
2752 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2753 coap_gnutls_context_t *g_context =
2754 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2755#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2756 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2757#else /* < 3.6.6 */
2758 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK;
2759#endif /* < 3.6.6 */
2760 int ret;
2761
2762 if (!g_env)
2763 return NULL;
2764 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2765
2766 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2767
2768 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2769 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2770 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2771 /* So we can track the coap_session_t in callbacks */
2772 gnutls_transport_set_ptr(g_env->g_session, c_session);
2773
2774 setup_server_ssl_session(c_session, g_env);
2775
2776 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2777 gnutls_handshake_set_timeout(g_env->g_session,
2778 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2779
2780 c_session->tls = g_env;
2781 ret = do_gnutls_handshake(c_session, g_env);
2782 if (ret == 1) {
2784 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2785 }
2786 return g_env;
2787
2788fail:
2789 return NULL;
2790}
2791#endif /* COAP_SERVER_SUPPORT */
2792
2793void
2795 coap_dtls_free_session(c_session);
2796 return;
2797}
2798
2799/*
2800 * strm
2801 * return +ve Number of bytes written.
2802 * -1 Error (error in errno).
2803 */
2804ssize_t
2805coap_tls_write(coap_session_t *c_session, const uint8_t *data,
2806 size_t data_len) {
2807 int ret;
2808 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2809
2810 assert(g_env != NULL);
2811
2812 c_session->dtls_event = -1;
2813 if (g_env->established) {
2814 ret = gnutls_record_send(g_env->g_session, data, data_len);
2815
2816 if (ret <= 0) {
2817 switch (ret) {
2818 case GNUTLS_E_AGAIN:
2819 ret = 0;
2820 break;
2821 case GNUTLS_E_PUSH_ERROR:
2822 case GNUTLS_E_PULL_ERROR:
2823 case GNUTLS_E_PREMATURE_TERMINATION:
2825 break;
2826 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2827 /* Stop the sending of an alert on closedown */
2828 g_env->sent_alert = 1;
2829 log_last_alert(c_session, g_env->g_session);
2831 break;
2832 default:
2833 coap_log_warn("coap_tls_write: gnutls_record_send "
2834 "returned %d: '%s'\n",
2835 ret, gnutls_strerror(ret));
2836 ret = -1;
2837 break;
2838 }
2839 if (ret == -1) {
2840 coap_log_info("coap_tls_write: cannot send PDU\n");
2841 }
2842 }
2843 } else {
2844 ret = do_gnutls_handshake(c_session, g_env);
2845 if (ret == 1) {
2847 c_session);
2848 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2849 ret = 0;
2850 } else {
2851 ret = -1;
2852 }
2853 }
2854
2855 if (c_session->dtls_event >= 0) {
2856 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2857 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2858 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2859 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2860 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2862 ret = -1;
2863 }
2864 }
2865
2866 if (ret > 0) {
2867 if (ret == (ssize_t)data_len)
2868 coap_log_debug("* %s: tls: sent %4d bytes\n",
2869 coap_session_str(c_session), ret);
2870 else
2871 coap_log_debug("* %s: tls: sent %4d of %4zd bytes\n",
2872 coap_session_str(c_session), ret, data_len);
2873 }
2874 return ret;
2875}
2876
2877/*
2878 * strm
2879 * return >=0 Number of bytes read.
2880 * -1 Error (error in errno).
2881 */
2882ssize_t
2883coap_tls_read(coap_session_t *c_session, uint8_t *data, size_t data_len) {
2884 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2885 int ret = -1;
2886
2887 if (!g_env) {
2888 errno = ENXIO;
2889 return -1;
2890 }
2891
2892 c_session->dtls_event = -1;
2893 if (!g_env->established && !g_env->sent_alert) {
2894 ret = do_gnutls_handshake(c_session, g_env);
2895 if (ret == 1) {
2897 c_session);
2898 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2899 ret = 0;
2900 }
2901 }
2902 if (c_session->state != COAP_SESSION_STATE_NONE && g_env->established) {
2903 ret = gnutls_record_recv(g_env->g_session, data, (int)data_len);
2904 if (ret <= 0) {
2905 switch (ret) {
2906 case 0:
2908 break;
2909 case GNUTLS_E_AGAIN:
2910 errno = EAGAIN;
2911 ret = 0;
2912 break;
2913 case GNUTLS_E_PULL_ERROR:
2914 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2915 break;
2916 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2917 /* Stop the sending of an alert on closedown */
2918 g_env->sent_alert = 1;
2919 log_last_alert(c_session, g_env->g_session);
2921 break;
2922 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2923 log_last_alert(c_session, g_env->g_session);
2924 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2925 break;
2926 default:
2927 coap_log_warn("coap_tls_read: gnutls_record_recv "
2928 "returned %d: '%s'\n",
2929 ret, gnutls_strerror(ret));
2930 ret = -1;
2931 break;
2932 }
2933 }
2934 }
2935
2936 if (c_session->dtls_event >= 0) {
2937 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2938 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2939 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2940 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2941 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2943 ret = -1;
2944 }
2945 }
2946 if (ret > 0) {
2947 coap_log_debug("* %s: tls: recv %4d bytes\n",
2948 coap_session_str(c_session), ret);
2949 }
2950 return ret;
2951}
2952#endif /* !COAP_DISABLE_TCP */
2953
2954#if COAP_SERVER_SUPPORT
2956coap_digest_setup(void) {
2957 gnutls_hash_hd_t digest_ctx;
2958
2959 if (gnutls_hash_init(&digest_ctx, GNUTLS_DIG_SHA256)) {
2960 return NULL;
2961 }
2962 return digest_ctx;
2963}
2964
2965void
2967 if (digest_ctx)
2968 gnutls_hash_deinit(digest_ctx, NULL);
2969}
2970
2971int
2973 const uint8_t *data,
2974 size_t data_len) {
2975 int ret = gnutls_hash(digest_ctx, data, data_len);
2976
2977 return ret == 0;
2978}
2979
2980int
2982 coap_digest_t *digest_buffer) {
2983 gnutls_hash_output(digest_ctx, (uint8_t *)digest_buffer);
2984
2985 coap_digest_free(digest_ctx);
2986 return 1;
2987}
2988#endif /* COAP_SERVER_SUPPORT */
2989
2990#if COAP_WS_SUPPORT
2991/*
2992 * The struct hash_algs and the function get_hash_alg() are used to
2993 * determine which hash type to use for creating the required hash object.
2994 */
2995static struct hash_algs {
2996 cose_alg_t alg;
2997 gnutls_digest_algorithm_t dig_type;
2998 size_t dig_size;
2999} hashs[] = {
3000 {COSE_ALGORITHM_SHA_1, GNUTLS_DIG_SHA1, 20},
3001 {COSE_ALGORITHM_SHA_256_256, GNUTLS_DIG_SHA256, 32},
3002 {COSE_ALGORITHM_SHA_512, GNUTLS_DIG_SHA512, 64},
3003};
3004
3005static gnutls_digest_algorithm_t
3006get_hash_alg(cose_alg_t alg, size_t *hash_len) {
3007 size_t idx;
3008
3009 for (idx = 0; idx < sizeof(hashs) / sizeof(struct hash_algs); idx++) {
3010 if (hashs[idx].alg == alg) {
3011 *hash_len = hashs[idx].dig_size;
3012 return hashs[idx].dig_type;
3013 }
3014 }
3015 coap_log_debug("get_hash_alg: COSE hash %d not supported\n", alg);
3016 return GNUTLS_DIG_UNKNOWN;
3017}
3018
3019int
3021 const coap_bin_const_t *data,
3022 coap_bin_const_t **hash) {
3023 size_t hash_length;
3024 gnutls_digest_algorithm_t dig_type = get_hash_alg(alg, &hash_length);
3025 gnutls_hash_hd_t digest_ctx;
3026 coap_binary_t *dummy = NULL;
3027 int ret;
3028
3029 if (dig_type == GNUTLS_DIG_UNKNOWN) {
3030 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
3031 return 0;
3032 }
3033
3034 if (gnutls_hash_init(&digest_ctx, dig_type)) {
3035 return 0;
3036 }
3037 ret = gnutls_hash(digest_ctx, data->s, data->length);
3038 if (ret != 0)
3039 goto error;
3040
3041 dummy = coap_new_binary(hash_length);
3042 if (!dummy)
3043 goto error;
3044 gnutls_hash_output(digest_ctx, dummy->s);
3045
3046 *hash = (coap_bin_const_t *)(dummy);
3047 gnutls_hash_deinit(digest_ctx, NULL);
3048 return 1;
3049
3050error:
3052 gnutls_hash_deinit(digest_ctx, NULL);
3053 return 0;
3054}
3055#endif /* COAP_WS_SUPPORT */
3056
3057#if COAP_OSCORE_SUPPORT
3058int
3060 return 1;
3061}
3062
3063/*
3064 * The struct cipher_algs and the function get_cipher_alg() are used to
3065 * determine which cipher type to use for creating the required cipher
3066 * suite object.
3067 */
3068static struct cipher_algs {
3069 cose_alg_t alg;
3070 gnutls_cipher_algorithm_t cipher_type;
3071} ciphers[] = {{COSE_ALGORITHM_AES_CCM_16_64_128, GNUTLS_CIPHER_AES_128_CCM_8},
3072 {COSE_ALGORITHM_AES_CCM_16_64_256, GNUTLS_CIPHER_AES_256_CCM_8}
3073};
3074
3075static gnutls_cipher_algorithm_t
3076get_cipher_alg(cose_alg_t alg) {
3077 size_t idx;
3078
3079 for (idx = 0; idx < sizeof(ciphers) / sizeof(struct cipher_algs); idx++) {
3080 if (ciphers[idx].alg == alg)
3081 return ciphers[idx].cipher_type;
3082 }
3083 coap_log_debug("get_cipher_alg: COSE cipher %d not supported\n", alg);
3084 return 0;
3085}
3086
3087/*
3088 * The struct hmac_algs and the function get_hmac_alg() are used to
3089 * determine which hmac type to use for creating the required hmac
3090 * suite object.
3091 */
3092static struct hmac_algs {
3093 cose_hmac_alg_t hmac_alg;
3094 gnutls_mac_algorithm_t hmac_type;
3095} hmacs[] = {
3096 {COSE_HMAC_ALG_HMAC256_256, GNUTLS_MAC_SHA256},
3097 {COSE_HMAC_ALG_HMAC512_512, GNUTLS_MAC_SHA512},
3098};
3099
3100static gnutls_mac_algorithm_t
3101get_hmac_alg(cose_hmac_alg_t hmac_alg) {
3102 size_t idx;
3103
3104 for (idx = 0; idx < sizeof(hmacs) / sizeof(struct hmac_algs); idx++) {
3105 if (hmacs[idx].hmac_alg == hmac_alg)
3106 return hmacs[idx].hmac_type;
3107 }
3108 coap_log_debug("get_hmac_alg: COSE HMAC %d not supported\n", hmac_alg);
3109 return 0;
3110}
3111
3112int
3114 return get_cipher_alg(alg);
3115}
3116
3117int
3119 cose_hmac_alg_t hmac_alg;
3120
3121 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
3122 return 0;
3123 return get_hmac_alg(hmac_alg);
3124}
3125
3126int
3128 coap_bin_const_t *data,
3129 coap_bin_const_t *aad,
3130 uint8_t *result,
3131 size_t *max_result_len) {
3132 gnutls_aead_cipher_hd_t ctx;
3133 gnutls_datum_t key;
3134 const coap_crypto_aes_ccm_t *ccm;
3135 int ret = 0;
3136 size_t result_len = *max_result_len;
3137 gnutls_cipher_algorithm_t algo;
3138 unsigned tag_size;
3139 uint8_t *key_data_rw;
3140 coap_bin_const_t laad;
3141
3142 if (data == NULL)
3143 return 0;
3144
3145 assert(params != NULL);
3146 if (!params) {
3147 return 0;
3148 }
3149 if ((algo = get_cipher_alg(params->alg)) == 0) {
3150 coap_log_debug("coap_crypto_encrypt: algorithm %d not supported\n",
3151 params->alg);
3152 return 0;
3153 }
3154 tag_size = gnutls_cipher_get_tag_size(algo);
3155 ccm = &params->params.aes;
3156
3157 /* Get a RW copy of data */
3158 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3159 key.data = key_data_rw;
3160 key.size = ccm->key.length;
3161
3162 if (aad) {
3163 laad = *aad;
3164 } else {
3165 laad.s = NULL;
3166 laad.length = 0;
3167 }
3168
3169 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3170
3171 G_CHECK(gnutls_aead_cipher_encrypt(ctx,
3172 ccm->nonce,
3173 15 - ccm->l, /* iv */
3174 laad.s,
3175 laad.length, /* ad */
3176 tag_size,
3177 data->s,
3178 data->length, /* input */
3179 result,
3180 &result_len), /* output */
3181 "gnutls_aead_cipher_encrypt");
3182 *max_result_len = result_len;
3183 ret = 1;
3184fail:
3185 gnutls_aead_cipher_deinit(ctx);
3186 return ret == 1 ? 1 : 0;
3187}
3188
3189int
3191 coap_bin_const_t *data,
3192 coap_bin_const_t *aad,
3193 uint8_t *result,
3194 size_t *max_result_len) {
3195 gnutls_aead_cipher_hd_t ctx;
3196 gnutls_datum_t key;
3197 const coap_crypto_aes_ccm_t *ccm;
3198 int ret = 0;
3199 size_t result_len = *max_result_len;
3200 gnutls_cipher_algorithm_t algo;
3201 unsigned tag_size;
3202 uint8_t *key_data_rw;
3203 coap_bin_const_t laad;
3204
3205 if (data == NULL)
3206 return 0;
3207
3208 assert(params != NULL);
3209
3210 if (!params) {
3211 return 0;
3212 }
3213 if ((algo = get_cipher_alg(params->alg)) == 0) {
3214 coap_log_debug("coap_crypto_decrypt: algorithm %d not supported\n",
3215 params->alg);
3216 return 0;
3217 }
3218 tag_size = gnutls_cipher_get_tag_size(algo);
3219 ccm = &params->params.aes;
3220
3221 /* Get a RW copy of data */
3222 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3223 key.data = key_data_rw;
3224 key.size = ccm->key.length;
3225
3226 if (aad) {
3227 laad = *aad;
3228 } else {
3229 laad.s = NULL;
3230 laad.length = 0;
3231 }
3232
3233 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3234
3235 G_CHECK(gnutls_aead_cipher_decrypt(ctx,
3236 ccm->nonce,
3237 15 - ccm->l, /* iv */
3238 laad.s,
3239 laad.length, /* ad */
3240 tag_size,
3241 data->s,
3242 data->length, /* input */
3243 result,
3244 &result_len), /* output */
3245 "gnutls_aead_cipher_decrypt");
3246 *max_result_len = result_len;
3247 ret = 1;
3248fail:
3249 gnutls_aead_cipher_deinit(ctx);
3250 return ret == 1 ? 1 : 0;
3251}
3252
3253int
3255 coap_bin_const_t *key,
3256 coap_bin_const_t *data,
3257 coap_bin_const_t **hmac) {
3258 gnutls_hmac_hd_t ctx;
3259 int ret = 0;
3260 unsigned len;
3261 gnutls_mac_algorithm_t mac_algo;
3262 coap_binary_t *dummy = NULL;
3263
3264 if (data == NULL)
3265 return 0;
3266
3267 if ((mac_algo = get_hmac_alg(hmac_alg)) == 0) {
3268 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
3269 return 0;
3270 }
3271 len = gnutls_hmac_get_len(mac_algo);
3272 if (len == 0)
3273 return 0;
3274
3275 dummy = coap_new_binary(len);
3276 if (dummy == NULL)
3277 return 0;
3278 G_CHECK(gnutls_hmac_init(&ctx, mac_algo, key->s, key->length),
3279 "gnutls_hmac_init");
3280 G_CHECK(gnutls_hmac(ctx, data->s, data->length), "gnutls_hmac");
3281 gnutls_hmac_output(ctx, dummy->s);
3282 *hmac = (coap_bin_const_t *)dummy;
3283 dummy = NULL;
3284 ret = 1;
3285fail:
3287 gnutls_hmac_deinit(ctx, NULL);
3288 return ret == 1 ? 1 : 0;
3289}
3290
3291#endif /* COAP_OSCORE_SUPPORT */
3292
3293#else /* !COAP_WITH_LIBGNUTLS */
3294
3295#ifdef __clang__
3296/* Make compilers happy that do not like empty modules. As this function is
3297 * never used, we ignore -Wunused-function at the end of compiling this file
3298 */
3299#pragma GCC diagnostic ignored "-Wunused-function"
3300#endif
3301static inline void
3302dummy(void) {
3303}
3304
3305#endif /* !COAP_WITH_LIBGNUTLS */
#define min(a, b)
Definition coap_block.c:19
static void dummy(void)
const char * coap_socket_strerror(void)
Definition coap_io.c:2040
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:29
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:66
@ COAP_LAYER_TLS
Library specific build wrapper for coap_internal.h.
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:108
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:224
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:296
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:219
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:238
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:153
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:256
static coap_log_t dtls_log_level
Definition coap_notls.c:146
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:142
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:207
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:284
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:203
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:116
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:233
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:181
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:199
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:176
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:275
coap_binary_t * get_asn1_spki(const uint8_t *data, size_t size)
Abstract SPKI public key from the ASN1.
Definition coap_asn1.c:122
void coap_digest_free(coap_digest_ctx_t *digest_ctx)
Free off coap_digest_ctx_t.
int coap_digest_final(coap_digest_ctx_t *digest_ctx, coap_digest_t *digest_buffer)
Finalize the coap_digest information into the provided digest_buffer.
int coap_digest_update(coap_digest_ctx_t *digest_ctx, const uint8_t *data, size_t data_len)
Update the coap_digest information with the next chunk of data.
void coap_digest_ctx_t
coap_digest_ctx_t * coap_digest_setup(void)
Initialize a coap_digest.
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:143
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:4496
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:2633
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
void * coap_tls_new_server_session(coap_session_t *coap_session)
Create a TLS new server-side session.
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *coap_session)
Get the current client's PSK identity.
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:149
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
void * coap_dtls_new_client_session(coap_session_t *coap_session)
Create a new client-side session.
void * coap_dtls_new_server_session(coap_session_t *coap_session)
Create a new DTLS server-side session.
int coap_dtls_hello(coap_session_t *coap_session, const uint8_t *data, size_t data_len)
Handling client HELLO messages from a new candiate peer.
int coap_dtls_set_cid_tuple_change(coap_context_t *context, uint8_t every)
Set the Connection ID client tuple frequency change for testing CIDs.
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:214
int coap_dtls_context_set_cpsk(coap_context_t *coap_context, coap_dtls_cpsk_t *setup_data)
Set the DTLS context's default client PSK information.
int coap_dtls_context_set_spsk(coap_context_t *coap_context, coap_dtls_spsk_t *setup_data)
Set the DTLS context's default server PSK information.
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:161
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
void * coap_tls_new_client_session(coap_session_t *coap_session)
Create a new TLS client-side session.
#define COAP_DTLS_RETRANSMIT_COAP_TICKS
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
@ COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_BAD
#define COAP_DTLS_HINT_LENGTH
Definition coap_dtls.h:35
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:100
coap_dtls_role_t
Definition coap_dtls.h:44
#define COAP_DTLS_RPK_CERT_CN
Definition coap_dtls.h:49
coap_tls_library_t
Definition coap_dtls.h:70
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:245
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:242
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:236
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:234
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:251
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:238
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:240
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:248
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:46
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:45
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:172
@ COAP_TLS_LIBRARY_GNUTLS
Using GnuTLS library.
Definition coap_dtls.h:74
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:39
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:41
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:45
#define coap_lock_callback_ret(r, c, func)
Dummy for no thread-safe code.
#define coap_log_debug(...)
Definition coap_debug.h:120
coap_log_t
Logging type.
Definition coap_debug.h:50
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:171
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:300
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:166
const char * coap_session_str(const coap_session_t *session)
Get session description.
#define coap_log_info(...)
Definition coap_debug.h:108
#define coap_log_warn(...)
Definition coap_debug.h:102
#define coap_log_err(...)
Definition coap_debug.h:96
@ COAP_LOG_EMERG
Definition coap_debug.h:51
@ COAP_LOG_DEBUG
Definition coap_debug.h:58
@ COAP_LOG_WARN
Definition coap_debug.h:55
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
cose_hkdf_alg_t
cose_hmac_alg_t
cose_alg_t
@ COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC512_512
@ COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_AES_CCM_16_64_256
@ COAP_PROTO_DTLS
Definition coap_pdu.h:315
@ COAP_PROTO_TLS
Definition coap_pdu.h:317
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
void coap_session_connected(coap_session_t *session)
Notify session that it has just connected or reconnected.
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
#define COAP_PROTO_NOT_RELIABLE(p)
@ COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_NONE
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:77
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
Definition coap_str.c:105
int coap_dtls_cid_is_supported(void)
Check whether (D)TLS CID is available.
Definition coap_notls.c:86
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
#define COAP_UNUSED
Definition libcoap.h:70
CoAP binary data definition with const data.
Definition coap_str.h:64
size_t length
length of binary data
Definition coap_str.h:65
const uint8_t * s
read-only binary data
Definition coap_str.h:66
CoAP binary data definition.
Definition coap_str.h:56
size_t length
length of binary data
Definition coap_str.h:57
uint8_t * s
binary data
Definition coap_str.h:58
The CoAP stack's global state is stored in a coap_context_t object.
coap_dtls_spsk_t spsk_setup_data
Contains the initial PSK server setup data.
The structure that holds the AES Crypto information.
size_t l
The number of bytes in the length field.
const uint8_t * nonce
must be exactly 15 - l bytes
coap_crypto_key_t key
The Key to use.
The common structure that holds the Crypto information.
union coap_crypto_param_t::@2 params
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
cose_alg_t alg
The COSE algorith to use.
The structure that holds the Client PSK information.
Definition coap_dtls.h:379
coap_bin_const_t key
Definition coap_dtls.h:381
coap_bin_const_t identity
Definition coap_dtls.h:380
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:410
uint8_t use_cid
Set to 1 if DTLS Connection ID is to be used.
Definition coap_dtls.h:417
void * ih_call_back_arg
Passed in to the Identity Hint callback function.
Definition coap_dtls.h:434
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:437
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:433
uint8_t ec_jpake
Set to COAP_DTLS_CPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:415
The structure that holds the PKI key information.
Definition coap_dtls.h:279
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:286
union coap_dtls_key_t::@3 key
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:280
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:312
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:323
uint8_t use_cid
1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
Definition coap_dtls.h:333
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:325
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:324
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:317
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:368
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:330
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:318
coap_dtls_key_t pki_key
PKI key definition.
Definition coap_dtls.h:373
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:450
coap_bin_const_t hint
Definition coap_dtls.h:451
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:501
coap_dtls_psk_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:530
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:522
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:523
uint8_t ec_jpake
Set to COAP_DTLS_SPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:506
void * sni_call_back_arg
Passed in to the SNI callback function.
Definition coap_dtls.h:531
coap_dtls_spsk_info_t psk_info
Server PSK definition.
Definition coap_dtls.h:533
coap_layer_read_t l_read
coap_layer_write_t l_write
coap_layer_establish_t l_establish
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:261
const char * user_pin
define: User pin to access type PKCS11.
Definition coap_dtls.h:271
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:262
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:260
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:264
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:263
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:268
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:265
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:266
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:267
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
unsigned int dtls_timeout_count
dtls setup retry counter
coap_endpoint_t * endpoint
session's endpoint
coap_socket_t sock
socket object for the session, if any
coap_session_state_t state
current state of relationship with peer
coap_addr_tuple_t addr_info
remote/local address info
coap_proto_t proto
protocol used
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
size_t mtu
path or CSM mtu (xmt)
int dtls_event
Tracking any (D)TLS events on this session.
void * tls
security parameters
uint16_t max_retransmit
maximum re-transmit count (default 4)
coap_context_t * context
session's context
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
CoAP string data definition with const data.
Definition coap_str.h:46
const uint8_t * s
read-only string data
Definition coap_str.h:48
size_t length
length of string
Definition coap_str.h:47
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:83
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:86
coap_tls_library_t type
Library type.
Definition coap_dtls.h:85
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:84
const char * s_byte
signed char ptr
Definition coap_str.h:73
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:74