libcoap 4.3.5-develop-72978e9
Loading...
Searching...
No Matches
coap_mbedtls.c
Go to the documentation of this file.
1/*
2 * coap_mbedtls.c -- Mbed TLS Datagram Transport Layer Support for libcoap
3 *
4 * Copyright (C) 2019-2026 Jon Shallow <supjps-libcoap@jpshallow.com>
5 * 2019 Jitin George <jitin@espressif.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
17
18/*
19 * Naming used to prevent confusion between coap sessions, mbedtls sessions etc.
20 * when reading the code.
21 *
22 * c_context A coap_context_t *
23 * c_session A coap_session_t *
24 * m_context A coap_mbedtls_context_t * (held in c_context->dtls_context)
25 * m_env A coap_mbedtls_env_t * (held in c_session->tls)
26 */
27
28/*
29 * Notes
30 *
31 * Version 3.2.0 or later is needed to provide Connection ID support (RFC9146).
32 *
33 */
34
36
37#if COAP_WITH_LIBMBEDTLS || COAP_WITH_LIBMBEDTLS_OSCORE
38
39/*
40 * This code can be conditionally compiled to remove some components if
41 * they are not required to make a lighter footprint - all based on how
42 * the mbedtls library has been built. These are not defined within the
43 * libcoap environment.
44 *
45 * MBEDTLS_SSL_SRV_C - defined for server side functionality
46 * MBEDTLS_SSL_CLI_C - defined for client side functionality
47 * MBEDTLS_SSL_PROTO_DTLS - defined for DTLS support
48 * MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED - defined if PSK is to be supported
49 * or MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED - defined if PSK is to be supported
50 *
51 */
52
53#include <mbedtls/version.h>
54
55/* Keep forward-compatibility with Mbed TLS 3.x */
56#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
57#define MBEDTLS_2_X_COMPAT
58#else /* !(MBEDTLS_VERSION_NUMBER < 0x03000000) */
59/* Macro wrapper for struct's private members */
60#ifndef MBEDTLS_ALLOW_PRIVATE_ACCESS
61#define MBEDTLS_ALLOW_PRIVATE_ACCESS
62#endif /* MBEDTLS_ALLOW_PRIVATE_ACCESS */
63#endif /* !(MBEDTLS_VERSION_NUMBER < 0x03000000) */
64
65#include <mbedtls/platform.h>
66#include <mbedtls/net_sockets.h>
67#include <mbedtls/ssl.h>
68#include <mbedtls/version.h>
69
70/* Auto-detect mbedTLS 4.x which requires PSA Crypto APIs */
71#if MBEDTLS_VERSION_NUMBER >= 0x04000000
72#define COAP_USE_PSA_CRYPTO 1
73#else
74#define COAP_USE_PSA_CRYPTO 0
75#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
76
77#if COAP_USE_PSA_CRYPTO
78#include <psa/crypto.h>
79#else
80#include <mbedtls/entropy.h>
81#include <mbedtls/ctr_drbg.h>
82#include <mbedtls/sha256.h>
83#include <mbedtls/md.h>
84#include <mbedtls/cipher.h>
85#endif /* COAP_USE_PSA_CRYPTO */
86
87#include <mbedtls/error.h>
88#include <mbedtls/timing.h>
89#include <mbedtls/ssl_cookie.h>
90#include <mbedtls/oid.h>
91#include <mbedtls/debug.h>
92#if defined(ESPIDF_VERSION) && defined(CONFIG_MBEDTLS_DEBUG)
93#include <mbedtls/esp_debug.h>
94#endif /* ESPIDF_VERSION && CONFIG_MBEDTLS_DEBUG */
95#if !COAP_USE_PSA_CRYPTO && defined(MBEDTLS_PSA_CRYPTO_C)
96#include <psa/crypto.h>
97#endif /* !COAP_USE_PSA_CRYPTO && MBEDTLS_PSA_CRYPTO_C */
98
99/*
100 * Crypto abstraction types for mbedTLS version compatibility
101 */
102#if COAP_USE_PSA_CRYPTO
103typedef psa_hash_operation_t coap_crypto_sha256_ctx_t;
104typedef psa_algorithm_t coap_crypto_md_type_t;
105
106#define COAP_CRYPTO_MD_SHA1 PSA_ALG_SHA_1
107#define COAP_CRYPTO_MD_SHA256 PSA_ALG_SHA_256
108#define COAP_CRYPTO_MD_SHA384 PSA_ALG_SHA_384
109#define COAP_CRYPTO_MD_SHA512 PSA_ALG_SHA_512
110#define COAP_CRYPTO_MD_NONE PSA_ALG_NONE
111
112#else /* !COAP_USE_PSA_CRYPTO */
113typedef mbedtls_sha256_context coap_crypto_sha256_ctx_t;
114typedef mbedtls_md_type_t coap_crypto_md_type_t;
115
116#define COAP_CRYPTO_MD_SHA1 MBEDTLS_MD_SHA1
117#define COAP_CRYPTO_MD_SHA256 MBEDTLS_MD_SHA256
118#define COAP_CRYPTO_MD_SHA384 MBEDTLS_MD_SHA384
119#define COAP_CRYPTO_MD_SHA512 MBEDTLS_MD_SHA512
120#define COAP_CRYPTO_MD_NONE MBEDTLS_MD_NONE
121#endif /* !COAP_USE_PSA_CRYPTO */
122
125 static coap_tls_version_t version;
126 version.version = mbedtls_version_get_number();
127 version.built_version = MBEDTLS_VERSION_NUMBER;
129 return &version;
130}
131
132#if COAP_WITH_LIBMBEDTLS_OSCORE
133void
134coap_dtls_startup(void) {
135#if COAP_USE_PSA_CRYPTO || defined(MBEDTLS_PSA_CRYPTO_C)
136 psa_crypto_init();
137#endif /* COAP_USE_PSA_CRYPTO || MBEDTLS_PSA_CRYPTO_C */
138}
139
140void
141coap_dtls_shutdown(void) {
143#if COAP_USE_PSA_CRYPTO || defined(MBEDTLS_PSA_CRYPTO_C)
144 mbedtls_psa_crypto_free();
145#endif /* COAP_USE_PSA_CRYPTO || MBEDTLS_PSA_CRYPTO_C */
146}
147
148#endif /* COAP_WITH_LIBMBEDTLS_OSCORE */
149
150void
152}
153
154#ifdef _WIN32
155#include <stdlib.h>
156#include <string.h>
157#endif /* _WIN32 */
158
159/*
160 * Default mbedTLS helpers in this file to the C library heap. Zephyr can set
161 * mbedtls_malloc / mbedtls_realloc / mbedtls_free via zephyr/CMakeLists.txt.
162 */
163
164#ifndef mbedtls_malloc
165#define mbedtls_malloc(a) malloc(a)
166#endif
167#ifndef mbedtls_realloc
168#define mbedtls_realloc(a, b) realloc((a), (b))
169#endif
170#ifndef mbedtls_free
171#define mbedtls_free(a) free(a)
172#endif
173
174#if ! COAP_WITH_LIBMBEDTLS_OSCORE
175static char *
176coap_mbedtls_strdup_alloc(const char *s) {
177 size_t len;
178 char *copy;
179
180 if (!s) {
181 return NULL;
182 }
183 len = strlen(s) + 1;
184 copy = (char *)mbedtls_malloc(len);
185 if (copy) {
186 memcpy(copy, s, len);
187 }
188 return copy;
189}
190
191static char *
192coap_mbedtls_strndup_alloc(const char *s, size_t n) {
193 size_t len;
194 char *copy;
195
196 if (!s) {
197 return NULL;
198 }
199 len = strnlen(s, n);
200 copy = (char *)mbedtls_malloc(len + 1);
201 if (copy) {
202 memcpy(copy, s, len);
203 copy[len] = '\0';
204 }
205 return copy;
206}
207#endif /* ! COAP_WITH_LIBMBEDTLS_OSCORE */
208
209#ifndef mbedtls_strdup
210#define mbedtls_strdup(a) coap_mbedtls_strdup_alloc(a)
211#endif
212#ifndef mbedtls_strndup
213#define mbedtls_strndup(a, b) coap_mbedtls_strndup_alloc((a), (b))
214#endif
215
216#ifndef MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
217/* definition changed in later mbedtls code versions */
218#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
219#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
220#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
221#endif /* ! MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
222
223#if ! COAP_SERVER_SUPPORT
224#undef MBEDTLS_SSL_SRV_C
225#endif /* ! COAP_SERVER_SUPPORT */
226#if ! COAP_CLIENT_SUPPORT
227#undef MBEDTLS_SSL_CLI_C
228#endif /* ! COAP_CLIENT_SUPPORT */
229
230#ifdef _WIN32
231#define strcasecmp _stricmp
232#endif
233
234/*
235 * Crypto Abstraction Functions
236 * These provide a unified API for both legacy mbedTLS and PSA Crypto.
237 */
238
239#if COAP_SERVER_SUPPORT
240/* SHA-256 Digest Functions */
241
242static int
243coap_crypto_sha256_init(coap_crypto_sha256_ctx_t *ctx) {
244#if COAP_USE_PSA_CRYPTO
245 *ctx = psa_hash_operation_init();
246 return (psa_hash_setup(ctx, PSA_ALG_SHA_256) == PSA_SUCCESS) ? 0 : -1;
247#else
248 mbedtls_sha256_init(ctx);
249#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
250 return mbedtls_sha256_starts_ret(ctx, 0);
251#else
252 return mbedtls_sha256_starts(ctx, 0);
253#endif
254#endif
255}
256
257static int
258coap_crypto_sha256_update(coap_crypto_sha256_ctx_t *ctx,
259 const uint8_t *data, size_t len) {
260#if COAP_USE_PSA_CRYPTO
261 return (psa_hash_update(ctx, data, len) == PSA_SUCCESS) ? 0 : -1;
262#else
263#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
264 return mbedtls_sha256_update_ret(ctx, data, len);
265#else
266 return mbedtls_sha256_update(ctx, data, len);
267#endif
268#endif
269}
270
271static int
272coap_crypto_sha256_finish(coap_crypto_sha256_ctx_t *ctx, uint8_t *output) {
273#if COAP_USE_PSA_CRYPTO
274 size_t hash_len;
275 return (psa_hash_finish(ctx, output, 32, &hash_len) == PSA_SUCCESS) ? 0 : -1;
276#else
277#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
278 return mbedtls_sha256_finish_ret(ctx, output);
279#else
280 return mbedtls_sha256_finish(ctx, output);
281#endif
282#endif
283}
284
285static void
286coap_crypto_sha256_free(coap_crypto_sha256_ctx_t *ctx) {
287#if COAP_USE_PSA_CRYPTO
288 psa_hash_abort(ctx);
289#else
290 mbedtls_sha256_free(ctx);
291#endif
292}
293#endif /* COAP_SERVER_SUPPORT */
294
295/* General Hash Functions */
296#if COAP_WS_SUPPORT
297static size_t
298coap_crypto_hash_size(coap_crypto_md_type_t md_type) {
299#if COAP_USE_PSA_CRYPTO
300 switch ((int)md_type) {
301 case PSA_ALG_SHA_1:
302 return 20;
303 case PSA_ALG_SHA_256:
304 return 32;
305 case PSA_ALG_SHA_384:
306 return 48;
307 case PSA_ALG_SHA_512:
308 return 64;
309 default:
310 return 0;
311 }
312#else
313 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
314 return md_info ? mbedtls_md_get_size(md_info) : 0;
315#endif
316}
317
318static int
319coap_crypto_hash_compute(coap_crypto_md_type_t md_type,
320 const uint8_t *input, size_t ilen,
321 uint8_t *output, size_t output_size,
322 size_t *output_len) {
323#if COAP_USE_PSA_CRYPTO
324 size_t actual_len;
325 psa_status_t status = psa_hash_compute(md_type, input, ilen,
326 output, output_size, &actual_len);
327 if (output_len)
328 *output_len = actual_len;
329 return (status == PSA_SUCCESS) ? 0 : -1;
330#else
331 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
332 if (!md_info)
333 return -1;
334 size_t hash_len = mbedtls_md_get_size(md_info);
335 if (hash_len > output_size)
336 return -1;
337 if (output_len)
338 *output_len = hash_len;
339 return mbedtls_md(md_info, input, ilen, output);
340#endif
341}
342#endif /* COAP_WS_SUPPORT */
343
344
345#endif /* COAP_WITH_LIBMBEDTLS || COAP_WITH_LIBMBEDTLS_OSCORE */
346
347#if COAP_WITH_LIBMBEDTLS
348
349#define IS_PSK (1 << 0)
350#define IS_PKI (1 << 1)
351#define IS_CLIENT (1 << 6)
352#define IS_SERVER (1 << 7)
353
354typedef struct coap_ssl_t {
355 const uint8_t *pdu;
356 unsigned pdu_len;
357 unsigned peekmode;
358} coap_ssl_t;
359
360/*
361 * This structure encapsulates the Mbed TLS session object.
362 * It handles both TLS and DTLS.
363 * c_session->tls points to this.
364 */
365typedef struct coap_mbedtls_env_t {
366 mbedtls_ssl_context ssl;
367#if !COAP_USE_PSA_CRYPTO
368 mbedtls_entropy_context entropy;
369 mbedtls_ctr_drbg_context ctr_drbg;
370#endif /* !COAP_USE_PSA_CRYPTO */
371 mbedtls_ssl_config conf;
372 mbedtls_timing_delay_context timer;
373 mbedtls_x509_crt cacert;
374 mbedtls_x509_crt public_cert;
375 mbedtls_pk_context private_key;
376 mbedtls_ssl_cookie_ctx cookie_ctx;
377 /* If not set, need to do do_mbedtls_handshake */
378 int established;
379 int sent_alert;
380 int seen_client_hello;
381 int ec_jpake;
382 coap_tick_t last_timeout;
383 unsigned int retry_scalar;
384 coap_ssl_t coap_ssl_data;
385 uint32_t server_hello_cnt;
386} coap_mbedtls_env_t;
387
388typedef struct pki_sni_entry {
389 char *sni;
390 coap_dtls_key_t pki_key;
391 mbedtls_x509_crt cacert;
392 mbedtls_x509_crt public_cert;
393 mbedtls_pk_context private_key;
394} pki_sni_entry;
395
396typedef struct psk_sni_entry {
397 char *sni;
398 coap_dtls_spsk_info_t psk_info;
399} psk_sni_entry;
400
401typedef struct coap_mbedtls_context_t {
402 coap_dtls_pki_t setup_data;
403 size_t pki_sni_count;
404 pki_sni_entry *pki_sni_entry_list;
405 size_t psk_sni_count;
406 psk_sni_entry *psk_sni_entry_list;
407 char *root_ca_file;
408 char *root_ca_path;
409 int trust_store_defined;
410 int psk_pki_enabled;
411} coap_mbedtls_context_t;
412
413typedef enum coap_enc_method_t {
414 COAP_ENC_PSK,
415 COAP_ENC_PKI,
416 COAP_ENC_ECJPAKE,
417} coap_enc_method_t;
418
419#ifdef __ZEPHYR__
420
421typedef struct {
422 uint32_t start_time;
423 uint32_t int_time;
424 uint32_t fin_time;
425} zephyr_timing_delay_context;
426
427static void
428zephyr_timing_set_delay(void *data, uint32_t int_ms, uint32_t fin_ms) {
429 zephyr_timing_delay_context *ctx = (zephyr_timing_delay_context *)data;
430
431 if (ctx == NULL) {
432 return;
433 }
434
435 ctx->start_time = k_uptime_get_32();
436
437 if (fin_ms != 0) {
438 ctx->int_time = ctx->start_time + int_ms;
439 ctx->fin_time = ctx->start_time + fin_ms;
440 } else {
441 ctx->int_time = 0;
442 ctx->fin_time = 0;
443 }
444}
445
446static int
447zephyr_timing_get_delay(void *data) {
448 zephyr_timing_delay_context *ctx = (zephyr_timing_delay_context *)data;
449 uint32_t now;
450
451 if (ctx == NULL || ctx->fin_time == 0) {
452 return -1;
453 }
454
455 now = k_uptime_get_32();
456
457 if (now >= ctx->fin_time) {
458 return 2;
459 }
460
461 if (now >= ctx->int_time) {
462 return 1;
463 }
464
465 return 0;
466}
467
468#endif /* __ZEPHYR__ */
469
470#if !COAP_USE_PSA_CRYPTO
471#ifndef MBEDTLS_2_X_COMPAT
472/*
473 * mbedtls_ callback functions expect 0 on success, -ve on failure.
474 */
475static int
476coap_rng(void *ctx COAP_UNUSED, unsigned char *buf, size_t len) {
477 return coap_prng_lkd(buf, len) ? 0 : MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED;
478}
479#endif /* MBEDTLS_2_X_COMPAT */
480#endif /* !COAP_USE_PSA_CRYPTO */
481
482static int
483coap_dgram_read(void *ctx, unsigned char *out, size_t outl) {
484 ssize_t ret = 0;
485 coap_session_t *c_session = (coap_session_t *)ctx;
486 coap_ssl_t *data;
487
488 if (!c_session->tls) {
489 errno = EAGAIN;
490 return MBEDTLS_ERR_SSL_WANT_READ;
491 }
492 data = &((coap_mbedtls_env_t *)c_session->tls)->coap_ssl_data;
493
494 if (out != NULL) {
495 if (data->pdu_len > 0) {
496 if (outl < data->pdu_len) {
497 memcpy(out, data->pdu, outl);
498 ret = outl;
499 data->pdu += outl;
500 data->pdu_len -= outl;
501 } else {
502 memcpy(out, data->pdu, data->pdu_len);
503 ret = data->pdu_len;
504 if (!data->peekmode) {
505 data->pdu_len = 0;
506 data->pdu = NULL;
507 }
508 }
509 } else {
510 ret = MBEDTLS_ERR_SSL_WANT_READ;
511 errno = EAGAIN;
512 }
513 }
514 return ret;
515}
516
517/*
518 * return +ve data amount
519 * 0 no more
520 * -ve Mbed TLS error
521 */
522/* callback function given to mbedtls for sending data over socket */
523static int
524coap_dgram_write(void *ctx, const unsigned char *send_buffer,
525 size_t send_buffer_length) {
526 ssize_t result = -1;
527 coap_session_t *c_session = (coap_session_t *)ctx;
528
529 if (c_session) {
530 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
531
532 if (!coap_netif_available(c_session)
534 && c_session->endpoint == NULL
535#endif /* COAP_SERVER_SUPPORT */
536 ) {
537 /* socket was closed on client due to error */
538 errno = ECONNRESET;
539 return -1;
540 }
541 result = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
542 send_buffer, send_buffer_length);
543 if (result != (ssize_t)send_buffer_length) {
544 int keep_errno = errno;
545
546 coap_log_warn("coap_netif_dgrm_write failed (%" PRIdS " != %" PRIuS ")\n",
547 result, send_buffer_length);
548 errno = keep_errno;
549 if (result < 0) {
550 if (errno == ENOTCONN || errno == ECONNREFUSED)
552 return -1;
553 } else {
554 result = 0;
555 }
556 } else if (m_env) {
557 coap_tick_t now;
558 coap_ticks(&now);
559 m_env->last_timeout = now;
560 }
561 } else {
562 result = 0;
563 }
564 return result;
565}
566
567#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && defined(MBEDTLS_SSL_SRV_C)
568/*
569 * Server side PSK callback
570 */
571static int
572psk_server_callback(void *p_info, mbedtls_ssl_context *ssl,
573 const unsigned char *identity, size_t identity_len) {
574 coap_session_t *c_session = (coap_session_t *)p_info;
575 coap_dtls_spsk_t *setup_data;
576 coap_mbedtls_env_t *m_env;
577 coap_bin_const_t lidentity;
578 const coap_bin_const_t *psk_key;
579
580 if (c_session == NULL)
581 return -1;
582
583 /* Track the Identity being used */
584 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
585 lidentity.length = identity ? identity_len : 0;
586 coap_session_refresh_psk_identity(c_session, &lidentity);
587
588 coap_log_debug("got psk_identity: '%.*s'\n",
589 (int)lidentity.length, (const char *)lidentity.s);
590
591 m_env = (coap_mbedtls_env_t *)c_session->tls;
592 setup_data = &c_session->context->spsk_setup_data;
593
594 if (setup_data->validate_id_call_back) {
595 psk_key = setup_data->validate_id_call_back(&lidentity,
596 c_session,
597 setup_data->id_call_back_arg);
598
599 coap_session_refresh_psk_key(c_session, psk_key);
600 } else {
601 psk_key = coap_get_session_server_psk_key(c_session);
602 }
603
604 if (psk_key == NULL)
605 return -1;
606 mbedtls_ssl_set_hs_psk(ssl, psk_key->s, psk_key->length);
607 m_env->seen_client_hello = 1;
608 return 0;
609}
610#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && MBEDTLS_SSL_SRV_C */
611
612static char *
613get_san_or_cn_from_cert(coap_session_t *session, mbedtls_x509_crt *crt, const char *sni_match) {
614 if (crt) {
615 const mbedtls_asn1_named_data *cn_data;
616
617 (void)session;
618 if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
619 mbedtls_asn1_sequence *seq = &crt->subject_alt_names;
620 while (seq) {
621 while (seq->buf.p == NULL) {
622 seq = seq->next;
623 }
624 if (seq) {
625 if (sni_match) {
626 if (strlen(sni_match) != seq->buf.len ||
627 memcmp(seq->buf.p, sni_match, seq->buf.len)) {
628 seq = seq->next;
629 continue;
630 }
631 }
632 /* Return the Subject Alt Name */
633 return mbedtls_strndup((const char *)seq->buf.p,
634 seq->buf.len);
635 }
636 }
637 }
638
639 cn_data = mbedtls_asn1_find_named_data(&crt->subject,
640 MBEDTLS_OID_AT_CN,
641 MBEDTLS_OID_SIZE(MBEDTLS_OID_AT_CN));
642 if (cn_data) {
643 if (sni_match) {
644 if (!coap_pki_name_match_sni((char *)cn_data->val.p, cn_data->val.len, sni_match)) {
645 coap_log_debug(" %s: got CN '%*.*s'\n",
646 coap_session_str(session), (int)cn_data->val.len,
647 (int)cn_data->val.len, cn_data->val.p);
648 goto no_match;
649 }
650 }
651 /* Return the Common Name */
652 return mbedtls_strndup((const char *)cn_data->val.p,
653 cn_data->val.len);
654 }
655no_match:
656 if (!sni_match) {
657 return NULL;
658 }
659 if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
660 mbedtls_asn1_sequence *seq = &crt->subject_alt_names;
661 int n = 0;
662
663 while (seq) {
664 while (seq->buf.p == NULL) {
665 seq = seq->next;
666 }
667 if (seq) {
668 coap_log_debug(" %s: got DNS.%d '%*.*s'\n",
669 coap_session_str(session), n + 1, (int)seq->buf.len,
670 (int)seq->buf.len, seq->buf.p);
671 seq = seq->next;
672 n++;
673 continue;
674 }
675 }
676 }
677 }
678 return NULL;
679}
680
681#if COAP_MAX_LOGGING_LEVEL > 0
682static char *
683get_error_string(int ret) {
684 static char buf[128] = {0};
685 mbedtls_strerror(ret, buf, sizeof(buf)-1);
686 return buf;
687}
688#endif /* COAP_MAX_LOGGING_LEVEL */
689
690static int
691self_signed_cert_verify_callback_mbedtls(void *data,
692 mbedtls_x509_crt *crt COAP_UNUSED,
693 int depth COAP_UNUSED,
694 uint32_t *flags) {
695 const coap_session_t *c_session = (coap_session_t *)data;
696 const coap_mbedtls_context_t *m_context =
697 (coap_mbedtls_context_t *)c_session->context->dtls_context;
698 const coap_dtls_pki_t *setup_data = &m_context->setup_data;
699
700 if (*flags & MBEDTLS_X509_BADCERT_EXPIRED) {
701 if (setup_data->allow_expired_certs) {
702 *flags &= ~MBEDTLS_X509_BADCERT_EXPIRED;
703 }
704 }
705 return 0;
706}
707
708/*
709 * return 0 All OK
710 * -ve Error Code
711 */
712static int
713cert_verify_callback_mbedtls(void *data, mbedtls_x509_crt *crt,
714 int depth, uint32_t *flags) {
715 coap_session_t *c_session = (coap_session_t *)data;
716 coap_mbedtls_context_t *m_context =
717 (coap_mbedtls_context_t *)c_session->context->dtls_context;
718 coap_dtls_pki_t *setup_data = &m_context->setup_data;
719 char *cn = NULL;
720
721 if (!setup_data->allow_sni_cn_mismatch && depth == 0 &&
722 c_session->type == COAP_SESSION_TYPE_CLIENT && setup_data->client_sni) {
723
724 cn = get_san_or_cn_from_cert(c_session, crt, setup_data->client_sni);
725 if (!cn) {
726 coap_log_info(" %s: SNI '%s' not returned in certificate\n",
727 coap_session_str(c_session), setup_data->client_sni);
728 *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
729 }
730 }
731 if (!cn) {
732 cn = get_san_or_cn_from_cert(c_session, crt, NULL);
733 }
734 coap_dtls_log(COAP_LOG_DEBUG, "depth %d flags %x cert '%s'\n",
735 depth, *flags, cn);
736 if (setup_data->validate_cn_call_back) {
737 int ret;
738
740 setup_data->validate_cn_call_back(cn,
741 crt->raw.p,
742 crt->raw.len,
743 c_session,
744 depth,
745 *flags == 0,
746 setup_data->cn_call_back_arg));
747 if (!ret) {
748 *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
749 }
750 }
751 if (setup_data->cert_chain_validation &&
752 depth > (setup_data->cert_chain_verify_depth + 2)) {
753 *flags |= MBEDTLS_X509_BADCERT_OTHER;
754 coap_log_warn(" %s: %s: '%s' depth %d\n",
755 coap_session_str(c_session),
756 "The certificate's verify depth is too long",
757 cn ? cn : "?", depth);
758 }
759 if (*flags == 0) {
760 if (cn)
761 mbedtls_free(cn);
762 return 0;
763 }
764
765 if (*flags & MBEDTLS_X509_BADCERT_EXPIRED) {
766 if (setup_data->allow_expired_certs) {
767 *flags &= ~MBEDTLS_X509_BADCERT_EXPIRED;
768 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
769 coap_session_str(c_session),
770 "The certificate has expired", cn ? cn : "?", depth);
771 }
772 }
773 if (*flags & MBEDTLS_X509_BADCERT_FUTURE) {
774 if (setup_data->allow_expired_certs) {
775 *flags &= ~MBEDTLS_X509_BADCERT_FUTURE;
776 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
777 coap_session_str(c_session),
778 "The certificate has a future date", cn ? cn : "?", depth);
779 }
780 }
781 if (*flags & MBEDTLS_X509_BADCERT_BAD_MD) {
782 if (setup_data->allow_bad_md_hash) {
783 *flags &= ~MBEDTLS_X509_BADCERT_BAD_MD;
784 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
785 coap_session_str(c_session),
786 "The certificate has a bad MD hash", cn ? cn : "?", depth);
787 }
788 }
789 if (*flags & MBEDTLS_X509_BADCERT_BAD_KEY) {
790 if (setup_data->allow_short_rsa_length) {
791 *flags &= ~MBEDTLS_X509_BADCERT_BAD_KEY;
792 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
793 coap_session_str(c_session),
794 "The certificate has a short RSA length", cn ? cn : "?", depth);
795 }
796 }
797 if (*flags & MBEDTLS_X509_BADCERT_CN_MISMATCH) {
798 if (setup_data->allow_sni_cn_mismatch) {
799 *flags &= ~MBEDTLS_X509_BADCERT_CN_MISMATCH;
800 coap_log_info(" %s: %s: overridden: '%s' v '%s' depth %d\n",
801 coap_session_str(c_session),
802 "The SNI does not match the returned CN",
803 setup_data->client_sni ? setup_data->client_sni : "",
804 cn ? cn : "?", depth);
805 }
806 }
807 if (*flags & MBEDTLS_X509_BADCERT_NOT_TRUSTED) {
808 uint32_t lflags;
809 int self_signed = !mbedtls_x509_crt_verify(crt, crt, NULL, NULL, &lflags,
810 self_signed_cert_verify_callback_mbedtls,
811 data);
812 if (self_signed && depth == 0) {
813 if (setup_data->allow_self_signed &&
814 !setup_data->check_common_ca) {
815 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
816 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
817 coap_session_str(c_session),
818 "Self-signed",
819 cn ? cn : "?", depth);
820 }
821 } else if (self_signed) {
822 if (!setup_data->verify_peer_cert) {
823 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
824 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
825 coap_session_str(c_session),
826 "Self-signed", cn ? cn : "?", depth);
827 }
828 } else {
829 if (!setup_data->verify_peer_cert) {
830 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
831 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
832 coap_session_str(c_session),
833 "The certificate's CA is not trusted", cn ? cn : "?", depth);
834 }
835 }
836 }
837 if (*flags & MBEDTLS_X509_BADCRL_EXPIRED) {
838 if (setup_data->check_cert_revocation && setup_data->allow_expired_crl) {
839 *flags &= ~MBEDTLS_X509_BADCRL_EXPIRED;
840 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
841 coap_session_str(c_session),
842 "The certificate's CRL has expired", cn ? cn : "?", depth);
843 } else if (!setup_data->check_cert_revocation) {
844 *flags &= ~MBEDTLS_X509_BADCRL_EXPIRED;
845 }
846 }
847 if (*flags & MBEDTLS_X509_BADCRL_FUTURE) {
848 if (setup_data->check_cert_revocation && setup_data->allow_expired_crl) {
849 *flags &= ~MBEDTLS_X509_BADCRL_FUTURE;
850 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
851 coap_session_str(c_session),
852 "The certificate's CRL has a future date", cn ? cn : "?", depth);
853 } else if (!setup_data->check_cert_revocation) {
854 *flags &= ~MBEDTLS_X509_BADCRL_FUTURE;
855 }
856 }
857
858 if (*flags != 0) {
859 char buf[128];
860 char *tcp;
861 int ret = mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
862
863 if (ret >= 0) {
864 tcp = strchr(buf, '\n');
865 while (tcp) {
866 *tcp = '\000';
867 coap_log_warn(" %s: %s: issue 0x%" PRIx32 ": '%s' depth %d\n",
868 coap_session_str(c_session),
869 buf, *flags, cn ? cn : "?", depth);
870 tcp = strchr(tcp+1, '\n');
871 }
872 } else {
873 coap_log_err("mbedtls_x509_crt_verify_info returned -0x%x: '%s'\n",
874 -ret, get_error_string(ret));
875 }
876 }
877
878 if (cn)
879 mbedtls_free(cn);
880
881 return 0;
882}
883
884static int
885setup_pki_credentials(mbedtls_x509_crt *cacert,
886 mbedtls_x509_crt *public_cert,
887 mbedtls_pk_context *private_key,
888 coap_mbedtls_env_t *m_env,
889 coap_mbedtls_context_t *m_context,
890 coap_session_t *c_session,
891 coap_dtls_pki_t *setup_data,
892 coap_dtls_role_t role) {
893 coap_dtls_key_t key;
894 int ret;
895 int done_private_key = 0;
896 int done_public_cert = 0;
897 uint8_t *buffer;
898 size_t length;
899
900 /* Map over to the new define format to save code duplication */
901 coap_dtls_map_key_type_to_define(setup_data, &key);
902
903 assert(key.key_type == COAP_PKI_KEY_DEFINE);
904
905 /*
906 * Configure the Private Key
907 */
908 if (key.key.define.private_key.u_byte &&
909 key.key.define.private_key.u_byte[0]) {
910 switch (key.key.define.private_key_def) {
911 case COAP_PKI_KEY_DEF_DER: /* define private key */
912 /* Fall Through */
913 case COAP_PKI_KEY_DEF_PEM: /* define private key */
914#if defined(MBEDTLS_FS_IO)
915 mbedtls_pk_init(private_key);
916#if COAP_USE_PSA_CRYPTO
917 ret = mbedtls_pk_parse_keyfile(private_key,
919#elif defined(MBEDTLS_2_X_COMPAT)
920 ret = mbedtls_pk_parse_keyfile(private_key,
922#else
923 ret = mbedtls_pk_parse_keyfile(private_key,
925 NULL, coap_rng, (void *)&m_env->ctr_drbg);
926#endif
927 if (ret < 0) {
930 &key, role, ret);
931 }
932 done_private_key = 1;
933 break;
934#else /* ! MBEDTLS_FS_IO */
937 &key, role, -1);
938#endif /* ! MBEDTLS_FS_IO */
939 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
940 mbedtls_pk_init(private_key);
941 length = key.key.define.private_key_len;
942 if (key.key.define.private_key.u_byte[length-1] != '\000') {
943 /* Need to allocate memory to add in NULL terminator */
944 buffer = mbedtls_malloc(length + 1);
945 if (!buffer) {
946 coap_log_err("mbedtls_malloc failed\n");
947 return 0;
948 }
949 memcpy(buffer, key.key.define.private_key.u_byte, length);
950 buffer[length] = '\000';
951 length++;
952#if COAP_USE_PSA_CRYPTO
953 ret = mbedtls_pk_parse_key(private_key, buffer, length, NULL, 0);
954#elif defined(MBEDTLS_2_X_COMPAT)
955 ret = mbedtls_pk_parse_key(private_key, buffer, length, NULL, 0);
956#else
957 ret = mbedtls_pk_parse_key(private_key, buffer, length,
958 NULL, 0, coap_rng, (void *)&m_env->ctr_drbg);
959#endif
960 mbedtls_free(buffer);
961 } else {
962#if COAP_USE_PSA_CRYPTO
963 ret = mbedtls_pk_parse_key(private_key,
966#elif defined(MBEDTLS_2_X_COMPAT)
967 ret = mbedtls_pk_parse_key(private_key,
970#else
971 ret = mbedtls_pk_parse_key(private_key,
974 NULL, 0, coap_rng, (void *)&m_env->ctr_drbg);
975#endif
976 }
977 if (ret < 0) {
980 &key, role, ret);
981 }
982 done_private_key = 1;
983 break;
984 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
985 mbedtls_pk_init(private_key);
986#if COAP_USE_PSA_CRYPTO
987 ret = mbedtls_pk_parse_key(private_key,
990#elif defined(MBEDTLS_2_X_COMPAT)
991 ret = mbedtls_pk_parse_key(private_key,
994#else
995 ret = mbedtls_pk_parse_key(private_key,
997 key.key.define.private_key_len, NULL, 0, coap_rng,
998 (void *)&m_env->ctr_drbg);
999#endif
1000 if (ret < 0) {
1003 &key, role, ret);
1004 }
1005 done_private_key = 1;
1006 break;
1007 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
1008 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
1009 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
1010 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
1011 default:
1014 &key, role, -1);
1015 }
1016 } else if (role == COAP_DTLS_ROLE_SERVER ||
1018 key.key.define.public_cert.u_byte[0])) {
1021 &key, role, -1);
1022 }
1023
1024 /*
1025 * Configure the Public Certificate / Key
1026 */
1027 if (key.key.define.public_cert.u_byte &&
1028 key.key.define.public_cert.u_byte[0]) {
1029 switch (key.key.define.public_cert_def) {
1030 case COAP_PKI_KEY_DEF_DER: /* define public cert */
1031 /* Fall Through */
1032 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
1033#if defined(MBEDTLS_FS_IO)
1034 mbedtls_x509_crt_init(public_cert);
1035 ret = mbedtls_x509_crt_parse_file(public_cert,
1037 if (ret < 0) {
1040 &key, role, ret);
1041 }
1042 done_public_cert = 1;
1043 break;
1044#else /* ! MBEDTLS_FS_IO */
1047 &key, role, -1);
1048#endif /* ! MBEDTLS_FS_IO */
1049 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
1050 mbedtls_x509_crt_init(public_cert);
1051
1052 length = key.key.define.public_cert_len;
1053 if (key.key.define.public_cert.u_byte[length-1] != '\000') {
1054 /* Need to allocate memory to add in NULL terminator */
1055 buffer = mbedtls_malloc(length + 1);
1056 if (!buffer) {
1057 coap_log_err("mbedtls_malloc failed\n");
1058 return 0;
1059 }
1060 memcpy(buffer, key.key.define.public_cert.u_byte, length);
1061 buffer[length] = '\000';
1062 length++;
1063 ret = mbedtls_x509_crt_parse(public_cert, buffer, length);
1064 mbedtls_free(buffer);
1065 } else {
1066 ret = mbedtls_x509_crt_parse(public_cert,
1069 }
1070 if (ret < 0) {
1073 &key, role, ret);
1074 }
1075 done_public_cert = 1;
1076 break;
1077 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
1080 &key, role, -1);
1081 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
1082 mbedtls_x509_crt_init(public_cert);
1083 ret = mbedtls_x509_crt_parse(public_cert,
1086 if (ret < 0) {
1089 &key, role, ret);
1090 }
1091 done_public_cert = 1;
1092 break;
1093 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
1094 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
1095 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
1096 default:
1099 &key, role, -1);
1100 }
1101 } else if (role == COAP_DTLS_ROLE_SERVER ||
1103 key.key.define.private_key.u_byte[0])) {
1106 &key, role, -1);
1107 }
1108
1109 if (done_private_key && done_public_cert) {
1110 ret = mbedtls_ssl_conf_own_cert(&m_env->conf, public_cert, private_key);
1111 if (ret < 0) {
1112 coap_log_err("mbedtls_ssl_conf_own_cert returned -0x%x: '%s'\n",
1113 -ret, get_error_string(ret));
1114 return 0;
1115 }
1116 }
1117
1118 /*
1119 * Configure the CA
1120 */
1121 if (
1122 key.key.define.ca.u_byte &&
1123 key.key.define.ca.u_byte[0]) {
1124 switch (key.key.define.ca_def) {
1125 case COAP_PKI_KEY_DEF_DER: /* define ca */
1126 /* Fall Through */
1128#if defined(MBEDTLS_FS_IO)
1129 mbedtls_x509_crt_init(cacert);
1130 ret = mbedtls_x509_crt_parse_file(cacert,
1131 key.key.define.ca.s_byte);
1132 if (ret < 0) {
1135 &key, role, ret);
1136 }
1137 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1138#else /* ! MBEDTLS_FS_IO */
1141 &key, role, -1);
1142#endif /* ! MBEDTLS_FS_IO */
1143 break;
1144 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
1145 mbedtls_x509_crt_init(cacert);
1146 length = key.key.define.ca_len;
1147 if (key.key.define.ca.u_byte[length-1] != '\000') {
1148 /* Need to allocate memory to add in NULL terminator */
1149 buffer = mbedtls_malloc(length + 1);
1150 if (!buffer) {
1151 coap_log_err("mbedtls_malloc failed\n");
1152 return 0;
1153 }
1154 memcpy(buffer, key.key.define.ca.u_byte, length);
1155 buffer[length] = '\000';
1156 length++;
1157 ret = mbedtls_x509_crt_parse(cacert, buffer, length);
1158 mbedtls_free(buffer);
1159 } else {
1160 ret = mbedtls_x509_crt_parse(cacert,
1161 key.key.define.ca.u_byte,
1162 key.key.define.ca_len);
1163 }
1164 if (ret < 0) {
1167 &key, role, ret);
1168 }
1169 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1170 break;
1171 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
1174 &key, role, -1);
1175 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
1176 mbedtls_x509_crt_init(cacert);
1177 ret = mbedtls_x509_crt_parse(cacert,
1178 key.key.define.ca.u_byte,
1179 key.key.define.ca_len);
1180 if (ret < 0) {
1183 &key, role, ret);
1184 }
1185 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1186 break;
1187 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
1188 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
1189 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
1190 default:
1193 &key, role, -1);
1194 }
1195 }
1196
1197 /* Add in any root CA definitons */
1198
1199#if defined(MBEDTLS_FS_IO)
1200 if (m_context->root_ca_file) {
1201 ret = mbedtls_x509_crt_parse_file(cacert, m_context->root_ca_file);
1202 if (ret < 0) {
1206 &key, role, ret);
1207 }
1208 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1209 }
1210 if (m_context->root_ca_path) {
1211 ret = mbedtls_x509_crt_parse_path(cacert, m_context->root_ca_path);
1212 if (ret < 0) {
1216 &key, role, ret);
1217 }
1218 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1219 }
1220#if MBEDTLS_VERSION_NUMBER >= 0x04000000
1221 if (m_context->trust_store_defined)
1222#else /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
1223 if (m_context->trust_store_defined ||
1224 (role == COAP_DTLS_ROLE_CLIENT && !m_context->setup_data.verify_peer_cert))
1225#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
1226 {
1227 /* Until Trust Store is implemented in MbedTLS */
1228 const char *trust_list[] = {
1229 "/etc/ssl/ca-bundle.pem",
1230 "/etc/ssl/certs/ca-certificates.crt",
1231 "/etc/pki/tls/cert.pem",
1232 "/usr/local/share/certs/ca-root-nss.crt",
1233 "/etc/ssl/cert.pem"
1234 };
1235 static const char *trust_file_found = NULL;
1236 static int trust_file_done = 0;
1237 unsigned int i;
1238
1239 if (trust_file_found) {
1240 ret = mbedtls_x509_crt_parse_file(cacert, trust_file_found);
1241 if (ret >= 0) {
1242 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1243 } else {
1244 coap_log_warn("Unable to load trusted root CAs (%s)\n",
1245 trust_file_found);
1246 }
1247 } else if (!trust_file_done) {
1248 trust_file_done = 1;
1249 for (i = 0; i < sizeof(trust_list)/sizeof(trust_list[0]); i++) {
1250 ret = mbedtls_x509_crt_parse_file(cacert, trust_list[i]);
1251 if (ret >= 0) {
1252 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
1253 trust_file_found = trust_list[i];
1254 break;
1255 }
1256 }
1257 if (i == sizeof(trust_list)/sizeof(trust_list[0])) {
1258 coap_log_warn("Unable to load trusted root CAs\n");
1259 }
1260 }
1261 }
1262#else /* ! MBEDTLS_FS_IO */
1263 if (m_context->root_ca_file || m_context->root_ca_path ||
1264 m_context->trust_store_defined) {
1265 /* No FS to read these files */
1268 &key, role, -1);
1269 }
1270#endif /* ! MBEDTLS_FS_IO */
1271
1272#if defined(MBEDTLS_SSL_SRV_C)
1273 mbedtls_ssl_conf_cert_req_ca_list(&m_env->conf,
1274 setup_data->check_common_ca ?
1275 MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED :
1276 MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED);
1277#endif
1278 mbedtls_ssl_conf_authmode(&m_env->conf, setup_data->verify_peer_cert ?
1279 MBEDTLS_SSL_VERIFY_REQUIRED :
1280 MBEDTLS_SSL_VERIFY_NONE);
1281 /*
1282 * Verify Peer.
1283 * Need to do all checking, even if setup_data->verify_peer_cert is not set
1284 */
1285 mbedtls_ssl_conf_verify(&m_env->conf,
1286 cert_verify_callback_mbedtls, c_session);
1287
1288 return 1;
1289}
1290
1291#if defined(MBEDTLS_SSL_SRV_C)
1292/*
1293 * PKI SNI callback.
1294 */
1295static int
1296pki_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
1297 const unsigned char *uname, size_t name_len) {
1298 unsigned int i;
1299 coap_dtls_pki_t sni_setup_data;
1300 coap_session_t *c_session = (coap_session_t *)p_info;
1301 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
1302 coap_mbedtls_context_t *m_context =
1303 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1304 char *name;
1305
1306 name = mbedtls_malloc(name_len+1);
1307 if (!name)
1308 return -1;
1309
1310 memcpy(name, uname, name_len);
1311 name[name_len] = '\000';
1312
1313 /* Is this a cached entry? */
1314 for (i = 0; i < m_context->pki_sni_count; i++) {
1315 if (strcasecmp(name, m_context->pki_sni_entry_list[i].sni) == 0) {
1316 break;
1317 }
1318 }
1319 if (i == m_context->pki_sni_count) {
1320 /*
1321 * New PKI SNI request
1322 */
1323 coap_dtls_key_t *new_entry;
1324 pki_sni_entry *pki_sni_entry_list;
1325
1326 coap_lock_callback_ret(new_entry,
1327 m_context->setup_data.validate_sni_call_back(name,
1328 m_context->setup_data.sni_call_back_arg));
1329 if (!new_entry) {
1330 mbedtls_free(name);
1331 return -1;
1332 }
1333
1334 pki_sni_entry_list = mbedtls_realloc(m_context->pki_sni_entry_list,
1335 (i+1)*sizeof(pki_sni_entry));
1336
1337 if (pki_sni_entry_list == NULL) {
1338 mbedtls_free(name);
1339 return -1;
1340 }
1341 m_context->pki_sni_entry_list = pki_sni_entry_list;
1342 memset(&m_context->pki_sni_entry_list[i], 0,
1343 sizeof(m_context->pki_sni_entry_list[i]));
1344 m_context->pki_sni_entry_list[i].sni = name;
1345 m_context->pki_sni_entry_list[i].pki_key = *new_entry;
1346 sni_setup_data = m_context->setup_data;
1347 sni_setup_data.pki_key = *new_entry;
1348 if (setup_pki_credentials(&m_context->pki_sni_entry_list[i].cacert,
1349 &m_context->pki_sni_entry_list[i].public_cert,
1350 &m_context->pki_sni_entry_list[i].private_key,
1351 m_env,
1352 m_context,
1353 c_session,
1354 &sni_setup_data, COAP_DTLS_ROLE_SERVER) < 0) {
1355 mbedtls_free(name);
1356 return -1;
1357 }
1358 /* name has been absorbed into pki_sni_entry_list[].sni entry */
1359 m_context->pki_sni_count++;
1360 } else {
1361 mbedtls_free(name);
1362 }
1363
1364 mbedtls_ssl_set_hs_ca_chain(ssl, &m_context->pki_sni_entry_list[i].cacert,
1365 NULL);
1366 return mbedtls_ssl_set_hs_own_cert(ssl,
1367 &m_context->pki_sni_entry_list[i].public_cert,
1368 &m_context->pki_sni_entry_list[i].private_key);
1369}
1370
1371#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1372/*
1373 * PSK SNI callback.
1374 */
1375static int
1376psk_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
1377 const unsigned char *uname, size_t name_len) {
1378 unsigned int i;
1379 coap_session_t *c_session = (coap_session_t *)p_info;
1380 coap_mbedtls_context_t *m_context =
1381 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1382 char *name;
1383
1384 name = mbedtls_malloc(name_len+1);
1385 if (!name)
1386 return -1;
1387
1388 memcpy(name, uname, name_len);
1389 name[name_len] = '\000';
1390
1391 /* Is this a cached entry? */
1392 for (i = 0; i < m_context->psk_sni_count; i++) {
1393 if (strcasecmp(name, m_context->psk_sni_entry_list[i].sni) == 0) {
1394 break;
1395 }
1396 }
1397 if (i == m_context->psk_sni_count) {
1398 /*
1399 * New PSK SNI request
1400 */
1401 const coap_dtls_spsk_info_t *new_entry;
1402 psk_sni_entry *psk_sni_entry_list;
1403
1404 coap_lock_callback_ret(new_entry,
1405 c_session->context->spsk_setup_data.validate_sni_call_back(name,
1406 c_session,
1407 c_session->context->spsk_setup_data.sni_call_back_arg));
1408 if (!new_entry) {
1409 mbedtls_free(name);
1410 return -1;
1411 }
1412
1413 psk_sni_entry_list = mbedtls_realloc(m_context->psk_sni_entry_list,
1414 (i+1)*sizeof(psk_sni_entry));
1415
1416 if (psk_sni_entry_list == NULL) {
1417 mbedtls_free(name);
1418 return -1;
1419 }
1420 m_context->psk_sni_entry_list = psk_sni_entry_list;
1421 m_context->psk_sni_entry_list[i].sni = name;
1422 m_context->psk_sni_entry_list[i].psk_info = *new_entry;
1423 /* name has been absorbed into psk_sni_entry_list[].sni entry */
1424 m_context->psk_sni_count++;
1425 } else {
1426 mbedtls_free(name);
1427 }
1428
1430 &m_context->psk_sni_entry_list[i].psk_info.hint);
1432 &m_context->psk_sni_entry_list[i].psk_info.key);
1433#if MBEDTLS_VERSION_NUMBER >= 0x04000000
1434 (void)ssl;
1435 return 0;
1436#else /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
1437 return mbedtls_ssl_set_hs_psk(ssl,
1438 m_context->psk_sni_entry_list[i].psk_info.key.s,
1439 m_context->psk_sni_entry_list[i].psk_info.key.length);
1440#endif /* MBEDTLS_VERSION_NUMBER < 0x04000000 */
1441}
1442#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1443
1444static int
1445setup_server_ssl_session(coap_session_t *c_session,
1446 coap_mbedtls_env_t *m_env) {
1447 coap_mbedtls_context_t *m_context =
1448 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1449 int ret = 0;
1450 m_context->psk_pki_enabled |= IS_SERVER;
1451
1452 mbedtls_ssl_cookie_init(&m_env->cookie_ctx);
1453 if ((ret = mbedtls_ssl_config_defaults(&m_env->conf,
1454 MBEDTLS_SSL_IS_SERVER,
1455 c_session->proto == COAP_PROTO_DTLS ?
1456 MBEDTLS_SSL_TRANSPORT_DATAGRAM :
1457 MBEDTLS_SSL_TRANSPORT_STREAM,
1458 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
1459 coap_log_err("mbedtls_ssl_config_defaults returned -0x%x: '%s'\n",
1460 -ret, get_error_string(ret));
1461 goto fail;
1462 }
1463
1464#if !COAP_USE_PSA_CRYPTO
1465 mbedtls_ssl_conf_rng(&m_env->conf, mbedtls_ctr_drbg_random, &m_env->ctr_drbg);
1466#endif /* !COAP_USE_PSA_CRYPTO */
1467
1468#if defined(MBEDTLS_SSL_PROTO_DTLS)
1469 mbedtls_ssl_conf_handshake_timeout(&m_env->conf, COAP_DTLS_RETRANSMIT_MS,
1471#endif /* MBEDTLS_SSL_PROTO_DTLS */
1472
1473 if (m_context->psk_pki_enabled & IS_PSK) {
1474#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1475 mbedtls_ssl_conf_psk_cb(&m_env->conf, psk_server_callback, c_session);
1476 if (c_session->context->spsk_setup_data.validate_sni_call_back) {
1477 mbedtls_ssl_conf_sni(&m_env->conf, psk_sni_callback, c_session);
1478 }
1479#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1480 m_env->ec_jpake = c_session->context->spsk_setup_data.ec_jpake;
1481#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1482#else /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1483 coap_log_warn("PSK not enabled in Mbed TLS library\n");
1484#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1485 }
1486
1487 if (m_context->psk_pki_enabled & IS_PKI) {
1488 ret = setup_pki_credentials(&m_env->cacert, &m_env->public_cert,
1489 &m_env->private_key, m_env, m_context,
1490 c_session, &m_context->setup_data,
1492 if (ret < 0) {
1493 coap_log_err("PKI setup failed\n");
1494 return ret;
1495 }
1496 if (m_context->setup_data.validate_sni_call_back) {
1497 mbedtls_ssl_conf_sni(&m_env->conf, pki_sni_callback, c_session);
1498 }
1499 }
1500
1501#if COAP_USE_PSA_CRYPTO
1502 if ((ret = mbedtls_ssl_cookie_setup(&m_env->cookie_ctx)) != 0) {
1503#else /* !COAP_USE_PSA_CRYPTO */
1504 if ((ret = mbedtls_ssl_cookie_setup(&m_env->cookie_ctx,
1505 mbedtls_ctr_drbg_random,
1506 &m_env->ctr_drbg)) != 0) {
1507#endif /* !COAP_USE_PSA_CRYPTO */
1508 coap_log_err("mbedtls_ssl_cookie_setup: returned -0x%x: '%s'\n",
1509 -ret, get_error_string(ret));
1510 goto fail;
1511 }
1512
1513#if defined(MBEDTLS_SSL_PROTO_DTLS)
1514 mbedtls_ssl_conf_dtls_cookies(&m_env->conf, mbedtls_ssl_cookie_write,
1515 mbedtls_ssl_cookie_check,
1516 &m_env->cookie_ctx);
1517#if MBEDTLS_VERSION_NUMBER >= 0x02100100
1518 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
1519#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
1520#endif /* MBEDTLS_SSL_PROTO_DTLS */
1521#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1522 /*
1523 * Configure CID max length.
1524 *
1525 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
1526 * to use RFC9146 extension ID of 54, rather than the draft version -05
1527 * value of 254.
1528 */
1529 mbedtls_ssl_conf_cid(&m_env->conf, COAP_DTLS_CID_LENGTH, MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
1530#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
1531fail:
1532 return ret;
1533}
1534#endif /* MBEDTLS_SSL_SRV_C */
1535
1536#if COAP_CLIENT_SUPPORT
1537static int *psk_ciphers = NULL;
1538static int *pki_ciphers = NULL;
1539static int *ecjpake_ciphers = NULL;
1540static int processed_ciphers = 0;
1541
1542#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1543static int
1544coap_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) {
1545#if COAP_USE_PSA_CRYPTO
1546 switch (info->key_exchange) {
1547 case MBEDTLS_KEY_EXCHANGE_PSK:
1548 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1549 return 1;
1550 case MBEDTLS_KEY_EXCHANGE_NONE:
1551 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1552 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1553 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
1554 default:
1555 return 0;
1556 }
1557#elif MBEDTLS_VERSION_NUMBER >= 0x03060000
1558 switch (info->key_exchange) {
1559 case MBEDTLS_KEY_EXCHANGE_PSK:
1560 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1561 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
1562 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1563 return 1;
1564 case MBEDTLS_KEY_EXCHANGE_NONE:
1565 case MBEDTLS_KEY_EXCHANGE_RSA:
1566 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1567 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1568 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1569 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1570 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1571 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
1572 default:
1573 return 0;
1574 }
1575#else /* MBEDTLS_VERSION_NUMBER < 0x03060000 */
1576 return mbedtls_ssl_ciphersuite_uses_psk(info);
1577#endif /* MBEDTLS_VERSION_NUMBER < 0x03060000 */
1578}
1579#endif /* defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) */
1580
1581static void
1582set_ciphersuites(mbedtls_ssl_config *conf, coap_enc_method_t method) {
1583 if (!processed_ciphers) {
1584 const int *list = mbedtls_ssl_list_ciphersuites();
1585 const int *base = list;
1586 int *psk_list;
1587 int *pki_list;
1588#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1589 int *ecjpake_list;
1590 int ecjpake_count = 1;
1591#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1592 int psk_count = 1; /* account for empty terminator */
1593 int pki_count = 1;
1594
1595 while (*list) {
1596 const mbedtls_ssl_ciphersuite_t *cur =
1597 mbedtls_ssl_ciphersuite_from_id(*list);
1598
1599 if (cur) {
1600#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1601 if (cur->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2) {
1602 /* Minimum of TLS1.2 required - skip */
1603 }
1604#else
1605 if (cur->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
1606 /* Minimum of TLS1.2 required - skip */
1607 }
1608#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1609#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1610 else if (cur->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
1611 ecjpake_count++;
1612 }
1613#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1614#if MBEDTLS_VERSION_NUMBER >= 0x03060000
1615 else if (cur->min_tls_version >= MBEDTLS_SSL_VERSION_TLS1_3) {
1616 psk_count++;
1617 pki_count++;
1618 }
1619#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
1620#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1621 else if (coap_ssl_ciphersuite_uses_psk(cur)) {
1622 psk_count++;
1623 }
1624#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1625 else {
1626 pki_count++;
1627 }
1628 }
1629 list++;
1630 }
1631 list = base;
1632
1633 psk_ciphers = mbedtls_malloc(psk_count * sizeof(psk_ciphers[0]));
1634 if (psk_ciphers == NULL) {
1635 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", psk_count);
1636 return;
1637 }
1638 pki_ciphers = mbedtls_malloc(pki_count * sizeof(pki_ciphers[0]));
1639 if (pki_ciphers == NULL) {
1640 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", pki_count);
1641 mbedtls_free(psk_ciphers);
1642 psk_ciphers = NULL;
1643 return;
1644 }
1645#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1646 ecjpake_ciphers = mbedtls_malloc(ecjpake_count * sizeof(ecjpake_ciphers[0]));
1647 if (ecjpake_ciphers == NULL) {
1648 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", pki_count);
1649 mbedtls_free(psk_ciphers);
1650 mbedtls_free(pki_ciphers);
1651 psk_ciphers = NULL;
1652 pki_ciphers = NULL;
1653 return;
1654 }
1655#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1656
1657 psk_list = psk_ciphers;
1658 pki_list = pki_ciphers;
1659#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1660 ecjpake_list = ecjpake_ciphers;
1661#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1662
1663 while (*list) {
1664 const mbedtls_ssl_ciphersuite_t *cur =
1665 mbedtls_ssl_ciphersuite_from_id(*list);
1666 if (cur) {
1667#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1668 if (cur->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2) {
1669 /* Minimum of TLS1.2 required - skip */
1670 }
1671#else
1672 if (cur->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
1673 /* Minimum of TLS1.2 required - skip */
1674 }
1675#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1676#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1677 else if (cur->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
1678 *ecjpake_list = *list;
1679 ecjpake_list++;
1680 }
1681#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1682#if MBEDTLS_VERSION_NUMBER >= 0x03060000
1683 else if (cur->min_tls_version >= MBEDTLS_SSL_VERSION_TLS1_3) {
1684 *psk_list = *list;
1685 psk_list++;
1686 *pki_list = *list;
1687 pki_list++;
1688 }
1689#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
1690#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1691 else if (coap_ssl_ciphersuite_uses_psk(cur)) {
1692 *psk_list = *list;
1693 psk_list++;
1694 }
1695#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1696 else {
1697 *pki_list = *list;
1698 pki_list++;
1699 }
1700 }
1701 list++;
1702 }
1703 /* zero terminate */
1704 *psk_list = 0;
1705 *pki_list = 0;
1706 processed_ciphers = 1;
1707 }
1708 switch (method) {
1709 case COAP_ENC_PSK:
1710 mbedtls_ssl_conf_ciphersuites(conf, psk_ciphers);
1711 break;
1712 case COAP_ENC_PKI:
1713 mbedtls_ssl_conf_ciphersuites(conf, pki_ciphers);
1714 break;
1715 case COAP_ENC_ECJPAKE:
1716 mbedtls_ssl_conf_ciphersuites(conf, ecjpake_ciphers);
1717 break;
1718 default:
1719 assert(0);
1720 break;
1721 }
1722}
1723
1724static int
1725setup_client_ssl_session(coap_session_t *c_session,
1726 coap_mbedtls_env_t *m_env) {
1727 int ret;
1728
1729 coap_mbedtls_context_t *m_context =
1730 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1731
1732 m_context->psk_pki_enabled |= IS_CLIENT;
1733
1734 if ((ret = mbedtls_ssl_config_defaults(&m_env->conf,
1735 MBEDTLS_SSL_IS_CLIENT,
1736 c_session->proto == COAP_PROTO_DTLS ?
1737 MBEDTLS_SSL_TRANSPORT_DATAGRAM :
1738 MBEDTLS_SSL_TRANSPORT_STREAM,
1739 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
1740 coap_log_err("mbedtls_ssl_config_defaults returned -0x%x: '%s'\n",
1741 -ret, get_error_string(ret));
1742 goto fail;
1743 }
1744
1745#if defined(MBEDTLS_SSL_PROTO_DTLS)
1746 mbedtls_ssl_conf_handshake_timeout(&m_env->conf, COAP_DTLS_RETRANSMIT_MS,
1748#endif /* MBEDTLS_SSL_PROTO_DTLS */
1749
1750 mbedtls_ssl_conf_authmode(&m_env->conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1751#if !COAP_USE_PSA_CRYPTO
1752 mbedtls_ssl_conf_rng(&m_env->conf, mbedtls_ctr_drbg_random, &m_env->ctr_drbg);
1753#endif /* !COAP_USE_PSA_CRYPTO */
1754
1755 if (m_context->psk_pki_enabled & IS_PSK) {
1756#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1757 const coap_bin_const_t *psk_key;
1758 const coap_bin_const_t *psk_identity;
1759
1760 coap_log_info("Setting PSK key\n");
1761
1762 psk_key = coap_get_session_client_psk_key(c_session);
1763 psk_identity = coap_get_session_client_psk_identity(c_session);
1764 if (psk_key == NULL || psk_identity == NULL) {
1765 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
1766 goto fail;
1767 }
1768
1769 if ((ret = mbedtls_ssl_conf_psk(&m_env->conf, psk_key->s,
1770 psk_key->length, psk_identity->s,
1771 psk_identity->length)) != 0) {
1772 coap_log_err("mbedtls_ssl_conf_psk returned -0x%x: '%s'\n",
1773 -ret, get_error_string(ret));
1774 goto fail;
1775 }
1776 if (c_session->cpsk_setup_data.client_sni) {
1777 if ((ret = mbedtls_ssl_set_hostname(&m_env->ssl,
1778 c_session->cpsk_setup_data.client_sni)) != 0) {
1779 coap_log_err("mbedtls_ssl_set_hostname returned -0x%x: '%s'\n",
1780 -ret, get_error_string(ret));
1781 goto fail;
1782 }
1783 }
1784 /* Identity Hint currently not supported in Mbed TLS so code removed */
1785
1786#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1787 if (c_session->cpsk_setup_data.ec_jpake) {
1788 m_env->ec_jpake = 1;
1789 set_ciphersuites(&m_env->conf, COAP_ENC_ECJPAKE);
1790#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1791 mbedtls_ssl_conf_max_tls_version(&m_env->conf, MBEDTLS_SSL_VERSION_TLS1_2);
1792#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1793 } else {
1794 set_ciphersuites(&m_env->conf, COAP_ENC_PSK);
1795 }
1796#else /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1797 set_ciphersuites(&m_env->conf, COAP_ENC_PSK);
1798#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1799#else /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1800 coap_log_warn("PSK not enabled in Mbed TLS library\n");
1801#endif /* ! MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1802 } else if ((m_context->psk_pki_enabled & IS_PKI) ||
1803 (m_context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
1804 /*
1805 * If neither PSK or PKI have been set up, use PKI basics.
1806 * This works providing COAP_PKI_KEY_PEM has a value of 0.
1807 */
1808 coap_dtls_pki_t *setup_data = &m_context->setup_data;
1809
1810 if (!(m_context->psk_pki_enabled & IS_PKI)) {
1811 /* PKI not defined - set up some defaults */
1812 setup_data->verify_peer_cert = 1;
1813 setup_data->check_common_ca = 0;
1814 setup_data->allow_self_signed = 1;
1815 setup_data->allow_expired_certs = 1;
1816 setup_data->cert_chain_validation = 1;
1817 setup_data->cert_chain_verify_depth = 2;
1818 setup_data->check_cert_revocation = 1;
1819 setup_data->allow_no_crl = 1;
1820 setup_data->allow_expired_crl = 1;
1821 setup_data->is_rpk_not_cert = 0;
1822 setup_data->use_cid = 0;
1823 }
1824 mbedtls_ssl_conf_authmode(&m_env->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
1825 ret = setup_pki_credentials(&m_env->cacert, &m_env->public_cert,
1826 &m_env->private_key, m_env, m_context,
1827 c_session, setup_data,
1829 if (ret < 0) {
1830 coap_log_err("PKI setup failed\n");
1831 return ret;
1832 }
1833#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_ALPN)
1834 if (c_session->proto == COAP_PROTO_TLS ||
1835 c_session->proto == COAP_PROTO_WSS) {
1836 static const char *alpn_list[] = { "coap", NULL };
1837
1838 ret = mbedtls_ssl_conf_alpn_protocols(&m_env->conf, alpn_list);
1839 if (ret != 0) {
1840 coap_log_err("ALPN setup failed %d)\n", ret);
1841 }
1842 }
1843#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_ALPN */
1844 mbedtls_ssl_set_hostname(&m_env->ssl, m_context->setup_data.client_sni);
1845#if defined(MBEDTLS_SSL_PROTO_DTLS)
1846#if MBEDTLS_VERSION_NUMBER >= 0x02100100
1847 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
1848#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
1849#endif /* MBEDTLS_SSL_PROTO_DTLS */
1850 set_ciphersuites(&m_env->conf, COAP_ENC_PKI);
1851 }
1852 return 0;
1853
1854fail:
1855 return ret;
1856}
1857#endif /* COAP_CLIENT_SUPPORT */
1858
1859static void
1860mbedtls_cleanup(coap_mbedtls_env_t *m_env) {
1861 if (!m_env) {
1862 return;
1863 }
1864
1865 mbedtls_x509_crt_free(&m_env->cacert);
1866 mbedtls_x509_crt_free(&m_env->public_cert);
1867 mbedtls_pk_free(&m_env->private_key);
1868#if !COAP_USE_PSA_CRYPTO
1869 mbedtls_entropy_free(&m_env->entropy);
1870 mbedtls_ctr_drbg_free(&m_env->ctr_drbg);
1871#endif /* !COAP_USE_PSA_CRYPTO */
1872 mbedtls_ssl_config_free(&m_env->conf);
1873 mbedtls_ssl_free(&m_env->ssl);
1874 mbedtls_ssl_cookie_free(&m_env->cookie_ctx);
1875}
1876
1877static void
1878coap_dtls_free_mbedtls_env(coap_mbedtls_env_t *m_env) {
1879 if (m_env) {
1880 if (!m_env->sent_alert)
1881 mbedtls_ssl_close_notify(&m_env->ssl);
1882 mbedtls_cleanup(m_env);
1883 mbedtls_free(m_env);
1884 }
1885}
1886
1887#if COAP_MAX_LOGGING_LEVEL > 0
1888static const char *
1889report_mbedtls_alert(unsigned char alert) {
1890 switch (alert) {
1891 case MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC:
1892 return ": Bad Record MAC";
1893 case MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE:
1894 return ": Handshake failure";
1895 case MBEDTLS_SSL_ALERT_MSG_NO_CERT:
1896 return ": No Certificate provided";
1897 case MBEDTLS_SSL_ALERT_MSG_BAD_CERT:
1898 return ": Certificate is bad";
1899 case MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN:
1900 return ": Certificate is unknown";
1901 case MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA:
1902 return ": CA is unknown";
1903 case MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED:
1904 return ": Access was denied";
1905 case MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR:
1906 return ": Decrypt error";
1907 default:
1908 return "";
1909 }
1910}
1911#endif /* COAP_MAX_LOGGING_LEVEL */
1912
1913/*
1914 * return -1 failure
1915 * 0 not completed
1916 * 1 established
1917 */
1918static int
1919do_mbedtls_handshake(coap_session_t *c_session,
1920 coap_mbedtls_env_t *m_env) {
1921 int ret;
1922 int alert;
1923
1924 ret = mbedtls_ssl_handshake(&m_env->ssl);
1925 switch (ret) {
1926 case 0:
1927 m_env->established = 1;
1928 coap_log_debug("* %s: Mbed TLS established\n",
1929 coap_session_str(c_session));
1930 ret = 1;
1931#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1932#if COAP_CLIENT_SUPPORT
1933 if (c_session->type == COAP_SESSION_TYPE_CLIENT &&
1934 c_session->proto == COAP_PROTO_DTLS) {
1935 coap_mbedtls_context_t *m_context;
1936
1937 m_context = (coap_mbedtls_context_t *)c_session->context->dtls_context;
1938 if ((m_context->psk_pki_enabled & IS_PSK && c_session->cpsk_setup_data.use_cid) ||
1939 m_context->setup_data.use_cid) {
1940 unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
1941 int enabled;
1942 size_t peer_cid_len;
1943
1944 /* See whether CID was negotiated */
1945 if (mbedtls_ssl_get_peer_cid(&m_env->ssl, &enabled, peer_cid, &peer_cid_len) == 0 &&
1946 enabled == MBEDTLS_SSL_CID_ENABLED) {
1947 c_session->negotiated_cid = 1;
1948 } else {
1949 coap_log_info("** %s: CID was not negotiated\n", coap_session_str(c_session));
1950 c_session->negotiated_cid = 0;
1951 }
1952 }
1953 }
1954#endif /* COAP_CLIENT_SUPPORT */
1955#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
1957 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
1958 break;
1959 case MBEDTLS_ERR_SSL_WANT_READ:
1960 case MBEDTLS_ERR_SSL_WANT_WRITE:
1961 if (m_env->ssl.state == MBEDTLS_SSL_SERVER_HELLO
1962#if MBEDTLS_VERSION_NUMBER >= 0x03030000
1963 || m_env->ssl.state == MBEDTLS_SSL_NEW_SESSION_TICKET
1964#endif /* MBEDTLS_VERSION_NUMBER >= 0x03030000 */
1965 ) {
1966 if (++m_env->server_hello_cnt > 10) {
1967 /* retried this too many times */
1968 goto fail;
1969 }
1970 }
1971 errno = EAGAIN;
1972 ret = 0;
1973 break;
1974 case MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED:
1975 coap_log_debug("hello verification requested\n");
1976 goto reset;
1977 case MBEDTLS_ERR_SSL_INVALID_MAC:
1978 goto fail;
1979#ifdef MBEDTLS_2_X_COMPAT
1980 case MBEDTLS_ERR_SSL_UNKNOWN_CIPHER:
1981#else /* ! MBEDTLS_2_X_COMPAT */
1982 case MBEDTLS_ERR_SSL_DECODE_ERROR:
1983#endif /* ! MBEDTLS_2_X_COMPAT */
1984 goto fail;
1985 case MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE:
1986 alert = MBEDTLS_SSL_ALERT_MSG_NO_CERT;
1987 goto fail_alert;
1988#ifdef MBEDTLS_2_X_COMPAT
1989 case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO:
1990 case MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO:
1991 alert = MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE;
1992 goto fail_alert;
1993#endif /* MBEDTLS_2_X_COMPAT */
1994 case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
1995 goto fail;
1996 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
1997 if (m_env->ssl.in_msg[1] != MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY)
1998 coap_log_warn("***%s: Alert '%d'%s\n",
1999 coap_session_str(c_session), m_env->ssl.in_msg[1],
2000 report_mbedtls_alert(m_env->ssl.in_msg[1]));
2001 /* Fall through */
2002 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2003 case MBEDTLS_ERR_SSL_CONN_EOF:
2004 case MBEDTLS_ERR_NET_CONN_RESET:
2006 ret = -1;
2007 break;
2008 default:
2009 coap_log_warn("do_mbedtls_handshake: session establish "
2010 "returned -0x%x: '%s'\n",
2011 -ret, get_error_string(ret));
2012 ret = -1;
2013 break;
2014 }
2015 return ret;
2016
2017fail_alert:
2018 mbedtls_ssl_send_alert_message(&m_env->ssl,
2019 MBEDTLS_SSL_ALERT_LEVEL_FATAL,
2020 alert);
2021 m_env->sent_alert = 1;
2022fail:
2023 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2024 coap_log_warn("do_mbedtls_handshake: session establish "
2025 "returned '%s'\n",
2026 get_error_string(ret));
2027reset:
2028 mbedtls_ssl_session_reset(&m_env->ssl);
2029#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2030 if (m_env->ec_jpake) {
2031 const coap_bin_const_t *psk_key;
2032
2033#if COAP_CLIENT_SUPPORT && COAP_SERVER_SUPPORT
2034 if (c_session->type == COAP_SESSION_TYPE_CLIENT) {
2035 psk_key = coap_get_session_client_psk_key(c_session);
2036 } else {
2037 psk_key = coap_get_session_server_psk_key(c_session);
2038 }
2039#elif COAP_CLIENT_SUPPORT
2040 psk_key = coap_get_session_client_psk_key(c_session);
2041#else /* COAP_SERVER_SUPPORT */
2042 psk_key = coap_get_session_server_psk_key(c_session);
2043#endif /* COAP_SERVER_SUPPORT */
2044 if (psk_key) {
2045 mbedtls_ssl_set_hs_ecjpake_password(&m_env->ssl, psk_key->s, psk_key->length);
2046 }
2047 }
2048#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2049 return -1;
2050}
2051
2052static void
2053mbedtls_debug_out(void *ctx COAP_UNUSED, int level,
2054 const char *file COAP_UNUSED,
2055 int line COAP_UNUSED, const char *str) {
2056
2057 coap_log_t coap_level = COAP_LOG_DEBUG;
2058 /*
2059 * 0 No debug
2060 * 1 Error
2061 * 2 State change
2062 * 3 Informational
2063 * 4 Verbose
2064 */
2065 switch (level) {
2066 case 0:
2067 coap_level = COAP_LOG_EMERG;
2068 break;
2069 case 1:
2070 coap_level = COAP_LOG_WARN;
2071 break;
2072 case 2:
2073 coap_level = COAP_LOG_NOTICE;
2074 break;
2075 case 3:
2076 coap_level = COAP_LOG_INFO;
2077 break;
2078 case 4:
2079 default:
2080 coap_level = COAP_LOG_DEBUG;
2081 break;
2082 }
2083 coap_dtls_log(coap_level, "%s", str);
2084}
2085
2086#if !COAP_DISABLE_TCP
2087/*
2088 * strm
2089 * return +ve data amount
2090 * 0 no more
2091 * -ve Mbed TLS error
2092 */
2093static int
2094coap_sock_read(void *ctx, unsigned char *out, size_t outl) {
2095 int ret = MBEDTLS_ERR_SSL_CONN_EOF;
2096 coap_session_t *c_session = (coap_session_t *)ctx;
2097
2098 if (out != NULL) {
2099 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_read(c_session, out, outl);
2100 /* Translate layer returns into what MbedTLS expects */
2101 if (ret == -1) {
2102 if (errno == ECONNRESET) {
2103 /* graceful shutdown */
2104 ret = MBEDTLS_ERR_SSL_CONN_EOF;
2105 } else {
2106 ret = MBEDTLS_ERR_NET_RECV_FAILED;
2107 }
2108 } else if (ret == 0) {
2109 errno = EAGAIN;
2110 ret = MBEDTLS_ERR_SSL_WANT_READ;
2111 }
2112 }
2113 return ret;
2114}
2115
2116/*
2117 * strm
2118 * return +ve data amount
2119 * 0 no more
2120 * -ve Mbed TLS error
2121 */
2122static int
2123coap_sock_write(void *context, const unsigned char *in, size_t inl) {
2124 int ret = 0;
2125 coap_session_t *c_session = (coap_session_t *)context;
2126
2127 ret = c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
2128 (const uint8_t *)in,
2129 inl);
2130 /* Translate layer what returns into what MbedTLS expects */
2131 if (ret < 0) {
2132 if ((c_session->state == COAP_SESSION_STATE_CSM ||
2133 c_session->state == COAP_SESSION_STATE_HANDSHAKE) &&
2134 (errno == EPIPE || errno == ECONNRESET)) {
2135 /*
2136 * Need to handle a TCP timing window where an agent continues with
2137 * the sending of the next handshake or a CSM.
2138 * However, the peer does not like a certificate and so sends a
2139 * fatal alert and closes the TCP session.
2140 * The sending of the next handshake or CSM may get terminated because
2141 * of the closed TCP session, but there is still an outstanding alert
2142 * to be read in and reported on.
2143 * In this case, pretend that sending the info was fine so that the
2144 * alert can be read (which effectively is what happens with DTLS).
2145 */
2146 ret = inl;
2147 } else {
2148#ifdef _WIN32
2149 int lasterror = WSAGetLastError();
2150
2151 if (lasterror == WSAEWOULDBLOCK) {
2152 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
2153 } else if (lasterror == WSAECONNRESET) {
2154 ret = MBEDTLS_ERR_NET_CONN_RESET;
2155 }
2156#else
2157 if (errno == EAGAIN || errno == EINTR) {
2158 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
2159 } else if (errno == EPIPE || errno == ECONNRESET) {
2160 ret = MBEDTLS_ERR_NET_CONN_RESET;
2161 }
2162#endif
2163 else {
2164 ret = MBEDTLS_ERR_NET_SEND_FAILED;
2165 }
2166 coap_log_debug("* %s: failed to send %" PRIdS " bytes (%s) state %d\n",
2167 coap_session_str(c_session), inl, coap_socket_strerror(),
2168 c_session->state);
2169 }
2170 }
2171 if (ret == 0) {
2172 errno = EAGAIN;
2173 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
2174 }
2175 return ret;
2176}
2177#endif /* !COAP_DISABLE_TCP */
2178
2179static coap_mbedtls_env_t *
2180coap_dtls_new_mbedtls_env(coap_session_t *c_session,
2181 coap_dtls_role_t role,
2182 coap_proto_t proto) {
2183#if !COAP_USE_PSA_CRYPTO
2184 int ret = 0;
2185#endif /* !COAP_USE_PSA_CRYPTO */
2186 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2187
2188 if (m_env)
2189 return m_env;
2190
2191 m_env = (coap_mbedtls_env_t *)mbedtls_malloc(sizeof(coap_mbedtls_env_t));
2192 if (!m_env) {
2193 return NULL;
2194 }
2195 memset(m_env, 0, sizeof(coap_mbedtls_env_t));
2196
2197 mbedtls_ssl_init(&m_env->ssl);
2198#if !COAP_USE_PSA_CRYPTO
2199 mbedtls_ctr_drbg_init(&m_env->ctr_drbg);
2200 mbedtls_entropy_init(&m_env->entropy);
2201#endif /* !COAP_USE_PSA_CRYPTO */
2202 mbedtls_ssl_config_init(&m_env->conf);
2203
2204#if defined(ESPIDF_VERSION) && defined(CONFIG_MBEDTLS_DEBUG)
2205 mbedtls_esp_enable_debug_log(&m_env->conf, CONFIG_MBEDTLS_DEBUG_LEVEL);
2206#endif /* ESPIDF_VERSION && CONFIG_MBEDTLS_DEBUG */
2207
2208#if !COAP_USE_PSA_CRYPTO
2209 if ((ret = mbedtls_ctr_drbg_seed(&m_env->ctr_drbg,
2210 mbedtls_entropy_func, &m_env->entropy, NULL, 0)) != 0) {
2211 if (ret != MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) {
2212 coap_log_info("mbedtls_ctr_drbg_seed returned -0x%x: '%s'\n",
2213 -ret, get_error_string(ret));
2214 goto fail;
2215 }
2216 coap_log_err("mbedtls_ctr_drbg_seed returned -0x%x: '%s'\n",
2217 -ret, get_error_string(ret));
2218 }
2219#endif /* !COAP_USE_PSA_CRYPTO */
2220
2221 if (role == COAP_DTLS_ROLE_CLIENT) {
2222#if COAP_CLIENT_SUPPORT
2223 if (setup_client_ssl_session(c_session, m_env) != 0) {
2224 goto fail;
2225 }
2226#else /* !COAP_CLIENT_SUPPORT */
2227 goto fail;
2228#endif /* !COAP_CLIENT_SUPPORT */
2229 } else if (role == COAP_DTLS_ROLE_SERVER) {
2230#if defined(MBEDTLS_SSL_SRV_C)
2231 if (setup_server_ssl_session(c_session, m_env) != 0) {
2232 goto fail;
2233 }
2234#else /* ! MBEDTLS_SSL_SRV_C */
2235 goto fail;
2236#endif /* ! MBEDTLS_SSL_SRV_C */
2237 } else {
2238 goto fail;
2239 }
2240
2241#if MBEDTLS_VERSION_NUMBER >= 0x03020000
2242 mbedtls_ssl_conf_min_tls_version(&m_env->conf, MBEDTLS_SSL_VERSION_TLS1_2);
2243#else
2244 mbedtls_ssl_conf_min_version(&m_env->conf, MBEDTLS_SSL_MAJOR_VERSION_3,
2245 MBEDTLS_SSL_MINOR_VERSION_3);
2246#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
2247
2248 if (mbedtls_ssl_setup(&m_env->ssl, &m_env->conf) != 0) {
2249 goto fail;
2250 }
2251 if (proto == COAP_PROTO_DTLS) {
2252 mbedtls_ssl_set_bio(&m_env->ssl, c_session, coap_dgram_write,
2253 coap_dgram_read, NULL);
2254#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
2255 if (COAP_PROTO_NOT_RELIABLE(c_session->proto)) {
2256 if (role == COAP_DTLS_ROLE_CLIENT) {
2257#if COAP_CLIENT_SUPPORT
2258 coap_mbedtls_context_t *m_context =
2259 (coap_mbedtls_context_t *)c_session->context->dtls_context;
2260
2261 if ((m_context->psk_pki_enabled & IS_PSK && c_session->cpsk_setup_data.use_cid) ||
2262 m_context->setup_data.use_cid) {
2263 /*
2264 * Enable passive DTLS CID support.
2265 *
2266 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
2267 * to use RFC9146 extension ID of 54, rather than the draft version -05
2268 * value of 254.
2269 */
2270 mbedtls_ssl_set_cid(&m_env->ssl, MBEDTLS_SSL_CID_ENABLED, NULL, 0);
2271 }
2272#endif /* COAP_CLIENT_SUPPORT */
2273 } else {
2274#if COAP_SERVER_SUPPORT
2275 uint8_t cid[COAP_DTLS_CID_LENGTH];
2276 /*
2277 * Enable server DTLS CID support.
2278 *
2279 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
2280 * to use RFC9146 extension ID of 54, rather than the draft version -05
2281 * value of 254.
2282 */
2283 coap_prng_lkd(cid, sizeof(cid));
2284 mbedtls_ssl_set_cid(&m_env->ssl, MBEDTLS_SSL_CID_ENABLED, cid,
2285 sizeof(cid));
2286 c_session->client_cid = coap_new_bin_const(cid, sizeof(cid));
2287#endif /* COAP_SERVER_SUPPORT */
2288 }
2289 }
2290#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
2291 }
2292#if !COAP_DISABLE_TCP
2293 else {
2294 assert(proto == COAP_PROTO_TLS);
2295 mbedtls_ssl_set_bio(&m_env->ssl, c_session, coap_sock_write,
2296 coap_sock_read, NULL);
2297 }
2298#endif /* ! COAP_DISABLE_TCP */
2299#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2300 coap_mbedtls_context_t *m_context =
2301 ((coap_mbedtls_context_t *)c_session->context->dtls_context);
2302 if ((m_context->psk_pki_enabled & IS_PSK) &&
2303 m_env->ec_jpake) {
2304 const coap_bin_const_t *psk_key;
2305
2306#if COAP_CLIENT_SUPPORT && COAP_SERVER_SUPPORT
2307 if (role == COAP_DTLS_ROLE_CLIENT) {
2308 psk_key = coap_get_session_client_psk_key(c_session);
2309 } else {
2310 psk_key = coap_get_session_server_psk_key(c_session);
2311 }
2312#elif COAP_CLIENT_SUPPORT
2313 psk_key = coap_get_session_client_psk_key(c_session);
2314#else /* COAP_SERVER_SUPPORT */
2315 psk_key = coap_get_session_server_psk_key(c_session);
2316#endif /* COAP_SERVER_SUPPORT */
2317 mbedtls_ssl_set_hs_ecjpake_password(&m_env->ssl, psk_key->s, psk_key->length);
2318 }
2319#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2320#ifdef __ZEPHYR__
2321 mbedtls_ssl_set_timer_cb(&m_env->ssl, &m_env->timer,
2322 zephyr_timing_set_delay,
2323 zephyr_timing_get_delay);
2324#else
2325 mbedtls_ssl_set_timer_cb(&m_env->ssl, &m_env->timer,
2326 mbedtls_timing_set_delay,
2327 mbedtls_timing_get_delay);
2328#endif
2329
2330 mbedtls_ssl_conf_dbg(&m_env->conf, mbedtls_debug_out, stdout);
2331 return m_env;
2332
2333fail:
2334 if (m_env) {
2335 mbedtls_free(m_env);
2336 }
2337 return NULL;
2338}
2339
2340int
2342#if defined(MBEDTLS_SSL_PROTO_DTLS)
2343 return 1;
2344#else /* !MBEDTLS_SSL_PROTO_DTLS */
2345 static int reported = 0;
2346 if (!reported) {
2347 reported = 1;
2348 coap_log_emerg("libcoap not compiled for DTLS with Mbed TLS"
2349 " - update Mbed TLS to include DTLS\n");
2350 }
2351 return 0;
2352#endif /* !MBEDTLS_SSL_PROTO_DTLS */
2353}
2354
2355int
2357#if !COAP_DISABLE_TCP
2358 return 1;
2359#else /* COAP_DISABLE_TCP */
2360 return 0;
2361#endif /* COAP_DISABLE_TCP */
2362}
2363
2364/*
2365 * return 0 failed
2366 * 1 passed
2367 */
2368int
2370 return 1;
2371}
2372
2373/*
2374 * return 0 failed
2375 * 1 passed
2376 */
2377int
2379 return 1;
2380}
2381
2382/*
2383 * return 0 failed
2384 * 1 passed
2385 */
2386int
2388 return 0;
2389}
2390
2391/*
2392 * return 0 failed
2393 * 1 passed
2394 */
2395int
2397 return 0;
2398}
2399
2400/*
2401 * return 0 failed
2402 * 1 passed
2403 */
2404int
2406#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
2407 return 1;
2408#else /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2409 return 0;
2410#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2411}
2412
2413#if COAP_CLIENT_SUPPORT
2414int
2415coap_dtls_set_cid_tuple_change(coap_context_t *c_context, uint8_t every) {
2416#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
2417 c_context->testing_cids = every;
2418 return 1;
2419#else /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2420 (void)c_context;
2421 (void)every;
2422 return 0;
2423#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2424}
2425#endif /* COAP_CLIENT_SUPPORT */
2426
2427void *
2429 coap_mbedtls_context_t *m_context;
2430 (void)c_context;
2431
2432 m_context = (coap_mbedtls_context_t *)mbedtls_malloc(sizeof(coap_mbedtls_context_t));
2433 if (m_context) {
2434 memset(m_context, 0, sizeof(coap_mbedtls_context_t));
2435 }
2436 return m_context;
2437}
2438
2439#if COAP_SERVER_SUPPORT
2440/*
2441 * return 0 failed
2442 * 1 passed
2443 */
2444int
2445coap_dtls_context_set_spsk(coap_context_t *c_context,
2446 coap_dtls_spsk_t *setup_data
2447 ) {
2448 coap_mbedtls_context_t *m_context =
2449 ((coap_mbedtls_context_t *)c_context->dtls_context);
2450
2451#if !defined(MBEDTLS_SSL_SRV_C)
2452 coap_log_emerg("coap_context_set_spsk:"
2453 " libcoap not compiled for Server Mode for Mbed TLS"
2454 " - update Mbed TLS to include Server Mode\n");
2455 return 0;
2456#endif /* !MBEDTLS_SSL_SRV_C */
2457 if (!m_context || !setup_data)
2458 return 0;
2459
2460 if (setup_data->ec_jpake) {
2461#ifndef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2462 coap_log_warn("Mbed TLS not compiled for EC-JPAKE support\n");
2463#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2464 }
2465 if (setup_data->psk_info.hint.length) {
2466 coap_log_warn("CoAP Server with Mbed TLS does not support Identity Hint\n");
2467 }
2468 m_context->psk_pki_enabled |= IS_PSK;
2469 return 1;
2470}
2471#endif /* COAP_SERVER_SUPPORT */
2472
2473#if COAP_CLIENT_SUPPORT
2474/*
2475 * return 0 failed
2476 * 1 passed
2477 */
2478int
2479coap_dtls_context_set_cpsk(coap_context_t *c_context,
2480 coap_dtls_cpsk_t *setup_data
2481 ) {
2482#if !defined(MBEDTLS_SSL_CLI_C)
2483 (void)c_context;
2484 (void)setup_data;
2485
2486 coap_log_emerg("coap_context_set_cpsk:"
2487 " libcoap not compiled for Client Mode for Mbed TLS"
2488 " - update Mbed TLS to include Client Mode\n");
2489 return 0;
2490#else /* MBEDTLS_SSL_CLI_C */
2491 coap_mbedtls_context_t *m_context =
2492 ((coap_mbedtls_context_t *)c_context->dtls_context);
2493
2494 if (!m_context || !setup_data)
2495 return 0;
2496
2497 if (setup_data->validate_ih_call_back) {
2498 coap_log_warn("CoAP Client with Mbed TLS does not support Identity Hint selection\n");
2499 }
2500 if (setup_data->ec_jpake) {
2501#ifndef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2502 coap_log_warn("Mbed TLS not compiled for EC-JPAKE support\n");
2503#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2504 }
2505 if (setup_data->use_cid) {
2506#ifndef MBEDTLS_SSL_DTLS_CONNECTION_ID
2507 coap_log_warn("Mbed TLS not compiled for Connection-ID support\n");
2508#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2509 }
2510 m_context->psk_pki_enabled |= IS_PSK;
2511 return 1;
2512#endif /* MBEDTLS_SSL_CLI_C */
2513}
2514#endif /* COAP_CLIENT_SUPPORT */
2515
2516int
2518 const coap_dtls_pki_t *setup_data,
2519 const coap_dtls_role_t role COAP_UNUSED) {
2520 coap_mbedtls_context_t *m_context =
2521 ((coap_mbedtls_context_t *)c_context->dtls_context);
2522
2523 m_context->setup_data = *setup_data;
2524 if (!m_context->setup_data.verify_peer_cert) {
2525 /* Needs to be clear so that no CA DNs are transmitted */
2526 m_context->setup_data.check_common_ca = 0;
2527 /* Allow all of these but warn if issue */
2528 m_context->setup_data.allow_self_signed = 1;
2529 m_context->setup_data.allow_expired_certs = 1;
2530 m_context->setup_data.cert_chain_validation = 1;
2531 m_context->setup_data.cert_chain_verify_depth = 10;
2532 m_context->setup_data.check_cert_revocation = 1;
2533 m_context->setup_data.allow_no_crl = 1;
2534 m_context->setup_data.allow_expired_crl = 1;
2535 m_context->setup_data.allow_bad_md_hash = 1;
2536 m_context->setup_data.allow_short_rsa_length = 1;
2537 }
2538 m_context->psk_pki_enabled |= IS_PKI;
2539 if (setup_data->use_cid) {
2540#ifndef MBEDTLS_SSL_DTLS_CONNECTION_ID
2541 coap_log_warn("Mbed TLS not compiled for Connection-ID support\n");
2542#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2543 }
2544 return 1;
2545}
2546
2547int
2549 const char *ca_file,
2550 const char *ca_path) {
2551 coap_mbedtls_context_t *m_context =
2552 ((coap_mbedtls_context_t *)c_context->dtls_context);
2553
2554 if (!m_context) {
2555 coap_log_warn("coap_context_set_pki_root_cas: (D)TLS environment "
2556 "not set up\n");
2557 return 0;
2558 }
2559
2560 if (ca_file == NULL && ca_path == NULL) {
2561 coap_log_warn("coap_context_set_pki_root_cas: ca_file and/or ca_path "
2562 "not defined\n");
2563 return 0;
2564 }
2565 if (m_context->root_ca_file) {
2566 mbedtls_free(m_context->root_ca_file);
2567 m_context->root_ca_file = NULL;
2568 }
2569
2570 if (ca_file) {
2571 m_context->root_ca_file = mbedtls_strdup(ca_file);
2572 }
2573
2574 if (m_context->root_ca_path) {
2575 mbedtls_free(m_context->root_ca_path);
2576 m_context->root_ca_path = NULL;
2577 }
2578
2579 if (ca_path) {
2580 m_context->root_ca_path = mbedtls_strdup(ca_path);
2581 }
2582 return 1;
2583}
2584
2585/*
2586 * return 0 failed
2587 * 1 passed
2588 */
2589int
2591 coap_mbedtls_context_t *m_context =
2592 ((coap_mbedtls_context_t *)c_context->dtls_context);
2593
2594 if (!m_context) {
2595 coap_log_warn("coap_context_load_pki_trust_store: (D)TLS environment "
2596 "not set up\n");
2597 return 0;
2598 }
2599 m_context->trust_store_defined = 1;
2600
2601 /* No proper support for this in MbedTLS at this point */
2602 return 1;
2603}
2604
2605
2606int
2608 coap_mbedtls_context_t *m_context =
2609 ((coap_mbedtls_context_t *)c_context->dtls_context);
2610 return m_context->psk_pki_enabled ? 1 : 0;
2611}
2612
2613void
2614coap_dtls_free_context(void *dtls_context) {
2615 coap_mbedtls_context_t *m_context = (coap_mbedtls_context_t *)dtls_context;
2616 unsigned int i;
2617
2618 for (i = 0; i < m_context->pki_sni_count; i++) {
2619 mbedtls_free(m_context->pki_sni_entry_list[i].sni);
2620
2621 mbedtls_x509_crt_free(&m_context->pki_sni_entry_list[i].public_cert);
2622
2623 mbedtls_pk_free(&m_context->pki_sni_entry_list[i].private_key);
2624
2625 mbedtls_x509_crt_free(&m_context->pki_sni_entry_list[i].cacert);
2626 }
2627 if (m_context->pki_sni_entry_list)
2628 mbedtls_free(m_context->pki_sni_entry_list);
2629
2630 for (i = 0; i < m_context->psk_sni_count; i++) {
2631 mbedtls_free(m_context->psk_sni_entry_list[i].sni);
2632 }
2633 if (m_context->psk_sni_entry_list)
2634 mbedtls_free(m_context->psk_sni_entry_list);
2635
2636 if (m_context->root_ca_path)
2637 mbedtls_free(m_context->root_ca_path);
2638 if (m_context->root_ca_file)
2639 mbedtls_free(m_context->root_ca_file);
2640
2641 mbedtls_free(m_context);
2642}
2643
2644#if COAP_CLIENT_SUPPORT
2645void *
2646coap_dtls_new_client_session(coap_session_t *c_session) {
2647#if !defined(MBEDTLS_SSL_CLI_C)
2648 (void)c_session;
2649 coap_log_emerg("coap_dtls_new_client_session:"
2650 " libcoap not compiled for Client Mode for Mbed TLS"
2651 " - update Mbed TLS to include Client Mode\n");
2652 return NULL;
2653#else /* MBEDTLS_SSL_CLI_C */
2654 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
2657 int ret;
2658
2659 if (m_env) {
2660 coap_tick_t now;
2661
2662 coap_ticks(&now);
2663 m_env->last_timeout = now;
2664 ret = do_mbedtls_handshake(c_session, m_env);
2665 if (ret == -1) {
2666 coap_dtls_free_mbedtls_env(m_env);
2667 return NULL;
2668 }
2669 }
2670 return m_env;
2671#endif /* MBEDTLS_SSL_CLI_C */
2672}
2673#endif /* COAP_CLIENT_SUPPORT */
2674
2675#if COAP_SERVER_SUPPORT
2676void *
2677coap_dtls_new_server_session(coap_session_t *c_session) {
2678#if !defined(MBEDTLS_SSL_SRV_C)
2679 (void)c_session;
2680 coap_log_emerg("coap_dtls_new_server_session:"
2681 " libcoap not compiled for Server Mode for Mbed TLS"
2682 " - update Mbed TLS to include Server Mode\n");
2683 return NULL;
2684#else /* MBEDTLS_SSL_SRV_C */
2685 coap_mbedtls_env_t *m_env =
2686 (coap_mbedtls_env_t *)c_session->tls;
2687 if (m_env) {
2688#if defined(MBEDTLS_SSL_PROTO_DTLS)
2689#if MBEDTLS_VERSION_NUMBER >= 0x02100100
2690 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
2691#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
2692#endif /* MBEDTLS_SSL_PROTO_DTLS */
2693 }
2694 return m_env;
2695#endif /* MBEDTLS_SSL_SRV_C */
2696}
2697#endif /* COAP_SERVER_SUPPORT */
2698
2699void
2701 if (c_session && c_session->context && c_session->tls) {
2702 coap_dtls_free_mbedtls_env(c_session->tls);
2703 c_session->tls = NULL;
2705 }
2706 return;
2707}
2708
2709void
2711#if defined(MBEDTLS_SSL_PROTO_DTLS)
2712 coap_mbedtls_env_t *m_env =
2713 (coap_mbedtls_env_t *)c_session->tls;
2714 if (m_env) {
2715#if MBEDTLS_VERSION_NUMBER >= 0x02100100
2716 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
2717#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
2718 }
2719#else /* ! MBEDTLS_SSL_PROTO_DTLS */
2720 (void)c_session;
2721#endif /* MBEDTLS_SSL_PROTO_DTLS */
2722}
2723
2724ssize_t
2726 const uint8_t *data, size_t data_len) {
2727 int ret;
2728 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2729
2730 if (!m_env) {
2731 errno = ENOTCONN;
2732 return -1;
2733 }
2734 c_session->dtls_event = -1;
2735 coap_log_debug("* %s: dtls: sent %4d bytes\n",
2736 coap_session_str(c_session), (int)data_len);
2737 if (m_env->established) {
2738 ret = mbedtls_ssl_write(&m_env->ssl, (const unsigned char *) data, data_len);
2739 if (ret <= 0) {
2740 switch (ret) {
2741 case MBEDTLS_ERR_SSL_WANT_READ:
2742 case MBEDTLS_ERR_SSL_WANT_WRITE:
2743 ret = 0;
2744 break;
2745 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2747 ret = -1;
2748 break;
2749 default:
2750 coap_log_warn("coap_dtls_send: "
2751 "returned -0x%x: '%s'\n",
2752 -ret, get_error_string(ret));
2753 ret = -1;
2754 break;
2755 }
2756 if (ret == -1) {
2757 coap_log_warn("coap_dtls_send: cannot send PDU\n");
2758 }
2759 }
2760 } else {
2761 ret = do_mbedtls_handshake(c_session, m_env);
2762 if (ret == 1) {
2763 /* Just connected, so send the data */
2764 return coap_dtls_send(c_session, data, data_len);
2765 }
2766 ret = -1;
2767 }
2768
2769 if (c_session->dtls_event >= 0) {
2770 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2771 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2772 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2773 ret = -1;
2774 }
2775 }
2776 return ret;
2777}
2778
2779int
2781 return 0;
2782}
2783
2785coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED) {
2786 return 0;
2787}
2788
2791 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2792#ifdef __ZEPHYR__
2793 int ret = zephyr_timing_get_delay(&m_env->timer);
2794#else
2795 int ret = mbedtls_timing_get_delay(&m_env->timer);
2796#endif
2797 unsigned int scalar = 1 << m_env->retry_scalar;
2798
2799 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2800 switch (ret) {
2801 case 0:
2802 /* int_ms has not timed out */
2803 if (m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar > now) {
2804 /* Need to indicate remaining timeout time */
2805 return m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2806 }
2807 m_env->last_timeout = now;
2808 /* This may cause a minor extra delay */
2809 return now + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2810 case 1:
2811 /* int_ms has timed out, but not fin_ms */
2812 /*
2813 * Need to make sure that we do not do this too frequently
2814 */
2815 if (m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar > now) {
2816 return m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2817 }
2818
2819 /* Reset for the next time */
2820 m_env->last_timeout = now;
2821 return now;
2822 case 2:
2823 /* fin_ms has timed out - timed out - one final try */
2824 return now;
2825 default:
2826 break;
2827 }
2828
2829 return 0;
2830}
2831
2832/*
2833 * return 1 timed out
2834 * 0 still timing out
2835 */
2836int
2838 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2839
2840 if (m_env == NULL) {
2841 errno = ENOTCONN;
2842 return 1;
2843 }
2844 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2845 m_env->retry_scalar++;
2846 if ((++c_session->dtls_timeout_count > c_session->max_retransmit) ||
2847 (do_mbedtls_handshake(c_session, m_env) < 0)) {
2848 /* Too many retries */
2850 return 1;
2851 }
2852 return 0;
2853}
2854
2855/*
2856 * return +ve data amount
2857 * 0 no more
2858 * -1 error
2859 */
2860int
2862 const uint8_t *data,
2863 size_t data_len) {
2864 int ret = 1;
2865
2866 c_session->dtls_event = -1;
2867 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2868 coap_ssl_t *ssl_data;
2869
2870 if (m_env == NULL) {
2871 errno = ENOTCONN;
2872 return -1;
2873 }
2874
2875 ssl_data = &m_env->coap_ssl_data;
2876 if (ssl_data->pdu_len) {
2877 coap_log_err("** %s: Previous data not read %u bytes\n",
2878 coap_session_str(c_session), ssl_data->pdu_len);
2879 }
2880 ssl_data->pdu = data;
2881 ssl_data->pdu_len = (unsigned)data_len;
2882
2883 if (m_env->established) {
2884#if COAP_CONSTRAINED_STACK
2885 /* pdu can be protected by global_lock if needed */
2886 static uint8_t pdu[COAP_RXBUFFER_SIZE];
2887#else /* ! COAP_CONSTRAINED_STACK */
2888 uint8_t pdu[COAP_RXBUFFER_SIZE];
2889#endif /* ! COAP_CONSTRAINED_STACK */
2890
2891 ret = mbedtls_ssl_read(&m_env->ssl, pdu, sizeof(pdu));
2892 if (ret > 0) {
2893 coap_log_debug("* %s: dtls: recv %4d bytes\n",
2894 coap_session_str(c_session), ret);
2895 ret = coap_handle_dgram(c_session->context, c_session, pdu, (size_t)ret);
2896 if (!c_session->tls) {
2897 /* Possible there was a DTLS error */
2898 ssl_data = NULL;
2899 }
2900 goto finish;
2901 }
2902 switch (ret) {
2903 case 0:
2904 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2905 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2907 break;
2908 case MBEDTLS_ERR_SSL_WANT_READ:
2909 break;
2910 default:
2911 coap_log_warn("coap_dtls_receive: "
2912 "returned -0x%x: '%s' (length %" PRIdS ")\n",
2913 -ret, get_error_string(ret), data_len);
2914 break;
2915 }
2916 ret = -1;
2917 } else {
2918 ret = do_mbedtls_handshake(c_session, m_env);
2919 if (ret == 1) {
2920 /* Just connected, so send the data */
2921 coap_session_connected(c_session);
2922 } else {
2923 if (ssl_data->pdu_len) {
2924 /* Do the handshake again incase of internal timeout */
2925 ret = do_mbedtls_handshake(c_session, m_env);
2926 if (ret == 1) {
2927 /* Just connected, so send the data */
2928 coap_session_connected(c_session);
2929 }
2930 }
2931 ret = -1;
2932 }
2933 }
2934 if (c_session->dtls_event >= 0) {
2935 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2936 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2937 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2939 ssl_data = NULL;
2940 ret = -1;
2941 }
2942 }
2943finish:
2944 if (ssl_data && ssl_data->pdu_len) {
2945 /* pdu data is held on stack which will not stay there */
2946 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2947 ssl_data->pdu_len = 0;
2948 ssl_data->pdu = NULL;
2949 }
2950 return ret;
2951}
2952
2953#if COAP_SERVER_SUPPORT
2954/*
2955 * return -1 failure
2956 * 0 not completed
2957 * 1 client hello seen
2958 */
2959int
2960coap_dtls_hello(coap_session_t *c_session,
2961 const uint8_t *data,
2962 size_t data_len) {
2963#if !defined(MBEDTLS_SSL_PROTO_DTLS) || !defined(MBEDTLS_SSL_SRV_C)
2964 (void)c_session;
2965 (void)data;
2966 (void)data_len;
2967 coap_log_emerg("coap_dtls_hello:"
2968 " libcoap not compiled for DTLS or Server Mode for Mbed TLS"
2969 " - update Mbed TLS to include DTLS and Server Mode\n");
2970 return -1;
2971#else /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_SRV_C */
2972 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2973 coap_ssl_t *ssl_data;
2974 int ret;
2975
2976 if (!m_env) {
2977 m_env = coap_dtls_new_mbedtls_env(c_session, COAP_DTLS_ROLE_SERVER,
2979 if (m_env) {
2980 c_session->tls = m_env;
2981 } else {
2982 /* error should have already been reported */
2983 return -1;
2984 }
2985 }
2986
2987 if ((ret = mbedtls_ssl_set_client_transport_id(&m_env->ssl,
2988 (unsigned char *)&c_session->addr_info.remote,
2989 sizeof(c_session->addr_info.remote))) != 0) {
2990 coap_log_err("mbedtls_ssl_set_client_transport_id() returned -0x%x: '%s'\n",
2991 -ret, get_error_string(ret));
2992 return -1;
2993 }
2994
2995 ssl_data = &m_env->coap_ssl_data;
2996 if (ssl_data->pdu_len) {
2997 coap_log_err("** %s: Previous data not read %u bytes\n",
2998 coap_session_str(c_session), ssl_data->pdu_len);
2999 }
3000 ssl_data->pdu = data;
3001 ssl_data->pdu_len = (unsigned)data_len;
3002
3003 ret = do_mbedtls_handshake(c_session, m_env);
3004 if (ret == 0 || m_env->seen_client_hello) {
3005 /* The test for seen_client_hello gives the ability to setup a new
3006 c_session to continue the do_mbedtls_handshake past the client hello
3007 and safely allow updating of the m_env and separately
3008 letting a new session cleanly start up.
3009 */
3010 m_env->seen_client_hello = 0;
3011 ret = 1;
3012 } else {
3013 ret = 0;
3014 }
3015
3016 if (ssl_data->pdu_len) {
3017 /* pdu data is held on stack which will not stay there */
3018 coap_log_debug("coap_dtls_hello: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
3019 ssl_data->pdu_len = 0;
3020 ssl_data->pdu = NULL;
3021 }
3022 return ret;
3023#endif /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_SRV_C */
3024}
3025#endif /* COAP_SERVER_SUPPORT */
3026
3027unsigned int
3029 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
3030 int expansion = mbedtls_ssl_get_record_expansion(&m_env->ssl);
3031
3032 if (expansion == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) {
3033 return 13 + 8 + 8;
3034 }
3035 return expansion;
3036}
3037
3038#if !COAP_DISABLE_TCP
3039#if COAP_CLIENT_SUPPORT
3040void *
3041coap_tls_new_client_session(coap_session_t *c_session) {
3042#if !defined(MBEDTLS_SSL_CLI_C)
3043 (void)c_session;
3044 *connected = 0;
3045 coap_log_emerg("coap_tls_new_client_session:"
3046 " libcoap not compiled for Client Mode for Mbed TLS"
3047 " - update Mbed TLS to include Client Mode\n");
3048 return NULL;
3049#else /* MBEDTLS_SSL_CLI_C */
3050 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
3053 coap_tick_t now;
3054 coap_ticks(&now);
3055
3056 if (!m_env)
3057 return NULL;
3058
3059 m_env->last_timeout = now;
3060 c_session->tls = m_env;
3061 do_mbedtls_handshake(c_session, m_env);
3062 return m_env;
3063#endif /* MBEDTLS_SSL_CLI_C */
3064}
3065#endif /* COAP_CLIENT_SUPPORT */
3066
3067#if COAP_SERVER_SUPPORT
3068void *
3069coap_tls_new_server_session(coap_session_t *c_session) {
3070#if !defined(MBEDTLS_SSL_SRV_C)
3071 (void)c_session;
3072 (void)connected;
3073
3074 coap_log_emerg("coap_tls_new_server_session:"
3075 " libcoap not compiled for Server Mode for Mbed TLS"
3076 " - update Mbed TLS to include Server Mode\n");
3077 return NULL;
3078#else /* MBEDTLS_SSL_SRV_C */
3079 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
3082
3083 if (!m_env)
3084 return NULL;
3085
3086 c_session->tls = m_env;
3087 do_mbedtls_handshake(c_session, m_env);
3088 return m_env;
3089#endif /* MBEDTLS_SSL_SRV_C */
3090}
3091#endif /* COAP_SERVER_SUPPORT */
3092
3093void
3095 coap_dtls_free_session(c_session);
3096 return;
3097}
3098
3099/*
3100 * strm
3101 * return +ve Number of bytes written.
3102 * -1 Error (error in errno).
3103 */
3104ssize_t
3105coap_tls_write(coap_session_t *c_session, const uint8_t *data,
3106 size_t data_len) {
3107 int ret = 0;
3108 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
3109 size_t amount_sent = 0;
3110
3111 if (!m_env) {
3112 errno = ENOTCONN;
3113 return -1;
3114 }
3115 c_session->dtls_event = -1;
3116 if (m_env->established) {
3117 while (amount_sent < data_len) {
3118 ret = mbedtls_ssl_write(&m_env->ssl, &data[amount_sent],
3119 data_len - amount_sent);
3120 if (ret <= 0) {
3121 switch (ret) {
3122 case MBEDTLS_ERR_SSL_WANT_READ:
3123 case MBEDTLS_ERR_SSL_WANT_WRITE:
3124 if (amount_sent)
3125 ret = amount_sent;
3126 else
3127 ret = 0;
3128 c_session->sock.flags |= COAP_SOCKET_WANT_WRITE;
3129 break;
3130 case MBEDTLS_ERR_NET_CONN_RESET:
3131 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
3133 break;
3134 default:
3135 coap_log_warn("coap_tls_write: "
3136 "returned -0x%x: '%s'\n",
3137 -ret, get_error_string(ret));
3138 ret = -1;
3139 break;
3140 }
3141 if (ret == -1) {
3142 coap_log_warn("coap_tls_write: cannot send PDU\n");
3143 }
3144 break;
3145 }
3146 amount_sent += ret;
3147 }
3148 } else {
3149 ret = do_mbedtls_handshake(c_session, m_env);
3150 if (ret != 1) {
3151 ret = -1;
3152 }
3153 }
3154
3155 if (c_session->dtls_event >= 0) {
3156 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
3157 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
3158 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
3159 ret = -1;
3160 }
3161 }
3162 if (ret > 0) {
3163 if (ret == (ssize_t)data_len)
3164 coap_log_debug("* %s: tls: sent %4d bytes\n",
3165 coap_session_str(c_session), ret);
3166 else
3167 coap_log_debug("* %s: tls: sent %4d of %4" PRIdS " bytes\n",
3168 coap_session_str(c_session), ret, data_len);
3169 }
3170 return ret;
3171}
3172
3173/*
3174 * strm
3175 * return >=0 Number of bytes read.
3176 * -1 Error (error in errno).
3177 */
3178ssize_t
3179coap_tls_read(coap_session_t *c_session, uint8_t *data, size_t data_len) {
3180 int ret = -1;
3181
3182 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
3183
3184 if (!m_env) {
3185 errno = ENOTCONN;
3186 return -1;
3187 }
3188
3189 c_session->dtls_event = -1;
3190
3191 if (!m_env->established && !m_env->sent_alert) {
3192 ret = do_mbedtls_handshake(c_session, m_env);
3193 }
3194
3195 if (c_session->state != COAP_SESSION_STATE_NONE && m_env->established) {
3196 ret = mbedtls_ssl_read(&m_env->ssl, data, data_len);
3197 if (ret <= 0) {
3198 switch (ret) {
3199 case 0:
3200 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
3202 ret = -1;
3203 break;
3204 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
3205 /* Stop the sending of an alert on closedown */
3206 m_env->sent_alert = 1;
3208 break;
3209#if MBEDTLS_VERSION_NUMBER >= 0x03060000
3210 case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET:
3211#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
3212 case MBEDTLS_ERR_SSL_WANT_READ:
3213 errno = EAGAIN;
3214 ret = 0;
3215 break;
3216 default:
3217 coap_log_warn("coap_tls_read: "
3218 "returned -0x%x: '%s' (length %" PRIdS ")\n",
3219 -ret, get_error_string(ret), data_len);
3220 ret = -1;
3221 break;
3222 }
3223 } else if (ret < (int)data_len) {
3224 c_session->sock.flags &= ~COAP_SOCKET_CAN_READ;
3225 }
3226 }
3227
3228 if (c_session->dtls_event >= 0) {
3229 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
3230 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
3231 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
3233 ret = -1;
3234 }
3235 }
3236 if (ret > 0) {
3237 coap_log_debug("* %s: tls: recv %4d bytes\n",
3238 coap_session_str(c_session), ret);
3239 }
3240 return ret;
3241}
3242#endif /* !COAP_DISABLE_TCP */
3243
3244void
3245coap_dtls_startup(void) {
3246#if COAP_USE_PSA_CRYPTO || defined(MBEDTLS_PSA_CRYPTO_C)
3247 psa_crypto_init();
3248#endif /* COAP_USE_PSA_CRYPTO || MBEDTLS_PSA_CRYPTO_C */
3249}
3250
3251void
3252coap_dtls_shutdown(void) {
3253#if COAP_CLIENT_SUPPORT
3254 mbedtls_free(psk_ciphers);
3255 mbedtls_free(pki_ciphers);
3256 mbedtls_free(ecjpake_ciphers);
3257 psk_ciphers = NULL;
3258 pki_ciphers = NULL;
3259 ecjpake_ciphers = NULL;
3260 processed_ciphers = 0;
3261#endif /* COAP_CLIENT_SUPPORT */
3263#if COAP_USE_PSA_CRYPTO || defined(MBEDTLS_PSA_CRYPTO_C)
3264 mbedtls_psa_crypto_free();
3265#endif /* COAP_USE_PSA_CRYPTO || MBEDTLS_PSA_CRYPTO_C */
3266}
3267
3268
3269void *
3270coap_dtls_get_tls(const coap_session_t *c_session,
3271 coap_tls_library_t *tls_lib) {
3272 if (tls_lib)
3273 *tls_lib = COAP_TLS_LIBRARY_MBEDTLS;
3274 if (c_session && c_session->tls) {
3275 coap_mbedtls_env_t *m_env;
3276
3277 /* To get around const issue */
3278 memcpy(&m_env, &c_session->tls, sizeof(m_env));
3279
3280 return (void *)&m_env->ssl;
3281 }
3282 return NULL;
3283}
3284
3285static coap_log_t keep_log_level = COAP_LOG_EMERG;
3286
3287void
3289#if !defined(ESPIDF_VERSION)
3290 int use_level;
3291 /*
3292 * Mbed TLS debug levels filter
3293 * 0 No debug
3294 * 1 Error
3295 * 2 State change
3296 * 3 Informational
3297 * 4 Verbose
3298 */
3299 switch ((int)level) {
3300 case COAP_LOG_EMERG:
3301 use_level = 0;
3302 break;
3303 case COAP_LOG_ALERT:
3304 case COAP_LOG_CRIT:
3305 case COAP_LOG_ERR:
3306 case COAP_LOG_WARN:
3307 use_level = 1;
3308 break;
3309 case COAP_LOG_NOTICE:
3310 use_level = 2;
3311 break;
3312 case COAP_LOG_INFO:
3313 use_level = 3;
3314 break;
3315 case COAP_LOG_DEBUG:
3316 default:
3317 use_level = 4;
3318 break;
3319 }
3320 mbedtls_debug_set_threshold(use_level);
3321#endif /* !ESPIDF_VERSION) */
3322 keep_log_level = level;
3323}
3324
3327 return keep_log_level;
3328}
3329
3330#endif /* COAP_WITH_LIBMBEDTLS */
3331
3332#if COAP_WITH_LIBMBEDTLS || COAP_WITH_LIBMBEDTLS_OSCORE
3333
3334#if COAP_SERVER_SUPPORT
3335coap_digest_ctx_t *
3336coap_digest_setup(void) {
3337 coap_crypto_sha256_ctx_t *digest_ctx = mbedtls_malloc(sizeof(coap_crypto_sha256_ctx_t));
3338
3339 if (digest_ctx) {
3340 if (coap_crypto_sha256_init(digest_ctx) != 0) {
3341 coap_digest_free(digest_ctx);
3342 return NULL;
3343 }
3344 }
3345 return digest_ctx;
3346}
3347
3348void
3349coap_digest_free(coap_digest_ctx_t *digest_ctx) {
3350 if (digest_ctx) {
3351 coap_crypto_sha256_free(digest_ctx);
3352 mbedtls_free(digest_ctx);
3353 }
3354}
3355
3356int
3357coap_digest_update(coap_digest_ctx_t *digest_ctx,
3358 const uint8_t *data,
3359 size_t data_len) {
3360 return coap_crypto_sha256_update(digest_ctx, data, data_len) == 0;
3361}
3362
3363int
3364coap_digest_final(coap_digest_ctx_t *digest_ctx,
3365 coap_digest_t *digest_buffer) {
3366 int ret = coap_crypto_sha256_finish(digest_ctx, (uint8_t *)digest_buffer) == 0;
3367 coap_digest_free(digest_ctx);
3368 return ret;
3369}
3370#endif /* COAP_SERVER_SUPPORT */
3371
3372#if COAP_WS_SUPPORT
3373int
3375 const coap_bin_const_t *data,
3376 coap_bin_const_t **hash) {
3377 coap_crypto_md_type_t md_type;
3378 size_t hash_len;
3379
3380 switch ((int)alg) {
3382 md_type = COAP_CRYPTO_MD_SHA1;
3383 break;
3385 md_type = COAP_CRYPTO_MD_SHA256;
3386 break;
3388 md_type = COAP_CRYPTO_MD_SHA512;
3389 break;
3390 default:
3391 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
3392 return 0;
3393 }
3394
3395 hash_len = coap_crypto_hash_size(md_type);
3396 if (hash_len == 0)
3397 return 0;
3398
3399 coap_binary_t *dummy = coap_new_binary(hash_len);
3400 if (dummy == NULL)
3401 return 0;
3402
3403 if (coap_crypto_hash_compute(md_type, data->s, data->length,
3404 dummy->s, hash_len, NULL) != 0) {
3406 return 0;
3407 }
3408
3409 *hash = (coap_bin_const_t *)dummy;
3410 return 1;
3411}
3412#endif /* COAP_WS_SUPPORT */
3413
3414/* HMAC Functions */
3415
3416#if COAP_OSCORE_SUPPORT
3417static int
3418coap_crypto_hmac_compute(coap_crypto_md_type_t md_type,
3419 const uint8_t *key, size_t key_len,
3420 const uint8_t *input, size_t ilen,
3421 uint8_t *output, size_t output_size,
3422 size_t *output_len) {
3423#if COAP_USE_PSA_CRYPTO
3424 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
3425 psa_key_id_t key_id;
3426 psa_algorithm_t psa_alg = PSA_ALG_HMAC(md_type);
3427 size_t mac_len;
3428 psa_status_t status;
3429
3430 psa_set_key_type(&attributes, PSA_KEY_TYPE_HMAC);
3431 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
3432 psa_set_key_algorithm(&attributes, psa_alg);
3433
3434 if (psa_import_key(&attributes, key, key_len, &key_id) != PSA_SUCCESS) {
3435 return -1;
3436 }
3437
3438 status = psa_mac_compute(key_id, psa_alg, input, ilen,
3439 output, output_size, &mac_len);
3440 psa_destroy_key(key_id);
3441
3442 if (output_len)
3443 *output_len = mac_len;
3444 return (status == PSA_SUCCESS) ? 0 : -1;
3445#else
3446 const mbedtls_md_info_t *md_info = mbedtls_md_info_from_type(md_type);
3447 if (!md_info)
3448 return -1;
3449 size_t mac_size = mbedtls_md_get_size(md_info);
3450 if (mac_size > output_size)
3451 return -1;
3452 if (output_len)
3453 *output_len = mac_size;
3454 return mbedtls_md_hmac(md_info, key, key_len, input, ilen, output);
3455#endif
3456}
3457
3458/* AEAD (AES-CCM) Functions */
3459
3460static int
3461coap_crypto_aead_encrypt_ccm(const uint8_t *key, size_t key_len,
3462 const uint8_t *nonce, size_t nonce_len,
3463 const uint8_t *aad, size_t aad_len,
3464 const uint8_t *plaintext, size_t plaintext_len,
3465 uint8_t *ciphertext, size_t ciphertext_size,
3466 size_t *ciphertext_len, size_t tag_len) {
3467#if COAP_USE_PSA_CRYPTO
3468 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
3469 psa_key_id_t key_id;
3470 psa_algorithm_t psa_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, tag_len);
3471 size_t output_len;
3472 psa_status_t status;
3473
3474 psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
3475 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_ENCRYPT);
3476 psa_set_key_algorithm(&attributes, psa_alg);
3477 psa_set_key_bits(&attributes, key_len * 8);
3478
3479 if (psa_import_key(&attributes, key, key_len, &key_id) != PSA_SUCCESS) {
3480 return -1;
3481 }
3482
3483 status = psa_aead_encrypt(key_id, psa_alg,
3484 nonce, nonce_len,
3485 aad, aad_len,
3486 plaintext, plaintext_len,
3487 ciphertext, ciphertext_size, &output_len);
3488 psa_destroy_key(key_id);
3489
3490 if (ciphertext_len)
3491 *ciphertext_len = output_len;
3492 return (status == PSA_SUCCESS) ? 0 : -1;
3493#else
3494 mbedtls_cipher_context_t ctx;
3495 const mbedtls_cipher_info_t *cipher_info;
3496 mbedtls_cipher_type_t cipher_type;
3497 int ret = -1;
3498 size_t result_len = ciphertext_size;
3499
3500 if (key_len == 16) {
3501 cipher_type = MBEDTLS_CIPHER_AES_128_CCM;
3502 } else if (key_len == 32) {
3503 cipher_type = MBEDTLS_CIPHER_AES_256_CCM;
3504 } else {
3505 return -1;
3506 }
3507
3508 cipher_info = mbedtls_cipher_info_from_type(cipher_type);
3509 if (!cipher_info)
3510 return -1;
3511
3512 mbedtls_cipher_init(&ctx);
3513 if (mbedtls_cipher_setup(&ctx, cipher_info) != 0)
3514 goto cleanup;
3515 if (mbedtls_cipher_setkey(&ctx, key, key_len * 8, MBEDTLS_ENCRYPT) != 0)
3516 goto cleanup;
3517
3518#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3519 {
3520 unsigned char tag[16];
3521 if (mbedtls_cipher_auth_encrypt(&ctx,
3522 nonce, nonce_len,
3523 aad, aad_len,
3524 plaintext, plaintext_len,
3525 ciphertext, &result_len,
3526 tag, tag_len) != 0) {
3527 goto cleanup;
3528 }
3529 if ((result_len + tag_len) > ciphertext_size)
3530 goto cleanup;
3531 memcpy(ciphertext + result_len, tag, tag_len);
3532 result_len += tag_len;
3533 }
3534#else
3535 if (mbedtls_cipher_auth_encrypt_ext(&ctx,
3536 nonce, nonce_len,
3537 aad, aad_len,
3538 plaintext, plaintext_len,
3539 ciphertext, ciphertext_size,
3540 &result_len, tag_len) != 0) {
3541 goto cleanup;
3542 }
3543#endif
3544
3545 if (ciphertext_len)
3546 *ciphertext_len = result_len;
3547 ret = 0;
3548
3549cleanup:
3550 mbedtls_cipher_free(&ctx);
3551 return ret;
3552#endif
3553}
3554
3555static int
3556coap_crypto_aead_decrypt_ccm(const uint8_t *key, size_t key_len,
3557 const uint8_t *nonce, size_t nonce_len,
3558 const uint8_t *aad, size_t aad_len,
3559 const uint8_t *ciphertext, size_t ciphertext_len,
3560 uint8_t *plaintext, size_t plaintext_size,
3561 size_t *plaintext_len, size_t tag_len) {
3562#if COAP_USE_PSA_CRYPTO
3563 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
3564 psa_key_id_t key_id;
3565 psa_algorithm_t psa_alg = PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, tag_len);
3566 size_t output_len;
3567 psa_status_t status;
3568
3569 psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
3570 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
3571 psa_set_key_algorithm(&attributes, psa_alg);
3572 psa_set_key_bits(&attributes, key_len * 8);
3573
3574 if (psa_import_key(&attributes, key, key_len, &key_id) != PSA_SUCCESS) {
3575 return -1;
3576 }
3577
3578 status = psa_aead_decrypt(key_id, psa_alg,
3579 nonce, nonce_len,
3580 aad, aad_len,
3581 ciphertext, ciphertext_len,
3582 plaintext, plaintext_size, &output_len);
3583 psa_destroy_key(key_id);
3584
3585 if (plaintext_len)
3586 *plaintext_len = output_len;
3587 return (status == PSA_SUCCESS) ? 0 : -1;
3588#else
3589 mbedtls_cipher_context_t ctx;
3590 const mbedtls_cipher_info_t *cipher_info;
3591 mbedtls_cipher_type_t cipher_type;
3592 int ret = -1;
3593 size_t result_len = plaintext_size;
3594
3595 if (key_len == 16) {
3596 cipher_type = MBEDTLS_CIPHER_AES_128_CCM;
3597 } else if (key_len == 32) {
3598 cipher_type = MBEDTLS_CIPHER_AES_256_CCM;
3599 } else {
3600 return -1;
3601 }
3602
3603 cipher_info = mbedtls_cipher_info_from_type(cipher_type);
3604 if (!cipher_info)
3605 return -1;
3606
3607 mbedtls_cipher_init(&ctx);
3608 if (mbedtls_cipher_setup(&ctx, cipher_info) != 0)
3609 goto cleanup;
3610 if (mbedtls_cipher_setkey(&ctx, key, key_len * 8, MBEDTLS_DECRYPT) != 0)
3611 goto cleanup;
3612
3613#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3614 {
3615 const unsigned char *tag = ciphertext + ciphertext_len - tag_len;
3616 if (mbedtls_cipher_auth_decrypt(&ctx,
3617 nonce, nonce_len,
3618 aad, aad_len,
3619 ciphertext, ciphertext_len - tag_len,
3620 plaintext, &result_len,
3621 tag, tag_len) != 0) {
3622 goto cleanup;
3623 }
3624 }
3625#else
3626 if (mbedtls_cipher_auth_decrypt_ext(&ctx,
3627 nonce, nonce_len,
3628 aad, aad_len,
3629 ciphertext, ciphertext_len,
3630 plaintext, plaintext_size,
3631 &result_len, tag_len) != 0) {
3632 goto cleanup;
3633 }
3634#endif
3635
3636 if (plaintext_len)
3637 *plaintext_len = result_len;
3638 ret = 0;
3639
3640cleanup:
3641 mbedtls_cipher_free(&ctx);
3642 return ret;
3643#endif
3644}
3645
3646/* End of Crypto Abstraction Functions */
3647
3648int
3650 return 1;
3651}
3652
3653/*
3654 * Helper to check if COSE cipher algorithm is supported and get key size.
3655 */
3656static int
3657get_cipher_key_size(cose_alg_t alg, size_t *key_size) {
3658 switch ((int)alg) {
3660 if (key_size)
3661 *key_size = 16;
3662 return 1;
3664 if (key_size)
3665 *key_size = 32;
3666 return 1;
3667 default:
3668 coap_log_debug("get_cipher_key_size: COSE cipher %d not supported\n", alg);
3669 return 0;
3670 }
3671}
3672
3673/*
3674 * Helper to get HMAC algorithm parameters from COSE HMAC algorithm.
3675 */
3676static int
3677get_hmac_params(cose_hmac_alg_t hmac_alg,
3678 coap_crypto_md_type_t *md_type,
3679 size_t *mac_len) {
3680 switch ((int)hmac_alg) {
3682 if (md_type)
3683 *md_type = COAP_CRYPTO_MD_SHA256;
3684 if (mac_len)
3685 *mac_len = 32;
3686 return 1;
3688 if (md_type)
3689 *md_type = COAP_CRYPTO_MD_SHA384;
3690 if (mac_len)
3691 *mac_len = 48;
3692 return 1;
3694 if (md_type)
3695 *md_type = COAP_CRYPTO_MD_SHA512;
3696 if (mac_len)
3697 *mac_len = 64;
3698 return 1;
3699 default:
3700 coap_log_debug("get_hmac_params: COSE HMAC %d not supported\n", hmac_alg);
3701 return 0;
3702 }
3703}
3704
3705int
3707 return get_cipher_key_size(alg, NULL);
3708}
3709
3710int
3712 cose_hmac_alg_t hmac_alg;
3713
3714 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
3715 return 0;
3716 return get_hmac_params(hmac_alg, NULL, NULL);
3717}
3718
3719int
3721 coap_bin_const_t *data,
3722 coap_bin_const_t *aad,
3723 uint8_t *result,
3724 size_t *max_result_len) {
3725 const coap_crypto_aes_ccm_t *ccm;
3726
3727 if (data == NULL)
3728 return 0;
3729
3730 assert(params != NULL);
3731
3732 if (!params) {
3733 return 0;
3734 }
3735
3736 if (!get_cipher_key_size(params->alg, NULL)) {
3737 coap_log_debug("coap_crypto_aead_encrypt: algorithm %d not supported\n",
3738 params->alg);
3739 return 0;
3740 }
3741
3742 ccm = &params->params.aes;
3743
3744 if (coap_crypto_aead_encrypt_ccm(ccm->key.s, ccm->key.length,
3745 ccm->nonce, 15 - ccm->l,
3746 aad ? aad->s : NULL, aad ? aad->length : 0,
3747 data->s, data->length,
3748 result, *max_result_len, max_result_len,
3749 ccm->tag_len) != 0) {
3750 coap_log_debug("coap_crypto_aead_encrypt: encryption failed\n");
3751 return 0;
3752 }
3753
3754 return 1;
3755}
3756
3757int
3759 coap_bin_const_t *data,
3760 coap_bin_const_t *aad,
3761 uint8_t *result,
3762 size_t *max_result_len) {
3763 const coap_crypto_aes_ccm_t *ccm;
3764
3765 if (data == NULL)
3766 return 0;
3767
3768 assert(params != NULL);
3769
3770 if (!params) {
3771 return 0;
3772 }
3773
3774 if (!get_cipher_key_size(params->alg, NULL)) {
3775 coap_log_debug("coap_crypto_aead_decrypt: algorithm %d not supported\n",
3776 params->alg);
3777 return 0;
3778 }
3779
3780 ccm = &params->params.aes;
3781
3782 if (data->length < ccm->tag_len) {
3783 coap_log_err("coap_decrypt: invalid tag length\n");
3784 return 0;
3785 }
3786
3787 if (coap_crypto_aead_decrypt_ccm(ccm->key.s, ccm->key.length,
3788 ccm->nonce, 15 - ccm->l,
3789 aad ? aad->s : NULL, aad ? aad->length : 0,
3790 data->s, data->length,
3791 result, *max_result_len, max_result_len,
3792 ccm->tag_len) != 0) {
3793 coap_log_debug("coap_crypto_aead_decrypt: decryption failed\n");
3794 return 0;
3795 }
3796
3797 return 1;
3798}
3799
3800int
3802 coap_bin_const_t *key,
3803 coap_bin_const_t *data,
3804 coap_bin_const_t **hmac) {
3805 coap_crypto_md_type_t md_type;
3806 size_t mac_len;
3808
3809 assert(key);
3810 assert(data);
3811 assert(hmac);
3812
3813 if (!get_hmac_params(hmac_alg, &md_type, &mac_len)) {
3814 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
3815 return 0;
3816 }
3817
3818 dummy = coap_new_binary(mac_len);
3819 if (dummy == NULL)
3820 return 0;
3821
3822 if (coap_crypto_hmac_compute(md_type, key->s, key->length,
3823 data->s, data->length,
3824 dummy->s, mac_len, NULL) != 0) {
3825 coap_log_debug("coap_crypto_hmac: computation failed\n");
3827 return 0;
3828 }
3829
3830 *hmac = (coap_bin_const_t *)dummy;
3831 return 1;
3832}
3833
3834#endif /* COAP_OSCORE_SUPPORT */
3835
3836#else /* ! COAP_WITH_LIBMBEDTLS && ! COAP_WITH_LIBMBEDTLS_OSCORE*/
3837
3838#ifdef __clang__
3839/* Make compilers happy that do not like empty modules. As this function is
3840 * never used, we ignore -Wunused-function at the end of compiling this file
3841 */
3842#pragma GCC diagnostic ignored "-Wunused-function"
3843#endif
3844static inline void
3845dummy(void) {
3846}
3847
3848#endif /* ! COAP_WITH_LIBMBEDTLS */
static size_t strnlen(const char *s, size_t maxlen)
A length-safe strlen() fake.
Definition coap_debug.c:183
static void dummy(void)
#define COAP_SERVER_SUPPORT
#define PRIuS
#define PRIx32
#define PRIdS
const char * coap_socket_strerror(void)
Definition coap_io.c:963
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:31
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:68
#define COAP_SOCKET_WANT_WRITE
non blocking socket is waiting for writing
#define COAP_SOCKET_CAN_READ
non blocking socket can now read without blocking
@ COAP_LAYER_TLS
Library specific build wrapper for coap_internal.h.
static void dummy(void)
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:258
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:370
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:442
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:365
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:384
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:304
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:402
int coap_dtls_context_load_pki_trust_store(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:274
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:297
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:353
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:430
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:349
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:266
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:379
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:327
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:345
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:322
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:421
#define NULL
Definition coap_option.h:30
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:149
int coap_prng_lkd(void *buf, size_t len)
Fills buf with len random bytes using the default pseudo random number generator.
Definition coap_prng.c:190
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:5268
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:3132
void coap_ticks(coap_tick_t *t)
Returns the current value of an internal tick counter.
Definition coap_time.c:90
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *coap_session)
Get the current client's PSK identity.
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:109
#define COAP_DTLS_RETRANSMIT_MS
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
int coap_pki_name_match_sni(const char *name_entry, size_t name_length, const char *sni_match)
Check if the PKI name entry is a (wildcard) match for the requested SNI.
Definition coap_dtls.c:294
void coap_dtls_thread_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:118
int coap_dtls_set_cid_tuple_change(coap_context_t *context, uint8_t every)
Set the Connection ID client tuple frequency change for testing CIDs.
#define COAP_DTLS_CID_LENGTH
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:360
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:113
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
#define COAP_DTLS_RETRANSMIT_COAP_TICKS
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
#define COAP_DTLS_RETRANSMIT_TOTAL_MS
@ COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_ROOT_CA
@ COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_BAD
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:101
struct coap_dtls_key_t coap_dtls_key_t
The structure that holds the PKI key information.
coap_dtls_role_t
Definition coap_dtls.h:48
struct coap_dtls_spsk_info_t coap_dtls_spsk_info_t
The structure that holds the Server Pre-Shared Key and Identity Hint information.
coap_tls_library_t
Definition coap_dtls.h:74
struct coap_dtls_pki_t coap_dtls_pki_t
Definition coap_dtls.h:36
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:250
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:247
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:241
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:239
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:256
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:243
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:245
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:253
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:50
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:49
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:177
@ COAP_TLS_LIBRARY_MBEDTLS
Using Mbed TLS library.
Definition coap_dtls.h:79
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:41
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:43
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:47
#define coap_lock_callback_ret(r, func)
Dummy for no thread-safe code.
#define coap_log_debug(...)
Definition coap_debug.h:126
#define coap_log_emerg(...)
Definition coap_debug.h:87
coap_log_t
Logging type.
Definition coap_debug.h:56
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:317
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:306
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:312
const char * coap_session_str(const coap_session_t *session)
Get session description.
#define coap_log_info(...)
Definition coap_debug.h:114
#define coap_log_warn(...)
Definition coap_debug.h:108
#define coap_log_err(...)
Definition coap_debug.h:102
@ COAP_LOG_INFO
Definition coap_debug.h:63
@ COAP_LOG_EMERG
Definition coap_debug.h:57
@ COAP_LOG_NOTICE
Definition coap_debug.h:62
@ COAP_LOG_DEBUG
Definition coap_debug.h:64
@ COAP_LOG_ALERT
Definition coap_debug.h:58
@ COAP_LOG_CRIT
Definition coap_debug.h:59
@ COAP_LOG_ERR
Definition coap_debug.h:60
@ COAP_LOG_WARN
Definition coap_debug.h:61
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
cose_hkdf_alg_t
cose_hmac_alg_t
cose_alg_t
@ COSE_HMAC_ALG_HMAC384_384
@ COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC512_512
@ COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_AES_CCM_16_64_256
coap_proto_t
CoAP protocol types Note: coap_layers_coap[] needs updating if extended.
Definition coap_pdu.h:234
@ COAP_PROTO_DTLS
Definition coap_pdu.h:237
@ COAP_PROTO_TLS
Definition coap_pdu.h:239
@ COAP_PROTO_WSS
Definition coap_pdu.h:241
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
void coap_session_connected(coap_session_t *session)
Notify session that it has just connected or reconnected.
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
#define COAP_PROTO_NOT_RELIABLE(p)
@ COAP_SESSION_TYPE_CLIENT
client-side
@ COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_NONE
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:81
coap_bin_const_t * coap_new_bin_const(const uint8_t *data, size_t size)
Take the specified byte array (text) and create a coap_bin_const_t * Returns a new const binary objec...
Definition coap_str.c:119
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
Definition coap_str.c:114
int coap_dtls_cid_is_supported(void)
Check whether (D)TLS CID is available.
Definition coap_notls.c:86
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
#define COAP_UNUSED
Definition libcoap.h:74
coap_address_t remote
remote address and port
Definition coap_io.h:58
CoAP binary data definition with const data.
Definition coap_str.h:65
size_t length
length of binary data
Definition coap_str.h:66
const uint8_t * s
read-only binary data
Definition coap_str.h:67
CoAP binary data definition.
Definition coap_str.h:57
The CoAP stack's global state is stored in a coap_context_t object.
The structure that holds the AES Crypto information.
size_t l
The number of bytes in the length field.
const uint8_t * nonce
must be exactly 15 - l bytes
coap_crypto_key_t key
The Key to use.
size_t tag_len
The size of the Tag.
The common structure that holds the Crypto information.
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
cose_alg_t alg
The COSE algorith to use.
union coap_crypto_param_t::@127375133034013360062164022213074075037225051156 params
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:418
uint8_t use_cid
Set to 1 if DTLS Connection ID is to be used.
Definition coap_dtls.h:425
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:445
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:441
uint8_t ec_jpake
Set to COAP_DTLS_CPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:423
The structure that holds the PKI key information.
Definition coap_dtls.h:284
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:291
union coap_dtls_key_t::@206067364111071227257047077347013260174107036042 key
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:285
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:317
uint8_t allow_no_crl
1 ignore if CRL not there
Definition coap_dtls.h:331
void * cn_call_back_arg
Passed in to the CN callback function.
Definition coap_dtls.h:359
uint8_t allow_short_rsa_length
1 if small RSA keysizes are allowed
Definition coap_dtls.h:334
uint8_t allow_sni_cn_mismatch
1 if SNI and returnd CN allowed to mismatch (Client only).
Definition coap_dtls.h:341
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:328
uint8_t allow_bad_md_hash
1 if unsupported MD hashes are allowed
Definition coap_dtls.h:333
uint8_t use_cid
1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
Definition coap_dtls.h:338
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:330
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:329
uint8_t allow_expired_certs
1 if expired certs are allowed
Definition coap_dtls.h:327
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:322
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:376
uint8_t allow_self_signed
1 if self-signed certs are allowed.
Definition coap_dtls.h:325
coap_dtls_cn_callback_t validate_cn_call_back
CN check callback function.
Definition coap_dtls.h:358
uint8_t allow_expired_crl
1 if expired crl is allowed
Definition coap_dtls.h:332
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:335
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:323
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:458
coap_bin_const_t hint
Definition coap_dtls.h:459
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:509
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:530
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:531
uint8_t ec_jpake
Set to COAP_DTLS_SPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:514
coap_dtls_spsk_info_t psk_info
Server PSK definition.
Definition coap_dtls.h:541
coap_layer_read_t l_read
coap_layer_write_t l_write
coap_layer_establish_t l_establish
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:266
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:267
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:265
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:269
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:268
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:273
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:270
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:271
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:272
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
unsigned int dtls_timeout_count
dtls setup retry counter
coap_socket_t sock
socket object for the session, if any
coap_session_state_t state
current state of relationship with peer
coap_addr_tuple_t addr_info
remote/local address info
coap_proto_t proto
protocol used
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
size_t mtu
path or CSM mtu (xmt)
int dtls_event
Tracking any (D)TLS events on this session.
void * tls
security parameters
uint16_t max_retransmit
maximum re-transmit count (default 4)
coap_session_type_t type
client or server side socket
coap_context_t * context
session's context
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
coap_socket_flags_t flags
1 or more of COAP_SOCKET* flag values
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:88
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:91
coap_tls_library_t type
Library type.
Definition coap_dtls.h:90
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:89
const char * s_byte
signed char ptr
Definition coap_str.h:84
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:85