libcoap 4.3.5-develop-3afff2d
Loading...
Searching...
No Matches
coap_mbedtls.c
Go to the documentation of this file.
1/*
2 * coap_mbedtls.c -- Mbed TLS Datagram Transport Layer Support for libcoap
3 *
4 * Copyright (C) 2019-2025 Jon Shallow <supjps-libcoap@jpshallow.com>
5 * 2019 Jitin George <jitin@espressif.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
18/*
19 * Naming used to prevent confusion between coap sessions, mbedtls sessions etc.
20 * when reading the code.
21 *
22 * c_context A coap_context_t *
23 * c_session A coap_session_t *
24 * m_context A coap_mbedtls_context_t * (held in c_context->dtls_context)
25 * m_env A coap_mbedtls_env_t * (held in c_session->tls)
26 */
27
28/*
29 * Notes
30 *
31 * Version 3.2.0 or later is needed to provide Connection ID support (RFC9146).
32 *
33 */
34
35#include "coap3/coap_libcoap_build.h"
36
37#ifdef COAP_WITH_LIBMBEDTLS
38
39/*
40 * This code can be conditionally compiled to remove some components if
41 * they are not required to make a lighter footprint - all based on how
42 * the mbedtls library has been built. These are not defined within the
43 * libcoap environment.
44 *
45 * MBEDTLS_SSL_SRV_C - defined for server side functionality
46 * MBEDTLS_SSL_CLI_C - defined for client side functionality
47 * MBEDTLS_SSL_PROTO_DTLS - defined for DTLS support
48 * MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED - defined if PSK is to be supported
49 * or MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED - defined if PSK is to be supported
50 *
51 */
52
53#include <mbedtls/version.h>
54
55/* Keep forward-compatibility with Mbed TLS 3.x */
56#if (MBEDTLS_VERSION_NUMBER < 0x03000000)
57#define MBEDTLS_2_X_COMPAT
58#else /* !(MBEDTLS_VERSION_NUMBER < 0x03000000) */
59/* Macro wrapper for struct's private members */
60#ifndef MBEDTLS_ALLOW_PRIVATE_ACCESS
61#define MBEDTLS_ALLOW_PRIVATE_ACCESS
62#endif /* MBEDTLS_ALLOW_PRIVATE_ACCESS */
63#endif /* !(MBEDTLS_VERSION_NUMBER < 0x03000000) */
64
65#include <mbedtls/platform.h>
66#include <mbedtls/net_sockets.h>
67#include <mbedtls/ssl.h>
68#include <mbedtls/entropy.h>
69#include <mbedtls/ctr_drbg.h>
70#include <mbedtls/error.h>
71#include <mbedtls/timing.h>
72#include <mbedtls/ssl_cookie.h>
73#include <mbedtls/oid.h>
74#include <mbedtls/debug.h>
75#include <mbedtls/sha256.h>
76#if defined(ESPIDF_VERSION) && defined(CONFIG_MBEDTLS_DEBUG)
77#include <mbedtls/esp_debug.h>
78#endif /* ESPIDF_VERSION && CONFIG_MBEDTLS_DEBUG */
79#if defined(MBEDTLS_PSA_CRYPTO_C)
80#include <psa/crypto.h>
81#endif /* MBEDTLS_PSA_CRYPTO_C */
82
83#define mbedtls_malloc(a) malloc(a)
84#define mbedtls_realloc(a,b) realloc(a,b)
85#define mbedtls_strdup(a) strdup(a)
86#define mbedtls_strndup(a,b) strndup(a,b)
87#undef mbedtls_free
88#define mbedtls_free(a) free(a)
89
90#ifndef MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
91/* definition changed in later mbedtls code versions */
92#ifdef MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED
93#define MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED
94#endif /* MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED */
95#endif /* ! MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
96
97#if ! COAP_SERVER_SUPPORT
98#undef MBEDTLS_SSL_SRV_C
99#endif /* ! COAP_SERVER_SUPPORT */
100#if ! COAP_CLIENT_SUPPORT
101#undef MBEDTLS_SSL_CLI_C
102#endif /* ! COAP_CLIENT_SUPPORT */
103
104#ifdef _WIN32
105#define strcasecmp _stricmp
106#endif
107
108#define IS_PSK (1 << 0)
109#define IS_PKI (1 << 1)
110#define IS_CLIENT (1 << 6)
111#define IS_SERVER (1 << 7)
112
113typedef struct coap_ssl_t {
114 const uint8_t *pdu;
115 unsigned pdu_len;
116 unsigned peekmode;
117} coap_ssl_t;
118
119/*
120 * This structure encapsulates the Mbed TLS session object.
121 * It handles both TLS and DTLS.
122 * c_session->tls points to this.
123 */
124typedef struct coap_mbedtls_env_t {
125 mbedtls_ssl_context ssl;
126 mbedtls_entropy_context entropy;
127 mbedtls_ctr_drbg_context ctr_drbg;
128 mbedtls_ssl_config conf;
129 mbedtls_timing_delay_context timer;
130 mbedtls_x509_crt cacert;
131 mbedtls_x509_crt public_cert;
132 mbedtls_pk_context private_key;
133 mbedtls_ssl_cookie_ctx cookie_ctx;
134 /* If not set, need to do do_mbedtls_handshake */
135 int established;
136 int sent_alert;
137 int seen_client_hello;
138 int ec_jpake;
139 coap_tick_t last_timeout;
140 unsigned int retry_scalar;
141 coap_ssl_t coap_ssl_data;
142 uint32_t server_hello_cnt;
143} coap_mbedtls_env_t;
144
145typedef struct pki_sni_entry {
146 char *sni;
147 coap_dtls_key_t pki_key;
148 mbedtls_x509_crt cacert;
149 mbedtls_x509_crt public_cert;
150 mbedtls_pk_context private_key;
151} pki_sni_entry;
152
153typedef struct psk_sni_entry {
154 char *sni;
155 coap_dtls_spsk_info_t psk_info;
156} psk_sni_entry;
157
158typedef struct coap_mbedtls_context_t {
159 coap_dtls_pki_t setup_data;
160 size_t pki_sni_count;
161 pki_sni_entry *pki_sni_entry_list;
162 size_t psk_sni_count;
163 psk_sni_entry *psk_sni_entry_list;
164 char *root_ca_file;
165 char *root_ca_path;
166 int trust_store_defined;
167 int psk_pki_enabled;
168} coap_mbedtls_context_t;
169
170typedef enum coap_enc_method_t {
171 COAP_ENC_PSK,
172 COAP_ENC_PKI,
173 COAP_ENC_ECJPAKE,
174} coap_enc_method_t;
175
176#ifndef MBEDTLS_2_X_COMPAT
177/*
178 * mbedtls_ callback functions expect 0 on success, -ve on failure.
179 */
180static int
181coap_rng(void *ctx COAP_UNUSED, unsigned char *buf, size_t len) {
182 return coap_prng_lkd(buf, len) ? 0 : MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED;
183}
184#endif /* MBEDTLS_2_X_COMPAT */
185
186static int
187coap_dgram_read(void *ctx, unsigned char *out, size_t outl) {
188 ssize_t ret = 0;
189 coap_session_t *c_session = (coap_session_t *)ctx;
190 coap_ssl_t *data;
191
192 if (!c_session->tls) {
193 errno = EAGAIN;
194 return MBEDTLS_ERR_SSL_WANT_READ;
195 }
196 data = &((coap_mbedtls_env_t *)c_session->tls)->coap_ssl_data;
197
198 if (out != NULL) {
199 if (data->pdu_len > 0) {
200 if (outl < data->pdu_len) {
201 memcpy(out, data->pdu, outl);
202 ret = outl;
203 data->pdu += outl;
204 data->pdu_len -= outl;
205 } else {
206 memcpy(out, data->pdu, data->pdu_len);
207 ret = data->pdu_len;
208 if (!data->peekmode) {
209 data->pdu_len = 0;
210 data->pdu = NULL;
211 }
212 }
213 } else {
214 ret = MBEDTLS_ERR_SSL_WANT_READ;
215 errno = EAGAIN;
216 }
217 }
218 return ret;
219}
220
221/*
222 * return +ve data amount
223 * 0 no more
224 * -ve Mbed TLS error
225 */
226/* callback function given to mbedtls for sending data over socket */
227static int
228coap_dgram_write(void *ctx, const unsigned char *send_buffer,
229 size_t send_buffer_length) {
230 ssize_t result = -1;
231 coap_session_t *c_session = (coap_session_t *)ctx;
232
233 if (c_session) {
234 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
235
236 if (!coap_netif_available(c_session)
237#if COAP_SERVER_SUPPORT
238 && c_session->endpoint == NULL
239#endif /* COAP_SERVER_SUPPORT */
240 ) {
241 /* socket was closed on client due to error */
242 errno = ECONNRESET;
243 return -1;
244 }
245 result = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
246 send_buffer, send_buffer_length);
247 if (result != (ssize_t)send_buffer_length) {
248 int keep_errno = errno;
249
250 coap_log_warn("coap_netif_dgrm_write failed (%zd != %zu)\n",
251 result, send_buffer_length);
252 errno = keep_errno;
253 if (result < 0) {
254 return -1;
255 } else {
256 result = 0;
257 }
258 } else if (m_env) {
259 coap_tick_t now;
260 coap_ticks(&now);
261 m_env->last_timeout = now;
262 }
263 } else {
264 result = 0;
265 }
266 return result;
267}
268
269#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) && defined(MBEDTLS_SSL_SRV_C)
270/*
271 * Server side PSK callback
272 */
273static int
274psk_server_callback(void *p_info, mbedtls_ssl_context *ssl,
275 const unsigned char *identity, size_t identity_len) {
276 coap_session_t *c_session = (coap_session_t *)p_info;
277 coap_dtls_spsk_t *setup_data;
278 coap_mbedtls_env_t *m_env;
279 coap_bin_const_t lidentity;
280 const coap_bin_const_t *psk_key;
281
282 if (c_session == NULL)
283 return -1;
284
285 /* Track the Identity being used */
286 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
287 lidentity.length = identity ? identity_len : 0;
288 coap_session_refresh_psk_identity(c_session, &lidentity);
289
290 coap_log_debug("got psk_identity: '%.*s'\n",
291 (int)lidentity.length, (const char *)lidentity.s);
292
293 m_env = (coap_mbedtls_env_t *)c_session->tls;
294 setup_data = &c_session->context->spsk_setup_data;
295
296 if (setup_data->validate_id_call_back) {
297 psk_key = setup_data->validate_id_call_back(&lidentity,
298 c_session,
299 setup_data->id_call_back_arg);
300
301 coap_session_refresh_psk_key(c_session, psk_key);
302 } else {
303 psk_key = coap_get_session_server_psk_key(c_session);
304 }
305
306 if (psk_key == NULL)
307 return -1;
308 mbedtls_ssl_set_hs_psk(ssl, psk_key->s, psk_key->length);
309 m_env->seen_client_hello = 1;
310 return 0;
311}
312#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED && MBEDTLS_SSL_SRV_C */
313
314static char *
315get_san_or_cn_from_cert(mbedtls_x509_crt *crt) {
316 if (crt) {
317 const mbedtls_asn1_named_data *cn_data;
318
319 if (crt->ext_types & MBEDTLS_X509_EXT_SUBJECT_ALT_NAME) {
320 mbedtls_asn1_sequence *seq = &crt->subject_alt_names;
321 while (seq && seq->buf.p == NULL) {
322 seq = seq->next;
323 }
324 if (seq) {
325 /* Return the Subject Alt Name */
326 return mbedtls_strndup((const char *)seq->buf.p,
327 seq->buf.len);
328 }
329 }
330
331 cn_data = mbedtls_asn1_find_named_data(&crt->subject,
332 MBEDTLS_OID_AT_CN,
333 MBEDTLS_OID_SIZE(MBEDTLS_OID_AT_CN));
334 if (cn_data) {
335 /* Return the Common Name */
336 return mbedtls_strndup((const char *)cn_data->val.p,
337 cn_data->val.len);
338 }
339 }
340 return NULL;
341}
342
343#if COAP_MAX_LOGGING_LEVEL > 0
344static char *
345get_error_string(int ret) {
346 static char buf[128] = {0};
347 mbedtls_strerror(ret, buf, sizeof(buf)-1);
348 return buf;
349}
350#endif /* COAP_MAX_LOGGING_LEVEL */
351
352static int
353self_signed_cert_verify_callback_mbedtls(void *data,
354 mbedtls_x509_crt *crt COAP_UNUSED,
355 int depth COAP_UNUSED,
356 uint32_t *flags) {
357 const coap_session_t *c_session = (coap_session_t *)data;
358 const coap_mbedtls_context_t *m_context =
359 (coap_mbedtls_context_t *)c_session->context->dtls_context;
360 const coap_dtls_pki_t *setup_data = &m_context->setup_data;
361
362 if (*flags & MBEDTLS_X509_BADCERT_EXPIRED) {
363 if (setup_data->allow_expired_certs) {
364 *flags &= ~MBEDTLS_X509_BADCERT_EXPIRED;
365 }
366 }
367 return 0;
368}
369
370/*
371 * return 0 All OK
372 * -ve Error Code
373 */
374static int
375cert_verify_callback_mbedtls(void *data, mbedtls_x509_crt *crt,
376 int depth, uint32_t *flags) {
377 coap_session_t *c_session = (coap_session_t *)data;
378 coap_mbedtls_context_t *m_context =
379 (coap_mbedtls_context_t *)c_session->context->dtls_context;
380 coap_dtls_pki_t *setup_data = &m_context->setup_data;
381 char *cn = NULL;
382
383 if (*flags == 0)
384 return 0;
385
386 cn = get_san_or_cn_from_cert(crt);
387
388 if (*flags & MBEDTLS_X509_BADCERT_EXPIRED) {
389 if (setup_data->allow_expired_certs) {
390 *flags &= ~MBEDTLS_X509_BADCERT_EXPIRED;
391 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
392 coap_session_str(c_session),
393 "The certificate has expired", cn ? cn : "?", depth);
394 }
395 }
396 if (*flags & MBEDTLS_X509_BADCERT_FUTURE) {
397 if (setup_data->allow_expired_certs) {
398 *flags &= ~MBEDTLS_X509_BADCERT_FUTURE;
399 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
400 coap_session_str(c_session),
401 "The certificate has a future date", cn ? cn : "?", depth);
402 }
403 }
404 if (*flags & MBEDTLS_X509_BADCERT_BAD_MD) {
405 if (setup_data->allow_bad_md_hash) {
406 *flags &= ~MBEDTLS_X509_BADCERT_BAD_MD;
407 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
408 coap_session_str(c_session),
409 "The certificate has a bad MD hash", cn ? cn : "?", depth);
410 }
411 }
412 if (*flags & MBEDTLS_X509_BADCERT_BAD_KEY) {
413 if (setup_data->allow_short_rsa_length) {
414 *flags &= ~MBEDTLS_X509_BADCERT_BAD_KEY;
415 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
416 coap_session_str(c_session),
417 "The certificate has a short RSA length", cn ? cn : "?", depth);
418 }
419 }
420 if (*flags & MBEDTLS_X509_BADCERT_NOT_TRUSTED) {
421 uint32_t lflags;
422 int self_signed = !mbedtls_x509_crt_verify(crt, crt, NULL, NULL, &lflags,
423 self_signed_cert_verify_callback_mbedtls,
424 data);
425 if (self_signed && depth == 0) {
426 if (setup_data->allow_self_signed &&
427 !setup_data->check_common_ca) {
428 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
429 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
430 coap_session_str(c_session),
431 "Self-signed",
432 cn ? cn : "?", depth);
433 }
434 } else if (self_signed) {
435 if (!setup_data->verify_peer_cert) {
436 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
437 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
438 coap_session_str(c_session),
439 "Self-signed", cn ? cn : "?", depth);
440 }
441 } else {
442 if (!setup_data->verify_peer_cert) {
443 *flags &= ~MBEDTLS_X509_BADCERT_NOT_TRUSTED;
444 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
445 coap_session_str(c_session),
446 "The certificate's CA is not trusted", cn ? cn : "?", depth);
447 }
448 }
449 }
450 if (*flags & MBEDTLS_X509_BADCRL_EXPIRED) {
451 if (setup_data->check_cert_revocation && setup_data->allow_expired_crl) {
452 *flags &= ~MBEDTLS_X509_BADCRL_EXPIRED;
453 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
454 coap_session_str(c_session),
455 "The certificate's CRL has expired", cn ? cn : "?", depth);
456 } else if (!setup_data->check_cert_revocation) {
457 *flags &= ~MBEDTLS_X509_BADCRL_EXPIRED;
458 }
459 }
460 if (*flags & MBEDTLS_X509_BADCRL_FUTURE) {
461 if (setup_data->check_cert_revocation && setup_data->allow_expired_crl) {
462 *flags &= ~MBEDTLS_X509_BADCRL_FUTURE;
463 coap_log_info(" %s: %s: overridden: '%s' depth %d\n",
464 coap_session_str(c_session),
465 "The certificate's CRL has a future date", cn ? cn : "?", depth);
466 } else if (!setup_data->check_cert_revocation) {
467 *flags &= ~MBEDTLS_X509_BADCRL_FUTURE;
468 }
469 }
470 if (setup_data->cert_chain_validation &&
471 depth > (setup_data->cert_chain_verify_depth + 1)) {
472 *flags |= MBEDTLS_X509_BADCERT_OTHER;
473 coap_log_warn(" %s: %s: '%s' depth %d\n",
474 coap_session_str(c_session),
475 "The certificate's verify depth is too long",
476 cn ? cn : "?", depth);
477 }
478
479 if (*flags & MBEDTLS_X509_BADCERT_CN_MISMATCH) {
480 *flags &= ~MBEDTLS_X509_BADCERT_CN_MISMATCH;
481 }
482 if (setup_data->validate_cn_call_back) {
483 int ret;
484
485 coap_lock_callback_ret(ret, c_session->context,
486 setup_data->validate_cn_call_back(cn,
487 crt->raw.p,
488 crt->raw.len,
489 c_session,
490 depth,
491 *flags == 0,
492 setup_data->cn_call_back_arg));
493 if (!ret) {
494 *flags |= MBEDTLS_X509_BADCERT_CN_MISMATCH;
495 }
496 }
497 if (*flags != 0) {
498 char buf[128];
499 char *tcp;
500 int ret = mbedtls_x509_crt_verify_info(buf, sizeof(buf), "", *flags);
501
502 if (ret >= 0) {
503 tcp = strchr(buf, '\n');
504 while (tcp) {
505 *tcp = '\000';
506 coap_log_warn(" %s: %s: issue 0x%" PRIx32 ": '%s' depth %d\n",
507 coap_session_str(c_session),
508 buf, *flags, cn ? cn : "?", depth);
509 tcp = strchr(tcp+1, '\n');
510 }
511 } else {
512 coap_log_err("mbedtls_x509_crt_verify_info returned -0x%x: '%s'\n",
513 -ret, get_error_string(ret));
514 }
515 }
516
517 if (cn)
518 mbedtls_free(cn);
519
520 return 0;
521}
522
523static int
524setup_pki_credentials(mbedtls_x509_crt *cacert,
525 mbedtls_x509_crt *public_cert,
526 mbedtls_pk_context *private_key,
527 coap_mbedtls_env_t *m_env,
528 coap_mbedtls_context_t *m_context,
529 coap_session_t *c_session,
530 coap_dtls_pki_t *setup_data,
531 coap_dtls_role_t role) {
532 coap_dtls_key_t key;
533 int ret;
534 int done_private_key = 0;
535 int done_public_cert = 0;
536 uint8_t *buffer;
537 size_t length;
538
539 /* Map over to the new define format to save code duplication */
540 coap_dtls_map_key_type_to_define(setup_data, &key);
541
542 assert(key.key_type == COAP_PKI_KEY_DEFINE);
543
544 /*
545 * Configure the Private Key
546 */
547 if (key.key.define.private_key.u_byte &&
548 key.key.define.private_key.u_byte[0]) {
549 switch (key.key.define.private_key_def) {
550 case COAP_PKI_KEY_DEF_DER: /* define private key */
551 /* Fall Through */
552 case COAP_PKI_KEY_DEF_PEM: /* define private key */
553#if defined(MBEDTLS_FS_IO)
554 mbedtls_pk_init(private_key);
555#ifdef MBEDTLS_2_X_COMPAT
556 ret = mbedtls_pk_parse_keyfile(private_key,
557 key.key.define.private_key.s_byte, NULL);
558#else
559 ret = mbedtls_pk_parse_keyfile(private_key,
560 key.key.define.private_key.s_byte,
561 NULL, coap_rng, (void *)&m_env->ctr_drbg);
562#endif /* MBEDTLS_2_X_COMPAT */
563 if (ret < 0) {
564 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
565 COAP_DEFINE_FAIL_BAD,
566 &key, role, ret);
567 }
568 done_private_key = 1;
569 break;
570#else /* ! MBEDTLS_FS_IO */
571 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
572 COAP_DEFINE_FAIL_NOT_SUPPORTED,
573 &key, role, -1);
574#endif /* ! MBEDTLS_FS_IO */
575 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
576 mbedtls_pk_init(private_key);
577 length = key.key.define.private_key_len;
578 if (key.key.define.private_key.u_byte[length-1] != '\000') {
579 /* Need to allocate memory to add in NULL terminator */
580 buffer = mbedtls_malloc(length + 1);
581 if (!buffer) {
582 coap_log_err("mbedtls_malloc failed\n");
583 return 0;
584 }
585 memcpy(buffer, key.key.define.private_key.u_byte, length);
586 buffer[length] = '\000';
587 length++;
588#ifdef MBEDTLS_2_X_COMPAT
589 ret = mbedtls_pk_parse_key(private_key, buffer, length, NULL, 0);
590#else
591 ret = mbedtls_pk_parse_key(private_key, buffer, length,
592 NULL, 0, coap_rng, (void *)&m_env->ctr_drbg);
593#endif /* MBEDTLS_2_X_COMPAT */
594 mbedtls_free(buffer);
595 } else {
596#ifdef MBEDTLS_2_X_COMPAT
597 ret = mbedtls_pk_parse_key(private_key,
598 key.key.define.private_key.u_byte,
599 key.key.define.private_key_len, NULL, 0);
600#else
601 ret = mbedtls_pk_parse_key(private_key,
602 key.key.define.private_key.u_byte,
603 key.key.define.private_key_len,
604 NULL, 0, coap_rng, (void *)&m_env->ctr_drbg);
605#endif /* MBEDTLS_2_X_COMPAT */
606 }
607 if (ret < 0) {
608 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
609 COAP_DEFINE_FAIL_BAD,
610 &key, role, ret);
611 }
612 done_private_key = 1;
613 break;
614 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
615 mbedtls_pk_init(private_key);
616#ifdef MBEDTLS_2_X_COMPAT
617 ret = mbedtls_pk_parse_key(private_key,
618 key.key.define.private_key.u_byte,
619 key.key.define.private_key_len, NULL, 0);
620#else
621 ret = mbedtls_pk_parse_key(private_key,
622 key.key.define.private_key.u_byte,
623 key.key.define.private_key_len, NULL, 0, coap_rng,
624 (void *)&m_env->ctr_drbg);
625#endif /* MBEDTLS_2_X_COMPAT */
626 if (ret < 0) {
627 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
628 COAP_DEFINE_FAIL_BAD,
629 &key, role, ret);
630 }
631 done_private_key = 1;
632 break;
633 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
634 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
635 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
636 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
637 default:
638 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
639 COAP_DEFINE_FAIL_NOT_SUPPORTED,
640 &key, role, -1);
641 }
642 } else if (role == COAP_DTLS_ROLE_SERVER ||
643 (key.key.define.public_cert.u_byte &&
644 key.key.define.public_cert.u_byte[0])) {
645 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
646 COAP_DEFINE_FAIL_NONE,
647 &key, role, -1);
648 }
649
650 /*
651 * Configure the Public Certificate / Key
652 */
653 if (key.key.define.public_cert.u_byte &&
654 key.key.define.public_cert.u_byte[0]) {
655 switch (key.key.define.public_cert_def) {
656 case COAP_PKI_KEY_DEF_DER: /* define public cert */
657 /* Fall Through */
658 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
659#if defined(MBEDTLS_FS_IO)
660 mbedtls_x509_crt_init(public_cert);
661 ret = mbedtls_x509_crt_parse_file(public_cert,
662 key.key.define.public_cert.s_byte);
663 if (ret < 0) {
664 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
665 COAP_DEFINE_FAIL_BAD,
666 &key, role, ret);
667 }
668 done_public_cert = 1;
669 break;
670#else /* ! MBEDTLS_FS_IO */
671 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
672 COAP_DEFINE_FAIL_NOT_SUPPORTED,
673 &key, role, -1);
674#endif /* ! MBEDTLS_FS_IO */
675 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
676 mbedtls_x509_crt_init(public_cert);
677
678 length = key.key.define.public_cert_len;
679 if (key.key.define.public_cert.u_byte[length-1] != '\000') {
680 /* Need to allocate memory to add in NULL terminator */
681 buffer = mbedtls_malloc(length + 1);
682 if (!buffer) {
683 coap_log_err("mbedtls_malloc failed\n");
684 return 0;
685 }
686 memcpy(buffer, key.key.define.public_cert.u_byte, length);
687 buffer[length] = '\000';
688 length++;
689 ret = mbedtls_x509_crt_parse(public_cert, buffer, length);
690 mbedtls_free(buffer);
691 } else {
692 ret = mbedtls_x509_crt_parse(public_cert,
693 key.key.define.public_cert.u_byte,
694 key.key.define.public_cert_len);
695 }
696 if (ret < 0) {
697 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
698 COAP_DEFINE_FAIL_BAD,
699 &key, role, ret);
700 }
701 done_public_cert = 1;
702 break;
703 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
704 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
705 COAP_DEFINE_FAIL_NOT_SUPPORTED,
706 &key, role, -1);
707 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
708 mbedtls_x509_crt_init(public_cert);
709 ret = mbedtls_x509_crt_parse(public_cert,
710 key.key.define.public_cert.u_byte,
711 key.key.define.public_cert_len);
712 if (ret < 0) {
713 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
714 COAP_DEFINE_FAIL_BAD,
715 &key, role, ret);
716 }
717 done_public_cert = 1;
718 break;
719 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
720 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
721 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
722 default:
723 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
724 COAP_DEFINE_FAIL_NOT_SUPPORTED,
725 &key, role, -1);
726 }
727 } else if (role == COAP_DTLS_ROLE_SERVER ||
728 (key.key.define.private_key.u_byte &&
729 key.key.define.private_key.u_byte[0])) {
730 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
731 COAP_DEFINE_FAIL_NONE,
732 &key, role, -1);
733 }
734
735 if (done_private_key && done_public_cert) {
736 ret = mbedtls_ssl_conf_own_cert(&m_env->conf, public_cert, private_key);
737 if (ret < 0) {
738 coap_log_err("mbedtls_ssl_conf_own_cert returned -0x%x: '%s'\n",
739 -ret, get_error_string(ret));
740 return 0;
741 }
742 }
743
744 /*
745 * Configure the CA
746 */
747 if (
748 key.key.define.ca.u_byte &&
749 key.key.define.ca.u_byte[0]) {
750 switch (key.key.define.ca_def) {
751 case COAP_PKI_KEY_DEF_DER: /* define ca */
752 /* Fall Through */
753 case COAP_PKI_KEY_DEF_PEM:
754#if defined(MBEDTLS_FS_IO)
755 mbedtls_x509_crt_init(cacert);
756 ret = mbedtls_x509_crt_parse_file(cacert,
757 key.key.define.ca.s_byte);
758 if (ret < 0) {
759 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
760 COAP_DEFINE_FAIL_BAD,
761 &key, role, ret);
762 }
763 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
764#else /* ! MBEDTLS_FS_IO */
765 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
766 COAP_DEFINE_FAIL_NOT_SUPPORTED,
767 &key, role, -1);
768#endif /* ! MBEDTLS_FS_IO */
769 break;
770 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
771 mbedtls_x509_crt_init(cacert);
772 length = key.key.define.ca_len;
773 if (key.key.define.ca.u_byte[length-1] != '\000') {
774 /* Need to allocate memory to add in NULL terminator */
775 buffer = mbedtls_malloc(length + 1);
776 if (!buffer) {
777 coap_log_err("mbedtls_malloc failed\n");
778 return 0;
779 }
780 memcpy(buffer, key.key.define.ca.u_byte, length);
781 buffer[length] = '\000';
782 length++;
783 ret = mbedtls_x509_crt_parse(cacert, buffer, length);
784 mbedtls_free(buffer);
785 } else {
786 ret = mbedtls_x509_crt_parse(cacert,
787 key.key.define.ca.u_byte,
788 key.key.define.ca_len);
789 }
790 if (ret < 0) {
791 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
792 COAP_DEFINE_FAIL_BAD,
793 &key, role, ret);
794 }
795 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
796 break;
797 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
798 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
799 COAP_DEFINE_FAIL_NOT_SUPPORTED,
800 &key, role, -1);
801 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
802 mbedtls_x509_crt_init(cacert);
803 ret = mbedtls_x509_crt_parse(cacert,
804 key.key.define.ca.u_byte,
805 key.key.define.ca_len);
806 if (ret < 0) {
807 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
808 COAP_DEFINE_FAIL_BAD,
809 &key, role, ret);
810 }
811 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
812 break;
813 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
814 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
815 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
816 default:
817 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
818 COAP_DEFINE_FAIL_NOT_SUPPORTED,
819 &key, role, -1);
820 }
821 }
822
823 /* Add in any root CA definitons */
824
825#if defined(MBEDTLS_FS_IO)
826 if (m_context->root_ca_file) {
827 ret = mbedtls_x509_crt_parse_file(cacert, m_context->root_ca_file);
828 if (ret < 0) {
829 key.key.define.ca_def = COAP_PKI_KEY_DEF_PEM;
830 return coap_dtls_define_issue(COAP_DEFINE_KEY_ROOT_CA,
831 COAP_DEFINE_FAIL_BAD,
832 &key, role, ret);
833 }
834 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
835 }
836 if (m_context->root_ca_path) {
837 ret = mbedtls_x509_crt_parse_path(cacert, m_context->root_ca_path);
838 if (ret < 0) {
839 key.key.define.ca_def = COAP_PKI_KEY_DEF_PEM;
840 return coap_dtls_define_issue(COAP_DEFINE_KEY_ROOT_CA,
841 COAP_DEFINE_FAIL_BAD,
842 &key, role, ret);
843 }
844 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
845 }
846 if (m_context->trust_store_defined) {
847 /* Until Trust Store is implemented in MbedTLS */
848 const char *trust_list[] = {
849 "/etc/ssl/ca-bundle.pem",
850 "/etc/ssl/certs/ca-certificates.crt",
851 "/etc/pki/tls/cert.pem",
852 "/usr/local/share/certs/ca-root-nss.crt",
853 "/etc/ssl/cert.pem"
854 };
855 static const char *trust_file_found = NULL;
856 static int trust_file_done = 0;
857 unsigned int i;
858
859 if (trust_file_found) {
860 ret = mbedtls_x509_crt_parse_file(cacert, trust_file_found);
861 if (ret >= 0) {
862 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
863 } else {
864 coap_log_warn("Unable to load trusted root CAs (%s)\n",
865 trust_file_found);
866 }
867 } else if (!trust_file_done) {
868 trust_file_done = 1;
869 for (i = 0; i < sizeof(trust_list)/sizeof(trust_list[0]); i++) {
870 ret = mbedtls_x509_crt_parse_file(cacert, trust_list[i]);
871 if (ret >= 0) {
872 mbedtls_ssl_conf_ca_chain(&m_env->conf, cacert, NULL);
873 trust_file_found = trust_list[i];
874 break;
875 }
876 }
877 if (i == sizeof(trust_list)/sizeof(trust_list[0])) {
878 coap_log_warn("Unable to load trusted root CAs\n");
879 }
880 }
881 }
882#else /* ! MBEDTLS_FS_IO */
883 (void)m_context;
884 return coap_dtls_define_issue(COAP_DEFINE_KEY_ROOT_CA,
885 COAP_DEFINE_FAIL_NOT_SUPPORTED,
886 &key, role, -1);
887#endif /* ! MBEDTLS_FS_IO */
888
889#if defined(MBEDTLS_SSL_SRV_C)
890 mbedtls_ssl_conf_cert_req_ca_list(&m_env->conf,
891 setup_data->check_common_ca ?
892 MBEDTLS_SSL_CERT_REQ_CA_LIST_ENABLED :
893 MBEDTLS_SSL_CERT_REQ_CA_LIST_DISABLED);
894#endif
895 mbedtls_ssl_conf_authmode(&m_env->conf, setup_data->verify_peer_cert ?
896 MBEDTLS_SSL_VERIFY_REQUIRED :
897 MBEDTLS_SSL_VERIFY_NONE);
898 /*
899 * Verify Peer.
900 * Need to do all checking, even if setup_data->verify_peer_cert is not set
901 */
902 mbedtls_ssl_conf_verify(&m_env->conf,
903 cert_verify_callback_mbedtls, c_session);
904
905 return 1;
906}
907
908#if defined(MBEDTLS_SSL_SRV_C)
909/*
910 * PKI SNI callback.
911 */
912static int
913pki_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
914 const unsigned char *uname, size_t name_len) {
915 unsigned int i;
916 coap_dtls_pki_t sni_setup_data;
917 coap_session_t *c_session = (coap_session_t *)p_info;
918 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
919 coap_mbedtls_context_t *m_context =
920 (coap_mbedtls_context_t *)c_session->context->dtls_context;
921 char *name;
922
923 name = mbedtls_malloc(name_len+1);
924 if (!name)
925 return -1;
926
927 memcpy(name, uname, name_len);
928 name[name_len] = '\000';
929
930 /* Is this a cached entry? */
931 for (i = 0; i < m_context->pki_sni_count; i++) {
932 if (strcasecmp(name, m_context->pki_sni_entry_list[i].sni) == 0) {
933 break;
934 }
935 }
936 if (i == m_context->pki_sni_count) {
937 /*
938 * New PKI SNI request
939 */
940 coap_dtls_key_t *new_entry;
941 pki_sni_entry *pki_sni_entry_list;
942
943 coap_lock_callback_ret(new_entry, c_session->context,
944 m_context->setup_data.validate_sni_call_back(name,
945 m_context->setup_data.sni_call_back_arg));
946 if (!new_entry) {
947 mbedtls_free(name);
948 return -1;
949 }
950
951 pki_sni_entry_list = mbedtls_realloc(m_context->pki_sni_entry_list,
952 (i+1)*sizeof(pki_sni_entry));
953
954 if (pki_sni_entry_list == NULL) {
955 mbedtls_free(name);
956 return -1;
957 }
958 m_context->pki_sni_entry_list = pki_sni_entry_list;
959 memset(&m_context->pki_sni_entry_list[i], 0,
960 sizeof(m_context->pki_sni_entry_list[i]));
961 m_context->pki_sni_entry_list[i].sni = name;
962 m_context->pki_sni_entry_list[i].pki_key = *new_entry;
963 sni_setup_data = m_context->setup_data;
964 sni_setup_data.pki_key = *new_entry;
965 if (setup_pki_credentials(&m_context->pki_sni_entry_list[i].cacert,
966 &m_context->pki_sni_entry_list[i].public_cert,
967 &m_context->pki_sni_entry_list[i].private_key,
968 m_env,
969 m_context,
970 c_session,
971 &sni_setup_data, COAP_DTLS_ROLE_SERVER) < 0) {
972 mbedtls_free(name);
973 return -1;
974 }
975 /* name has been absorbed into pki_sni_entry_list[].sni entry */
976 m_context->pki_sni_count++;
977 } else {
978 mbedtls_free(name);
979 }
980
981 mbedtls_ssl_set_hs_ca_chain(ssl, &m_context->pki_sni_entry_list[i].cacert,
982 NULL);
983 return mbedtls_ssl_set_hs_own_cert(ssl,
984 &m_context->pki_sni_entry_list[i].public_cert,
985 &m_context->pki_sni_entry_list[i].private_key);
986}
987
988#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
989/*
990 * PSK SNI callback.
991 */
992static int
993psk_sni_callback(void *p_info, mbedtls_ssl_context *ssl,
994 const unsigned char *uname, size_t name_len) {
995 unsigned int i;
996 coap_session_t *c_session = (coap_session_t *)p_info;
997 coap_mbedtls_context_t *m_context =
998 (coap_mbedtls_context_t *)c_session->context->dtls_context;
999 char *name;
1000
1001 name = mbedtls_malloc(name_len+1);
1002 if (!name)
1003 return -1;
1004
1005 memcpy(name, uname, name_len);
1006 name[name_len] = '\000';
1007
1008 /* Is this a cached entry? */
1009 for (i = 0; i < m_context->psk_sni_count; i++) {
1010 if (strcasecmp(name, m_context->psk_sni_entry_list[i].sni) == 0) {
1011 break;
1012 }
1013 }
1014 if (i == m_context->psk_sni_count) {
1015 /*
1016 * New PSK SNI request
1017 */
1018 const coap_dtls_spsk_info_t *new_entry;
1019 psk_sni_entry *psk_sni_entry_list;
1020
1021 coap_lock_callback_ret(new_entry, c_session->context,
1022 c_session->context->spsk_setup_data.validate_sni_call_back(name,
1023 c_session,
1024 c_session->context->spsk_setup_data.sni_call_back_arg));
1025 if (!new_entry) {
1026 mbedtls_free(name);
1027 return -1;
1028 }
1029
1030 psk_sni_entry_list = mbedtls_realloc(m_context->psk_sni_entry_list,
1031 (i+1)*sizeof(psk_sni_entry));
1032
1033 if (psk_sni_entry_list == NULL) {
1034 mbedtls_free(name);
1035 return -1;
1036 }
1037 m_context->psk_sni_entry_list = psk_sni_entry_list;
1038 m_context->psk_sni_entry_list[i].sni = name;
1039 m_context->psk_sni_entry_list[i].psk_info = *new_entry;
1040 /* name has been absorbed into psk_sni_entry_list[].sni entry */
1041 m_context->psk_sni_count++;
1042 } else {
1043 mbedtls_free(name);
1044 }
1045
1046 coap_session_refresh_psk_hint(c_session,
1047 &m_context->psk_sni_entry_list[i].psk_info.hint);
1048 coap_session_refresh_psk_key(c_session,
1049 &m_context->psk_sni_entry_list[i].psk_info.key);
1050 return mbedtls_ssl_set_hs_psk(ssl,
1051 m_context->psk_sni_entry_list[i].psk_info.key.s,
1052 m_context->psk_sni_entry_list[i].psk_info.key.length);
1053}
1054#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1055
1056static int
1057setup_server_ssl_session(coap_session_t *c_session,
1058 coap_mbedtls_env_t *m_env) {
1059 coap_mbedtls_context_t *m_context =
1060 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1061 int ret = 0;
1062 m_context->psk_pki_enabled |= IS_SERVER;
1063
1064 mbedtls_ssl_cookie_init(&m_env->cookie_ctx);
1065 if ((ret = mbedtls_ssl_config_defaults(&m_env->conf,
1066 MBEDTLS_SSL_IS_SERVER,
1067 c_session->proto == COAP_PROTO_DTLS ?
1068 MBEDTLS_SSL_TRANSPORT_DATAGRAM :
1069 MBEDTLS_SSL_TRANSPORT_STREAM,
1070 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
1071 coap_log_err("mbedtls_ssl_config_defaults returned -0x%x: '%s'\n",
1072 -ret, get_error_string(ret));
1073 goto fail;
1074 }
1075
1076 mbedtls_ssl_conf_rng(&m_env->conf, mbedtls_ctr_drbg_random, &m_env->ctr_drbg);
1077
1078#if defined(MBEDTLS_SSL_PROTO_DTLS)
1079 mbedtls_ssl_conf_handshake_timeout(&m_env->conf, COAP_DTLS_RETRANSMIT_MS,
1080 COAP_DTLS_RETRANSMIT_TOTAL_MS);
1081#endif /* MBEDTLS_SSL_PROTO_DTLS */
1082
1083 if (m_context->psk_pki_enabled & IS_PSK) {
1084#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1085 mbedtls_ssl_conf_psk_cb(&m_env->conf, psk_server_callback, c_session);
1086 if (c_session->context->spsk_setup_data.validate_sni_call_back) {
1087 mbedtls_ssl_conf_sni(&m_env->conf, psk_sni_callback, c_session);
1088 }
1089#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1090 m_env->ec_jpake = c_session->context->spsk_setup_data.ec_jpake;
1091#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1092#else /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1093 coap_log_warn("PSK not enabled in Mbed TLS library\n");
1094#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1095 }
1096
1097 if (m_context->psk_pki_enabled & IS_PKI) {
1098 ret = setup_pki_credentials(&m_env->cacert, &m_env->public_cert,
1099 &m_env->private_key, m_env, m_context,
1100 c_session, &m_context->setup_data,
1101 COAP_DTLS_ROLE_SERVER);
1102 if (ret < 0) {
1103 coap_log_err("PKI setup failed\n");
1104 return ret;
1105 }
1106 if (m_context->setup_data.validate_sni_call_back) {
1107 mbedtls_ssl_conf_sni(&m_env->conf, pki_sni_callback, c_session);
1108 }
1109 }
1110
1111 if ((ret = mbedtls_ssl_cookie_setup(&m_env->cookie_ctx,
1112 mbedtls_ctr_drbg_random,
1113 &m_env->ctr_drbg)) != 0) {
1114 coap_log_err("mbedtls_ssl_cookie_setup: returned -0x%x: '%s'\n",
1115 -ret, get_error_string(ret));
1116 goto fail;
1117 }
1118
1119#if defined(MBEDTLS_SSL_PROTO_DTLS)
1120 mbedtls_ssl_conf_dtls_cookies(&m_env->conf, mbedtls_ssl_cookie_write,
1121 mbedtls_ssl_cookie_check,
1122 &m_env->cookie_ctx);
1123#if MBEDTLS_VERSION_NUMBER >= 0x02100100
1124 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
1125#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
1126#endif /* MBEDTLS_SSL_PROTO_DTLS */
1127#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1128 /*
1129 * Configure CID max length.
1130 *
1131 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
1132 * to use RFC9146 extension ID of 54, rather than the draft version -05
1133 * value of 254.
1134 */
1135 mbedtls_ssl_conf_cid(&m_env->conf, COAP_DTLS_CID_LENGTH, MBEDTLS_SSL_UNEXPECTED_CID_IGNORE);
1136#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
1137fail:
1138 return ret;
1139}
1140#endif /* MBEDTLS_SSL_SRV_C */
1141
1142#if COAP_CLIENT_SUPPORT
1143static int *psk_ciphers = NULL;
1144static int *pki_ciphers = NULL;
1145static int *ecjpake_ciphers = NULL;
1146static int processed_ciphers = 0;
1147
1148#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1149static int
1150coap_ssl_ciphersuite_uses_psk(const mbedtls_ssl_ciphersuite_t *info) {
1151#if MBEDTLS_VERSION_NUMBER >= 0x03060000
1152 switch (info->key_exchange) {
1153 case MBEDTLS_KEY_EXCHANGE_PSK:
1154 case MBEDTLS_KEY_EXCHANGE_RSA_PSK:
1155 case MBEDTLS_KEY_EXCHANGE_DHE_PSK:
1156 case MBEDTLS_KEY_EXCHANGE_ECDHE_PSK:
1157 return 1;
1158 case MBEDTLS_KEY_EXCHANGE_NONE:
1159 case MBEDTLS_KEY_EXCHANGE_RSA:
1160 case MBEDTLS_KEY_EXCHANGE_DHE_RSA:
1161 case MBEDTLS_KEY_EXCHANGE_ECDHE_RSA:
1162 case MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA:
1163 case MBEDTLS_KEY_EXCHANGE_ECDH_RSA:
1164 case MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA:
1165 case MBEDTLS_KEY_EXCHANGE_ECJPAKE:
1166 default:
1167 return 0;
1168 }
1169#else /* MBEDTLS_VERSION_NUMBER < 0x03060000 */
1170 return mbedtls_ssl_ciphersuite_uses_psk(info);
1171#endif /* MBEDTLS_VERSION_NUMBER < 0x03060000 */
1172}
1173#endif /* defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED) */
1174
1175static void
1176set_ciphersuites(mbedtls_ssl_config *conf, coap_enc_method_t method) {
1177 if (!processed_ciphers) {
1178 const int *list = mbedtls_ssl_list_ciphersuites();
1179 const int *base = list;
1180 int *psk_list;
1181 int *pki_list;
1182#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1183 int *ecjpake_list;
1184 int ecjpake_count = 1;
1185#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1186 int psk_count = 1; /* account for empty terminator */
1187 int pki_count = 1;
1188
1189 while (*list) {
1190 const mbedtls_ssl_ciphersuite_t *cur =
1191 mbedtls_ssl_ciphersuite_from_id(*list);
1192
1193 if (cur) {
1194#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1195 if (cur->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2) {
1196 /* Minimum of TLS1.2 required - skip */
1197 }
1198#else
1199 if (cur->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
1200 /* Minimum of TLS1.2 required - skip */
1201 }
1202#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1203#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1204 else if (cur->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
1205 ecjpake_count++;
1206 }
1207#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1208#if MBEDTLS_VERSION_NUMBER >= 0x03060000
1209 else if (cur->min_tls_version >= MBEDTLS_SSL_VERSION_TLS1_3) {
1210 psk_count++;
1211 pki_count++;
1212 }
1213#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
1214#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1215 else if (coap_ssl_ciphersuite_uses_psk(cur)) {
1216 psk_count++;
1217 }
1218#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1219 else {
1220 pki_count++;
1221 }
1222 }
1223 list++;
1224 }
1225 list = base;
1226
1227 psk_ciphers = mbedtls_malloc(psk_count * sizeof(psk_ciphers[0]));
1228 if (psk_ciphers == NULL) {
1229 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", psk_count);
1230 return;
1231 }
1232 pki_ciphers = mbedtls_malloc(pki_count * sizeof(pki_ciphers[0]));
1233 if (pki_ciphers == NULL) {
1234 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", pki_count);
1235 mbedtls_free(psk_ciphers);
1236 psk_ciphers = NULL;
1237 return;
1238 }
1239#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1240 ecjpake_ciphers = mbedtls_malloc(ecjpake_count * sizeof(ecjpake_ciphers[0]));
1241 if (ecjpake_ciphers == NULL) {
1242 coap_log_err("set_ciphers: mbedtls_malloc with count %d failed\n", pki_count);
1243 mbedtls_free(psk_ciphers);
1244 mbedtls_free(pki_ciphers);
1245 psk_ciphers = NULL;
1246 pki_ciphers = NULL;
1247 return;
1248 }
1249#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1250
1251 psk_list = psk_ciphers;
1252 pki_list = pki_ciphers;
1253#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1254 ecjpake_list = ecjpake_ciphers;
1255#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1256
1257 while (*list) {
1258 const mbedtls_ssl_ciphersuite_t *cur =
1259 mbedtls_ssl_ciphersuite_from_id(*list);
1260 if (cur) {
1261#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1262 if (cur->max_tls_version < MBEDTLS_SSL_VERSION_TLS1_2) {
1263 /* Minimum of TLS1.2 required - skip */
1264 }
1265#else
1266 if (cur->max_minor_ver < MBEDTLS_SSL_MINOR_VERSION_3) {
1267 /* Minimum of TLS1.2 required - skip */
1268 }
1269#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1270#if defined(MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED)
1271 else if (cur->key_exchange == MBEDTLS_KEY_EXCHANGE_ECJPAKE) {
1272 *ecjpake_list = *list;
1273 ecjpake_list++;
1274 }
1275#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1276#if MBEDTLS_VERSION_NUMBER >= 0x03060000
1277 else if (cur->min_tls_version >= MBEDTLS_SSL_VERSION_TLS1_3) {
1278 *psk_list = *list;
1279 psk_list++;
1280 *pki_list = *list;
1281 pki_list++;
1282 }
1283#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
1284#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1285 else if (coap_ssl_ciphersuite_uses_psk(cur)) {
1286 *psk_list = *list;
1287 psk_list++;
1288 }
1289#endif /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1290 else {
1291 *pki_list = *list;
1292 pki_list++;
1293 }
1294 }
1295 list++;
1296 }
1297 /* zero terminate */
1298 *psk_list = 0;
1299 *pki_list = 0;
1300 processed_ciphers = 1;
1301 }
1302 switch (method) {
1303 case COAP_ENC_PSK:
1304 mbedtls_ssl_conf_ciphersuites(conf, psk_ciphers);
1305 break;
1306 case COAP_ENC_PKI:
1307 mbedtls_ssl_conf_ciphersuites(conf, pki_ciphers);
1308 break;
1309 case COAP_ENC_ECJPAKE:
1310 mbedtls_ssl_conf_ciphersuites(conf, ecjpake_ciphers);
1311 break;
1312 default:
1313 assert(0);
1314 break;
1315 }
1316}
1317
1318static int
1319setup_client_ssl_session(coap_session_t *c_session,
1320 coap_mbedtls_env_t *m_env) {
1321 int ret;
1322
1323 coap_mbedtls_context_t *m_context =
1324 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1325
1326 m_context->psk_pki_enabled |= IS_CLIENT;
1327
1328 if ((ret = mbedtls_ssl_config_defaults(&m_env->conf,
1329 MBEDTLS_SSL_IS_CLIENT,
1330 c_session->proto == COAP_PROTO_DTLS ?
1331 MBEDTLS_SSL_TRANSPORT_DATAGRAM :
1332 MBEDTLS_SSL_TRANSPORT_STREAM,
1333 MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {
1334 coap_log_err("mbedtls_ssl_config_defaults returned -0x%x: '%s'\n",
1335 -ret, get_error_string(ret));
1336 goto fail;
1337 }
1338
1339#if defined(MBEDTLS_SSL_PROTO_DTLS)
1340 mbedtls_ssl_conf_handshake_timeout(&m_env->conf, COAP_DTLS_RETRANSMIT_MS,
1341 COAP_DTLS_RETRANSMIT_TOTAL_MS);
1342#endif /* MBEDTLS_SSL_PROTO_DTLS */
1343
1344 mbedtls_ssl_conf_authmode(&m_env->conf, MBEDTLS_SSL_VERIFY_REQUIRED);
1345 mbedtls_ssl_conf_rng(&m_env->conf, mbedtls_ctr_drbg_random, &m_env->ctr_drbg);
1346
1347 if (m_context->psk_pki_enabled & IS_PSK) {
1348#if defined(MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED)
1349 const coap_bin_const_t *psk_key;
1350 const coap_bin_const_t *psk_identity;
1351
1352 coap_log_info("Setting PSK key\n");
1353
1354 psk_key = coap_get_session_client_psk_key(c_session);
1355 psk_identity = coap_get_session_client_psk_identity(c_session);
1356 if (psk_key == NULL || psk_identity == NULL) {
1357 ret = MBEDTLS_ERR_SSL_ALLOC_FAILED;
1358 goto fail;
1359 }
1360
1361 if ((ret = mbedtls_ssl_conf_psk(&m_env->conf, psk_key->s,
1362 psk_key->length, psk_identity->s,
1363 psk_identity->length)) != 0) {
1364 coap_log_err("mbedtls_ssl_conf_psk returned -0x%x: '%s'\n",
1365 -ret, get_error_string(ret));
1366 goto fail;
1367 }
1368 if (c_session->cpsk_setup_data.client_sni) {
1369 if ((ret = mbedtls_ssl_set_hostname(&m_env->ssl,
1370 c_session->cpsk_setup_data.client_sni)) != 0) {
1371 coap_log_err("mbedtls_ssl_set_hostname returned -0x%x: '%s'\n",
1372 -ret, get_error_string(ret));
1373 goto fail;
1374 }
1375 }
1376 /* Identity Hint currently not supported in Mbed TLS so code removed */
1377
1378#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1379 if (c_session->cpsk_setup_data.ec_jpake) {
1380 m_env->ec_jpake = 1;
1381 set_ciphersuites(&m_env->conf, COAP_ENC_ECJPAKE);
1382#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1383 mbedtls_ssl_conf_max_tls_version(&m_env->conf, MBEDTLS_SSL_VERSION_TLS1_2);
1384#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1385 } else {
1386 set_ciphersuites(&m_env->conf, COAP_ENC_PSK);
1387 }
1388#else /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1389 set_ciphersuites(&m_env->conf, COAP_ENC_PSK);
1390#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1391#else /* MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1392 coap_log_warn("PSK not enabled in Mbed TLS library\n");
1393#endif /* ! MBEDTLS_KEY_EXCHANGE__SOME__PSK_ENABLED */
1394 } else if ((m_context->psk_pki_enabled & IS_PKI) ||
1395 (m_context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
1396 /*
1397 * If neither PSK or PKI have been set up, use PKI basics.
1398 * This works providing COAP_PKI_KEY_PEM has a value of 0.
1399 */
1400 coap_dtls_pki_t *setup_data = &m_context->setup_data;
1401
1402 if (!(m_context->psk_pki_enabled & IS_PKI)) {
1403 /* PKI not defined - set up some defaults */
1404 setup_data->verify_peer_cert = 1;
1405 setup_data->check_common_ca = 0;
1406 setup_data->allow_self_signed = 1;
1407 setup_data->allow_expired_certs = 1;
1408 setup_data->cert_chain_validation = 1;
1409 setup_data->cert_chain_verify_depth = 2;
1410 setup_data->check_cert_revocation = 1;
1411 setup_data->allow_no_crl = 1;
1412 setup_data->allow_expired_crl = 1;
1413 setup_data->is_rpk_not_cert = 0;
1414 setup_data->use_cid = 0;
1415 }
1416 mbedtls_ssl_conf_authmode(&m_env->conf, MBEDTLS_SSL_VERIFY_OPTIONAL);
1417 ret = setup_pki_credentials(&m_env->cacert, &m_env->public_cert,
1418 &m_env->private_key, m_env, m_context,
1419 c_session, setup_data,
1420 COAP_DTLS_ROLE_CLIENT);
1421 if (ret < 0) {
1422 coap_log_err("PKI setup failed\n");
1423 return ret;
1424 }
1425#if defined(MBEDTLS_SSL_SRV_C) && defined(MBEDTLS_SSL_ALPN)
1426 if (c_session->proto == COAP_PROTO_TLS ||
1427 c_session->proto == COAP_PROTO_WSS) {
1428 static const char *alpn_list[] = { "coap", NULL };
1429
1430 ret = mbedtls_ssl_conf_alpn_protocols(&m_env->conf, alpn_list);
1431 if (ret != 0) {
1432 coap_log_err("ALPN setup failed %d)\n", ret);
1433 }
1434 }
1435#endif /* MBEDTLS_SSL_SRV_C && MBEDTLS_SSL_ALPN */
1436 if (m_context->setup_data.client_sni) {
1437 mbedtls_ssl_set_hostname(&m_env->ssl, m_context->setup_data.client_sni);
1438 }
1439#if defined(MBEDTLS_SSL_PROTO_DTLS)
1440#if MBEDTLS_VERSION_NUMBER >= 0x02100100
1441 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
1442#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
1443#endif /* MBEDTLS_SSL_PROTO_DTLS */
1444 set_ciphersuites(&m_env->conf, COAP_ENC_PKI);
1445 }
1446 return 0;
1447
1448fail:
1449 return ret;
1450}
1451#endif /* COAP_CLIENT_SUPPORT */
1452
1453static void
1454mbedtls_cleanup(coap_mbedtls_env_t *m_env) {
1455 if (!m_env) {
1456 return;
1457 }
1458
1459 mbedtls_x509_crt_free(&m_env->cacert);
1460 mbedtls_x509_crt_free(&m_env->public_cert);
1461 mbedtls_pk_free(&m_env->private_key);
1462 mbedtls_entropy_free(&m_env->entropy);
1463 mbedtls_ssl_config_free(&m_env->conf);
1464 mbedtls_ctr_drbg_free(&m_env->ctr_drbg);
1465 mbedtls_ssl_free(&m_env->ssl);
1466 mbedtls_ssl_cookie_free(&m_env->cookie_ctx);
1467}
1468
1469static void
1470coap_dtls_free_mbedtls_env(coap_mbedtls_env_t *m_env) {
1471 if (m_env) {
1472 if (!m_env->sent_alert)
1473 mbedtls_ssl_close_notify(&m_env->ssl);
1474 mbedtls_cleanup(m_env);
1475 mbedtls_free(m_env);
1476 }
1477}
1478
1479#if COAP_MAX_LOGGING_LEVEL > 0
1480static const char *
1481report_mbedtls_alert(unsigned char alert) {
1482 switch (alert) {
1483 case MBEDTLS_SSL_ALERT_MSG_BAD_RECORD_MAC:
1484 return ": Bad Record MAC";
1485 case MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE:
1486 return ": Handshake failure";
1487 case MBEDTLS_SSL_ALERT_MSG_NO_CERT:
1488 return ": No Certificate provided";
1489 case MBEDTLS_SSL_ALERT_MSG_BAD_CERT:
1490 return ": Certificate is bad";
1491 case MBEDTLS_SSL_ALERT_MSG_CERT_UNKNOWN:
1492 return ": Certificate is unknown";
1493 case MBEDTLS_SSL_ALERT_MSG_UNKNOWN_CA:
1494 return ": CA is unknown";
1495 case MBEDTLS_SSL_ALERT_MSG_ACCESS_DENIED:
1496 return ": Access was denied";
1497 case MBEDTLS_SSL_ALERT_MSG_DECRYPT_ERROR:
1498 return ": Decrypt error";
1499 default:
1500 return "";
1501 }
1502}
1503#endif /* COAP_MAX_LOGGING_LEVEL */
1504
1505/*
1506 * return -1 failure
1507 * 0 not completed
1508 * 1 established
1509 */
1510static int
1511do_mbedtls_handshake(coap_session_t *c_session,
1512 coap_mbedtls_env_t *m_env) {
1513 int ret;
1514 int alert;
1515
1516 ret = mbedtls_ssl_handshake(&m_env->ssl);
1517 switch (ret) {
1518 case 0:
1519 m_env->established = 1;
1520 coap_log_debug("* %s: Mbed TLS established\n",
1521 coap_session_str(c_session));
1522 ret = 1;
1523#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1524#if COAP_CLIENT_SUPPORT
1525 if (c_session->type == COAP_SESSION_TYPE_CLIENT &&
1526 c_session->proto == COAP_PROTO_DTLS) {
1527 coap_mbedtls_context_t *m_context;
1528
1529 m_context = (coap_mbedtls_context_t *)c_session->context->dtls_context;
1530 if ((m_context->psk_pki_enabled & IS_PSK && c_session->cpsk_setup_data.use_cid) ||
1531 m_context->setup_data.use_cid) {
1532 unsigned char peer_cid[MBEDTLS_SSL_CID_OUT_LEN_MAX];
1533 int enabled;
1534 size_t peer_cid_len;
1535
1536 /* See whether CID was negotiated */
1537 if (mbedtls_ssl_get_peer_cid(&m_env->ssl, &enabled, peer_cid, &peer_cid_len) == 0 &&
1538 enabled == MBEDTLS_SSL_CID_ENABLED) {
1539 c_session->negotiated_cid = 1;
1540 } else {
1541 coap_log_info("** %s: CID was not negotiated\n", coap_session_str(c_session));
1542 c_session->negotiated_cid = 0;
1543 }
1544 }
1545 }
1546#endif /* COAP_CLIENT_SUPPORT */
1547#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
1548 break;
1549 case MBEDTLS_ERR_SSL_WANT_READ:
1550 case MBEDTLS_ERR_SSL_WANT_WRITE:
1551 if (m_env->ssl.state == MBEDTLS_SSL_SERVER_HELLO
1552#if MBEDTLS_VERSION_NUMBER >= 0x03030000
1553 || m_env->ssl.state == MBEDTLS_SSL_NEW_SESSION_TICKET
1554#endif /* MBEDTLS_VERSION_NUMBER >= 0x03030000 */
1555 ) {
1556 if (++m_env->server_hello_cnt > 10) {
1557 /* retried this too many times */
1558 goto fail;
1559 }
1560 }
1561 errno = EAGAIN;
1562 ret = 0;
1563 break;
1564 case MBEDTLS_ERR_SSL_HELLO_VERIFY_REQUIRED:
1565 coap_log_debug("hello verification requested\n");
1566 goto reset;
1567 case MBEDTLS_ERR_SSL_INVALID_MAC:
1568 goto fail;
1569#ifdef MBEDTLS_2_X_COMPAT
1570 case MBEDTLS_ERR_SSL_UNKNOWN_CIPHER:
1571#else /* ! MBEDTLS_2_X_COMPAT */
1572 case MBEDTLS_ERR_SSL_DECODE_ERROR:
1573#endif /* ! MBEDTLS_2_X_COMPAT */
1574 goto fail;
1575 case MBEDTLS_ERR_SSL_NO_CLIENT_CERTIFICATE:
1576 alert = MBEDTLS_SSL_ALERT_MSG_NO_CERT;
1577 goto fail_alert;
1578#ifdef MBEDTLS_2_X_COMPAT
1579 case MBEDTLS_ERR_SSL_BAD_HS_CLIENT_HELLO:
1580 case MBEDTLS_ERR_SSL_BAD_HS_SERVER_HELLO:
1581 alert = MBEDTLS_SSL_ALERT_MSG_HANDSHAKE_FAILURE;
1582 goto fail_alert;
1583#endif /* MBEDTLS_2_X_COMPAT */
1584 case MBEDTLS_ERR_X509_CERT_VERIFY_FAILED:
1585 goto fail;
1586 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
1587 if (m_env->ssl.in_msg[1] != MBEDTLS_SSL_ALERT_MSG_CLOSE_NOTIFY)
1588 coap_log_warn("***%s: Alert '%d'%s\n",
1589 coap_session_str(c_session), m_env->ssl.in_msg[1],
1590 report_mbedtls_alert(m_env->ssl.in_msg[1]));
1591 /* Fall through */
1592 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
1593 case MBEDTLS_ERR_SSL_CONN_EOF:
1594 case MBEDTLS_ERR_NET_CONN_RESET:
1595 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
1596 ret = -1;
1597 break;
1598 default:
1599 coap_log_warn("do_mbedtls_handshake: session establish "
1600 "returned -0x%x: '%s'\n",
1601 -ret, get_error_string(ret));
1602 ret = -1;
1603 break;
1604 }
1605 return ret;
1606
1607fail_alert:
1608 mbedtls_ssl_send_alert_message(&m_env->ssl,
1609 MBEDTLS_SSL_ALERT_LEVEL_FATAL,
1610 alert);
1611 m_env->sent_alert = 1;
1612fail:
1613 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
1614 coap_log_warn("do_mbedtls_handshake: session establish "
1615 "returned '%s'\n",
1616 get_error_string(ret));
1617reset:
1618 mbedtls_ssl_session_reset(&m_env->ssl);
1619#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1620 if (m_env->ec_jpake) {
1621 const coap_bin_const_t *psk_key;
1622
1623#if COAP_CLIENT_SUPPORT && COAP_SERVER_SUPPORT
1624 if (c_session->type == COAP_SESSION_TYPE_CLIENT) {
1625 psk_key = coap_get_session_client_psk_key(c_session);
1626 } else {
1627 psk_key = coap_get_session_server_psk_key(c_session);
1628 }
1629#elif COAP_CLIENT_SUPPORT
1630 psk_key = coap_get_session_client_psk_key(c_session);
1631#else /* COAP_SERVER_SUPPORT */
1632 psk_key = coap_get_session_server_psk_key(c_session);
1633#endif /* COAP_SERVER_SUPPORT */
1634 if (psk_key) {
1635 mbedtls_ssl_set_hs_ecjpake_password(&m_env->ssl, psk_key->s, psk_key->length);
1636 }
1637 }
1638#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1639 return -1;
1640}
1641
1642static void
1643mbedtls_debug_out(void *ctx COAP_UNUSED, int level,
1644 const char *file COAP_UNUSED,
1645 int line COAP_UNUSED, const char *str) {
1646
1647 coap_log_t coap_level = COAP_LOG_DEBUG;
1648 /*
1649 * 0 No debug
1650 * 1 Error
1651 * 2 State change
1652 * 3 Informational
1653 * 4 Verbose
1654 */
1655 switch (level) {
1656 case 0:
1657 coap_level = COAP_LOG_EMERG;
1658 break;
1659 case 1:
1660 coap_level = COAP_LOG_WARN;
1661 break;
1662 case 2:
1663 coap_level = COAP_LOG_NOTICE;
1664 break;
1665 case 3:
1666 coap_level = COAP_LOG_INFO;
1667 break;
1668 case 4:
1669 default:
1670 coap_level = COAP_LOG_DEBUG;
1671 break;
1672 }
1673 coap_dtls_log(coap_level, "%s", str);
1674}
1675
1676#if !COAP_DISABLE_TCP
1677/*
1678 * strm
1679 * return +ve data amount
1680 * 0 no more
1681 * -ve Mbed TLS error
1682 */
1683static int
1684coap_sock_read(void *ctx, unsigned char *out, size_t outl) {
1685 int ret = MBEDTLS_ERR_SSL_CONN_EOF;
1686 coap_session_t *c_session = (coap_session_t *)ctx;
1687
1688 if (out != NULL) {
1689 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_read(c_session, out, outl);
1690 /* Translate layer returns into what MbedTLS expects */
1691 if (ret == -1) {
1692 if (errno == ECONNRESET) {
1693 /* graceful shutdown */
1694 ret = MBEDTLS_ERR_SSL_CONN_EOF;
1695 } else {
1696 ret = MBEDTLS_ERR_NET_RECV_FAILED;
1697 }
1698 } else if (ret == 0) {
1699 errno = EAGAIN;
1700 ret = MBEDTLS_ERR_SSL_WANT_READ;
1701 }
1702 }
1703 return ret;
1704}
1705
1706/*
1707 * strm
1708 * return +ve data amount
1709 * 0 no more
1710 * -ve Mbed TLS error
1711 */
1712static int
1713coap_sock_write(void *context, const unsigned char *in, size_t inl) {
1714 int ret = 0;
1715 coap_session_t *c_session = (coap_session_t *)context;
1716
1717 ret = c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
1718 (const uint8_t *)in,
1719 inl);
1720 /* Translate layer what returns into what MbedTLS expects */
1721 if (ret < 0) {
1722 if ((c_session->state == COAP_SESSION_STATE_CSM ||
1723 c_session->state == COAP_SESSION_STATE_HANDSHAKE) &&
1724 (errno == EPIPE || errno == ECONNRESET)) {
1725 /*
1726 * Need to handle a TCP timing window where an agent continues with
1727 * the sending of the next handshake or a CSM.
1728 * However, the peer does not like a certificate and so sends a
1729 * fatal alert and closes the TCP session.
1730 * The sending of the next handshake or CSM may get terminated because
1731 * of the closed TCP session, but there is still an outstanding alert
1732 * to be read in and reported on.
1733 * In this case, pretend that sending the info was fine so that the
1734 * alert can be read (which effectively is what happens with DTLS).
1735 */
1736 ret = inl;
1737 } else {
1738#ifdef _WIN32
1739 int lasterror = WSAGetLastError();
1740
1741 if (lasterror == WSAEWOULDBLOCK) {
1742 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
1743 } else if (lasterror == WSAECONNRESET) {
1744 ret = MBEDTLS_ERR_NET_CONN_RESET;
1745 }
1746#else
1747 if (errno == EAGAIN || errno == EINTR) {
1748 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
1749 } else if (errno == EPIPE || errno == ECONNRESET) {
1750 ret = MBEDTLS_ERR_NET_CONN_RESET;
1751 }
1752#endif
1753 else {
1754 ret = MBEDTLS_ERR_NET_SEND_FAILED;
1755 }
1756 coap_log_debug("* %s: failed to send %zd bytes (%s) state %d\n",
1757 coap_session_str(c_session), inl, coap_socket_strerror(),
1758 c_session->state);
1759 }
1760 }
1761 if (ret == 0) {
1762 errno = EAGAIN;
1763 ret = MBEDTLS_ERR_SSL_WANT_WRITE;
1764 }
1765 return ret;
1766}
1767#endif /* !COAP_DISABLE_TCP */
1768
1769static coap_mbedtls_env_t *
1770coap_dtls_new_mbedtls_env(coap_session_t *c_session,
1771 coap_dtls_role_t role,
1772 coap_proto_t proto) {
1773 int ret = 0;
1774 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
1775
1776 if (m_env)
1777 return m_env;
1778
1779 m_env = (coap_mbedtls_env_t *)mbedtls_malloc(sizeof(coap_mbedtls_env_t));
1780 if (!m_env) {
1781 return NULL;
1782 }
1783 memset(m_env, 0, sizeof(coap_mbedtls_env_t));
1784
1785 mbedtls_ssl_init(&m_env->ssl);
1786 mbedtls_ctr_drbg_init(&m_env->ctr_drbg);
1787 mbedtls_ssl_config_init(&m_env->conf);
1788 mbedtls_entropy_init(&m_env->entropy);
1789
1790#if defined(MBEDTLS_PSA_CRYPTO_C)
1791 psa_crypto_init();
1792#endif /* MBEDTLS_PSA_CRYPTO_C */
1793
1794#if defined(ESPIDF_VERSION) && defined(CONFIG_MBEDTLS_DEBUG)
1795 mbedtls_esp_enable_debug_log(&m_env->conf, CONFIG_MBEDTLS_DEBUG_LEVEL);
1796#endif /* ESPIDF_VERSION && CONFIG_MBEDTLS_DEBUG */
1797 if ((ret = mbedtls_ctr_drbg_seed(&m_env->ctr_drbg,
1798 mbedtls_entropy_func, &m_env->entropy, NULL, 0)) != 0) {
1799 if (ret != MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED) {
1800 coap_log_info("mbedtls_ctr_drbg_seed returned -0x%x: '%s'\n",
1801 -ret, get_error_string(ret));
1802 goto fail;
1803 }
1804 coap_log_err("mbedtls_ctr_drbg_seed returned -0x%x: '%s'\n",
1805 -ret, get_error_string(ret));
1806 }
1807
1808 if (role == COAP_DTLS_ROLE_CLIENT) {
1809#if COAP_CLIENT_SUPPORT
1810 if (setup_client_ssl_session(c_session, m_env) != 0) {
1811 goto fail;
1812 }
1813#else /* !COAP_CLIENT_SUPPORT */
1814 goto fail;
1815#endif /* !COAP_CLIENT_SUPPORT */
1816 } else if (role == COAP_DTLS_ROLE_SERVER) {
1817#if defined(MBEDTLS_SSL_SRV_C)
1818 if (setup_server_ssl_session(c_session, m_env) != 0) {
1819 goto fail;
1820 }
1821#else /* ! MBEDTLS_SSL_SRV_C */
1822 goto fail;
1823#endif /* ! MBEDTLS_SSL_SRV_C */
1824 } else {
1825 goto fail;
1826 }
1827
1828#if MBEDTLS_VERSION_NUMBER >= 0x03020000
1829 mbedtls_ssl_conf_min_tls_version(&m_env->conf, MBEDTLS_SSL_VERSION_TLS1_2);
1830#else
1831 mbedtls_ssl_conf_min_version(&m_env->conf, MBEDTLS_SSL_MAJOR_VERSION_3,
1832 MBEDTLS_SSL_MINOR_VERSION_3);
1833#endif /* MBEDTLS_VERSION_NUMBER >= 0x03020000 */
1834
1835 if (mbedtls_ssl_setup(&m_env->ssl, &m_env->conf) != 0) {
1836 goto fail;
1837 }
1838 if (proto == COAP_PROTO_DTLS) {
1839 mbedtls_ssl_set_bio(&m_env->ssl, c_session, coap_dgram_write,
1840 coap_dgram_read, NULL);
1841#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1842 if (COAP_PROTO_NOT_RELIABLE(c_session->proto)) {
1843 if (role == COAP_DTLS_ROLE_CLIENT) {
1844#if COAP_CLIENT_SUPPORT
1845 coap_mbedtls_context_t *m_context =
1846 (coap_mbedtls_context_t *)c_session->context->dtls_context;
1847
1848 if ((m_context->psk_pki_enabled & IS_PSK && c_session->cpsk_setup_data.use_cid) ||
1849 m_context->setup_data.use_cid) {
1850 /*
1851 * Enable passive DTLS CID support.
1852 *
1853 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
1854 * to use RFC9146 extension ID of 54, rather than the draft version -05
1855 * value of 254.
1856 */
1857 mbedtls_ssl_set_cid(&m_env->ssl, MBEDTLS_SSL_CID_ENABLED, NULL, 0);
1858 }
1859#endif /* COAP_CLIENT_SUPPORT */
1860 } else {
1861#if COAP_SERVER_SUPPORT
1862 uint8_t cid[COAP_DTLS_CID_LENGTH];
1863 /*
1864 * Enable server DTLS CID support.
1865 *
1866 * Note: Set MBEDTLS_SSL_DTLS_CONNECTION_ID_COMPAT to 0 (the default)
1867 * to use RFC9146 extension ID of 54, rather than the draft version -05
1868 * value of 254.
1869 */
1870 coap_prng_lkd(cid, sizeof(cid));
1871 mbedtls_ssl_set_cid(&m_env->ssl, MBEDTLS_SSL_CID_ENABLED, cid,
1872 sizeof(cid));
1873 c_session->client_cid = coap_new_bin_const(cid, sizeof(cid));
1874#endif /* COAP_SERVER_SUPPORT */
1875 }
1876 }
1877#endif /* MBEDTLS_SSL_DTLS_CONNECTION_ID */
1878 }
1879#if !COAP_DISABLE_TCP
1880 else {
1881 assert(proto == COAP_PROTO_TLS);
1882 mbedtls_ssl_set_bio(&m_env->ssl, c_session, coap_sock_write,
1883 coap_sock_read, NULL);
1884 }
1885#endif /* ! COAP_DISABLE_TCP */
1886#ifdef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
1887 coap_mbedtls_context_t *m_context =
1888 ((coap_mbedtls_context_t *)c_session->context->dtls_context);
1889 if ((m_context->psk_pki_enabled & IS_PSK) &&
1890 m_env->ec_jpake) {
1891 const coap_bin_const_t *psk_key;
1892
1893#if COAP_CLIENT_SUPPORT && COAP_SERVER_SUPPORT
1894 if (role == COAP_DTLS_ROLE_CLIENT) {
1895 psk_key = coap_get_session_client_psk_key(c_session);
1896 } else {
1897 psk_key = coap_get_session_server_psk_key(c_session);
1898 }
1899#elif COAP_CLIENT_SUPPORT
1900 psk_key = coap_get_session_client_psk_key(c_session);
1901#else /* COAP_SERVER_SUPPORT */
1902 psk_key = coap_get_session_server_psk_key(c_session);
1903#endif /* COAP_SERVER_SUPPORT */
1904 mbedtls_ssl_set_hs_ecjpake_password(&m_env->ssl, psk_key->s, psk_key->length);
1905 }
1906#endif /* MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
1907 mbedtls_ssl_set_timer_cb(&m_env->ssl, &m_env->timer,
1908 mbedtls_timing_set_delay,
1909 mbedtls_timing_get_delay);
1910
1911 mbedtls_ssl_conf_dbg(&m_env->conf, mbedtls_debug_out, stdout);
1912 return m_env;
1913
1914fail:
1915 if (m_env) {
1916 mbedtls_free(m_env);
1917 }
1918 return NULL;
1919}
1920
1921int
1922coap_dtls_is_supported(void) {
1923#if defined(MBEDTLS_SSL_PROTO_DTLS)
1924 return 1;
1925#else /* !MBEDTLS_SSL_PROTO_DTLS */
1926 static int reported = 0;
1927 if (!reported) {
1928 reported = 1;
1929 coap_log_emerg("libcoap not compiled for DTLS with Mbed TLS"
1930 " - update Mbed TLS to include DTLS\n");
1931 }
1932 return 0;
1933#endif /* !MBEDTLS_SSL_PROTO_DTLS */
1934}
1935
1936int
1937coap_tls_is_supported(void) {
1938#if !COAP_DISABLE_TCP
1939 return 1;
1940#else /* COAP_DISABLE_TCP */
1941 return 0;
1942#endif /* COAP_DISABLE_TCP */
1943}
1944
1945/*
1946 * return 0 failed
1947 * 1 passed
1948 */
1949int
1950coap_dtls_psk_is_supported(void) {
1951 return 1;
1952}
1953
1954/*
1955 * return 0 failed
1956 * 1 passed
1957 */
1958int
1959coap_dtls_pki_is_supported(void) {
1960 return 1;
1961}
1962
1963/*
1964 * return 0 failed
1965 * 1 passed
1966 */
1967int
1968coap_dtls_pkcs11_is_supported(void) {
1969 return 0;
1970}
1971
1972/*
1973 * return 0 failed
1974 * 1 passed
1975 */
1976int
1977coap_dtls_rpk_is_supported(void) {
1978 return 0;
1979}
1980
1981/*
1982 * return 0 failed
1983 * 1 passed
1984 */
1985int
1986coap_dtls_cid_is_supported(void) {
1987#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1988 return 1;
1989#else /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
1990 return 0;
1991#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
1992}
1993
1994#if COAP_CLIENT_SUPPORT
1995int
1996coap_dtls_set_cid_tuple_change(coap_context_t *c_context, uint8_t every) {
1997#ifdef MBEDTLS_SSL_DTLS_CONNECTION_ID
1998 c_context->testing_cids = every;
1999 return 1;
2000#else /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2001 (void)c_context;
2002 (void)every;
2003 return 0;
2004#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2005}
2006#endif /* COAP_CLIENT_SUPPORT */
2007
2008void *
2009coap_dtls_new_context(coap_context_t *c_context) {
2010 coap_mbedtls_context_t *m_context;
2011 (void)c_context;
2012
2013 m_context = (coap_mbedtls_context_t *)mbedtls_malloc(sizeof(coap_mbedtls_context_t));
2014 if (m_context) {
2015 memset(m_context, 0, sizeof(coap_mbedtls_context_t));
2016 }
2017 return m_context;
2018}
2019
2020#if COAP_SERVER_SUPPORT
2021/*
2022 * return 0 failed
2023 * 1 passed
2024 */
2025int
2026coap_dtls_context_set_spsk(coap_context_t *c_context,
2027 coap_dtls_spsk_t *setup_data
2028 ) {
2029 coap_mbedtls_context_t *m_context =
2030 ((coap_mbedtls_context_t *)c_context->dtls_context);
2031
2032#if !defined(MBEDTLS_SSL_SRV_C)
2033 coap_log_emerg("coap_context_set_spsk:"
2034 " libcoap not compiled for Server Mode for Mbed TLS"
2035 " - update Mbed TLS to include Server Mode\n");
2036 return 0;
2037#endif /* !MBEDTLS_SSL_SRV_C */
2038 if (!m_context || !setup_data)
2039 return 0;
2040
2041 if (setup_data->ec_jpake) {
2042#ifndef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2043 coap_log_warn("Mbed TLS not compiled for EC-JPAKE support\n");
2044#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2045 }
2046 m_context->psk_pki_enabled |= IS_PSK;
2047 return 1;
2048}
2049#endif /* COAP_SERVER_SUPPORT */
2050
2051#if COAP_CLIENT_SUPPORT
2052/*
2053 * return 0 failed
2054 * 1 passed
2055 */
2056int
2057coap_dtls_context_set_cpsk(coap_context_t *c_context,
2058 coap_dtls_cpsk_t *setup_data
2059 ) {
2060#if !defined(MBEDTLS_SSL_CLI_C)
2061 (void)c_context;
2062 (void)setup_data;
2063
2064 coap_log_emerg("coap_context_set_cpsk:"
2065 " libcoap not compiled for Client Mode for Mbed TLS"
2066 " - update Mbed TLS to include Client Mode\n");
2067 return 0;
2068#else /* MBEDTLS_SSL_CLI_C */
2069 coap_mbedtls_context_t *m_context =
2070 ((coap_mbedtls_context_t *)c_context->dtls_context);
2071
2072 if (!m_context || !setup_data)
2073 return 0;
2074
2075 if (setup_data->validate_ih_call_back) {
2076 coap_log_warn("CoAP Client with Mbed TLS does not support Identity Hint selection\n");
2077 }
2078 if (setup_data->ec_jpake) {
2079#ifndef MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
2080 coap_log_warn("Mbed TLS not compiled for EC-JPAKE support\n");
2081#endif /* ! MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED */
2082 }
2083 if (setup_data->use_cid) {
2084#ifndef MBEDTLS_SSL_DTLS_CONNECTION_ID
2085 coap_log_warn("Mbed TLS not compiled for Connection-ID support\n");
2086#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2087 }
2088 m_context->psk_pki_enabled |= IS_PSK;
2089 return 1;
2090#endif /* MBEDTLS_SSL_CLI_C */
2091}
2092#endif /* COAP_CLIENT_SUPPORT */
2093
2094int
2095coap_dtls_context_set_pki(coap_context_t *c_context,
2096 const coap_dtls_pki_t *setup_data,
2097 const coap_dtls_role_t role COAP_UNUSED) {
2098 coap_mbedtls_context_t *m_context =
2099 ((coap_mbedtls_context_t *)c_context->dtls_context);
2100
2101 m_context->setup_data = *setup_data;
2102 if (!m_context->setup_data.verify_peer_cert) {
2103 /* Needs to be clear so that no CA DNs are transmitted */
2104 m_context->setup_data.check_common_ca = 0;
2105 /* Allow all of these but warn if issue */
2106 m_context->setup_data.allow_self_signed = 1;
2107 m_context->setup_data.allow_expired_certs = 1;
2108 m_context->setup_data.cert_chain_validation = 1;
2109 m_context->setup_data.cert_chain_verify_depth = 10;
2110 m_context->setup_data.check_cert_revocation = 1;
2111 m_context->setup_data.allow_no_crl = 1;
2112 m_context->setup_data.allow_expired_crl = 1;
2113 m_context->setup_data.allow_bad_md_hash = 1;
2114 m_context->setup_data.allow_short_rsa_length = 1;
2115 }
2116 m_context->psk_pki_enabled |= IS_PKI;
2117 if (setup_data->use_cid) {
2118#ifndef MBEDTLS_SSL_DTLS_CONNECTION_ID
2119 coap_log_warn("Mbed TLS not compiled for Connection-ID support\n");
2120#endif /* ! MBEDTLS_SSL_DTLS_CONNECTION_ID */
2121 }
2122 return 1;
2123}
2124
2125int
2126coap_dtls_context_set_pki_root_cas(coap_context_t *c_context,
2127 const char *ca_file,
2128 const char *ca_path) {
2129 coap_mbedtls_context_t *m_context =
2130 ((coap_mbedtls_context_t *)c_context->dtls_context);
2131
2132 if (!m_context) {
2133 coap_log_warn("coap_context_set_pki_root_cas: (D)TLS environment "
2134 "not set up\n");
2135 return 0;
2136 }
2137
2138 if (ca_file == NULL && ca_path == NULL) {
2139 coap_log_warn("coap_context_set_pki_root_cas: ca_file and/or ca_path "
2140 "not defined\n");
2141 return 0;
2142 }
2143 if (m_context->root_ca_file) {
2144 mbedtls_free(m_context->root_ca_file);
2145 m_context->root_ca_file = NULL;
2146 }
2147
2148 if (ca_file) {
2149 m_context->root_ca_file = mbedtls_strdup(ca_file);
2150 }
2151
2152 if (m_context->root_ca_path) {
2153 mbedtls_free(m_context->root_ca_path);
2154 m_context->root_ca_path = NULL;
2155 }
2156
2157 if (ca_path) {
2158 m_context->root_ca_path = mbedtls_strdup(ca_path);
2159 }
2160 return 1;
2161}
2162
2163/*
2164 * return 0 failed
2165 * 1 passed
2166 */
2167int
2168coap_dtls_context_load_pki_trust_store(coap_context_t *c_context) {
2169 coap_mbedtls_context_t *m_context =
2170 ((coap_mbedtls_context_t *)c_context->dtls_context);
2171
2172 if (!m_context) {
2173 coap_log_warn("coap_context_load_pki_trust_store: (D)TLS environment "
2174 "not set up\n");
2175 return 0;
2176 }
2177 m_context->trust_store_defined = 1;
2178
2179 /* No proper support for this in MbedTLS at this point */
2180 return 1;
2181}
2182
2183
2184int
2185coap_dtls_context_check_keys_enabled(coap_context_t *c_context) {
2186 coap_mbedtls_context_t *m_context =
2187 ((coap_mbedtls_context_t *)c_context->dtls_context);
2188 return m_context->psk_pki_enabled ? 1 : 0;
2189}
2190
2191void
2192coap_dtls_free_context(void *dtls_context) {
2193 coap_mbedtls_context_t *m_context = (coap_mbedtls_context_t *)dtls_context;
2194 unsigned int i;
2195
2196 for (i = 0; i < m_context->pki_sni_count; i++) {
2197 mbedtls_free(m_context->pki_sni_entry_list[i].sni);
2198
2199 mbedtls_x509_crt_free(&m_context->pki_sni_entry_list[i].public_cert);
2200
2201 mbedtls_pk_free(&m_context->pki_sni_entry_list[i].private_key);
2202
2203 mbedtls_x509_crt_free(&m_context->pki_sni_entry_list[i].cacert);
2204 }
2205 if (m_context->pki_sni_entry_list)
2206 mbedtls_free(m_context->pki_sni_entry_list);
2207
2208 for (i = 0; i < m_context->psk_sni_count; i++) {
2209 mbedtls_free(m_context->psk_sni_entry_list[i].sni);
2210 }
2211 if (m_context->psk_sni_entry_list)
2212 mbedtls_free(m_context->psk_sni_entry_list);
2213
2214 if (m_context->root_ca_path)
2215 mbedtls_free(m_context->root_ca_path);
2216 if (m_context->root_ca_file)
2217 mbedtls_free(m_context->root_ca_file);
2218
2219 mbedtls_free(m_context);
2220}
2221
2222#if COAP_CLIENT_SUPPORT
2223void *
2224coap_dtls_new_client_session(coap_session_t *c_session) {
2225#if !defined(MBEDTLS_SSL_CLI_C)
2226 (void)c_session;
2227 coap_log_emerg("coap_dtls_new_client_session:"
2228 " libcoap not compiled for Client Mode for Mbed TLS"
2229 " - update Mbed TLS to include Client Mode\n");
2230 return NULL;
2231#else /* MBEDTLS_SSL_CLI_C */
2232 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
2233 COAP_DTLS_ROLE_CLIENT,
2234 COAP_PROTO_DTLS);
2235 int ret;
2236
2237 if (m_env) {
2238 coap_tick_t now;
2239
2240 coap_ticks(&now);
2241 m_env->last_timeout = now;
2242 ret = do_mbedtls_handshake(c_session, m_env);
2243 if (ret == -1) {
2244 coap_dtls_free_mbedtls_env(m_env);
2245 return NULL;
2246 }
2247 }
2248 return m_env;
2249#endif /* MBEDTLS_SSL_CLI_C */
2250}
2251#endif /* COAP_CLIENT_SUPPORT */
2252
2253#if COAP_SERVER_SUPPORT
2254void *
2255coap_dtls_new_server_session(coap_session_t *c_session) {
2256#if !defined(MBEDTLS_SSL_SRV_C)
2257 (void)c_session;
2258 coap_log_emerg("coap_dtls_new_server_session:"
2259 " libcoap not compiled for Server Mode for Mbed TLS"
2260 " - update Mbed TLS to include Server Mode\n");
2261 return NULL;
2262#else /* MBEDTLS_SSL_SRV_C */
2263 coap_mbedtls_env_t *m_env =
2264 (coap_mbedtls_env_t *)c_session->tls;
2265 if (m_env) {
2266#if defined(MBEDTLS_SSL_PROTO_DTLS)
2267#if MBEDTLS_VERSION_NUMBER >= 0x02100100
2268 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
2269#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
2270#endif /* MBEDTLS_SSL_PROTO_DTLS */
2271 }
2272 return m_env;
2273#endif /* MBEDTLS_SSL_SRV_C */
2274}
2275#endif /* COAP_SERVER_SUPPORT */
2276
2277void
2278coap_dtls_free_session(coap_session_t *c_session) {
2279 if (c_session && c_session->context && c_session->tls) {
2280 coap_dtls_free_mbedtls_env(c_session->tls);
2281 c_session->tls = NULL;
2282 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CLOSED, c_session);
2283 }
2284 return;
2285}
2286
2287void
2288coap_dtls_session_update_mtu(coap_session_t *c_session) {
2289#if defined(MBEDTLS_SSL_PROTO_DTLS)
2290 coap_mbedtls_env_t *m_env =
2291 (coap_mbedtls_env_t *)c_session->tls;
2292 if (m_env) {
2293#if MBEDTLS_VERSION_NUMBER >= 0x02100100
2294 mbedtls_ssl_set_mtu(&m_env->ssl, (uint16_t)c_session->mtu);
2295#endif /* MBEDTLS_VERSION_NUMBER >= 0x02100100 */
2296 }
2297#else /* ! MBEDTLS_SSL_PROTO_DTLS */
2298 (void)c_session;
2299#endif /* MBEDTLS_SSL_PROTO_DTLS */
2300}
2301
2302ssize_t
2303coap_dtls_send(coap_session_t *c_session,
2304 const uint8_t *data, size_t data_len) {
2305 int ret;
2306 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2307
2308 assert(m_env != NULL);
2309
2310 if (!m_env) {
2311 return -1;
2312 }
2313 c_session->dtls_event = -1;
2314 coap_log_debug("* %s: dtls: sent %4d bytes\n",
2315 coap_session_str(c_session), (int)data_len);
2316 if (m_env->established) {
2317 ret = mbedtls_ssl_write(&m_env->ssl, (const unsigned char *) data, data_len);
2318 if (ret <= 0) {
2319 switch (ret) {
2320 case MBEDTLS_ERR_SSL_WANT_READ:
2321 case MBEDTLS_ERR_SSL_WANT_WRITE:
2322 ret = 0;
2323 break;
2324 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2325 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2326 ret = -1;
2327 break;
2328 default:
2329 coap_log_warn("coap_dtls_send: "
2330 "returned -0x%x: '%s'\n",
2331 -ret, get_error_string(ret));
2332 ret = -1;
2333 break;
2334 }
2335 if (ret == -1) {
2336 coap_log_warn("coap_dtls_send: cannot send PDU\n");
2337 }
2338 }
2339 } else {
2340 ret = do_mbedtls_handshake(c_session, m_env);
2341 if (ret == 1) {
2342 /* Just connected, so send the data */
2343 return coap_dtls_send(c_session, data, data_len);
2344 }
2345 ret = -1;
2346 }
2347
2348 if (c_session->dtls_event >= 0) {
2349 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2350 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2351 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2352 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2353 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2354 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2355 ret = -1;
2356 }
2357 }
2358 return ret;
2359}
2360
2361int
2362coap_dtls_is_context_timeout(void) {
2363 return 0;
2364}
2365
2366coap_tick_t
2367coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED) {
2368 return 0;
2369}
2370
2371coap_tick_t
2372coap_dtls_get_timeout(coap_session_t *c_session, coap_tick_t now) {
2373 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2374 int ret = mbedtls_timing_get_delay(&m_env->timer);
2375 unsigned int scalar = 1 << m_env->retry_scalar;
2376
2377 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2378 switch (ret) {
2379 case 0:
2380 /* int_ms has not timed out */
2381 if (m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar > now) {
2382 /* Need to indicate remaining timeout time */
2383 return m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2384 }
2385 m_env->last_timeout = now;
2386 /* This may cause a minor extra delay */
2387 return now + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2388 case 1:
2389 /* int_ms has timed out, but not fin_ms */
2390 /*
2391 * Need to make sure that we do not do this too frequently
2392 */
2393 if (m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar > now) {
2394 return m_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS * scalar;
2395 }
2396
2397 /* Reset for the next time */
2398 m_env->last_timeout = now;
2399 return now;
2400 case 2:
2401 /* fin_ms has timed out - timed out - one final try */
2402 return now;
2403 default:
2404 break;
2405 }
2406
2407 return 0;
2408}
2409
2410/*
2411 * return 1 timed out
2412 * 0 still timing out
2413 */
2414int
2415coap_dtls_handle_timeout(coap_session_t *c_session) {
2416 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2417
2418 assert(m_env != NULL && c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2419 m_env->retry_scalar++;
2420 if ((++c_session->dtls_timeout_count > c_session->max_retransmit) ||
2421 (do_mbedtls_handshake(c_session, m_env) < 0)) {
2422 /* Too many retries */
2423 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2424 return 1;
2425 }
2426 return 0;
2427}
2428
2429/*
2430 * return +ve data amount
2431 * 0 no more
2432 * -1 error
2433 */
2434int
2435coap_dtls_receive(coap_session_t *c_session,
2436 const uint8_t *data,
2437 size_t data_len) {
2438 int ret = 1;
2439
2440 c_session->dtls_event = -1;
2441 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2442 coap_ssl_t *ssl_data;
2443
2444 assert(m_env != NULL);
2445
2446 ssl_data = &m_env->coap_ssl_data;
2447 if (ssl_data->pdu_len) {
2448 coap_log_err("** %s: Previous data not read %u bytes\n",
2449 coap_session_str(c_session), ssl_data->pdu_len);
2450 }
2451 ssl_data->pdu = data;
2452 ssl_data->pdu_len = (unsigned)data_len;
2453
2454 if (m_env->established) {
2455#if COAP_CONSTRAINED_STACK
2456 /* pdu can be protected by global_lock if needed */
2457 static uint8_t pdu[COAP_RXBUFFER_SIZE];
2458#else /* ! COAP_CONSTRAINED_STACK */
2459 uint8_t pdu[COAP_RXBUFFER_SIZE];
2460#endif /* ! COAP_CONSTRAINED_STACK */
2461
2462 if (c_session->state == COAP_SESSION_STATE_HANDSHAKE) {
2463 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2464 c_session);
2465 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2466 }
2467
2468 ret = mbedtls_ssl_read(&m_env->ssl, pdu, sizeof(pdu));
2469 if (ret > 0) {
2470 coap_log_debug("* %s: dtls: recv %4d bytes\n",
2471 coap_session_str(c_session), ret);
2472 ret = coap_handle_dgram(c_session->context, c_session, pdu, (size_t)ret);
2473 goto finish;
2474 }
2475 switch (ret) {
2476 case 0:
2477 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2478 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2479 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2480 break;
2481 case MBEDTLS_ERR_SSL_WANT_READ:
2482 break;
2483 default:
2484 coap_log_warn("coap_dtls_receive: "
2485 "returned -0x%x: '%s' (length %zd)\n",
2486 -ret, get_error_string(ret), data_len);
2487 break;
2488 }
2489 ret = -1;
2490 } else {
2491 ret = do_mbedtls_handshake(c_session, m_env);
2492 if (ret == 1) {
2493 /* Just connected, so send the data */
2494 coap_session_connected(c_session);
2495 } else {
2496 if (ssl_data->pdu_len) {
2497 /* Do the handshake again incase of internal timeout */
2498 ret = do_mbedtls_handshake(c_session, m_env);
2499 if (ret == 1) {
2500 /* Just connected, so send the data */
2501 coap_session_connected(c_session);
2502 }
2503 }
2504 ret = -1;
2505 }
2506 }
2507 if (c_session->dtls_event >= 0) {
2508 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2509 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2510 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2511 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2512 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2513 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2514 ssl_data = NULL;
2515 ret = -1;
2516 }
2517 }
2518finish:
2519 if (ssl_data && ssl_data->pdu_len) {
2520 /* pdu data is held on stack which will not stay there */
2521 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2522 ssl_data->pdu_len = 0;
2523 ssl_data->pdu = NULL;
2524 }
2525 return ret;
2526}
2527
2528#if COAP_SERVER_SUPPORT
2529/*
2530 * return -1 failure
2531 * 0 not completed
2532 * 1 client hello seen
2533 */
2534int
2535coap_dtls_hello(coap_session_t *c_session,
2536 const uint8_t *data,
2537 size_t data_len) {
2538#if !defined(MBEDTLS_SSL_PROTO_DTLS) || !defined(MBEDTLS_SSL_SRV_C)
2539 (void)c_session;
2540 (void)data;
2541 (void)data_len;
2542 coap_log_emerg("coap_dtls_hello:"
2543 " libcoap not compiled for DTLS or Server Mode for Mbed TLS"
2544 " - update Mbed TLS to include DTLS and Server Mode\n");
2545 return -1;
2546#else /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_SRV_C */
2547 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2548 coap_ssl_t *ssl_data;
2549 int ret;
2550
2551 if (!m_env) {
2552 m_env = coap_dtls_new_mbedtls_env(c_session, COAP_DTLS_ROLE_SERVER,
2553 COAP_PROTO_DTLS);
2554 if (m_env) {
2555 c_session->tls = m_env;
2556 } else {
2557 /* error should have already been reported */
2558 return -1;
2559 }
2560 }
2561
2562 if ((ret = mbedtls_ssl_set_client_transport_id(&m_env->ssl,
2563 (unsigned char *)&c_session->addr_info.remote,
2564 sizeof(c_session->addr_info.remote))) != 0) {
2565 coap_log_err("mbedtls_ssl_set_client_transport_id() returned -0x%x: '%s'\n",
2566 -ret, get_error_string(ret));
2567 return -1;
2568 }
2569
2570 ssl_data = &m_env->coap_ssl_data;
2571 if (ssl_data->pdu_len) {
2572 coap_log_err("** %s: Previous data not read %u bytes\n",
2573 coap_session_str(c_session), ssl_data->pdu_len);
2574 }
2575 ssl_data->pdu = data;
2576 ssl_data->pdu_len = (unsigned)data_len;
2577
2578 ret = do_mbedtls_handshake(c_session, m_env);
2579 if (ret == 0 || m_env->seen_client_hello) {
2580 /* The test for seen_client_hello gives the ability to setup a new
2581 c_session to continue the do_mbedtls_handshake past the client hello
2582 and safely allow updating of the m_env and separately
2583 letting a new session cleanly start up.
2584 */
2585 m_env->seen_client_hello = 0;
2586 ret = 1;
2587 } else {
2588 ret = 0;
2589 }
2590
2591 if (ssl_data->pdu_len) {
2592 /* pdu data is held on stack which will not stay there */
2593 coap_log_debug("coap_dtls_hello: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2594 ssl_data->pdu_len = 0;
2595 ssl_data->pdu = NULL;
2596 }
2597 return ret;
2598#endif /* MBEDTLS_SSL_PROTO_DTLS && MBEDTLS_SSL_SRV_C */
2599}
2600#endif /* COAP_SERVER_SUPPORT */
2601
2602unsigned int
2603coap_dtls_get_overhead(coap_session_t *c_session) {
2604 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2605 int expansion = mbedtls_ssl_get_record_expansion(&m_env->ssl);
2606
2607 if (expansion == MBEDTLS_ERR_SSL_FEATURE_UNAVAILABLE) {
2608 return 13 + 8 + 8;
2609 }
2610 return expansion;
2611}
2612
2613#if !COAP_DISABLE_TCP
2614#if COAP_CLIENT_SUPPORT
2615void *
2616coap_tls_new_client_session(coap_session_t *c_session) {
2617#if !defined(MBEDTLS_SSL_CLI_C)
2618 (void)c_session;
2619 *connected = 0;
2620 coap_log_emerg("coap_tls_new_client_session:"
2621 " libcoap not compiled for Client Mode for Mbed TLS"
2622 " - update Mbed TLS to include Client Mode\n");
2623 return NULL;
2624#else /* MBEDTLS_SSL_CLI_C */
2625 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
2626 COAP_DTLS_ROLE_CLIENT,
2627 COAP_PROTO_TLS);
2628 int ret;
2629 coap_tick_t now;
2630 coap_ticks(&now);
2631
2632 if (!m_env)
2633 return NULL;
2634
2635 m_env->last_timeout = now;
2636 c_session->tls = m_env;
2637 ret = do_mbedtls_handshake(c_session, m_env);
2638 if (ret == 1) {
2639 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED, c_session);
2640 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2641 }
2642 return m_env;
2643#endif /* MBEDTLS_SSL_CLI_C */
2644}
2645#endif /* COAP_CLIENT_SUPPORT */
2646
2647#if COAP_SERVER_SUPPORT
2648void *
2649coap_tls_new_server_session(coap_session_t *c_session) {
2650#if !defined(MBEDTLS_SSL_SRV_C)
2651 (void)c_session;
2652 (void)connected;
2653
2654 coap_log_emerg("coap_tls_new_server_session:"
2655 " libcoap not compiled for Server Mode for Mbed TLS"
2656 " - update Mbed TLS to include Server Mode\n");
2657 return NULL;
2658#else /* MBEDTLS_SSL_SRV_C */
2659 coap_mbedtls_env_t *m_env = coap_dtls_new_mbedtls_env(c_session,
2660 COAP_DTLS_ROLE_SERVER,
2661 COAP_PROTO_TLS);
2662 int ret;
2663
2664 if (!m_env)
2665 return NULL;
2666
2667 c_session->tls = m_env;
2668 ret = do_mbedtls_handshake(c_session, m_env);
2669 if (ret == 1) {
2670 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED, c_session);
2671 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2672 }
2673 return m_env;
2674#endif /* MBEDTLS_SSL_SRV_C */
2675}
2676#endif /* COAP_SERVER_SUPPORT */
2677
2678void
2679coap_tls_free_session(coap_session_t *c_session) {
2680 coap_dtls_free_session(c_session);
2681 return;
2682}
2683
2684/*
2685 * strm
2686 * return +ve Number of bytes written.
2687 * -1 Error (error in errno).
2688 */
2689ssize_t
2690coap_tls_write(coap_session_t *c_session, const uint8_t *data,
2691 size_t data_len) {
2692 int ret = 0;
2693 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2694 size_t amount_sent = 0;
2695
2696 assert(m_env != NULL);
2697
2698 if (!m_env) {
2699 errno = ENXIO;
2700 return -1;
2701 }
2702 c_session->dtls_event = -1;
2703 if (m_env->established) {
2704 while (amount_sent < data_len) {
2705 ret = mbedtls_ssl_write(&m_env->ssl, &data[amount_sent],
2706 data_len - amount_sent);
2707 if (ret <= 0) {
2708 switch (ret) {
2709 case MBEDTLS_ERR_SSL_WANT_READ:
2710 case MBEDTLS_ERR_SSL_WANT_WRITE:
2711 if (amount_sent)
2712 ret = amount_sent;
2713 else
2714 ret = 0;
2715 c_session->sock.flags |= COAP_SOCKET_WANT_WRITE;
2716 break;
2717 case MBEDTLS_ERR_NET_CONN_RESET:
2718 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2719 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2720 break;
2721 default:
2722 coap_log_warn("coap_tls_write: "
2723 "returned -0x%x: '%s'\n",
2724 -ret, get_error_string(ret));
2725 ret = -1;
2726 break;
2727 }
2728 if (ret == -1) {
2729 coap_log_warn("coap_tls_write: cannot send PDU\n");
2730 }
2731 break;
2732 }
2733 amount_sent += ret;
2734 }
2735 } else {
2736 ret = do_mbedtls_handshake(c_session, m_env);
2737 if (ret == 1) {
2738 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2739 c_session);
2740 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2741 } else {
2742 ret = -1;
2743 }
2744 }
2745
2746 if (c_session->dtls_event >= 0) {
2747 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2748 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2749 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2750 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2751 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2752 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2753 ret = -1;
2754 }
2755 }
2756 if (ret > 0) {
2757 if (ret == (ssize_t)data_len)
2758 coap_log_debug("* %s: tls: sent %4d bytes\n",
2759 coap_session_str(c_session), ret);
2760 else
2761 coap_log_debug("* %s: tls: sent %4d of %4zd bytes\n",
2762 coap_session_str(c_session), ret, data_len);
2763 }
2764 return ret;
2765}
2766
2767/*
2768 * strm
2769 * return >=0 Number of bytes read.
2770 * -1 Error (error in errno).
2771 */
2772ssize_t
2773coap_tls_read(coap_session_t *c_session, uint8_t *data, size_t data_len) {
2774 int ret = -1;
2775
2776 coap_mbedtls_env_t *m_env = (coap_mbedtls_env_t *)c_session->tls;
2777
2778 if (!m_env) {
2779 errno = ENXIO;
2780 return -1;
2781 }
2782
2783 c_session->dtls_event = -1;
2784
2785 if (!m_env->established && !m_env->sent_alert) {
2786 ret = do_mbedtls_handshake(c_session, m_env);
2787 if (ret == 1) {
2788 coap_handle_event_lkd(c_session->context, COAP_EVENT_DTLS_CONNECTED,
2789 c_session);
2790 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2791 }
2792 }
2793
2794 if (c_session->state != COAP_SESSION_STATE_NONE && m_env->established) {
2795 ret = mbedtls_ssl_read(&m_env->ssl, data, data_len);
2796 if (ret <= 0) {
2797 switch (ret) {
2798 case 0:
2799 case MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY:
2800 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2801 ret = -1;
2802 break;
2803 case MBEDTLS_ERR_SSL_FATAL_ALERT_MESSAGE:
2804 /* Stop the sending of an alert on closedown */
2805 m_env->sent_alert = 1;
2806 c_session->dtls_event = COAP_EVENT_DTLS_CLOSED;
2807 break;
2808#if MBEDTLS_VERSION_NUMBER >= 0x03060000
2809 case MBEDTLS_ERR_SSL_RECEIVED_NEW_SESSION_TICKET:
2810#endif /* MBEDTLS_VERSION_NUMBER >= 0x03060000 */
2811 case MBEDTLS_ERR_SSL_WANT_READ:
2812 errno = EAGAIN;
2813 ret = 0;
2814 break;
2815 default:
2816 coap_log_warn("coap_tls_read: "
2817 "returned -0x%x: '%s' (length %zd)\n",
2818 -ret, get_error_string(ret), data_len);
2819 ret = -1;
2820 break;
2821 }
2822 } else if (ret < (int)data_len) {
2823 c_session->sock.flags &= ~COAP_SOCKET_CAN_READ;
2824 }
2825 }
2826
2827 if (c_session->dtls_event >= 0) {
2828 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2829 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2830 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2831 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2832 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2833 coap_session_disconnected_lkd(c_session, COAP_NACK_TLS_FAILED);
2834 ret = -1;
2835 }
2836 }
2837 if (ret > 0) {
2838 coap_log_debug("* %s: tls: recv %4d bytes\n",
2839 coap_session_str(c_session), ret);
2840 }
2841 return ret;
2842}
2843#endif /* !COAP_DISABLE_TCP */
2844
2845void
2846coap_dtls_startup(void) {
2847}
2848
2849void
2850coap_dtls_shutdown(void) {
2851#if COAP_CLIENT_SUPPORT
2852 mbedtls_free(psk_ciphers);
2853 mbedtls_free(pki_ciphers);
2854 mbedtls_free(ecjpake_ciphers);
2855 psk_ciphers = NULL;
2856 pki_ciphers = NULL;
2857 ecjpake_ciphers = NULL;
2858 processed_ciphers = 0;
2859#endif /* COAP_CLIENT_SUPPORT */
2860 coap_dtls_set_log_level(COAP_LOG_EMERG);
2861}
2862
2863void *
2864coap_dtls_get_tls(const coap_session_t *c_session,
2865 coap_tls_library_t *tls_lib) {
2866 if (tls_lib)
2867 *tls_lib = COAP_TLS_LIBRARY_MBEDTLS;
2868 if (c_session && c_session->tls) {
2869 coap_mbedtls_env_t *m_env;
2870
2871 /* To get around const issue */
2872 memcpy(&m_env, &c_session->tls, sizeof(m_env));
2873
2874 return (void *)&m_env->ssl;
2875 }
2876 return NULL;
2877}
2878
2879static coap_log_t keep_log_level = COAP_LOG_EMERG;
2880
2881void
2882coap_dtls_set_log_level(coap_log_t level) {
2883#if !defined(ESPIDF_VERSION)
2884 int use_level;
2885 /*
2886 * Mbed TLS debug levels filter
2887 * 0 No debug
2888 * 1 Error
2889 * 2 State change
2890 * 3 Informational
2891 * 4 Verbose
2892 */
2893 switch ((int)level) {
2894 case COAP_LOG_EMERG:
2895 use_level = 0;
2896 break;
2897 case COAP_LOG_ALERT:
2898 case COAP_LOG_CRIT:
2899 case COAP_LOG_ERR:
2900 case COAP_LOG_WARN:
2901 use_level = 1;
2902 break;
2903 case COAP_LOG_NOTICE:
2904 use_level = 2;
2905 break;
2906 case COAP_LOG_INFO:
2907 use_level = 3;
2908 break;
2909 case COAP_LOG_DEBUG:
2910 default:
2911 use_level = 4;
2912 break;
2913 }
2914 mbedtls_debug_set_threshold(use_level);
2915#endif /* !ESPIDF_VERSION) */
2916 keep_log_level = level;
2917}
2918
2919coap_log_t
2920coap_dtls_get_log_level(void) {
2921 return keep_log_level;
2922}
2923
2924coap_tls_version_t *
2925coap_get_tls_library_version(void) {
2926 static coap_tls_version_t version;
2927 version.version = mbedtls_version_get_number();
2928 version.built_version = MBEDTLS_VERSION_NUMBER;
2929 version.type = COAP_TLS_LIBRARY_MBEDTLS;
2930 return &version;
2931}
2932
2933#if COAP_SERVER_SUPPORT
2934coap_digest_ctx_t *
2935coap_digest_setup(void) {
2936 mbedtls_sha256_context *digest_ctx = mbedtls_malloc(sizeof(mbedtls_sha256_context));
2937
2938 if (digest_ctx) {
2939 mbedtls_sha256_init(digest_ctx);
2940#ifdef MBEDTLS_2_X_COMPAT
2941 if (mbedtls_sha256_starts_ret(digest_ctx, 0) != 0) {
2942#else
2943 if (mbedtls_sha256_starts(digest_ctx, 0) != 0) {
2944#endif /* MBEDTLS_2_X_COMPAT */
2945 coap_digest_free(digest_ctx);
2946 return NULL;
2947 }
2948 }
2949 return digest_ctx;
2950}
2951
2952void
2953coap_digest_free(coap_digest_ctx_t *digest_ctx) {
2954 if (digest_ctx) {
2955 mbedtls_sha256_free(digest_ctx);
2956 mbedtls_free(digest_ctx);
2957 }
2958}
2959
2960int
2961coap_digest_update(coap_digest_ctx_t *digest_ctx,
2962 const uint8_t *data,
2963 size_t data_len) {
2964#ifdef MBEDTLS_2_X_COMPAT
2965 int ret = mbedtls_sha256_update_ret(digest_ctx, data, data_len);
2966#else
2967 int ret = mbedtls_sha256_update(digest_ctx, data, data_len);
2968#endif /* MBEDTLS_2_X_COMPAT */
2969
2970 return ret == 0;
2971}
2972
2973int
2974coap_digest_final(coap_digest_ctx_t *digest_ctx,
2975 coap_digest_t *digest_buffer) {
2976#ifdef MBEDTLS_2_X_COMPAT
2977 int ret = mbedtls_sha256_finish_ret(digest_ctx, (uint8_t *)digest_buffer);
2978#else
2979 int ret = mbedtls_sha256_finish(digest_ctx, (uint8_t *)digest_buffer);
2980#endif /* MBEDTLS_2_X_COMPAT */
2981
2982 coap_digest_free(digest_ctx);
2983 return ret == 0;
2984}
2985#endif /* COAP_SERVER_SUPPORT */
2986
2987#include <mbedtls/cipher.h>
2988#include <mbedtls/md.h>
2989
2990#ifndef MBEDTLS_CIPHER_MODE_AEAD
2991#error need MBEDTLS_CIPHER_MODE_AEAD, please enable MBEDTLS_CCM_C
2992#endif /* MBEDTLS_CIPHER_MODE_AEAD */
2993
2994#ifdef MBEDTLS_ERROR_C
2995#include <mbedtls/error.h>
2996#endif /* MBEDTLS_ERROR_C */
2997
2998#ifdef MBEDTLS_ERROR_C
2999#define C(Func) \
3000 do { \
3001 int c_tmp = (int)(Func); \
3002 if (c_tmp != 0) { \
3003 char error_buf[64]; \
3004 mbedtls_strerror(c_tmp, error_buf, sizeof(error_buf)); \
3005 coap_log_err("mbedtls: -0x%04x: %s\n", -c_tmp, error_buf); \
3006 goto error; \
3007 } \
3008 } while (0);
3009#else /* !MBEDTLS_ERROR_C */
3010#define C(Func) \
3011 do { \
3012 int c_tmp = (int)(Func); \
3013 if (c_tmp != 0) { \
3014 coap_log_err("mbedtls: %d\n", tmp); \
3015 goto error; \
3016 } \
3017 } while (0);
3018#endif /* !MBEDTLS_ERROR_C */
3019
3020#if COAP_WS_SUPPORT
3021/*
3022 * The struct hash_algs and the function get_hash_alg() are used to
3023 * determine which hash type to use for creating the required hash object.
3024 */
3025static struct hash_algs {
3026 cose_alg_t alg;
3027 mbedtls_md_type_t hash_type;
3028 size_t hash_size;
3029} hashs[] = {
3030 {COSE_ALGORITHM_SHA_1, MBEDTLS_MD_SHA1, 20},
3031 {COSE_ALGORITHM_SHA_256_256, MBEDTLS_MD_SHA256, 32},
3032 {COSE_ALGORITHM_SHA_512, MBEDTLS_MD_SHA512, 64},
3033};
3034
3035static mbedtls_md_type_t
3036get_hash_alg(cose_alg_t alg, size_t *hash_len) {
3037 size_t idx;
3038
3039 for (idx = 0; idx < sizeof(hashs) / sizeof(struct hash_algs); idx++) {
3040 if (hashs[idx].alg == alg) {
3041 *hash_len = hashs[idx].hash_size;
3042 return hashs[idx].hash_type;
3043 }
3044 }
3045 coap_log_debug("get_hash_alg: COSE hash %d not supported\n", alg);
3046 return MBEDTLS_MD_NONE;
3047}
3048
3049int
3050coap_crypto_hash(cose_alg_t alg,
3051 const coap_bin_const_t *data,
3052 coap_bin_const_t **hash) {
3053 mbedtls_md_context_t ctx;
3054 int ret = 0;
3055 const mbedtls_md_info_t *md_info;
3056 unsigned int len;
3057 coap_binary_t *dummy = NULL;
3058 size_t hash_length;
3059 mbedtls_md_type_t dig_type = get_hash_alg(alg, &hash_length);
3060
3061 if (dig_type == MBEDTLS_MD_NONE) {
3062 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
3063 return 0;
3064 }
3065 md_info = mbedtls_md_info_from_type(dig_type);
3066
3067 len = mbedtls_md_get_size(md_info);
3068 if (len == 0) {
3069 return 0;
3070 }
3071
3072 mbedtls_md_init(&ctx);
3073 C(mbedtls_md_setup(&ctx, md_info, 0));
3074
3075 C(mbedtls_md_starts(&ctx));
3076 C(mbedtls_md_update(&ctx, (const unsigned char *)data->s, data->length));
3077 dummy = coap_new_binary(len);
3078 if (dummy == NULL)
3079 goto error;
3080 C(mbedtls_md_finish(&ctx, dummy->s));
3081
3082 *hash = (coap_bin_const_t *)dummy;
3083 ret = 1;
3084error:
3085 mbedtls_md_free(&ctx);
3086 return ret;
3087}
3088#endif /* COAP_WS_SUPPORT */
3089
3090#if COAP_OSCORE_SUPPORT
3091int
3092coap_oscore_is_supported(void) {
3093 return 1;
3094}
3095
3096/*
3097 * The struct cipher_algs and the function get_cipher_alg() are used to
3098 * determine which cipher type to use for creating the required cipher
3099 * suite object.
3100 */
3101static struct cipher_algs {
3102 cose_alg_t alg;
3103 mbedtls_cipher_type_t cipher_type;
3104} ciphers[] = {{COSE_ALGORITHM_AES_CCM_16_64_128, MBEDTLS_CIPHER_AES_128_CCM},
3105 {COSE_ALGORITHM_AES_CCM_16_64_256, MBEDTLS_CIPHER_AES_256_CCM}
3106};
3107
3108static mbedtls_cipher_type_t
3109get_cipher_alg(cose_alg_t alg) {
3110 size_t idx;
3111
3112 for (idx = 0; idx < sizeof(ciphers) / sizeof(struct cipher_algs); idx++) {
3113 if (ciphers[idx].alg == alg)
3114 return ciphers[idx].cipher_type;
3115 }
3116 coap_log_debug("get_cipher_alg: COSE cipher %d not supported\n", alg);
3117 return 0;
3118}
3119
3120/*
3121 * The struct hmac_algs and the function get_hmac_alg() are used to
3122 * determine which hmac type to use for creating the required hmac
3123 * suite object.
3124 */
3125static struct hmac_algs {
3126 cose_hmac_alg_t hmac_alg;
3127 mbedtls_md_type_t hmac_type;
3128} hmacs[] = {
3129 {COSE_HMAC_ALG_HMAC256_256, MBEDTLS_MD_SHA256},
3130 {COSE_HMAC_ALG_HMAC384_384, MBEDTLS_MD_SHA384},
3131 {COSE_HMAC_ALG_HMAC512_512, MBEDTLS_MD_SHA512},
3132};
3133
3134static mbedtls_md_type_t
3135get_hmac_alg(cose_hmac_alg_t hmac_alg) {
3136 size_t idx;
3137
3138 for (idx = 0; idx < sizeof(hmacs) / sizeof(struct hmac_algs); idx++) {
3139 if (hmacs[idx].hmac_alg == hmac_alg)
3140 return hmacs[idx].hmac_type;
3141 }
3142 coap_log_debug("get_hmac_alg: COSE HMAC %d not supported\n", hmac_alg);
3143 return 0;
3144}
3145
3146int
3147coap_crypto_check_cipher_alg(cose_alg_t alg) {
3148 return get_cipher_alg(alg) != 0;
3149}
3150
3151int
3152coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg) {
3153 cose_hmac_alg_t hmac_alg;
3154
3155 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
3156 return 0;
3157 return get_hmac_alg(hmac_alg) != 0;
3158}
3159
3164static int
3165setup_cipher_context(mbedtls_cipher_context_t *ctx,
3166 cose_alg_t coap_alg,
3167 const uint8_t *key_data,
3168 size_t key_length,
3169 mbedtls_operation_t mode) {
3170 const mbedtls_cipher_info_t *cipher_info;
3171 mbedtls_cipher_type_t cipher_type;
3172 uint8_t key[COAP_CRYPTO_MAX_KEY_SIZE]; /* buffer for normalizing the key
3173 according to its key length */
3174 int klen;
3175 memset(key, 0, sizeof(key));
3176
3177 if ((cipher_type = get_cipher_alg(coap_alg)) == 0) {
3178 coap_log_debug("coap_crypto_encrypt: algorithm %d not supported\n",
3179 coap_alg);
3180 return 0;
3181 }
3182 cipher_info = mbedtls_cipher_info_from_type(cipher_type);
3183 if (!cipher_info) {
3184 coap_log_crit("coap_crypto_encrypt: cannot get cipher info\n");
3185 return 0;
3186 }
3187
3188 mbedtls_cipher_init(ctx);
3189
3190 C(mbedtls_cipher_setup(ctx, cipher_info));
3191 klen = mbedtls_cipher_get_key_bitlen(ctx);
3192 if ((klen > (int)(sizeof(key) * 8)) || (key_length > sizeof(key))) {
3193 coap_log_crit("coap_crypto: cannot set key\n");
3194 goto error;
3195 }
3196 memcpy(key, key_data, key_length);
3197 C(mbedtls_cipher_setkey(ctx, key, klen, mode));
3198
3199 /* On success, the cipher context is released by the caller. */
3200 return 1;
3201error:
3202 mbedtls_cipher_free(ctx);
3203 return 0;
3204}
3205
3206int
3207coap_crypto_aead_encrypt(const coap_crypto_param_t *params,
3208 coap_bin_const_t *data,
3209 coap_bin_const_t *aad,
3210 uint8_t *result,
3211 size_t *max_result_len) {
3212 mbedtls_cipher_context_t ctx;
3213 const coap_crypto_aes_ccm_t *ccm;
3214#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3215 unsigned char tag[16];
3216#endif /* MBEDTLS_VERSION_NUMBER < 0x02150000 */
3217 int ret = 0;
3218 size_t result_len = *max_result_len;
3219 coap_bin_const_t laad;
3220
3221 if (data == NULL)
3222 return 0;
3223
3224 assert(params != NULL);
3225
3226 if (!params) {
3227 return 0;
3228 }
3229 ccm = &params->params.aes;
3230
3231 if (!setup_cipher_context(&ctx,
3232 params->alg,
3233 ccm->key.s,
3234 ccm->key.length,
3235 MBEDTLS_ENCRYPT)) {
3236 return 0;
3237 }
3238
3239 if (aad) {
3240 laad = *aad;
3241 } else {
3242 laad.s = NULL;
3243 laad.length = 0;
3244 }
3245
3246#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3247 C(mbedtls_cipher_auth_encrypt(&ctx,
3248 ccm->nonce,
3249 15 - ccm->l, /* iv */
3250 laad.s,
3251 laad.length, /* ad */
3252 data->s,
3253 data->length, /* input */
3254 result,
3255 &result_len, /* output */
3256 tag,
3257 ccm->tag_len /* tag */
3258 ));
3259 /* check if buffer is sufficient to hold tag */
3260 if ((result_len + ccm->tag_len) > *max_result_len) {
3261 coap_log_err("coap_encrypt: buffer too small\n");
3262 goto error;
3263 }
3264 /* append tag to result */
3265 memcpy(result + result_len, tag, ccm->tag_len);
3266 *max_result_len = result_len + ccm->tag_len;
3267 ret = 1;
3268#else /* MBEDTLS_VERSION_NUMBER >= 0x02150000 */
3269 C(mbedtls_cipher_auth_encrypt_ext(&ctx,
3270 ccm->nonce,
3271 15 - ccm->l, /* iv */
3272 laad.s,
3273 laad.length, /* ad */
3274 data->s,
3275 data->length, /* input */
3276 result,
3277 result_len,
3278 &result_len, /* output */
3279 ccm->tag_len /* tag */
3280 ));
3281 *max_result_len = result_len;
3282 ret = 1;
3283#endif /* MBEDTLS_VERSION_NUMBER >= 0x02150000 */
3284
3285error:
3286 mbedtls_cipher_free(&ctx);
3287 return ret;
3288}
3289
3290int
3291coap_crypto_aead_decrypt(const coap_crypto_param_t *params,
3292 coap_bin_const_t *data,
3293 coap_bin_const_t *aad,
3294 uint8_t *result,
3295 size_t *max_result_len) {
3296 mbedtls_cipher_context_t ctx;
3297 const coap_crypto_aes_ccm_t *ccm;
3298#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3299 const unsigned char *tag;
3300#endif /* MBEDTLS_VERSION_NUMBER < 0x02150000 */
3301 int ret = 0;
3302 size_t result_len = *max_result_len;
3303 coap_bin_const_t laad;
3304
3305 if (data == NULL)
3306 return 0;
3307
3308 assert(params != NULL);
3309
3310 if (!params) {
3311 return 0;
3312 }
3313
3314 ccm = &params->params.aes;
3315
3316 if (!setup_cipher_context(&ctx,
3317 params->alg,
3318 ccm->key.s,
3319 ccm->key.length,
3320 MBEDTLS_DECRYPT)) {
3321 return 0;
3322 }
3323
3324 if (data->length < ccm->tag_len) {
3325 coap_log_err("coap_decrypt: invalid tag length\n");
3326 goto error;
3327 }
3328
3329 if (aad) {
3330 laad = *aad;
3331 } else {
3332 laad.s = NULL;
3333 laad.length = 0;
3334 }
3335
3336#if (MBEDTLS_VERSION_NUMBER < 0x02150000)
3337 tag = data->s + data->length - ccm->tag_len;
3338 C(mbedtls_cipher_auth_decrypt(&ctx,
3339 ccm->nonce,
3340 15 - ccm->l, /* iv */
3341 laad.s,
3342 laad.length, /* ad */
3343 data->s,
3344 data->length - ccm->tag_len, /* input */
3345 result,
3346 &result_len, /* output */
3347 tag,
3348 ccm->tag_len /* tag */
3349 ));
3350#else /* MBEDTLS_VERSION_NUMBER >= 0x02150000 */
3351 C(mbedtls_cipher_auth_decrypt_ext(&ctx,
3352 ccm->nonce,
3353 15 - ccm->l, /* iv */
3354 laad.s,
3355 laad.length, /* ad */
3356 data->s,
3357 // data->length - ccm->tag_len, /* input */
3358 data->length, /* input */
3359 result,
3360 result_len,
3361 &result_len, /* output */
3362 ccm->tag_len /* tag */
3363 ));
3364#endif /* MBEDTLS_VERSION_NUMBER >= 0x02150000 */
3365
3366 *max_result_len = result_len;
3367 ret = 1;
3368error:
3369 mbedtls_cipher_free(&ctx);
3370 return ret;
3371}
3372
3373int
3374coap_crypto_hmac(cose_hmac_alg_t hmac_alg,
3375 coap_bin_const_t *key,
3376 coap_bin_const_t *data,
3377 coap_bin_const_t **hmac) {
3378 mbedtls_md_context_t ctx;
3379 int ret = 0;
3380 const int use_hmac = 1;
3381 const mbedtls_md_info_t *md_info;
3382 mbedtls_md_type_t mac_algo;
3383 unsigned int len;
3384 coap_binary_t *dummy = NULL;
3385
3386 assert(key);
3387 assert(data);
3388 assert(hmac);
3389
3390 if ((mac_algo = get_hmac_alg(hmac_alg)) == 0) {
3391 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
3392 return 0;
3393 }
3394 md_info = mbedtls_md_info_from_type(mac_algo);
3395
3396 len = mbedtls_md_get_size(md_info);
3397 if (len == 0) {
3398 return 0;
3399 }
3400
3401 mbedtls_md_init(&ctx);
3402 C(mbedtls_md_setup(&ctx, md_info, use_hmac));
3403
3404 C(mbedtls_md_hmac_starts(&ctx, key->s, key->length));
3405 C(mbedtls_md_hmac_update(&ctx, (const unsigned char *)data->s, data->length));
3406 dummy = coap_new_binary(len);
3407 if (dummy == NULL)
3408 goto error;
3409 C(mbedtls_md_hmac_finish(&ctx, dummy->s));
3410
3411 *hmac = (coap_bin_const_t *)dummy;
3412 ret = 1;
3413error:
3414 mbedtls_md_free(&ctx);
3415 return ret;
3416}
3417
3418#endif /* COAP_OSCORE_SUPPORT */
3419
3420#else /* !COAP_WITH_LIBMBEDTLS */
3421
3422#ifdef __clang__
3423/* Make compilers happy that do not like empty modules. As this function is
3424 * never used, we ignore -Wunused-function at the end of compiling this file
3425 */
3426#pragma GCC diagnostic ignored "-Wunused-function"
3427#endif
3428static inline void
3429dummy(void) {
3430}
3431
3432#endif /* COAP_WITH_LIBMBEDTLS */
COAP_SERVER_SUPPORT
#define COAP_SERVER_SUPPORT
Definition coap_internal.h:62
PRIx32
#define PRIx32
Definition coap_internal.h:42
coap_socket_strerror
const char * coap_socket_strerror(void)
Definition coap_io.c:2336
COAP_RXBUFFER_SIZE
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:29
COAP_NACK_TLS_FAILED
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:66
COAP_SOCKET_WANT_WRITE
#define COAP_SOCKET_WANT_WRITE
non blocking socket is waiting for writing
Definition coap_io_internal.h:79
COAP_LAYER_TLS
@ COAP_LAYER_TLS
Definition coap_layers_internal.h:25
coap_libcoap_build.h
Library specific build wrapper for coap_internal.h.
dummy
static void dummy(void)
Definition coap_mbedtls.c:3429
coap_dtls_context_set_pki
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:108
coap_dtls_get_timeout
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:229
coap_tls_read
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:301
coap_dtls_get_context_timeout
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:224
coap_dtls_receive
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:243
coap_dtls_get_tls
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:158
coap_dtls_get_overhead
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:261
coap_dtls_context_load_pki_trust_store
int coap_dtls_context_load_pki_trust_store(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:124
coap_dtls_context_check_keys_enabled
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:147
coap_dtls_send
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:212
coap_tls_write
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:289
coap_dtls_session_update_mtu
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:208
coap_dtls_context_set_pki_root_cas
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:116
coap_dtls_handle_timeout
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:238
coap_dtls_free_context
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:186
coap_dtls_free_session
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:204
coap_dtls_new_context
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:181
coap_tls_free_session
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:280
coap_digest_free
void coap_digest_free(coap_digest_ctx_t *digest_ctx)
Free off coap_digest_ctx_t.
coap_digest_final
int coap_digest_final(coap_digest_ctx_t *digest_ctx, coap_digest_t *digest_buffer)
Finalize the coap_digest information into the provided digest_buffer.
coap_digest_update
int coap_digest_update(coap_digest_ctx_t *digest_ctx, const uint8_t *data, size_t data_len)
Update the coap_digest information with the next chunk of data.
coap_digest_ctx_t
void coap_digest_ctx_t
Definition coap_cache_internal.h:164
coap_digest_setup
coap_digest_ctx_t * coap_digest_setup(void)
Initialize a coap_digest.
coap_tick_t
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:143
coap_prng_lkd
int coap_prng_lkd(void *buf, size_t len)
Fills buf with len random bytes using the default pseudo random number generator.
Definition coap_prng.c:178
coap_handle_event_lkd
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:4762
coap_handle_dgram
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:2771
coap_ticks
void coap_ticks(coap_tick_t *)
Returns the current value of an internal tick counter.
coap_crypto_hmac
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
coap_crypto_aead_decrypt
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
coap_crypto_aead_encrypt
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
COAP_CRYPTO_MAX_KEY_SIZE
#define COAP_CRYPTO_MAX_KEY_SIZE
Definition coap_crypto_internal.h:34
coap_crypto_hash
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
coap_crypto_check_hkdf_alg
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
coap_crypto_check_cipher_alg
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
coap_tls_new_server_session
void * coap_tls_new_server_session(coap_session_t *coap_session)
Create a TLS new server-side session.
coap_get_session_client_psk_identity
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *coap_session)
Get the current client's PSK identity.
coap_dtls_startup
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:154
coap_dtls_define_issue
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
coap_dtls_new_client_session
void * coap_dtls_new_client_session(coap_session_t *coap_session)
Create a new client-side session.
coap_dtls_new_server_session
void * coap_dtls_new_server_session(coap_session_t *coap_session)
Create a new DTLS server-side session.
coap_dtls_hello
int coap_dtls_hello(coap_session_t *coap_session, const uint8_t *data, size_t data_len)
Handling client HELLO messages from a new candiate peer.
coap_dtls_set_cid_tuple_change
int coap_dtls_set_cid_tuple_change(coap_context_t *context, uint8_t every)
Set the Connection ID client tuple frequency change for testing CIDs.
coap_dtls_is_context_timeout
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:219
coap_dtls_context_set_cpsk
int coap_dtls_context_set_cpsk(coap_context_t *coap_context, coap_dtls_cpsk_t *setup_data)
Set the DTLS context's default client PSK information.
coap_dtls_context_set_spsk
int coap_dtls_context_set_spsk(coap_context_t *coap_context, coap_dtls_spsk_t *setup_data)
Set the DTLS context's default server PSK information.
coap_dtls_shutdown
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:166
coap_get_session_client_psk_key
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
coap_tls_new_client_session
void * coap_tls_new_client_session(coap_session_t *coap_session)
Create a new TLS client-side session.
COAP_DTLS_RETRANSMIT_COAP_TICKS
#define COAP_DTLS_RETRANSMIT_COAP_TICKS
Definition coap_dtls_internal.h:39
coap_dtls_map_key_type_to_define
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
coap_get_session_server_psk_key
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_PRIVATE
Definition coap_dtls_internal.h:50
COAP_DEFINE_KEY_ROOT_CA
@ COAP_DEFINE_KEY_ROOT_CA
Definition coap_dtls_internal.h:48
COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_CA
Definition coap_dtls_internal.h:47
COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_KEY_PUBLIC
Definition coap_dtls_internal.h:49
COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NONE
Definition coap_dtls_internal.h:56
COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
Definition coap_dtls_internal.h:55
COAP_DEFINE_FAIL_BAD
@ COAP_DEFINE_FAIL_BAD
Definition coap_dtls_internal.h:54
coap_get_tls_library_version
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:100
coap_dtls_role_t
coap_dtls_role_t
Definition coap_dtls.h:44
coap_tls_library_t
coap_tls_library_t
Definition coap_dtls.h:70
COAP_PKI_KEY_DEF_PKCS11
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:245
COAP_PKI_KEY_DEF_DER_BUF
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:242
COAP_PKI_KEY_DEF_PEM_BUF
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:236
COAP_PKI_KEY_DEF_PEM
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:234
COAP_PKI_KEY_DEF_ENGINE
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:251
COAP_PKI_KEY_DEF_RPK_BUF
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:238
COAP_PKI_KEY_DEF_DER
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:240
COAP_PKI_KEY_DEF_PKCS11_RPK
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:248
COAP_DTLS_ROLE_SERVER
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:46
COAP_DTLS_ROLE_CLIENT
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:45
COAP_PKI_KEY_DEFINE
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:172
COAP_TLS_LIBRARY_MBEDTLS
@ COAP_TLS_LIBRARY_MBEDTLS
Using Mbed TLS library.
Definition coap_dtls.h:75
COAP_EVENT_DTLS_CLOSED
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:39
COAP_EVENT_DTLS_CONNECTED
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:41
COAP_EVENT_DTLS_ERROR
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:45
coap_lock_callback_ret
#define coap_lock_callback_ret(r, c, func)
Dummy for no thread-safe code.
Definition coap_threadsafe_internal.h:520
coap_log_debug
#define coap_log_debug(...)
Definition coap_debug.h:120
coap_log_emerg
#define coap_log_emerg(...)
Definition coap_debug.h:81
coap_log_t
coap_log_t
Logging type.
Definition coap_debug.h:50
coap_dtls_get_log_level
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:176
coap_dtls_log
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:300
coap_dtls_set_log_level
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:171
coap_session_str
const char * coap_session_str(const coap_session_t *session)
Get session description.
Definition coap_session.c:2465
coap_log_info
#define coap_log_info(...)
Definition coap_debug.h:108
coap_log_warn
#define coap_log_warn(...)
Definition coap_debug.h:102
coap_log_err
#define coap_log_err(...)
Definition coap_debug.h:96
coap_log_crit
#define coap_log_crit(...)
Definition coap_debug.h:90
COAP_LOG_INFO
@ COAP_LOG_INFO
Definition coap_debug.h:57
COAP_LOG_EMERG
@ COAP_LOG_EMERG
Definition coap_debug.h:51
COAP_LOG_NOTICE
@ COAP_LOG_NOTICE
Definition coap_debug.h:56
COAP_LOG_DEBUG
@ COAP_LOG_DEBUG
Definition coap_debug.h:58
COAP_LOG_ALERT
@ COAP_LOG_ALERT
Definition coap_debug.h:52
COAP_LOG_CRIT
@ COAP_LOG_CRIT
Definition coap_debug.h:53
COAP_LOG_ERR
@ COAP_LOG_ERR
Definition coap_debug.h:54
COAP_LOG_WARN
@ COAP_LOG_WARN
Definition coap_debug.h:55
coap_netif_available
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
cose_get_hmac_alg_for_hkdf
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
Definition oscore_cose.c:179
cose_hkdf_alg_t
cose_hkdf_alg_t
Definition oscore_cose.h:165
cose_hmac_alg_t
cose_hmac_alg_t
Definition oscore_cose.h:157
cose_alg_t
cose_alg_t
Definition oscore_cose.h:126
COSE_HMAC_ALG_HMAC384_384
@ COSE_HMAC_ALG_HMAC384_384
Definition oscore_cose.h:160
COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC256_256
Definition oscore_cose.h:159
COSE_HMAC_ALG_HMAC512_512
@ COSE_HMAC_ALG_HMAC512_512
Definition oscore_cose.h:161
COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_256_256
Definition oscore_cose.h:134
COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_SHA_1
Definition oscore_cose.h:136
COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_AES_CCM_16_64_128
Definition oscore_cose.h:145
COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_SHA_512
Definition oscore_cose.h:128
COSE_ALGORITHM_AES_CCM_16_64_256
@ COSE_ALGORITHM_AES_CCM_16_64_256
Definition oscore_cose.h:146
coap_proto_t
coap_proto_t
CoAP protocol types.
Definition coap_pdu.h:312
COAP_PROTO_DTLS
@ COAP_PROTO_DTLS
Definition coap_pdu.h:315
COAP_PROTO_TLS
@ COAP_PROTO_TLS
Definition coap_pdu.h:317
COAP_PROTO_WSS
@ COAP_PROTO_WSS
Definition coap_pdu.h:319
coap_session_refresh_psk_hint
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
Definition coap_session.c:1874
coap_session_refresh_psk_key
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
Definition coap_session.c:1903
coap_session_connected
void coap_session_connected(coap_session_t *session)
Notify session that it has just connected or reconnected.
Definition coap_session.c:897
coap_session_refresh_psk_identity
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
Definition coap_session.c:1931
coap_session_disconnected_lkd
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
Definition coap_session.c:1021
COAP_PROTO_NOT_RELIABLE
#define COAP_PROTO_NOT_RELIABLE(p)
Definition coap_session.h:37
COAP_SESSION_TYPE_CLIENT
@ COAP_SESSION_TYPE_CLIENT
client-side
Definition coap_session.h:46
COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_HANDSHAKE
Definition coap_session.h:58
COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_CSM
Definition coap_session.h:59
COAP_SESSION_STATE_NONE
@ COAP_SESSION_STATE_NONE
Definition coap_session.h:56
coap_new_binary
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:77
coap_new_bin_const
coap_bin_const_t * coap_new_bin_const(const uint8_t *data, size_t size)
Take the specified byte array (text) and create a coap_bin_const_t * Returns a new const binary objec...
Definition coap_str.c:110
coap_dtls_cid_is_supported
int coap_dtls_cid_is_supported(void)
Check whether (D)TLS CID is available.
Definition coap_notls.c:86
coap_dtls_psk_is_supported
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
coap_tls_is_supported
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
coap_oscore_is_supported
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
Definition coap_oscore.c:2197
coap_dtls_is_supported
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
coap_dtls_pki_is_supported
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
coap_dtls_rpk_is_supported
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
coap_dtls_pkcs11_is_supported
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
COAP_UNUSED
#define COAP_UNUSED
Definition libcoap.h:70
coap_addr_tuple_t::remote
coap_address_t remote
remote address and port
Definition coap_io.h:56
coap_bin_const_t
CoAP binary data definition with const data.
Definition coap_str.h:64
coap_bin_const_t::length
size_t length
length of binary data
Definition coap_str.h:65
coap_bin_const_t::s
const uint8_t * s
read-only binary data
Definition coap_str.h:66
coap_binary_t
CoAP binary data definition.
Definition coap_str.h:56
coap_context_t
The CoAP stack's global state is stored in a coap_context_t object.
Definition coap_net_internal.h:50
coap_context_t::dtls_context
void * dtls_context
Definition coap_net_internal.h:148
coap_context_t::testing_cids
uint8_t testing_cids
Change client's source port every testing_cids.
Definition coap_net_internal.h:213
coap_context_t::spsk_setup_data
coap_dtls_spsk_t spsk_setup_data
Contains the initial PSK server setup data.
Definition coap_net_internal.h:151
coap_crypto_aes_ccm_t
The structure that holds the AES Crypto information.
Definition coap_crypto_internal.h:49
coap_crypto_aes_ccm_t::l
size_t l
The number of bytes in the length field.
Definition coap_crypto_internal.h:53
coap_crypto_aes_ccm_t::nonce
const uint8_t * nonce
must be exactly 15 - l bytes
Definition coap_crypto_internal.h:51
coap_crypto_aes_ccm_t::key
coap_crypto_key_t key
The Key to use.
Definition coap_crypto_internal.h:50
coap_crypto_aes_ccm_t::tag_len
size_t tag_len
The size of the Tag.
Definition coap_crypto_internal.h:52
coap_crypto_param_t
The common structure that holds the Crypto information.
Definition coap_crypto_internal.h:59
coap_crypto_param_t::params
union coap_crypto_param_t::@2 params
coap_crypto_param_t::aes
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
Definition coap_crypto_internal.h:62
coap_crypto_param_t::alg
cose_alg_t alg
The COSE algorith to use.
Definition coap_crypto_internal.h:60
coap_digest_t
Definition coap_cache_internal.h:33
coap_dtls_cpsk_t
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:410
coap_dtls_cpsk_t::use_cid
uint8_t use_cid
Set to 1 if DTLS Connection ID is to be used.
Definition coap_dtls.h:417
coap_dtls_cpsk_t::client_sni
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:437
coap_dtls_cpsk_t::validate_ih_call_back
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:433
coap_dtls_cpsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_CPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:415
coap_dtls_key_t
The structure that holds the PKI key information.
Definition coap_dtls.h:279
coap_dtls_key_t::define
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:286
coap_dtls_key_t::key
union coap_dtls_key_t::@3 key
coap_dtls_key_t::key_type
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:280
coap_dtls_pki_t
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:312
coap_dtls_pki_t::allow_no_crl
uint8_t allow_no_crl
1 ignore if CRL not there
Definition coap_dtls.h:326
coap_dtls_pki_t::cn_call_back_arg
void * cn_call_back_arg
Passed in to the CN callback function.
Definition coap_dtls.h:351
coap_dtls_pki_t::allow_short_rsa_length
uint8_t allow_short_rsa_length
1 if small RSA keysizes are allowed
Definition coap_dtls.h:329
coap_dtls_pki_t::cert_chain_validation
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:323
coap_dtls_pki_t::allow_bad_md_hash
uint8_t allow_bad_md_hash
1 if unsupported MD hashes are allowed
Definition coap_dtls.h:328
coap_dtls_pki_t::use_cid
uint8_t use_cid
1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
Definition coap_dtls.h:333
coap_dtls_pki_t::check_cert_revocation
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:325
coap_dtls_pki_t::cert_chain_verify_depth
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:324
coap_dtls_pki_t::allow_expired_certs
uint8_t allow_expired_certs
1 if expired certs are allowed
Definition coap_dtls.h:322
coap_dtls_pki_t::verify_peer_cert
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:317
coap_dtls_pki_t::allow_self_signed
uint8_t allow_self_signed
1 if self-signed certs are allowed.
Definition coap_dtls.h:320
coap_dtls_pki_t::validate_cn_call_back
coap_dtls_cn_callback_t validate_cn_call_back
CN check callback function.
Definition coap_dtls.h:350
coap_dtls_pki_t::allow_expired_crl
uint8_t allow_expired_crl
1 if expired crl is allowed
Definition coap_dtls.h:327
coap_dtls_pki_t::is_rpk_not_cert
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:330
coap_dtls_pki_t::check_common_ca
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:318
coap_dtls_spsk_info_t
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:450
coap_dtls_spsk_t
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:501
coap_dtls_spsk_t::validate_sni_call_back
coap_dtls_psk_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:530
coap_dtls_spsk_t::validate_id_call_back
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:522
coap_dtls_spsk_t::id_call_back_arg
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:523
coap_dtls_spsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_SPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:506
coap_dtls_spsk_t::sni_call_back_arg
void * sni_call_back_arg
Passed in to the SNI callback function.
Definition coap_dtls.h:531
coap_layer_func_t::l_read
coap_layer_read_t l_read
Definition coap_layers_internal.h:107
coap_layer_func_t::l_write
coap_layer_write_t l_write
Definition coap_layers_internal.h:108
coap_layer_func_t::l_establish
coap_layer_establish_t l_establish
Definition coap_layers_internal.h:109
coap_pki_key_define_t::public_cert
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:261
coap_pki_key_define_t::private_key
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:262
coap_pki_key_define_t::ca
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:260
coap_pki_key_define_t::public_cert_len
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:264
coap_pki_key_define_t::ca_len
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:263
coap_pki_key_define_t::private_key_def
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:268
coap_pki_key_define_t::private_key_len
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:265
coap_pki_key_define_t::ca_def
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:266
coap_pki_key_define_t::public_cert_def
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:267
coap_session_t
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
Definition coap_session_internal.h:68
coap_session_t::dtls_timeout_count
unsigned int dtls_timeout_count
dtls setup retry counter
Definition coap_session_internal.h:180
coap_session_t::endpoint
coap_endpoint_t * endpoint
session's endpoint
Definition coap_session_internal.h:88
coap_session_t::sock
coap_socket_t sock
socket object for the session, if any
Definition coap_session_internal.h:85
coap_session_t::state
coap_session_state_t state
current state of relationship with peer
Definition coap_session_internal.h:71
coap_session_t::client_cid
coap_bin_const_t * client_cid
Contains client CID or NULL.
Definition coap_session_internal.h:230
coap_session_t::addr_info
coap_addr_tuple_t addr_info
remote/local address info
Definition coap_session_internal.h:79
coap_session_t::proto
coap_proto_t proto
protocol used
Definition coap_session_internal.h:69
coap_session_t::cpsk_setup_data
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
Definition coap_session_internal.h:120
coap_session_t::mtu
size_t mtu
path or CSM mtu (xmt)
Definition coap_session_internal.h:75
coap_session_t::negotiated_cid
uint8_t negotiated_cid
Set for a client if CID negotiated.
Definition coap_session_internal.h:212
coap_session_t::dtls_event
int dtls_event
Tracking any (D)TLS events on this session.
Definition coap_session_internal.h:181
coap_session_t::tls
void * tls
security parameters
Definition coap_session_internal.h:91
coap_session_t::max_retransmit
uint16_t max_retransmit
maximum re-transmit count (default 4)
Definition coap_session_internal.h:155
coap_session_t::type
coap_session_type_t type
client or server side socket
Definition coap_session_internal.h:70
coap_session_t::context
coap_context_t * context
session's context
Definition coap_session_internal.h:90
coap_socket_t::lfunc
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
Definition coap_io_internal.h:68
coap_socket_t::flags
coap_socket_flags_t flags
1 or more of COAP_SOCKET* flag values
Definition coap_io_internal.h:59
coap_tls_version_t
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:83
coap_tls_version_t::built_version
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:86
coap_tls_version_t::type
coap_tls_library_t type
Library type.
Definition coap_dtls.h:85
coap_tls_version_t::version
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:84
coap_const_char_ptr_t::s_byte
const char * s_byte
signed char ptr
Definition coap_str.h:73
coap_const_char_ptr_t::u_byte
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:74