23#if COAP_OSCORE_SUPPORT
26#define AAD_BUF_LEN 200
31#if COAP_CLIENT_SUPPORT
39 coap_log_warn(
"OSCORE: Recipient ID must be defined for a client\n");
46 if (id_context == NULL)
55 osc_ctx = coap_oscore_init(session->
context, oscore_conf);
56 if (osc_ctx == NULL) {
60 session->oscore_encryption = 1;
174#if COAP_SERVER_SUPPORT
193 osc_ctx = coap_oscore_init(context, oscore_conf);
207 uint8_t option_value_buffer[15];
215 memset(&uri, 0,
sizeof(uri));
237 sizeof(option_value_buffer),
239 option_value_buffer))
272#if COAP_MAX_LOGGING_LEVEL < _COAP_LOG_OSCORE
327 uint8_t pdu_code = pdu->
code;
330 uint8_t *ciphertext_buffer = NULL;
331 size_t ciphertext_len = 0;
332 uint8_t aad_buffer[AAD_BUF_LEN];
333 uint8_t nonce_buffer[13];
339 uint8_t group_flag = 0;
341 int doing_observe = 0;
342 uint32_t observe_value = 0;
345 uint8_t external_aad_buffer[200];
347 uint8_t oscore_option[48];
348 size_t oscore_option_len;
375 rcp_ctx = session->recipient_ctx;
387 if (association == NULL)
399 if (coap_request || doing_observe ||
401 uint8_t partial_iv_buffer[8];
402 size_t partial_iv_len;
405 sizeof(partial_iv_buffer),
407 if (snd_ctx->
seq == 0) {
409 partial_iv_buffer[0] =
'\000';
412 partial_iv.
s = partial_iv_buffer;
413 partial_iv.
length = partial_iv_len;
424 if (coap_request || doing_observe ||
435 nonce.
s = nonce_buffer;
514 external_aad.
s = external_aad_buffer;
521 sizeof(external_aad_buffer));
530 assert(aad.
length < AAD_BUF_LEN);
544 if (plain_pdu == NULL)
555 switch (opt_iter.
number) {
634 dump_cose(cose,
"Pre encrypt");
637 if (ciphertext_buffer == NULL)
642 if ((
int)ciphertext_len <= 0) {
643 coap_log_warn(
"OSCORE: Encryption Failure, result code: %d \n",
644 (
int)ciphertext_len);
647 assert(ciphertext_len < OSCORE_CRYPTO_BUFFER_SIZE);
657 if (!
coap_add_data(osc_pdu, ciphertext_len, ciphertext_buffer))
661 ciphertext_buffer = NULL;
666 if (association && association->
is_observe == 0)
704 if (association->
nonce == NULL)
708 if (association->
aad == NULL)
710 if (doing_observe && observe_value == 1) {
746 session->done_b_1_2 = 1;
751 if (ciphertext_buffer)
762 const char *diagnostic,
765 int encrypt_oscore) {
768 int oscore_encryption = session->oscore_encryption;
769 unsigned char buf[4];
776 token.length + 2 + 8 +
777 (diagnostic ? strlen(diagnostic) : 0));
783 }
else if (kid_context == NULL) {
790 coap_add_data(err_pdu, strlen(diagnostic), (
const uint8_t *)diagnostic);
791 session->oscore_encryption = encrypt_oscore;
793 if ((echo_data || kid_context) && encrypt_oscore) {
801 session->oscore_encryption = 0;
810 session->oscore_encryption = oscore_encryption;
825 const uint8_t *osc_value;
831 uint8_t aad_buffer[AAD_BUF_LEN];
832 uint8_t nonce_buffer[13];
836 int got_resp_piv = 0;
837 int doing_resp_observe = 0;
845 uint8_t external_aad_buffer[100];
848#if COAP_CLIENT_SUPPORT
857 if (session->
context->p_osc_ctx == NULL) {
866 if (pdu->
data == NULL) {
883 if (decrypt_pdu == NULL) {
901 switch (opt_iter.
number) {
940 uint64_t incoming_seq;
948 build_and_send_error_pdu(session,
951 "Failed to decode COSE",
970 session->oscore_r2 != 0 ? (uint8_t *)&session->oscore_r2 : NULL,
984 if (session->oscore_r2 != 0) {
1003 if (osc_ctx == NULL)
1023 build_and_send_error_pdu(session,
1026 "Security context not found",
1033 session->recipient_ctx = rcp_ctx;
1046 build_and_send_error_pdu(session,
1066 coap_log_warn(
"OSCORE: OSCORE Option cannot be decoded.\n");
1079#if COAP_CLIENT_SUPPORT
1090 kid_context.
s = ptr;
1121 coap_log_crit(
"OSCORE: Security Context association not found\n");
1158 external_aad.
s = external_aad_buffer;
1164 external_aad_buffer,
1165 sizeof(external_aad_buffer));
1173 sizeof(aad_buffer));
1174 assert(aad.
length < AAD_BUF_LEN);
1186 nonce.
s = nonce_buffer;
1197 association->
nonce =
1199 if (association->
nonce == NULL)
1208 if (association->
aad == NULL)
1244 coap_log_warn(
"OSCORE Replay protection, SEQ larger than SEQ_MAX.\n");
1256 nonce.
s = nonce_buffer;
1260#ifdef OSCORE_EXTRA_DEBUG
1261 dump_cose(cose,
"!req post set nonce");
1295#ifdef OSCORE_EXTRA_DEBUG
1296 dump_cose(cose,
"!req pre aad");
1298 external_aad.
s = external_aad_buffer;
1304 external_aad_buffer,
1305 sizeof(external_aad_buffer));
1313 sizeof(aad_buffer));
1314 assert(aad.
length < AAD_BUF_LEN);
1316#ifdef OSCORE_EXTRA_DEBUG
1317 dump_cose(cose,
"!req post set aad");
1332 st_encrypt = pdu->
data;
1334 if (encrypt_len <= 0) {
1348 if (plain_pdu == NULL) {
1369 plain_pdu->
used_size = encrypt_len - tag_len;
1371 dump_cose(cose,
"Pre decrypt");
1374 if (pltxt_size <= 0) {
1375 coap_log_warn(
"OSCORE: Decryption Failure, result code: %d \n",
1378 build_and_send_error_pdu(session,
1381 "Decryption failed",
1395 assert((
size_t)pltxt_size < pdu->alloc_size + pdu->
max_hdr_size);
1412 coap_prng_lkd(&session->oscore_r2,
sizeof(session->oscore_r2));
1413 memcpy(kc->
s, &session->oscore_r2,
sizeof(session->oscore_r2));
1414 memcpy(&kc->
s[
sizeof(session->oscore_r2)],
1421 oscore_r2.
length =
sizeof(session->oscore_r2);
1422 oscore_r2.
s = (
const uint8_t *)&session->oscore_r2;
1424 build_and_send_error_pdu(session,
1433#if COAP_CLIENT_SUPPORT
1440 coap_log_warn(
"OSCORE Appendix B.2: Expected 4.01 response\n");
1486#if COAP_SERVER_SUPPORT
1497 build_and_send_error_pdu(session,
1516 build_and_send_error_pdu(session,
1536 decrypt_pdu->
code = plain_pdu->
token[0];
1544 switch (opt_iter.
number) {
1548 if (!coap_request) {
1562 doing_resp_observe = 1;
1585 if (!coap_request && !doing_resp_observe) {
1621#if COAP_CLIENT_SUPPORT
1641 if (association && association->
is_observe == 0)
1648 if (association && association->
is_observe == 0)
1656 COAP_ENC_ASCII = 0x01,
1657 COAP_ENC_HEX = 0x02,
1658 COAP_ENC_INTEGER = 0x08,
1659 COAP_ENC_TEXT = 0x10,
1660 COAP_ENC_BOOL = 0x20,
1662} coap_oscore_coding_t;
1665#define TEXT_MAPPING(t, v) \
1666 { { sizeof(#t)-1, (const uint8_t *)#t }, v }
1668static struct coap_oscore_encoding_t {
1670 coap_oscore_coding_t encoding;
1671} oscore_encoding[] = {
1672 TEXT_MAPPING(ascii, COAP_ENC_ASCII),
1673 TEXT_MAPPING(hex, COAP_ENC_HEX),
1674 TEXT_MAPPING(integer, COAP_ENC_INTEGER),
1675 TEXT_MAPPING(text, COAP_ENC_TEXT),
1676 TEXT_MAPPING(
bool, COAP_ENC_BOOL),
1677 {{0, NULL}, COAP_ENC_LAST}
1681 coap_oscore_coding_t encoding;
1682 const char *encoding_name;
1692 assert(isxdigit(c));
1693 if (
'a' <= c && c <=
'f')
1694 return c -
'a' + 10;
1695 else if (
'A' <= c && c <=
'F')
1696 return c -
'A' + 10;
1703parse_hex_bin(
const char *begin,
const char *end) {
1707 if ((end - begin) % 2 != 0)
1712 for (i = 0; (i < (size_t)(end - begin)) && isxdigit((u_char)begin[i]) &&
1713 isxdigit((u_char)begin[i + 1]);
1715 binary->
s[i / 2] = (hex2char(begin[i]) << 4) + hex2char(begin[i + 1]);
1717 if (i != (
size_t)(end - begin))
1733get_split_entry(
const char **start,
1736 oscore_value_t *value) {
1737 const char *begin = *start;
1744 kend = end = memchr(begin,
'\n', size);
1750 if (end > begin && end[-1] ==
'\r')
1753 if (begin[0] ==
'#' || (end - begin) == 0) {
1755 size -= kend - begin + 1;
1761 split = memchr(begin,
',', end - begin);
1765 keyword->
s = (
const uint8_t *)begin;
1766 keyword->
length = split - begin;
1769 if ((end - begin) == 0)
1772 split = memchr(begin,
',', end - begin);
1776 for (i = 0; oscore_encoding[i].name.s; i++) {
1780 value->encoding = oscore_encoding[i].encoding;
1781 value->encoding_name = (
const char *)oscore_encoding[i].name.
s;
1785 if (oscore_encoding[i].name.s == NULL)
1789 if ((end - begin) == 0)
1792 if (begin[0] ==
'"') {
1793 split = memchr(&begin[1],
'"', end - split - 1);
1799 switch (value->encoding) {
1800 case COAP_ENC_ASCII:
1801 value->u.value_bin =
1806 value->u.value_bin = parse_hex_bin(begin, end);
1807 if (value->u.value_bin == NULL)
1810 case COAP_ENC_INTEGER:
1811 value->u.value_int = atoi(begin);
1814 value->u.value_str.s = (
const uint8_t *)begin;
1815 value->u.value_str.length = end - begin;
1818 if (memcmp(
"true", begin, end - begin) == 0)
1819 value->u.value_int = 1;
1820 else if (memcmp(
"false", begin, end - begin) == 0)
1821 value->u.value_int = 0;
1832 coap_log_warn(
"oscore_conf: Unrecognized configuration entry '%.*s'\n",
1839#define CONFIG_ENTRY(n, e, t) \
1840 { { sizeof(#n)-1, (const uint8_t *)#n }, e, \
1841 offsetof(coap_oscore_conf_t, n), t }
1843typedef struct oscore_text_mapping_t {
1846} oscore_text_mapping_t;
1849static oscore_text_mapping_t text_aead_alg[] = {
1855static oscore_text_mapping_t text_hkdf_alg[] = {
1860static struct oscore_config_t {
1862 coap_oscore_coding_t encoding;
1864 oscore_text_mapping_t *text_mapping;
1865} oscore_config[] = {
1866 CONFIG_ENTRY(master_secret, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1867 CONFIG_ENTRY(master_salt, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1868 CONFIG_ENTRY(sender_id, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1869 CONFIG_ENTRY(id_context, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1870 CONFIG_ENTRY(recipient_id, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1871 CONFIG_ENTRY(replay_window, COAP_ENC_INTEGER, NULL),
1872 CONFIG_ENTRY(ssn_freq, COAP_ENC_INTEGER, NULL),
1873 CONFIG_ENTRY(aead_alg, COAP_ENC_INTEGER | COAP_ENC_TEXT, text_aead_alg),
1874 CONFIG_ENTRY(hkdf_alg, COAP_ENC_INTEGER | COAP_ENC_TEXT, text_hkdf_alg),
1875 CONFIG_ENTRY(rfc8613_b_1_2, COAP_ENC_BOOL, NULL),
1876 CONFIG_ENTRY(rfc8613_b_2, COAP_ENC_BOOL, NULL),
1877 CONFIG_ENTRY(break_sender_key, COAP_ENC_BOOL, NULL),
1878 CONFIG_ENTRY(break_recipient_key, COAP_ENC_BOOL, NULL),
1885 if (oscore_conf == NULL)
1902 const char *start = (
const char *)conf_mem.
s;
1903 const char *end = start + conf_mem.length;
1905 oscore_value_t value;
1909 if (oscore_conf == NULL)
1913 memset(&value, 0,
sizeof(value));
1924 while (end > start &&
1925 get_split_entry(&start, end - start, &keyword, &value)) {
1929 for (i = 0; i <
sizeof(oscore_config) /
sizeof(oscore_config[0]); i++) {
1931 value.encoding & oscore_config[i].encoding) {
1933 if (value.u.value_bin->length > 7) {
1934 coap_log_warn(
"oscore_conf: Maximum size of recipient_id is 7 bytes\n");
1935 goto error_free_value_bin;
1944 goto error_free_value_bin;
1951 switch (value.encoding) {
1953 case COAP_ENC_ASCII:
1954 memcpy(&unused_check,
1955 &(((
char *)oscore_conf)[oscore_config[i].offset]),
1956 sizeof(unused_check));
1957 if (unused_check != NULL) {
1960 (
const char *)keyword.
s);
1963 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1965 sizeof(value.u.value_bin));
1967 case COAP_ENC_INTEGER:
1969 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1971 sizeof(value.u.value_int));
1974 for (j = 0; oscore_config[i].text_mapping[j].text.s != NULL; j++) {
1976 &oscore_config[i].text_mapping[j].text)) {
1977 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1978 &oscore_config[i].text_mapping[j].value,
1979 sizeof(oscore_config[i].text_mapping[j].value));
1983 if (oscore_config[i].text_mapping[j].text.s == NULL) {
1984 coap_log_warn(
"oscore_conf: Keyword '%.*s': value '%.*s' unknown\n",
1986 (
const char *)keyword.
s,
1987 (
int)value.u.value_str.length,
1988 (
const char *)value.u.value_str.s);
2001 if (i ==
sizeof(oscore_config) /
sizeof(oscore_config[0])) {
2002 coap_log_warn(
"oscore_conf: Keyword '%.*s', type '%s' unknown\n",
2004 (
const char *)keyword.
s,
2005 value.encoding_name);
2006 if (value.encoding == COAP_ENC_HEX || value.encoding == COAP_ENC_ASCII)
2011 if (!oscore_conf->master_secret) {
2015 if (!oscore_conf->sender_id) {
2019 if (oscore_conf->sender_id->length > 7) {
2020 coap_log_warn(
"oscore_conf: Maximum size of sender_id is 7 bytes\n");
2023 if (oscore_conf->recipient_id && oscore_conf->recipient_id[0]->length > 7) {
2024 coap_log_warn(
"oscore_conf: Maximum size of recipient_id is 7 bytes\n");
2029error_free_value_bin:
2053 coap_log_crit(
"OSCORE: Could not create Security Context!\n");
2088 void *save_seq_num_func_param,
2089 uint64_t start_seq_num) {
2092 if (oscore_conf == NULL)
2107 size_t overhead = 0;
2113 if (osc_ctx == NULL)
2162 if (context->p_osc_ctx == NULL)
2174 if (!context || !recipient_id)
2186 if (context->p_osc_ctx == NULL)
2256 void *save_seq_num_func_param,
2257 uint64_t start_seq_num) {
2259 (void)save_seq_num_func;
2260 (void)save_seq_num_func_param;
2261 (void)start_seq_num;
Library specific build wrapper for coap_internal.h.
void * coap_realloc_type(coap_memory_tag_t type, void *p, size_t size)
Reallocates a chunk p of bytes created by coap_malloc_type() or coap_realloc_type() and returns a poi...
void * coap_malloc_type(coap_memory_tag_t type, size_t size)
Allocates a chunk of size bytes and returns a pointer to the newly allocated memory.
void coap_free_type(coap_memory_tag_t type, void *p)
Releases the memory that was allocated by coap_malloc_type().
uint8_t coap_opt_t
Use byte-oriented access methods here because sliding a complex struct coap_opt_t over the data buffe...
static int coap_uri_scheme_is_secure(const coap_uri_t *uri)
coap_mid_t coap_send_ack_lkd(coap_session_t *session, const coap_pdu_t *request)
Sends an ACK message with code 0 for the specified request to dst.
coap_mid_t coap_retransmit_oscore_pdu(coap_session_t *session, coap_pdu_t *pdu, coap_opt_t *echo)
int coap_prng_lkd(void *buf, size_t len)
Fills buf with len random bytes using the default pseudo random number generator.
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
uint16_t coap_new_message_id_lkd(coap_session_t *session)
Returns a new message id and updates session->tx_mid accordingly.
coap_mid_t coap_send_internal(coap_session_t *session, coap_pdu_t *pdu)
Sends a CoAP message to given peer.
void coap_cancel_all_messages(coap_context_t *context, coap_session_t *session, coap_bin_const_t *token)
Cancels all outstanding messages for session session that have the specified token.
#define COAP_OSCORE_DEFAULT_REPLAY_WINDOW
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
unsigned int coap_encode_var_safe(uint8_t *buf, size_t length, unsigned int val)
Encodes multiple-length byte sequences.
unsigned int coap_decode_var_bytes(const uint8_t *buf, size_t len)
Decodes multiple-length byte sequences.
uint64_t coap_decode_var_bytes8(const uint8_t *buf, size_t len)
Decodes multiple-length byte sequences.
unsigned int coap_encode_var_safe8(uint8_t *buf, size_t length, uint64_t val)
Encodes multiple-length byte sequences.
@ COAP_EVENT_OSCORE_DECODE_ERROR
Triggered when there is an OSCORE decode of OSCORE option failure.
@ COAP_EVENT_OSCORE_INTERNAL_ERROR
Triggered when there is an OSCORE internal error i.e malloc failed.
@ COAP_EVENT_OSCORE_NOT_ENABLED
Triggered when trying to use OSCORE to decrypt, but it is not enabled.
@ COAP_EVENT_OSCORE_NO_SECURITY
Triggered when there is no OSCORE security definition found.
@ COAP_EVENT_OSCORE_NO_PROTECTED_PAYLOAD
Triggered when there is no OSCORE encrypted payload provided.
@ COAP_EVENT_OSCORE_DECRYPTION_FAILURE
Triggered when there is an OSCORE decryption failure.
#define coap_lock_unlock(c)
Dummy for no thread-safe code.
#define coap_lock_lock(c, failed)
Dummy for no thread-safe code.
#define coap_lock_check_locked(c)
Dummy for no thread-safe code.
#define coap_log_debug(...)
coap_log_t coap_get_log_level(void)
Get the current logging level.
void coap_show_pdu(coap_log_t level, const coap_pdu_t *pdu)
Display the contents of the specified pdu.
#define coap_log_oscore(...)
#define coap_log_warn(...)
#define coap_log_crit(...)
coap_opt_t * coap_option_next(coap_opt_iterator_t *oi)
Updates the iterator oi to point to the next option.
uint32_t coap_opt_length(const coap_opt_t *opt)
Returns the length of the given option.
coap_opt_iterator_t * coap_option_iterator_init(const coap_pdu_t *pdu, coap_opt_iterator_t *oi, const coap_opt_filter_t *filter)
Initializes the given option iterator oi to point to the beginning of the pdu's option list.
void coap_delete_optlist(coap_optlist_t *queue)
Removes all entries from the optlist_chain, freeing off their memory usage.
#define COAP_OPT_ALL
Pre-defined filter that includes all options.
int coap_add_optlist_pdu(coap_pdu_t *pdu, coap_optlist_t **options)
The current optlist of optlist_chain is first sorted (as per RFC7272 ordering requirements) and then ...
coap_opt_t * coap_check_option(const coap_pdu_t *pdu, coap_option_num_t number, coap_opt_iterator_t *oi)
Retrieves the first option of number number from pdu.
const uint8_t * coap_opt_value(const coap_opt_t *opt)
Returns a pointer to the value of the given option.
size_t oscore_cbor_get_element_size(const uint8_t **buffer, size_t *buf_len)
void cose_encrypt0_set_plaintext(cose_encrypt0_t *ptr, uint8_t *buffer, size_t size)
int cose_encrypt0_set_key(cose_encrypt0_t *ptr, coap_bin_const_t *key)
void cose_encrypt0_set_kid_context(cose_encrypt0_t *ptr, coap_bin_const_t *kid_context)
const char * cose_get_alg_name(cose_alg_t id, char *buffer, size_t buflen)
void cose_encrypt0_set_ciphertext(cose_encrypt0_t *ptr, uint8_t *buffer, size_t size)
int cose_encrypt0_decrypt(cose_encrypt0_t *ptr, uint8_t *plaintext_buffer, size_t plaintext_len)
size_t cose_tag_len(cose_alg_t cose_alg)
void cose_encrypt0_set_aad(cose_encrypt0_t *ptr, coap_bin_const_t *aad)
int cose_encrypt0_encrypt(cose_encrypt0_t *ptr, uint8_t *ciphertext_buffer, size_t ciphertext_len)
void cose_encrypt0_set_partial_iv(cose_encrypt0_t *ptr, coap_bin_const_t *partial_iv)
void cose_encrypt0_set_external_aad(cose_encrypt0_t *ptr, coap_bin_const_t *external_aad)
void cose_encrypt0_init(cose_encrypt0_t *ptr)
void cose_encrypt0_set_alg(cose_encrypt0_t *ptr, uint8_t alg)
void cose_encrypt0_set_key_id(cose_encrypt0_t *ptr, coap_bin_const_t *key_id)
void cose_encrypt0_set_nonce(cose_encrypt0_t *ptr, coap_bin_const_t *nonce)
@ COSE_HKDF_ALG_HKDF_SHA_256
@ COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_AES_CCM_16_64_256
coap_session_t * coap_new_client_session_oscore_psk_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_cpsk_t *psk_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PSK credentials as well as protecting the ...
size_t oscore_prepare_aad(const uint8_t *external_aad_buffer, size_t external_aad_len, uint8_t *aad_buffer, size_t aad_size)
size_t oscore_encode_option_value(uint8_t *option_buffer, size_t option_buf_len, cose_encrypt0_t *cose, uint8_t group_flag, uint8_t appendix_b_2)
int coap_delete_oscore_recipient_lkd(coap_context_t *context, coap_bin_const_t *recipient_id)
Release all the information associated for the specific Recipient ID (and hence and stop any further ...
int oscore_delete_association(coap_session_t *session, oscore_association_t *association)
uint8_t oscore_validate_sender_seq(oscore_recipient_ctx_t *ctx, cose_encrypt0_t *cose)
oscore_recipient_ctx_t * oscore_add_recipient(oscore_ctx_t *osc_ctx, coap_bin_const_t *rid, uint32_t break_key)
oscore_add_recipient - add in recipient information
int oscore_decode_option_value(const uint8_t *opt_value, size_t option_len, cose_encrypt0_t *cose)
coap_pdu_t * coap_oscore_new_pdu_encrypted_lkd(coap_session_t *session, coap_pdu_t *pdu, coap_bin_const_t *kid_context, oscore_partial_iv_t send_partial_iv)
Encrypts the specified pdu when OSCORE encryption is required on session.
coap_session_t * coap_new_client_session_oscore_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server, protecting the data using OSCORE.
int oscore_delete_recipient(oscore_ctx_t *osc_ctx, coap_bin_const_t *rid)
uint8_t oscore_increment_sender_seq(oscore_ctx_t *ctx)
void oscore_update_ctx(oscore_ctx_t *osc_ctx, coap_bin_const_t *id_context)
oscore_update_ctx - update a osc_ctx with a new id_context
oscore_ctx_t * oscore_derive_ctx(coap_context_t *c_context, coap_oscore_conf_t *oscore_conf)
oscore_derive_ctx - derive a osc_ctx from oscore_conf information
COAP_API coap_pdu_t * coap_oscore_new_pdu_encrypted(coap_session_t *session, coap_pdu_t *pdu, coap_bin_const_t *kid_context, oscore_partial_iv_t send_partial_iv)
Encrypts the specified pdu when OSCORE encryption is required on session.
void oscore_roll_back_seq(oscore_recipient_ctx_t *ctx)
int oscore_new_association(coap_session_t *session, coap_pdu_t *sent_pdu, coap_bin_const_t *token, oscore_recipient_ctx_t *recipient_ctx, coap_bin_const_t *aad, coap_bin_const_t *nonce, coap_bin_const_t *partial_iv, int is_observe)
size_t oscore_prepare_e_aad(oscore_ctx_t *ctx, cose_encrypt0_t *cose, const uint8_t *oscore_option, size_t oscore_option_len, coap_bin_const_t *sender_public_key, uint8_t *external_aad_ptr, size_t external_aad_size)
void oscore_delete_server_associations(coap_session_t *session)
void oscore_log_char_value(coap_log_t level, const char *name, const char *value)
struct coap_pdu_t * coap_oscore_decrypt_pdu(coap_session_t *session, coap_pdu_t *pdu)
Decrypts the OSCORE-encrypted parts of pdu when OSCORE is used.
int coap_rebuild_pdu_for_proxy(coap_pdu_t *pdu)
Convert PDU to use Proxy-Scheme option if Proxy-Uri option is present.
void oscore_free_contexts(coap_context_t *c_context)
void oscore_log_hex_value(coap_log_t level, const char *name, coap_bin_const_t *value)
void coap_delete_oscore_associations(coap_session_t *session)
Cleanup all allocated OSCORE association information.
int coap_oscore_initiate(coap_session_t *session, coap_oscore_conf_t *oscore_conf)
Initiate an OSCORE session.
int coap_new_oscore_recipient_lkd(coap_context_t *context, coap_bin_const_t *recipient_id)
Add in the specific Recipient ID into the OSCORE context (server only).
oscore_ctx_t * oscore_duplicate_ctx(coap_context_t *c_context, oscore_ctx_t *o_osc_ctx, coap_bin_const_t *sender_id, coap_bin_const_t *recipient_id, coap_bin_const_t *id_context)
oscore_duplicate_ctx - duplicate a osc_ctx
void coap_delete_all_oscore(coap_context_t *context)
Cleanup all allocated OSCORE information.
void oscore_generate_nonce(cose_encrypt0_t *ptr, oscore_ctx_t *ctx, uint8_t *buffer, uint8_t size)
int oscore_remove_context(coap_context_t *c_context, oscore_ctx_t *osc_ctx)
oscore_association_t * oscore_find_association(coap_session_t *session, coap_bin_const_t *token)
int coap_context_oscore_server_lkd(coap_context_t *context, coap_oscore_conf_t *oscore_conf)
Set the context's default OSCORE configuration for a server.
oscore_ctx_t * oscore_find_context(const coap_context_t *c_context, const coap_bin_const_t rcpkey_id, const coap_bin_const_t *ctxkey_id, uint8_t *oscore_r2, oscore_recipient_ctx_t **recipient_ctx)
oscore_find_context - Locate recipient context (and hence OSCORE context)
coap_session_t * coap_new_client_session_oscore_pki_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_pki_t *pki_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PKI credentials as well as protecting the ...
size_t coap_oscore_overhead(coap_session_t *session, coap_pdu_t *pdu)
Determine the additional data size requirements for adding in OSCORE.
@ OSCORE_MODE_SINGLE
Vanilla RFC8613 support.
@ OSCORE_SEND_PARTIAL_IV
Send partial IV with encrypted PDU.
@ OSCORE_SEND_NO_IV
Do not send partial IV unless added by a response.
coap_oscore_conf_t * coap_new_oscore_conf(coap_str_const_t conf_mem, coap_oscore_save_seq_num_t save_seq_num_func, void *save_seq_num_func_param, uint64_t start_seq_num)
Parse an OSCORE configuration (held in memory) and populate a OSCORE configuration structure.
coap_session_t * coap_new_client_session_oscore_psk(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_cpsk_t *psk_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PSK credentials as well as protecting the ...
int coap_delete_oscore_conf(coap_oscore_conf_t *oscore_conf)
Release all the information associated with the OSCORE configuration.
coap_session_t * coap_new_client_session_oscore(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server, protecting the data using OSCORE.
int coap_context_oscore_server(coap_context_t *context, coap_oscore_conf_t *oscore_conf)
Set the context's default OSCORE configuration for a server.
coap_session_t * coap_new_client_session_oscore_pki(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_pki_t *pki_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PKI credentials as well as protecting the ...
int coap_new_oscore_recipient(coap_context_t *context, coap_bin_const_t *recipient_id)
Add in the specific Recipient ID into the OSCORE context (server only).
int(* coap_oscore_save_seq_num_t)(uint64_t sender_seq_num, void *param)
Definition of the function used to save the current Sender Sequence Number.
int coap_delete_oscore_recipient(coap_context_t *context, coap_bin_const_t *recipient_id)
Release all the information associated for the specific Recipient ID (and hence and stop any further ...
size_t coap_insert_option(coap_pdu_t *pdu, coap_option_num_t number, size_t len, const uint8_t *data)
Inserts option of given number in the pdu with the appropriate data.
int coap_remove_option(coap_pdu_t *pdu, coap_option_num_t number)
Removes (first) option of given number from the pdu.
#define COAP_PDU_IS_PING(pdu)
size_t coap_pdu_encode_header(coap_pdu_t *pdu, coap_proto_t proto)
Compose the protocol specific header for the specified PDU.
coap_pdu_t * coap_pdu_duplicate_lkd(const coap_pdu_t *old_pdu, coap_session_t *session, size_t token_length, const uint8_t *token, coap_opt_filter_t *drop_options)
Duplicate an existing PDU.
#define COAP_PAYLOAD_START
int coap_pdu_resize(coap_pdu_t *pdu, size_t new_size)
Dynamically grows the size of pdu to new_size.
#define COAP_PDU_IS_REQUEST(pdu)
size_t coap_add_option_internal(coap_pdu_t *pdu, coap_option_num_t number, size_t len, const uint8_t *data)
Adds option of given number to pdu that is passed as first parameter.
#define COAP_OPTION_HOP_LIMIT
#define COAP_OPTION_NORESPONSE
#define COAP_OPTION_URI_HOST
#define COAP_OPTION_IF_MATCH
#define COAP_OPTION_BLOCK2
#define COAP_OPTION_CONTENT_FORMAT
#define COAP_OPTION_SIZE2
#define COAP_OPTION_BLOCK1
#define COAP_OPTION_PROXY_SCHEME
#define COAP_DEFAULT_PORT
#define COAP_OPTION_URI_QUERY
void coap_delete_pdu(coap_pdu_t *pdu)
Dispose of an CoAP PDU and frees associated storage.
#define COAP_OPTION_IF_NONE_MATCH
#define COAP_OPTION_LOCATION_PATH
#define COAP_OPTION_URI_PATH
#define COAP_RESPONSE_CODE(N)
#define COAP_RESPONSE_CLASS(C)
coap_proto_t
CoAP protocol types.
coap_pdu_code_t
Set of codes available for a PDU.
#define COAP_OPTION_OSCORE
#define COAP_OPTION_SIZE1
int coap_add_token(coap_pdu_t *pdu, size_t len, const uint8_t *data)
Adds token of length len to pdu.
#define COAP_OPTION_LOCATION_QUERY
#define COAPS_DEFAULT_PORT
int coap_get_data(const coap_pdu_t *pdu, size_t *len, const uint8_t **data)
Retrieves the length and data pointer of specified PDU.
#define COAP_OPTION_URI_PORT
coap_pdu_t * coap_pdu_init(coap_pdu_type_t type, coap_pdu_code_t code, coap_mid_t mid, size_t size)
Creates a new CoAP PDU with at least enough storage space for the given size maximum message size.
#define COAP_OPTION_ACCEPT
#define COAP_INVALID_MID
Indicates an invalid message id.
#define COAP_OPTION_MAXAGE
#define COAP_OPTION_PROXY_URI
#define COAP_OPTION_OBSERVE
int coap_add_data(coap_pdu_t *pdu, size_t len, const uint8_t *data)
Adds given data to the pdu that is passed as first parameter.
coap_bin_const_t coap_pdu_get_token(const coap_pdu_t *pdu)
Gets the token associated with pdu.
@ COAP_REQUEST_CODE_FETCH
coap_session_t * coap_new_client_session_psk2_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_cpsk_t *setup_data)
Creates a new client session to the designated server with PSK credentials.
coap_session_t * coap_new_client_session_pki_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_pki_t *setup_data)
Creates a new client session to the designated server with PKI credentials.
coap_session_t * coap_new_client_session_lkd(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto)
Creates a new client session to the designated server.
void coap_session_release_lkd(coap_session_t *session)
Decrement reference counter on a session.
#define COAP_PROTO_NOT_RELIABLE(p)
void coap_delete_bin_const(coap_bin_const_t *s)
Deletes the given const binary data and releases any memory allocated.
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
coap_str_const_t * coap_make_str_const(const char *string)
Take the specified byte array (text) and create a coap_str_const_t *.
coap_bin_const_t * coap_new_bin_const(const uint8_t *data, size_t size)
Take the specified byte array (text) and create a coap_bin_const_t * Returns a new const binary objec...
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
#define coap_binary_equal(binary1, binary2)
Compares the two binary data for equality.
#define coap_string_equal(string1, string2)
Compares the two strings for equality.
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
int coap_query_into_optlist(const uint8_t *s, size_t length, coap_option_num_t optnum, coap_optlist_t **optlist_chain)
Splits the given URI query into '&' separate segments, and then adds the Uri-Query / Location-Query o...
int coap_path_into_optlist(const uint8_t *s, size_t length, coap_option_num_t optnum, coap_optlist_t **optlist_chain)
Splits the given URI path into '/' separate segments, and then adds the Uri-Path / Location-Path opti...
int coap_split_proxy_uri(const uint8_t *str_var, size_t len, coap_uri_t *uri)
Parses a given string into URI components.
coap_uri_info_t coap_uri_scheme[COAP_URI_SCHEME_LAST]
Multi-purpose address abstraction.
CoAP binary data definition with const data.
size_t length
length of binary data
const uint8_t * s
read-only binary data
CoAP binary data definition.
size_t length
length of binary data
The CoAP stack's global state is stored in a coap_context_t object.
The structure used for defining the Client PSK setup data to be used.
The structure used for defining the PKI setup data to be used.
Iterator to run through PDU options.
coap_opt_t * next_option
pointer to the unparsed next option
size_t length
remaining length of PDU
coap_option_num_t number
decoded option number
Representation of chained list of CoAP options to install.
The structure used to hold the OSCORE configuration information.
void * save_seq_num_func_param
Passed to save_seq_num_func()
uint32_t rfc8613_b_2
1 if rfc8613 B.2 protocol else 0
cose_hkdf_alg_t hkdf_alg
Set to one of COSE_HKDF_ALG_*.
uint32_t break_sender_key
1 if sender key to be broken, else 0
uint32_t ssn_freq
Sender Seq Num update frequency.
coap_oscore_save_seq_num_t save_seq_num_func
Called every seq num change.
uint32_t rfc8613_b_1_2
1 if rfc8613 B.1.2 enabled else 0
uint64_t start_seq_num
Used for ssn_freq updating.
coap_bin_const_t * sender_id
Sender ID (i.e.
coap_bin_const_t ** recipient_id
Recipient ID (i.e.
uint32_t break_recipient_key
1 if recipient key to be broken, else 0
coap_bin_const_t * master_secret
Common Master Secret.
cose_alg_t aead_alg
Set to one of COSE_ALGORITHM_AES*.
coap_bin_const_t * master_salt
Common Master Salt.
uint32_t replay_window
Replay window size Use COAP_OSCORE_DEFAULT_REPLAY_WINDOW.
coap_bin_const_t * id_context
Common ID context.
uint32_t recipient_id_count
Number of recipient_id entries.
uint8_t max_hdr_size
space reserved for protocol-specific header
uint8_t * token
first byte of token (or extended length bytes prefix), if any, or options
coap_pdu_code_t code
request method (value 1–31) or response code (value 64-255)
coap_bin_const_t actual_token
Actual token in pdu.
uint8_t * data
first byte of payload, if any
coap_mid_t mid
message id, if any, in regular host byte order
uint32_t e_token_length
length of Token space (includes leading extended bytes
size_t used_size
used bytes of storage for token, options and payload
coap_pdu_type_t type
message type
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
coap_proto_t proto
protocol used
uint8_t con_active
Active CON request sent.
coap_context_t * context
session's context
CoAP string data definition with const data.
const uint8_t * s
read-only string data
size_t length
length of string
const char * name
scheme name
Representation of parsed URI.
enum coap_uri_scheme_t scheme
The parsed scheme specifier.
coap_str_const_t path
The complete path if present or {0, NULL}.
uint16_t port
The port in host byte order.
coap_str_const_t query
The complete query if present or {0, NULL}.
coap_str_const_t host
The host part of the URI.
coap_bin_const_t partial_iv
coap_bin_const_t kid_context
coap_bin_const_t external_aad
coap_bin_const_t oscore_option
coap_bin_const_t * obs_partial_iv
coap_bin_const_t * partial_iv
oscore_recipient_ctx_t * recipient_ctx
uint8_t rfc8613_b_1_2
1 if rfc8613 B.1.2 enabled else 0
void * save_seq_num_func_param
Passed to save_seq_num_func()
oscore_sender_ctx_t * sender_context
uint8_t rfc8613_b_2
1 if rfc8613 B.2 protocol else 0
coap_oscore_save_seq_num_t save_seq_num_func
Called every seq num change.
oscore_recipient_ctx_t * recipient_chain
coap_bin_const_t * id_context
contains GID in case of group
uint32_t ssn_freq
Sender Seq Num update frequency.
coap_bin_const_t * recipient_key
coap_bin_const_t * recipient_id
coap_bin_const_t * sender_id
coap_bin_const_t * sender_key
uint64_t next_seq
Used for ssn_freq updating.