23#if COAP_OSCORE_SUPPORT
26#define AAD_BUF_LEN 200
31#if COAP_CLIENT_SUPPORT
39 coap_log_warn(
"OSCORE: Recipient ID must be defined for a client\n");
46 if (id_context == NULL)
55 osc_ctx = coap_oscore_init(session->
context, oscore_conf);
56 if (osc_ctx == NULL) {
60 session->oscore_encryption = 1;
128#if COAP_SERVER_SUPPORT
136 osc_ctx = coap_oscore_init(context, oscore_conf);
150 uint8_t option_value_buffer[15];
151 uint8_t *keep_proxy_uri = NULL;
158 memset(&uri, 0,
sizeof(uri));
160 if (keep_proxy_uri == NULL)
184 sizeof(option_value_buffer),
186 option_value_buffer))
247#if COAP_MAX_LOGGING_LEVEL < _COAP_LOG_OSCORE
288 uint8_t pdu_code = pdu->
code;
291 uint8_t *ciphertext_buffer = NULL;
292 size_t ciphertext_len = 0;
293 uint8_t aad_buffer[AAD_BUF_LEN];
294 uint8_t nonce_buffer[13];
300 uint8_t group_flag = 0;
302 int doing_observe = 0;
303 uint32_t observe_value = 0;
306 uint8_t external_aad_buffer[200];
308 uint8_t oscore_option[48];
309 size_t oscore_option_len;
336 rcp_ctx = session->recipient_ctx;
347 if (association == NULL)
359 if (coap_request || doing_observe ||
361 uint8_t partial_iv_buffer[8];
362 size_t partial_iv_len;
365 sizeof(partial_iv_buffer),
367 if (snd_ctx->
seq == 0) {
369 partial_iv_buffer[0] =
'\000';
372 partial_iv.
s = partial_iv_buffer;
373 partial_iv.
length = partial_iv_len;
384 if (coap_request || doing_observe ||
395 nonce.
s = nonce_buffer;
474 external_aad.
s = external_aad_buffer;
481 sizeof(external_aad_buffer));
490 assert(aad.
length < AAD_BUF_LEN);
504 if (plain_pdu == NULL)
515 switch (opt_iter.
number) {
594 dump_cose(cose,
"Pre encrypt");
597 if (ciphertext_buffer == NULL)
602 if ((
int)ciphertext_len <= 0) {
603 coap_log_warn(
"OSCORE: Encryption Failure, result code: %d \n",
604 (
int)ciphertext_len);
607 assert(ciphertext_len < OSCORE_CRYPTO_BUFFER_SIZE);
617 if (!
coap_add_data(osc_pdu, ciphertext_len, ciphertext_buffer))
621 ciphertext_buffer = NULL;
626 if (association && association->
is_observe == 0)
659 if (doing_observe && observe_value == 1) {
666 if (association->
nonce == NULL)
670 if (association->
aad == NULL)
707 if (ciphertext_buffer)
718 const char *diagnostic,
721 int encrypt_oscore) {
724 int oscore_encryption = session->oscore_encryption;
725 unsigned char buf[4];
733 (diagnostic ? strlen(diagnostic) : 0));
739 }
else if (kid_context == NULL) {
746 coap_add_data(err_pdu, strlen(diagnostic), (
const uint8_t *)diagnostic);
747 session->oscore_encryption = encrypt_oscore;
749 if ((echo_data || kid_context) && encrypt_oscore) {
757 session->oscore_encryption = 0;
766 session->oscore_encryption = oscore_encryption;
781 const uint8_t *osc_value;
787 uint8_t aad_buffer[AAD_BUF_LEN];
788 uint8_t nonce_buffer[13];
799 uint8_t external_aad_buffer[100];
802#if COAP_CLIENT_SUPPORT
811 if (session->
context->p_osc_ctx == NULL) {
820 if (pdu->
data == NULL) {
837 if (decrypt_pdu == NULL) {
855 switch (opt_iter.
number) {
894 uint64_t incoming_seq;
902 build_and_send_error_pdu(session,
905 "Failed to decode COSE",
924 session->oscore_r2 != 0 ? (uint8_t *)&session->oscore_r2 : NULL,
938 if (session->oscore_r2 != 0) {
977 build_and_send_error_pdu(session,
980 "Security context not found",
987 session->recipient_ctx = rcp_ctx;
1000 build_and_send_error_pdu(session,
1020 coap_log_warn(
"OSCORE: OSCORE Option cannot be decoded.\n");
1031#if COAP_CLIENT_SUPPORT
1042 kid_context.
s = ptr;
1073 coap_log_crit(
"OSCORE: Security Context association not found\n");
1110 external_aad.
s = external_aad_buffer;
1116 external_aad_buffer,
1117 sizeof(external_aad_buffer));
1125 sizeof(aad_buffer));
1126 assert(aad.
length < AAD_BUF_LEN);
1138 nonce.
s = nonce_buffer;
1149 association->
nonce =
1151 if (association->
nonce == NULL)
1160 if (association->
aad == NULL)
1196 coap_log_warn(
"OSCORE Replay protection, SEQ larger than SEQ_MAX.\n");
1208 nonce.
s = nonce_buffer;
1212#ifdef OSCORE_EXTRA_DEBUG
1213 dump_cose(cose,
"!req post set nonce");
1243#ifdef OSCORE_EXTRA_DEBUG
1244 dump_cose(cose,
"!req pre aad");
1246 external_aad.
s = external_aad_buffer;
1252 external_aad_buffer,
1253 sizeof(external_aad_buffer));
1261 sizeof(aad_buffer));
1262 assert(aad.
length < AAD_BUF_LEN);
1264#ifdef OSCORE_EXTRA_DEBUG
1265 dump_cose(cose,
"!req post set aad");
1280 st_encrypt = pdu->
data;
1282 if (encrypt_len <= 0) {
1296 if (plain_pdu == NULL) {
1317 plain_pdu->
used_size = encrypt_len - tag_len;
1319 dump_cose(cose,
"Pre decrypt");
1322 if (pltxt_size <= 0) {
1323 coap_log_warn(
"OSCORE: Decryption Failure, result code: %d \n",
1326 build_and_send_error_pdu(session,
1329 "Decryption failed",
1343 assert((
size_t)pltxt_size < pdu->alloc_size + pdu->
max_hdr_size);
1360 coap_prng(&session->oscore_r2,
sizeof(session->oscore_r2));
1361 memcpy(kc->
s, &session->oscore_r2,
sizeof(session->oscore_r2));
1362 memcpy(&kc->
s[
sizeof(session->oscore_r2)],
1369 oscore_r2.
length =
sizeof(session->oscore_r2);
1370 oscore_r2.
s = (
const uint8_t *)&session->oscore_r2;
1372 build_and_send_error_pdu(session,
1381#if COAP_CLIENT_SUPPORT
1388 coap_log_warn(
"OSCORE Appendix B.2: Expected 4.01 response\n");
1434#if COAP_SERVER_SUPPORT
1445 build_and_send_error_pdu(session,
1464 build_and_send_error_pdu(session,
1484 decrypt_pdu->
code = plain_pdu->
token[0];
1492 switch (opt_iter.
number) {
1496 if (!coap_request) {
1563#if COAP_CLIENT_SUPPORT
1583 if (association && association->
is_observe == 0)
1590 if (association && association->
is_observe == 0)
1598 COAP_ENC_ASCII = 0x01,
1599 COAP_ENC_HEX = 0x02,
1600 COAP_ENC_INTEGER = 0x08,
1601 COAP_ENC_TEXT = 0x10,
1602 COAP_ENC_BOOL = 0x20,
1604} coap_oscore_coding_t;
1607#define TEXT_MAPPING(t, v) \
1608 { { sizeof(#t)-1, (const uint8_t *)#t }, v }
1610static struct coap_oscore_encoding_t {
1612 coap_oscore_coding_t encoding;
1613} oscore_encoding[] = {
1614 TEXT_MAPPING(ascii, COAP_ENC_ASCII),
1615 TEXT_MAPPING(hex, COAP_ENC_HEX),
1616 TEXT_MAPPING(integer, COAP_ENC_INTEGER),
1617 TEXT_MAPPING(text, COAP_ENC_TEXT),
1618 TEXT_MAPPING(
bool, COAP_ENC_BOOL),
1619 {{0, NULL}, COAP_ENC_LAST}
1623 coap_oscore_coding_t encoding;
1624 const char *encoding_name;
1634 assert(isxdigit(c));
1635 if (
'a' <= c && c <=
'f')
1636 return c -
'a' + 10;
1637 else if (
'A' <= c && c <=
'F')
1638 return c -
'A' + 10;
1645parse_hex_bin(
const char *begin,
const char *end) {
1649 if ((end - begin) % 2 != 0)
1654 for (i = 0; (i < (size_t)(end - begin)) && isxdigit((u_char)begin[i]) &&
1655 isxdigit((u_char)begin[i + 1]);
1657 binary->
s[i / 2] = (hex2char(begin[i]) << 4) + hex2char(begin[i + 1]);
1659 if (i != (
size_t)(end - begin))
1675get_split_entry(
const char **start,
1678 oscore_value_t *value) {
1679 const char *begin = *start;
1686 kend = end = memchr(begin,
'\n', size);
1692 if (end > begin && end[-1] ==
'\r')
1695 if (begin[0] ==
'#' || (end - begin) == 0) {
1697 size -= kend - begin + 1;
1703 split = memchr(begin,
',', end - begin);
1707 keyword->
s = (
const uint8_t *)begin;
1708 keyword->
length = split - begin;
1711 if ((end - begin) == 0)
1714 split = memchr(begin,
',', end - begin);
1718 for (i = 0; oscore_encoding[i].name.s; i++) {
1722 value->encoding = oscore_encoding[i].encoding;
1723 value->encoding_name = (
const char *)oscore_encoding[i].name.
s;
1727 if (oscore_encoding[i].name.s == NULL)
1731 if ((end - begin) == 0)
1734 if (begin[0] ==
'"') {
1735 split = memchr(&begin[1],
'"', end - split - 1);
1741 switch (value->encoding) {
1742 case COAP_ENC_ASCII:
1743 value->u.value_bin =
1748 value->u.value_bin = parse_hex_bin(begin, end);
1749 if (value->u.value_bin == NULL)
1752 case COAP_ENC_INTEGER:
1753 value->u.value_int = atoi(begin);
1756 value->u.value_str.s = (
const uint8_t *)begin;
1757 value->u.value_str.length = end - begin;
1760 if (memcmp(
"true", begin, end - begin) == 0)
1761 value->u.value_int = 1;
1762 else if (memcmp(
"false", begin, end - begin) == 0)
1763 value->u.value_int = 0;
1774 coap_log_warn(
"oscore_conf: Unrecognized configuration entry '%.*s'\n",
1781#define CONFIG_ENTRY(n, e, t) \
1782 { { sizeof(#n)-1, (const uint8_t *)#n }, e, \
1783 offsetof(coap_oscore_conf_t, n), t }
1785typedef struct oscore_text_mapping_t {
1788} oscore_text_mapping_t;
1791static oscore_text_mapping_t text_aead_alg[] = {
1797static oscore_text_mapping_t text_hkdf_alg[] = {
1802static struct oscore_config_t {
1804 coap_oscore_coding_t encoding;
1806 oscore_text_mapping_t *text_mapping;
1807} oscore_config[] = {
1808 CONFIG_ENTRY(master_secret, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1809 CONFIG_ENTRY(master_salt, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1810 CONFIG_ENTRY(sender_id, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1811 CONFIG_ENTRY(id_context, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1812 CONFIG_ENTRY(recipient_id, COAP_ENC_HEX | COAP_ENC_ASCII, NULL),
1813 CONFIG_ENTRY(replay_window, COAP_ENC_INTEGER, NULL),
1814 CONFIG_ENTRY(ssn_freq, COAP_ENC_INTEGER, NULL),
1815 CONFIG_ENTRY(aead_alg, COAP_ENC_INTEGER | COAP_ENC_TEXT, text_aead_alg),
1816 CONFIG_ENTRY(hkdf_alg, COAP_ENC_INTEGER | COAP_ENC_TEXT, text_hkdf_alg),
1817 CONFIG_ENTRY(rfc8613_b_1_2, COAP_ENC_BOOL, NULL),
1818 CONFIG_ENTRY(rfc8613_b_2, COAP_ENC_BOOL, NULL),
1819 CONFIG_ENTRY(break_sender_key, COAP_ENC_BOOL, NULL),
1820 CONFIG_ENTRY(break_recipient_key, COAP_ENC_BOOL, NULL),
1827 if (oscore_conf == NULL)
1844 const char *start = (
const char *)conf_mem.
s;
1845 const char *end = start + conf_mem.
length;
1847 oscore_value_t value;
1851 if (oscore_conf == NULL)
1855 memset(&value, 0,
sizeof(value));
1866 while (end > start &&
1867 get_split_entry(&start, end - start, &keyword, &value)) {
1871 for (i = 0; i <
sizeof(oscore_config) /
sizeof(oscore_config[0]); i++) {
1873 value.encoding & oscore_config[i].encoding) {
1875 if (value.u.value_bin->length > 7) {
1876 coap_log_warn(
"oscore_conf: Maximum size of recipient_id is 7 bytes\n");
1877 goto error_free_value_bin;
1886 goto error_free_value_bin;
1893 switch (value.encoding) {
1895 case COAP_ENC_ASCII:
1896 memcpy(&unused_check,
1897 &(((
char *)oscore_conf)[oscore_config[i].offset]),
1898 sizeof(unused_check));
1899 if (unused_check != NULL) {
1902 (
const char *)keyword.
s);
1905 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1907 sizeof(value.u.value_bin));
1909 case COAP_ENC_INTEGER:
1911 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1913 sizeof(value.u.value_int));
1916 for (j = 0; oscore_config[i].text_mapping[j].text.s != NULL; j++) {
1918 &oscore_config[i].text_mapping[j].text)) {
1919 memcpy(&(((
char *)oscore_conf)[oscore_config[i].offset]),
1920 &oscore_config[i].text_mapping[j].value,
1921 sizeof(oscore_config[i].text_mapping[j].value));
1925 if (oscore_config[i].text_mapping[j].text.s == NULL) {
1926 coap_log_warn(
"oscore_conf: Keyword '%.*s': value '%.*s' unknown\n",
1928 (
const char *)keyword.
s,
1929 (
int)value.u.value_str.length,
1930 (
const char *)value.u.value_str.s);
1943 if (i ==
sizeof(oscore_config) /
sizeof(oscore_config[0])) {
1944 coap_log_warn(
"oscore_conf: Keyword '%.*s', type '%s' unknown\n",
1946 (
const char *)keyword.
s,
1947 value.encoding_name);
1948 if (value.encoding == COAP_ENC_HEX || value.encoding == COAP_ENC_ASCII)
1953 if (!oscore_conf->master_secret) {
1957 if (!oscore_conf->sender_id) {
1961 if (oscore_conf->sender_id->length > 7) {
1962 coap_log_warn(
"oscore_conf: Maximum size of sender_id is 7 bytes\n");
1965 if (oscore_conf->recipient_id && oscore_conf->recipient_id[0]->length > 7) {
1966 coap_log_warn(
"oscore_conf: Maximum size of recipient_id is 7 bytes\n");
1971error_free_value_bin:
1995 coap_log_crit(
"OSCORE: Could not create Security Context!\n");
2030 void *save_seq_num_func_param,
2031 uint64_t start_seq_num) {
2034 if (oscore_conf == NULL)
2049 size_t overhead = 0;
2055 if (osc_ctx == NULL)
2093 if (context->p_osc_ctx == NULL)
2104 if (context->p_osc_ctx == NULL)
2174 void *save_seq_num_func_param,
2175 uint64_t start_seq_num) {
2177 (void)save_seq_num_func;
2178 (void)save_seq_num_func_param;
2179 (void)start_seq_num;
Pulls together all the internal only header files.
void * coap_realloc_type(coap_memory_tag_t type, void *p, size_t size)
Reallocates a chunk p of bytes created by coap_malloc_type() or coap_realloc_type() and returns a poi...
void * coap_malloc_type(coap_memory_tag_t type, size_t size)
Allocates a chunk of size bytes and returns a pointer to the newly allocated memory.
void coap_free_type(coap_memory_tag_t type, void *p)
Releases the memory that was allocated by coap_malloc_type().
#define coap_lock_check_locked(s)
size_t coap_opt_size(const coap_opt_t *opt)
Returns the size of the given option, taking into account a possible option jump.
uint8_t coap_opt_t
Use byte-oriented access methods here because sliding a complex struct coap_opt_t over the data buffe...
static int coap_uri_scheme_is_secure(const coap_uri_t *uri)
coap_mid_t coap_retransmit_oscore_pdu(coap_session_t *session, coap_pdu_t *pdu, coap_opt_t *echo)
int coap_prng(void *buf, size_t len)
Fills buf with len random bytes using the default pseudo random number generator.
coap_mid_t coap_send_internal(coap_session_t *session, coap_pdu_t *pdu)
Sends a CoAP message to given peer.
void coap_cancel_all_messages(coap_context_t *context, coap_session_t *session, coap_bin_const_t *token)
Cancels all outstanding messages for session session that have the specified token.
coap_mid_t coap_send_ack(coap_session_t *session, const coap_pdu_t *request)
Sends an ACK message with code 0 for the specified request to dst.
uint16_t coap_new_message_id(coap_session_t *session)
Returns a new message id and updates session->tx_mid accordingly.
int coap_handle_event(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
#define COAP_OSCORE_DEFAULT_REPLAY_WINDOW
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
unsigned int coap_encode_var_safe(uint8_t *buf, size_t length, unsigned int val)
Encodes multiple-length byte sequences.
unsigned int coap_decode_var_bytes(const uint8_t *buf, size_t len)
Decodes multiple-length byte sequences.
uint64_t coap_decode_var_bytes8(const uint8_t *buf, size_t len)
Decodes multiple-length byte sequences.
unsigned int coap_encode_var_safe8(uint8_t *buf, size_t length, uint64_t val)
Encodes multiple-length byte sequences.
@ COAP_EVENT_OSCORE_DECODE_ERROR
Triggered when there is an OSCORE decode of OSCORE option failure.
@ COAP_EVENT_OSCORE_INTERNAL_ERROR
Triggered when there is an OSCORE internal error i.e malloc failed.
@ COAP_EVENT_OSCORE_NOT_ENABLED
Triggered when trying to use OSCORE to decrypt, but it is not enabled.
@ COAP_EVENT_OSCORE_NO_SECURITY
Triggered when there is no OSCORE security definition found.
@ COAP_EVENT_OSCORE_NO_PROTECTED_PAYLOAD
Triggered when there is no OSCORE encrypted payload provided.
@ COAP_EVENT_OSCORE_DECRYPTION_FAILURE
Triggered when there is an OSCORE decryption failure.
#define coap_log_debug(...)
coap_log_t coap_get_log_level(void)
Get the current logging level.
void coap_show_pdu(coap_log_t level, const coap_pdu_t *pdu)
Display the contents of the specified pdu.
#define coap_log_oscore(...)
#define coap_log_warn(...)
#define coap_log_crit(...)
coap_opt_t * coap_option_next(coap_opt_iterator_t *oi)
Updates the iterator oi to point to the next option.
uint32_t coap_opt_length(const coap_opt_t *opt)
Returns the length of the given option.
coap_opt_iterator_t * coap_option_iterator_init(const coap_pdu_t *pdu, coap_opt_iterator_t *oi, const coap_opt_filter_t *filter)
Initializes the given option iterator oi to point to the beginning of the pdu's option list.
#define COAP_OPT_ALL
Pre-defined filter that includes all options.
coap_opt_t * coap_check_option(const coap_pdu_t *pdu, coap_option_num_t number, coap_opt_iterator_t *oi)
Retrieves the first option of number number from pdu.
const uint8_t * coap_opt_value(const coap_opt_t *opt)
Returns a pointer to the value of the given option.
size_t oscore_cbor_get_element_size(const uint8_t **buffer, size_t *buf_len)
void cose_encrypt0_set_plaintext(cose_encrypt0_t *ptr, uint8_t *buffer, size_t size)
int cose_encrypt0_set_key(cose_encrypt0_t *ptr, coap_bin_const_t *key)
void cose_encrypt0_set_kid_context(cose_encrypt0_t *ptr, coap_bin_const_t *kid_context)
const char * cose_get_alg_name(cose_alg_t id, char *buffer, size_t buflen)
void cose_encrypt0_set_ciphertext(cose_encrypt0_t *ptr, uint8_t *buffer, size_t size)
int cose_encrypt0_decrypt(cose_encrypt0_t *ptr, uint8_t *plaintext_buffer, size_t plaintext_len)
size_t cose_tag_len(cose_alg_t cose_alg)
void cose_encrypt0_set_aad(cose_encrypt0_t *ptr, coap_bin_const_t *aad)
int cose_encrypt0_encrypt(cose_encrypt0_t *ptr, uint8_t *ciphertext_buffer, size_t ciphertext_len)
void cose_encrypt0_set_partial_iv(cose_encrypt0_t *ptr, coap_bin_const_t *partial_iv)
void cose_encrypt0_set_external_aad(cose_encrypt0_t *ptr, coap_bin_const_t *external_aad)
void cose_encrypt0_init(cose_encrypt0_t *ptr)
void cose_encrypt0_set_alg(cose_encrypt0_t *ptr, uint8_t alg)
void cose_encrypt0_set_key_id(cose_encrypt0_t *ptr, coap_bin_const_t *key_id)
void cose_encrypt0_set_nonce(cose_encrypt0_t *ptr, coap_bin_const_t *nonce)
@ COSE_HKDF_ALG_HKDF_SHA_256
@ COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_AES_CCM_16_64_256
size_t oscore_prepare_aad(const uint8_t *external_aad_buffer, size_t external_aad_len, uint8_t *aad_buffer, size_t aad_size)
size_t oscore_encode_option_value(uint8_t *option_buffer, size_t option_buf_len, cose_encrypt0_t *cose, uint8_t group_flag, uint8_t appendix_b_2)
coap_pdu_t * coap_oscore_new_pdu_encrypted(coap_session_t *session, coap_pdu_t *pdu, coap_bin_const_t *kid_context, oscore_partial_iv_t send_partial_iv)
Encrypts the specified pdu when OSCORE encryption is required on session.
int oscore_delete_association(coap_session_t *session, oscore_association_t *association)
uint8_t oscore_validate_sender_seq(oscore_recipient_ctx_t *ctx, cose_encrypt0_t *cose)
oscore_recipient_ctx_t * oscore_add_recipient(oscore_ctx_t *osc_ctx, coap_bin_const_t *rid, uint32_t break_key)
oscore_add_recipient - add in recipient information
int oscore_decode_option_value(const uint8_t *opt_value, size_t option_len, cose_encrypt0_t *cose)
int oscore_delete_recipient(oscore_ctx_t *osc_ctx, coap_bin_const_t *rid)
uint8_t oscore_increment_sender_seq(oscore_ctx_t *ctx)
void oscore_update_ctx(oscore_ctx_t *osc_ctx, coap_bin_const_t *id_context)
oscore_update_ctx - update a osc_ctx with a new id_context
oscore_ctx_t * oscore_derive_ctx(coap_context_t *c_context, coap_oscore_conf_t *oscore_conf)
oscore_derive_ctx - derive a osc_ctx from oscore_conf information
void oscore_roll_back_seq(oscore_recipient_ctx_t *ctx)
int oscore_new_association(coap_session_t *session, coap_pdu_t *sent_pdu, coap_bin_const_t *token, oscore_recipient_ctx_t *recipient_ctx, coap_bin_const_t *aad, coap_bin_const_t *nonce, coap_bin_const_t *partial_iv, int is_observe)
size_t oscore_prepare_e_aad(oscore_ctx_t *ctx, cose_encrypt0_t *cose, const uint8_t *oscore_option, size_t oscore_option_len, coap_bin_const_t *sender_public_key, uint8_t *external_aad_ptr, size_t external_aad_size)
void oscore_delete_server_associations(coap_session_t *session)
void oscore_log_char_value(coap_log_t level, const char *name, const char *value)
struct coap_pdu_t * coap_oscore_decrypt_pdu(coap_session_t *session, coap_pdu_t *pdu)
Decrypts the OSCORE-encrypted parts of pdu when OSCORE is used.
int coap_rebuild_pdu_for_proxy(coap_pdu_t *pdu)
Convert PDU to use Proxy-Scheme option if Proxy-Uri option is present.
void oscore_free_contexts(coap_context_t *c_context)
void oscore_log_hex_value(coap_log_t level, const char *name, coap_bin_const_t *value)
void coap_delete_oscore_associations(coap_session_t *session)
Cleanup all allocated OSCORE association information.
int coap_oscore_initiate(coap_session_t *session, coap_oscore_conf_t *oscore_conf)
Initiate an OSCORE session.
oscore_ctx_t * oscore_duplicate_ctx(coap_context_t *c_context, oscore_ctx_t *o_osc_ctx, coap_bin_const_t *sender_id, coap_bin_const_t *recipient_id, coap_bin_const_t *id_context)
oscore_duplicate_ctx - duplicate a osc_ctx
void coap_delete_all_oscore(coap_context_t *context)
Cleanup all allocated OSCORE information.
void oscore_generate_nonce(cose_encrypt0_t *ptr, oscore_ctx_t *ctx, uint8_t *buffer, uint8_t size)
int oscore_remove_context(coap_context_t *c_context, oscore_ctx_t *osc_ctx)
oscore_association_t * oscore_find_association(coap_session_t *session, coap_bin_const_t *token)
oscore_ctx_t * oscore_find_context(const coap_context_t *c_context, const coap_bin_const_t rcpkey_id, const coap_bin_const_t *ctxkey_id, uint8_t *oscore_r2, oscore_recipient_ctx_t **recipient_ctx)
oscore_find_context - Locate recipient context (and hence OSCORE context)
size_t coap_oscore_overhead(coap_session_t *session, coap_pdu_t *pdu)
Determine the additional data size requirements for adding in OSCORE.
@ OSCORE_MODE_SINGLE
Vanilla RFC8613 support.
@ OSCORE_SEND_PARTIAL_IV
Send partial IV with encrypted PDU.
@ OSCORE_SEND_NO_IV
Do not send partial IV unless added by a response.
coap_oscore_conf_t * coap_new_oscore_conf(coap_str_const_t conf_mem, coap_oscore_save_seq_num_t save_seq_num_func, void *save_seq_num_func_param, uint64_t start_seq_num)
Parse an OSCORE configuration (held in memory) and populate a OSCORE configuration structure.
int coap_delete_oscore_recipient(coap_context_t *context, coap_bin_const_t *recipient_id)
Release all the information associated for the specific Recipient ID (and hence and stop any further ...
coap_session_t * coap_new_client_session_oscore_psk(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_cpsk_t *psk_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PSK credentials as well as protecting the ...
int coap_delete_oscore_conf(coap_oscore_conf_t *oscore_conf)
Release all the information associated with the OSCORE configuration.
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
coap_session_t * coap_new_client_session_oscore(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server, protecting the data using OSCORE.
int coap_new_oscore_recipient(coap_context_t *context, coap_bin_const_t *recipient_id)
Add in the specific Recipient ID into the OSCORE context (server only).
coap_session_t * coap_new_client_session_oscore_pki(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_pki_t *pki_data, coap_oscore_conf_t *oscore_conf)
Creates a new client session to the designated server with PKI credentials as well as protecting the ...
int coap_context_oscore_server(coap_context_t *context, coap_oscore_conf_t *oscore_conf)
Set the context's default OSCORE configuration for a server.
int(* coap_oscore_save_seq_num_t)(uint64_t sender_seq_num, void *param)
Definition of the function used to save the current Sender Sequence Number.
size_t coap_insert_option(coap_pdu_t *pdu, coap_option_num_t number, size_t len, const uint8_t *data)
Inserts option of given number in the pdu with the appropriate data.
int coap_remove_option(coap_pdu_t *pdu, coap_option_num_t number)
Removes (first) option of given number from the pdu.
#define COAP_PDU_IS_PING(pdu)
size_t coap_pdu_encode_header(coap_pdu_t *pdu, coap_proto_t proto)
Compose the protocol specific header for the specified PDU.
#define COAP_PAYLOAD_START
int coap_pdu_resize(coap_pdu_t *pdu, size_t new_size)
Dynamically grows the size of pdu to new_size.
#define COAP_PDU_IS_REQUEST(pdu)
size_t coap_add_option_internal(coap_pdu_t *pdu, coap_option_num_t number, size_t len, const uint8_t *data)
Adds option of given number to pdu that is passed as first parameter.
#define COAP_OPTION_HOP_LIMIT
#define COAP_OPTION_NORESPONSE
#define COAP_OPTION_URI_HOST
#define COAP_OPTION_IF_MATCH
#define COAP_OPTION_BLOCK2
#define COAP_OPTION_CONTENT_FORMAT
#define COAP_OPTION_SIZE2
#define COAP_OPTION_BLOCK1
#define COAP_OPTION_PROXY_SCHEME
#define COAP_DEFAULT_PORT
#define COAP_OPTION_URI_QUERY
void coap_delete_pdu(coap_pdu_t *pdu)
Dispose of an CoAP PDU and frees associated storage.
#define COAP_OPTION_IF_NONE_MATCH
#define COAP_OPTION_LOCATION_PATH
#define COAP_OPTION_URI_PATH
#define COAP_RESPONSE_CODE(N)
coap_proto_t
CoAP protocol types.
coap_pdu_code_t
Set of codes available for a PDU.
#define COAP_OPTION_OSCORE
#define COAP_OPTION_SIZE1
int coap_add_token(coap_pdu_t *pdu, size_t len, const uint8_t *data)
Adds token of length len to pdu.
#define COAP_OPTION_LOCATION_QUERY
#define COAPS_DEFAULT_PORT
int coap_get_data(const coap_pdu_t *pdu, size_t *len, const uint8_t **data)
Retrieves the length and data pointer of specified PDU.
coap_pdu_t * coap_pdu_duplicate(const coap_pdu_t *old_pdu, coap_session_t *session, size_t token_length, const uint8_t *token, coap_opt_filter_t *drop_options)
Duplicate an existing PDU.
#define COAP_OPTION_URI_PORT
coap_pdu_t * coap_pdu_init(coap_pdu_type_t type, coap_pdu_code_t code, coap_mid_t mid, size_t size)
Creates a new CoAP PDU with at least enough storage space for the given size maximum message size.
#define COAP_OPTION_ACCEPT
#define COAP_INVALID_MID
Indicates an invalid message id.
#define COAP_OPTION_MAXAGE
#define COAP_OPTION_PROXY_URI
#define COAP_OPTION_OBSERVE
int coap_add_data(coap_pdu_t *pdu, size_t len, const uint8_t *data)
Adds given data to the pdu that is passed as first parameter.
coap_bin_const_t coap_pdu_get_token(const coap_pdu_t *pdu)
Gets the token associated with pdu.
@ COAP_REQUEST_CODE_FETCH
coap_session_t * coap_new_client_session_pki(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_pki_t *setup_data)
Creates a new client session to the designated server with PKI credentials.
#define COAP_PROTO_NOT_RELIABLE(p)
void coap_session_release(coap_session_t *session)
Decrement reference counter on a session.
coap_session_t * coap_new_client_session(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto)
Creates a new client session to the designated server.
coap_session_t * coap_new_client_session_psk2(coap_context_t *ctx, const coap_address_t *local_if, const coap_address_t *server, coap_proto_t proto, coap_dtls_cpsk_t *setup_data)
Creates a new client session to the designated server with PSK credentials.
void coap_delete_bin_const(coap_bin_const_t *s)
Deletes the given const binary data and releases any memory allocated.
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
coap_str_const_t * coap_make_str_const(const char *string)
Take the specified byte array (text) and create a coap_str_const_t *.
coap_bin_const_t * coap_new_bin_const(const uint8_t *data, size_t size)
Take the specified byte array (text) and create a coap_bin_const_t * Returns a new const binary objec...
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
#define coap_binary_equal(binary1, binary2)
Compares the two binary data for equality.
#define coap_string_equal(string1, string2)
Compares the two strings for equality.
int coap_split_path(const uint8_t *s, size_t length, unsigned char *buf, size_t *buflen)
Splits the given URI path into segments.
int coap_split_query(const uint8_t *s, size_t length, unsigned char *buf, size_t *buflen)
Splits the given URI query into segments.
int coap_split_proxy_uri(const uint8_t *str_var, size_t len, coap_uri_t *uri)
Parses a given string into URI components.
coap_uri_info_t coap_uri_scheme[COAP_URI_SCHEME_LAST]
Multi-purpose address abstraction.
CoAP binary data definition with const data.
size_t length
length of binary data
const uint8_t * s
read-only binary data
CoAP binary data definition.
size_t length
length of binary data
The CoAP stack's global state is stored in a coap_context_t object.
The structure used for defining the Client PSK setup data to be used.
The structure used for defining the PKI setup data to be used.
Iterator to run through PDU options.
coap_opt_t * next_option
pointer to the unparsed next option
size_t length
remaining length of PDU
coap_option_num_t number
decoded option number
The structure used to hold the OSCORE configuration information.
void * save_seq_num_func_param
Passed to save_seq_num_func()
uint32_t rfc8613_b_2
1 if rfc8613 B.2 protocol else 0
cose_hkdf_alg_t hkdf_alg
Set to one of COSE_HKDF_ALG_*.
uint32_t break_sender_key
1 if sender key to be broken, else 0
uint32_t ssn_freq
Sender Seq Num update frequency.
coap_oscore_save_seq_num_t save_seq_num_func
Called every seq num change.
uint32_t rfc8613_b_1_2
1 if rfc8613 B.1.2 enabled else 0
uint64_t start_seq_num
Used for ssn_freq updating.
coap_bin_const_t * sender_id
Sender ID (i.e.
coap_bin_const_t ** recipient_id
Recipient ID (i.e.
uint32_t break_recipient_key
1 if recipient key to be broken, else 0
coap_bin_const_t * master_secret
Common Master Secret.
cose_alg_t aead_alg
Set to one of COSE_ALGORITHM_AES*.
coap_bin_const_t * master_salt
Common Master Salt.
uint32_t replay_window
Replay window size Use COAP_OSCORE_DEFAULT_REPLAY_WINDOW.
coap_bin_const_t * id_context
Common ID context.
uint32_t recipient_id_count
Number of recipient_id entries.
uint8_t max_hdr_size
space reserved for protocol-specific header
uint8_t * token
first byte of token (or extended length bytes prefix), if any, or options
coap_pdu_code_t code
request method (value 1–31) or response code (value 64-255)
coap_bin_const_t actual_token
Actual token in pdu.
uint8_t * data
first byte of payload, if any
coap_mid_t mid
message id, if any, in regular host byte order
uint32_t e_token_length
length of Token space (includes leading extended bytes
size_t used_size
used bytes of storage for token, options and payload
coap_pdu_type_t type
message type
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
coap_proto_t proto
protocol used
uint8_t con_active
Active CON request sent.
coap_context_t * context
session's context
CoAP string data definition with const data.
const uint8_t * s
read-only string data
size_t length
length of string
const char * name
scheme name
Representation of parsed URI.
enum coap_uri_scheme_t scheme
The parsed scheme specifier.
coap_str_const_t path
The complete path if present or {0, NULL}.
uint16_t port
The port in host byte order.
coap_str_const_t query
The complete query if present or {0, NULL}.
coap_str_const_t host
The host part of the URI.
coap_bin_const_t partial_iv
coap_bin_const_t kid_context
coap_bin_const_t external_aad
coap_bin_const_t oscore_option
coap_bin_const_t * partial_iv
oscore_recipient_ctx_t * recipient_ctx
uint8_t rfc8613_b_1_2
1 if rfc8613 B.1.2 enabled else 0
void * save_seq_num_func_param
Passed to save_seq_num_func()
oscore_sender_ctx_t * sender_context
uint8_t rfc8613_b_2
1 if rfc8613 B.2 protocol else 0
coap_oscore_save_seq_num_t save_seq_num_func
Called every seq num change.
oscore_recipient_ctx_t * recipient_chain
coap_bin_const_t * id_context
contains GID in case of group
uint32_t ssn_freq
Sender Seq Num update frequency.
coap_bin_const_t * recipient_key
coap_bin_const_t * recipient_id
coap_bin_const_t * sender_id
coap_bin_const_t * sender_key
uint64_t next_seq
Used for ssn_freq updating.