libcoap 4.3.5-develop-72190a8
|
API for interfacing with DTLS libraries. More...
Data Structures | |
struct | coap_tls_version_t |
The structure used for returning the underlying (D)TLS library information. More... | |
struct | coap_pki_key_pem_t |
The structure that holds the PKI PEM definitions. More... | |
struct | coap_pki_key_pem_buf_t |
The structure that holds the PKI PEM buffer definitions. More... | |
struct | coap_pki_key_asn1_t |
The structure that holds the PKI ASN.1 (DER) definitions. More... | |
struct | coap_pki_key_pkcs11_t |
The structure that holds the PKI PKCS11 definitions. More... | |
struct | coap_pki_key_define_t |
The structure that holds the PKI Definable key type definitions. More... | |
struct | coap_dtls_key_t |
The structure that holds the PKI key information. More... | |
struct | coap_dtls_pki_t |
The structure used for defining the PKI setup data to be used. More... | |
struct | coap_dtls_cpsk_info_t |
The structure that holds the Client PSK information. More... | |
struct | coap_dtls_cpsk_t |
The structure used for defining the Client PSK setup data to be used. More... | |
struct | coap_dtls_spsk_info_t |
The structure that holds the Server Pre-Shared Key and Identity Hint information. More... | |
struct | coap_dtls_spsk_t |
The structure used for defining the Server PSK setup data to be used. More... | |
Macros | |
#define | COAP_DTLS_HINT_LENGTH 128 |
#define | COAP_DTLS_MAX_PSK_IDENTITY 64 |
#define | COAP_DTLS_MAX_PSK 64 |
#define | COAP_DTLS_RPK_CERT_CN "RPK" |
#define | COAP_DTLS_PKI_SETUP_VERSION 1 |
Latest PKI setup version. | |
#define | COAP_DTLS_CPSK_SETUP_VERSION 1 |
Latest CPSK setup version. | |
#define | COAP_DTLS_SPSK_SETUP_VERSION 1 |
Latest SPSK setup version. | |
Typedefs | |
typedef struct coap_dtls_pki_t | coap_dtls_pki_t |
typedef enum coap_dtls_role_t | coap_dtls_role_t |
typedef enum coap_tls_library_t | coap_tls_library_t |
typedef struct coap_tls_version_t | coap_tls_version_t |
The structure used for returning the underlying (D)TLS library information. | |
typedef int(* | coap_dtls_security_setup_t) (void *tls_session, coap_dtls_pki_t *setup_data) |
Additional Security setup handler that can be set up by coap_context_set_pki(). | |
typedef int(* | coap_dtls_cn_callback_t) (const char *cn, const uint8_t *asn1_public_cert, size_t asn1_length, coap_session_t *coap_session, unsigned int depth, int validated, void *arg) |
CN Validation callback that can be set up by coap_context_set_pki(). | |
typedef enum coap_asn1_privatekey_type_t | coap_asn1_privatekey_type_t |
The enum used for determining the provided PKI ASN.1 (DER) Private Key formats. | |
typedef enum coap_pki_key_t | coap_pki_key_t |
The enum used for determining the PKI key formats. | |
typedef struct coap_pki_key_pem_t | coap_pki_key_pem_t |
The structure that holds the PKI PEM definitions. | |
typedef struct coap_pki_key_pem_buf_t | coap_pki_key_pem_buf_t |
The structure that holds the PKI PEM buffer definitions. | |
typedef struct coap_pki_key_asn1_t | coap_pki_key_asn1_t |
The structure that holds the PKI ASN.1 (DER) definitions. | |
typedef struct coap_pki_key_pkcs11_t | coap_pki_key_pkcs11_t |
The structure that holds the PKI PKCS11 definitions. | |
typedef struct coap_pki_key_define_t | coap_pki_key_define_t |
The structure that holds the PKI Definable key type definitions. | |
typedef struct coap_dtls_key_t | coap_dtls_key_t |
The structure that holds the PKI key information. | |
typedef coap_dtls_key_t *(* | coap_dtls_pki_sni_callback_t) (const char *sni, void *arg) |
Server Name Indication (SNI) Validation callback that can be set up by coap_context_set_pki(). | |
typedef struct coap_dtls_cpsk_info_t | coap_dtls_cpsk_info_t |
The structure that holds the Client PSK information. | |
typedef const coap_dtls_cpsk_info_t *(* | coap_dtls_ih_callback_t) (coap_str_const_t *hint, coap_session_t *coap_session, void *arg) |
Identity Hint Validation callback that can be set up by coap_new_client_session_psk2(). | |
typedef struct coap_dtls_cpsk_t | coap_dtls_cpsk_t |
The structure used for defining the Client PSK setup data to be used. | |
typedef struct coap_dtls_spsk_info_t | coap_dtls_spsk_info_t |
The structure that holds the Server Pre-Shared Key and Identity Hint information. | |
typedef const coap_bin_const_t *(* | coap_dtls_id_callback_t) (coap_bin_const_t *identity, coap_session_t *coap_session, void *arg) |
Identity Validation callback that can be set up by coap_context_set_psk2(). | |
typedef const coap_dtls_spsk_info_t *(* | coap_dtls_psk_sni_callback_t) (const char *sni, coap_session_t *coap_session, void *arg) |
PSK SNI callback that can be set up by coap_context_set_psk2(). | |
typedef struct coap_dtls_spsk_t | coap_dtls_spsk_t |
The structure used for defining the Server PSK setup data to be used. | |
Functions | |
int | coap_tls_engine_configure (coap_str_const_t *conf_mem) |
Configure an ENGINE for a TLS library. | |
int | coap_tls_engine_remove (void) |
Remove a previously configured ENGINE from a TLS library. | |
coap_tls_version_t * | coap_get_tls_library_version (void) |
Determine the type and version of the underlying (D)TLS library. | |
API for interfacing with DTLS libraries.
#define COAP_DTLS_CPSK_SETUP_VERSION 1 |
Latest CPSK setup version.
Definition at line 405 of file coap_dtls.h.
#define COAP_DTLS_HINT_LENGTH 128 |
Definition at line 35 of file coap_dtls.h.
#define COAP_DTLS_MAX_PSK 64 |
Definition at line 41 of file coap_dtls.h.
#define COAP_DTLS_MAX_PSK_IDENTITY 64 |
Definition at line 38 of file coap_dtls.h.
#define COAP_DTLS_PKI_SETUP_VERSION 1 |
Latest PKI setup version.
Definition at line 307 of file coap_dtls.h.
#define COAP_DTLS_RPK_CERT_CN "RPK" |
Definition at line 49 of file coap_dtls.h.
#define COAP_DTLS_SPSK_SETUP_VERSION 1 |
Latest SPSK setup version.
Definition at line 496 of file coap_dtls.h.
typedef enum coap_asn1_privatekey_type_t coap_asn1_privatekey_type_t |
The enum used for determining the provided PKI ASN.1 (DER) Private Key formats.
typedef int(* coap_dtls_cn_callback_t) (const char *cn, const uint8_t *asn1_public_cert, size_t asn1_length, coap_session_t *coap_session, unsigned int depth, int validated, void *arg) |
CN Validation callback that can be set up by coap_context_set_pki().
Invoked when libcoap has done the validation checks at the TLS level, but the application needs to check that the CN is allowed. CN is the SubjectAltName in the cert, if not present, then the leftmost Common Name (CN) component of the subject name. NOTE: If using RPK, then the Public Key does not contain a CN, but the content of COAP_DTLS_RPK_CERT_CN is presented for the cn
parameter.
cn | The determined CN from the certificate |
asn1_public_cert | The ASN.1 DER encoded X.509 certificate |
asn1_length | The ASN.1 length |
coap_session | The CoAP session associated with the certificate update |
depth | Depth in cert chain. If 0, then client cert, else a CA |
validated | TLS layer can find no issues if 1 |
arg | The same as was passed into coap_context_set_pki() in setup_data->cn_call_back_arg |
1
if accepted, else 0
if to be rejected. Definition at line 134 of file coap_dtls.h.
typedef struct coap_dtls_cpsk_info_t coap_dtls_cpsk_info_t |
The structure that holds the Client PSK information.
typedef struct coap_dtls_cpsk_t coap_dtls_cpsk_t |
The structure used for defining the Client PSK setup data to be used.
typedef const coap_bin_const_t *(* coap_dtls_id_callback_t) (coap_bin_const_t *identity, coap_session_t *coap_session, void *arg) |
Identity Validation callback that can be set up by coap_context_set_psk2().
Invoked when libcoap has done the validation checks at the TLS level, but the application needs to check that the Identity is allowed, and needs to use the appropriate Pre-Shared Key for the (D)TLS session.
identity | The client provided Identity |
coap_session | The CoAP session associated with the Identity Hint |
arg | The value as passed into coap_context_set_psk2() in setup_data->id_call_back_arg |
NULL
on error. Note: This information will be duplicated into an internal structure. Definition at line 473 of file coap_dtls.h.
typedef const coap_dtls_cpsk_info_t *(* coap_dtls_ih_callback_t) (coap_str_const_t *hint, coap_session_t *coap_session, void *arg) |
Identity Hint Validation callback that can be set up by coap_new_client_session_psk2().
Invoked when libcoap has done the validation checks at the TLS level, but the application needs to check that the Identity Hint is allowed, and thus needs to use the appropriate PSK information for the Identity Hint for the (D)TLS session. Note: Identity Hint is not supported in (D)TLS1.3.
hint | The server provided Identity Hint |
coap_session | The CoAP session associated with the Identity Hint |
arg | The same as was passed into coap_new_client_session_psk2() in setup_data->ih_call_back_arg |
NULL
on error. Definition at line 400 of file coap_dtls.h.
typedef struct coap_dtls_key_t coap_dtls_key_t |
The structure that holds the PKI key information.
typedef coap_dtls_key_t *(* coap_dtls_pki_sni_callback_t) (const char *sni, void *arg) |
Server Name Indication (SNI) Validation callback that can be set up by coap_context_set_pki().
Invoked if the SNI is not previously seen and prior to sending a certificate set back to the client so that the appropriate certificate set can be used based on the requesting SNI.
sni | The requested SNI |
arg | The same as was passed into coap_context_set_pki() in setup_data->sni_call_back_arg |
NULL
if SNI is to be rejected. Definition at line 303 of file coap_dtls.h.
typedef struct coap_dtls_pki_t coap_dtls_pki_t |
Definition at line 32 of file coap_dtls.h.
typedef const coap_dtls_spsk_info_t *(* coap_dtls_psk_sni_callback_t) (const char *sni, coap_session_t *coap_session, void *arg) |
PSK SNI callback that can be set up by coap_context_set_psk2().
Invoked when libcoap has done the validation checks at the TLS level and the application needs to:- a) check that the SNI is allowed b) provide the appropriate PSK information for the (D)TLS session.
sni | The client provided SNI |
coap_session | The CoAP session associated with the SNI |
arg | The same as was passed into coap_context_set_psk2() in setup_data->sni_call_back_arg |
NULL
on error. Definition at line 491 of file coap_dtls.h.
typedef enum coap_dtls_role_t coap_dtls_role_t |
typedef int(* coap_dtls_security_setup_t) (void *tls_session, coap_dtls_pki_t *setup_data) |
Additional Security setup handler that can be set up by coap_context_set_pki().
Invoked when libcoap has done the validation checks at the TLS level, but the application needs to do some additional checks/changes/updates.
tls_session | The security session definition - e.g. SSL * for OpenSSL. NULL if server callback. This will be dependent on the underlying TLS library - see coap_get_tls_library_version() |
setup_data | A structure containing setup data originally passed into coap_context_set_pki() or coap_new_client_session_pki(). |
1
if successful, else 0
. Definition at line 111 of file coap_dtls.h.
typedef struct coap_dtls_spsk_info_t coap_dtls_spsk_info_t |
The structure that holds the Server Pre-Shared Key and Identity Hint information.
typedef struct coap_dtls_spsk_t coap_dtls_spsk_t |
The structure used for defining the Server PSK setup data to be used.
typedef struct coap_pki_key_asn1_t coap_pki_key_asn1_t |
The structure that holds the PKI ASN.1 (DER) definitions.
typedef struct coap_pki_key_define_t coap_pki_key_define_t |
The structure that holds the PKI Definable key type definitions.
typedef struct coap_pki_key_pem_buf_t coap_pki_key_pem_buf_t |
The structure that holds the PKI PEM buffer definitions.
The certificates and private key data must be in PEM format.
Note: The Certs and Key should be NULL terminated strings for performance reasons (to save a potential buffer copy) and the length include this NULL terminator. It is not a requirement to have the NULL terminator though and the length must then reflect the actual data size.
typedef struct coap_pki_key_pem_t coap_pki_key_pem_t |
The structure that holds the PKI PEM definitions.
typedef struct coap_pki_key_pkcs11_t coap_pki_key_pkcs11_t |
The structure that holds the PKI PKCS11 definitions.
typedef enum coap_pki_key_t coap_pki_key_t |
The enum used for determining the PKI key formats.
typedef enum coap_tls_library_t coap_tls_library_t |
typedef struct coap_tls_version_t coap_tls_version_t |
The structure used for returning the underlying (D)TLS library information.
The enum used for determining the provided PKI ASN.1 (DER) Private Key formats.
Definition at line 146 of file coap_dtls.h.
enum coap_dtls_role_t |
Enumerator | |
---|---|
COAP_DTLS_ROLE_CLIENT | Internal function invoked for client. |
COAP_DTLS_ROLE_SERVER | Internal function invoked for server. |
Definition at line 44 of file coap_dtls.h.
enum coap_pki_define_t |
The enum to define the format of the key parameter definition.
Definition at line 233 of file coap_dtls.h.
enum coap_pki_key_t |
The enum used for determining the PKI key formats.
Definition at line 167 of file coap_dtls.h.
enum coap_tls_library_t |
Definition at line 70 of file coap_dtls.h.
coap_tls_version_t * coap_get_tls_library_version | ( | void | ) |
Determine the type and version of the underlying (D)TLS library.
Definition at line 100 of file coap_notls.c.
int coap_tls_engine_configure | ( | coap_str_const_t * | conf_mem | ) |
Configure an ENGINE for a TLS library.
(Currently only OpenSSL is supported)
conf_mem | The configuration to use in memory. |
1
if successful, or 0
if failure. Definition at line 22 of file coap_notls.c.
int coap_tls_engine_remove | ( | void | ) |
Remove a previously configured ENGINE from a TLS library.
(Currently only OpenSSL is supported) (This is automatically done when coap_free_context() is called)
1
if successful, or 0
if failure. Definition at line 28 of file coap_notls.c.