libcoap 4.3.5a
Loading...
Searching...
No Matches
coap_openssl.c
Go to the documentation of this file.
1/*
2 * coap_openssl.c -- Datagram Transport Layer Support for libcoap with openssl
3 *
4 * Copyright (C) 2017 Jean-Claude Michelou <jcm@spinetix.com>
5 * Copyright (C) 2018-2025 Jon Shallow <supjps-libcoap@jpshallow.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
17
18#include "coap3/coap_libcoap_build.h"
19
20#ifdef COAP_WITH_LIBOPENSSL
21
22/*
23 * OpenSSL 1.1.0 has support for making decisions during receipt of
24 * the Client Hello - the call back function is set up using
25 * SSL_CTX_set_tlsext_servername_callback() which is called later in the
26 * Client Hello processing - but called every Client Hello.
27 * Certificates and Preshared Keys have to be set up in the SSL CTX before
28 * SSL_accept() is called, making the code messy to decide whether this is a
29 * PKI or PSK incoming request to handle things accordingly if both are
30 * defined. SNI has to create a new SSL CTX to handle different server names
31 * with different crtificates.
32 *
33 * OpenSSL 1.1.1 introduces a new function SSL_CTX_set_client_hello_cb().
34 * The call back is invoked early on in the Client Hello processing giving
35 * the ability to easily use different Preshared Keys, Certificates etc.
36 * Certificates do not have to be set up in the SSL CTX before SSL_Accept is
37 * called.
38 * Later in the Client Hello code, the callback for
39 * SSL_CTX_set_tlsext_servername_callback() is still called, but only if SNI
40 * is being used by the client, so cannot be used for doing things the
41 * OpenSSL 1.1.0 way.
42 *
43 * OpenSSL 1.1.1 supports TLS1.3.
44 *
45 * There is also support for OpenSSL 3.
46 *
47 * Consequently, this code has to have compile time options to include /
48 * exclude code based on whether compiled against 1.1.0 or 1.1.1, as well as
49 * have additional run time checks.
50 *
51 * It is possible to override the Ciphers, define the Algorithms or Groups,
52 * and/or define the PKCS11 engine id to to use for the SSL negotiations at
53 * compile time. This is done by the adding of the appropriate -D option to
54 * the CPPFLAGS parameter that is used on the ./configure command line.
55 * E.g. ./configure CPPFLAGS="-DXX='\"YY\"' -DUU='\"VV\"'"
56 * The parameter value is case-sensitive.
57 *
58 * The ciphers can be overridden with (example)
59 * -DCOAP_OPENSSL_CIPHERS='\"ECDHE-ECDSA-AES256-GCM-SHA384\"'
60 *
61 * The Algorithms can be defined by (example)
62 * -DCOAP_OPENSSL_SIGALGS='\"ed25519\"'
63 *
64 * The Groups (OpenSSL 1.1.1 or later) can be defined by (example)
65 * -DCOAP_OPENSSL_GROUPS='\"X25519\"'
66 *
67 * The PKCSLL engine ID can be defined by (example)
68 + -DCOAP_OPENSSL_PKCS11_ENGINE_ID='\"pkcs11\"'
69 *
70 */
71#include <openssl/ssl.h>
72#include <openssl/engine.h>
73#include <openssl/err.h>
74#include <openssl/rand.h>
75#include <openssl/hmac.h>
76#include <openssl/x509v3.h>
77
78#if OPENSSL_VERSION_NUMBER >= 0x30000000L
79#ifdef __GNUC__
80/* Ignore OpenSSL 3.0 deprecated warnings for now */
81#pragma GCC diagnostic ignored "-Wdeprecated-declarations"
82#endif
83#if defined(_WIN32)
84#if !defined(__MINGW32__)
85#pragma warning(disable : 4996)
86#endif /* ! __MINGW32__ */
87#endif /* _WIN32 */
88#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
89
90#ifdef COAP_EPOLL_SUPPORT
91# include <sys/epoll.h>
92#endif /* COAP_EPOLL_SUPPORT */
93
94#if OPENSSL_VERSION_NUMBER < 0x10100000L
95#error Must be compiled against OpenSSL 1.1.0 or later
96#endif
97
98#ifdef _WIN32
99#define strcasecmp _stricmp
100#define strncasecmp _strnicmp
101#endif
102
103/* RFC6091/RFC7250 */
104#ifndef TLSEXT_TYPE_client_certificate_type
105#define TLSEXT_TYPE_client_certificate_type 19
106#endif
107#ifndef TLSEXT_TYPE_server_certificate_type
108#define TLSEXT_TYPE_server_certificate_type 20
109#endif
110
111#ifndef COAP_OPENSSL_CIPHERS
112#if OPENSSL_VERSION_NUMBER >= 0x10101000L
113#define COAP_OPENSSL_CIPHERS "TLSv1.3:TLSv1.2:!NULL"
114#else /* OPENSSL_VERSION_NUMBER < 0x10101000L */
115#define COAP_OPENSSL_CIPHERS "TLSv1.2:!NULL"
116#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
117#endif /*COAP_OPENSSL_CIPHERS */
118
119#ifndef COAP_OPENSSL_PSK_CIPHERS
120#define COAP_OPENSSL_PSK_CIPHERS "PSK:!NULL"
121#endif /*COAP_OPENSSL_PSK_CIPHERS */
122
123#ifndef COAP_OPENSSL_PKCS11_ENGINE_ID
124#define COAP_OPENSSL_PKCS11_ENGINE_ID "pkcs11"
125#endif /* COAP_OPENSSL_PKCS11_ENGINE_ID */
126
127/* This structure encapsulates the OpenSSL context object. */
128typedef struct coap_dtls_context_t {
129 SSL_CTX *ctx;
130 SSL *ssl; /* OpenSSL object for listening to connection requests */
131 HMAC_CTX *cookie_hmac;
132 BIO_METHOD *meth;
133 BIO_ADDR *bio_addr;
134} coap_dtls_context_t;
135
136typedef struct coap_tls_context_t {
137 SSL_CTX *ctx;
138 BIO_METHOD *meth;
139} coap_tls_context_t;
140
141#define IS_PSK 0x1
142#define IS_PKI 0x2
143
144typedef struct sni_entry {
145 char *sni;
146#if OPENSSL_VERSION_NUMBER < 0x10101000L
147 SSL_CTX *ctx;
148#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
149 coap_dtls_key_t pki_key;
150#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
151} sni_entry;
152
153typedef struct psk_sni_entry {
154 char *sni;
155#if OPENSSL_VERSION_NUMBER < 0x10101000L
156 SSL_CTX *ctx;
157#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
158 coap_dtls_spsk_info_t psk_info;
159} psk_sni_entry;
160
161typedef struct coap_openssl_context_t {
162 coap_dtls_context_t dtls;
163#if !COAP_DISABLE_TCP
164 coap_tls_context_t tls;
165#endif /* !COAP_DISABLE_TCP */
166 coap_dtls_pki_t setup_data;
167 int psk_pki_enabled;
168 size_t sni_count;
169 sni_entry *sni_entry_list;
170#if OPENSSL_VERSION_NUMBER < 0x10101000L
171 size_t psk_sni_count;
172 psk_sni_entry *psk_sni_entry_list;
173#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
174} coap_openssl_context_t;
175
176#if COAP_SERVER_SUPPORT
177#if OPENSSL_VERSION_NUMBER < 0x10101000L
178static int psk_tls_server_name_call_back(SSL *ssl, int *sd, void *arg);
179#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
180static int psk_tls_client_hello_call_back(SSL *ssl, int *al, void *arg);
181#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
182#endif /* COAP_SERVER_SUPPORT */
183
184int
185coap_dtls_is_supported(void) {
186 if (SSLeay() < 0x10100000L) {
187 coap_log_warn("OpenSSL version 1.1.0 or later is required\n");
188 return 0;
189 }
190#if OPENSSL_VERSION_NUMBER >= 0x10101000L
191 /*
192 * For 1.1.1, we need to use SSL_CTX_set_client_hello_cb()
193 * which is not in 1.1.0 instead of SSL_CTX_set_tlsext_servername_callback()
194 *
195 * However, there could be a runtime undefined external reference error
196 * as SSL_CTX_set_client_hello_cb() is not there in 1.1.0.
197 */
198 if (SSLeay() < 0x10101000L) {
199 coap_log_warn("OpenSSL version 1.1.1 or later is required\n");
200 return 0;
201 }
202#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
203 return 1;
204}
205
206int
207coap_tls_is_supported(void) {
208#if !COAP_DISABLE_TCP
209 if (SSLeay() < 0x10100000L) {
210 coap_log_warn("OpenSSL version 1.1.0 or later is required\n");
211 return 0;
212 }
213#if OPENSSL_VERSION_NUMBER >= 0x10101000L
214 if (SSLeay() < 0x10101000L) {
215 coap_log_warn("OpenSSL version 1.1.1 or later is required\n");
216 return 0;
217 }
218#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
219 return 1;
220#else /* COAP_DISABLE_TCP */
221 return 0;
222#endif /* COAP_DISABLE_TCP */
223}
224
225/*
226 * return 0 failed
227 * 1 passed
228 */
229int
230coap_dtls_psk_is_supported(void) {
231 return 1;
232}
233
234/*
235 * return 0 failed
236 * 1 passed
237 */
238int
239coap_dtls_pki_is_supported(void) {
240 return 1;
241}
242
243/*
244 * return 0 failed
245 * 1 passed
246 */
247int
248coap_dtls_pkcs11_is_supported(void) {
249 return 1;
250}
251
252/*
253 * return 0 failed
254 * 1 passed
255 */
256int
257coap_dtls_rpk_is_supported(void) {
258 return 0;
259}
260
261/*
262 * return 0 failed
263 * 1 passed
264 */
265int
266coap_dtls_cid_is_supported(void) {
267 return 0;
268}
269
270#if COAP_CLIENT_SUPPORT
271int
272coap_dtls_set_cid_tuple_change(coap_context_t *c_context, uint8_t every) {
273 (void)c_context;
274 (void)every;
275 return 0;
276}
277#endif /* COAP_CLIENT_SUPPORT */
278
279coap_tls_version_t *
280coap_get_tls_library_version(void) {
281 static coap_tls_version_t version;
282 version.version = SSLeay();
283 version.built_version = OPENSSL_VERSION_NUMBER;
284 version.type = COAP_TLS_LIBRARY_OPENSSL;
285 return &version;
286}
287
288static ENGINE *pkcs11_engine = NULL;
289static ENGINE *defined_engine = NULL;
290
291void
292coap_dtls_startup(void) {
293 SSL_load_error_strings();
294 SSL_library_init();
295 ENGINE_load_dynamic();
296}
297
298void
299coap_dtls_shutdown(void) {
300 if (pkcs11_engine) {
301 /* Release the functional reference from ENGINE_init() */
302 ENGINE_finish(pkcs11_engine);
303 pkcs11_engine = NULL;
304 }
305 if (defined_engine) {
306 /* Release the functional reference from ENGINE_init() */
307 ENGINE_finish(defined_engine);
308 defined_engine = NULL;
309 }
310 ERR_free_strings();
311 coap_dtls_set_log_level(COAP_LOG_EMERG);
312}
313
314void *
315coap_dtls_get_tls(const coap_session_t *c_session,
316 coap_tls_library_t *tls_lib) {
317 if (tls_lib)
318 *tls_lib = COAP_TLS_LIBRARY_OPENSSL;
319 if (c_session) {
320 return c_session->tls;
321 }
322 return NULL;
323}
324
325static int
326get_split_conf_entry(const uint8_t **start, size_t size, const char *get_keyword,
327 coap_str_const_t **p1, coap_str_const_t **p2) {
328 const uint8_t *begin = *start;
329 const uint8_t *end;
330 const uint8_t *kend;
331 const uint8_t *split;
332
333 *p1 = NULL;
334 *p2 = NULL;
335
336retry:
337 kend = end = memchr(begin, '\n', size);
338 if (end == NULL)
339 return 0;
340
341 /* Track beginning of next line */
342 *start = end + 1;
343 if (end > begin && end[-1] == '\r')
344 end--;
345
346 if (begin[0] == '#' || (end - begin) == 0) {
347 /* Skip comment / blank line */
348 size -= kend - begin + 1;
349 begin = *start;
350 goto retry;
351 }
352
353 /* Get in the keyword */
354 split = memchr(begin, ':', end - begin);
355 if (split == NULL)
356 goto bad_entry;
357
358 if ((size_t)(split - begin) != strlen(get_keyword)) {
359 size -= kend - begin + 1;
360 begin = *start;
361 goto retry;
362 }
363 if (memcmp(begin, get_keyword, split - begin)) {
364 size -= kend - begin + 1;
365 begin = *start;
366 goto retry;
367 }
368 /* Found entry we are looking for */
369 begin = split + 1;
370
371 /* parameter 1 is mandatory */
372 if ((end - begin) == 0)
373 goto bad_entry;
374 /* Get in paramater #1 */
375 split = memchr(begin, ':', end - begin);
376 if (split == NULL) {
377 /* Single entry - no parameter #2 */
378 *p1 = coap_new_str_const(begin, end - begin);
379 if (!(*p1)) {
380 goto bad_entry;
381 }
382 } else {
383 *p1 = coap_new_str_const(begin, split - begin);
384 if (!(*p1)) {
385 goto bad_entry;
386 }
387 if ((end - split) > 0) {
388 *p2 = coap_new_str_const(split + 1, end - split - 1);
389 if (!(*p2)) {
390 goto bad_entry;
391 }
392 }
393 }
394
395 return 1;
396
397bad_entry:
398 coap_delete_str_const(*p1);
399 coap_delete_str_const(*p2);
400 return 0;
401}
402
403/*
404 * Formating of OpenSSL Engine configuration is:-
405 * (Must be in this order)
406 *
407 * engine:XXX
408 * pre-cmd:XXX:YYY
409 * ....
410 * pre-cmd:XXX:YYY
411 * post-cmd:XXX:YYY
412 * ....
413 * post-cmd:XXX:YYY
414 * enable-methods:unsigned-int
415 * OR'd set of ENGINE_METHOD_* or ENGINE_METHOD_ALL
416 *
417 * pre-cmd and post-cmd are optional
418 * YYY does not have to be defined for some pre-cmd or post-cmd
419 */
420int
421coap_tls_engine_configure(coap_str_const_t *conf_mem) {
422 const uint8_t *start;
423 const uint8_t *end;
424 coap_str_const_t *p1 = NULL;
425 coap_str_const_t *p2 = NULL;
426 coap_str_const_t *engine_id = NULL;
427 unsigned int defaults = 0;
428 int done_engine_id = 0;
429 int done_engine_init = 0;
430
431 if (!conf_mem)
432 return 0;
433
434 start = conf_mem->s;
435 end = start + conf_mem->length;
436
437 if (defined_engine) {
438 coap_log_warn("coap_tls_engine_configure: Freeing off previous engine definition\n");
439 ENGINE_finish(defined_engine);
440 defined_engine = NULL;
441 }
442
443 /* Set up engine */
444 if (!get_split_conf_entry(&start, end - start, "engine", &engine_id, &p2)) {
445 coap_log_warn("coap_tls_engine_configure: engine not defined\n");
446 return 0;
447 }
448 defined_engine = ENGINE_by_id((const char *)engine_id->s);
449 if (!defined_engine) {
450 coap_log_warn("coap_tls_engine_configure: engine '%s' not known\n", engine_id->s);
451 goto fail_cleanup;
452 } else {
453 done_engine_id = 1;
454 coap_dtls_log(COAP_LOG_DEBUG, "coap_tls_engine_configure: engine '%s' started\n", engine_id->s);
455 }
456 coap_delete_str_const(p2);
457
458 start = conf_mem->s;
459 /* process all the pre-cmd defined */
460 while (get_split_conf_entry(&start, end - start, "pre-cmd", &p1, &p2)) {
461 if (!ENGINE_ctrl_cmd_string(defined_engine, (const char *)p1->s, p2 ? (const char *)p2->s : NULL,
462 0)) {
463 coap_log_warn("coap_tls_engine_configure: engine %s pre-cmd '%s:%s' failed\n",
464 (const char *)engine_id->s,
465 (const char *)p1->s, p2 ? (const char *)p2->s : "(NULL)");
466 goto fail_cleanup;
467 } else {
468 coap_dtls_log(COAP_LOG_DEBUG, "coap_tls_engine_configure: engine '%s' pre-cmd '%s:%s' success\n",
469 engine_id->s, p1->s, p2 ? (const char *)p2->s : "(NULL)");
470 }
471 coap_delete_str_const(p1);
472 coap_delete_str_const(p2);
473 }
474
475 p1 = NULL;
476 p2 = NULL;
477 /* Start up the engine */
478 if (!ENGINE_init(defined_engine)) {
479 coap_log_warn("coap_tls_engine_configure: %s failed initialization\n", (const char *)engine_id->s);
480 goto fail_cleanup;
481 } else {
482 done_engine_init = 1;
483 coap_dtls_log(COAP_LOG_DEBUG, "coap_tls_engine_configure: %s initialized\n",
484 (const char *)engine_id->s);
485 }
486
487 start = conf_mem->s;
488 /* process all the post-cmd defined */
489 while (get_split_conf_entry(&start, end - start, "post-cmd", &p1, &p2)) {
490 if (!ENGINE_ctrl_cmd_string(defined_engine, (const char *)p1->s, p2 ? (const char *)p2->s : NULL,
491 0)) {
492 coap_log_warn("coap_tls_engine_configure: %s post-cmd '%s:%s' failed\n", (const char *)engine_id->s,
493 (const char *)p1->s, p2 ? (const char *)p2->s : "(NULL)");
494 goto fail_cleanup;
495 } else {
496 coap_dtls_log(COAP_LOG_DEBUG, "coap_tls_engine_configure: %s post-cmd '%s:%s' success\n",
497 (const char *)engine_id->s,
498 (const char *)p1->s, p2 ? (const char *)p2->s : "(NULL)");
499 }
500 coap_delete_str_const(p1);
501 coap_delete_str_const(p2);
502 }
503
504 start = conf_mem->s;
505 /* See what we should be setting as the methods */
506 if (!get_split_conf_entry(&start, end - start, "enable-methods", &p1, &p2)) {
507 coap_log_warn("coap_tls_engine_configure: enable-methods not found\n");
508 goto fail_cleanup;
509 }
510 defaults = strtoul((const char *)p1->s, NULL, 0);
511 if (!ENGINE_set_default(defined_engine, defaults)) {
512 coap_log_warn("coap_tls_engine_configure: enable-methods 0x%x invalid\n", defaults);
513 goto fail_cleanup;
514 } else {
515 coap_dtls_log(COAP_LOG_DEBUG, "coap_tls_engine_configure: enable-methods 0x%x successful\n",
516 defaults);
517 }
518 coap_delete_str_const(engine_id);
519 coap_delete_str_const(p1);
520 coap_delete_str_const(p2);
521 /* Success */
522
523 return 1;
524
525fail_cleanup:
526 if (done_engine_id)
527 ENGINE_free(defined_engine);
528 if (done_engine_init)
529 ENGINE_finish(defined_engine);
530 defined_engine = NULL;
531 coap_delete_str_const(engine_id);
532 coap_delete_str_const(p1);
533 coap_delete_str_const(p2);
534 return 0;
535}
536
537int
538coap_tls_engine_remove(void) {
539 if (defined_engine) {
540 ENGINE_finish(defined_engine);
541 defined_engine = NULL;
542 return 1;
543 }
544 return 0;
545}
546
547/*
548 * Logging levels use the standard CoAP logging levels
549 */
550static coap_log_t dtls_log_level = COAP_LOG_EMERG;
551
552void
553coap_dtls_set_log_level(coap_log_t level) {
554 dtls_log_level = level;
555}
556
557coap_log_t
558coap_dtls_get_log_level(void) {
559 return dtls_log_level;
560}
561
562typedef struct coap_ssl_data {
563 coap_session_t *session;
564 const void *pdu;
565 unsigned pdu_len;
566 unsigned peekmode;
567 coap_tick_t timeout;
568} coap_ssl_data;
569
570static int
571coap_dgram_create(BIO *a) {
572 coap_ssl_data *data = NULL;
573 data = malloc(sizeof(coap_ssl_data));
574 if (data == NULL)
575 return 0;
576 BIO_set_init(a, 1);
577 BIO_set_data(a, data);
578 memset(data, 0x00, sizeof(coap_ssl_data));
579 return 1;
580}
581
582static int
583coap_dgram_destroy(BIO *a) {
584 coap_ssl_data *data;
585 if (a == NULL)
586 return 0;
587 data = (coap_ssl_data *)BIO_get_data(a);
588 if (data != NULL)
589 free(data);
590 return 1;
591}
592
593static int
594coap_dgram_read(BIO *a, char *out, int outl) {
595 int ret = 0;
596 coap_ssl_data *data = (coap_ssl_data *)BIO_get_data(a);
597
598 if (out != NULL) {
599 if (data != NULL && data->pdu_len > 0) {
600 if (outl < (int)data->pdu_len) {
601 memcpy(out, data->pdu, outl);
602 ret = outl;
603 } else {
604 memcpy(out, data->pdu, data->pdu_len);
605 ret = (int)data->pdu_len;
606 }
607 if (!data->peekmode) {
608 data->pdu_len = 0;
609 data->pdu = NULL;
610 }
611 } else {
612 ret = -1;
613 }
614 BIO_clear_retry_flags(a);
615 if (ret < 0)
616 BIO_set_retry_read(a);
617 }
618 return ret;
619}
620
621static int
622coap_dgram_write(BIO *a, const char *in, int inl) {
623 int ret = 0;
624 coap_ssl_data *data = (coap_ssl_data *)BIO_get_data(a);
625
626 if (data && data->session) {
627 if (!coap_netif_available(data->session)
628#if COAP_SERVER_SUPPORT
629 && data->session->endpoint == NULL
630#endif /* COAP_SERVER_SUPPORT */
631 ) {
632 /* socket was closed on client due to error */
633 BIO_clear_retry_flags(a);
634 errno = ECONNRESET;
635 return -1;
636 }
637 ret = (int)data->session->sock.lfunc[COAP_LAYER_TLS].l_write(data->session,
638 (const uint8_t *)in,
639 inl);
640 BIO_clear_retry_flags(a);
641 if (ret <= 0) {
642 if (ret < 0 && (errno == ENOTCONN || errno == ECONNREFUSED))
643 data->session->dtls_event = COAP_EVENT_DTLS_ERROR;
644 BIO_set_retry_write(a);
645 }
646 } else {
647 BIO_clear_retry_flags(a);
648 ret = -1;
649 }
650 return ret;
651}
652
653static int
654coap_dgram_puts(BIO *a, const char *pstr) {
655 return coap_dgram_write(a, pstr, (int)strlen(pstr));
656}
657
658static long
659coap_dgram_ctrl(BIO *a, int cmd, long num, void *ptr) {
660 long ret = 1;
661 coap_ssl_data *data = BIO_get_data(a);
662
663 (void)ptr;
664
665 switch (cmd) {
666 case BIO_CTRL_GET_CLOSE:
667 ret = BIO_get_shutdown(a);
668 break;
669 case BIO_CTRL_SET_CLOSE:
670 BIO_set_shutdown(a, (int)num);
671 break;
672 case BIO_CTRL_DGRAM_SET_PEEK_MODE:
673 if (data)
674 data->peekmode = (unsigned)num;
675 else
676 ret = 0;
677 break;
678 case BIO_CTRL_DGRAM_CONNECT:
679 case BIO_C_SET_FD:
680 case BIO_C_GET_FD:
681 case BIO_CTRL_DGRAM_SET_DONT_FRAG:
682 case BIO_CTRL_DGRAM_GET_MTU:
683 case BIO_CTRL_DGRAM_SET_MTU:
684 case BIO_CTRL_DGRAM_QUERY_MTU:
685 case BIO_CTRL_DGRAM_GET_FALLBACK_MTU:
686 ret = -1;
687 break;
688 case BIO_CTRL_DUP:
689 case BIO_CTRL_FLUSH:
690 case BIO_CTRL_DGRAM_MTU_DISCOVER:
691 case BIO_CTRL_DGRAM_SET_CONNECTED:
692 break;
693 case BIO_CTRL_DGRAM_SET_NEXT_TIMEOUT:
694 if (data)
695 data->timeout = coap_ticks_from_rt_us((uint64_t)((struct timeval *)ptr)->tv_sec * 1000000 +
696 ((struct timeval *)ptr)->tv_usec);
697 else
698 ret = 0;
699 break;
700 case BIO_CTRL_RESET:
701 case BIO_C_FILE_SEEK:
702 case BIO_C_FILE_TELL:
703 case BIO_CTRL_INFO:
704 case BIO_CTRL_PENDING:
705 case BIO_CTRL_WPENDING:
706 case BIO_CTRL_DGRAM_GET_PEER:
707 case BIO_CTRL_DGRAM_SET_PEER:
708 case BIO_CTRL_DGRAM_SET_RECV_TIMEOUT:
709 case BIO_CTRL_DGRAM_GET_RECV_TIMEOUT:
710 case BIO_CTRL_DGRAM_SET_SEND_TIMEOUT:
711 case BIO_CTRL_DGRAM_GET_SEND_TIMEOUT:
712 case BIO_CTRL_DGRAM_GET_SEND_TIMER_EXP:
713 case BIO_CTRL_DGRAM_GET_RECV_TIMER_EXP:
714 case BIO_CTRL_DGRAM_MTU_EXCEEDED:
715 case BIO_CTRL_DGRAM_GET_MTU_OVERHEAD:
716 default:
717 ret = 0;
718 break;
719 }
720 return ret;
721}
722
723static int
724coap_dtls_generate_cookie(SSL *ssl,
725 unsigned char *cookie,
726 unsigned int *cookie_len) {
727 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
728 coap_dtls_context_t *dtls = ctx ? (coap_dtls_context_t *)SSL_CTX_get_app_data(ctx) : NULL;
729 coap_ssl_data *data = (coap_ssl_data *)BIO_get_data(SSL_get_rbio(ssl));
730
731 if (dtls && data) {
732 int r = HMAC_Init_ex(dtls->cookie_hmac, NULL, 0, NULL, NULL);
733 r &= HMAC_Update(dtls->cookie_hmac,
734 (const uint8_t *)&data->session->addr_info.local.addr,
735 (size_t)data->session->addr_info.local.size);
736 r &= HMAC_Update(dtls->cookie_hmac,
737 (const uint8_t *)&data->session->addr_info.remote.addr,
738 (size_t)data->session->addr_info.remote.size);
739 r &= HMAC_Final(dtls->cookie_hmac, cookie, cookie_len);
740 return r;
741 }
742 return 0;
743}
744
745static int
746coap_dtls_verify_cookie(SSL *ssl,
747 const uint8_t *cookie,
748 unsigned int cookie_len) {
749 uint8_t hmac[32];
750 unsigned len = 32;
751 if (coap_dtls_generate_cookie(ssl, hmac, &len) &&
752 cookie_len == len && memcmp(cookie, hmac, len) == 0)
753 return 1;
754 else
755 return 0;
756}
757
758#if COAP_CLIENT_SUPPORT
759static unsigned int
760coap_dtls_psk_client_callback(SSL *ssl,
761 const char *hint,
762 char *identity,
763 unsigned int max_identity_len,
764 unsigned char *psk,
765 unsigned int max_psk_len) {
766 coap_session_t *c_session;
767 coap_openssl_context_t *o_context;
768 coap_dtls_cpsk_t *setup_data;
769 coap_bin_const_t temp;
770 const coap_dtls_cpsk_info_t *cpsk_info;
771 const coap_bin_const_t *psk_key;
772 const coap_bin_const_t *psk_identity;
773
774 c_session = (coap_session_t *)SSL_get_app_data(ssl);
775 if (c_session == NULL || c_session->context == NULL)
776 return 0;
777 o_context = (coap_openssl_context_t *)c_session->context->dtls_context;
778 if (o_context == NULL)
779 return 0;
780 setup_data = &c_session->cpsk_setup_data;
781
782 temp.s = hint ? (const uint8_t *)hint : (const uint8_t *)"";
783 temp.length = strlen((const char *)temp.s);
784 coap_session_refresh_psk_hint(c_session, &temp);
785
786 coap_log_debug("got psk_identity_hint: '%.*s'\n", (int)temp.length,
787 (const char *)temp.s);
788
789 if (setup_data->validate_ih_call_back) {
790 coap_str_const_t lhint;
791
792 lhint.s = temp.s;
793 lhint.length = temp.length;
794 coap_lock_callback_ret(cpsk_info, c_session->context,
795 setup_data->validate_ih_call_back(&lhint,
796 c_session,
797 setup_data->ih_call_back_arg));
798
799 if (cpsk_info == NULL)
800 return 0;
801
802 coap_session_refresh_psk_identity(c_session, &cpsk_info->identity);
803 coap_session_refresh_psk_key(c_session, &cpsk_info->key);
804 psk_identity = &cpsk_info->identity;
805 psk_key = &cpsk_info->key;
806 } else {
807 psk_identity = coap_get_session_client_psk_identity(c_session);
808 psk_key = coap_get_session_client_psk_key(c_session);
809 }
810
811 if (psk_identity == NULL || psk_key == NULL) {
812 coap_log_warn("no PSK available\n");
813 return 0;
814 }
815
816 /* identity has to be NULL terminated */
817 if (!max_identity_len)
818 return 0;
819 max_identity_len--;
820 if (psk_identity->length > max_identity_len) {
821 coap_log_warn("psk_identity too large, truncated to %d bytes\n",
822 max_identity_len);
823 } else {
824 /* Reduce to match */
825 max_identity_len = (unsigned int)psk_identity->length;
826 }
827 memcpy(identity, psk_identity->s, max_identity_len);
828 identity[max_identity_len] = '\000';
829
830 if (psk_key->length > max_psk_len) {
831 coap_log_warn("psk_key too large, truncated to %d bytes\n",
832 max_psk_len);
833 } else {
834 /* Reduce to match */
835 max_psk_len = (unsigned int)psk_key->length;
836 }
837 memcpy(psk, psk_key->s, max_psk_len);
838 return max_psk_len;
839}
840#endif /* COAP_CLIENT_SUPPORT */
841
842#if COAP_SERVER_SUPPORT
843static unsigned int
844coap_dtls_psk_server_callback(
845 SSL *ssl,
846 const char *identity,
847 unsigned char *psk,
848 unsigned int max_psk_len
849) {
850 coap_session_t *c_session;
851 coap_dtls_spsk_t *setup_data;
852 coap_bin_const_t lidentity;
853 const coap_bin_const_t *psk_key;
854
855 c_session = (coap_session_t *)SSL_get_app_data(ssl);
856 if (c_session == NULL || c_session->context == NULL)
857 return 0;
858
859 setup_data = &c_session->context->spsk_setup_data;
860
861 /* Track the Identity being used */
862 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
863 lidentity.length = strlen((const char *)lidentity.s);
864 coap_session_refresh_psk_identity(c_session, &lidentity);
865
866 coap_log_debug("got psk_identity: '%.*s'\n",
867 (int)lidentity.length, (const char *)lidentity.s);
868
869 if (setup_data->validate_id_call_back) {
870 psk_key = setup_data->validate_id_call_back(&lidentity,
871 c_session,
872 setup_data->id_call_back_arg);
873
874 coap_session_refresh_psk_key(c_session, psk_key);
875 } else {
876 psk_key = coap_get_session_server_psk_key(c_session);
877 }
878
879 if (psk_key == NULL)
880 return 0;
881
882 if (psk_key->length > max_psk_len) {
883 coap_log_warn("psk_key too large, truncated to %d bytes\n",
884 max_psk_len);
885 } else {
886 /* Reduce to match */
887 max_psk_len = (unsigned int)psk_key->length;
888 }
889 memcpy(psk, psk_key->s, max_psk_len);
890 return max_psk_len;
891}
892#endif /* COAP_SERVER_SUPPORT */
893
894static const char *
895ssl_function_definition(unsigned long e) {
896#if OPENSSL_VERSION_NUMBER >= 0x30000000L
897 (void)e;
898 return "";
899#else /* OPENSSL_VERSION_NUMBER < 0x30000000L */
900 static char buff[80];
901
902 snprintf(buff, sizeof(buff), " at %s:%s",
903 ERR_lib_error_string(e), ERR_func_error_string(e));
904 return buff;
905#endif /* OPENSSL_VERSION_NUMBER < 0x30000000L */
906}
907
908static void
909coap_dtls_info_callback(const SSL *ssl, int where, int ret) {
910 coap_session_t *session = (coap_session_t *)SSL_get_app_data(ssl);
911 const char *pstr;
912 int w = where &~SSL_ST_MASK;
913
914 if (!session) {
915 coap_dtls_log(COAP_LOG_WARN,
916 "coap_dtls_info_callback: session not determined, where 0x%0x and ret 0x%0x\n", where, ret);
917 return;
918 }
919 if (w & SSL_ST_CONNECT)
920 pstr = "SSL_connect";
921 else if (w & SSL_ST_ACCEPT)
922 pstr = "SSL_accept";
923 else
924 pstr = "undefined";
925
926 if (where & SSL_CB_LOOP) {
927 coap_dtls_log(COAP_LOG_DEBUG, "* %s: %s:%s\n",
928 coap_session_str(session), pstr, SSL_state_string_long(ssl));
929 } else if (where & SSL_CB_ALERT) {
930 coap_log_t log_level = COAP_LOG_INFO;
931 pstr = (where & SSL_CB_READ) ? "read" : "write";
932 if ((where & (SSL_CB_WRITE|SSL_CB_READ)) && (ret >> 8) == SSL3_AL_FATAL) {
933 session->dtls_event = COAP_EVENT_DTLS_ERROR;
934 if ((ret & 0xff) != SSL3_AD_CLOSE_NOTIFY)
935 log_level = COAP_LOG_WARN;
936 }
937 /* Need to let CoAP logging know why this session is dying */
938 coap_log(log_level, "* %s: SSL3 alert %s:%s:%s\n",
939 coap_session_str(session),
940 pstr,
941 SSL_alert_type_string_long(ret),
942 SSL_alert_desc_string_long(ret));
943 } else if (where & SSL_CB_EXIT) {
944 if (ret == 0) {
945 if (dtls_log_level >= COAP_LOG_WARN) {
946 unsigned long e;
947 coap_dtls_log(COAP_LOG_WARN, "* %s: %s:failed in %s\n",
948 coap_session_str(session), pstr, SSL_state_string_long(ssl));
949 while ((e = ERR_get_error()))
950 coap_dtls_log(COAP_LOG_WARN, "* %s: %s%s\n",
951 coap_session_str(session), ERR_reason_error_string(e),
952 ssl_function_definition(e));
953 }
954 } else if (ret < 0) {
955 if (dtls_log_level >= COAP_LOG_WARN) {
956 int err = SSL_get_error(ssl, ret);
957 if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE &&
958 err != SSL_ERROR_WANT_CONNECT && err != SSL_ERROR_WANT_ACCEPT &&
959 err != SSL_ERROR_WANT_X509_LOOKUP) {
960 long e;
961 coap_dtls_log(COAP_LOG_WARN, "* %s: %s:error in %s\n",
962 coap_session_str(session), pstr, SSL_state_string_long(ssl));
963 while ((e = ERR_get_error()))
964 coap_dtls_log(COAP_LOG_WARN, "* %s: %s%s\n",
965 coap_session_str(session), ERR_reason_error_string(e),
966 ssl_function_definition(e));
967 }
968 }
969 }
970 }
971
972 if (where == SSL_CB_HANDSHAKE_START && SSL_get_state(ssl) == TLS_ST_OK)
973 session->dtls_event = COAP_EVENT_DTLS_RENEGOTIATE;
974}
975
976#if !COAP_DISABLE_TCP
977static int
978coap_sock_create(BIO *a) {
979 BIO_set_init(a, 1);
980 return 1;
981}
982
983static int
984coap_sock_destroy(BIO *a) {
985 (void)a;
986 return 1;
987}
988
989/*
990 * strm
991 * return +ve data amount
992 * 0 no more
993 * -1 error
994 */
995static int
996coap_sock_read(BIO *a, char *out, int outl) {
997 int ret = 0;
998 coap_session_t *session = (coap_session_t *)BIO_get_data(a);
999
1000 if (session && out != NULL) {
1001 ret =(int)session->sock.lfunc[COAP_LAYER_TLS].l_read(session, (uint8_t *)out,
1002 outl);
1003 /* Translate layer returns into what OpenSSL expects */
1004 if (ret == 0) {
1005 BIO_set_retry_read(a);
1006 ret = -1;
1007 } else {
1008 BIO_clear_retry_flags(a);
1009 }
1010 }
1011 return ret;
1012}
1013
1014/*
1015 * strm
1016 * return +ve data amount
1017 * 0 no more
1018 * -1 error (error in errno)
1019 */
1020static int
1021coap_sock_write(BIO *a, const char *in, int inl) {
1022 int ret = 0;
1023 coap_session_t *session = (coap_session_t *)BIO_get_data(a);
1024
1025 if (!session) {
1026 errno = ENOMEM;
1027 ret = -1;
1028 } else {
1029 ret = (int)session->sock.lfunc[COAP_LAYER_TLS].l_write(session,
1030 (const uint8_t *)in,
1031 inl);
1032 }
1033 /* Translate layer what returns into what OpenSSL expects */
1034 BIO_clear_retry_flags(a);
1035 if (ret == 0) {
1036 BIO_set_retry_read(a);
1037 ret = -1;
1038 } else {
1039 BIO_clear_retry_flags(a);
1040 if (ret == -1) {
1041 if ((session->state == COAP_SESSION_STATE_CSM ||
1042 session->state == COAP_SESSION_STATE_HANDSHAKE) &&
1043 (errno == EPIPE || errno == ECONNRESET)) {
1044 /*
1045 * Need to handle a TCP timing window where an agent continues with
1046 * the sending of the next handshake or a CSM.
1047 * However, the peer does not like a certificate and so sends a
1048 * fatal alert and closes the TCP session.
1049 * The sending of the next handshake or CSM may get terminated because
1050 * of the closed TCP session, but there is still an outstanding alert
1051 * to be read in and reported on.
1052 * In this case, pretend that sending the info was fine so that the
1053 * alert can be read (which effectively is what happens with DTLS).
1054 */
1055 ret = inl;
1056 }
1057 }
1058 }
1059 return ret;
1060}
1061
1062static int
1063coap_sock_puts(BIO *a, const char *pstr) {
1064 return coap_sock_write(a, pstr, (int)strlen(pstr));
1065}
1066
1067static long
1068coap_sock_ctrl(BIO *a, int cmd, long num, void *ptr) {
1069 int r = 1;
1070 (void)a;
1071 (void)ptr;
1072 (void)num;
1073
1074 switch (cmd) {
1075 case BIO_C_SET_FD:
1076 case BIO_C_GET_FD:
1077 r = -1;
1078 break;
1079 case BIO_CTRL_SET_CLOSE:
1080 case BIO_CTRL_DUP:
1081 case BIO_CTRL_FLUSH:
1082 r = 1;
1083 break;
1084 default:
1085 case BIO_CTRL_GET_CLOSE:
1086 r = 0;
1087 break;
1088 }
1089 return r;
1090}
1091#endif /* !COAP_DISABLE_TCP */
1092
1093static void
1094coap_set_user_prefs(SSL_CTX *ctx) {
1095 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
1096
1097#ifdef COAP_OPENSSL_SIGALGS
1098 SSL_CTX_set1_sigalgs_list(ctx, COAP_OPENSSL_SIGALGS);
1099 SSL_CTX_set1_client_sigalgs_list(ctx, COAP_OPENSSL_SIGALGS);
1100#endif
1101
1102#if OPENSSL_VERSION_NUMBER >= 0x10101000L && defined(COAP_OPENSSL_GROUPS)
1103 SSL_CTX_set1_groups_list(ctx, COAP_OPENSSL_GROUPS);
1104#endif
1105}
1106
1107#if COAP_DTLS_RETRANSMIT_MS != 1000
1108#if OPENSSL_VERSION_NUMBER >= 0x10101000L
1109static unsigned int
1110timer_cb(SSL *s, unsigned int timer_us) {
1111 (void)s;
1112 if (timer_us == 0)
1113 return COAP_DTLS_RETRANSMIT_MS * 1000;
1114 else
1115 return 2 * timer_us;
1116}
1117#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
1118#endif /* COAP_DTLS_RETRANSMIT_MS != 1000 */
1119
1120void *
1121coap_dtls_new_context(coap_context_t *coap_context) {
1122 coap_openssl_context_t *context;
1123 (void)coap_context;
1124
1125 context = (coap_openssl_context_t *)coap_malloc_type(COAP_STRING, sizeof(coap_openssl_context_t));
1126 if (context) {
1127 uint8_t cookie_secret[32];
1128
1129 memset(context, 0, sizeof(coap_openssl_context_t));
1130
1131 /* Set up DTLS context */
1132 context->dtls.ctx = SSL_CTX_new(DTLS_method());
1133 if (!context->dtls.ctx)
1134 goto error;
1135 SSL_CTX_set_min_proto_version(context->dtls.ctx, DTLS1_2_VERSION);
1136 SSL_CTX_set_app_data(context->dtls.ctx, &context->dtls);
1137 SSL_CTX_set_read_ahead(context->dtls.ctx, 1);
1138 coap_set_user_prefs(context->dtls.ctx);
1139 memset(cookie_secret, 0, sizeof(cookie_secret));
1140 if (!RAND_bytes(cookie_secret, (int)sizeof(cookie_secret))) {
1141 coap_dtls_log(COAP_LOG_WARN,
1142 "Insufficient entropy for random cookie generation");
1143 coap_prng_lkd(cookie_secret, sizeof(cookie_secret));
1144 }
1145 context->dtls.cookie_hmac = HMAC_CTX_new();
1146 if (!HMAC_Init_ex(context->dtls.cookie_hmac, cookie_secret, (int)sizeof(cookie_secret),
1147 EVP_sha256(), NULL))
1148 goto error;
1149 SSL_CTX_set_cookie_generate_cb(context->dtls.ctx, coap_dtls_generate_cookie);
1150 SSL_CTX_set_cookie_verify_cb(context->dtls.ctx, coap_dtls_verify_cookie);
1151 SSL_CTX_set_info_callback(context->dtls.ctx, coap_dtls_info_callback);
1152 SSL_CTX_set_options(context->dtls.ctx, SSL_OP_NO_QUERY_MTU);
1153#if OPENSSL_VERSION_NUMBER >= 0x30000000L
1154 SSL_CTX_set_options(context->dtls.ctx, SSL_OP_LEGACY_SERVER_CONNECT);
1155#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
1156 context->dtls.meth = BIO_meth_new(BIO_TYPE_DGRAM, "coapdgram");
1157 if (!context->dtls.meth)
1158 goto error;
1159 context->dtls.bio_addr = BIO_ADDR_new();
1160 if (!context->dtls.bio_addr)
1161 goto error;
1162 BIO_meth_set_write(context->dtls.meth, coap_dgram_write);
1163 BIO_meth_set_read(context->dtls.meth, coap_dgram_read);
1164 BIO_meth_set_puts(context->dtls.meth, coap_dgram_puts);
1165 BIO_meth_set_ctrl(context->dtls.meth, coap_dgram_ctrl);
1166 BIO_meth_set_create(context->dtls.meth, coap_dgram_create);
1167 BIO_meth_set_destroy(context->dtls.meth, coap_dgram_destroy);
1168
1169#if !COAP_DISABLE_TCP
1170 /* Set up TLS context */
1171 context->tls.ctx = SSL_CTX_new(TLS_method());
1172 if (!context->tls.ctx)
1173 goto error;
1174 SSL_CTX_set_app_data(context->tls.ctx, &context->tls);
1175 SSL_CTX_set_min_proto_version(context->tls.ctx, TLS1_VERSION);
1176 coap_set_user_prefs(context->tls.ctx);
1177 SSL_CTX_set_info_callback(context->tls.ctx, coap_dtls_info_callback);
1178 context->tls.meth = BIO_meth_new(BIO_TYPE_SOCKET, "coapsock");
1179 if (!context->tls.meth)
1180 goto error;
1181 BIO_meth_set_write(context->tls.meth, coap_sock_write);
1182 BIO_meth_set_read(context->tls.meth, coap_sock_read);
1183 BIO_meth_set_puts(context->tls.meth, coap_sock_puts);
1184 BIO_meth_set_ctrl(context->tls.meth, coap_sock_ctrl);
1185 BIO_meth_set_create(context->tls.meth, coap_sock_create);
1186 BIO_meth_set_destroy(context->tls.meth, coap_sock_destroy);
1187#endif /* !COAP_DISABLE_TCP */
1188 }
1189
1190 return context;
1191
1192error:
1193 coap_dtls_free_context(context);
1194 return NULL;
1195}
1196
1197#if COAP_SERVER_SUPPORT
1198int
1199coap_dtls_context_set_spsk(coap_context_t *c_context,
1200 coap_dtls_spsk_t *setup_data
1201 ) {
1202 coap_openssl_context_t *o_context =
1203 ((coap_openssl_context_t *)c_context->dtls_context);
1204 BIO *bio;
1205
1206 if (!setup_data || !o_context)
1207 return 0;
1208
1209 SSL_CTX_set_psk_server_callback(o_context->dtls.ctx,
1210 coap_dtls_psk_server_callback);
1211#if !COAP_DISABLE_TCP
1212 SSL_CTX_set_psk_server_callback(o_context->tls.ctx,
1213 coap_dtls_psk_server_callback);
1214#endif /* !COAP_DISABLE_TCP */
1215 if (setup_data->psk_info.hint.s) {
1216 char hint[COAP_DTLS_HINT_LENGTH];
1217 snprintf(hint, sizeof(hint), "%.*s", (int)setup_data->psk_info.hint.length,
1218 setup_data->psk_info.hint.s);
1219 SSL_CTX_use_psk_identity_hint(o_context->dtls.ctx, hint);
1220#if !COAP_DISABLE_TCP
1221 SSL_CTX_use_psk_identity_hint(o_context->tls.ctx, hint);
1222#endif /* !COAP_DISABLE_TCP */
1223 }
1224 if (setup_data->validate_sni_call_back) {
1225#if OPENSSL_VERSION_NUMBER < 0x10101000L
1226 SSL_CTX_set_tlsext_servername_arg(o_context->dtls.ctx,
1227 &c_context->spsk_setup_data);
1228 SSL_CTX_set_tlsext_servername_callback(o_context->dtls.ctx,
1229 psk_tls_server_name_call_back);
1230#if !COAP_DISABLE_TCP
1231 SSL_CTX_set_tlsext_servername_arg(o_context->tls.ctx,
1232 &c_context->spsk_setup_data);
1233 SSL_CTX_set_tlsext_servername_callback(o_context->tls.ctx,
1234 psk_tls_server_name_call_back);
1235#endif /* !COAP_DISABLE_TCP */
1236#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
1237 SSL_CTX_set_client_hello_cb(o_context->dtls.ctx,
1238 psk_tls_client_hello_call_back,
1239 NULL);
1240#if !COAP_DISABLE_TCP
1241 SSL_CTX_set_client_hello_cb(o_context->tls.ctx,
1242 psk_tls_client_hello_call_back,
1243 NULL);
1244#endif /* !COAP_DISABLE_TCP */
1245#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
1246 }
1247
1248 if (!o_context->dtls.ssl) {
1249 /* This is set up to handle new incoming sessions to a server */
1250 o_context->dtls.ssl = SSL_new(o_context->dtls.ctx);
1251 if (!o_context->dtls.ssl)
1252 return 0;
1253 bio = BIO_new(o_context->dtls.meth);
1254 if (!bio) {
1255 SSL_free(o_context->dtls.ssl);
1256 o_context->dtls.ssl = NULL;
1257 return 0;
1258 }
1259 SSL_set_bio(o_context->dtls.ssl, bio, bio);
1260 SSL_set_app_data(o_context->dtls.ssl, NULL);
1261 SSL_set_options(o_context->dtls.ssl, SSL_OP_COOKIE_EXCHANGE);
1262 SSL_set_mtu(o_context->dtls.ssl, COAP_DEFAULT_MTU);
1263 }
1264 if (setup_data->ec_jpake) {
1265 coap_log_warn("OpenSSL has no EC-JPAKE support\n");
1266 }
1267 o_context->psk_pki_enabled |= IS_PSK;
1268 return 1;
1269}
1270#endif /* COAP_SERVER_SUPPORT */
1271
1272#if COAP_CLIENT_SUPPORT
1273int
1274coap_dtls_context_set_cpsk(coap_context_t *c_context,
1275 coap_dtls_cpsk_t *setup_data
1276 ) {
1277 coap_openssl_context_t *o_context =
1278 ((coap_openssl_context_t *)c_context->dtls_context);
1279 BIO *bio;
1280
1281 if (!setup_data || !o_context)
1282 return 0;
1283
1284 if (!o_context->dtls.ssl) {
1285 /* This is set up to handle new incoming sessions to a server */
1286 o_context->dtls.ssl = SSL_new(o_context->dtls.ctx);
1287 if (!o_context->dtls.ssl)
1288 return 0;
1289 bio = BIO_new(o_context->dtls.meth);
1290 if (!bio) {
1291 SSL_free(o_context->dtls.ssl);
1292 o_context->dtls.ssl = NULL;
1293 return 0;
1294 }
1295 SSL_set_bio(o_context->dtls.ssl, bio, bio);
1296 SSL_set_app_data(o_context->dtls.ssl, NULL);
1297 SSL_set_options(o_context->dtls.ssl, SSL_OP_COOKIE_EXCHANGE);
1298 SSL_set_mtu(o_context->dtls.ssl, COAP_DEFAULT_MTU);
1299 }
1300 if (setup_data->ec_jpake) {
1301 coap_log_warn("OpenSSL has no EC-JPAKE support\n");
1302 }
1303 if (setup_data->use_cid) {
1304 coap_log_warn("OpenSSL has no Connection-ID support\n");
1305 }
1306 o_context->psk_pki_enabled |= IS_PSK;
1307 return 1;
1308}
1309#endif /* COAP_CLIENT_SUPPORT */
1310
1311static int
1312map_key_type(int asn1_private_key_type
1313 ) {
1314 switch (asn1_private_key_type) {
1315 case COAP_ASN1_PKEY_NONE:
1316 return EVP_PKEY_NONE;
1317 case COAP_ASN1_PKEY_RSA:
1318 return EVP_PKEY_RSA;
1319 case COAP_ASN1_PKEY_RSA2:
1320 return EVP_PKEY_RSA2;
1321 case COAP_ASN1_PKEY_DSA:
1322 return EVP_PKEY_DSA;
1323 case COAP_ASN1_PKEY_DSA1:
1324 return EVP_PKEY_DSA1;
1325 case COAP_ASN1_PKEY_DSA2:
1326 return EVP_PKEY_DSA2;
1327 case COAP_ASN1_PKEY_DSA3:
1328 return EVP_PKEY_DSA3;
1329 case COAP_ASN1_PKEY_DSA4:
1330 return EVP_PKEY_DSA4;
1331 case COAP_ASN1_PKEY_DH:
1332 return EVP_PKEY_DH;
1333 case COAP_ASN1_PKEY_DHX:
1334 return EVP_PKEY_DHX;
1335 case COAP_ASN1_PKEY_EC:
1336 return EVP_PKEY_EC;
1337 case COAP_ASN1_PKEY_HMAC:
1338 return EVP_PKEY_HMAC;
1339 case COAP_ASN1_PKEY_CMAC:
1340 return EVP_PKEY_CMAC;
1341 case COAP_ASN1_PKEY_TLS1_PRF:
1342 return EVP_PKEY_TLS1_PRF;
1343 case COAP_ASN1_PKEY_HKDF:
1344 return EVP_PKEY_HKDF;
1345 default:
1346 coap_log_warn("*** setup_pki: DTLS: Unknown Private Key type %d for ASN1\n",
1347 asn1_private_key_type);
1348 break;
1349 }
1350 return 0;
1351}
1352#if !COAP_DISABLE_TCP
1353static uint8_t coap_alpn[] = { 4, 'c', 'o', 'a', 'p' };
1354
1355#if COAP_SERVER_SUPPORT
1356static int
1357server_alpn_callback(SSL *ssl COAP_UNUSED,
1358 const unsigned char **out,
1359 unsigned char *outlen,
1360 const unsigned char *in,
1361 unsigned int inlen,
1362 void *arg COAP_UNUSED
1363 ) {
1364 unsigned char *tout = NULL;
1365 int ret;
1366 if (inlen == 0)
1367 return SSL_TLSEXT_ERR_NOACK;
1368 ret = SSL_select_next_proto(&tout,
1369 outlen,
1370 coap_alpn,
1371 sizeof(coap_alpn),
1372 in,
1373 inlen);
1374 *out = tout;
1375 return (ret != OPENSSL_NPN_NEGOTIATED) ? SSL_TLSEXT_ERR_NOACK : SSL_TLSEXT_ERR_OK;
1376}
1377#endif /* COAP_SERVER_SUPPORT */
1378#endif /* !COAP_DISABLE_TCP */
1379
1380static void
1381add_ca_to_cert_store(X509_STORE *st, X509 *x509) {
1382 long e;
1383
1384 /* Flush out existing errors */
1385 while (ERR_get_error() != 0) {
1386 }
1387
1388 if (!X509_STORE_add_cert(st, x509)) {
1389 while ((e = ERR_get_error()) != 0) {
1390 int r = ERR_GET_REASON(e);
1391 if (r != X509_R_CERT_ALREADY_IN_HASH_TABLE) {
1392 /* Not already added */
1393 coap_log_warn("***setup_pki: (D)TLS: %s%s\n",
1394 ERR_reason_error_string(e),
1395 ssl_function_definition(e));
1396 }
1397 }
1398 }
1399}
1400
1401static X509 *
1402missing_ENGINE_load_cert(ENGINE *engine, const char *cert_id) {
1403 struct {
1404 const char *cert_id;
1405 X509 *cert;
1406 } params;
1407
1408 params.cert_id = cert_id;
1409 params.cert = NULL;
1410
1411 /* There is no ENGINE_load_cert() */
1412 if (!ENGINE_ctrl_cmd(engine, "LOAD_CERT_CTRL", 0, &params, NULL, 1)) {
1413 params.cert = NULL;
1414 }
1415 return params.cert;
1416}
1417
1418static int
1419check_pkcs11_engine(void) {
1420 static int already_tried = 0;
1421
1422 if (already_tried)
1423 return 0;
1424
1425 if (!pkcs11_engine) {
1426 pkcs11_engine = ENGINE_by_id(COAP_OPENSSL_PKCS11_ENGINE_ID);
1427 if (!pkcs11_engine) {
1428 coap_log_err("*** setup_pki: (D)TLS: No PKCS11 support - need OpenSSL %s engine\n",
1429 COAP_OPENSSL_PKCS11_ENGINE_ID);
1430 already_tried = 1;
1431 return 0;
1432 }
1433 if (!ENGINE_init(pkcs11_engine)) {
1434 /* the engine couldn't initialise, release 'pkcs11_engine' */
1435 ENGINE_free(pkcs11_engine);
1436 pkcs11_engine = NULL;
1437 coap_log_err("*** setup_pki: (D)TLS: PKCS11 engine initialize failed\n");
1438 already_tried = 1;
1439 return 0;
1440 }
1441 /*
1442 * ENGINE_init() returned a functional reference, so free the structural
1443 * reference from ENGINE_by_id().
1444 */
1445 ENGINE_free(pkcs11_engine);
1446 }
1447 return 1;
1448}
1449
1450#if OPENSSL_VERSION_NUMBER < 0x10101000L && COAP_SERVER_SUPPORT
1451
1452static int
1453install_engine_public_cert_ctx(ENGINE *engine, SSL_CTX *ctx,
1454 const char *public_cert) {
1455 X509 *x509;
1456
1457 x509 = missing_ENGINE_load_cert(engine, public_cert);
1458 if (!x509) {
1459 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1460 "%s Certificate\n",
1461 public_cert,
1462 "Server");
1463 return 0;
1464 }
1465 if (!SSL_CTX_use_certificate(ctx, x509)) {
1466 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1467 "%s Certificate\n",
1468 public_cert,
1469 "Server");
1470 X509_free(x509);
1471 return 0;
1472 }
1473 X509_free(x509);
1474 return 1;
1475}
1476
1477static int
1478install_engine_private_key_ctx(ENGINE *engine, SSL_CTX *ctx,
1479 const char *private_key) {
1480 EVP_PKEY *pkey = ENGINE_load_private_key(engine,
1481 private_key,
1482 NULL, NULL);
1483
1484 if (!pkey) {
1485 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1486 "%s Private Key\n",
1487 private_key,
1488 "Server");
1489 return 0;
1490 }
1491 if (!SSL_CTX_use_PrivateKey(ctx, pkey)) {
1492 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1493 "%s Private Key\n",
1494 private_key,
1495 "Server");
1496 EVP_PKEY_free(pkey);
1497 return 0;
1498 }
1499 EVP_PKEY_free(pkey);
1500 return 1;
1501}
1502
1503static int
1504install_engine_ca_ctx(ENGINE *engine, SSL_CTX *ctx, const char *ca) {
1505 X509 *x509;
1506 X509_STORE *st;
1507
1508 x509 = missing_ENGINE_load_cert(engine,
1509 ca);
1510 if (!x509) {
1511 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1512 "%s CA Certificate\n",
1513 ca,
1514 "Server");
1515 return 0;
1516 }
1517 if (!SSL_CTX_add_client_CA(ctx, x509)) {
1518 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1519 "%s CA Certificate\n",
1520 ca,
1521 "Server");
1522 X509_free(x509);
1523 return 0;
1524 }
1525 st = SSL_CTX_get_cert_store(ctx);
1526 add_ca_to_cert_store(st, x509);
1527 X509_free(x509);
1528 return 1;
1529}
1530
1531static int
1532load_in_cas_ctx(SSL_CTX *ctx,
1533 const char *ca_file) {
1534 STACK_OF(X509_NAME) *cert_names;
1535 X509_STORE *st;
1536 BIO *in;
1537 X509 *x = NULL;
1538 char *rw_var = NULL;
1539 cert_names = SSL_load_client_CA_file(ca_file);
1540 if (cert_names != NULL)
1541 SSL_CTX_set_client_CA_list(ctx, cert_names);
1542 else {
1543 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1544 "client CA File\n",
1545 ca_file);
1546 return 0;
1547 }
1548
1549 /* Add CA to the trusted root CA store */
1550 st = SSL_CTX_get_cert_store(ctx);
1551 in = BIO_new(BIO_s_file());
1552 /* Need to do this to not get a compiler warning about const parameters */
1553 memcpy(&rw_var, &ca_file, sizeof(rw_var));
1554 if (!BIO_read_filename(in, rw_var)) {
1555 BIO_free(in);
1556 X509_free(x);
1557 return 0;
1558 }
1559
1560 for (;;) {
1561 if ((x = PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL)
1562 break;
1563 add_ca_to_cert_store(st, x);
1564 X509_free(x);
1565 }
1566 BIO_free(in);
1567 return 1;
1568}
1569
1570static int
1571setup_pki_server(SSL_CTX *ctx,
1572 const coap_dtls_pki_t *setup_data) {
1573 coap_dtls_key_t key;
1574
1575 /* Map over to the new define format to save code duplication */
1576 coap_dtls_map_key_type_to_define(setup_data, &key);
1577
1578 assert(key.key_type == COAP_PKI_KEY_DEFINE);
1579
1580 /*
1581 * Configure the Private Key
1582 */
1583 if (key.key.define.private_key.u_byte &&
1584 key.key.define.private_key.u_byte[0]) {
1585 switch (key.key.define.private_key_def) {
1586 case COAP_PKI_KEY_DEF_PEM: /* define private key */
1587 if (!(SSL_CTX_use_PrivateKey_file(ctx,
1588 key.key.define.private_key.s_byte,
1589 SSL_FILETYPE_PEM))) {
1590 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1591 COAP_DEFINE_FAIL_BAD,
1592 &key, COAP_DTLS_ROLE_SERVER, 0);
1593 }
1594 break;
1595 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
1596 if (key.key.define.private_key_len) {
1597 BIO *bp = BIO_new_mem_buf(key.key.define.private_key.u_byte,
1598 (int)key.key.define.private_key_len);
1599 EVP_PKEY *pkey = bp ? PEM_read_bio_PrivateKey(bp, NULL, 0, NULL) : NULL;
1600
1601 if (!pkey || !SSL_CTX_use_PrivateKey(ctx, pkey)) {
1602 if (bp)
1603 BIO_free(bp);
1604 if (pkey)
1605 EVP_PKEY_free(pkey);
1606 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1607 COAP_DEFINE_FAIL_BAD,
1608 &key, COAP_DTLS_ROLE_SERVER, 0);
1609 }
1610 if (bp)
1611 BIO_free(bp);
1612 if (pkey)
1613 EVP_PKEY_free(pkey);
1614 } else {
1615 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1616 COAP_DEFINE_FAIL_NONE,
1617 &key, COAP_DTLS_ROLE_SERVER, 0);
1618 }
1619 break;
1620 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
1621 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1622 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1623 &key, COAP_DTLS_ROLE_SERVER, 0);
1624 case COAP_PKI_KEY_DEF_DER: /* define private key */
1625 if (!(SSL_CTX_use_PrivateKey_file(ctx,
1626 key.key.define.private_key.s_byte,
1627 SSL_FILETYPE_ASN1))) {
1628 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1629 COAP_DEFINE_FAIL_BAD,
1630 &key, COAP_DTLS_ROLE_SERVER, 0);
1631 }
1632 break;
1633 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
1634 if (key.key.define.private_key_len == 0 ||
1635 !(SSL_CTX_use_PrivateKey_ASN1(map_key_type(key.key.define.private_key_type),
1636 ctx,
1637 key.key.define.private_key.u_byte,
1638 (long)key.key.define.private_key_len))) {
1639 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1640 COAP_DEFINE_FAIL_BAD,
1641 &key, COAP_DTLS_ROLE_SERVER, 0);
1642 }
1643 break;
1644 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
1645 if (!check_pkcs11_engine()) {
1646 return 0;
1647 }
1648 if (key.key.define.user_pin) {
1649 /* If not set, pin-value may be held in pkcs11: URI */
1650 if (ENGINE_ctrl_cmd_string(pkcs11_engine,
1651 "PIN",
1652 key.key.define.user_pin, 0) == 0) {
1653 coap_log_warn("*** setup_pki: (D)TLS: PKCS11: %s: Unable to set pin\n",
1654 key.key.define.user_pin);
1655 return 0;
1656 }
1657 }
1658 if (!install_engine_private_key_ctx(pkcs11_engine, ctx,
1659 key.key.define.private_key.s_byte)) {
1660 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1661 COAP_DEFINE_FAIL_BAD,
1662 &key, COAP_DTLS_ROLE_SERVER, 0);
1663 }
1664 break;
1665 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
1666 if (!defined_engine ||
1667 !install_engine_private_key_ctx(defined_engine, ctx,
1668 key.key.define.private_key.s_byte)) {
1669 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1670 COAP_DEFINE_FAIL_BAD,
1671 &key, COAP_DTLS_ROLE_SERVER, 0);
1672 }
1673 break;
1674 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
1675 default:
1676 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1677 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1678 &key, COAP_DTLS_ROLE_SERVER, 0);
1679 }
1680 } else if (key.key.define.public_cert.u_byte && key.key.define.public_cert.u_byte[0]) {
1681 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
1682 COAP_DEFINE_FAIL_NONE,
1683 &key, COAP_DTLS_ROLE_SERVER, 0);
1684 }
1685
1686 /*
1687 * Configure the Public Certificate / Key
1688 * OpenSSL < 1.1.1 and Server
1689 */
1690 if (key.key.define.public_cert.u_byte &&
1691 key.key.define.public_cert.u_byte[0]) {
1692 switch (key.key.define.public_cert_def) {
1693 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
1694 if (key.key.define.ca.u_byte &&
1695 key.key.define.ca.u_byte[0]) {
1696 if (!(SSL_CTX_use_certificate_file(ctx,
1697 key.key.define.public_cert.s_byte,
1698 SSL_FILETYPE_PEM))) {
1699 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1700 COAP_DEFINE_FAIL_BAD,
1701 &key, COAP_DTLS_ROLE_SERVER, 0);
1702 }
1703 } else {
1704 if (!SSL_CTX_use_certificate_chain_file(ctx,
1705 key.key.define.public_cert.s_byte)) {
1706 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1707 COAP_DEFINE_FAIL_BAD,
1708 &key, COAP_DTLS_ROLE_SERVER, 0);
1709 }
1710 }
1711 break;
1712 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
1713 if (key.key.define.public_cert_len) {
1714 BIO *bp = BIO_new_mem_buf(key.key.define.public_cert.u_byte,
1715 (int)key.key.define.public_cert_len);
1716 X509 *cert = bp ? PEM_read_bio_X509(bp, NULL, 0, NULL) : NULL;
1717
1718 if (!cert || !SSL_CTX_use_certificate(ctx, cert)) {
1719 if (bp)
1720 BIO_free(bp);
1721 if (cert)
1722 X509_free(cert);
1723 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1724 COAP_DEFINE_FAIL_BAD,
1725 &key, COAP_DTLS_ROLE_SERVER, 0);
1726 }
1727 if (bp)
1728 BIO_free(bp);
1729 if (cert)
1730 X509_free(cert);
1731 } else {
1732 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1733 COAP_DEFINE_FAIL_BAD,
1734 &key, COAP_DTLS_ROLE_SERVER, 0);
1735 }
1736 break;
1737 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
1738 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1739 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1740 &key, COAP_DTLS_ROLE_SERVER, 0);
1741 case COAP_PKI_KEY_DEF_DER: /* define public cert */
1742 if (!(SSL_CTX_use_certificate_file(ctx,
1743 key.key.define.public_cert.s_byte,
1744 SSL_FILETYPE_ASN1))) {
1745 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1746 COAP_DEFINE_FAIL_BAD,
1747 &key, COAP_DTLS_ROLE_SERVER, 0);
1748 }
1749 break;
1750 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
1751 if (key.key.define.public_cert_len == 0 ||
1752 !(SSL_CTX_use_certificate_ASN1(ctx,
1753 (int)key.key.define.public_cert_len,
1754 key.key.define.public_cert.u_byte))) {
1755 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1756 COAP_DEFINE_FAIL_BAD,
1757 &key, COAP_DTLS_ROLE_SERVER, 0);
1758 }
1759 break;
1760 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
1761 if (!check_pkcs11_engine()) {
1762 return 0;
1763 }
1764 if (!install_engine_public_cert_ctx(pkcs11_engine, ctx,
1765 key.key.define.public_cert.s_byte)) {
1766 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1767 COAP_DEFINE_FAIL_BAD,
1768 &key, COAP_DTLS_ROLE_SERVER, 0);
1769 }
1770 break;
1771 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
1772 if (!defined_engine ||
1773 !install_engine_public_cert_ctx(defined_engine, ctx,
1774 key.key.define.public_cert.s_byte)) {
1775 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1776 COAP_DEFINE_FAIL_BAD,
1777 &key, COAP_DTLS_ROLE_SERVER, 0);
1778 }
1779 break;
1780 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
1781 default:
1782 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1783 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1784 &key, COAP_DTLS_ROLE_SERVER, 0);
1785 }
1786 } else if (key.key.define.private_key.u_byte &&
1787 key.key.define.private_key.u_byte[0]) {
1788 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
1789 COAP_DEFINE_FAIL_NONE,
1790 &key, COAP_DTLS_ROLE_SERVER, 0);
1791 }
1792
1793 /*
1794 * Configure the CA
1795 */
1796 if (key.key.define.ca.u_byte &&
1797 key.key.define.ca.u_byte[0]) {
1798 switch (key.key.define.ca_def) {
1799 case COAP_PKI_KEY_DEF_PEM:
1800 if (!load_in_cas_ctx(ctx, key.key.define.ca.s_byte)) {
1801 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1802 COAP_DEFINE_FAIL_BAD,
1803 &key, COAP_DTLS_ROLE_SERVER, 0);
1804 }
1805 break;
1806 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
1807 if (key.key.define.ca_len) {
1808 BIO *bp = BIO_new_mem_buf(key.key.define.ca.s_byte,
1809 (int)key.key.define.ca_len);
1810 X509 *x;
1811 X509_STORE *st = SSL_CTX_get_cert_store(ctx);
1812
1813 if (bp) {
1814 for (;;) {
1815 if ((x = PEM_read_bio_X509(bp, NULL, NULL, NULL)) == NULL)
1816 break;
1817 add_ca_to_cert_store(st, x);
1818 SSL_CTX_add_client_CA(ctx, x);
1819 X509_free(x);
1820 }
1821 BIO_free(bp);
1822 }
1823 } else {
1824 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1825 COAP_DEFINE_FAIL_BAD,
1826 &key, COAP_DTLS_ROLE_SERVER, 0);
1827 }
1828 break;
1829 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
1830 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1831 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1832 &key, COAP_DTLS_ROLE_SERVER, 0);
1833 case COAP_PKI_KEY_DEF_DER: /* define ca */
1834 if (!(SSL_CTX_use_certificate_file(ctx,
1835 key.key.define.ca.s_byte,
1836 SSL_FILETYPE_ASN1))) {
1837 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1838 COAP_DEFINE_FAIL_BAD,
1839 &key, COAP_DTLS_ROLE_SERVER, 0);
1840 }
1841 break;
1842 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
1843 if (key.key.define.ca_len > 0) {
1844 /* Need to use a temp variable as it gets incremented*/
1845 const uint8_t *p = key.key.define.ca.u_byte;
1846 X509 *x509 = d2i_X509(NULL, &p, (long)key.key.define.ca_len);
1847 X509_STORE *st;
1848
1849 if (!x509 || !SSL_CTX_add_client_CA(ctx, x509)) {
1850 X509_free(x509);
1851 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1852 COAP_DEFINE_FAIL_BAD,
1853 &key, COAP_DTLS_ROLE_SERVER, 0);
1854 }
1855
1856 /* Add CA to the trusted root CA store */
1857 st = SSL_CTX_get_cert_store(ctx);
1858 add_ca_to_cert_store(st, x509);
1859 X509_free(x509);
1860 }
1861 break;
1862 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
1863 if (!check_pkcs11_engine()) {
1864 return 0;
1865 }
1866 if (!install_engine_ca_ctx(pkcs11_engine, ctx,
1867 key.key.define.ca.s_byte)) {
1868 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1869 COAP_DEFINE_FAIL_BAD,
1870 &key, COAP_DTLS_ROLE_SERVER, 0);
1871 }
1872 break;
1873 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
1874 if (!defined_engine ||
1875 !install_engine_ca_ctx(defined_engine, ctx,
1876 key.key.define.ca.s_byte)) {
1877 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1878 COAP_DEFINE_FAIL_BAD,
1879 &key, COAP_DTLS_ROLE_SERVER, 0);
1880 }
1881 break;
1882 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
1883 default:
1884 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
1885 COAP_DEFINE_FAIL_NOT_SUPPORTED,
1886 &key, COAP_DTLS_ROLE_SERVER, 0);
1887 }
1888 }
1889
1890 return 1;
1891}
1892#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
1893
1894#if OPENSSL_VERSION_NUMBER >= 0x10101000L || COAP_CLIENT_SUPPORT
1895
1896static int
1897install_engine_public_cert(ENGINE *engine, SSL *ssl, const char *public_cert,
1898 coap_dtls_role_t role) {
1899 X509 *x509;
1900
1901 x509 = missing_ENGINE_load_cert(engine, public_cert);
1902 if (!x509) {
1903 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1904 "%s Certificate\n",
1905 public_cert,
1906 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1907 return 0;
1908 }
1909 if (!SSL_use_certificate(ssl, x509)) {
1910 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1911 "%s Certificate\n",
1912 public_cert,
1913 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1914 X509_free(x509);
1915 return 0;
1916 }
1917 X509_free(x509);
1918 return 1;
1919}
1920
1921static int
1922install_engine_private_key(ENGINE *engine, SSL *ssl, const char *private_key,
1923 coap_dtls_role_t role) {
1924 EVP_PKEY *pkey = ENGINE_load_private_key(engine,
1925 private_key,
1926 NULL, NULL);
1927
1928 if (!pkey) {
1929 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1930 "%s Private Key\n",
1931 private_key,
1932 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1933 return 0;
1934 }
1935 if (!SSL_use_PrivateKey(ssl, pkey)) {
1936 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1937 "%s Private Key\n",
1938 private_key,
1939 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1940 EVP_PKEY_free(pkey);
1941 return 0;
1942 }
1943 EVP_PKEY_free(pkey);
1944 return 1;
1945}
1946
1947static int
1948install_engine_ca(ENGINE *engine, SSL *ssl, const char *ca,
1949 coap_dtls_role_t role) {
1950 X509 *x509;
1951 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1952 X509_STORE *st;
1953
1954 if (!ctx) {
1955 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1956 "%s CA Certificate (no ctx)\n",
1957 ca,
1958 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1959 return 0;
1960 }
1961 x509 = missing_ENGINE_load_cert(engine,
1962 ca);
1963 if (!x509) {
1964 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to load "
1965 "%s CA Certificate\n",
1966 ca,
1967 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1968 return 0;
1969 }
1970 if (!SSL_add_client_CA(ssl, x509)) {
1971 coap_log_warn("*** setup_pki: (D)TLS: %s: Unable to configure "
1972 "%s CA Certificate\n",
1973 ca,
1974 role == COAP_DTLS_ROLE_SERVER ? "Server" : "Client");
1975 X509_free(x509);
1976 return 0;
1977 }
1978 st = SSL_CTX_get_cert_store(ctx);
1979 add_ca_to_cert_store(st, x509);
1980 X509_free(x509);
1981 return 1;
1982}
1983
1984static int
1985load_in_cas(SSL *ssl,
1986 const char *ca_file, coap_dtls_role_t role) {
1987 X509_STORE *st;
1988 BIO *in;
1989 X509 *x = NULL;
1990 char *rw_var = NULL;
1991 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
1992
1993 if (role == COAP_DTLS_ROLE_SERVER) {
1994 STACK_OF(X509_NAME) *cert_names = SSL_load_client_CA_file(ca_file);
1995
1996 if (cert_names != NULL)
1997 SSL_set_client_CA_list(ssl, cert_names);
1998 else {
1999 return 0;
2000 }
2001 }
2002
2003 if (!ctx)
2004 return 0;
2005
2006 /* Add CA to the trusted root CA store */
2007 in = BIO_new(BIO_s_file());
2008 /* Need to do this to not get a compiler warning about const parameters */
2009 memcpy(&rw_var, &ca_file, sizeof(rw_var));
2010 if (!BIO_read_filename(in, rw_var)) {
2011 BIO_free(in);
2012 return 0;
2013 }
2014 st = SSL_CTX_get_cert_store(ctx);
2015 for (;;) {
2016 if ((x = PEM_read_bio_X509(in, NULL, NULL, NULL)) == NULL)
2017 break;
2018 add_ca_to_cert_store(st, x);
2019 X509_free(x);
2020 }
2021 BIO_free(in);
2022 return 1;
2023}
2024
2025static int
2026setup_pki_ssl(SSL *ssl,
2027 coap_dtls_pki_t *setup_data, coap_dtls_role_t role) {
2028 coap_dtls_key_t key;
2029
2030 /* Map over to the new define format to save code duplication */
2031 coap_dtls_map_key_type_to_define(setup_data, &key);
2032
2033 assert(key.key_type == COAP_PKI_KEY_DEFINE);
2034
2035 /*
2036 * Configure the Private Key
2037 */
2038 if (key.key.define.private_key.u_byte &&
2039 key.key.define.private_key.u_byte[0]) {
2040 switch (key.key.define.private_key_def) {
2041 case COAP_PKI_KEY_DEF_PEM: /* define private key */
2042 if (!(SSL_use_PrivateKey_file(ssl,
2043 key.key.define.private_key.s_byte,
2044 SSL_FILETYPE_PEM))) {
2045 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2046 COAP_DEFINE_FAIL_BAD,
2047 &key, role, 0);
2048 }
2049 break;
2050 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
2051 if (key.key.define.private_key_len) {
2052 BIO *bp = BIO_new_mem_buf(key.key.define.private_key.u_byte,
2053 (int)key.key.define.private_key_len);
2054 EVP_PKEY *pkey = bp ? PEM_read_bio_PrivateKey(bp, NULL, 0, NULL) : NULL;
2055
2056 if (!pkey || !SSL_use_PrivateKey(ssl, pkey)) {
2057 if (bp)
2058 BIO_free(bp);
2059 if (pkey)
2060 EVP_PKEY_free(pkey);
2061 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2062 COAP_DEFINE_FAIL_BAD,
2063 &key, role, 0);
2064 }
2065 if (bp)
2066 BIO_free(bp);
2067 if (pkey)
2068 EVP_PKEY_free(pkey);
2069 } else {
2070 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2071 COAP_DEFINE_FAIL_NONE,
2072 &key, role, 0);
2073 }
2074 break;
2075 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
2076 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2077 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2078 &key, role, 0);
2079 case COAP_PKI_KEY_DEF_DER: /* define private key */
2080 if (!(SSL_use_PrivateKey_file(ssl,
2081 key.key.define.private_key.s_byte,
2082 SSL_FILETYPE_ASN1))) {
2083 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2084 COAP_DEFINE_FAIL_BAD,
2085 &key, role, 0);
2086 }
2087 break;
2088 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
2089 if (key.key.define.private_key_len == 0 ||
2090 !(SSL_use_PrivateKey_ASN1(map_key_type(key.key.define.private_key_type),
2091 ssl,
2092 key.key.define.private_key.u_byte,
2093 (long)key.key.define.private_key_len))) {
2094 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2095 COAP_DEFINE_FAIL_BAD,
2096 &key, role, 0);
2097 }
2098 break;
2099 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
2100 if (!check_pkcs11_engine()) {
2101 return 0;
2102 }
2103 if (key.key.define.user_pin) {
2104 /* If not set, pin-value may be held in pkcs11: URI */
2105 if (ENGINE_ctrl_cmd_string(pkcs11_engine,
2106 "PIN",
2107 key.key.define.user_pin, 0) == 0) {
2108 coap_log_warn("*** setup_pki: (D)TLS: PKCS11: %s: Unable to set pin\n",
2109 key.key.define.user_pin);
2110 return 0;
2111 }
2112 }
2113 if (!install_engine_private_key(pkcs11_engine, ssl,
2114 key.key.define.private_key.s_byte,
2115 role)) {
2116 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2117 COAP_DEFINE_FAIL_BAD,
2118 &key, role, 0);
2119 }
2120 break;
2121 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
2122 if (!defined_engine ||
2123 !install_engine_private_key(defined_engine, ssl,
2124 key.key.define.private_key.s_byte,
2125 role)) {
2126 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2127 COAP_DEFINE_FAIL_BAD,
2128 &key, role, 0);
2129 }
2130 break;
2131 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
2132 default:
2133 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2134 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2135 &key, role, 0);
2136 }
2137 } else if (role == COAP_DTLS_ROLE_SERVER ||
2138 (key.key.define.public_cert.u_byte &&
2139 key.key.define.public_cert.u_byte[0])) {
2140 return coap_dtls_define_issue(COAP_DEFINE_KEY_PRIVATE,
2141 COAP_DEFINE_FAIL_NONE,
2142 &key, role, 0);
2143 }
2144
2145 /*
2146 * Configure the Public Certificate / Key
2147 */
2148 if (key.key.define.public_cert.u_byte &&
2149 key.key.define.public_cert.u_byte[0]) {
2150 switch (key.key.define.public_cert_def) {
2151 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
2152 if (key.key.define.ca.u_byte &&
2153 key.key.define.ca.u_byte[0]) {
2154 /* If CA is separately defined */
2155 if (!(SSL_use_certificate_file(ssl,
2156 key.key.define.public_cert.s_byte,
2157 SSL_FILETYPE_PEM))) {
2158 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2159 COAP_DEFINE_FAIL_BAD,
2160 &key, role, 0);
2161 }
2162 } else {
2163 if (!SSL_use_certificate_chain_file(ssl,
2164 key.key.define.public_cert.s_byte)) {
2165 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2166 COAP_DEFINE_FAIL_BAD,
2167 &key, role, 0);
2168 }
2169 }
2170 break;
2171 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
2172 if (key.key.define.public_cert_len) {
2173 BIO *bp = BIO_new_mem_buf(key.key.define.public_cert.s_byte,
2174 (int)key.key.define.public_cert_len);
2175 X509 *cert = bp ? PEM_read_bio_X509(bp, NULL, 0, NULL) : NULL;
2176
2177 if (!cert || !SSL_use_certificate(ssl, cert)) {
2178 if (bp)
2179 BIO_free(bp);
2180 if (cert)
2181 X509_free(cert);
2182 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2183 COAP_DEFINE_FAIL_BAD,
2184 &key, role, 0);
2185 }
2186 if (bp)
2187 BIO_free(bp);
2188 if (cert)
2189 X509_free(cert);
2190 } else {
2191 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2192 COAP_DEFINE_FAIL_BAD,
2193 &key, role, 0);
2194 }
2195 break;
2196 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
2197 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2198 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2199 &key, role, 0);
2200 case COAP_PKI_KEY_DEF_DER: /* define public cert */
2201 if (!(SSL_use_certificate_file(ssl,
2202 key.key.define.public_cert.s_byte,
2203 SSL_FILETYPE_ASN1))) {
2204 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2205 COAP_DEFINE_FAIL_BAD,
2206 &key, role, 0);
2207 }
2208 break;
2209 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
2210 if (key.key.define.public_cert_len == 0 ||
2211 !(SSL_use_certificate_ASN1(ssl,
2212 key.key.define.public_cert.u_byte,
2213 (int)key.key.define.public_cert_len))) {
2214 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2215 COAP_DEFINE_FAIL_BAD,
2216 &key, role, 0);
2217 }
2218 break;
2219 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
2220 if (!check_pkcs11_engine()) {
2221 return 0;
2222 }
2223 if (!install_engine_public_cert(pkcs11_engine, ssl,
2224 key.key.define.public_cert.s_byte,
2225 role)) {
2226 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2227 COAP_DEFINE_FAIL_BAD,
2228 &key, role, 0);
2229 }
2230 break;
2231 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
2232 if (!defined_engine ||
2233 !install_engine_public_cert(defined_engine, ssl,
2234 key.key.define.public_cert.s_byte,
2235 role)) {
2236 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2237 COAP_DEFINE_FAIL_BAD,
2238 &key, role, 0);
2239 }
2240 break;
2241 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
2242 default:
2243 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2244 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2245 &key, role, 0);
2246 }
2247 } else if (role == COAP_DTLS_ROLE_SERVER ||
2248 (key.key.define.private_key.u_byte &&
2249 key.key.define.private_key.u_byte[0])) {
2250 return coap_dtls_define_issue(COAP_DEFINE_KEY_PUBLIC,
2251 COAP_DEFINE_FAIL_NONE,
2252 &key, role, 0);
2253 }
2254
2255 /*
2256 * Configure the CA
2257 */
2258 if (key.key.define.ca.u_byte &&
2259 key.key.define.ca.u_byte[0]) {
2260 switch (key.key.define.ca_def) {
2261 case COAP_PKI_KEY_DEF_PEM:
2262 if (!load_in_cas(ssl, key.key.define.ca.s_byte, role)) {
2263 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2264 COAP_DEFINE_FAIL_BAD,
2265 &key, role, 0);
2266 }
2267 break;
2268 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
2269 if (key.key.define.ca_len) {
2270 BIO *bp = BIO_new_mem_buf(key.key.define.ca.u_byte,
2271 (int)key.key.define.ca_len);
2272 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
2273 X509 *x;
2274 X509_STORE *st = ctx? SSL_CTX_get_cert_store(ctx) : NULL;
2275
2276 if (bp) {
2277 for (;;) {
2278 if ((x = PEM_read_bio_X509(bp, NULL, 0, NULL)) == NULL)
2279 break;
2280 if (st)
2281 add_ca_to_cert_store(st, x);
2282 SSL_add_client_CA(ssl, x);
2283 X509_free(x);
2284 }
2285 BIO_free(bp);
2286 }
2287 } else {
2288 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2289 COAP_DEFINE_FAIL_BAD,
2290 &key, role, 0);
2291 }
2292 break;
2293 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
2294 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2295 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2296 &key, role, 0);
2297 case COAP_PKI_KEY_DEF_DER: /* define ca */
2298 if (!(SSL_use_certificate_file(ssl,
2299 key.key.define.ca.s_byte,
2300 SSL_FILETYPE_ASN1))) {
2301 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2302 COAP_DEFINE_FAIL_BAD,
2303 &key, role, 0);
2304 }
2305 break;
2306 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
2307 if (key.key.define.ca_len > 0) {
2308 /* Need to use a temp variable as it gets incremented*/
2309 const uint8_t *p = key.key.define.ca.u_byte;
2310 X509 *x509 = d2i_X509(NULL, &p, (long)key.key.define.ca_len);
2311 X509_STORE *st;
2312 SSL_CTX *ctx = SSL_get_SSL_CTX(ssl);
2313
2314 if (role == COAP_DTLS_ROLE_SERVER) {
2315 if (!x509 || !SSL_add_client_CA(ssl, x509)) {
2316 X509_free(x509);
2317 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2318 COAP_DEFINE_FAIL_BAD,
2319 &key, role, 0);
2320 }
2321 }
2322
2323 /* Add CA to the trusted root CA store */
2324 st = ctx ? SSL_CTX_get_cert_store(ctx) : NULL;
2325 if (st)
2326 add_ca_to_cert_store(st, x509);
2327 X509_free(x509);
2328 }
2329 break;
2330 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
2331 if (!check_pkcs11_engine()) {
2332 return 0;
2333 }
2334 if (!install_engine_ca(pkcs11_engine, ssl,
2335 key.key.define.ca.s_byte,
2336 role)) {
2337 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2338 COAP_DEFINE_FAIL_BAD,
2339 &key, role, 0);
2340 }
2341 break;
2342 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
2343 if (!defined_engine ||
2344 !install_engine_ca(defined_engine, ssl,
2345 key.key.define.ca.s_byte,
2346 role)) {
2347 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2348 COAP_DEFINE_FAIL_BAD,
2349 &key, role, 0);
2350 }
2351 break;
2352 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
2353 default:
2354 return coap_dtls_define_issue(COAP_DEFINE_KEY_CA,
2355 COAP_DEFINE_FAIL_NOT_SUPPORTED,
2356 &key, role, 0);
2357 }
2358 }
2359
2360 return 1;
2361}
2362#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L || COAP_CLIENT_SUPPORT */
2363
2364static char *
2365get_san_or_cn_from_cert(X509 *x509) {
2366 if (x509) {
2367 char *cn;
2368 int n;
2369 STACK_OF(GENERAL_NAME) *san_list;
2370 char buffer[256];
2371
2372 san_list = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
2373 if (san_list) {
2374 int san_count = sk_GENERAL_NAME_num(san_list);
2375
2376 for (n = 0; n < san_count; n++) {
2377 const GENERAL_NAME *name = sk_GENERAL_NAME_value(san_list, n);
2378
2379 if (name && name->type == GEN_DNS) {
2380 const char *dns_name = (const char *)ASN1_STRING_get0_data(name->d.dNSName);
2381
2382 /* Make sure that there is not an embedded NUL in the dns_name */
2383 if (ASN1_STRING_length(name->d.dNSName) != (int)strlen(dns_name))
2384 continue;
2385 cn = OPENSSL_strdup(dns_name);
2386 sk_GENERAL_NAME_pop_free(san_list, GENERAL_NAME_free);
2387 return cn;
2388 }
2389 }
2390 sk_GENERAL_NAME_pop_free(san_list, GENERAL_NAME_free);
2391 }
2392 /* Otherwise look for the CN= field */
2393 X509_NAME_oneline(X509_get_subject_name(x509), buffer, sizeof(buffer));
2394
2395 /* Need to emulate strcasestr() here. Looking for CN= */
2396 n = (int)strlen(buffer) - 3;
2397 cn = buffer;
2398 while (n > 0) {
2399 if (((cn[0] == 'C') || (cn[0] == 'c')) &&
2400 ((cn[1] == 'N') || (cn[1] == 'n')) &&
2401 (cn[2] == '=')) {
2402 cn += 3;
2403 break;
2404 }
2405 cn++;
2406 n--;
2407 }
2408 if (n > 0) {
2409 char *ecn = strchr(cn, '/');
2410 if (ecn) {
2411 return OPENSSL_strndup(cn, ecn-cn);
2412 } else {
2413 return OPENSSL_strdup(cn);
2414 }
2415 }
2416 }
2417 return NULL;
2418}
2419
2420static int
2421tls_verify_call_back(int preverify_ok, X509_STORE_CTX *ctx) {
2422 int index = SSL_get_ex_data_X509_STORE_CTX_idx();
2423 SSL *ssl = index >= 0 ? X509_STORE_CTX_get_ex_data(ctx, index) : NULL;
2424 coap_session_t *session = ssl ? SSL_get_app_data(ssl) : NULL;
2425 coap_openssl_context_t *context = (session && session->context) ?
2426 ((coap_openssl_context_t *)session->context->dtls_context) : NULL;
2427 coap_dtls_pki_t *setup_data = context ? &context->setup_data : NULL;
2428 int depth = X509_STORE_CTX_get_error_depth(ctx);
2429 int err = X509_STORE_CTX_get_error(ctx);
2430 X509 *x509 = X509_STORE_CTX_get_current_cert(ctx);
2431 char *cn = x509 ? get_san_or_cn_from_cert(x509) : NULL;
2432 int keep_preverify_ok = preverify_ok;
2433
2434 coap_dtls_log(COAP_LOG_DEBUG, "depth %d error %x preverify %d cert '%s'\n",
2435 depth, err, preverify_ok, cn);
2436 if (!setup_data) {
2437 X509_STORE_CTX_set_error(ctx, X509_V_ERR_UNSPECIFIED);
2438 OPENSSL_free(cn);
2439 return 0;
2440 }
2441 if (!preverify_ok) {
2442 switch (err) {
2443 case X509_V_ERR_CERT_NOT_YET_VALID:
2444 case X509_V_ERR_CERT_HAS_EXPIRED:
2445 if (setup_data->allow_expired_certs)
2446 preverify_ok = 1;
2447 break;
2448 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
2449 if (setup_data->allow_self_signed && !setup_data->check_common_ca)
2450 preverify_ok = 1;
2451 break;
2452 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: /* Set if the CA is not known */
2453 if (!setup_data->verify_peer_cert)
2454 preverify_ok = 1;
2455 break;
2456 case X509_V_ERR_UNABLE_TO_GET_CRL:
2457 if (setup_data->allow_no_crl)
2458 preverify_ok = 1;
2459 break;
2460 case X509_V_ERR_CRL_NOT_YET_VALID:
2461 case X509_V_ERR_CRL_HAS_EXPIRED:
2462 if (setup_data->allow_expired_crl)
2463 preverify_ok = 1;
2464 break;
2465 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
2466 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
2467 case X509_V_ERR_AKID_SKID_MISMATCH:
2468 if (!setup_data->verify_peer_cert)
2469 preverify_ok = 1;
2470 break;
2471 default:
2472 break;
2473 }
2474 if (setup_data->cert_chain_validation &&
2475 depth > (setup_data->cert_chain_verify_depth + 1)) {
2476 preverify_ok = 0;
2477 err = X509_V_ERR_CERT_CHAIN_TOO_LONG;
2478 X509_STORE_CTX_set_error(ctx, err);
2479 }
2480 if (!preverify_ok) {
2481 if (err == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN) {
2482 coap_log_warn(" %s: %s: '%s' depth=%d\n",
2483 coap_session_str(session),
2484 "Unknown CA", cn ? cn : "?", depth);
2485 } else {
2486 coap_log_warn(" %s: %s: '%s' depth=%d\n",
2487 coap_session_str(session),
2488 X509_verify_cert_error_string(err), cn ? cn : "?", depth);
2489 }
2490 } else {
2491 coap_log_info(" %s: %s: overridden: '%s' depth=%d\n",
2492 coap_session_str(session),
2493 X509_verify_cert_error_string(err), cn ? cn : "?", depth);
2494 }
2495 }
2496 /* Certificate - depth == 0 is the Client Cert */
2497 if (setup_data->validate_cn_call_back && keep_preverify_ok) {
2498 int length = i2d_X509(x509, NULL);
2499 uint8_t *base_buf;
2500 uint8_t *base_buf2 = base_buf = length > 0 ? OPENSSL_malloc(length) : NULL;
2501 int ret;
2502
2503 if (base_buf) {
2504 /* base_buf2 gets moved to the end */
2505 assert(i2d_X509(x509, &base_buf2) > 0);
2506 coap_lock_callback_ret(ret, c_session->context,
2507 setup_data->validate_cn_call_back(cn, base_buf, length, session,
2508 depth, preverify_ok,
2509 setup_data->cn_call_back_arg));
2510 if (!ret) {
2511 if (depth == 0) {
2512 X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
2513 } else {
2514 X509_STORE_CTX_set_error(ctx, X509_V_ERR_INVALID_CA);
2515 }
2516 preverify_ok = 0;
2517 }
2518 OPENSSL_free(base_buf);
2519 } else {
2520 X509_STORE_CTX_set_error(ctx, X509_V_ERR_UNSPECIFIED);
2521 preverify_ok = 0;
2522 }
2523 }
2524 OPENSSL_free(cn);
2525 return preverify_ok;
2526}
2527
2528#if COAP_SERVER_SUPPORT
2529#if OPENSSL_VERSION_NUMBER < 0x10101000L
2530/* OpenSSL < 1.1.1 */
2531/*
2532 * During the SSL/TLS initial negotiations, tls_secret_call_back() is called so
2533 * it is possible to determine whether this is a PKI or PSK incoming
2534 * request and adjust the ciphers if necessary
2535 *
2536 * Set up by SSL_set_session_secret_cb() in tls_server_name_call_back()
2537 */
2538static int
2539tls_secret_call_back(SSL *ssl,
2540 void *secret,
2541 int *secretlen,
2542 STACK_OF(SSL_CIPHER) *peer_ciphers,
2543 const SSL_CIPHER **cipher COAP_UNUSED,
2544 void *arg) {
2545 int ii;
2546 int psk_requested = 0;
2547 coap_session_t *session;
2548 coap_dtls_pki_t *setup_data = (coap_dtls_pki_t *)arg;
2549
2550 session = (coap_session_t *)SSL_get_app_data(ssl);
2551 assert(session != NULL);
2552 assert(session->context != NULL);
2553 if (session == NULL ||
2554 session->context == NULL)
2555 return 0;
2556
2557 if ((session->psk_key) ||
2558 (session->context->spsk_setup_data.psk_info.key.s &&
2559 session->context->spsk_setup_data.psk_info.key.length)) {
2560 /* Is PSK being requested - if so, we need to change algorithms */
2561 for (ii = 0; ii < sk_SSL_CIPHER_num(peer_ciphers); ii++) {
2562 const SSL_CIPHER *peer_cipher = sk_SSL_CIPHER_value(peer_ciphers, ii);
2563
2564 coap_dtls_log(COAP_LOG_INFO, "Client cipher: %s\n",
2565 SSL_CIPHER_get_name(peer_cipher));
2566 if (strstr(SSL_CIPHER_get_name(peer_cipher), "PSK")) {
2567 psk_requested = 1;
2568 break;
2569 }
2570 }
2571 }
2572 if (!psk_requested) {
2573 coap_log_debug(" %s: Using PKI ciphers\n",
2574 coap_session_str(session));
2575
2576 if (setup_data->verify_peer_cert) {
2577 SSL_set_verify(ssl,
2578 SSL_VERIFY_PEER |
2579 SSL_VERIFY_CLIENT_ONCE |
2580 SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
2581 tls_verify_call_back);
2582 } else {
2583 SSL_set_verify(ssl, SSL_VERIFY_NONE, tls_verify_call_back);
2584 }
2585
2586 /* Check CA Chain */
2587 if (setup_data->cert_chain_validation)
2588 SSL_set_verify_depth(ssl, setup_data->cert_chain_verify_depth + 2);
2589
2590 /* Certificate Revocation */
2591 if (setup_data->check_cert_revocation) {
2592 X509_VERIFY_PARAM *param;
2593
2594 param = X509_VERIFY_PARAM_new();
2595 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
2596 SSL_set1_param(ssl, param);
2597 X509_VERIFY_PARAM_free(param);
2598 }
2599 if (setup_data->additional_tls_setup_call_back) {
2600 /* Additional application setup wanted */
2601 if (!setup_data->additional_tls_setup_call_back(ssl, setup_data))
2602 return 0;
2603 }
2604 } else {
2605 if (session->psk_key) {
2606 memcpy(secret, session->psk_key->s, session->psk_key->length);
2607 *secretlen = session->psk_key->length;
2608 } else if (session->context->spsk_setup_data.psk_info.key.s &&
2609 session->context->spsk_setup_data.psk_info.key.length) {
2610 memcpy(secret, session->context->spsk_setup_data.psk_info.key.s,
2611 session->context->spsk_setup_data.psk_info.key.length);
2612 *secretlen = session->context->spsk_setup_data.psk_info.key.length;
2613 }
2614 coap_log_debug(" %s: Setting PSK ciphers\n",
2615 coap_session_str(session));
2616 /*
2617 * Force a PSK algorithm to be used, so we do PSK
2618 */
2619 SSL_set_cipher_list(ssl, COAP_OPENSSL_PSK_CIPHERS);
2620 SSL_set_psk_server_callback(ssl, coap_dtls_psk_server_callback);
2621 }
2622 return 0;
2623}
2624
2625/* OpenSSL < 1.1.1 */
2626/*
2627 * During the SSL/TLS initial negotiations, tls_server_name_call_back() is
2628 * called so it is possible to set up an extra callback to determine whether
2629 * this is a PKI or PSK incoming request and adjust the ciphers if necessary
2630 *
2631 * Set up by SSL_CTX_set_tlsext_servername_callback() in
2632 * coap_dtls_context_set_pki()
2633 */
2634static int
2635tls_server_name_call_back(SSL *ssl,
2636 int *sd COAP_UNUSED,
2637 void *arg) {
2638 coap_dtls_pki_t *setup_data = (coap_dtls_pki_t *)arg;
2639
2640 if (!ssl) {
2641 return SSL_TLSEXT_ERR_NOACK;
2642 }
2643
2644 if (setup_data->validate_sni_call_back) {
2645 /* SNI checking requested */
2646 coap_session_t *session = (coap_session_t *)SSL_get_app_data(ssl);
2647 coap_openssl_context_t *context = (session && session->context) ?
2648 ((coap_openssl_context_t *)session->context->dtls_context) : NULL;
2649 const char *sni = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
2650 size_t i;
2651
2652 if !context)
2653 return SSL_TLSEXT_ERR_NOACK;
2654
2655 if (!sni || !sni[0]) {
2656 sni = "";
2657 }
2658 for (i = 0; i < context->sni_count; i++) {
2659 if (!strcasecmp(sni, context->sni_entry_list[i].sni)) {
2660 break;
2661 }
2662 }
2663 if (i == context->sni_count) {
2664 SSL_CTX *ctx;
2665 coap_dtls_pki_t sni_setup_data;
2666 coap_dtls_key_t *new_entry;
2667
2668 coap_lock_callback_ret(new_entry, c_session->context,
2669 setup_data->validate_sni_call_back(sni,
2670 setup_data->sni_call_back_arg));
2671 if (!new_entry) {
2672 return SSL_TLSEXT_ERR_ALERT_FATAL;
2673 }
2674 /* Need to set up a new SSL_CTX to switch to */
2675 if (session->proto == COAP_PROTO_DTLS) {
2676 /* Set up DTLS context */
2677 ctx = SSL_CTX_new(DTLS_method());
2678 if (!ctx)
2679 goto error;
2680 SSL_CTX_set_min_proto_version(ctx, DTLS1_2_VERSION);
2681 SSL_CTX_set_app_data(ctx, &context->dtls);
2682 SSL_CTX_set_read_ahead(ctx, 1);
2683 coap_set_user_prefs(ctx);
2684 SSL_CTX_set_cookie_generate_cb(ctx, coap_dtls_generate_cookie);
2685 SSL_CTX_set_cookie_verify_cb(ctx, coap_dtls_verify_cookie);
2686 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2687 SSL_CTX_set_options(ctx, SSL_OP_NO_QUERY_MTU);
2688 }
2689#if !COAP_DISABLE_TCP
2690 else {
2691 /* Set up TLS context */
2692 ctx = SSL_CTX_new(TLS_method());
2693 if (!ctx)
2694 goto error;
2695 SSL_CTX_set_app_data(ctx, &context->tls);
2696 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2697 coap_set_user_prefs(ctx);
2698 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2699 SSL_CTX_set_alpn_select_cb(ctx, server_alpn_callback, NULL);
2700 }
2701#endif /* !COAP_DISABLE_TCP */
2702 sni_setup_data = *setup_data;
2703 sni_setup_data.pki_key = *new_entry;
2704 setup_pki_server(ctx, &sni_setup_data);
2705
2706 context->sni_entry_list = OPENSSL_realloc(context->sni_entry_list,
2707 (context->sni_count+1)*sizeof(sni_entry));
2708 context->sni_entry_list[context->sni_count].sni = OPENSSL_strdup(sni);
2709 context->sni_entry_list[context->sni_count].ctx = ctx;
2710 context->sni_count++;
2711 }
2712 SSL_set_SSL_CTX(ssl, context->sni_entry_list[i].ctx);
2713 SSL_clear_options(ssl, 0xFFFFFFFFL);
2714 SSL_set_options(ssl, SSL_CTX_get_options(context->sni_entry_list[i].ctx));
2715 }
2716
2717 /*
2718 * Have to do extra call back next to get client algorithms
2719 * SSL_get_client_ciphers() does not work this early on
2720 */
2721 SSL_set_session_secret_cb(ssl, tls_secret_call_back, arg);
2722 return SSL_TLSEXT_ERR_OK;
2723
2724error:
2725 return SSL_TLSEXT_ERR_ALERT_WARNING;
2726}
2727
2728/* OpenSSL < 1.1.1 */
2729/*
2730 * During the SSL/TLS initial negotiations, psk_tls_server_name_call_back() is
2731 * called to see if SNI is being used.
2732 *
2733 * Set up by SSL_CTX_set_tlsext_servername_callback()
2734 * in coap_dtls_context_set_spsk()
2735 */
2736static int
2737psk_tls_server_name_call_back(SSL *ssl,
2738 int *sd COAP_UNUSED,
2739 void *arg
2740 ) {
2741 coap_dtls_spsk_t *setup_data = (coap_dtls_spsk_t *)arg;
2742
2743 if (!ssl) {
2744 return SSL_TLSEXT_ERR_NOACK;
2745 }
2746
2747 if (setup_data->validate_sni_call_back) {
2748 /* SNI checking requested */
2749 coap_session_t *c_session = (coap_session_t *)SSL_get_app_data(ssl);
2750 coap_openssl_context_t *o_context = (c_session && c_session->context) ?
2751 ((coap_openssl_context_t *)c_session->context->dtls_context) : NULL;
2752 const char *sni = SSL_get_servername(ssl, TLSEXT_NAMETYPE_host_name);
2753 size_t i;
2754 char lhint[COAP_DTLS_HINT_LENGTH];
2755
2756 if (!o_context)
2757 return SSL_TLSEXT_ERR_ALERT_FATAL;
2758
2759 if (!sni || !sni[0]) {
2760 sni = "";
2761 }
2762 for (i = 0; i < o_context->psk_sni_count; i++) {
2763 if (!strcasecmp(sni, (char *)o_context->psk_sni_entry_list[i].sni)) {
2764 break;
2765 }
2766 }
2767 if (i == o_context->psk_sni_count) {
2768 SSL_CTX *ctx;
2769 const coap_dtls_spsk_info_t *new_entry;
2770
2771 coap_lock_callback_ret(new_entry, c_session->context,
2772 setup_data->validate_sni_call_back(sni,
2773 c_session,
2774 setup_data->sni_call_back_arg));
2775 if (!new_entry) {
2776 return SSL_TLSEXT_ERR_ALERT_FATAL;
2777 }
2778 /* Need to set up a new SSL_CTX to switch to */
2779 if (c_session->proto == COAP_PROTO_DTLS) {
2780 /* Set up DTLS context */
2781 ctx = SSL_CTX_new(DTLS_method());
2782 if (!ctx)
2783 goto error;
2784 SSL_CTX_set_min_proto_version(ctx, DTLS1_2_VERSION);
2785 SSL_CTX_set_app_data(ctx, &o_context->dtls);
2786 SSL_CTX_set_read_ahead(ctx, 1);
2787 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
2788 SSL_CTX_set_cookie_generate_cb(ctx, coap_dtls_generate_cookie);
2789 SSL_CTX_set_cookie_verify_cb(ctx, coap_dtls_verify_cookie);
2790 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2791 SSL_CTX_set_options(ctx, SSL_OP_NO_QUERY_MTU);
2792 }
2793#if !COAP_DISABLE_TCP
2794 else {
2795 /* Set up TLS context */
2796 ctx = SSL_CTX_new(TLS_method());
2797 if (!ctx)
2798 goto error;
2799 SSL_CTX_set_app_data(ctx, &o_context->tls);
2800 SSL_CTX_set_min_proto_version(ctx, TLS1_VERSION);
2801 SSL_CTX_set_cipher_list(ctx, COAP_OPENSSL_CIPHERS);
2802 SSL_CTX_set_info_callback(ctx, coap_dtls_info_callback);
2803 SSL_CTX_set_alpn_select_cb(ctx, server_alpn_callback, NULL);
2804 }
2805#endif /* !COAP_DISABLE_TCP */
2806
2807 o_context->psk_sni_entry_list =
2808 OPENSSL_realloc(o_context->psk_sni_entry_list,
2809 (o_context->psk_sni_count+1)*sizeof(psk_sni_entry));
2810 o_context->psk_sni_entry_list[o_context->psk_sni_count].sni =
2811 OPENSSL_strdup(sni);
2812 o_context->psk_sni_entry_list[o_context->psk_sni_count].psk_info =
2813 *new_entry;
2814 o_context->psk_sni_entry_list[o_context->psk_sni_count].ctx =
2815 ctx;
2816 o_context->psk_sni_count++;
2817 }
2818 SSL_set_SSL_CTX(ssl, o_context->psk_sni_entry_list[i].ctx);
2819 SSL_clear_options(ssl, 0xFFFFFFFFL);
2820 SSL_set_options(ssl,
2821 SSL_CTX_get_options(o_context->psk_sni_entry_list[i].ctx));
2822 coap_session_refresh_psk_key(c_session,
2823 &o_context->psk_sni_entry_list[i].psk_info.key);
2824 snprintf(lhint, sizeof(lhint), "%.*s",
2825 (int)o_context->psk_sni_entry_list[i].psk_info.hint.length,
2826 o_context->psk_sni_entry_list[i].psk_info.hint.s);
2827 SSL_use_psk_identity_hint(ssl, lhint);
2828 }
2829
2830 /*
2831 * Have to do extra call back next to get client algorithms
2832 * SSL_get_client_ciphers() does not work this early on
2833 */
2834 SSL_set_session_secret_cb(ssl, tls_secret_call_back, arg);
2835 return SSL_TLSEXT_ERR_OK;
2836
2837error:
2838 return SSL_TLSEXT_ERR_ALERT_WARNING;
2839}
2840#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
2841/* OpenSSL >= 1.1.1 */
2842/*
2843 * During the SSL/TLS initial negotiations, tls_client_hello_call_back() is
2844 * called early in the Client Hello processing so it is possible to determine
2845 * whether this is a PKI or PSK incoming request and adjust the ciphers if
2846 * necessary.
2847 *
2848 * Set up by SSL_CTX_set_client_hello_cb().
2849 */
2850static int
2851tls_client_hello_call_back(SSL *ssl,
2852 int *al,
2853 void *arg COAP_UNUSED
2854 ) {
2855 coap_session_t *session;
2856 coap_openssl_context_t *dtls_context;
2857 coap_dtls_pki_t *setup_data;
2858 int psk_requested = 0;
2859 const unsigned char *out;
2860 size_t outlen;
2861
2862 if (!ssl) {
2863 *al = SSL_AD_INTERNAL_ERROR;
2864 return SSL_CLIENT_HELLO_ERROR;
2865 }
2866 session = (coap_session_t *)SSL_get_app_data(ssl);
2867 assert(session != NULL);
2868 assert(session->context != NULL);
2869 assert(session->context->dtls_context != NULL);
2870 if (session == NULL ||
2871 session->context == NULL ||
2872 session->context->dtls_context == NULL) {
2873 *al = SSL_AD_INTERNAL_ERROR;
2874 return SSL_CLIENT_HELLO_ERROR;
2875 }
2876 dtls_context = (coap_openssl_context_t *)session->context->dtls_context;
2877 setup_data = &dtls_context->setup_data;
2878
2879 /*
2880 * See if PSK being requested
2881 */
2882 if ((session->psk_key) ||
2883 (session->context->spsk_setup_data.psk_info.key.s &&
2884 session->context->spsk_setup_data.psk_info.key.length)) {
2885 size_t len = SSL_client_hello_get0_ciphers(ssl, &out);
2886 STACK_OF(SSL_CIPHER) *peer_ciphers = NULL;
2887 STACK_OF(SSL_CIPHER) *scsvc = NULL;
2888
2889 if (len && SSL_bytes_to_cipher_list(ssl, out, len,
2890 SSL_client_hello_isv2(ssl),
2891 &peer_ciphers, &scsvc)) {
2892 int ii;
2893 for (ii = 0; ii < sk_SSL_CIPHER_num(peer_ciphers); ii++) {
2894 const SSL_CIPHER *peer_cipher = sk_SSL_CIPHER_value(peer_ciphers, ii);
2895
2896 coap_dtls_log(COAP_LOG_INFO,
2897 "Client cipher: %s (%04x)\n",
2898 SSL_CIPHER_get_name(peer_cipher),
2899 SSL_CIPHER_get_protocol_id(peer_cipher));
2900 if (strstr(SSL_CIPHER_get_name(peer_cipher), "PSK")) {
2901 psk_requested = 1;
2902 break;
2903 }
2904 }
2905 }
2906 sk_SSL_CIPHER_free(peer_ciphers);
2907 sk_SSL_CIPHER_free(scsvc);
2908 }
2909
2910 if (psk_requested) {
2911 /*
2912 * Client has requested PSK and it is supported
2913 */
2914 coap_log_debug(" %s: PSK request\n",
2915 coap_session_str(session));
2916 SSL_set_psk_server_callback(ssl, coap_dtls_psk_server_callback);
2917 if (setup_data->additional_tls_setup_call_back) {
2918 /* Additional application setup wanted */
2919 if (!setup_data->additional_tls_setup_call_back(ssl, setup_data))
2920 return 0;
2921 }
2922 return SSL_CLIENT_HELLO_SUCCESS;
2923 }
2924
2925 /*
2926 * Handle Certificate requests
2927 */
2928
2929 /*
2930 * Determine what type of certificate is being requested
2931 */
2932 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_client_certificate_type,
2933 &out, &outlen)) {
2934 size_t ii;
2935 for (ii = 0; ii < outlen; ii++) {
2936 switch (out[ii]) {
2937 case 0:
2938 /* RFC6091 X.509 */
2939 if (outlen >= 2) {
2940 /* X.509 cannot be the singular entry. RFC6091 3.1. Client Hello */
2941 goto is_x509;
2942 }
2943 break;
2944 case 2:
2945 /* RFC7250 RPK - not yet supported */
2946 break;
2947 default:
2948 break;
2949 }
2950 }
2951 *al = SSL_AD_UNSUPPORTED_EXTENSION;
2952 return SSL_CLIENT_HELLO_ERROR;
2953 }
2954
2955is_x509:
2956 if (setup_data->validate_sni_call_back) {
2957 /*
2958 * SNI checking requested
2959 */
2960 coap_dtls_pki_t sni_setup_data;
2961 coap_openssl_context_t *context =
2962 ((coap_openssl_context_t *)session->context->dtls_context);
2963 const char *sni = "";
2964 char *sni_tmp = NULL;
2965 size_t i;
2966
2967 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &out, &outlen) &&
2968 outlen > 5 &&
2969 (((out[0]<<8) + out[1] +2) == (int)outlen) &&
2970 out[2] == TLSEXT_NAMETYPE_host_name &&
2971 (((out[3]<<8) + out[4] +2 +3) == (int)outlen)) {
2972 /* Skip over length, type and length */
2973 out += 5;
2974 outlen -= 5;
2975 sni_tmp = OPENSSL_malloc(outlen+1);
2976 sni_tmp[outlen] = '\000';
2977 memcpy(sni_tmp, out, outlen);
2978 sni = sni_tmp;
2979 }
2980 /* Is this a cached entry? */
2981 for (i = 0; i < context->sni_count; i++) {
2982 if (!strcasecmp(sni, context->sni_entry_list[i].sni)) {
2983 break;
2984 }
2985 }
2986 if (i == context->sni_count) {
2987 /*
2988 * New SNI request
2989 */
2990 coap_dtls_key_t *new_entry;
2991
2992 coap_lock_callback_ret(new_entry, c_session->context,
2993 setup_data->validate_sni_call_back(sni,
2994 setup_data->sni_call_back_arg));
2995 if (!new_entry) {
2996 *al = SSL_AD_UNRECOGNIZED_NAME;
2997 return SSL_CLIENT_HELLO_ERROR;
2998 }
2999
3000
3001 context->sni_entry_list = OPENSSL_realloc(context->sni_entry_list,
3002 (context->sni_count+1)*sizeof(sni_entry));
3003 context->sni_entry_list[context->sni_count].sni = OPENSSL_strdup(sni);
3004 context->sni_entry_list[context->sni_count].pki_key = *new_entry;
3005 context->sni_count++;
3006 }
3007 if (sni_tmp) {
3008 OPENSSL_free(sni_tmp);
3009 }
3010 sni_setup_data = *setup_data;
3011 sni_setup_data.pki_key = context->sni_entry_list[i].pki_key;
3012 setup_pki_ssl(ssl, &sni_setup_data, COAP_DTLS_ROLE_SERVER);
3013 } else {
3014 setup_pki_ssl(ssl, setup_data, COAP_DTLS_ROLE_SERVER);
3015 }
3016
3017 coap_log_debug(" %s: Using PKI ciphers\n",
3018 coap_session_str(session));
3019
3020 if (setup_data->verify_peer_cert) {
3021 SSL_set_verify(ssl,
3022 SSL_VERIFY_PEER |
3023 SSL_VERIFY_CLIENT_ONCE |
3024 SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
3025 tls_verify_call_back);
3026 } else {
3027 SSL_set_verify(ssl, SSL_VERIFY_NONE, tls_verify_call_back);
3028 }
3029
3030 /* Check CA Chain */
3031 if (setup_data->cert_chain_validation)
3032 SSL_set_verify_depth(ssl, setup_data->cert_chain_verify_depth + 2);
3033
3034 /* Certificate Revocation */
3035 if (setup_data->check_cert_revocation) {
3036 X509_VERIFY_PARAM *param;
3037
3038 param = X509_VERIFY_PARAM_new();
3039 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
3040 SSL_set1_param(ssl, param);
3041 X509_VERIFY_PARAM_free(param);
3042 }
3043 if (setup_data->additional_tls_setup_call_back) {
3044 /* Additional application setup wanted */
3045 if (!setup_data->additional_tls_setup_call_back(ssl, setup_data))
3046 return 0;
3047 }
3048 return SSL_CLIENT_HELLO_SUCCESS;
3049}
3050
3051/* OpenSSL >= 1.1.1 */
3052/*
3053 * During the SSL/TLS initial negotiations, psk_tls_client_hello_call_back() is
3054 * called early in the Client Hello processing so it is possible to determine
3055 * whether SNI needs to be handled
3056 *
3057 * Set up by SSL_CTX_set_client_hello_cb().
3058 */
3059static int
3060psk_tls_client_hello_call_back(SSL *ssl,
3061 int *al,
3062 void *arg COAP_UNUSED
3063 ) {
3064 coap_session_t *c_session;
3065 coap_openssl_context_t *o_context;
3066 coap_dtls_spsk_t *setup_data;
3067 const unsigned char *out;
3068 size_t outlen;
3069
3070 if (!ssl)
3071 goto int_err;
3072 c_session = (coap_session_t *)SSL_get_app_data(ssl);
3073 if (!c_session || !c_session->context) {
3074 goto int_err;
3075 }
3076 o_context = (coap_openssl_context_t *)c_session->context->dtls_context;
3077 if (!o_context) {
3078 goto int_err;
3079 }
3080 setup_data = &c_session->context->spsk_setup_data;
3081
3082 if (setup_data->validate_sni_call_back) {
3083 /*
3084 * SNI checking requested
3085 */
3086 const char *sni = "";
3087 char *sni_tmp = NULL;
3088 char lhint[COAP_DTLS_HINT_LENGTH];
3089
3090 if (SSL_client_hello_get0_ext(ssl, TLSEXT_TYPE_server_name, &out, &outlen) &&
3091 outlen > 5 &&
3092 (((out[0]<<8) + out[1] +2) == (int)outlen) &&
3093 out[2] == TLSEXT_NAMETYPE_host_name &&
3094 (((out[3]<<8) + out[4] +2 +3) == (int)outlen)) {
3095 /* Skip over length, type and length */
3096 out += 5;
3097 outlen -= 5;
3098 sni_tmp = OPENSSL_malloc(outlen+1);
3099 if (sni_tmp) {
3100 sni_tmp[outlen] = '\000';
3101 memcpy(sni_tmp, out, outlen);
3102 sni = sni_tmp;
3103 }
3104 }
3105
3106#if OPENSSL_VERSION_NUMBER < 0x10101000L
3107 size_t i;
3108 /* Is this a cached entry? */
3109 for (i = 0; i < o_context->psk_sni_count; i++) {
3110 if (strcasecmp(sni, o_context->psk_sni_entry_list[i].sni) == 0) {
3111 break;
3112 }
3113 }
3114 if (i == o_context->psk_sni_count) {
3115#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3116 /*
3117 * New SNI request
3118 */
3119 const coap_dtls_spsk_info_t *new_entry;
3120
3121 coap_lock_callback_ret(new_entry, c_session->context,
3122 setup_data->validate_sni_call_back(
3123 sni,
3124 c_session,
3125 setup_data->sni_call_back_arg));
3126 if (!new_entry) {
3127 *al = SSL_AD_UNRECOGNIZED_NAME;
3128 return SSL_CLIENT_HELLO_ERROR;
3129 }
3130
3131#if OPENSSL_VERSION_NUMBER < 0x10101000L
3132 psk_sni_entry *tmp_entry;
3133 tmp_entry =
3134 OPENSSL_realloc(o_context->psk_sni_entry_list,
3135 (o_context->psk_sni_count+1)*sizeof(sni_entry));
3136 if (tmp_entry) {
3137 o_context->psk_sni_entry_list = tmp_entry;
3138 o_context->psk_sni_entry_list[o_context->psk_sni_count]
3139 .sni =
3140 OPENSSL_strdup(sni);
3141 if (o_context->psk_sni_entry_list[o_context->psk_sni_count].sni) {
3142 o_context->psk_sni_entry_list[o_context->psk_sni_count].psk_info =
3143 *new_entry;
3144 o_context->psk_sni_count++;
3145 }
3146 }
3147 } else {
3148 new_entry = &o_context->psk_sni_entry_list[i].psk_info;
3149 }
3150#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3151
3152 if (sni_tmp) {
3153 OPENSSL_free(sni_tmp);
3154 }
3155 if (coap_session_refresh_psk_hint(c_session,
3156 &new_entry->hint)
3157 == 0) {
3158 goto int_err;
3159 }
3160 if (coap_session_refresh_psk_key(c_session,
3161 &new_entry->key)
3162 == 0) {
3163 goto int_err;
3164 }
3165 if (new_entry->hint.s) {
3166 snprintf(lhint, sizeof(lhint), "%.*s",
3167 (int)new_entry->hint.length,
3168 new_entry->hint.s);
3169 SSL_use_psk_identity_hint(ssl, lhint);
3170 }
3171 }
3172 return SSL_CLIENT_HELLO_SUCCESS;
3173
3174int_err:
3175 *al = SSL_AD_INTERNAL_ERROR;
3176 return SSL_CLIENT_HELLO_ERROR;
3177}
3178#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3179#endif /* COAP_SERVER_SUPPORT */
3180
3181int
3182coap_dtls_context_set_pki(coap_context_t *ctx,
3183 const coap_dtls_pki_t *setup_data,
3184 const coap_dtls_role_t role) {
3185 coap_openssl_context_t *context =
3186 ((coap_openssl_context_t *)ctx->dtls_context);
3187 BIO *bio;
3188 if (!setup_data)
3189 return 0;
3190 context->setup_data = *setup_data;
3191
3192 if (context->setup_data.pki_key.key_type == COAP_PKI_KEY_DEFINE) {
3193 if (context->setup_data.pki_key.key.define.ca_def == COAP_PKI_KEY_DEF_ENGINE ||
3194 context->setup_data.pki_key.key.define.public_cert_def == COAP_PKI_KEY_DEF_ENGINE ||
3195 context->setup_data.pki_key.key.define.private_key_def == COAP_PKI_KEY_DEF_ENGINE) {
3196 if (!defined_engine) {
3197 coap_log_warn("setup_pki: OpenSSL Engine not configured, PKI not set up\n");
3198 return 0;
3199 }
3200 }
3201 }
3202
3203 if (!context->setup_data.verify_peer_cert) {
3204 /* Needs to be clear so that no CA DNs are transmitted */
3205 context->setup_data.check_common_ca = 0;
3206 /* Allow all of these but warn if issue */
3207 context->setup_data.allow_self_signed = 1;
3208 context->setup_data.allow_expired_certs = 1;
3209 context->setup_data.cert_chain_validation = 1;
3210 context->setup_data.cert_chain_verify_depth = 10;
3211 context->setup_data.check_cert_revocation = 1;
3212 context->setup_data.allow_no_crl = 1;
3213 context->setup_data.allow_expired_crl = 1;
3214 context->setup_data.allow_bad_md_hash = 1;
3215 context->setup_data.allow_short_rsa_length = 1;
3216 }
3217#if COAP_SERVER_SUPPORT
3218 if (role == COAP_DTLS_ROLE_SERVER) {
3219 if (context->dtls.ctx) {
3220 /* SERVER DTLS */
3221#if OPENSSL_VERSION_NUMBER < 0x10101000L
3222 if (!setup_pki_server(context->dtls.ctx, setup_data))
3223 return 0;
3224#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3225 /* libcoap is managing TLS connection based on setup_data options */
3226 /* Need to set up logic to differentiate between a PSK or PKI session */
3227 /*
3228 * For OpenSSL 1.1.1, we need to use SSL_CTX_set_client_hello_cb()
3229 * which is not in 1.1.0
3230 */
3231#if OPENSSL_VERSION_NUMBER < 0x10101000L
3232 if (SSLeay() >= 0x10101000L) {
3233 coap_log_warn("OpenSSL compiled with %lux, linked with %lux, so "
3234 "no certificate checking\n",
3235 OPENSSL_VERSION_NUMBER, SSLeay());
3236 }
3237 SSL_CTX_set_tlsext_servername_arg(context->dtls.ctx, &context->setup_data);
3238 SSL_CTX_set_tlsext_servername_callback(context->dtls.ctx,
3239 tls_server_name_call_back);
3240#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3241 SSL_CTX_set_client_hello_cb(context->dtls.ctx,
3242 tls_client_hello_call_back,
3243 NULL);
3244#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3245 }
3246#if !COAP_DISABLE_TCP
3247 if (context->tls.ctx) {
3248 /* SERVER TLS */
3249#if OPENSSL_VERSION_NUMBER < 0x10101000L
3250 if (!setup_pki_server(context->tls.ctx, setup_data))
3251 return 0;
3252#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3253 /* libcoap is managing TLS connection based on setup_data options */
3254 /* Need to set up logic to differentiate between a PSK or PKI session */
3255 /*
3256 * For OpenSSL 1.1.1, we need to use SSL_CTX_set_client_hello_cb()
3257 * which is not in 1.1.0
3258 */
3259#if OPENSSL_VERSION_NUMBER < 0x10101000L
3260 if (SSLeay() >= 0x10101000L) {
3261 coap_log_warn("OpenSSL compiled with %lux, linked with %lux, so "
3262 "no certificate checking\n",
3263 OPENSSL_VERSION_NUMBER, SSLeay());
3264 }
3265 SSL_CTX_set_tlsext_servername_arg(context->tls.ctx, &context->setup_data);
3266 SSL_CTX_set_tlsext_servername_callback(context->tls.ctx,
3267 tls_server_name_call_back);
3268#else /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3269 SSL_CTX_set_client_hello_cb(context->tls.ctx,
3270 tls_client_hello_call_back,
3271 NULL);
3272#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3273 /* TLS Only */
3274 SSL_CTX_set_alpn_select_cb(context->tls.ctx, server_alpn_callback, NULL);
3275 }
3276#endif /* !COAP_DISABLE_TCP */
3277 }
3278#else /* ! COAP_SERVER_SUPPORT */
3279 (void)role;
3280#endif /* ! COAP_SERVER_SUPPORT */
3281
3282 if (!context->dtls.ssl) {
3283 /* This is set up to handle new incoming sessions to a server */
3284 context->dtls.ssl = SSL_new(context->dtls.ctx);
3285 if (!context->dtls.ssl)
3286 return 0;
3287 bio = BIO_new(context->dtls.meth);
3288 if (!bio) {
3289 SSL_free(context->dtls.ssl);
3290 context->dtls.ssl = NULL;
3291 return 0;
3292 }
3293 SSL_set_bio(context->dtls.ssl, bio, bio);
3294 SSL_set_app_data(context->dtls.ssl, NULL);
3295 SSL_set_options(context->dtls.ssl, SSL_OP_COOKIE_EXCHANGE);
3296 SSL_set_mtu(context->dtls.ssl, COAP_DEFAULT_MTU);
3297 }
3298 context->psk_pki_enabled |= IS_PKI;
3299 if (setup_data->use_cid) {
3300 coap_log_warn("OpenSSL has no Connection-ID support\n");
3301 }
3302 return 1;
3303}
3304
3305int
3306coap_dtls_context_set_pki_root_cas(coap_context_t *ctx,
3307 const char *ca_file,
3308 const char *ca_dir
3309 ) {
3310 coap_openssl_context_t *context =
3311 ((coap_openssl_context_t *)ctx->dtls_context);
3312 if (context->dtls.ctx) {
3313 if (!SSL_CTX_load_verify_locations(context->dtls.ctx, ca_file, ca_dir)) {
3314 coap_log_warn("Unable to install root CAs (%s : %s)\n",
3315 ca_file ? ca_file : "NULL", ca_dir ? ca_dir : "NULL");
3316 return 0;
3317 }
3318 }
3319#if !COAP_DISABLE_TCP
3320 if (context->tls.ctx) {
3321 if (!SSL_CTX_load_verify_locations(context->tls.ctx, ca_file, ca_dir)) {
3322 coap_log_warn("Unable to install root CAs (%s : %s)\n",
3323 ca_file ? ca_file : "NULL", ca_dir ? ca_dir : "NULL");
3324 return 0;
3325 }
3326 }
3327#endif /* !COAP_DISABLE_TCP */
3328 return 1;
3329}
3330
3331int
3332coap_dtls_context_check_keys_enabled(coap_context_t *ctx) {
3333 coap_openssl_context_t *context =
3334 ((coap_openssl_context_t *)ctx->dtls_context);
3335 return context->psk_pki_enabled ? 1 : 0;
3336}
3337
3338
3339void
3340coap_dtls_free_context(void *handle) {
3341 size_t i;
3342 coap_openssl_context_t *context = (coap_openssl_context_t *)handle;
3343
3344 if (context->dtls.ssl)
3345 SSL_free(context->dtls.ssl);
3346 if (context->dtls.ctx)
3347 SSL_CTX_free(context->dtls.ctx);
3348 if (context->dtls.cookie_hmac)
3349 HMAC_CTX_free(context->dtls.cookie_hmac);
3350 if (context->dtls.meth)
3351 BIO_meth_free(context->dtls.meth);
3352 if (context->dtls.bio_addr)
3353 BIO_ADDR_free(context->dtls.bio_addr);
3354#if !COAP_DISABLE_TCP
3355 if (context->tls.ctx)
3356 SSL_CTX_free(context->tls.ctx);
3357 if (context->tls.meth)
3358 BIO_meth_free(context->tls.meth);
3359#endif /* !COAP_DISABLE_TCP */
3360 for (i = 0; i < context->sni_count; i++) {
3361 OPENSSL_free(context->sni_entry_list[i].sni);
3362#if OPENSSL_VERSION_NUMBER < 0x10101000L
3363 SSL_CTX_free(context->sni_entry_list[i].ctx);
3364#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3365 }
3366 if (context->sni_count)
3367 OPENSSL_free(context->sni_entry_list);
3368#if OPENSSL_VERSION_NUMBER < 0x10101000L
3369 for (i = 0; i < context->psk_sni_count; i++) {
3370 OPENSSL_free((char *)context->psk_sni_entry_list[i].sni);
3371 SSL_CTX_free(context->psk_sni_entry_list[i].ctx);
3372 }
3373 if (context->psk_sni_count)
3374 OPENSSL_free(context->psk_sni_entry_list);
3375#endif /* OPENSSL_VERSION_NUMBER < 0x10101000L */
3376 coap_free_type(COAP_STRING, context);
3377}
3378
3379#if COAP_SERVER_SUPPORT
3380void *
3381coap_dtls_new_server_session(coap_session_t *session) {
3382 BIO *nbio = NULL;
3383 SSL *nssl = NULL, *ssl = NULL;
3384 coap_ssl_data *data;
3385 coap_dtls_context_t *dtls = &((coap_openssl_context_t *)session->context->dtls_context)->dtls;
3386 int r;
3387 const coap_bin_const_t *psk_hint;
3388 BIO *rbio;
3389
3390 nssl = SSL_new(dtls->ctx);
3391 if (!nssl)
3392 goto error;
3393 nbio = BIO_new(dtls->meth);
3394 if (!nbio)
3395 goto error;
3396 SSL_set_bio(nssl, nbio, nbio);
3397 SSL_set_app_data(nssl, NULL);
3398 SSL_set_options(nssl, SSL_OP_COOKIE_EXCHANGE);
3399 SSL_set_mtu(nssl, (long)session->mtu);
3400 ssl = dtls->ssl;
3401 dtls->ssl = nssl;
3402 nssl = NULL;
3403 SSL_set_app_data(ssl, session);
3404
3405 rbio = SSL_get_rbio(ssl);
3406 data = rbio ? (coap_ssl_data *)BIO_get_data(rbio) : NULL;
3407 if (!data)
3408 goto error;
3409 data->session = session;
3410
3411 /* hint may get updated if/when handling SNI callback */
3412 psk_hint = coap_get_session_server_psk_hint(session);
3413 if (psk_hint != NULL && psk_hint->length) {
3414 char *hint = OPENSSL_malloc(psk_hint->length + 1);
3415
3416 if (hint) {
3417 memcpy(hint, psk_hint->s, psk_hint->length);
3418 hint[psk_hint->length] = '\000';
3419 SSL_use_psk_identity_hint(ssl, hint);
3420 OPENSSL_free(hint);
3421 } else {
3422 coap_log_warn("hint malloc failure\n");
3423 }
3424 }
3425
3426 r = SSL_accept(ssl);
3427 if (r == -1) {
3428 int err = SSL_get_error(ssl, r);
3429 if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
3430 r = 0;
3431 }
3432
3433 if (r == 0) {
3434 SSL_free(ssl);
3435 return NULL;
3436 }
3437
3438 return ssl;
3439
3440error:
3441 if (nssl)
3442 SSL_free(nssl);
3443 return NULL;
3444}
3445#endif /* COAP_SERVER_SUPPORT */
3446
3447#if COAP_CLIENT_SUPPORT
3448static int
3449setup_client_ssl_session(coap_session_t *session, SSL *ssl
3450 ) {
3451 coap_openssl_context_t *context =
3452 ((coap_openssl_context_t *)session->context->dtls_context);
3453
3454 if (context->psk_pki_enabled & IS_PSK) {
3455 coap_dtls_cpsk_t *setup_data = &session->cpsk_setup_data;
3456
3457 /* Issue SNI if requested */
3458 if (setup_data->client_sni &&
3459 SSL_set_tlsext_host_name(ssl, setup_data->client_sni) != 1) {
3460 coap_log_warn("SSL_set_tlsext_host_name: set '%s' failed",
3461 setup_data->client_sni);
3462 }
3463 SSL_set_psk_client_callback(ssl, coap_dtls_psk_client_callback);
3464#if COAP_SERVER_SUPPORT
3465 SSL_set_psk_server_callback(ssl, coap_dtls_psk_server_callback);
3466#endif /* COAP_SERVER_SUPPORT */
3467 SSL_set_cipher_list(ssl, COAP_OPENSSL_PSK_CIPHERS);
3468 if (setup_data->validate_ih_call_back) {
3469 if (session->proto == COAP_PROTO_DTLS) {
3470 SSL_set_max_proto_version(ssl, DTLS1_2_VERSION);
3471 }
3472#if !COAP_DISABLE_TCP
3473 else {
3474 SSL_set_max_proto_version(ssl, TLS1_2_VERSION);
3475 }
3476#endif /* !COAP_DISABLE_TCP */
3477 coap_log_debug("CoAP Client restricted to (D)TLS1.2 with Identity Hint callback\n");
3478 }
3479 }
3480 if ((context->psk_pki_enabled & IS_PKI) ||
3481 (context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
3482 /*
3483 * If neither PSK or PKI have been set up, use PKI basics.
3484 * This works providing COAP_PKI_KEY_PEM has a value of 0.
3485 */
3486 coap_dtls_pki_t *setup_data = &context->setup_data;
3487
3488 if (!(context->psk_pki_enabled & IS_PKI)) {
3489 /* PKI not defined - set up some defaults */
3490 setup_data->verify_peer_cert = 1;
3491 setup_data->check_common_ca = 0;
3492 setup_data->allow_self_signed = 1;
3493 setup_data->allow_expired_certs = 1;
3494 setup_data->cert_chain_validation = 1;
3495 setup_data->cert_chain_verify_depth = 2;
3496 setup_data->check_cert_revocation = 1;
3497 setup_data->allow_no_crl = 1;
3498 setup_data->allow_expired_crl = 1;
3499 setup_data->is_rpk_not_cert = 0;
3500 setup_data->use_cid = 0;
3501 }
3502 if (!setup_pki_ssl(ssl, setup_data, COAP_DTLS_ROLE_CLIENT))
3503 return 0;
3504 /* libcoap is managing (D)TLS connection based on setup_data options */
3505#if !COAP_DISABLE_TCP
3506 if (session->proto == COAP_PROTO_TLS)
3507 SSL_set_alpn_protos(ssl, coap_alpn, sizeof(coap_alpn));
3508#endif /* !COAP_DISABLE_TCP */
3509
3510 /* Issue SNI if requested */
3511 if (setup_data->client_sni &&
3512 SSL_set_tlsext_host_name(ssl, setup_data->client_sni) != 1) {
3513 coap_log_warn("SSL_set_tlsext_host_name: set '%s' failed",
3514 setup_data->client_sni);
3515 }
3516 /* Certificate Revocation */
3517 if (setup_data->check_cert_revocation) {
3518 X509_VERIFY_PARAM *param;
3519
3520 param = X509_VERIFY_PARAM_new();
3521 X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK);
3522 SSL_set1_param(ssl, param);
3523 X509_VERIFY_PARAM_free(param);
3524 }
3525
3526 /* Verify Peer */
3527 if (setup_data->verify_peer_cert)
3528 SSL_set_verify(ssl,
3529 SSL_VERIFY_PEER |
3530 SSL_VERIFY_CLIENT_ONCE |
3531 SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
3532 tls_verify_call_back);
3533 else
3534 SSL_set_verify(ssl, SSL_VERIFY_NONE, tls_verify_call_back);
3535
3536 /* Check CA Chain */
3537 if (setup_data->cert_chain_validation)
3538 SSL_set_verify_depth(ssl, setup_data->cert_chain_verify_depth + 1);
3539
3540 }
3541#if COAP_DTLS_RETRANSMIT_MS != 1000
3542#if OPENSSL_VERSION_NUMBER >= 0x10101000L
3543 if (session->proto == COAP_PROTO_DTLS) {
3544 DTLS_set_timer_cb(ssl, timer_cb);
3545 }
3546#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
3547#endif /* COAP_DTLS_RETRANSMIT_MS != 1000 */
3548 return 1;
3549}
3550
3551void *
3552coap_dtls_new_client_session(coap_session_t *session) {
3553 BIO *bio = NULL;
3554 SSL *ssl = NULL;
3555 coap_ssl_data *data;
3556 int r;
3557 coap_openssl_context_t *context = ((coap_openssl_context_t *)session->context->dtls_context);
3558 coap_dtls_context_t *dtls = &context->dtls;
3559
3560 ssl = SSL_new(dtls->ctx);
3561 if (!ssl)
3562 goto error;
3563 bio = BIO_new(dtls->meth);
3564 if (!bio)
3565 goto error;
3566 data = (coap_ssl_data *)BIO_get_data(bio);
3567 if (!data)
3568 goto error;
3569 data->session = session;
3570 SSL_set_bio(ssl, bio, bio);
3571 SSL_set_app_data(ssl, session);
3572 SSL_set_options(ssl, SSL_OP_COOKIE_EXCHANGE);
3573 SSL_set_mtu(ssl, (long)session->mtu);
3574
3575 if (!setup_client_ssl_session(session, ssl))
3576 goto error;
3577
3578 session->dtls_timeout_count = 0;
3579
3580 r = SSL_connect(ssl);
3581 if (r == -1) {
3582 int ret = SSL_get_error(ssl, r);
3583 if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE)
3584 r = 0;
3585 }
3586
3587 if (r == 0)
3588 goto error;
3589
3590 session->tls = ssl;
3591 return ssl;
3592
3593error:
3594 if (ssl)
3595 SSL_free(ssl);
3596 return NULL;
3597}
3598
3599void
3600coap_dtls_session_update_mtu(coap_session_t *session) {
3601 SSL *ssl = (SSL *)session->tls;
3602 if (ssl)
3603 SSL_set_mtu(ssl, (long)session->mtu);
3604}
3605#endif /* COAP_CLIENT_SUPPORT */
3606
3607void
3608coap_dtls_free_session(coap_session_t *session) {
3609 SSL *ssl = (SSL *)session->tls;
3610 if (ssl) {
3611 if (!SSL_in_init(ssl) && !(SSL_get_shutdown(ssl) & SSL_SENT_SHUTDOWN)) {
3612 int r = SSL_shutdown(ssl);
3613 if (r == 0)
3614 SSL_shutdown(ssl);
3615 }
3616 SSL_free(ssl);
3617 session->tls = NULL;
3618 if (session->context)
3619 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CLOSED, session);
3620 }
3621}
3622
3623ssize_t
3624coap_dtls_send(coap_session_t *session,
3625 const uint8_t *data, size_t data_len) {
3626 int r;
3627 SSL *ssl = (SSL *)session->tls;
3628
3629 if (ssl == NULL) {
3630 session->dtls_event = COAP_EVENT_DTLS_CLOSED;
3631 return -1;
3632 }
3633
3634 session->dtls_event = -1;
3635 ERR_clear_error();
3636 r = SSL_write(ssl, data, (int)data_len);
3637
3638 if (r <= 0) {
3639 int err = SSL_get_error(ssl, r);
3640 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
3641 r = 0;
3642 } else {
3643 if (err == SSL_ERROR_ZERO_RETURN)
3644 session->dtls_event = COAP_EVENT_DTLS_CLOSED;
3645 else if (err == SSL_ERROR_SSL) {
3646 unsigned long e = ERR_get_error();
3647
3648 coap_log_info("***%s: coap_dtls_send: cannot send PDU: %d: %s\n",
3649 coap_session_str(session),
3650 ERR_GET_REASON(e), ERR_reason_error_string(e));
3651 session->dtls_event = COAP_EVENT_DTLS_ERROR;
3652 } else {
3653 coap_log_info("***%s: coap_dtls_send: cannot send PDU: %d\n",
3654 coap_session_str(session), err);
3655 }
3656 r = -1;
3657 }
3658 }
3659
3660 if (session->dtls_event >= 0) {
3661 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
3662 if (session->dtls_event != COAP_EVENT_DTLS_CLOSED)
3663 coap_handle_event_lkd(session->context, session->dtls_event, session);
3664 if (session->dtls_event == COAP_EVENT_DTLS_ERROR ||
3665 session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
3666 coap_session_disconnected_lkd(session, COAP_NACK_TLS_FAILED);
3667 r = -1;
3668 }
3669 }
3670
3671 if (r > 0) {
3672 if (r == (ssize_t)data_len)
3673 coap_log_debug("* %s: dtls: sent %4d bytes\n",
3674 coap_session_str(session), r);
3675 else
3676 coap_log_debug("* %s: dtls: sent %4d of %4zd bytes\n",
3677 coap_session_str(session), r, data_len);
3678 }
3679 return r;
3680}
3681
3682int
3683coap_dtls_is_context_timeout(void) {
3684 return 0;
3685}
3686
3687coap_tick_t
3688coap_dtls_get_context_timeout(void *dtls_context) {
3689 (void)dtls_context;
3690 return 0;
3691}
3692
3693coap_tick_t
3694coap_dtls_get_timeout(coap_session_t *session, coap_tick_t now COAP_UNUSED) {
3695 SSL *ssl = (SSL *)session->tls;
3696 coap_ssl_data *ssl_data;
3697 BIO *rbio;
3698
3699 assert(ssl != NULL && session->state == COAP_SESSION_STATE_HANDSHAKE);
3700 rbio = ssl ? SSL_get_rbio(ssl) : NULL;
3701 ssl_data = rbio ? (coap_ssl_data *)BIO_get_data(rbio) : NULL;
3702 return ssl_data ? ssl_data->timeout : 1000;
3703}
3704
3705/*
3706 * return 1 timed out
3707 * 0 still timing out
3708 */
3709int
3710coap_dtls_handle_timeout(coap_session_t *session) {
3711 SSL *ssl = (SSL *)session->tls;
3712
3713 assert(ssl != NULL && session->state == COAP_SESSION_STATE_HANDSHAKE);
3714 if ((++session->dtls_timeout_count > session->max_retransmit) ||
3715 (DTLSv1_handle_timeout(ssl) < 0)) {
3716 /* Too many retries */
3717 coap_session_disconnected_lkd(session, COAP_NACK_TLS_FAILED);
3718 return 1;
3719 }
3720 return 0;
3721}
3722
3723#if COAP_SERVER_SUPPORT
3724int
3725coap_dtls_hello(coap_session_t *session,
3726 const uint8_t *data, size_t data_len) {
3727 coap_dtls_context_t *dtls = &((coap_openssl_context_t *)session->context->dtls_context)->dtls;
3728 coap_ssl_data *ssl_data;
3729 int r;
3730 BIO *rbio;
3731
3732 SSL_set_mtu(dtls->ssl, (long)session->mtu);
3733 rbio = dtls->ssl ? SSL_get_rbio(dtls->ssl) : NULL;
3734 ssl_data = rbio ? (coap_ssl_data *)BIO_get_data(rbio) : NULL;
3735 assert(ssl_data != NULL);
3736 if (!ssl_data) {
3737 errno = ENOMEM;
3738 return -1;
3739 }
3740 if (ssl_data->pdu_len) {
3741 coap_log_err("** %s: Previous data not read %u bytes\n",
3742 coap_session_str(session), ssl_data->pdu_len);
3743 }
3744 ssl_data->session = session;
3745 ssl_data->pdu = data;
3746 ssl_data->pdu_len = (unsigned)data_len;
3747 r = DTLSv1_listen(dtls->ssl, dtls->bio_addr);
3748 if (r <= 0) {
3749 int err = SSL_get_error(dtls->ssl, r);
3750 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
3751 /* Got a ClientHello, sent-out a VerifyRequest */
3752 r = 0;
3753 }
3754 } else {
3755 /* Got a valid answer to a VerifyRequest */
3756 r = 1;
3757 }
3758
3759 /*
3760 * Cannot check if data is left on the stack in error as DTLSv1_listen()
3761 * only does a 'peek' read of the incoming data.
3762 *
3763 */
3764 return r;
3765}
3766#endif /* COAP_SERVER_SUPPORT */
3767
3768int
3769coap_dtls_receive(coap_session_t *session, const uint8_t *data, size_t data_len) {
3770 coap_ssl_data *ssl_data;
3771 SSL *ssl = (SSL *)session->tls;
3772 int r;
3773 BIO *rbio;
3774#if OPENSSL_VERSION_NUMBER >= 0x30000000L
3775 int retry = 0;
3776#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
3777
3778 assert(ssl != NULL);
3779
3780 int in_init = SSL_in_init(ssl);
3781 uint8_t pdu[COAP_RXBUFFER_SIZE];
3782 rbio = ssl ? SSL_get_rbio(ssl) : NULL;
3783 ssl_data = rbio ? (coap_ssl_data *)BIO_get_data(rbio) : NULL;
3784 assert(ssl_data != NULL);
3785 if (!ssl_data) {
3786 errno = ENOMEM;
3787 return -1;
3788 }
3789
3790 if (ssl_data->pdu_len) {
3791 coap_log_err("** %s: Previous data not read %u bytes\n",
3792 coap_session_str(session), ssl_data->pdu_len);
3793 }
3794 ssl_data->pdu = data;
3795 ssl_data->pdu_len = (unsigned)data_len;
3796
3797 session->dtls_event = -1;
3798#if OPENSSL_VERSION_NUMBER >= 0x30000000L
3799retry:
3800#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
3801 ERR_clear_error();
3802 r = SSL_read(ssl, pdu, (int)sizeof(pdu));
3803 if (r > 0) {
3804 coap_log_debug("* %s: dtls: recv %4d bytes\n",
3805 coap_session_str(session), r);
3806 r = coap_handle_dgram(session->context, session, pdu, (size_t)r);
3807 goto finished;
3808 } else {
3809 int err = SSL_get_error(ssl, r);
3810 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
3811 if (in_init && SSL_is_init_finished(ssl)) {
3812 coap_dtls_log(COAP_LOG_INFO, "* %s: Using cipher: %s\n",
3813 coap_session_str(session), SSL_get_cipher_name(ssl));
3814 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
3815 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
3816 }
3817 r = 0;
3818 } else {
3819 if (err == SSL_ERROR_ZERO_RETURN) /* Got a close notify alert from the remote side */
3820 session->dtls_event = COAP_EVENT_DTLS_CLOSED;
3821 else if (err == SSL_ERROR_SSL) {
3822 unsigned long e = ERR_get_error();
3823
3824#if OPENSSL_VERSION_NUMBER >= 0x30000000L
3825#include <openssl/proverr.h>
3826 if (ERR_GET_REASON(e) == PROV_R_SEARCH_ONLY_SUPPORTED_FOR_DIRECTORIES && !retry) {
3827 /* Loading trust store - first access causes a directory read error */
3828 retry = 1;
3829 goto retry;
3830 }
3831#endif /* OPENSSL_VERSION_NUMBER >= 0x30000000L */
3832 coap_log_info("***%s: coap_dtls_receive: cannot recv PDU: %d: %s\n",
3833 coap_session_str(session),
3834 ERR_GET_REASON(e), ERR_reason_error_string(e));
3835 session->dtls_event = COAP_EVENT_DTLS_ERROR;
3836 } else {
3837 coap_log_info("***%s: coap_dtls_receive: cannot send PDU %d\n",
3838 coap_session_str(session), err);
3839 }
3840 r = -1;
3841 }
3842 if (session->dtls_event >= 0) {
3843 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
3844 if (session->dtls_event != COAP_EVENT_DTLS_CLOSED)
3845 coap_handle_event_lkd(session->context, session->dtls_event, session);
3846 if (session->dtls_event == COAP_EVENT_DTLS_ERROR ||
3847 session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
3848 coap_session_disconnected_lkd(session, COAP_NACK_TLS_FAILED);
3849 ssl_data = NULL;
3850 r = -1;
3851 }
3852 }
3853 }
3854
3855finished:
3856 if (ssl_data && ssl_data->pdu_len) {
3857 /* pdu data is held on stack which will not stay there */
3858 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", r, ssl_data->pdu_len);
3859 ssl_data->pdu_len = 0;
3860 ssl_data->pdu = NULL;
3861 }
3862 return r;
3863}
3864
3865unsigned int
3866coap_dtls_get_overhead(coap_session_t *session) {
3867 unsigned int overhead = 37;
3868 const SSL_CIPHER *s_ciph = NULL;
3869 if (session->tls != NULL)
3870 s_ciph = SSL_get_current_cipher(session->tls);
3871 if (s_ciph) {
3872 unsigned int ivlen, maclen, blocksize = 1, pad = 0;
3873
3874 const EVP_CIPHER *e_ciph;
3875 const EVP_MD *e_md;
3876 char cipher[128];
3877
3878 e_ciph = EVP_get_cipherbynid(SSL_CIPHER_get_cipher_nid(s_ciph));
3879
3880 switch (EVP_CIPHER_mode(e_ciph)) {
3881 case EVP_CIPH_GCM_MODE:
3882 ivlen = EVP_GCM_TLS_EXPLICIT_IV_LEN;
3883 maclen = EVP_GCM_TLS_TAG_LEN;
3884 break;
3885
3886 case EVP_CIPH_CCM_MODE:
3887 ivlen = EVP_CCM_TLS_EXPLICIT_IV_LEN;
3888 SSL_CIPHER_description(s_ciph, cipher, sizeof(cipher));
3889 if (strstr(cipher, "CCM8"))
3890 maclen = 8;
3891 else
3892 maclen = 16;
3893 break;
3894
3895 case EVP_CIPH_CBC_MODE:
3896 e_md = EVP_get_digestbynid(SSL_CIPHER_get_digest_nid(s_ciph));
3897 blocksize = EVP_CIPHER_block_size(e_ciph);
3898 ivlen = EVP_CIPHER_iv_length(e_ciph);
3899 pad = 1;
3900 maclen = EVP_MD_size(e_md);
3901 break;
3902
3903 case EVP_CIPH_STREAM_CIPHER:
3904 /* Seen with PSK-CHACHA20-POLY1305 */
3905 ivlen = 8;
3906 maclen = 8;
3907 break;
3908
3909 default:
3910 SSL_CIPHER_description(s_ciph, cipher, sizeof(cipher));
3911 coap_log_warn("Unknown overhead for DTLS with cipher %s\n",
3912 cipher);
3913 ivlen = 8;
3914 maclen = 16;
3915 break;
3916 }
3917 overhead = DTLS1_RT_HEADER_LENGTH + ivlen + maclen + blocksize - 1 + pad;
3918 }
3919 return overhead;
3920}
3921
3922#if !COAP_DISABLE_TCP
3923#if COAP_CLIENT_SUPPORT
3924void *
3925coap_tls_new_client_session(coap_session_t *session) {
3926 BIO *bio = NULL;
3927 SSL *ssl = NULL;
3928 int r;
3929 coap_openssl_context_t *context = ((coap_openssl_context_t *)session->context->dtls_context);
3930 coap_tls_context_t *tls = &context->tls;
3931
3932 ssl = SSL_new(tls->ctx);
3933 if (!ssl)
3934 goto error;
3935 bio = BIO_new(tls->meth);
3936 if (!bio)
3937 goto error;
3938 BIO_set_data(bio, session);
3939 SSL_set_bio(ssl, bio, bio);
3940 SSL_set_app_data(ssl, session);
3941
3942 if (!setup_client_ssl_session(session, ssl))
3943 return 0;
3944
3945 r = SSL_connect(ssl);
3946 if (r == -1) {
3947 int ret = SSL_get_error(ssl, r);
3948 if (ret != SSL_ERROR_WANT_READ && ret != SSL_ERROR_WANT_WRITE)
3949 r = 0;
3950 if (ret == SSL_ERROR_WANT_READ)
3951 session->sock.flags |= COAP_SOCKET_WANT_READ;
3952 if (ret == SSL_ERROR_WANT_WRITE) {
3953 session->sock.flags |= COAP_SOCKET_WANT_WRITE;
3954#ifdef COAP_EPOLL_SUPPORT
3955 coap_epoll_ctl_mod(&session->sock,
3956 EPOLLOUT |
3957 ((session->sock.flags & COAP_SOCKET_WANT_READ) ?
3958 EPOLLIN : 0),
3959 __func__);
3960#endif /* COAP_EPOLL_SUPPORT */
3961 }
3962 }
3963
3964 if (r == 0)
3965 goto error;
3966
3967 session->tls = ssl;
3968 if (SSL_is_init_finished(ssl)) {
3969 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
3970 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
3971 }
3972
3973 return ssl;
3974
3975error:
3976 if (ssl)
3977 SSL_free(ssl);
3978 return NULL;
3979}
3980#endif /* COAP_CLIENT_SUPPORT */
3981
3982#if COAP_SERVER_SUPPORT
3983void *
3984coap_tls_new_server_session(coap_session_t *session) {
3985 BIO *bio = NULL;
3986 SSL *ssl = NULL;
3987 coap_tls_context_t *tls = &((coap_openssl_context_t *)session->context->dtls_context)->tls;
3988 int r;
3989 const coap_bin_const_t *psk_hint;
3990
3991 ssl = SSL_new(tls->ctx);
3992 if (!ssl)
3993 goto error;
3994 bio = BIO_new(tls->meth);
3995 if (!bio)
3996 goto error;
3997 BIO_set_data(bio, session);
3998 SSL_set_bio(ssl, bio, bio);
3999 SSL_set_app_data(ssl, session);
4000
4001 psk_hint = coap_get_session_server_psk_hint(session);
4002 if (psk_hint != NULL && psk_hint->length) {
4003 char *hint = OPENSSL_malloc(psk_hint->length + 1);
4004
4005 if (hint) {
4006 memcpy(hint, psk_hint->s, psk_hint->length);
4007 hint[psk_hint->length] = '\000';
4008 SSL_use_psk_identity_hint(ssl, hint);
4009 OPENSSL_free(hint);
4010 } else {
4011 coap_log_warn("hint malloc failure\n");
4012 }
4013 }
4014
4015 r = SSL_accept(ssl);
4016 if (r == -1) {
4017 int err = SSL_get_error(ssl, r);
4018 if (err != SSL_ERROR_WANT_READ && err != SSL_ERROR_WANT_WRITE)
4019 r = 0;
4020 if (err == SSL_ERROR_WANT_READ)
4021 session->sock.flags |= COAP_SOCKET_WANT_READ;
4022 if (err == SSL_ERROR_WANT_WRITE) {
4023 session->sock.flags |= COAP_SOCKET_WANT_WRITE;
4024#ifdef COAP_EPOLL_SUPPORT
4025 coap_epoll_ctl_mod(&session->sock,
4026 EPOLLOUT |
4027 ((session->sock.flags & COAP_SOCKET_WANT_READ) ?
4028 EPOLLIN : 0),
4029 __func__);
4030#endif /* COAP_EPOLL_SUPPORT */
4031 }
4032 }
4033
4034 if (r == 0)
4035 goto error;
4036
4037 session->tls = ssl;
4038 if (SSL_is_init_finished(ssl)) {
4039 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
4040 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
4041 }
4042
4043#if COAP_DTLS_RETRANSMIT_MS != 1000
4044#if OPENSSL_VERSION_NUMBER >= 0x10101000L
4045 if (session->proto == COAP_PROTO_DTLS) {
4046 DTLS_set_timer_cb(ssl, timer_cb);
4047 }
4048#endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
4049#endif /* COAP_DTLS_RETRANSMIT_MS != 1000 */
4050
4051 return ssl;
4052
4053error:
4054 if (ssl)
4055 SSL_free(ssl);
4056 return NULL;
4057}
4058#endif /* COAP_SERVER_SUPPORT */
4059
4060void
4061coap_tls_free_session(coap_session_t *session) {
4062 SSL *ssl = (SSL *)session->tls;
4063 if (ssl) {
4064 if (!SSL_in_init(ssl) && !(SSL_get_shutdown(ssl) & SSL_SENT_SHUTDOWN)) {
4065 int r = SSL_shutdown(ssl);
4066 if (r == 0)
4067 SSL_shutdown(ssl);
4068 }
4069 SSL_free(ssl);
4070 session->tls = NULL;
4071 if (session->context)
4072 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CLOSED, session);
4073 }
4074}
4075
4076/*
4077 * strm
4078 * return +ve Number of bytes written.
4079 * -1 Error (error in errno).
4080 */
4081ssize_t
4082coap_tls_write(coap_session_t *session, const uint8_t *data, size_t data_len) {
4083 SSL *ssl = (SSL *)session->tls;
4084 int r, in_init;
4085
4086 if (ssl == NULL)
4087 return -1;
4088
4089 in_init = !SSL_is_init_finished(ssl);
4090 session->dtls_event = -1;
4091 ERR_clear_error();
4092 r = SSL_write(ssl, data, (int)data_len);
4093
4094 if (r <= 0) {
4095 int err = SSL_get_error(ssl, r);
4096 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
4097 if (in_init && SSL_is_init_finished(ssl)) {
4098 coap_dtls_log(COAP_LOG_INFO, "* %s: Using cipher: %s\n",
4099 coap_session_str(session), SSL_get_cipher_name(ssl));
4100 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
4101 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
4102 }
4103 if (err == SSL_ERROR_WANT_READ)
4104 session->sock.flags |= COAP_SOCKET_WANT_READ;
4105 else if (err == SSL_ERROR_WANT_WRITE) {
4106 session->sock.flags |= COAP_SOCKET_WANT_WRITE;
4107#ifdef COAP_EPOLL_SUPPORT
4108 coap_epoll_ctl_mod(&session->sock,
4109 EPOLLOUT |
4110 ((session->sock.flags & COAP_SOCKET_WANT_READ) ?
4111 EPOLLIN : 0),
4112 __func__);
4113#endif /* COAP_EPOLL_SUPPORT */
4114 }
4115 r = 0;
4116 } else {
4117 if (err == SSL_ERROR_ZERO_RETURN)
4118 session->dtls_event = COAP_EVENT_DTLS_CLOSED;
4119 else if (err == SSL_ERROR_SSL) {
4120 unsigned long e = ERR_get_error();
4121
4122 coap_log_info("***%s: coap_tls_write: cannot send PDU: %d: %s\n",
4123 coap_session_str(session),
4124 ERR_GET_REASON(e), ERR_reason_error_string(e));
4125 session->dtls_event = COAP_EVENT_DTLS_ERROR;
4126 } else {
4127 coap_log_info("***%s: coap_tls_send: cannot send PDU: %d\n",
4128 coap_session_str(session), err);
4129 }
4130 r = -1;
4131 }
4132 } else if (in_init && SSL_is_init_finished(ssl)) {
4133 coap_dtls_log(COAP_LOG_INFO, "* %s: Using cipher: %s\n",
4134 coap_session_str(session), SSL_get_cipher_name(ssl));
4135 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
4136 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
4137 }
4138
4139 if (session->dtls_event >= 0) {
4140 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
4141 if (session->dtls_event != COAP_EVENT_DTLS_CLOSED)
4142 coap_handle_event_lkd(session->context, session->dtls_event, session);
4143 if (session->dtls_event == COAP_EVENT_DTLS_ERROR ||
4144 session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
4145 coap_session_disconnected_lkd(session, COAP_NACK_TLS_FAILED);
4146 r = -1;
4147 }
4148 }
4149
4150 if (r >= 0) {
4151 if (r == (ssize_t)data_len)
4152 coap_log_debug("* %s: tls: sent %4d bytes\n",
4153 coap_session_str(session), r);
4154 else
4155 coap_log_debug("* %s: tls: sent %4d of %4zd bytes\n",
4156 coap_session_str(session), r, data_len);
4157 }
4158 return r;
4159}
4160
4161/*
4162 * strm
4163 * return >=0 Number of bytes read.
4164 * -1 Error (error in errno).
4165 */
4166ssize_t
4167coap_tls_read(coap_session_t *session, uint8_t *data, size_t data_len) {
4168 SSL *ssl = (SSL *)session->tls;
4169 int r, in_init;
4170
4171 if (ssl == NULL) {
4172 errno = ENXIO;
4173 return -1;
4174 }
4175
4176 in_init = !SSL_is_init_finished(ssl);
4177 session->dtls_event = -1;
4178 ERR_clear_error();
4179 r = SSL_read(ssl, data, (int)data_len);
4180 if (r <= 0) {
4181 int err = SSL_get_error(ssl, r);
4182 if (err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) {
4183 if (in_init && SSL_is_init_finished(ssl)) {
4184 coap_dtls_log(COAP_LOG_INFO, "* %s: Using cipher: %s\n",
4185 coap_session_str(session), SSL_get_cipher_name(ssl));
4186 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
4187 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
4188 }
4189 if (err == SSL_ERROR_WANT_READ)
4190 session->sock.flags |= COAP_SOCKET_WANT_READ;
4191 if (err == SSL_ERROR_WANT_WRITE) {
4192 session->sock.flags |= COAP_SOCKET_WANT_WRITE;
4193#ifdef COAP_EPOLL_SUPPORT
4194 coap_epoll_ctl_mod(&session->sock,
4195 EPOLLOUT |
4196 ((session->sock.flags & COAP_SOCKET_WANT_READ) ?
4197 EPOLLIN : 0),
4198 __func__);
4199#endif /* COAP_EPOLL_SUPPORT */
4200 }
4201 r = 0;
4202 } else {
4203 if (err == SSL_ERROR_ZERO_RETURN) /* Got a close notify alert from the remote side */
4204 session->dtls_event = COAP_EVENT_DTLS_CLOSED;
4205 else if (err == SSL_ERROR_SSL) {
4206 unsigned long e = ERR_get_error();
4207
4208 coap_log_info("***%s: coap_tls_read: cannot recv PDU: %d: %s\n",
4209 coap_session_str(session),
4210 ERR_GET_REASON(e), ERR_reason_error_string(e));
4211 session->dtls_event = COAP_EVENT_DTLS_ERROR;
4212 } else {
4213 coap_log_info("***%s: coap_tls_read: cannot read PDU %d\n",
4214 coap_session_str(session), err);
4215 }
4216 r = -1;
4217 }
4218 } else if (in_init && SSL_is_init_finished(ssl)) {
4219 coap_dtls_log(COAP_LOG_INFO, "* %s: Using cipher: %s\n",
4220 coap_session_str(session), SSL_get_cipher_name(ssl));
4221 coap_handle_event_lkd(session->context, COAP_EVENT_DTLS_CONNECTED, session);
4222 session->sock.lfunc[COAP_LAYER_TLS].l_establish(session);
4223 }
4224
4225 if (session->dtls_event >= 0) {
4226 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
4227 if (session->dtls_event != COAP_EVENT_DTLS_CLOSED)
4228 coap_handle_event_lkd(session->context, session->dtls_event, session);
4229 if (session->dtls_event == COAP_EVENT_DTLS_ERROR ||
4230 session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
4231 coap_session_disconnected_lkd(session, COAP_NACK_TLS_FAILED);
4232 r = -1;
4233 }
4234 }
4235
4236 if (r > 0) {
4237 coap_log_debug("* %s: tls: recv %4d bytes\n",
4238 coap_session_str(session), r);
4239 }
4240 return r;
4241}
4242#endif /* !COAP_DISABLE_TCP */
4243
4244#if COAP_SERVER_SUPPORT
4245coap_digest_ctx_t *
4246coap_digest_setup(void) {
4247 EVP_MD_CTX *digest_ctx = EVP_MD_CTX_new();
4248
4249 if (digest_ctx) {
4250 EVP_DigestInit_ex(digest_ctx, EVP_sha256(), NULL);
4251 }
4252 return digest_ctx;
4253}
4254
4255void
4256coap_digest_free(coap_digest_ctx_t *digest_ctx) {
4257 if (digest_ctx)
4258 EVP_MD_CTX_free(digest_ctx);
4259}
4260
4261int
4262coap_digest_update(coap_digest_ctx_t *digest_ctx,
4263 const uint8_t *data,
4264 size_t data_len) {
4265 return EVP_DigestUpdate(digest_ctx, data, data_len);
4266}
4267
4268int
4269coap_digest_final(coap_digest_ctx_t *digest_ctx,
4270 coap_digest_t *digest_buffer) {
4271 unsigned int size = sizeof(coap_digest_t);
4272 int ret = EVP_DigestFinal_ex(digest_ctx, (uint8_t *)digest_buffer, &size);
4273
4274 coap_digest_free(digest_ctx);
4275 return ret;
4276}
4277#endif /* COAP_SERVER_SUPPORT */
4278
4279#if COAP_WS_SUPPORT || COAP_OSCORE_SUPPORT
4280static void
4281coap_crypto_output_errors(const char *prefix) {
4282#if COAP_MAX_LOGGING_LEVEL < _COAP_LOG_WARN
4283 (void)prefix;
4284#else /* COAP_MAX_LOGGING_LEVEL >= _COAP_LOG_WARN */
4285 unsigned long e;
4286
4287 while ((e = ERR_get_error()))
4288 coap_log_warn("%s: %s%s\n",
4289 prefix,
4290 ERR_reason_error_string(e),
4291 ssl_function_definition(e));
4292#endif /* COAP_MAX_LOGGING_LEVEL >= _COAP_LOG_WARN */
4293}
4294#endif /* COAP_WS_SUPPORT || COAP_OSCORE_SUPPORT */
4295
4296#if COAP_WS_SUPPORT
4297/*
4298 * The struct hash_algs and the function get_hash_alg() are used to
4299 * determine which hash type to use for creating the required hash object.
4300 */
4301static struct hash_algs {
4302 cose_alg_t alg;
4303 const EVP_MD *(*get_hash)(void);
4304 size_t length; /* in bytes */
4305} hashs[] = {
4306 {COSE_ALGORITHM_SHA_1, EVP_sha1, 20},
4307 {COSE_ALGORITHM_SHA_256_64, EVP_sha256, 8},
4308 {COSE_ALGORITHM_SHA_256_256, EVP_sha256, 32},
4309 {COSE_ALGORITHM_SHA_512, EVP_sha512, 64},
4310};
4311
4312static const EVP_MD *
4313get_hash_alg(cose_alg_t alg, size_t *length) {
4314 size_t idx;
4315
4316 for (idx = 0; idx < sizeof(hashs) / sizeof(struct hash_algs); idx++) {
4317 if (hashs[idx].alg == alg) {
4318 *length = hashs[idx].length;
4319 return hashs[idx].get_hash();
4320 }
4321 }
4322 coap_log_debug("get_hash_alg: COSE hash %d not supported\n", alg);
4323 return NULL;
4324}
4325
4326int
4327coap_crypto_hash(cose_alg_t alg,
4328 const coap_bin_const_t *data,
4329 coap_bin_const_t **hash) {
4330 unsigned int length;
4331 const EVP_MD *evp_md;
4332 EVP_MD_CTX *evp_ctx = NULL;
4333 coap_binary_t *dummy = NULL;
4334 size_t hash_length;
4335
4336 if ((evp_md = get_hash_alg(alg, &hash_length)) == NULL) {
4337 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
4338 return 0;
4339 }
4340 evp_ctx = EVP_MD_CTX_new();
4341 if (evp_ctx == NULL)
4342 goto error;
4343 if (EVP_DigestInit_ex(evp_ctx, evp_md, NULL) == 0)
4344 goto error;
4345 ;
4346 if (EVP_DigestUpdate(evp_ctx, data->s, data->length) == 0)
4347 goto error;
4348 ;
4349 dummy = coap_new_binary(EVP_MAX_MD_SIZE);
4350 if (dummy == NULL)
4351 goto error;
4352 if (EVP_DigestFinal_ex(evp_ctx, dummy->s, &length) == 0)
4353 goto error;
4354 dummy->length = length;
4355 if (hash_length < dummy->length)
4356 dummy->length = hash_length;
4357 *hash = (coap_bin_const_t *)(dummy);
4358 EVP_MD_CTX_free(evp_ctx);
4359 return 1;
4360
4361error:
4362 coap_crypto_output_errors("coap_crypto_hash");
4363 coap_delete_binary(dummy);
4364 if (evp_ctx)
4365 EVP_MD_CTX_free(evp_ctx);
4366 return 0;
4367}
4368#endif /* COAP_WS_SUPPORT */
4369
4370#if COAP_OSCORE_SUPPORT
4371int
4372coap_oscore_is_supported(void) {
4373 return 1;
4374}
4375
4376#include <openssl/evp.h>
4377#include <openssl/hmac.h>
4378
4379/*
4380 * The struct cipher_algs and the function get_cipher_alg() are used to
4381 * determine which cipher type to use for creating the required cipher
4382 * suite object.
4383 */
4384static struct cipher_algs {
4385 cose_alg_t alg;
4386 const EVP_CIPHER *(*get_cipher)(void);
4387} ciphers[] = {{COSE_ALGORITHM_AES_CCM_16_64_128, EVP_aes_128_ccm},
4388 {COSE_ALGORITHM_AES_CCM_16_64_256, EVP_aes_256_ccm}
4389};
4390
4391static const EVP_CIPHER *
4392get_cipher_alg(cose_alg_t alg) {
4393 size_t idx;
4394
4395 for (idx = 0; idx < sizeof(ciphers) / sizeof(struct cipher_algs); idx++) {
4396 if (ciphers[idx].alg == alg)
4397 return ciphers[idx].get_cipher();
4398 }
4399 coap_log_debug("get_cipher_alg: COSE cipher %d not supported\n", alg);
4400 return NULL;
4401}
4402
4403/*
4404 * The struct hmac_algs and the function get_hmac_alg() are used to
4405 * determine which hmac type to use for creating the required hmac
4406 * suite object.
4407 */
4408static struct hmac_algs {
4409 cose_hmac_alg_t hmac_alg;
4410 const EVP_MD *(*get_hmac)(void);
4411} hmacs[] = {
4412 {COSE_HMAC_ALG_HMAC256_256, EVP_sha256},
4413 {COSE_HMAC_ALG_HMAC384_384, EVP_sha384},
4414 {COSE_HMAC_ALG_HMAC512_512, EVP_sha512},
4415};
4416
4417static const EVP_MD *
4418get_hmac_alg(cose_hmac_alg_t hmac_alg) {
4419 size_t idx;
4420
4421 for (idx = 0; idx < sizeof(hmacs) / sizeof(struct hmac_algs); idx++) {
4422 if (hmacs[idx].hmac_alg == hmac_alg)
4423 return hmacs[idx].get_hmac();
4424 }
4425 coap_log_debug("get_hmac_alg: COSE HMAC %d not supported\n", hmac_alg);
4426 return NULL;
4427}
4428
4429int
4430coap_crypto_check_cipher_alg(cose_alg_t alg) {
4431 return get_cipher_alg(alg) != NULL;
4432}
4433
4434int
4435coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg) {
4436 cose_hmac_alg_t hmac_alg;
4437
4438 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
4439 return 0;
4440 return get_hmac_alg(hmac_alg) != NULL;
4441}
4442
4443#define C(Func) \
4444 if (1 != (Func)) { \
4445 goto error; \
4446 }
4447
4448int
4449coap_crypto_aead_encrypt(const coap_crypto_param_t *params,
4450 coap_bin_const_t *data,
4451 coap_bin_const_t *aad,
4452 uint8_t *result,
4453 size_t *max_result_len) {
4454 const EVP_CIPHER *cipher;
4455 const coap_crypto_aes_ccm_t *ccm;
4456 int tmp;
4457 int result_len = (int)(*max_result_len & INT_MAX);
4458
4459 if (data == NULL)
4460 return 0;
4461
4462 assert(params != NULL);
4463 if (!params || ((cipher = get_cipher_alg(params->alg)) == NULL)) {
4464 return 0;
4465 }
4466
4467 /* TODO: set evp_md depending on params->alg */
4468 ccm = &params->params.aes;
4469
4470 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
4471
4472 /* EVP_CIPHER_CTX_init(ctx); */
4473 C(EVP_EncryptInit_ex(ctx, cipher, NULL, NULL, NULL));
4474 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (int)ccm->l, NULL));
4475 C(EVP_CIPHER_CTX_ctrl(ctx,
4476 EVP_CTRL_AEAD_SET_IVLEN,
4477 (int)(15 - ccm->l),
4478 NULL));
4479 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ccm->tag_len, NULL));
4480 C(EVP_EncryptInit_ex(ctx, NULL, NULL, ccm->key.s, ccm->nonce));
4481 /* C(EVP_CIPHER_CTX_set_padding(ctx, 0)); */
4482
4483 C(EVP_EncryptUpdate(ctx, NULL, &result_len, NULL, (int)data->length));
4484 if (aad && aad->s && (aad->length > 0)) {
4485 C(EVP_EncryptUpdate(ctx, NULL, &result_len, aad->s, (int)aad->length));
4486 }
4487 C(EVP_EncryptUpdate(ctx, result, &result_len, data->s, (int)data->length));
4488 /* C(EVP_EncryptFinal_ex(ctx, result + result_len, &tmp)); */
4489 tmp = result_len;
4490 C(EVP_EncryptFinal_ex(ctx, result + result_len, &tmp));
4491 result_len += tmp;
4492
4493 /* retrieve the tag */
4494 C(EVP_CIPHER_CTX_ctrl(ctx,
4495 EVP_CTRL_CCM_GET_TAG,
4496 (int)ccm->tag_len,
4497 result + result_len));
4498
4499 *max_result_len = result_len + ccm->tag_len;
4500 EVP_CIPHER_CTX_free(ctx);
4501 return 1;
4502
4503error:
4504 coap_crypto_output_errors("coap_crypto_aead_encrypt");
4505 return 0;
4506}
4507
4508int
4509coap_crypto_aead_decrypt(const coap_crypto_param_t *params,
4510 coap_bin_const_t *data,
4511 coap_bin_const_t *aad,
4512 uint8_t *result,
4513 size_t *max_result_len) {
4514 const EVP_CIPHER *cipher;
4515 const coap_crypto_aes_ccm_t *ccm;
4516 int tmp;
4517 int len;
4518 const uint8_t *tag;
4519 uint8_t *rwtag;
4520
4521 if (data == NULL)
4522 return 0;
4523
4524 assert(params != NULL);
4525 if (!params || ((cipher = get_cipher_alg(params->alg)) == NULL)) {
4526 return 0;
4527 }
4528
4529 ccm = &params->params.aes;
4530
4531 if (data->length < ccm->tag_len) {
4532 return 0;
4533 } else {
4534 tag = data->s + data->length - ccm->tag_len;
4535 data->length -= ccm->tag_len;
4536 /* Kludge to stop compiler warning */
4537 memcpy(&rwtag, &tag, sizeof(rwtag));
4538 }
4539
4540 EVP_CIPHER_CTX *ctx = EVP_CIPHER_CTX_new();
4541
4542 C(EVP_DecryptInit_ex(ctx, cipher, NULL, NULL, NULL));
4543 C(EVP_CIPHER_CTX_ctrl(ctx,
4544 EVP_CTRL_AEAD_SET_IVLEN,
4545 (int)(15 - ccm->l),
4546 NULL));
4547 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_AEAD_SET_TAG, (int)ccm->tag_len, rwtag));
4548 C(EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_CCM_SET_L, (int)ccm->l, NULL));
4549 /* C(EVP_CIPHER_CTX_set_padding(ctx, 0)); */
4550 C(EVP_DecryptInit_ex(ctx, NULL, NULL, ccm->key.s, ccm->nonce));
4551
4552 C(EVP_DecryptUpdate(ctx, NULL, &len, NULL, (int)data->length));
4553 if (aad && aad->s && (aad->length > 0)) {
4554 C(EVP_DecryptUpdate(ctx, NULL, &len, aad->s, (int)aad->length));
4555 }
4556 tmp = EVP_DecryptUpdate(ctx, result, &len, data->s, (int)data->length);
4557 EVP_CIPHER_CTX_free(ctx);
4558 if (tmp <= 0) {
4559 *max_result_len = 0;
4560 return 0;
4561 }
4562 *max_result_len = len;
4563 return 1;
4564
4565error:
4566 coap_crypto_output_errors("coap_crypto_aead_decrypt");
4567 return 0;
4568}
4569
4570int
4571coap_crypto_hmac(cose_hmac_alg_t hmac_alg,
4572 coap_bin_const_t *key,
4573 coap_bin_const_t *data,
4574 coap_bin_const_t **hmac) {
4575 unsigned int result_len;
4576 const EVP_MD *evp_md;
4577 coap_binary_t *dummy = NULL;
4578
4579 assert(key);
4580 assert(data);
4581 assert(hmac);
4582
4583 if ((evp_md = get_hmac_alg(hmac_alg)) == 0) {
4584 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
4585 return 0;
4586 }
4587 dummy = coap_new_binary(EVP_MAX_MD_SIZE);
4588 if (dummy == NULL)
4589 return 0;
4590 result_len = (unsigned int)dummy->length;
4591 if (HMAC(evp_md,
4592 key->s,
4593 (int)key->length,
4594 data->s,
4595 (int)data->length,
4596 dummy->s,
4597 &result_len)) {
4598 dummy->length = result_len;
4599 *hmac = (coap_bin_const_t *)dummy;
4600 return 1;
4601 }
4602
4603 coap_crypto_output_errors("coap_crypto_hmac");
4604 return 0;
4605}
4606
4607#endif /* COAP_OSCORE_SUPPORT */
4608
4609#else /* !COAP_WITH_LIBOPENSSL */
4610
4611#ifdef __clang__
4612/* Make compilers happy that do not like empty modules. As this function is
4613 * never used, we ignore -Wunused-function at the end of compiling this file
4614 */
4615#pragma GCC diagnostic ignored "-Wunused-function"
4616#endif
4617static inline void
4618dummy(void) {
4619}
4620
4621#endif /* COAP_WITH_LIBOPENSSL */
COAP_SERVER_SUPPORT
#define COAP_SERVER_SUPPORT
Definition coap_defines.h:39
coap_session_t
struct coap_session_t coap_session_t
Definition coap_forward_decls.h:115
dummy
static void dummy(void)
Definition coap_gnutls.c:3306
COAP_RXBUFFER_SIZE
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:29
COAP_NACK_TLS_FAILED
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:66
COAP_SOCKET_WANT_READ
#define COAP_SOCKET_WANT_READ
non blocking socket is waiting for reading
Definition coap_io_internal.h:78
COAP_SOCKET_WANT_WRITE
#define COAP_SOCKET_WANT_WRITE
non blocking socket is waiting for writing
Definition coap_io_internal.h:79
coap_epoll_ctl_mod
void coap_epoll_ctl_mod(coap_socket_t *sock, uint32_t events, const char *func)
Epoll specific function to modify the state of events that epoll is tracking on the appropriate file ...
COAP_LAYER_TLS
@ COAP_LAYER_TLS
Definition coap_layers_internal.h:25
coap_libcoap_build.h
Library specific build wrapper for coap_internal.h.
COAP_STRING
@ COAP_STRING
Definition coap_mem.h:39
coap_malloc_type
void * coap_malloc_type(coap_memory_tag_t type, size_t size)
Allocates a chunk of size bytes and returns a pointer to the newly allocated memory.
coap_free_type
void coap_free_type(coap_memory_tag_t type, void *p)
Releases the memory that was allocated by coap_malloc_type().
coap_dtls_context_set_pki
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:108
coap_dtls_get_timeout
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:224
coap_tls_read
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:296
coap_dtls_get_context_timeout
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:219
coap_dtls_receive
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:238
coap_dtls_get_tls
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:153
coap_dtls_get_overhead
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:256
dtls_log_level
static coap_log_t dtls_log_level
Definition coap_notls.c:146
coap_dtls_context_check_keys_enabled
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:142
coap_dtls_send
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:207
coap_tls_write
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:284
coap_dtls_session_update_mtu
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:203
coap_dtls_context_set_pki_root_cas
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:116
coap_dtls_handle_timeout
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:233
coap_dtls_free_context
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:181
coap_dtls_free_session
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:199
coap_dtls_new_context
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:176
coap_tls_free_session
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:275
dummy
static void dummy(void)
Definition coap_openssl.c:4618
coap_digest_free
void coap_digest_free(coap_digest_ctx_t *digest_ctx)
Free off coap_digest_ctx_t.
coap_digest_final
int coap_digest_final(coap_digest_ctx_t *digest_ctx, coap_digest_t *digest_buffer)
Finalize the coap_digest information into the provided digest_buffer.
coap_digest_update
int coap_digest_update(coap_digest_ctx_t *digest_ctx, const uint8_t *data, size_t data_len)
Update the coap_digest information with the next chunk of data.
coap_digest_ctx_t
void coap_digest_ctx_t
Definition coap_cache_internal.h:142
coap_digest_setup
coap_digest_ctx_t * coap_digest_setup(void)
Initialize a coap_digest.
coap_ticks_from_rt_us
coap_tick_t coap_ticks_from_rt_us(uint64_t t)
Helper function that converts POSIX wallclock time in us to coap ticks.
coap_tick_t
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:143
coap_prng_lkd
int coap_prng_lkd(void *buf, size_t len)
Fills buf with len random bytes using the default pseudo random number generator.
Definition coap_prng.c:178
coap_handle_event_lkd
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:4363
coap_handle_dgram
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:2488
coap_crypto_hmac
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
coap_crypto_aead_decrypt
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
coap_crypto_aead_encrypt
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
coap_crypto_hash
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
coap_crypto_check_hkdf_alg
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
coap_crypto_check_cipher_alg
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
coap_tls_new_server_session
void * coap_tls_new_server_session(coap_session_t *coap_session)
Create a TLS new server-side session.
coap_get_session_client_psk_identity
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *coap_session)
Get the current client's PSK identity.
coap_dtls_startup
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:149
coap_dtls_define_issue
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
coap_dtls_new_client_session
void * coap_dtls_new_client_session(coap_session_t *coap_session)
Create a new client-side session.
coap_dtls_new_server_session
void * coap_dtls_new_server_session(coap_session_t *coap_session)
Create a new DTLS server-side session.
coap_dtls_hello
int coap_dtls_hello(coap_session_t *coap_session, const uint8_t *data, size_t data_len)
Handling client HELLO messages from a new candiate peer.
coap_dtls_set_cid_tuple_change
int coap_dtls_set_cid_tuple_change(coap_context_t *context, uint8_t every)
Set the Connection ID client tuple frequency change for testing CIDs.
coap_dtls_is_context_timeout
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:214
coap_dtls_context_set_cpsk
int coap_dtls_context_set_cpsk(coap_context_t *coap_context, coap_dtls_cpsk_t *setup_data)
Set the DTLS context's default client PSK information.
coap_dtls_context_set_spsk
int coap_dtls_context_set_spsk(coap_context_t *coap_context, coap_dtls_spsk_t *setup_data)
Set the DTLS context's default server PSK information.
coap_dtls_shutdown
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:161
coap_get_session_client_psk_key
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
coap_tls_new_client_session
void * coap_tls_new_client_session(coap_session_t *coap_session)
Create a new TLS client-side session.
coap_dtls_map_key_type_to_define
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
coap_get_session_server_psk_key
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
coap_get_session_server_psk_hint
const coap_bin_const_t * coap_get_session_server_psk_hint(const coap_session_t *coap_session)
Get the current server's PSK identity hint.
COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_PRIVATE
Definition coap_dtls_internal.h:50
COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_CA
Definition coap_dtls_internal.h:47
COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_KEY_PUBLIC
Definition coap_dtls_internal.h:49
COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NONE
Definition coap_dtls_internal.h:56
COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
Definition coap_dtls_internal.h:55
COAP_DEFINE_FAIL_BAD
@ COAP_DEFINE_FAIL_BAD
Definition coap_dtls_internal.h:54
COAP_DTLS_HINT_LENGTH
#define COAP_DTLS_HINT_LENGTH
Definition coap_dtls.h:35
coap_tls_engine_configure
int coap_tls_engine_configure(coap_str_const_t *conf_mem)
Configure an ENGINE for a TLS library.
Definition coap_notls.c:22
coap_get_tls_library_version
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:100
coap_dtls_key_t
struct coap_dtls_key_t coap_dtls_key_t
The structure that holds the PKI key information.
coap_dtls_role_t
coap_dtls_role_t
Definition coap_dtls.h:44
coap_tls_engine_remove
int coap_tls_engine_remove(void)
Remove a previously configured ENGINE from a TLS library.
Definition coap_notls.c:28
coap_dtls_spsk_info_t
struct coap_dtls_spsk_info_t coap_dtls_spsk_info_t
The structure that holds the Server Pre-Shared Key and Identity Hint information.
coap_tls_library_t
coap_tls_library_t
Definition coap_dtls.h:70
coap_dtls_pki_t
struct coap_dtls_pki_t coap_dtls_pki_t
Definition coap_dtls.h:32
COAP_PKI_KEY_DEF_PKCS11
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:245
COAP_PKI_KEY_DEF_DER_BUF
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:242
COAP_PKI_KEY_DEF_PEM_BUF
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:236
COAP_PKI_KEY_DEF_PEM
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:234
COAP_PKI_KEY_DEF_ENGINE
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:251
COAP_PKI_KEY_DEF_RPK_BUF
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:238
COAP_PKI_KEY_DEF_DER
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:240
COAP_PKI_KEY_DEF_PKCS11_RPK
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:248
COAP_DTLS_ROLE_SERVER
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:46
COAP_DTLS_ROLE_CLIENT
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:45
COAP_PKI_KEY_DEFINE
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:172
COAP_ASN1_PKEY_DH
@ COAP_ASN1_PKEY_DH
DH type.
Definition coap_dtls.h:155
COAP_ASN1_PKEY_NONE
@ COAP_ASN1_PKEY_NONE
NONE.
Definition coap_dtls.h:147
COAP_ASN1_PKEY_TLS1_PRF
@ COAP_ASN1_PKEY_TLS1_PRF
TLS1_PRF type.
Definition coap_dtls.h:160
COAP_ASN1_PKEY_RSA2
@ COAP_ASN1_PKEY_RSA2
RSA2 type.
Definition coap_dtls.h:149
COAP_ASN1_PKEY_DSA
@ COAP_ASN1_PKEY_DSA
DSA type.
Definition coap_dtls.h:150
COAP_ASN1_PKEY_DHX
@ COAP_ASN1_PKEY_DHX
DHX type.
Definition coap_dtls.h:156
COAP_ASN1_PKEY_DSA4
@ COAP_ASN1_PKEY_DSA4
DSA4 type.
Definition coap_dtls.h:154
COAP_ASN1_PKEY_DSA2
@ COAP_ASN1_PKEY_DSA2
DSA2 type.
Definition coap_dtls.h:152
COAP_ASN1_PKEY_RSA
@ COAP_ASN1_PKEY_RSA
RSA type.
Definition coap_dtls.h:148
COAP_ASN1_PKEY_DSA1
@ COAP_ASN1_PKEY_DSA1
DSA1 type.
Definition coap_dtls.h:151
COAP_ASN1_PKEY_HKDF
@ COAP_ASN1_PKEY_HKDF
HKDF type.
Definition coap_dtls.h:161
COAP_ASN1_PKEY_EC
@ COAP_ASN1_PKEY_EC
EC type.
Definition coap_dtls.h:157
COAP_ASN1_PKEY_DSA3
@ COAP_ASN1_PKEY_DSA3
DSA3 type.
Definition coap_dtls.h:153
COAP_ASN1_PKEY_HMAC
@ COAP_ASN1_PKEY_HMAC
HMAC type.
Definition coap_dtls.h:158
COAP_ASN1_PKEY_CMAC
@ COAP_ASN1_PKEY_CMAC
CMAC type.
Definition coap_dtls.h:159
COAP_TLS_LIBRARY_OPENSSL
@ COAP_TLS_LIBRARY_OPENSSL
Using OpenSSL library.
Definition coap_dtls.h:73
COAP_EVENT_DTLS_CLOSED
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:39
COAP_EVENT_DTLS_CONNECTED
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:41
COAP_EVENT_DTLS_RENEGOTIATE
@ COAP_EVENT_DTLS_RENEGOTIATE
Triggered when (D)TLS session renegotiated.
Definition coap_event.h:43
COAP_EVENT_DTLS_ERROR
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:45
coap_lock_callback_ret
#define coap_lock_callback_ret(r, c, func)
Dummy for no thread-safe code.
Definition coap_threadsafe_internal.h:521
coap_log_debug
#define coap_log_debug(...)
Definition coap_debug.h:120
coap_log_t
coap_log_t
Logging type.
Definition coap_debug.h:50
coap_dtls_get_log_level
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:171
coap_dtls_log
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:300
coap_dtls_set_log_level
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:166
coap_session_str
const char * coap_session_str(const coap_session_t *session)
Get session description.
Definition coap_session.c:2246
coap_log_info
#define coap_log_info(...)
Definition coap_debug.h:108
coap_log_warn
#define coap_log_warn(...)
Definition coap_debug.h:102
coap_log_err
#define coap_log_err(...)
Definition coap_debug.h:96
coap_log
#define coap_log(level,...)
Logging function.
Definition coap_debug.h:284
COAP_LOG_INFO
@ COAP_LOG_INFO
Definition coap_debug.h:57
COAP_LOG_EMERG
@ COAP_LOG_EMERG
Definition coap_debug.h:51
COAP_LOG_DEBUG
@ COAP_LOG_DEBUG
Definition coap_debug.h:58
COAP_LOG_WARN
@ COAP_LOG_WARN
Definition coap_debug.h:55
coap_netif_available
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
cose_get_hmac_alg_for_hkdf
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
Definition oscore_cose.c:179
cose_hkdf_alg_t
cose_hkdf_alg_t
Definition oscore_cose.h:165
cose_hmac_alg_t
cose_hmac_alg_t
Definition oscore_cose.h:157
cose_alg_t
cose_alg_t
Definition oscore_cose.h:126
COSE_HMAC_ALG_HMAC384_384
@ COSE_HMAC_ALG_HMAC384_384
Definition oscore_cose.h:160
COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC256_256
Definition oscore_cose.h:159
COSE_HMAC_ALG_HMAC512_512
@ COSE_HMAC_ALG_HMAC512_512
Definition oscore_cose.h:161
COSE_ALGORITHM_SHA_256_64
@ COSE_ALGORITHM_SHA_256_64
Definition oscore_cose.h:135
COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_256_256
Definition oscore_cose.h:134
COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_SHA_1
Definition oscore_cose.h:136
COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_AES_CCM_16_64_128
Definition oscore_cose.h:145
COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_SHA_512
Definition oscore_cose.h:128
COSE_ALGORITHM_AES_CCM_16_64_256
@ COSE_ALGORITHM_AES_CCM_16_64_256
Definition oscore_cose.h:146
COAP_DEFAULT_MTU
#define COAP_DEFAULT_MTU
Definition coap_pdu.h:41
COAP_PROTO_DTLS
@ COAP_PROTO_DTLS
Definition coap_pdu.h:316
COAP_PROTO_TLS
@ COAP_PROTO_TLS
Definition coap_pdu.h:318
coap_session_refresh_psk_hint
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
Definition coap_session.c:1670
coap_session_refresh_psk_key
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
Definition coap_session.c:1699
coap_session_refresh_psk_identity
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
Definition coap_session.c:1727
coap_session_disconnected_lkd
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
Definition coap_session.c:914
COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_HANDSHAKE
Definition coap_session.h:58
COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_CSM
Definition coap_session.h:59
coap_delete_str_const
void coap_delete_str_const(coap_str_const_t *s)
Deletes the given const string and releases any memory allocated.
Definition coap_str.c:61
coap_new_binary
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:77
coap_delete_binary
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
Definition coap_str.c:105
coap_new_str_const
coap_str_const_t * coap_new_str_const(const uint8_t *data, size_t size)
Returns a new const string object with at least size+1 bytes storage allocated, and the provided data...
Definition coap_str.c:51
coap_dtls_cid_is_supported
int coap_dtls_cid_is_supported(void)
Check whether (D)TLS CID is available.
Definition coap_notls.c:86
coap_dtls_psk_is_supported
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
coap_tls_is_supported
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
coap_oscore_is_supported
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
Definition coap_oscore.c:2184
coap_dtls_is_supported
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
coap_dtls_pki_is_supported
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
coap_dtls_rpk_is_supported
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
coap_dtls_pkcs11_is_supported
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
COAP_UNUSED
#define COAP_UNUSED
Definition libcoap.h:70
coap_bin_const_t
CoAP binary data definition with const data.
Definition coap_str.h:64
coap_bin_const_t::length
size_t length
length of binary data
Definition coap_str.h:65
coap_bin_const_t::s
const uint8_t * s
read-only binary data
Definition coap_str.h:66
coap_binary_t
CoAP binary data definition.
Definition coap_str.h:56
coap_context_t
The CoAP stack's global state is stored in a coap_context_t object.
Definition coap_net_internal.h:50
coap_context_t::dtls_context
void * dtls_context
Definition coap_net_internal.h:144
coap_context_t::spsk_setup_data
coap_dtls_spsk_t spsk_setup_data
Contains the initial PSK server setup data.
Definition coap_net_internal.h:147
coap_crypto_aes_ccm_t
The structure that holds the AES Crypto information.
Definition coap_crypto_internal.h:49
coap_crypto_aes_ccm_t::l
size_t l
The number of bytes in the length field.
Definition coap_crypto_internal.h:53
coap_crypto_aes_ccm_t::nonce
const uint8_t * nonce
must be exactly 15 - l bytes
Definition coap_crypto_internal.h:51
coap_crypto_aes_ccm_t::key
coap_crypto_key_t key
The Key to use.
Definition coap_crypto_internal.h:50
coap_crypto_aes_ccm_t::tag_len
size_t tag_len
The size of the Tag.
Definition coap_crypto_internal.h:52
coap_crypto_param_t
The common structure that holds the Crypto information.
Definition coap_crypto_internal.h:59
coap_crypto_param_t::params
union coap_crypto_param_t::@347070033161156116347020364174372227171250157130 params
coap_crypto_param_t::aes
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
Definition coap_crypto_internal.h:62
coap_crypto_param_t::alg
cose_alg_t alg
The COSE algorith to use.
Definition coap_crypto_internal.h:60
coap_digest_t
Definition coap_cache_internal.h:33
coap_dtls_cpsk_info_t
The structure that holds the Client PSK information.
Definition coap_dtls.h:379
coap_dtls_cpsk_info_t::key
coap_bin_const_t key
Definition coap_dtls.h:381
coap_dtls_cpsk_info_t::identity
coap_bin_const_t identity
Definition coap_dtls.h:380
coap_dtls_cpsk_t
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:410
coap_dtls_cpsk_t::use_cid
uint8_t use_cid
Set to 1 if DTLS Connection ID is to be used.
Definition coap_dtls.h:417
coap_dtls_cpsk_t::ih_call_back_arg
void * ih_call_back_arg
Passed in to the Identity Hint callback function.
Definition coap_dtls.h:434
coap_dtls_cpsk_t::client_sni
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:437
coap_dtls_cpsk_t::validate_ih_call_back
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:433
coap_dtls_cpsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_CPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:415
coap_dtls_key_t
The structure that holds the PKI key information.
Definition coap_dtls.h:279
coap_dtls_key_t::define
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:286
coap_dtls_key_t::key_type
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:280
coap_dtls_key_t::key
union coap_dtls_key_t::@113076155176127235351156302031377057233373343157 key
coap_dtls_pki_t
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:312
coap_dtls_pki_t::allow_no_crl
uint8_t allow_no_crl
1 ignore if CRL not there
Definition coap_dtls.h:326
coap_dtls_pki_t::cn_call_back_arg
void * cn_call_back_arg
Passed in to the CN callback function.
Definition coap_dtls.h:351
coap_dtls_pki_t::cert_chain_validation
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:323
coap_dtls_pki_t::use_cid
uint8_t use_cid
1 if DTLS Connection ID is to be used (Client only, server always enabled) if supported
Definition coap_dtls.h:333
coap_dtls_pki_t::check_cert_revocation
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:325
coap_dtls_pki_t::validate_sni_call_back
coap_dtls_pki_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:358
coap_dtls_pki_t::cert_chain_verify_depth
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:324
coap_dtls_pki_t::additional_tls_setup_call_back
coap_dtls_security_setup_t additional_tls_setup_call_back
Additional Security callback handler that is invoked when libcoap has done the standard,...
Definition coap_dtls.h:366
coap_dtls_pki_t::allow_expired_certs
uint8_t allow_expired_certs
1 if expired certs are allowed
Definition coap_dtls.h:322
coap_dtls_pki_t::verify_peer_cert
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:317
coap_dtls_pki_t::client_sni
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:368
coap_dtls_pki_t::allow_self_signed
uint8_t allow_self_signed
1 if self-signed certs are allowed.
Definition coap_dtls.h:320
coap_dtls_pki_t::sni_call_back_arg
void * sni_call_back_arg
Passed in to the sni callback function.
Definition coap_dtls.h:359
coap_dtls_pki_t::validate_cn_call_back
coap_dtls_cn_callback_t validate_cn_call_back
CN check callback function.
Definition coap_dtls.h:350
coap_dtls_pki_t::allow_expired_crl
uint8_t allow_expired_crl
1 if expired crl is allowed
Definition coap_dtls.h:327
coap_dtls_pki_t::is_rpk_not_cert
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:330
coap_dtls_pki_t::check_common_ca
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:318
coap_dtls_pki_t::pki_key
coap_dtls_key_t pki_key
PKI key definition.
Definition coap_dtls.h:373
coap_dtls_spsk_info_t
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:450
coap_dtls_spsk_info_t::hint
coap_bin_const_t hint
Definition coap_dtls.h:451
coap_dtls_spsk_info_t::key
coap_bin_const_t key
Definition coap_dtls.h:452
coap_dtls_spsk_t
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:501
coap_dtls_spsk_t::validate_sni_call_back
coap_dtls_psk_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:530
coap_dtls_spsk_t::validate_id_call_back
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:522
coap_dtls_spsk_t::id_call_back_arg
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:523
coap_dtls_spsk_t::ec_jpake
uint8_t ec_jpake
Set to COAP_DTLS_SPSK_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:506
coap_dtls_spsk_t::sni_call_back_arg
void * sni_call_back_arg
Passed in to the SNI callback function.
Definition coap_dtls.h:531
coap_dtls_spsk_t::psk_info
coap_dtls_spsk_info_t psk_info
Server PSK definition.
Definition coap_dtls.h:533
coap_layer_func_t::l_read
coap_layer_read_t l_read
Definition coap_layers_internal.h:107
coap_layer_func_t::l_write
coap_layer_write_t l_write
Definition coap_layers_internal.h:108
coap_layer_func_t::l_establish
coap_layer_establish_t l_establish
Definition coap_layers_internal.h:109
coap_pki_key_define_t::public_cert
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:261
coap_pki_key_define_t::private_key_type
coap_asn1_privatekey_type_t private_key_type
define: ASN1 Private Key Type (if needed)
Definition coap_dtls.h:269
coap_pki_key_define_t::user_pin
const char * user_pin
define: User pin to access type PKCS11.
Definition coap_dtls.h:271
coap_pki_key_define_t::private_key
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:262
coap_pki_key_define_t::ca
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:260
coap_pki_key_define_t::public_cert_len
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:264
coap_pki_key_define_t::ca_len
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:263
coap_pki_key_define_t::private_key_def
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:268
coap_pki_key_define_t::private_key_len
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:265
coap_pki_key_define_t::ca_def
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:266
coap_pki_key_define_t::public_cert_def
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:267
coap_session_t
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
Definition coap_session_internal.h:68
coap_session_t::dtls_timeout_count
unsigned int dtls_timeout_count
dtls setup retry counter
Definition coap_session_internal.h:175
coap_session_t::psk_key
coap_bin_const_t * psk_key
If client, this field contains the current pre-shared key for server; When this field is NULL,...
Definition coap_session_internal.h:127
coap_session_t::sock
coap_socket_t sock
socket object for the session, if any
Definition coap_session_internal.h:81
coap_session_t::state
coap_session_state_t state
current state of relationship with peer
Definition coap_session_internal.h:71
coap_session_t::proto
coap_proto_t proto
protocol used
Definition coap_session_internal.h:69
coap_session_t::cpsk_setup_data
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
Definition coap_session_internal.h:116
coap_session_t::mtu
size_t mtu
path or CSM mtu (xmt)
Definition coap_session_internal.h:75
coap_session_t::dtls_event
int dtls_event
Tracking any (D)TLS events on this session.
Definition coap_session_internal.h:176
coap_session_t::tls
void * tls
security parameters
Definition coap_session_internal.h:87
coap_session_t::max_retransmit
uint16_t max_retransmit
maximum re-transmit count (default 4)
Definition coap_session_internal.h:150
coap_session_t::context
coap_context_t * context
session's context
Definition coap_session_internal.h:86
coap_socket_t::lfunc
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
Definition coap_io_internal.h:68
coap_socket_t::flags
coap_socket_flags_t flags
1 or more of COAP_SOCKET* flag values
Definition coap_io_internal.h:59
coap_str_const_t
CoAP string data definition with const data.
Definition coap_str.h:46
coap_str_const_t::s
const uint8_t * s
read-only string data
Definition coap_str.h:48
coap_str_const_t::length
size_t length
length of string
Definition coap_str.h:47
coap_tls_version_t
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:83
coap_tls_version_t::built_version
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:86
coap_tls_version_t::type
coap_tls_library_t type
Library type.
Definition coap_dtls.h:85
coap_tls_version_t::version
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:84
coap_const_char_ptr_t::s_byte
const char * s_byte
signed char ptr
Definition coap_str.h:73
coap_const_char_ptr_t::u_byte
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:74