libcoap 4.3.5rc1
Loading...
Searching...
No Matches
coap_gnutls.c
Go to the documentation of this file.
1/*
2 * coap_gnutls.c -- GnuTLS Datagram Transport Layer Support for libcoap
3 *
4 * Copyright (C) 2017 Dag Bjorklund <dag.bjorklund@comsel.fi>
5 * Copyright (C) 2018-2024 Jon Shallow <supjps-libcoap@jpshallow.com>
6 *
7 * SPDX-License-Identifier: BSD-2-Clause
8 *
9 * This file is part of the CoAP library libcoap. Please see README for terms
10 * of use.
11 */
12
18/*
19 * Naming used to prevent confusion between coap sessions, gnutls sessions etc.
20 * when reading the code.
21 *
22 * c_context A coap_context_t *
23 * c_session A coap_session_t *
24 * g_context A coap_gnutls_context_t * (held in c_context->dtls_context)
25 * g_session A gnutls_session_t (which has the * in the typedef)
26 * g_env A coap_gnutls_env_t * (held in c_session->tls)
27 */
28
29/*
30 * Notes
31 *
32 * There is a memory leak in GnuTLS prior to 3.3.26 when hint is not freed off
33 * when server psk credentials are freed off.
34 *
35 * ca_path in coap_dtls_context_set_pki_root_cas() is not supported until 3.3.6
36 *
37 * Identity Hint is not provided if using DH and versions prior to 3.4.4
38 *
39 * 3.5.5 or later is required to interoperate with TinyDTLS as CCM algorithm
40 * support is required.
41 *
42 * TLS 1.3 is properly supported from 3.6.5 onwards
43 * (but is not enabled by default in 3.6.4)
44 *
45 * Starting with 3.6.3, fixed in 3.6.13, Client Hellos may fail with some
46 * server implementations (e.g. Californium) as random value is all zeros
47 * - CVE-2020-11501 - a security weakness.
48 * 3.6.6 or later is required to support Raw Public Key(RPK)
49 */
50
52
53#ifdef COAP_WITH_LIBGNUTLS
54
55#define MIN_GNUTLS_VERSION "3.3.0"
56
57#include <stdio.h>
58#include <gnutls/gnutls.h>
59#include <gnutls/x509.h>
60#include <gnutls/dtls.h>
61#include <gnutls/pkcs11.h>
62#include <gnutls/crypto.h>
63#include <gnutls/abstract.h>
64#include <unistd.h>
65#if (GNUTLS_VERSION_NUMBER >= 0x030606)
66#define COAP_GNUTLS_KEY_RPK GNUTLS_KEY_DIGITAL_SIGNATURE | \
67 GNUTLS_KEY_NON_REPUDIATION | \
68 GNUTLS_KEY_KEY_ENCIPHERMENT | \
69 GNUTLS_KEY_DATA_ENCIPHERMENT | \
70 GNUTLS_KEY_KEY_AGREEMENT | \
71 GNUTLS_KEY_KEY_CERT_SIGN
72#endif /* GNUTLS_VERSION_NUMBER >= 0x030606 */
73
74#ifndef GNUTLS_CRT_RAW
75#define GNUTLS_CRT_RAW GNUTLS_CRT_RAWPK
76#endif /* GNUTLS_CRT_RAW */
77
78#ifdef _WIN32
79#define strcasecmp _stricmp
80#endif
81
82typedef struct coap_ssl_t {
83 const uint8_t *pdu;
84 unsigned pdu_len;
85 unsigned peekmode;
86 gnutls_datum_t cookie_key;
87} coap_ssl_t;
88
89/*
90 * This structure encapsulates the GnuTLS session object.
91 * It handles both TLS and DTLS.
92 * c_session->tls points to this.
93 */
94typedef struct coap_gnutls_env_t {
95 gnutls_session_t g_session;
96 gnutls_psk_client_credentials_t psk_cl_credentials;
97 gnutls_psk_server_credentials_t psk_sv_credentials;
98 gnutls_certificate_credentials_t pki_credentials;
99 coap_ssl_t coap_ssl_data;
100 /* If not set, need to do gnutls_handshake */
101 int established;
102 int doing_dtls_timeout;
103 coap_tick_t last_timeout;
104 int sent_alert;
105} coap_gnutls_env_t;
106
107#define IS_PSK (1 << 0)
108#define IS_PKI (1 << 1)
109#define IS_CLIENT (1 << 6)
110#define IS_SERVER (1 << 7)
111
112typedef struct pki_sni_entry {
113 char *sni;
114 coap_dtls_key_t pki_key;
115 gnutls_certificate_credentials_t pki_credentials;
116} pki_sni_entry;
117
118typedef struct psk_sni_entry {
119 char *sni;
120 coap_dtls_spsk_info_t psk_info;
121 gnutls_psk_server_credentials_t psk_credentials;
122} psk_sni_entry;
123
124typedef struct coap_gnutls_context_t {
125 coap_dtls_pki_t setup_data;
126 int psk_pki_enabled;
127 size_t pki_sni_count;
128 pki_sni_entry *pki_sni_entry_list;
129 size_t psk_sni_count;
130 psk_sni_entry *psk_sni_entry_list;
131 gnutls_datum_t alpn_proto; /* Will be "coap", but that is a const */
132 char *root_ca_file;
133 char *root_ca_path;
134 gnutls_priority_t priority_cache;
135} coap_gnutls_context_t;
136
137typedef enum coap_free_bye_t {
138 COAP_FREE_BYE_AS_TCP,
139 COAP_FREE_BYE_AS_UDP,
140 COAP_FREE_BYE_NONE
141} coap_free_bye_t;
142
143#define VARIANTS_3_6_6 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8:+CTYPE-CLI-ALL:+CTYPE-SRV-ALL:+SHA256"
144#define VARIANTS_3_5_5 "NORMAL:+ECDHE-PSK:+PSK:+ECDHE-ECDSA:+AES-128-CCM-8"
145#define VARIANTS_BASE "NORMAL:+ECDHE-PSK:+PSK"
146
147#define VARIANTS_NO_TLS13_3_6_6 VARIANTS_3_6_6 ":-VERS-TLS1.3"
148#define VARIANTS_NO_TLS13_3_6_4 VARIANTS_3_5_5 ":-VERS-TLS1.3"
149
150#define G_ACTION(xx) do { \
151 ret = (xx); \
152 } while (ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
153
154#define G_CHECK(xx,func) do { \
155 if ((ret = (xx)) < 0) { \
156 coap_log_warn("%s: '%s'\n", func, gnutls_strerror(ret)); \
157 goto fail; \
158 } \
159 } while (0)
160
161#define G_ACTION_CHECK(xx,func) do { \
162 G_ACTION(xx); \
163 G_CHECK(xx, func); \
164 } while 0
165
167
168#if COAP_SERVER_SUPPORT
169static int post_client_hello_gnutls_pki(gnutls_session_t g_session);
170static int post_client_hello_gnutls_psk(gnutls_session_t g_session);
171static int psk_server_callback(gnutls_session_t g_session,
172 const char *identity,
173 gnutls_datum_t *key);
174#endif /* COAP_SERVER_SUPPORT */
175
176/*
177 * return 0 failed
178 * 1 passed
179 */
180int
182 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
183 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
184 return 0;
185 }
186 return 1;
187}
188
189/*
190 * return 0 failed
191 * 1 passed
192 */
193int
195#if !COAP_DISABLE_TCP
196 if (gnutls_check_version(MIN_GNUTLS_VERSION) == NULL) {
197 coap_log_err("GnuTLS " MIN_GNUTLS_VERSION " or later is required\n");
198 return 0;
199 }
200 return 1;
201#else /* COAP_DISABLE_TCP */
202 return 0;
203#endif /* COAP_DISABLE_TCP */
204}
205
206/*
207 * return 0 failed
208 * 1 passed
209 */
210int
212 return 1;
213}
214
215/*
216 * return 0 failed
217 * 1 passed
218 */
219int
221 return 1;
222}
223
224/*
225 * return 0 failed
226 * 1 passed
227 */
228int
230 return 1;
231}
232
233/*
234 * return 0 failed
235 * 1 passed
236 */
237int
239#if (GNUTLS_VERSION_NUMBER >= 0x030606)
240 return 1;
241#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
242 return 0;
243#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
244}
245
248 static coap_tls_version_t version;
249 const char *vers = gnutls_check_version(NULL);
250
251 version.version = 0;
252 if (vers) {
253 int p1, p2, p3;
254
255 sscanf(vers, "%d.%d.%d", &p1, &p2, &p3);
256 version.version = (p1 << 16) | (p2 << 8) | p3;
257 }
258 version.built_version = GNUTLS_VERSION_NUMBER;
260 return &version;
261}
262
263static void
264coap_gnutls_audit_log_func(gnutls_session_t g_session, const char *text) {
265#if COAP_MAX_LOGGING_LEVEL > 0
266 if (g_session) {
267 coap_session_t *c_session =
268 (coap_session_t *)gnutls_transport_get_ptr(g_session);
269 coap_log_warn("** %s: %s",
270 coap_session_str(c_session), text);
271 } else {
272 coap_log_warn("** (null): %s", text);
273 }
274#else /* COAP_MAX_LOGGING_LEVEL == 0 */
275 (void)g_session;
276 (void)text;
277#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
278}
279
280static void
281coap_gnutls_log_func(int level, const char *text) {
282 /* Things get noisy, even at level 1 */
283 if (level > 0)
284 level += COAP_LOG_WARN;
285 if (level > COAP_LOG_DEBUG)
286 level = COAP_LOG_DEBUG;
287 coap_dtls_log(level, "%s", text);
288}
289
290/*
291 * return 0 failed
292 * 1 passed
293 */
294int
296 const coap_dtls_pki_t *setup_data,
297 const coap_dtls_role_t role COAP_UNUSED) {
298 coap_dtls_key_t key;
299 coap_gnutls_context_t *g_context =
300 ((coap_gnutls_context_t *)c_context->dtls_context);
301
302 if (!g_context || !setup_data)
303 return 0;
304
305 g_context->setup_data = *setup_data;
306 if (!g_context->setup_data.verify_peer_cert) {
307 /* Needs to be clear so that no CA DNs are transmitted */
308 g_context->setup_data.check_common_ca = 0;
309 if (g_context->setup_data.is_rpk_not_cert) {
310 /* Disable all of these as they cannot be checked */
311 g_context->setup_data.allow_self_signed = 0;
312 g_context->setup_data.allow_expired_certs = 0;
313 g_context->setup_data.cert_chain_validation = 0;
314 g_context->setup_data.cert_chain_verify_depth = 0;
315 g_context->setup_data.check_cert_revocation = 0;
316 g_context->setup_data.allow_no_crl = 0;
317 g_context->setup_data.allow_expired_crl = 0;
318 g_context->setup_data.allow_bad_md_hash = 0;
319 g_context->setup_data.allow_short_rsa_length = 0;
320 } else {
321 /* Allow all of these but warn if issue */
322 g_context->setup_data.allow_self_signed = 1;
323 g_context->setup_data.allow_expired_certs = 1;
324 g_context->setup_data.cert_chain_validation = 1;
325 g_context->setup_data.cert_chain_verify_depth = 10;
326 g_context->setup_data.check_cert_revocation = 1;
327 g_context->setup_data.allow_no_crl = 1;
328 g_context->setup_data.allow_expired_crl = 1;
329 g_context->setup_data.allow_bad_md_hash = 1;
330 g_context->setup_data.allow_short_rsa_length = 1;
331 }
332 }
333 /* Map over to the new define format to save code duplication */
334 coap_dtls_map_key_type_to_define(&g_context->setup_data, &key);
335 g_context->setup_data.pki_key = key;
336 g_context->psk_pki_enabled |= IS_PKI;
337 return 1;
338}
339
340/*
341 * return 0 failed
342 * 1 passed
343 */
344int
346 const char *ca_file,
347 const char *ca_path) {
348 coap_gnutls_context_t *g_context =
349 ((coap_gnutls_context_t *)c_context->dtls_context);
350 if (!g_context) {
351 coap_log_warn("coap_context_set_pki_root_cas: (D)TLS environment "
352 "not set up\n");
353 return 0;
354 }
355
356 if (ca_file == NULL && ca_path == NULL) {
357 coap_log_warn("coap_context_set_pki_root_cas: ca_file and/or ca_path "
358 "not defined\n");
359 return 0;
360 }
361 if (g_context->root_ca_file) {
362 gnutls_free(g_context->root_ca_file);
363 g_context->root_ca_file = NULL;
364 }
365 if (ca_file) {
366 g_context->root_ca_file = gnutls_strdup(ca_file);
367 }
368 if (g_context->root_ca_path) {
369 gnutls_free(g_context->root_ca_path);
370 g_context->root_ca_path = NULL;
371 }
372 if (ca_path) {
373#if (GNUTLS_VERSION_NUMBER >= 0x030306)
374 g_context->root_ca_path = gnutls_strdup(ca_path);
375#else
376 coap_log_err("ca_path not supported in GnuTLS < 3.3.6\n");
377#endif
378 }
379 return 1;
380}
381
382#if COAP_SERVER_SUPPORT
383/*
384 * return 0 failed
385 * 1 passed
386 */
387int
389 coap_dtls_spsk_t *setup_data
390 ) {
391 coap_gnutls_context_t *g_context =
392 ((coap_gnutls_context_t *)c_context->dtls_context);
393
394 if (!g_context || !setup_data)
395 return 0;
396
397 g_context->psk_pki_enabled |= IS_PSK;
398 return 1;
399}
400#endif /* COAP_SERVER_SUPPORT */
401
402#if COAP_CLIENT_SUPPORT
403/*
404 * return 0 failed
405 * 1 passed
406 */
407int
409 coap_dtls_cpsk_t *setup_data
410 ) {
411 coap_gnutls_context_t *g_context =
412 ((coap_gnutls_context_t *)c_context->dtls_context);
413
414 if (!g_context || !setup_data)
415 return 0;
416
417 g_context->psk_pki_enabled |= IS_PSK;
418 return 1;
419}
420#endif /* COAP_CLIENT_SUPPORT */
421
422/*
423 * return 0 failed
424 * 1 passed
425 */
426int
428 coap_gnutls_context_t *g_context =
429 ((coap_gnutls_context_t *)c_context->dtls_context);
430 return g_context->psk_pki_enabled ? 1 : 0;
431}
432
433void
434coap_dtls_startup(void) {
435 gnutls_global_set_audit_log_function(coap_gnutls_audit_log_func);
436 gnutls_global_set_log_function(coap_gnutls_log_func);
437}
438
439void
440coap_dtls_shutdown(void) {
442}
443
444void *
445coap_dtls_get_tls(const coap_session_t *c_session,
446 coap_tls_library_t *tls_lib) {
447 if (tls_lib)
448 *tls_lib = COAP_TLS_LIBRARY_GNUTLS;
449 if (c_session && c_session->tls) {
450 const coap_gnutls_env_t *g_env = (const coap_gnutls_env_t *)c_session->tls;
451
452 return g_env->g_session;
453 }
454 return NULL;
455}
456
457void
459 dtls_log_level = level;
460 gnutls_global_set_log_level(dtls_log_level);
461}
462
463/*
464 * return current logging level
465 */
468 return dtls_log_level;
469}
470
471/*
472 * return +ve new g_context
473 * NULL failure
474 */
475void *
477 const char *err;
478 int ret;
479 coap_gnutls_context_t *g_context =
480 (coap_gnutls_context_t *)
481 gnutls_malloc(sizeof(coap_gnutls_context_t));
482
483 if (g_context) {
485 const char *priority;
486
487 G_CHECK(gnutls_global_init(), "gnutls_global_init");
488 memset(g_context, 0, sizeof(coap_gnutls_context_t));
489 g_context->alpn_proto.data = gnutls_malloc(4);
490 if (g_context->alpn_proto.data) {
491 memcpy(g_context->alpn_proto.data, "coap", 4);
492 g_context->alpn_proto.size = 4;
493 }
494
495 if (tls_version->version >= 0x030606) {
496 priority = VARIANTS_3_6_6;
497 } else if (tls_version->version >= 0x030505) {
498 priority = VARIANTS_3_5_5;
499 } else {
500 priority = VARIANTS_BASE;
501 }
502 ret = gnutls_priority_init(&g_context->priority_cache, priority, &err);
503 if (ret != GNUTLS_E_SUCCESS) {
504 if (ret == GNUTLS_E_INVALID_REQUEST)
505 coap_log_warn("gnutls_priority_init: Syntax error at: %s\n", err);
506 else
507 coap_log_warn("gnutls_priority_init: %s\n", gnutls_strerror(ret));
508 goto fail;
509 }
510 }
511 return g_context;
512
513fail:
514 if (g_context)
515 coap_dtls_free_context(g_context);
516 return NULL;
517}
518
519void
520coap_dtls_free_context(void *handle) {
521 size_t i;
522 coap_gnutls_context_t *g_context = (coap_gnutls_context_t *)handle;
523
524 gnutls_free(g_context->alpn_proto.data);
525 gnutls_free(g_context->root_ca_file);
526 gnutls_free(g_context->root_ca_path);
527 for (i = 0; i < g_context->pki_sni_count; i++) {
528 gnutls_free(g_context->pki_sni_entry_list[i].sni);
529 gnutls_certificate_free_credentials(
530 g_context->pki_sni_entry_list[i].pki_credentials);
531 }
532 if (g_context->pki_sni_entry_list)
533 gnutls_free(g_context->pki_sni_entry_list);
534
535 for (i = 0; i < g_context->psk_sni_count; i++) {
536 gnutls_free(g_context->psk_sni_entry_list[i].sni);
537 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
538 gnutls_psk_free_server_credentials(
539 g_context->psk_sni_entry_list[i].psk_credentials);
540 }
541 if (g_context->psk_sni_entry_list)
542 gnutls_free(g_context->psk_sni_entry_list);
543
544 gnutls_priority_deinit(g_context->priority_cache);
545
546 gnutls_global_deinit();
547 gnutls_free(g_context);
548}
549
550#if COAP_CLIENT_SUPPORT
551/*
552 * gnutls_psk_client_credentials_function return values
553 * (see gnutls_psk_set_client_credentials_function())
554 *
555 * return -1 failed
556 * 0 passed
557 */
558static int
559psk_client_callback(gnutls_session_t g_session,
560 char **username, gnutls_datum_t *key) {
561 coap_session_t *c_session =
562 (coap_session_t *)gnutls_transport_get_ptr(g_session);
563 coap_gnutls_context_t *g_context;
564 coap_dtls_cpsk_t *setup_data;
565 const char *hint = gnutls_psk_client_get_hint(g_session);
566 coap_bin_const_t temp;
567 const coap_bin_const_t *psk_key;
568 const coap_bin_const_t *psk_identity;
569 const coap_dtls_cpsk_info_t *cpsk_info;
570
571 /* Initialize result parameters. */
572 *username = NULL;
573 key->data = NULL;
574
575 if (c_session == NULL)
576 return -1;
577
578 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
579 if (g_context == NULL)
580 return -1;
581
582 setup_data = &c_session->cpsk_setup_data;
583
584 temp.s = hint ? (const uint8_t *)hint : (const uint8_t *)"";
585 temp.length = strlen((const char *)temp.s);
586 coap_session_refresh_psk_hint(c_session, &temp);
587
588 coap_log_debug("got psk_identity_hint: '%.*s'\n", (int)temp.length,
589 (const char *)temp.s);
590
591 if (setup_data->validate_ih_call_back) {
592 coap_str_const_t lhint;
593
594 lhint.length = temp.length;
595 lhint.s = temp.s;
596 cpsk_info =
597 setup_data->validate_ih_call_back(&lhint,
598 c_session,
599 setup_data->ih_call_back_arg);
600
601 if (cpsk_info == NULL)
602 return -1;
603
604 coap_session_refresh_psk_identity(c_session, &cpsk_info->identity);
605 coap_session_refresh_psk_key(c_session, &cpsk_info->key);
606 psk_identity = &cpsk_info->identity;
607 psk_key = &cpsk_info->key;
608 } else {
609 psk_identity = coap_get_session_client_psk_identity(c_session);
610 psk_key = coap_get_session_client_psk_key(c_session);
611 }
612
613 if (psk_identity == NULL || psk_key == NULL) {
614 coap_log_warn("no PSK available\n");
615 return -1;
616 }
617
618 *username = gnutls_malloc(psk_identity->length+1);
619 if (*username == NULL)
620 return -1;
621 memcpy(*username, psk_identity->s, psk_identity->length);
622 (*username)[psk_identity->length] = '\000';
623
624 key->data = gnutls_malloc(psk_key->length);
625 if (key->data == NULL) {
626 gnutls_free(*username);
627 *username = NULL;
628 return -1;
629 }
630 memcpy(key->data, psk_key->s, psk_key->length);
631 key->size = psk_key->length;
632 return 0;
633}
634#endif /* COAP_CLIENT_SUPPORT */
635
636typedef struct {
637 gnutls_certificate_type_t certificate_type;
638 char *san_or_cn;
639 const gnutls_datum_t *cert_list;
640 unsigned int cert_list_size;
641 int self_signed; /* 1 if cert self-signed, 0 otherwise */
642} coap_gnutls_certificate_info_t;
643
644/*
645 * return Type of certificate and SAN or CN if appropriate derived from
646 * certificate. GNUTLS_CRT_UNKNOWN if failure.
647 */
648static gnutls_certificate_type_t
649get_san_or_cn(gnutls_session_t g_session,
650 coap_gnutls_certificate_info_t *cert_info) {
651 gnutls_x509_crt_t cert;
652 char dn[256];
653 size_t size;
654 int n;
655 char *cn;
656 int ret;
657
658#if (GNUTLS_VERSION_NUMBER >= 0x030606)
659 cert_info->certificate_type = gnutls_certificate_type_get2(g_session,
660 GNUTLS_CTYPE_PEERS);
661#else /* < 3.6.6 */
662 cert_info->certificate_type = gnutls_certificate_type_get(g_session);
663#endif /* < 3.6.6 */
664
665 cert_info->san_or_cn = NULL;
666
667 cert_info->cert_list = gnutls_certificate_get_peers(g_session,
668 &cert_info->cert_list_size);
669 if (cert_info->cert_list_size == 0) {
670 return GNUTLS_CRT_UNKNOWN;
671 }
672
673 if (cert_info->certificate_type != GNUTLS_CRT_X509)
674 return cert_info->certificate_type;
675
676 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
677
678 /* Interested only in first cert in chain */
679 G_CHECK(gnutls_x509_crt_import(cert, &cert_info->cert_list[0],
680 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
681
682 cert_info->self_signed = gnutls_x509_crt_check_issuer(cert, cert);
683
684 size = sizeof(dn) -1;
685 /* See if there is a Subject Alt Name first */
686 ret = gnutls_x509_crt_get_subject_alt_name(cert, 0, dn, &size, NULL);
687 if (ret >= 0) {
688 dn[size] = '\000';
689 gnutls_x509_crt_deinit(cert);
690 cert_info->san_or_cn = gnutls_strdup(dn);
691 return cert_info->certificate_type;
692 }
693
694 size = sizeof(dn);
695 G_CHECK(gnutls_x509_crt_get_dn(cert, dn, &size), "gnutls_x509_crt_get_dn");
696
697 gnutls_x509_crt_deinit(cert);
698
699 /* Need to emulate strcasestr() here. Looking for CN= */
700 n = strlen(dn) - 3;
701 cn = dn;
702 while (n > 0) {
703 if (((cn[0] == 'C') || (cn[0] == 'c')) &&
704 ((cn[1] == 'N') || (cn[1] == 'n')) &&
705 (cn[2] == '=')) {
706 cn += 3;
707 break;
708 }
709 cn++;
710 n--;
711 }
712 if (n > 0) {
713 char *ecn = strchr(cn, ',');
714 if (ecn) {
715 cn[ecn-cn] = '\000';
716 }
717 cert_info->san_or_cn = gnutls_strdup(cn);
718 return cert_info->certificate_type;
719 }
720 return GNUTLS_CRT_UNKNOWN;
721
722fail:
723 return GNUTLS_CRT_UNKNOWN;
724}
725
726#if (GNUTLS_VERSION_NUMBER >= 0x030606)
727#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
728 cert_info.san_or_cn : \
729 cert_type == GNUTLS_CRT_RAW ? \
730 COAP_DTLS_RPK_CERT_CN : "?")
731#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
732#define OUTPUT_CERT_NAME (cert_type == GNUTLS_CRT_X509 ? \
733 cert_info.san_or_cn : "?")
734#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
735
736#if (GNUTLS_VERSION_NUMBER >= 0x030606)
737static int
738check_rpk_cert(coap_gnutls_context_t *g_context,
739 coap_gnutls_certificate_info_t *cert_info,
740 coap_session_t *c_session) {
741 int ret;
742
743 if (g_context->setup_data.validate_cn_call_back) {
744 gnutls_pcert_st pcert;
745 uint8_t der[2048];
746 size_t size;
747
748 G_CHECK(gnutls_pcert_import_rawpk_raw(&pcert, &cert_info->cert_list[0],
749 GNUTLS_X509_FMT_DER, 0, 0),
750 "gnutls_pcert_import_rawpk_raw");
751
752 size = sizeof(der);
753 G_CHECK(gnutls_pubkey_export(pcert.pubkey, GNUTLS_X509_FMT_DER, der, &size),
754 "gnutls_pubkey_export");
755 gnutls_pcert_deinit(&pcert);
756 if (!g_context->setup_data.validate_cn_call_back(COAP_DTLS_RPK_CERT_CN,
757 der,
758 size,
759 c_session,
760 0,
761 1,
762 g_context->setup_data.cn_call_back_arg)) {
763 return 0;
764 }
765 }
766 return 1;
767fail:
768 return 0;
769}
770#endif /* >= 3.6.6 */
771
772/*
773 * return 0 failed
774 * 1 passed
775 */
776static int
777cert_verify_gnutls(gnutls_session_t g_session) {
778 unsigned int status = 0;
779 unsigned int fail = 0;
780 coap_session_t *c_session =
781 (coap_session_t *)gnutls_transport_get_ptr(g_session);
782 coap_gnutls_context_t *g_context =
783 (coap_gnutls_context_t *)c_session->context->dtls_context;
784 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
785 int alert = GNUTLS_A_BAD_CERTIFICATE;
786 int ret;
787 coap_gnutls_certificate_info_t cert_info;
788 gnutls_certificate_type_t cert_type;
789
790 memset(&cert_info, 0, sizeof(cert_info));
791 cert_type = get_san_or_cn(g_session, &cert_info);
792#if (GNUTLS_VERSION_NUMBER >= 0x030606)
793 if (cert_type == GNUTLS_CRT_RAW) {
794 if (!check_rpk_cert(g_context, &cert_info, c_session)) {
795 alert = GNUTLS_A_ACCESS_DENIED;
796 goto fail;
797 }
798 goto ok;
799 }
800#endif /* >= 3.6.6 */
801
802 if (cert_info.cert_list_size == 0 && !g_context->setup_data.verify_peer_cert)
803 goto ok;
804
805 G_CHECK(gnutls_certificate_verify_peers(g_session, NULL, 0, &status),
806 "gnutls_certificate_verify_peers");
807
808 if (status) {
809 status &= ~(GNUTLS_CERT_INVALID);
810 if (status & (GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED)) {
811 status &= ~(GNUTLS_CERT_NOT_ACTIVATED|GNUTLS_CERT_EXPIRED);
812 if (g_context->setup_data.allow_expired_certs) {
813 coap_log_info(" %s: %s: overridden: '%s'\n",
814 coap_session_str(c_session),
815 "The certificate has an invalid usage date",
816 OUTPUT_CERT_NAME);
817 } else {
818 fail = 1;
819 coap_log_warn(" %s: %s: '%s'\n",
820 coap_session_str(c_session),
821 "The certificate has an invalid usage date",
822 OUTPUT_CERT_NAME);
823 }
824 }
825 if (status & (GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
826 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE)) {
827 status &= ~(GNUTLS_CERT_REVOCATION_DATA_SUPERSEDED|
828 GNUTLS_CERT_REVOCATION_DATA_ISSUED_IN_FUTURE);
829 if (g_context->setup_data.allow_expired_crl) {
830 coap_log_info(" %s: %s: overridden: '%s'\n",
831 coap_session_str(c_session),
832 "The certificate's CRL entry has an invalid usage date",
833 OUTPUT_CERT_NAME);
834 } else {
835 fail = 1;
836 coap_log_warn(" %s: %s: '%s'\n",
837 coap_session_str(c_session),
838 "The certificate's CRL entry has an invalid usage date",
839 OUTPUT_CERT_NAME);
840 }
841 }
842 if (status & (GNUTLS_CERT_SIGNER_NOT_FOUND)) {
843 status &= ~(GNUTLS_CERT_SIGNER_NOT_FOUND);
844 if (cert_info.self_signed) {
845 if (g_context->setup_data.allow_self_signed &&
846 !g_context->setup_data.check_common_ca) {
847 coap_log_info(" %s: %s: overridden: '%s'\n",
848 coap_session_str(c_session),
849 "Self-signed",
850 OUTPUT_CERT_NAME);
851 } else {
852 fail = 1;
853 alert = GNUTLS_A_UNKNOWN_CA;
854 coap_log_warn(" %s: %s: '%s'\n",
855 coap_session_str(c_session),
856 "Self-signed",
857 OUTPUT_CERT_NAME);
858 }
859 } else {
860 if (!g_context->setup_data.verify_peer_cert) {
861 coap_log_info(" %s: %s: overridden: '%s'\n",
862 coap_session_str(c_session),
863 "The peer certificate's CA is unknown",
864 OUTPUT_CERT_NAME);
865 } else {
866 fail = 1;
867 alert = GNUTLS_A_UNKNOWN_CA;
868 coap_log_warn(" %s: %s: '%s'\n",
869 coap_session_str(c_session),
870 "The peer certificate's CA is unknown",
871 OUTPUT_CERT_NAME);
872 }
873 }
874 }
875 if (status & (GNUTLS_CERT_INSECURE_ALGORITHM)) {
876 status &= ~(GNUTLS_CERT_INSECURE_ALGORITHM);
877 fail = 1;
878 coap_log_warn(" %s: %s: '%s'\n",
879 coap_session_str(c_session),
880 "The certificate uses an insecure algorithm",
881 OUTPUT_CERT_NAME);
882 }
883
884 if (status) {
885 fail = 1;
886 coap_log_warn(" %s: gnutls_certificate_verify_peers() status 0x%x: '%s'\n",
887 coap_session_str(c_session),
888 status, OUTPUT_CERT_NAME);
889 }
890 }
891
892 if (fail)
893 goto fail;
894
895 if (g_context->setup_data.validate_cn_call_back) {
896 gnutls_x509_crt_t cert;
897 uint8_t der[2048];
898 size_t size;
899 /* status == 0 indicates that the certificate passed to
900 * setup_data.validate_cn_call_back has been validated. */
901 const int cert_is_trusted = !status;
902
903 G_CHECK(gnutls_x509_crt_init(&cert), "gnutls_x509_crt_init");
904
905 /* Interested only in first cert in chain */
906 G_CHECK(gnutls_x509_crt_import(cert, &cert_info.cert_list[0],
907 GNUTLS_X509_FMT_DER), "gnutls_x509_crt_import");
908
909 size = sizeof(der);
910 G_CHECK(gnutls_x509_crt_export(cert, GNUTLS_X509_FMT_DER, der, &size),
911 "gnutls_x509_crt_export");
912 gnutls_x509_crt_deinit(cert);
913 if (!g_context->setup_data.validate_cn_call_back(OUTPUT_CERT_NAME,
914 der,
915 size,
916 c_session,
917 0,
918 cert_is_trusted,
919 g_context->setup_data.cn_call_back_arg)) {
920 alert = GNUTLS_A_ACCESS_DENIED;
921 goto fail;
922 }
923 }
924
925 if (g_context->setup_data.additional_tls_setup_call_back) {
926 /* Additional application setup wanted */
927 if (!g_context->setup_data.additional_tls_setup_call_back(g_session,
928 &g_context->setup_data)) {
929 goto fail;
930 }
931 }
932
933ok:
934 if (cert_info.san_or_cn)
935 gnutls_free(cert_info.san_or_cn);
936
937 return 1;
938
939fail:
940 if (cert_info.san_or_cn)
941 gnutls_free(cert_info.san_or_cn);
942
943 if (!g_env->sent_alert) {
944 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL, alert));
945 g_env->sent_alert = 1;
946 }
948 return 0;
949}
950
951/*
952 * gnutls_certificate_verify_function return values
953 * (see gnutls_certificate_set_verify_function())
954 *
955 * return -1 failed
956 * 0 passed
957 */
958static int
959cert_verify_callback_gnutls(gnutls_session_t g_session) {
960 if (gnutls_auth_get_type(g_session) == GNUTLS_CRD_CERTIFICATE) {
961 if (cert_verify_gnutls(g_session) == 0) {
962 return -1;
963 }
964 }
965 return 0;
966}
967
968#ifndef min
969#define min(a,b) ((a) < (b) ? (a) : (b))
970#endif
971
972static int
973pin_callback(void *user_data, int attempt,
974 const char *token_url COAP_UNUSED,
975 const char *token_label COAP_UNUSED,
976 unsigned int flags COAP_UNUSED,
977 char *pin,
978 size_t pin_max) {
979 coap_dtls_key_t *key = (coap_dtls_key_t *)user_data;
980
981 /* Only do this on first attempt to prevent token lockout */
982 if (attempt == 0 && key && key->key.define.user_pin) {
983 int len = min(pin_max - 1, strlen(key->key.define.user_pin));
984
985 memcpy(pin, key->key.define.user_pin, len);
986 pin[len] = 0;
987 return 0;
988 }
989 return -1;
990}
991
992static int
993check_null_memory(gnutls_datum_t *datum,
994 const uint8_t *buf, size_t len, int *alloced) {
995 datum->size = len;
996 *alloced = 0;
997 if (buf[len-1] != '\000') {
998 /* Need to allocate memory, rather than just copying pointers across */
999 *alloced = 1;
1000 datum->data = gnutls_malloc(len + 1);
1001 if (!datum->data) {
1002 coap_log_err("gnutls_malloc failure\n");
1003 return GNUTLS_E_MEMORY_ERROR;
1004 }
1005 memcpy(datum->data, buf, len);
1006 datum->data[len] = '\000';
1007 datum->size++;
1008 } else {
1009 /* To get around const issue */
1010 memcpy(&datum->data,
1011 &buf, sizeof(datum->data));
1012 }
1013 return 0;
1014}
1015
1016/*
1017 * return 0 Success (GNUTLS_E_SUCCESS)
1018 * neg GNUTLS_E_* error code
1019 */
1020static int
1021setup_pki_credentials(gnutls_certificate_credentials_t *pki_credentials,
1022 gnutls_session_t g_session,
1023 coap_gnutls_context_t *g_context,
1024 coap_dtls_pki_t *setup_data, coap_dtls_role_t role) {
1025 coap_dtls_key_t key;
1026 int ret;
1027 gnutls_datum_t cert;
1028 gnutls_datum_t pkey;
1029 gnutls_datum_t ca;
1030 int alloced_cert_memory = 0;
1031 int alloced_pkey_memory = 0;
1032 int alloced_ca_memory = 0;
1033 int have_done_key = 0;
1034
1035 /* Map over to the new define format to save code duplication */
1036 coap_dtls_map_key_type_to_define(setup_data, &key);
1037
1038 assert(key.key_type == COAP_PKI_KEY_DEFINE);
1039
1040 G_CHECK(gnutls_certificate_allocate_credentials(pki_credentials),
1041 "gnutls_certificate_allocate_credentials");
1042
1043 /*
1044 * Configure the Private Key
1045 */
1046 if (key.key.define.private_key.u_byte &&
1047 key.key.define.private_key.u_byte[0]) {
1048 switch (key.key.define.private_key_def) {
1049 case COAP_PKI_KEY_DEF_PEM: /* define private key */
1050 case COAP_PKI_KEY_DEF_PEM_BUF: /* define private key */
1051 case COAP_PKI_KEY_DEF_DER: /* define private key */
1052 case COAP_PKI_KEY_DEF_DER_BUF: /* define private key */
1053 case COAP_PKI_KEY_DEF_PKCS11: /* define private key */
1054 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define private key */
1055 /* Handled under public key */
1056 break;
1057 case COAP_PKI_KEY_DEF_RPK_BUF: /* define private key */
1058#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1059 /* Handled under public key */
1060 break;
1061#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1062 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1065 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1066#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1067 case COAP_PKI_KEY_DEF_ENGINE: /* define private key */
1068 default:
1071 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1072 }
1073 } else if (role == COAP_DTLS_ROLE_SERVER ||
1075 key.key.define.public_cert.u_byte[0])) {
1078 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1079 }
1080
1081 /*
1082 * Configure the Public Certificate / Key
1083 */
1084 if (key.key.define.public_cert.u_byte &&
1085 key.key.define.public_cert.u_byte[0]) {
1086 /* Both Public and Private keys are handled here and MUST be the same type */
1087 if (!(key.key.define.private_key.s_byte &&
1088 key.key.define.private_key.s_byte[0] &&
1092 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1093 }
1094 switch (key.key.define.public_cert_def) {
1095 case COAP_PKI_KEY_DEF_PEM: /* define public cert */
1096 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1099 GNUTLS_X509_FMT_PEM) < 0)) {
1102 &key, role, ret);
1103 }
1104 break;
1105 case COAP_PKI_KEY_DEF_PEM_BUF: /* define public cert */
1106 if ((ret = check_null_memory(&cert,
1109 &alloced_cert_memory)) < 0) {
1112 &key, role, ret);
1113 }
1114 if ((ret = check_null_memory(&pkey,
1117 &alloced_pkey_memory)) < 0) {
1118 if (alloced_cert_memory)
1119 gnutls_free(cert.data);
1122 &key, role, ret);
1123 }
1124 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1125 &cert,
1126 &pkey,
1127 GNUTLS_X509_FMT_PEM)) < 0) {
1128 if (alloced_cert_memory)
1129 gnutls_free(cert.data);
1130 if (alloced_pkey_memory)
1131 gnutls_free(pkey.data);
1134 &key, role, ret);
1135 }
1136 if (alloced_cert_memory)
1137 gnutls_free(cert.data);
1138 if (alloced_pkey_memory)
1139 gnutls_free(pkey.data);
1140 break;
1141 case COAP_PKI_KEY_DEF_RPK_BUF: /* define public cert */
1142#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1143 if ((ret = check_null_memory(&cert,
1146 &alloced_cert_memory)) < 0) {
1149 &key, role, ret);
1150 }
1151 if ((ret = check_null_memory(&pkey,
1154 &alloced_pkey_memory)) < 0) {
1155 if (alloced_cert_memory)
1156 gnutls_free(cert.data);
1159 &key, role, ret);
1160 }
1161 if (strstr((char *)pkey.data, "-----BEGIN EC PRIVATE KEY-----")) {
1162 gnutls_datum_t der_private;
1163
1164 if (gnutls_pem_base64_decode2("EC PRIVATE KEY", &pkey,
1165 &der_private) == 0) {
1166 coap_binary_t *spki = get_asn1_spki(der_private.data,
1167 der_private.size);
1168
1169 if (spki) {
1170 gnutls_datum_t tspki;
1171
1172 tspki.data = spki->s;
1173 tspki.size = spki->length;
1174 ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1175 &tspki,
1176 &der_private,
1177 GNUTLS_X509_FMT_DER, NULL,
1178 COAP_GNUTLS_KEY_RPK,
1179 NULL, 0, 0);
1180 if (ret >= 0) {
1181 have_done_key = 1;
1182 }
1183 coap_delete_binary(spki);
1184 }
1185 gnutls_free(der_private.data);
1186 }
1187 }
1188 if (!have_done_key) {
1189 if ((ret = gnutls_certificate_set_rawpk_key_mem(*pki_credentials,
1190 &cert,
1191 &pkey,
1192 GNUTLS_X509_FMT_PEM, NULL,
1193 COAP_GNUTLS_KEY_RPK,
1194 NULL, 0, 0)) < 0) {
1195 if (alloced_cert_memory)
1196 gnutls_free(cert.data);
1197 if (alloced_pkey_memory)
1198 gnutls_free(pkey.data);
1201 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1202 }
1203 }
1204 if (alloced_cert_memory)
1205 gnutls_free(cert.data);
1206 if (alloced_pkey_memory)
1207 gnutls_free(pkey.data);
1208 break;
1209#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1210 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1213 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1214#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1215 case COAP_PKI_KEY_DEF_DER: /* define public cert */
1216 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1219 GNUTLS_X509_FMT_DER) < 0)) {
1222 &key, role, ret);
1223 }
1224 break;
1225 case COAP_PKI_KEY_DEF_DER_BUF: /* define public cert */
1226 if ((ret = check_null_memory(&cert,
1229 &alloced_cert_memory)) < 0) {
1232 &key, role, ret);
1233 }
1234 if ((ret = check_null_memory(&pkey,
1237 &alloced_pkey_memory)) < 0) {
1238 if (alloced_cert_memory)
1239 gnutls_free(cert.data);
1242 &key, role, ret);
1243 }
1244 if ((ret = gnutls_certificate_set_x509_key_mem(*pki_credentials,
1245 &cert,
1246 &pkey,
1247 GNUTLS_X509_FMT_DER)) < 0) {
1248 if (alloced_cert_memory)
1249 gnutls_free(cert.data);
1250 if (alloced_pkey_memory)
1251 gnutls_free(pkey.data);
1254 &key, role, ret);
1255 }
1256 if (alloced_cert_memory)
1257 gnutls_free(cert.data);
1258 if (alloced_pkey_memory)
1259 gnutls_free(pkey.data);
1260 break;
1261 case COAP_PKI_KEY_DEF_PKCS11: /* define public cert */
1262 gnutls_pkcs11_set_pin_function(pin_callback, &setup_data->pki_key);
1263 if ((ret = gnutls_certificate_set_x509_key_file(*pki_credentials,
1266 GNUTLS_X509_FMT_DER)) < 0) {
1269 &key, role, ret);
1270 }
1271 break;
1272 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define public cert */
1273#if (GNUTLS_VERSION_NUMBER >= 0x030606)
1274 gnutls_pkcs11_set_pin_function(pin_callback, setup_data);
1275 if ((ret = gnutls_certificate_set_rawpk_key_file(*pki_credentials,
1278 GNUTLS_X509_FMT_PEM, NULL,
1279 COAP_GNUTLS_KEY_RPK,
1280 NULL, 0, GNUTLS_PKCS_PLAIN, 0))) {
1283 &key, role, ret);
1284 }
1285#else /* GNUTLS_VERSION_NUMBER < 0x030606 */
1286 coap_log_err("RPK Support not available (needs gnutls 3.6.6 or later)\n");
1287 return GNUTLS_E_INSUFFICIENT_CREDENTIALS;
1288#endif /* GNUTLS_VERSION_NUMBER < 0x030606 */
1289 break;
1290 case COAP_PKI_KEY_DEF_ENGINE: /* define public cert */
1291 default:
1294 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1295 }
1296 }
1297
1298 /*
1299 * Configure the CA
1300 */
1301 if (setup_data->check_common_ca && key.key.define.ca.u_byte &&
1302 key.key.define.ca.u_byte[0]) {
1303 switch (key.key.define.ca_def) {
1305 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1306 key.key.define.ca.s_byte,
1307 GNUTLS_X509_FMT_PEM) < 0)) {
1310 &key, role, ret);
1311 }
1312 break;
1313 case COAP_PKI_KEY_DEF_PEM_BUF: /* define ca */
1314 if ((ret = check_null_memory(&ca,
1315 key.key.define.ca.u_byte,
1316 key.key.define.ca_len,
1317 &alloced_ca_memory)) < 0) {
1320 &key, role, ret);
1321 }
1322 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1323 &ca,
1324 GNUTLS_X509_FMT_PEM)) < 0) {
1325 if (alloced_ca_memory)
1326 gnutls_free(ca.data);
1329 &key, role, ret);
1330 }
1331 if (alloced_ca_memory)
1332 gnutls_free(ca.data);
1333 break;
1334 case COAP_PKI_KEY_DEF_RPK_BUF: /* define ca */
1335 /* Ignore if set */
1336 break;
1337 case COAP_PKI_KEY_DEF_DER: /* define ca */
1338 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1339 key.key.define.ca.s_byte,
1340 GNUTLS_X509_FMT_DER) < 0)) {
1343 &key, role, ret);
1344 }
1345 break;
1346 case COAP_PKI_KEY_DEF_DER_BUF: /* define ca */
1347 if ((ret = check_null_memory(&ca,
1348 key.key.define.ca.u_byte,
1349 key.key.define.ca_len,
1350 &alloced_ca_memory)) < 0) {
1353 &key, role, ret);
1354 }
1355 if ((ret = gnutls_certificate_set_x509_trust_mem(*pki_credentials,
1356 &ca,
1357 GNUTLS_X509_FMT_DER)) <= 0) {
1358 if (alloced_ca_memory)
1359 gnutls_free(ca.data);
1362 &key, role, ret);
1363 }
1364 if (alloced_ca_memory)
1365 gnutls_free(ca.data);
1366 break;
1367 case COAP_PKI_KEY_DEF_PKCS11: /* define ca */
1368 if ((ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1369 key.key.define.ca.s_byte,
1370 GNUTLS_X509_FMT_DER)) <= 0) {
1373 &key, role, ret);
1374 }
1375 break;
1376 case COAP_PKI_KEY_DEF_PKCS11_RPK: /* define ca */
1377 /* Ignore if set */
1378 break;
1379 case COAP_PKI_KEY_DEF_ENGINE: /* define ca */
1380 default:
1383 &key, role, GNUTLS_E_INSUFFICIENT_CREDENTIALS);
1384 }
1385 }
1386
1387 if (g_context->root_ca_file) {
1388 ret = gnutls_certificate_set_x509_trust_file(*pki_credentials,
1389 g_context->root_ca_file,
1390 GNUTLS_X509_FMT_PEM);
1391 if (ret == 0) {
1392 coap_log_warn("gnutls_certificate_set_x509_trust_file: Root CA: No certificates found\n");
1393 }
1394 }
1395 if (g_context->root_ca_path) {
1396#if (GNUTLS_VERSION_NUMBER >= 0x030306)
1397 G_CHECK(gnutls_certificate_set_x509_trust_dir(*pki_credentials,
1398 g_context->root_ca_path,
1399 GNUTLS_X509_FMT_PEM),
1400 "gnutls_certificate_set_x509_trust_dir");
1401#endif
1402 }
1403 gnutls_certificate_send_x509_rdn_sequence(g_session,
1404 setup_data->check_common_ca ? 0 : 1);
1405 if (!(g_context->psk_pki_enabled & IS_PKI)) {
1406 /* No PKI defined at all - still need a trust set up for 3.6.0 or later */
1407 G_CHECK(gnutls_certificate_set_x509_system_trust(*pki_credentials),
1408 "gnutls_certificate_set_x509_system_trust");
1409 }
1410
1411 /* Verify Peer */
1412 gnutls_certificate_set_verify_function(*pki_credentials,
1413 cert_verify_callback_gnutls);
1414
1415 /* Cert chain checking (can raise GNUTLS_E_CONSTRAINT_ERROR) */
1416 if (setup_data->cert_chain_validation) {
1417 gnutls_certificate_set_verify_limits(*pki_credentials,
1418 0,
1419 setup_data->cert_chain_verify_depth + 2);
1420 }
1421
1422 /*
1423 * Check for self signed
1424 * CRL checking (can raise GNUTLS_CERT_MISSING_OCSP_STATUS)
1425 */
1426 gnutls_certificate_set_verify_flags(*pki_credentials,
1427 (setup_data->check_cert_revocation == 0 ?
1428 GNUTLS_VERIFY_DISABLE_CRL_CHECKS : 0)
1429 );
1430
1431 return GNUTLS_E_SUCCESS;
1432
1433fail:
1434 return ret;
1435}
1436
1437#if COAP_SERVER_SUPPORT
1438/*
1439 * return 0 Success (GNUTLS_E_SUCCESS)
1440 * neg GNUTLS_E_* error code
1441 */
1442static int
1443setup_psk_credentials(gnutls_psk_server_credentials_t *psk_credentials,
1444 coap_gnutls_context_t *g_context COAP_UNUSED,
1445 coap_dtls_spsk_t *setup_data) {
1446 int ret;
1447 char hint[COAP_DTLS_HINT_LENGTH];
1448
1449 G_CHECK(gnutls_psk_allocate_server_credentials(psk_credentials),
1450 "gnutls_psk_allocate_server_credentials");
1451 gnutls_psk_set_server_credentials_function(*psk_credentials,
1452 psk_server_callback);
1453 if (setup_data->psk_info.hint.s) {
1454 snprintf(hint, sizeof(hint), "%.*s", (int)setup_data->psk_info.hint.length,
1455 setup_data->psk_info.hint.s);
1456 G_CHECK(gnutls_psk_set_server_credentials_hint(*psk_credentials, hint),
1457 "gnutls_psk_set_server_credentials_hint");
1458 }
1459
1460 return GNUTLS_E_SUCCESS;
1461
1462fail:
1463 return ret;
1464}
1465
1466/*
1467 * return 0 Success (GNUTLS_E_SUCCESS)
1468 * neg GNUTLS_E_* error code
1469 */
1470static int
1471post_client_hello_gnutls_psk(gnutls_session_t g_session) {
1472 coap_session_t *c_session =
1473 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1474 coap_gnutls_context_t *g_context =
1475 (coap_gnutls_context_t *)c_session->context->dtls_context;
1476 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1477 int ret = GNUTLS_E_SUCCESS;
1478 char *name = NULL;
1479
1481 coap_dtls_spsk_t sni_setup_data;
1482 /* DNS names (only type supported) may be at most 256 byte long */
1483 size_t len = 256;
1484 unsigned int type;
1485 unsigned int i;
1486
1487 name = gnutls_malloc(len);
1488 if (name == NULL)
1489 return GNUTLS_E_MEMORY_ERROR;
1490
1491 for (i=0; ;) {
1492 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1493 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1494 char *new_name;
1495 new_name = gnutls_realloc(name, len);
1496 if (new_name == NULL) {
1497 ret = GNUTLS_E_MEMORY_ERROR;
1498 goto end;
1499 }
1500 name = new_name;
1501 continue; /* retry call with same index */
1502 }
1503
1504 /* check if it is the last entry in list */
1505 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1506 break;
1507 i++;
1508 if (ret != GNUTLS_E_SUCCESS)
1509 goto end;
1510 /* unknown types need to be ignored */
1511 if (type != GNUTLS_NAME_DNS)
1512 continue;
1513
1514 }
1515 /* If no extension provided, make it a dummy entry */
1516 if (i == 0) {
1517 name[0] = '\000';
1518 len = 0;
1519 }
1520
1521 /* Is this a cached entry? */
1522 for (i = 0; i < g_context->psk_sni_count; i++) {
1523 if (strcasecmp(name, g_context->psk_sni_entry_list[i].sni) == 0) {
1524 break;
1525 }
1526 }
1527 if (i == g_context->psk_sni_count) {
1528 /*
1529 * New SNI request
1530 */
1531 const coap_dtls_spsk_info_t *new_entry =
1533 c_session,
1535 if (!new_entry) {
1536 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1537 GNUTLS_A_UNRECOGNIZED_NAME));
1538 g_env->sent_alert = 1;
1539 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1540 goto end;
1541 }
1542
1543 g_context->psk_sni_entry_list =
1544 gnutls_realloc(g_context->psk_sni_entry_list,
1545 (i+1)*sizeof(psk_sni_entry));
1546 g_context->psk_sni_entry_list[i].sni = gnutls_strdup(name);
1547 g_context->psk_sni_entry_list[i].psk_info = *new_entry;
1548 sni_setup_data = c_session->context->spsk_setup_data;
1549 sni_setup_data.psk_info = *new_entry;
1550 if ((ret = setup_psk_credentials(
1551 &g_context->psk_sni_entry_list[i].psk_credentials,
1552 g_context,
1553 &sni_setup_data)) < 0) {
1554 int keep_ret = ret;
1555 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1556 GNUTLS_A_BAD_CERTIFICATE));
1557 g_env->sent_alert = 1;
1558 ret = keep_ret;
1559 goto end;
1560 }
1561 g_context->psk_sni_count++;
1562 }
1563 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1564 g_context->psk_sni_entry_list[i].psk_credentials),
1565 "gnutls_credentials_set");
1567 &g_context->psk_sni_entry_list[i].psk_info.hint);
1569 &g_context->psk_sni_entry_list[i].psk_info.key);
1570 }
1571
1572end:
1573 free(name);
1574 return ret;
1575
1576fail:
1577 return ret;
1578}
1579
1580/*
1581 * return 0 Success (GNUTLS_E_SUCCESS)
1582 * neg GNUTLS_E_* error code
1583 */
1584static int
1585post_client_hello_gnutls_pki(gnutls_session_t g_session) {
1586 coap_session_t *c_session =
1587 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1588 coap_gnutls_context_t *g_context =
1589 (coap_gnutls_context_t *)c_session->context->dtls_context;
1590 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1591 int ret = GNUTLS_E_SUCCESS;
1592 char *name = NULL;
1593
1594 if (g_context->setup_data.validate_sni_call_back) {
1595 /* DNS names (only type supported) may be at most 256 byte long */
1596 size_t len = 256;
1597 unsigned int type;
1598 unsigned int i;
1599 coap_dtls_pki_t sni_setup_data;
1600
1601 name = gnutls_malloc(len);
1602 if (name == NULL)
1603 return GNUTLS_E_MEMORY_ERROR;
1604
1605 for (i=0; ;) {
1606 ret = gnutls_server_name_get(g_session, name, &len, &type, i);
1607 if (ret == GNUTLS_E_SHORT_MEMORY_BUFFER) {
1608 char *new_name;
1609 new_name = gnutls_realloc(name, len);
1610 if (new_name == NULL) {
1611 ret = GNUTLS_E_MEMORY_ERROR;
1612 goto end;
1613 }
1614 name = new_name;
1615 continue; /* retry call with same index */
1616 }
1617
1618 /* check if it is the last entry in list */
1619 if (ret == GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE)
1620 break;
1621 i++;
1622 if (ret != GNUTLS_E_SUCCESS)
1623 goto end;
1624 /* unknown types need to be ignored */
1625 if (type != GNUTLS_NAME_DNS)
1626 continue;
1627
1628 }
1629 /* If no extension provided, make it a dummy entry */
1630 if (i == 0) {
1631 name[0] = '\000';
1632 len = 0;
1633 }
1634
1635 /* Is this a cached entry? */
1636 for (i = 0; i < g_context->pki_sni_count; i++) {
1637 if (strcasecmp(name, g_context->pki_sni_entry_list[i].sni) == 0) {
1638 break;
1639 }
1640 }
1641 if (i == g_context->pki_sni_count) {
1642 /*
1643 * New SNI request
1644 */
1645 coap_dtls_key_t *new_entry =
1646 g_context->setup_data.validate_sni_call_back(name,
1647 g_context->setup_data.sni_call_back_arg);
1648 if (!new_entry) {
1649 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1650 GNUTLS_A_UNRECOGNIZED_NAME));
1651 g_env->sent_alert = 1;
1652 ret = GNUTLS_E_NO_CERTIFICATE_FOUND;
1653 goto end;
1654 }
1655
1656 g_context->pki_sni_entry_list = gnutls_realloc(
1657 g_context->pki_sni_entry_list,
1658 (i+1)*sizeof(pki_sni_entry));
1659 g_context->pki_sni_entry_list[i].sni = gnutls_strdup(name);
1660 g_context->pki_sni_entry_list[i].pki_key = *new_entry;
1661 sni_setup_data = g_context->setup_data;
1662 sni_setup_data.pki_key = *new_entry;
1663 if ((ret = setup_pki_credentials(
1664 &g_context->pki_sni_entry_list[i].pki_credentials,
1665 g_session,
1666 g_context,
1667 &sni_setup_data, COAP_DTLS_ROLE_SERVER)) < 0) {
1668 int keep_ret = ret;
1669 G_ACTION(gnutls_alert_send(g_session, GNUTLS_AL_FATAL,
1670 GNUTLS_A_BAD_CERTIFICATE));
1671 g_env->sent_alert = 1;
1672 ret = keep_ret;
1673 goto end;
1674 }
1675 g_context->pki_sni_count++;
1676 }
1677 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1678 g_context->pki_sni_entry_list[i].pki_credentials),
1679 "gnutls_credentials_set");
1680 }
1681
1682end:
1683 free(name);
1684 return ret;
1685
1686fail:
1687 return ret;
1688}
1689#endif /* COAP_SERVER_SUPPORT */
1690
1691#if COAP_CLIENT_SUPPORT
1692/*
1693 * return 0 Success (GNUTLS_E_SUCCESS)
1694 * neg GNUTLS_E_* error code
1695 */
1696static int
1697setup_client_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1698 coap_gnutls_context_t *g_context =
1699 (coap_gnutls_context_t *)c_session->context->dtls_context;
1700 int ret;
1701
1702 g_context->psk_pki_enabled |= IS_CLIENT;
1703 if (g_context->psk_pki_enabled & IS_PSK) {
1704 coap_dtls_cpsk_t *setup_data = &c_session->cpsk_setup_data;
1705 G_CHECK(gnutls_psk_allocate_client_credentials(&g_env->psk_cl_credentials),
1706 "gnutls_psk_allocate_client_credentials");
1707 gnutls_psk_set_client_credentials_function(g_env->psk_cl_credentials,
1708 psk_client_callback);
1709 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_PSK,
1710 g_env->psk_cl_credentials),
1711 "gnutls_credentials_set");
1712 /* Issue SNI if requested */
1713 if (setup_data->client_sni) {
1714 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1715 setup_data->client_sni,
1716 strlen(setup_data->client_sni)),
1717 "gnutls_server_name_set");
1718 }
1719 if (setup_data->validate_ih_call_back) {
1720 const char *err;
1722
1723 if (tls_version->version >= 0x030604) {
1724 /* Disable TLS1.3 if Identity Hint Callback set */
1725 const char *priority;
1726
1727 if (tls_version->version >= 0x030606) {
1728 priority = VARIANTS_NO_TLS13_3_6_6;
1729 } else {
1730 priority = VARIANTS_NO_TLS13_3_6_4;
1731 }
1732 ret = gnutls_priority_set_direct(g_env->g_session,
1733 priority, &err);
1734 if (ret < 0) {
1735 if (ret == GNUTLS_E_INVALID_REQUEST)
1736 coap_log_warn("gnutls_priority_set_direct: Syntax error at: %s\n", err);
1737 else
1738 coap_log_warn("gnutls_priority_set_direct: %s\n", gnutls_strerror(ret));
1739 goto fail;
1740 }
1741 }
1742 }
1743 }
1744
1745 if ((g_context->psk_pki_enabled & IS_PKI) ||
1746 (g_context->psk_pki_enabled & (IS_PSK | IS_PKI)) == 0) {
1747 /*
1748 * If neither PSK or PKI have been set up, use PKI basics.
1749 * This works providing COAP_PKI_KEY_PEM has a value of 0.
1750 */
1751 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1752 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1753 g_context, setup_data,
1755 "setup_pki_credentials");
1756
1757 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1758 g_env->pki_credentials),
1759 "gnutls_credentials_set");
1760
1761 if (c_session->proto == COAP_PROTO_TLS)
1762 G_CHECK(gnutls_alpn_set_protocols(g_env->g_session,
1763 &g_context->alpn_proto, 1, 0),
1764 "gnutls_alpn_set_protocols");
1765
1766 /* Issue SNI if requested (only happens if PKI defined) */
1767 if (setup_data->client_sni) {
1768 G_CHECK(gnutls_server_name_set(g_env->g_session, GNUTLS_NAME_DNS,
1769 setup_data->client_sni,
1770 strlen(setup_data->client_sni)),
1771 "gnutls_server_name_set");
1772 }
1773 }
1774 return GNUTLS_E_SUCCESS;
1775
1776fail:
1777 return ret;
1778}
1779#endif /* COAP_CLIENT_SUPPORT */
1780
1781#if COAP_SERVER_SUPPORT
1782/*
1783 * gnutls_psk_server_credentials_function return values
1784 * (see gnutls_psk_set_server_credentials_function())
1785 *
1786 * return -1 failed
1787 * 0 passed
1788 */
1789static int
1790psk_server_callback(gnutls_session_t g_session,
1791 const char *identity,
1792 gnutls_datum_t *key) {
1793 coap_session_t *c_session =
1794 (coap_session_t *)gnutls_transport_get_ptr(g_session);
1795 coap_gnutls_context_t *g_context;
1796 coap_dtls_spsk_t *setup_data;
1797 coap_bin_const_t lidentity;
1798 const coap_bin_const_t *psk_key;
1799
1800 if (c_session == NULL)
1801 return -1;
1802
1803 g_context = (coap_gnutls_context_t *)c_session->context->dtls_context;
1804 if (g_context == NULL)
1805 return -1;
1806 setup_data = &c_session->context->spsk_setup_data;
1807
1808
1809 /* Track the Identity being used */
1810 lidentity.s = identity ? (const uint8_t *)identity : (const uint8_t *)"";
1811 lidentity.length = strlen((const char *)lidentity.s);
1812 coap_session_refresh_psk_identity(c_session, &lidentity);
1813
1814 coap_log_debug("got psk_identity: '%.*s'\n",
1815 (int)lidentity.length, (const char *)lidentity.s);
1816
1817 if (setup_data->validate_id_call_back) {
1818 psk_key = setup_data->validate_id_call_back(&lidentity,
1819 c_session,
1820 setup_data->id_call_back_arg);
1821
1822 coap_session_refresh_psk_key(c_session, psk_key);
1823 } else {
1824 psk_key = coap_get_session_server_psk_key(c_session);
1825 }
1826
1827 if (psk_key == NULL)
1828 return -1;
1829
1830 key->data = gnutls_malloc(psk_key->length);
1831 if (key->data == NULL)
1832 return -1;
1833 memcpy(key->data, psk_key->s, psk_key->length);
1834 key->size = psk_key->length;
1835 return 0;
1836}
1837
1838/*
1839 * return 0 Success (GNUTLS_E_SUCCESS)
1840 * neg GNUTLS_E_* error code
1841 */
1842static int
1843setup_server_ssl_session(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
1844 coap_gnutls_context_t *g_context =
1845 (coap_gnutls_context_t *)c_session->context->dtls_context;
1846 int ret = GNUTLS_E_SUCCESS;
1847
1848 g_context->psk_pki_enabled |= IS_SERVER;
1849 if (g_context->psk_pki_enabled & IS_PSK) {
1850 G_CHECK(setup_psk_credentials(
1851 &g_env->psk_sv_credentials,
1852 g_context,
1853 &c_session->context->spsk_setup_data),
1854 "setup_psk_credentials\n");
1855 G_CHECK(gnutls_credentials_set(g_env->g_session,
1856 GNUTLS_CRD_PSK,
1857 g_env->psk_sv_credentials),
1858 "gnutls_credentials_set\n");
1859 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1860 post_client_hello_gnutls_psk);
1861 }
1862
1863 if (g_context->psk_pki_enabled & IS_PKI) {
1864 coap_dtls_pki_t *setup_data = &g_context->setup_data;
1865 G_CHECK(setup_pki_credentials(&g_env->pki_credentials, g_env->g_session,
1866 g_context, setup_data,
1868 "setup_pki_credentials");
1869
1870 if (setup_data->verify_peer_cert) {
1871 gnutls_certificate_server_set_request(g_env->g_session,
1872 GNUTLS_CERT_REQUIRE);
1873 } else if (setup_data->is_rpk_not_cert) {
1874 gnutls_certificate_server_set_request(g_env->g_session,
1875 GNUTLS_CERT_REQUEST);
1876 } else {
1877 gnutls_certificate_server_set_request(g_env->g_session,
1878 GNUTLS_CERT_IGNORE);
1879 }
1880
1881 gnutls_handshake_set_post_client_hello_function(g_env->g_session,
1882 post_client_hello_gnutls_pki);
1883
1884 G_CHECK(gnutls_credentials_set(g_env->g_session, GNUTLS_CRD_CERTIFICATE,
1885 g_env->pki_credentials),
1886 "gnutls_credentials_set\n");
1887 }
1888 return GNUTLS_E_SUCCESS;
1889
1890fail:
1891 return ret;
1892}
1893#endif /* COAP_SERVER_SUPPORT */
1894
1895/*
1896 * return +ve data amount
1897 * 0 no more
1898 * -1 error (error in errno)
1899 */
1900static ssize_t
1901coap_dgram_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
1902 ssize_t ret = 0;
1903 coap_session_t *c_session = (coap_session_t *)context;
1904 coap_ssl_t *data;
1905
1906 if (!c_session->tls) {
1907 errno = EAGAIN;
1908 return -1;
1909 }
1910 data = &((coap_gnutls_env_t *)c_session->tls)->coap_ssl_data;
1911
1912 if (out != NULL) {
1913 if (data != NULL && data->pdu_len > 0) {
1914 if (outl < data->pdu_len) {
1915 memcpy(out, data->pdu, outl);
1916 ret = outl;
1917 if (!data->peekmode) {
1918 data->pdu += outl;
1919 data->pdu_len -= outl;
1920 }
1921 } else {
1922 memcpy(out, data->pdu, data->pdu_len);
1923 ret = data->pdu_len;
1924 if (!data->peekmode) {
1925 data->pdu_len = 0;
1926 data->pdu = NULL;
1927 }
1928 }
1929 } else {
1930 errno = EAGAIN;
1931 ret = -1;
1932 }
1933 }
1934 return ret;
1935}
1936
1937/*
1938 * return +ve data amount
1939 * 0 no more
1940 * -1 error (error in errno)
1941 */
1942/* callback function given to gnutls for sending data over socket */
1943static ssize_t
1944coap_dgram_write(gnutls_transport_ptr_t context, const void *send_buffer,
1945 size_t send_buffer_length) {
1946 ssize_t result = -1;
1947 coap_session_t *c_session = (coap_session_t *)context;
1948
1949 if (c_session) {
1950 if (!coap_netif_available(c_session)
1951#if COAP_SERVER_SUPPORT
1952 && c_session->endpoint == NULL
1953#endif /* COAP_SERVER_SUPPORT */
1954 ) {
1955 /* socket was closed on client due to error */
1956 errno = ECONNRESET;
1957 return -1;
1958 }
1959 result = c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session,
1960 send_buffer, send_buffer_length);
1961 if (result != (int)send_buffer_length) {
1962 coap_log_warn("coap_netif_dgrm_write failed (%zd != %zu)\n",
1963 result, send_buffer_length);
1964 result = 0;
1965 }
1966 } else {
1967 result = 0;
1968 }
1969 return result;
1970}
1971
1972/*
1973 * return 1 fd has activity
1974 * 0 timeout
1975 * -1 error (error in errno)
1976 */
1977static int
1978receive_timeout(gnutls_transport_ptr_t context, unsigned int ms COAP_UNUSED) {
1979 coap_session_t *c_session = (coap_session_t *)context;
1980
1981 if (c_session) {
1982 fd_set readfds, writefds, exceptfds;
1983 struct timeval tv;
1984 int nfds = c_session->sock.fd +1;
1985 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
1986
1987 /* If data has been read in by libcoap ahead of GnuTLS, say it is there */
1988 if (c_session->proto == COAP_PROTO_DTLS && g_env &&
1989 g_env->coap_ssl_data.pdu_len > 0) {
1990 return 1;
1991 }
1992
1993 FD_ZERO(&readfds);
1994 FD_ZERO(&writefds);
1995 FD_ZERO(&exceptfds);
1996 FD_SET(c_session->sock.fd, &readfds);
1997 if (!(g_env && g_env->doing_dtls_timeout)) {
1998 FD_SET(c_session->sock.fd, &writefds);
1999 FD_SET(c_session->sock.fd, &exceptfds);
2000 }
2001 /* Polling */
2002 tv.tv_sec = 0;
2003 tv.tv_usec = 0;
2004
2005 return select(nfds, &readfds, &writefds, &exceptfds, &tv);
2006 }
2007 return 1;
2008}
2009
2010static coap_gnutls_env_t *
2011coap_dtls_new_gnutls_env(coap_session_t *c_session, int type) {
2012 coap_gnutls_context_t *g_context =
2013 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2014 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2015#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2016 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2017#else /* < 3.6.6 */
2018 int flags = type | GNUTLS_DATAGRAM | GNUTLS_NONBLOCK;
2019#endif /* < 3.6.6 */
2020 int ret;
2021
2022 if (g_env)
2023 return g_env;
2024
2025 g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2026 if (!g_env)
2027 return NULL;
2028
2029 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2030
2031 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2032
2033 gnutls_transport_set_pull_function(g_env->g_session, coap_dgram_read);
2034 gnutls_transport_set_push_function(g_env->g_session, coap_dgram_write);
2035 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2036 /* So we can track the coap_session_t in callbacks */
2037 gnutls_transport_set_ptr(g_env->g_session, c_session);
2038
2039 G_CHECK(gnutls_priority_set(g_env->g_session, g_context->priority_cache),
2040 "gnutls_priority_set");
2041
2042 if (type == GNUTLS_SERVER) {
2043#if COAP_SERVER_SUPPORT
2044 G_CHECK(setup_server_ssl_session(c_session, g_env),
2045 "setup_server_ssl_session");
2046#else /* ! COAP_SERVER_SUPPORT */
2047 goto fail;
2048#endif /* ! COAP_SERVER_SUPPORT */
2049 } else {
2050#if COAP_CLIENT_SUPPORT
2051 G_CHECK(setup_client_ssl_session(c_session, g_env),
2052 "setup_client_ssl_session");
2053#else /* COAP_CLIENT_SUPPORT */
2054 goto fail;
2055#endif /* COAP_CLIENT_SUPPORT */
2056 }
2057
2058 gnutls_handshake_set_timeout(g_env->g_session,
2059 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2060 gnutls_dtls_set_timeouts(g_env->g_session, COAP_DTLS_RETRANSMIT_MS,
2061 COAP_DTLS_RETRANSMIT_TOTAL_MS);
2062
2063 return g_env;
2064
2065fail:
2066 if (g_env)
2067 gnutls_free(g_env);
2068 return NULL;
2069}
2070
2071static void
2072coap_dtls_free_gnutls_env(coap_gnutls_context_t *g_context,
2073 coap_gnutls_env_t *g_env,
2074 coap_free_bye_t free_bye) {
2075 if (g_env) {
2076 /* It is suggested not to use GNUTLS_SHUT_RDWR in DTLS
2077 * connections because the peer's closure message might
2078 * be lost */
2079 if (free_bye != COAP_FREE_BYE_NONE && !g_env->sent_alert) {
2080 /* Only do this if appropriate */
2081 gnutls_bye(g_env->g_session, free_bye == COAP_FREE_BYE_AS_UDP ?
2082 GNUTLS_SHUT_WR : GNUTLS_SHUT_RDWR);
2083 }
2084 gnutls_deinit(g_env->g_session);
2085 g_env->g_session = NULL;
2086 if (g_context->psk_pki_enabled & IS_PSK) {
2087 if ((g_context->psk_pki_enabled & IS_CLIENT) &&
2088 g_env->psk_cl_credentials != NULL) {
2089 gnutls_psk_free_client_credentials(g_env->psk_cl_credentials);
2090 g_env->psk_cl_credentials = NULL;
2091 } else {
2092 /* YUK - A memory leak in 3.3.0 (fixed by 3.3.26) of hint */
2093 if (g_env->psk_sv_credentials != NULL)
2094 gnutls_psk_free_server_credentials(g_env->psk_sv_credentials);
2095 g_env->psk_sv_credentials = NULL;
2096 }
2097 }
2098 if ((g_context->psk_pki_enabled & IS_PKI) ||
2099 (g_context->psk_pki_enabled &
2100 (IS_PSK | IS_PKI | IS_CLIENT)) == IS_CLIENT) {
2101 gnutls_certificate_free_credentials(g_env->pki_credentials);
2102 g_env->pki_credentials = NULL;
2103 }
2104 gnutls_free(g_env->coap_ssl_data.cookie_key.data);
2105 gnutls_free(g_env);
2106 }
2107}
2108
2109#if COAP_SERVER_SUPPORT
2110void *
2112 coap_gnutls_env_t *g_env =
2113 (coap_gnutls_env_t *)c_session->tls;
2114
2115 gnutls_transport_set_ptr(g_env->g_session, c_session);
2116
2117 return g_env;
2118}
2119#endif /* COAP_SERVER_SUPPORT */
2120
2121static void
2122log_last_alert(coap_session_t *c_session,
2123 gnutls_session_t g_session) {
2124#if COAP_MAX_LOGGING_LEVEL > 0
2125 int last_alert = gnutls_alert_get(g_session);
2126
2127 if (last_alert == GNUTLS_A_CLOSE_NOTIFY)
2128 coap_log_debug("***%s: Alert '%d': %s\n",
2129 coap_session_str(c_session),
2130 last_alert, gnutls_alert_get_name(last_alert));
2131 else
2132 coap_log_warn("***%s: Alert '%d': %s\n",
2133 coap_session_str(c_session),
2134 last_alert, gnutls_alert_get_name(last_alert));
2135#else /* COAP_MAX_LOGGING_LEVEL == 0 */
2136 (void)c_session;
2137 (void)g_session;
2138#endif /* COAP_MAX_LOGGING_LEVEL == 0 */
2139}
2140
2141/*
2142 * return -1 failure
2143 * 0 not completed
2144 * 1 established
2145 */
2146static int
2147do_gnutls_handshake(coap_session_t *c_session, coap_gnutls_env_t *g_env) {
2148 int ret;
2149
2150 ret = gnutls_handshake(g_env->g_session);
2151 switch (ret) {
2152 case GNUTLS_E_SUCCESS:
2153 g_env->established = 1;
2154 coap_log_debug("* %s: GnuTLS established\n",
2155 coap_session_str(c_session));
2156 ret = 1;
2157 break;
2158 case GNUTLS_E_INTERRUPTED:
2159 errno = EINTR;
2160 ret = 0;
2161 break;
2162 case GNUTLS_E_AGAIN:
2163 errno = EAGAIN;
2164 ret = 0;
2165 break;
2166 case GNUTLS_E_INSUFFICIENT_CREDENTIALS:
2167 coap_log_warn("Insufficient credentials provided.\n");
2168 ret = -1;
2169 break;
2170 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2171 /* Stop the sending of an alert on closedown */
2172 g_env->sent_alert = 1;
2173 log_last_alert(c_session, g_env->g_session);
2174 /* Fall through */
2175 case GNUTLS_E_UNEXPECTED_HANDSHAKE_PACKET:
2176 case GNUTLS_E_UNEXPECTED_PACKET:
2178 ret = -1;
2179 break;
2180 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2181 log_last_alert(c_session, g_env->g_session);
2182 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2183 ret = 0;
2184 break;
2185 case GNUTLS_E_NO_CERTIFICATE_FOUND:
2186#if (GNUTLS_VERSION_NUMBER > 0x030606)
2187 case GNUTLS_E_CERTIFICATE_REQUIRED:
2188#endif /* GNUTLS_VERSION_NUMBER > 0x030606 */
2189 coap_log_warn("Client Certificate requested and required, but not provided\n"
2190 );
2191 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2192 GNUTLS_A_BAD_CERTIFICATE));
2193 g_env->sent_alert = 1;
2195 ret = -1;
2196 break;
2197 case GNUTLS_E_DECRYPTION_FAILED:
2198 coap_log_warn("do_gnutls_handshake: session establish "
2199 "returned '%s'\n",
2200 gnutls_strerror(ret));
2201 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2202 GNUTLS_A_DECRYPT_ERROR));
2203 g_env->sent_alert = 1;
2205 ret = -1;
2206 break;
2207 case GNUTLS_E_CERTIFICATE_ERROR:
2208 if (g_env->sent_alert) {
2210 ret = -1;
2211 break;
2212 }
2213 /* Fall through */
2214 case GNUTLS_E_UNKNOWN_CIPHER_SUITE:
2215 case GNUTLS_E_NO_CIPHER_SUITES:
2216 case GNUTLS_E_INVALID_SESSION:
2217 coap_log_warn("do_gnutls_handshake: session establish "
2218 "returned '%s'\n",
2219 gnutls_strerror(ret));
2220 if (!g_env->sent_alert) {
2221 G_ACTION(gnutls_alert_send(g_env->g_session, GNUTLS_AL_FATAL,
2222 GNUTLS_A_HANDSHAKE_FAILURE));
2223 g_env->sent_alert = 1;
2224 }
2226 ret = -1;
2227 break;
2228 case GNUTLS_E_SESSION_EOF:
2229 case GNUTLS_E_PREMATURE_TERMINATION:
2230 case GNUTLS_E_TIMEDOUT:
2231 case GNUTLS_E_PULL_ERROR:
2232 case GNUTLS_E_PUSH_ERROR:
2234 ret = -1;
2235 break;
2236 default:
2237 coap_log_warn("do_gnutls_handshake: session establish "
2238 "returned %d: '%s'\n",
2239 ret, gnutls_strerror(ret));
2240 ret = -1;
2241 break;
2242 }
2243 return ret;
2244}
2245
2246#if COAP_CLIENT_SUPPORT
2247void *
2249 coap_gnutls_env_t *g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_CLIENT);
2250 int ret;
2251
2252 if (g_env) {
2253 ret = do_gnutls_handshake(c_session, g_env);
2254 if (ret == -1) {
2255 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2256 g_env,
2257 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2258 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2259 return NULL;
2260 }
2261 }
2262 return g_env;
2263}
2264#endif /* COAP_CLIENT_SUPPORT */
2265
2266void
2268 if (c_session && c_session->context && c_session->tls) {
2269 coap_dtls_free_gnutls_env(c_session->context->dtls_context,
2270 c_session->tls,
2271 COAP_PROTO_NOT_RELIABLE(c_session->proto) ?
2272 COAP_FREE_BYE_AS_UDP : COAP_FREE_BYE_AS_TCP);
2273 c_session->tls = NULL;
2275 }
2276}
2277
2278void
2280 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2281 int ret;
2282
2283 if (g_env)
2284 G_CHECK(gnutls_dtls_set_data_mtu(g_env->g_session,
2285 (unsigned int)c_session->mtu),
2286 "gnutls_dtls_set_data_mtu");
2287fail:
2288 ;;
2289}
2290
2291/*
2292 * return +ve data amount
2293 * 0 no more
2294 * -1 error
2295 */
2296ssize_t
2298 const uint8_t *data, size_t data_len) {
2299 int ret;
2300 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2301
2302 assert(g_env != NULL);
2303
2304 c_session->dtls_event = -1;
2305 if (g_env->established) {
2306 ret = gnutls_record_send(g_env->g_session, data, data_len);
2307
2308 if (ret <= 0) {
2309 switch (ret) {
2310 case GNUTLS_E_AGAIN:
2311 ret = 0;
2312 break;
2313 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2314 /* Stop the sending of an alert on closedown */
2315 g_env->sent_alert = 1;
2316 log_last_alert(c_session, g_env->g_session);
2318 ret = -1;
2319 break;
2320 default:
2321 coap_log_debug("coap_dtls_send: gnutls_record_send "
2322 "returned %d: '%s'\n",
2323 ret, gnutls_strerror(ret));
2324 ret = -1;
2325 break;
2326 }
2327 if (ret == -1) {
2328 coap_log_warn("coap_dtls_send: cannot send PDU\n");
2329 }
2330 }
2331 } else {
2332 ret = do_gnutls_handshake(c_session, g_env);
2333 if (ret == 1) {
2334 /* Just connected, so send the data */
2335 return coap_dtls_send(c_session, data, data_len);
2336 }
2337 ret = -1;
2338 }
2339
2340 if (c_session->dtls_event >= 0) {
2341 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2342 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2343 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2345 ret = -1;
2346 }
2347 }
2348
2349 if (ret > 0) {
2350 if (ret == (ssize_t)data_len)
2351 coap_log_debug("* %s: dtls: sent %4d bytes\n",
2352 coap_session_str(c_session), ret);
2353 else
2354 coap_log_debug("* %s: dtls: sent %4d of %4zd bytes\n",
2355 coap_session_str(c_session), ret, data_len);
2356 }
2357 return ret;
2358}
2359
2360int
2362 return 0;
2363}
2364
2366coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED) {
2367 return 0;
2368}
2369
2372 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2373
2374 assert(c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2375 if (g_env && g_env->g_session) {
2376 unsigned int rem_ms = gnutls_dtls_get_timeout(g_env->g_session);
2377
2378 if (rem_ms == 0) {
2379 /*
2380 * Need to make sure that we do not do this too frequently as some
2381 * versions of gnutls reset retransmit if a spurious packet is received
2382 * (e.g. duplicate Client Hello), but last_transmit does not get updated
2383 * when gnutls_handshake() is called and there is 'nothing' to resend.
2384 */
2385 if (g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS > now)
2386 return g_env->last_timeout + COAP_DTLS_RETRANSMIT_COAP_TICKS;
2387 }
2388 /* Reset for the next time */
2389 g_env->last_timeout = now;
2390 return now + rem_ms;
2391 }
2392
2393 return 0;
2394}
2395
2396/*
2397 * return 1 timed out
2398 * 0 still timing out
2399 */
2400int
2402 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2403
2404 assert(g_env != NULL && c_session->state == COAP_SESSION_STATE_HANDSHAKE);
2405 g_env->doing_dtls_timeout = 1;
2406 if ((++c_session->dtls_timeout_count > c_session->max_retransmit) ||
2407 (do_gnutls_handshake(c_session, g_env) < 0)) {
2408 /* Too many retries */
2409 g_env->doing_dtls_timeout = 0;
2411 return 1;
2412 } else {
2413 g_env->doing_dtls_timeout = 0;
2414 return 0;
2415 }
2416}
2417
2418/*
2419 * return +ve data amount
2420 * 0 no more
2421 * -1 error
2422 */
2423int
2424coap_dtls_receive(coap_session_t *c_session, const uint8_t *data,
2425 size_t data_len) {
2426 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2427 int ret = 0;
2428 coap_ssl_t *ssl_data = &g_env->coap_ssl_data;
2429
2430 uint8_t pdu[COAP_RXBUFFER_SIZE];
2431
2432 assert(g_env != NULL);
2433
2434 if (ssl_data->pdu_len)
2435 coap_log_err("** %s: Previous data not read %u bytes\n",
2436 coap_session_str(c_session), ssl_data->pdu_len);
2437 ssl_data->pdu = data;
2438 ssl_data->pdu_len = data_len;
2439
2440 c_session->dtls_event = -1;
2441 if (g_env->established) {
2442 if (c_session->state == COAP_SESSION_STATE_HANDSHAKE) {
2444 c_session);
2445 gnutls_transport_set_ptr(g_env->g_session, c_session);
2446 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2447 }
2448 ret = gnutls_record_recv(g_env->g_session, pdu, (int)sizeof(pdu));
2449 if (ret > 0) {
2450 return coap_handle_dgram(c_session->context, c_session, pdu, (size_t)ret);
2451 } else if (ret == 0) {
2453 } else {
2454 switch (ret) {
2455 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2456 /* Stop the sending of an alert on closedown */
2457 g_env->sent_alert = 1;
2458 log_last_alert(c_session, g_env->g_session);
2460 ret = -1;
2461 break;
2462 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2463 log_last_alert(c_session, g_env->g_session);
2464 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2465 ret = 0;
2466 break;
2467 default:
2468 coap_log_warn("coap_dtls_receive: gnutls_record_recv returned %d\n", ret);
2469 ret = -1;
2470 break;
2471 }
2472 }
2473 } else {
2474 ret = do_gnutls_handshake(c_session, g_env);
2475 if (ret == 1) {
2476 coap_session_connected(c_session);
2477 } else {
2478 ret = -1;
2479 if (ssl_data->pdu_len && !g_env->sent_alert) {
2480 /* Do the handshake again incase of internal timeout */
2481 ret = do_gnutls_handshake(c_session, g_env);
2482 if (ret == 1) {
2483 /* Just connected, so send the data */
2484 coap_session_connected(c_session);
2485 }
2486 }
2487 }
2488 }
2489
2490 if (c_session->dtls_event >= 0) {
2491 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2492 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2493 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2494 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2495 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2497 ssl_data = NULL;
2498 ret = -1;
2499 }
2500 }
2501 if (ssl_data && ssl_data->pdu_len) {
2502 /* pdu data is held on stack which will not stay there */
2503 coap_log_debug("coap_dtls_receive: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2504 ssl_data->pdu_len = 0;
2505 ssl_data->pdu = NULL;
2506 }
2507 if (ret > 0) {
2508 coap_log_debug("* %s: dtls: recv %4d bytes\n",
2509 coap_session_str(c_session), ret);
2510 }
2511 return ret;
2512}
2513
2514#if COAP_SERVER_SUPPORT
2515/*
2516 * return -1 failure
2517 * 0 not completed
2518 * 1 client hello seen
2519 */
2520int
2522 const uint8_t *data,
2523 size_t data_len
2524 ) {
2525 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2526 coap_ssl_t *ssl_data;
2527 int ret;
2528
2529 if (!g_env) {
2530 g_env = coap_dtls_new_gnutls_env(c_session, GNUTLS_SERVER);
2531 if (g_env) {
2532 c_session->tls = g_env;
2533 gnutls_key_generate(&g_env->coap_ssl_data.cookie_key,
2534 GNUTLS_COOKIE_KEY_SIZE);
2535 } else {
2536 /* error should have already been reported */
2537 return -1;
2538 }
2539 }
2540 if (data_len > 0) {
2541 gnutls_dtls_prestate_st prestate;
2542 uint8_t *data_rw;
2543
2544 memset(&prestate, 0, sizeof(prestate));
2545 /* Need to do this to not get a compiler warning about const parameters */
2546 memcpy(&data_rw, &data, sizeof(data_rw));
2547 ret = gnutls_dtls_cookie_verify(&g_env->coap_ssl_data.cookie_key,
2548 &c_session->addr_info,
2549 sizeof(c_session->addr_info),
2550 data_rw, data_len,
2551 &prestate);
2552 if (ret < 0) { /* cookie not valid */
2553 coap_log_debug("Invalid Cookie - sending Hello Verify\n");
2554 gnutls_dtls_cookie_send(&g_env->coap_ssl_data.cookie_key,
2555 &c_session->addr_info,
2556 sizeof(c_session->addr_info),
2557 &prestate,
2558 c_session,
2559 coap_dgram_write);
2560 return 0;
2561 }
2562 gnutls_dtls_prestate_set(g_env->g_session, &prestate);
2563 }
2564
2565 ssl_data = &g_env->coap_ssl_data;
2566 ssl_data->pdu = data;
2567 ssl_data->pdu_len = data_len;
2568
2569 ret = do_gnutls_handshake(c_session, g_env);
2570 if (ret < 0) {
2571 /*
2572 * as the above failed, need to remove g_env to clean up any
2573 * pollution of the information
2574 */
2575 coap_dtls_free_gnutls_env(((coap_gnutls_context_t *)c_session->context->dtls_context),
2576 g_env, COAP_FREE_BYE_NONE);
2577 c_session->tls = NULL;
2578 ssl_data = NULL;
2579 ret = -1;
2580 } else {
2581 /* Client Hello has been seen */
2582 ret = 1;
2583 }
2584
2585 if (ssl_data && ssl_data->pdu_len) {
2586 /* pdu data is held on stack which will not stay there */
2587 coap_log_debug("coap_dtls_hello: ret %d: remaining data %u\n", ret, ssl_data->pdu_len);
2588 ssl_data->pdu_len = 0;
2589 ssl_data->pdu = NULL;
2590 }
2591 return ret;
2592}
2593#endif /* COAP_SERVER_SUPPORT */
2594
2595unsigned int
2597 return 37;
2598}
2599
2600#if !COAP_DISABLE_TCP
2601/*
2602 * strm
2603 * return +ve data amount
2604 * 0 connection closed
2605 * -1 error (error in errno)
2606 */
2607static ssize_t
2608coap_sock_read(gnutls_transport_ptr_t context, void *out, size_t outl) {
2609 int ret = 0;
2610 coap_session_t *c_session = (coap_session_t *)context;
2611
2612 if (out != NULL) {
2613 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_read(c_session, out, outl);
2614 /* Translate layer returns into what GnuTLS expects */
2615 if (ret == 0) {
2616 errno = EAGAIN;
2617 ret = -1;
2618 }
2619 }
2620 return ret;
2621}
2622
2623/*
2624 * strm
2625 * return +ve data amount
2626 * 0 no more
2627 * -1 error (error in errno)
2628 */
2629static ssize_t
2630coap_sock_write(gnutls_transport_ptr_t context, const void *in, size_t inl) {
2631 int ret = 0;
2632 coap_session_t *c_session = (coap_session_t *)context;
2633
2634 ret = (int)c_session->sock.lfunc[COAP_LAYER_TLS].l_write(c_session, in, inl);
2635 /* Translate layer what returns into what GnuTLS expects */
2636 if (ret < 0) {
2637 if ((c_session->state == COAP_SESSION_STATE_CSM ||
2638 c_session->state == COAP_SESSION_STATE_HANDSHAKE) &&
2639 (errno == EPIPE || errno == ECONNRESET)) {
2640 /*
2641 * Need to handle a TCP timing window where an agent continues with
2642 * the sending of the next handshake or a CSM.
2643 * However, the peer does not like a certificate and so sends a
2644 * fatal alert and closes the TCP session.
2645 * The sending of the next handshake or CSM may get terminated because
2646 * of the closed TCP session, but there is still an outstanding alert
2647 * to be read in and reported on.
2648 * In this case, pretend that sending the info was fine so that the
2649 * alert can be read (which effectively is what happens with DTLS).
2650 */
2651 ret = inl;
2652 } else {
2653 coap_log_debug("* %s: failed to send %zd bytes (%s) state %d\n",
2654 coap_session_str(c_session), inl, coap_socket_strerror(),
2655 c_session->state);
2656 }
2657 }
2658 if (ret == 0) {
2659 errno = EAGAIN;
2660 ret = -1;
2661 }
2662 return ret;
2663}
2664
2665#if COAP_CLIENT_SUPPORT
2666void *
2668 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2669 coap_gnutls_context_t *g_context =
2670 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2671#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2672 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2673#else /* < 3.6.6 */
2674 int flags = GNUTLS_CLIENT | GNUTLS_NONBLOCK;
2675#endif /* < 3.6.6 */
2676 int ret;
2677
2678 if (!g_env) {
2679 return NULL;
2680 }
2681 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2682
2683 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2684
2685 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2686 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2687 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2688 /* So we can track the coap_session_t in callbacks */
2689 gnutls_transport_set_ptr(g_env->g_session, c_session);
2690
2691 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2692 setup_client_ssl_session(c_session, g_env);
2693
2694 gnutls_handshake_set_timeout(g_env->g_session, GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2695
2696 c_session->tls = g_env;
2697 ret = do_gnutls_handshake(c_session, g_env);
2698 if (ret == 1) {
2700 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2701 }
2702 return g_env;
2703
2704fail:
2705 if (g_env)
2706 gnutls_free(g_env);
2707 return NULL;
2708}
2709#endif /* COAP_CLIENT_SUPPORT */
2710
2711#if COAP_SERVER_SUPPORT
2712void *
2714 coap_gnutls_env_t *g_env = gnutls_malloc(sizeof(coap_gnutls_env_t));
2715 coap_gnutls_context_t *g_context =
2716 ((coap_gnutls_context_t *)c_session->context->dtls_context);
2717#if (GNUTLS_VERSION_NUMBER >= 0x030606)
2718 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK | GNUTLS_ENABLE_RAWPK;
2719#else /* < 3.6.6 */
2720 int flags = GNUTLS_SERVER | GNUTLS_NONBLOCK;
2721#endif /* < 3.6.6 */
2722 int ret;
2723
2724 if (!g_env)
2725 return NULL;
2726 memset(g_env, 0, sizeof(coap_gnutls_env_t));
2727
2728 G_CHECK(gnutls_init(&g_env->g_session, flags), "gnutls_init");
2729
2730 gnutls_transport_set_pull_function(g_env->g_session, coap_sock_read);
2731 gnutls_transport_set_push_function(g_env->g_session, coap_sock_write);
2732 gnutls_transport_set_pull_timeout_function(g_env->g_session, receive_timeout);
2733 /* So we can track the coap_session_t in callbacks */
2734 gnutls_transport_set_ptr(g_env->g_session, c_session);
2735
2736 setup_server_ssl_session(c_session, g_env);
2737
2738 gnutls_priority_set(g_env->g_session, g_context->priority_cache);
2739 gnutls_handshake_set_timeout(g_env->g_session,
2740 GNUTLS_DEFAULT_HANDSHAKE_TIMEOUT);
2741
2742 c_session->tls = g_env;
2743 ret = do_gnutls_handshake(c_session, g_env);
2744 if (ret == 1) {
2746 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2747 }
2748 return g_env;
2749
2750fail:
2751 return NULL;
2752}
2753#endif /* COAP_SERVER_SUPPORT */
2754
2755void
2757 coap_dtls_free_session(c_session);
2758 return;
2759}
2760
2761/*
2762 * strm
2763 * return +ve Number of bytes written.
2764 * -1 Error (error in errno).
2765 */
2766ssize_t
2767coap_tls_write(coap_session_t *c_session, const uint8_t *data,
2768 size_t data_len) {
2769 int ret;
2770 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2771
2772 assert(g_env != NULL);
2773
2774 c_session->dtls_event = -1;
2775 if (g_env->established) {
2776 ret = gnutls_record_send(g_env->g_session, data, data_len);
2777
2778 if (ret <= 0) {
2779 switch (ret) {
2780 case GNUTLS_E_AGAIN:
2781 ret = 0;
2782 break;
2783 case GNUTLS_E_PUSH_ERROR:
2784 case GNUTLS_E_PULL_ERROR:
2785 case GNUTLS_E_PREMATURE_TERMINATION:
2787 break;
2788 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2789 /* Stop the sending of an alert on closedown */
2790 g_env->sent_alert = 1;
2791 log_last_alert(c_session, g_env->g_session);
2793 break;
2794 default:
2795 coap_log_warn("coap_tls_write: gnutls_record_send "
2796 "returned %d: '%s'\n",
2797 ret, gnutls_strerror(ret));
2798 ret = -1;
2799 break;
2800 }
2801 if (ret == -1) {
2802 coap_log_info("coap_tls_write: cannot send PDU\n");
2803 }
2804 }
2805 } else {
2806 ret = do_gnutls_handshake(c_session, g_env);
2807 if (ret == 1) {
2809 c_session);
2810 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2811 ret = 0;
2812 } else {
2813 ret = -1;
2814 }
2815 }
2816
2817 if (c_session->dtls_event >= 0) {
2818 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2819 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2820 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2821 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2822 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2824 ret = -1;
2825 }
2826 }
2827
2828 if (ret > 0) {
2829 if (ret == (ssize_t)data_len)
2830 coap_log_debug("* %s: tls: sent %4d bytes\n",
2831 coap_session_str(c_session), ret);
2832 else
2833 coap_log_debug("* %s: tls: sent %4d of %4zd bytes\n",
2834 coap_session_str(c_session), ret, data_len);
2835 }
2836 return ret;
2837}
2838
2839/*
2840 * strm
2841 * return >=0 Number of bytes read.
2842 * -1 Error (error in errno).
2843 */
2844ssize_t
2845coap_tls_read(coap_session_t *c_session, uint8_t *data, size_t data_len) {
2846 coap_gnutls_env_t *g_env = (coap_gnutls_env_t *)c_session->tls;
2847 int ret = -1;
2848
2849 if (!g_env) {
2850 errno = ENXIO;
2851 return -1;
2852 }
2853
2854 c_session->dtls_event = -1;
2855 if (!g_env->established && !g_env->sent_alert) {
2856 ret = do_gnutls_handshake(c_session, g_env);
2857 if (ret == 1) {
2859 c_session);
2860 c_session->sock.lfunc[COAP_LAYER_TLS].l_establish(c_session);
2861 ret = 0;
2862 }
2863 }
2864 if (c_session->state != COAP_SESSION_STATE_NONE && g_env->established) {
2865 ret = gnutls_record_recv(g_env->g_session, data, (int)data_len);
2866 if (ret <= 0) {
2867 switch (ret) {
2868 case 0:
2870 break;
2871 case GNUTLS_E_AGAIN:
2872 errno = EAGAIN;
2873 ret = 0;
2874 break;
2875 case GNUTLS_E_PULL_ERROR:
2876 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2877 break;
2878 case GNUTLS_E_FATAL_ALERT_RECEIVED:
2879 /* Stop the sending of an alert on closedown */
2880 g_env->sent_alert = 1;
2881 log_last_alert(c_session, g_env->g_session);
2883 break;
2884 case GNUTLS_E_WARNING_ALERT_RECEIVED:
2885 log_last_alert(c_session, g_env->g_session);
2886 c_session->dtls_event = COAP_EVENT_DTLS_ERROR;
2887 break;
2888 default:
2889 coap_log_warn("coap_tls_read: gnutls_record_recv "
2890 "returned %d: '%s'\n",
2891 ret, gnutls_strerror(ret));
2892 ret = -1;
2893 break;
2894 }
2895 }
2896 }
2897
2898 if (c_session->dtls_event >= 0) {
2899 /* COAP_EVENT_DTLS_CLOSED event reported in coap_session_disconnected_lkd() */
2900 if (c_session->dtls_event != COAP_EVENT_DTLS_CLOSED)
2901 coap_handle_event_lkd(c_session->context, c_session->dtls_event, c_session);
2902 if (c_session->dtls_event == COAP_EVENT_DTLS_ERROR ||
2903 c_session->dtls_event == COAP_EVENT_DTLS_CLOSED) {
2905 ret = -1;
2906 }
2907 }
2908 if (ret > 0) {
2909 coap_log_debug("* %s: tls: recv %4d bytes\n",
2910 coap_session_str(c_session), ret);
2911 }
2912 return ret;
2913}
2914#endif /* !COAP_DISABLE_TCP */
2915
2916#if COAP_SERVER_SUPPORT
2918coap_digest_setup(void) {
2919 gnutls_hash_hd_t digest_ctx;
2920
2921 if (gnutls_hash_init(&digest_ctx, GNUTLS_DIG_SHA256)) {
2922 return NULL;
2923 }
2924 return digest_ctx;
2925}
2926
2927void
2929 gnutls_hash_deinit(digest_ctx, NULL);
2930}
2931
2932int
2934 const uint8_t *data,
2935 size_t data_len) {
2936 int ret = gnutls_hash(digest_ctx, data, data_len);
2937
2938 return ret == 0;
2939}
2940
2941int
2943 coap_digest_t *digest_buffer) {
2944 gnutls_hash_output(digest_ctx, (uint8_t *)digest_buffer);
2945
2946 coap_digest_free(digest_ctx);
2947 return 1;
2948}
2949#endif /* COAP_SERVER_SUPPORT */
2950
2951#if COAP_WS_SUPPORT
2952/*
2953 * The struct hash_algs and the function get_hash_alg() are used to
2954 * determine which hash type to use for creating the required hash object.
2955 */
2956static struct hash_algs {
2957 cose_alg_t alg;
2958 gnutls_digest_algorithm_t dig_type;
2959 size_t dig_size;
2960} hashs[] = {
2961 {COSE_ALGORITHM_SHA_1, GNUTLS_DIG_SHA1, 20},
2962 {COSE_ALGORITHM_SHA_256_256, GNUTLS_DIG_SHA256, 32},
2963 {COSE_ALGORITHM_SHA_512, GNUTLS_DIG_SHA512, 64},
2964};
2965
2966static gnutls_digest_algorithm_t
2967get_hash_alg(cose_alg_t alg, size_t *hash_len) {
2968 size_t idx;
2969
2970 for (idx = 0; idx < sizeof(hashs) / sizeof(struct hash_algs); idx++) {
2971 if (hashs[idx].alg == alg) {
2972 *hash_len = hashs[idx].dig_size;
2973 return hashs[idx].dig_type;
2974 }
2975 }
2976 coap_log_debug("get_hash_alg: COSE hash %d not supported\n", alg);
2977 return GNUTLS_DIG_UNKNOWN;
2978}
2979
2980int
2982 const coap_bin_const_t *data,
2983 coap_bin_const_t **hash) {
2984 size_t hash_length;
2985 gnutls_digest_algorithm_t dig_type = get_hash_alg(alg, &hash_length);
2986 gnutls_hash_hd_t digest_ctx;
2987 coap_binary_t *dummy = NULL;
2988 int ret;
2989
2990 if (dig_type == GNUTLS_DIG_UNKNOWN) {
2991 coap_log_debug("coap_crypto_hash: algorithm %d not supported\n", alg);
2992 return 0;
2993 }
2994
2995 if (gnutls_hash_init(&digest_ctx, dig_type)) {
2996 return 0;
2997 }
2998 ret = gnutls_hash(digest_ctx, data->s, data->length);
2999 if (ret != 0)
3000 goto error;
3001
3002 dummy = coap_new_binary(hash_length);
3003 if (!dummy)
3004 goto error;
3005 gnutls_hash_output(digest_ctx, dummy->s);
3006
3007 *hash = (coap_bin_const_t *)(dummy);
3008 gnutls_hash_deinit(digest_ctx, NULL);
3009 return 1;
3010
3011error:
3013 gnutls_hash_deinit(digest_ctx, NULL);
3014 return 0;
3015}
3016#endif /* COAP_WS_SUPPORT */
3017
3018#if COAP_OSCORE_SUPPORT
3019int
3021 return 1;
3022}
3023
3024/*
3025 * The struct cipher_algs and the function get_cipher_alg() are used to
3026 * determine which cipher type to use for creating the required cipher
3027 * suite object.
3028 */
3029static struct cipher_algs {
3030 cose_alg_t alg;
3031 gnutls_cipher_algorithm_t cipher_type;
3032} ciphers[] = {{COSE_ALGORITHM_AES_CCM_16_64_128, GNUTLS_CIPHER_AES_128_CCM_8},
3033 {COSE_ALGORITHM_AES_CCM_16_64_256, GNUTLS_CIPHER_AES_256_CCM_8}
3034};
3035
3036static gnutls_cipher_algorithm_t
3037get_cipher_alg(cose_alg_t alg) {
3038 size_t idx;
3039
3040 for (idx = 0; idx < sizeof(ciphers) / sizeof(struct cipher_algs); idx++) {
3041 if (ciphers[idx].alg == alg)
3042 return ciphers[idx].cipher_type;
3043 }
3044 coap_log_debug("get_cipher_alg: COSE cipher %d not supported\n", alg);
3045 return 0;
3046}
3047
3048/*
3049 * The struct hmac_algs and the function get_hmac_alg() are used to
3050 * determine which hmac type to use for creating the required hmac
3051 * suite object.
3052 */
3053static struct hmac_algs {
3054 cose_hmac_alg_t hmac_alg;
3055 gnutls_mac_algorithm_t hmac_type;
3056} hmacs[] = {
3057 {COSE_HMAC_ALG_HMAC256_256, GNUTLS_MAC_SHA256},
3058 {COSE_HMAC_ALG_HMAC512_512, GNUTLS_MAC_SHA512},
3059};
3060
3061static gnutls_mac_algorithm_t
3062get_hmac_alg(cose_hmac_alg_t hmac_alg) {
3063 size_t idx;
3064
3065 for (idx = 0; idx < sizeof(hmacs) / sizeof(struct hmac_algs); idx++) {
3066 if (hmacs[idx].hmac_alg == hmac_alg)
3067 return hmacs[idx].hmac_type;
3068 }
3069 coap_log_debug("get_hmac_alg: COSE HMAC %d not supported\n", hmac_alg);
3070 return 0;
3071}
3072
3073int
3075 return get_cipher_alg(alg);
3076}
3077
3078int
3080 cose_hmac_alg_t hmac_alg;
3081
3082 if (!cose_get_hmac_alg_for_hkdf(hkdf_alg, &hmac_alg))
3083 return 0;
3084 return get_hmac_alg(hmac_alg);
3085}
3086
3087int
3089 coap_bin_const_t *data,
3090 coap_bin_const_t *aad,
3091 uint8_t *result,
3092 size_t *max_result_len) {
3093 gnutls_aead_cipher_hd_t ctx;
3094 gnutls_datum_t key;
3095 const coap_crypto_aes_ccm_t *ccm;
3096 int ret = 0;
3097 size_t result_len = *max_result_len;
3098 gnutls_cipher_algorithm_t algo;
3099 unsigned tag_size;
3100 uint8_t *key_data_rw;
3101 coap_bin_const_t laad;
3102
3103 if (data == NULL)
3104 return 0;
3105
3106 assert(params != NULL);
3107 if (!params) {
3108 return 0;
3109 }
3110 if ((algo = get_cipher_alg(params->alg)) == 0) {
3111 coap_log_debug("coap_crypto_encrypt: algorithm %d not supported\n",
3112 params->alg);
3113 return 0;
3114 }
3115 tag_size = gnutls_cipher_get_tag_size(algo);
3116 ccm = &params->params.aes;
3117
3118 /* Get a RW copy of data */
3119 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3120 key.data = key_data_rw;
3121 key.size = ccm->key.length;
3122
3123 if (aad) {
3124 laad = *aad;
3125 } else {
3126 laad.s = NULL;
3127 laad.length = 0;
3128 }
3129
3130 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3131
3132 G_CHECK(gnutls_aead_cipher_encrypt(ctx,
3133 ccm->nonce,
3134 15 - ccm->l, /* iv */
3135 laad.s,
3136 laad.length, /* ad */
3137 tag_size,
3138 data->s,
3139 data->length, /* input */
3140 result,
3141 &result_len), /* output */
3142 "gnutls_aead_cipher_encrypt");
3143 *max_result_len = result_len;
3144 ret = 1;
3145fail:
3146 gnutls_aead_cipher_deinit(ctx);
3147 return ret == 1 ? 1 : 0;
3148}
3149
3150int
3152 coap_bin_const_t *data,
3153 coap_bin_const_t *aad,
3154 uint8_t *result,
3155 size_t *max_result_len) {
3156 gnutls_aead_cipher_hd_t ctx;
3157 gnutls_datum_t key;
3158 const coap_crypto_aes_ccm_t *ccm;
3159 int ret = 0;
3160 size_t result_len = *max_result_len;
3161 gnutls_cipher_algorithm_t algo;
3162 unsigned tag_size;
3163 uint8_t *key_data_rw;
3164 coap_bin_const_t laad;
3165
3166 if (data == NULL)
3167 return 0;
3168
3169 assert(params != NULL);
3170
3171 if (!params) {
3172 return 0;
3173 }
3174 if ((algo = get_cipher_alg(params->alg)) == 0) {
3175 coap_log_debug("coap_crypto_decrypt: algorithm %d not supported\n",
3176 params->alg);
3177 return 0;
3178 }
3179 tag_size = gnutls_cipher_get_tag_size(algo);
3180 ccm = &params->params.aes;
3181
3182 /* Get a RW copy of data */
3183 memcpy(&key_data_rw, &ccm->key.s, sizeof(key_data_rw));
3184 key.data = key_data_rw;
3185 key.size = ccm->key.length;
3186
3187 if (aad) {
3188 laad = *aad;
3189 } else {
3190 laad.s = NULL;
3191 laad.length = 0;
3192 }
3193
3194 G_CHECK(gnutls_aead_cipher_init(&ctx, algo, &key), "gnutls_aead_cipher_init");
3195
3196 G_CHECK(gnutls_aead_cipher_decrypt(ctx,
3197 ccm->nonce,
3198 15 - ccm->l, /* iv */
3199 laad.s,
3200 laad.length, /* ad */
3201 tag_size,
3202 data->s,
3203 data->length, /* input */
3204 result,
3205 &result_len), /* output */
3206 "gnutls_aead_cipher_decrypt");
3207 *max_result_len = result_len;
3208 ret = 1;
3209fail:
3210 gnutls_aead_cipher_deinit(ctx);
3211 return ret == 1 ? 1 : 0;
3212}
3213
3214int
3216 coap_bin_const_t *key,
3217 coap_bin_const_t *data,
3218 coap_bin_const_t **hmac) {
3219 gnutls_hmac_hd_t ctx;
3220 int ret = 0;
3221 unsigned len;
3222 gnutls_mac_algorithm_t mac_algo;
3223 coap_binary_t *dummy = NULL;
3224
3225 if (data == NULL)
3226 return 0;
3227
3228 if ((mac_algo = get_hmac_alg(hmac_alg)) == 0) {
3229 coap_log_debug("coap_crypto_hmac: algorithm %d not supported\n", hmac_alg);
3230 return 0;
3231 }
3232 len = gnutls_hmac_get_len(mac_algo);
3233 if (len == 0)
3234 return 0;
3235
3236 dummy = coap_new_binary(len);
3237 if (dummy == NULL)
3238 return 0;
3239 G_CHECK(gnutls_hmac_init(&ctx, mac_algo, key->s, key->length),
3240 "gnutls_hmac_init");
3241 G_CHECK(gnutls_hmac(ctx, data->s, data->length), "gnutls_hmac");
3242 gnutls_hmac_output(ctx, dummy->s);
3243 *hmac = (coap_bin_const_t *)dummy;
3244 dummy = NULL;
3245 ret = 1;
3246fail:
3248 gnutls_hmac_deinit(ctx, NULL);
3249 return ret == 1 ? 1 : 0;
3250}
3251
3252#endif /* COAP_OSCORE_SUPPORT */
3253
3254#else /* !COAP_WITH_LIBGNUTLS */
3255
3256#ifdef __clang__
3257/* Make compilers happy that do not like empty modules. As this function is
3258 * never used, we ignore -Wunused-function at the end of compiling this file
3259 */
3260#pragma GCC diagnostic ignored "-Wunused-function"
3261#endif
3262static inline void
3263dummy(void) {
3264}
3265
3266#endif /* !COAP_WITH_LIBGNUTLS */
#define min(a, b)
Definition coap_block.c:19
static void dummy(void)
const char * coap_socket_strerror(void)
Definition coap_io.c:1835
#define COAP_RXBUFFER_SIZE
Definition coap_io.h:29
@ COAP_NACK_TLS_FAILED
Definition coap_io.h:73
@ COAP_LAYER_TLS
Library specific build wrapper for coap_internal.h.
int coap_dtls_context_set_pki(coap_context_t *ctx COAP_UNUSED, const coap_dtls_pki_t *setup_data COAP_UNUSED, const coap_dtls_role_t role COAP_UNUSED)
Definition coap_notls.c:90
coap_tick_t coap_dtls_get_timeout(coap_session_t *session COAP_UNUSED, coap_tick_t now COAP_UNUSED)
Definition coap_notls.c:206
ssize_t coap_tls_read(coap_session_t *session COAP_UNUSED, uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:278
coap_tick_t coap_dtls_get_context_timeout(void *dtls_context COAP_UNUSED)
Definition coap_notls.c:201
int coap_dtls_receive(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:220
void * coap_dtls_get_tls(const coap_session_t *c_session COAP_UNUSED, coap_tls_library_t *tls_lib)
Definition coap_notls.c:135
unsigned int coap_dtls_get_overhead(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:238
static coap_log_t dtls_log_level
Definition coap_notls.c:128
int coap_dtls_context_check_keys_enabled(coap_context_t *ctx COAP_UNUSED)
Definition coap_notls.c:124
ssize_t coap_dtls_send(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:189
ssize_t coap_tls_write(coap_session_t *session COAP_UNUSED, const uint8_t *data COAP_UNUSED, size_t data_len COAP_UNUSED)
Definition coap_notls.c:266
void coap_dtls_session_update_mtu(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:185
int coap_dtls_context_set_pki_root_cas(coap_context_t *ctx COAP_UNUSED, const char *ca_file COAP_UNUSED, const char *ca_path COAP_UNUSED)
Definition coap_notls.c:98
int coap_dtls_handle_timeout(coap_session_t *session COAP_UNUSED)
Definition coap_notls.c:215
void coap_dtls_free_context(void *handle COAP_UNUSED)
Definition coap_notls.c:163
void coap_dtls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:181
void * coap_dtls_new_context(coap_context_t *coap_context COAP_UNUSED)
Definition coap_notls.c:158
void coap_tls_free_session(coap_session_t *coap_session COAP_UNUSED)
Definition coap_notls.c:257
coap_binary_t * get_asn1_spki(const uint8_t *data, size_t size)
Abstract SPKI public key from the ASN1.
Definition coap_asn1.c:122
void coap_digest_free(coap_digest_ctx_t *digest_ctx)
Free off coap_digest_ctx_t.
int coap_digest_final(coap_digest_ctx_t *digest_ctx, coap_digest_t *digest_buffer)
Finalize the coap_digest information into the provided digest_buffer.
int coap_digest_update(coap_digest_ctx_t *digest_ctx, const uint8_t *data, size_t data_len)
Update the coap_digest information with the next chunk of data.
void coap_digest_ctx_t
coap_digest_ctx_t * coap_digest_setup(void)
Initialize a coap_digest.
uint64_t coap_tick_t
This data type represents internal timer ticks with COAP_TICKS_PER_SECOND resolution.
Definition coap_time.h:143
int coap_handle_event_lkd(coap_context_t *context, coap_event_t event, coap_session_t *session)
Invokes the event handler of context for the given event and data.
Definition coap_net.c:4253
int coap_handle_dgram(coap_context_t *ctx, coap_session_t *session, uint8_t *msg, size_t msg_len)
Parses and interprets a CoAP datagram with context ctx.
Definition coap_net.c:2422
int coap_crypto_hmac(cose_hmac_alg_t hmac_alg, coap_bin_const_t *key, coap_bin_const_t *data, coap_bin_const_t **hmac)
Create a HMAC hash of the provided data.
int coap_crypto_aead_decrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Decrypt the provided encrypted data into plaintext.
int coap_crypto_aead_encrypt(const coap_crypto_param_t *params, coap_bin_const_t *data, coap_bin_const_t *aad, uint8_t *result, size_t *max_result_len)
Encrypt the provided plaintext data.
int coap_crypto_hash(cose_alg_t alg, const coap_bin_const_t *data, coap_bin_const_t **hash)
Create a hash of the provided data.
int coap_crypto_check_hkdf_alg(cose_hkdf_alg_t hkdf_alg)
Check whether the defined hkdf algorithm is supported by the underlying crypto library.
int coap_crypto_check_cipher_alg(cose_alg_t alg)
Check whether the defined cipher algorithm is supported by the underlying crypto library.
void * coap_tls_new_server_session(coap_session_t *coap_session)
Create a TLS new server-side session.
const coap_bin_const_t * coap_get_session_client_psk_identity(const coap_session_t *session)
Get the current client's PSK identity.
Definition coap_net.c:308
void coap_dtls_startup(void)
Initialize the underlying (D)TLS Library layer.
Definition coap_notls.c:131
int coap_dtls_define_issue(coap_define_issue_key_t type, coap_define_issue_fail_t fail, coap_dtls_key_t *key, const coap_dtls_role_t role, int ret)
Report PKI DEFINE type issue.
Definition coap_dtls.c:165
void * coap_dtls_new_client_session(coap_session_t *coap_session)
Create a new client-side session.
void * coap_dtls_new_server_session(coap_session_t *coap_session)
Create a new DTLS server-side session.
int coap_dtls_hello(coap_session_t *coap_session, const uint8_t *data, size_t data_len)
Handling client HELLO messages from a new candiate peer.
int coap_dtls_is_context_timeout(void)
Check if timeout is handled per CoAP session or per CoAP context.
Definition coap_notls.c:196
int coap_dtls_context_set_cpsk(coap_context_t *coap_context, coap_dtls_cpsk_t *setup_data)
Set the DTLS context's default client PSK information.
int coap_dtls_context_set_spsk(coap_context_t *coap_context, coap_dtls_spsk_t *setup_data)
Set the DTLS context's default server PSK information.
void coap_dtls_shutdown(void)
Close down the underlying (D)TLS Library layer.
Definition coap_notls.c:143
const coap_bin_const_t * coap_get_session_client_psk_key(const coap_session_t *coap_session)
Get the current client's PSK key.
void * coap_tls_new_client_session(coap_session_t *coap_session)
Create a new TLS client-side session.
#define COAP_DTLS_RETRANSMIT_COAP_TICKS
void coap_dtls_map_key_type_to_define(const coap_dtls_pki_t *setup_data, coap_dtls_key_t *key)
Map the PKI key definitions to the new DEFINE format.
Definition coap_dtls.c:26
const coap_bin_const_t * coap_get_session_server_psk_key(const coap_session_t *coap_session)
Get the current server's PSK key.
@ COAP_DEFINE_KEY_PRIVATE
@ COAP_DEFINE_KEY_CA
@ COAP_DEFINE_KEY_PUBLIC
@ COAP_DEFINE_FAIL_NONE
@ COAP_DEFINE_FAIL_NOT_SUPPORTED
@ COAP_DEFINE_FAIL_BAD
#define COAP_DTLS_HINT_LENGTH
Definition coap_dtls.h:35
coap_tls_version_t * coap_get_tls_library_version(void)
Determine the type and version of the underlying (D)TLS library.
Definition coap_notls.c:82
int coap_dtls_psk_is_supported(void)
Check whether (D)TLS PSK is available.
Definition coap_notls.c:50
coap_dtls_role_t
Definition coap_dtls.h:44
int coap_tls_is_supported(void)
Check whether TLS is available.
Definition coap_notls.c:41
#define COAP_DTLS_RPK_CERT_CN
Definition coap_dtls.h:49
int coap_dtls_is_supported(void)
Check whether DTLS is available.
Definition coap_notls.c:36
int coap_dtls_pki_is_supported(void)
Check whether (D)TLS PKI is available.
Definition coap_notls.c:59
int coap_dtls_rpk_is_supported(void)
Check whether (D)TLS RPK is available.
Definition coap_notls.c:77
coap_tls_library_t
Definition coap_dtls.h:112
int coap_dtls_pkcs11_is_supported(void)
Check whether (D)TLS PKCS11 is available.
Definition coap_notls.c:68
@ COAP_PKI_KEY_DEF_PKCS11
The PKI key type is PKCS11 (pkcs11:...).
Definition coap_dtls.h:287
@ COAP_PKI_KEY_DEF_DER_BUF
The PKI key type is DER buffer (ASN.1).
Definition coap_dtls.h:284
@ COAP_PKI_KEY_DEF_PEM_BUF
The PKI key type is PEM buffer.
Definition coap_dtls.h:278
@ COAP_PKI_KEY_DEF_PEM
The PKI key type is PEM file.
Definition coap_dtls.h:276
@ COAP_PKI_KEY_DEF_ENGINE
The PKI key type is to be passed to ENGINE.
Definition coap_dtls.h:293
@ COAP_PKI_KEY_DEF_RPK_BUF
The PKI key type is RPK in buffer.
Definition coap_dtls.h:280
@ COAP_PKI_KEY_DEF_DER
The PKI key type is DER file.
Definition coap_dtls.h:282
@ COAP_PKI_KEY_DEF_PKCS11_RPK
The PKI key type is PKCS11 w/ RPK (pkcs11:...).
Definition coap_dtls.h:290
@ COAP_DTLS_ROLE_SERVER
Internal function invoked for server.
Definition coap_dtls.h:46
@ COAP_DTLS_ROLE_CLIENT
Internal function invoked for client.
Definition coap_dtls.h:45
@ COAP_PKI_KEY_DEFINE
The individual PKI key types are Definable.
Definition coap_dtls.h:214
@ COAP_TLS_LIBRARY_GNUTLS
Using GnuTLS library.
Definition coap_dtls.h:116
@ COAP_EVENT_DTLS_CLOSED
Triggerred when (D)TLS session closed.
Definition coap_event.h:39
@ COAP_EVENT_DTLS_CONNECTED
Triggered when (D)TLS session connected.
Definition coap_event.h:41
@ COAP_EVENT_DTLS_ERROR
Triggered when (D)TLS error occurs.
Definition coap_event.h:45
#define coap_log_debug(...)
Definition coap_debug.h:120
coap_log_t
Logging type.
Definition coap_debug.h:50
coap_log_t coap_dtls_get_log_level(void)
Get the current (D)TLS logging.
Definition coap_notls.c:153
#define coap_dtls_log(level,...)
Logging function.
Definition coap_debug.h:300
void coap_dtls_set_log_level(coap_log_t level)
Sets the (D)TLS logging level to the specified level.
Definition coap_notls.c:148
const char * coap_session_str(const coap_session_t *session)
Get session description.
#define coap_log_info(...)
Definition coap_debug.h:108
#define coap_log_warn(...)
Definition coap_debug.h:102
#define coap_log_err(...)
Definition coap_debug.h:96
@ COAP_LOG_EMERG
Definition coap_debug.h:51
@ COAP_LOG_DEBUG
Definition coap_debug.h:58
@ COAP_LOG_WARN
Definition coap_debug.h:55
int coap_netif_available(coap_session_t *session)
Function interface to check whether netif for session is still available.
Definition coap_netif.c:25
int cose_get_hmac_alg_for_hkdf(cose_hkdf_alg_t hkdf_alg, cose_hmac_alg_t *hmac_alg)
cose_hkdf_alg_t
cose_hmac_alg_t
cose_alg_t
@ COSE_HMAC_ALG_HMAC256_256
@ COSE_HMAC_ALG_HMAC512_512
@ COSE_ALGORITHM_SHA_256_256
@ COSE_ALGORITHM_SHA_1
@ COSE_ALGORITHM_AES_CCM_16_64_128
@ COSE_ALGORITHM_SHA_512
@ COSE_ALGORITHM_AES_CCM_16_64_256
int coap_oscore_is_supported(void)
Check whether OSCORE is available.
@ COAP_PROTO_DTLS
Definition coap_pdu.h:315
@ COAP_PROTO_TLS
Definition coap_pdu.h:317
int coap_session_refresh_psk_hint(coap_session_t *session, const coap_bin_const_t *psk_hint)
Refresh the session's current Identity Hint (PSK).
int coap_session_refresh_psk_key(coap_session_t *session, const coap_bin_const_t *psk_key)
Refresh the session's current pre-shared key (PSK).
void coap_session_connected(coap_session_t *session)
Notify session that it has just connected or reconnected.
int coap_session_refresh_psk_identity(coap_session_t *session, const coap_bin_const_t *psk_identity)
Refresh the session's current pre-shared identity (PSK).
void coap_session_disconnected_lkd(coap_session_t *session, coap_nack_reason_t reason)
Notify session that it has failed.
#define COAP_PROTO_NOT_RELIABLE(p)
@ COAP_SESSION_STATE_HANDSHAKE
@ COAP_SESSION_STATE_CSM
@ COAP_SESSION_STATE_NONE
coap_binary_t * coap_new_binary(size_t size)
Returns a new binary object with at least size bytes storage allocated.
Definition coap_str.c:77
void coap_delete_binary(coap_binary_t *s)
Deletes the given coap_binary_t object and releases any memory allocated.
Definition coap_str.c:105
#define COAP_UNUSED
Definition libcoap.h:70
CoAP binary data definition with const data.
Definition coap_str.h:64
size_t length
length of binary data
Definition coap_str.h:65
const uint8_t * s
read-only binary data
Definition coap_str.h:66
CoAP binary data definition.
Definition coap_str.h:56
size_t length
length of binary data
Definition coap_str.h:57
uint8_t * s
binary data
Definition coap_str.h:58
The CoAP stack's global state is stored in a coap_context_t object.
coap_dtls_spsk_t spsk_setup_data
Contains the initial PSK server setup data.
The structure that holds the AES Crypto information.
size_t l
The number of bytes in the length field.
const uint8_t * nonce
must be exactly 15 - l bytes
coap_crypto_key_t key
The Key to use.
The common structure that holds the Crypto information.
union coap_crypto_param_t::@2 params
coap_crypto_aes_ccm_t aes
Used if AES type encryption.
cose_alg_t alg
The COSE algorith to use.
The structure that holds the Client PSK information.
Definition coap_dtls.h:417
coap_bin_const_t key
Definition coap_dtls.h:419
coap_bin_const_t identity
Definition coap_dtls.h:418
The structure used for defining the Client PSK setup data to be used.
Definition coap_dtls.h:448
void * ih_call_back_arg
Passed in to the Identity Hint callback function.
Definition coap_dtls.h:469
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:472
coap_dtls_ih_callback_t validate_ih_call_back
Identity Hint check callback function.
Definition coap_dtls.h:468
The structure that holds the PKI key information.
Definition coap_dtls.h:321
coap_pki_key_define_t define
for definable type keys
Definition coap_dtls.h:328
union coap_dtls_key_t::@3 key
coap_pki_key_t key_type
key format type
Definition coap_dtls.h:322
The structure used for defining the PKI setup data to be used.
Definition coap_dtls.h:354
uint8_t cert_chain_validation
1 if to check cert_chain_verify_depth
Definition coap_dtls.h:365
uint8_t check_cert_revocation
1 if revocation checks wanted
Definition coap_dtls.h:367
uint8_t cert_chain_verify_depth
recommended depth is 3
Definition coap_dtls.h:366
uint8_t verify_peer_cert
Set to COAP_DTLS_PKI_SETUP_VERSION to support this version of the struct.
Definition coap_dtls.h:359
char * client_sni
If not NULL, SNI to use in client TLS setup.
Definition coap_dtls.h:407
uint8_t is_rpk_not_cert
1 is RPK instead of Public Certificate.
Definition coap_dtls.h:372
uint8_t check_common_ca
1 if peer cert is to be signed by the same CA as the local cert
Definition coap_dtls.h:360
coap_dtls_key_t pki_key
PKI key definition.
Definition coap_dtls.h:411
The structure that holds the Server Pre-Shared Key and Identity Hint information.
Definition coap_dtls.h:484
coap_bin_const_t hint
Definition coap_dtls.h:485
The structure used for defining the Server PSK setup data to be used.
Definition coap_dtls.h:535
coap_dtls_psk_sni_callback_t validate_sni_call_back
SNI check callback function.
Definition coap_dtls.h:562
coap_dtls_id_callback_t validate_id_call_back
Identity check callback function.
Definition coap_dtls.h:554
void * id_call_back_arg
Passed in to the Identity callback function.
Definition coap_dtls.h:555
void * sni_call_back_arg
Passed in to the SNI callback function.
Definition coap_dtls.h:563
coap_dtls_spsk_info_t psk_info
Server PSK definition.
Definition coap_dtls.h:565
coap_layer_read_t l_read
coap_layer_write_t l_write
coap_layer_establish_t l_establish
coap_const_char_ptr_t public_cert
define: Public Cert
Definition coap_dtls.h:303
const char * user_pin
define: User pin to access type PKCS11.
Definition coap_dtls.h:313
coap_const_char_ptr_t private_key
define: Private Key
Definition coap_dtls.h:304
coap_const_char_ptr_t ca
define: Common CA Certificate
Definition coap_dtls.h:302
size_t public_cert_len
define Public Cert length (if needed)
Definition coap_dtls.h:306
size_t ca_len
define CA Cert length (if needed)
Definition coap_dtls.h:305
coap_pki_define_t private_key_def
define: Private Key type definition
Definition coap_dtls.h:310
size_t private_key_len
define Private Key length (if needed)
Definition coap_dtls.h:307
coap_pki_define_t ca_def
define: Common CA type definition
Definition coap_dtls.h:308
coap_pki_define_t public_cert_def
define: Public Cert type definition
Definition coap_dtls.h:309
Abstraction of virtual session that can be attached to coap_context_t (client) or coap_endpoint_t (se...
unsigned int dtls_timeout_count
dtls setup retry counter
coap_endpoint_t * endpoint
session's endpoint
coap_socket_t sock
socket object for the session, if any
coap_session_state_t state
current state of relationship with peer
coap_addr_tuple_t addr_info
remote/local address info
coap_proto_t proto
protocol used
coap_dtls_cpsk_t cpsk_setup_data
client provided PSK initial setup data
size_t mtu
path or CSM mtu (xmt)
int dtls_event
Tracking any (D)TLS events on this session.
void * tls
security parameters
uint16_t max_retransmit
maximum re-transmit count (default 4)
coap_context_t * context
session's context
coap_layer_func_t lfunc[COAP_LAYER_LAST]
Layer functions to use.
CoAP string data definition with const data.
Definition coap_str.h:46
const uint8_t * s
read-only string data
Definition coap_str.h:48
size_t length
length of string
Definition coap_str.h:47
The structure used for returning the underlying (D)TLS library information.
Definition coap_dtls.h:125
uint64_t built_version
(D)TLS Built against Library Version
Definition coap_dtls.h:128
coap_tls_library_t type
Library type.
Definition coap_dtls.h:127
uint64_t version
(D)TLS runtime Library Version
Definition coap_dtls.h:126
const char * s_byte
signed char ptr
Definition coap_str.h:73
const uint8_t * u_byte
unsigned char ptr
Definition coap_str.h:74