Lee Kai Xuan
/
mbed-os
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of
mbed-os
by 
erkin yucel
features/nanostack/FEATURE_NANOSTACK/coap-service/source/include/coap_security_handler.h@0:f269e3021894, 2016-10-23 (annotated)
- Committer:
- elessair
- Date:
- Sun Oct 23 15:10:02 2016 +0000
- Revision:
- 0:f269e3021894
Initial commit
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| elessair | 0:f269e3021894 | 1 | /* |
| elessair | 0:f269e3021894 | 2 | * Copyright (c) 2015-2016 ARM Limited. All Rights Reserved. |
| elessair | 0:f269e3021894 | 3 | * |
| elessair | 0:f269e3021894 | 4 | * SPDX-License-Identifier: Apache-2.0 |
| elessair | 0:f269e3021894 | 5 | * |
| elessair | 0:f269e3021894 | 6 | * Licensed under the Apache License, Version 2.0 (the "License"); you may |
| elessair | 0:f269e3021894 | 7 | * not use this file except in compliance with the License. |
| elessair | 0:f269e3021894 | 8 | * You may obtain a copy of the License at |
| elessair | 0:f269e3021894 | 9 | * |
| elessair | 0:f269e3021894 | 10 | * http://www.apache.org/licenses/LICENSE-2.0 |
| elessair | 0:f269e3021894 | 11 | * |
| elessair | 0:f269e3021894 | 12 | * Unless required by applicable law or agreed to in writing, software |
| elessair | 0:f269e3021894 | 13 | * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| elessair | 0:f269e3021894 | 14 | * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| elessair | 0:f269e3021894 | 15 | * See the License for the specific language governing permissions and |
| elessair | 0:f269e3021894 | 16 | * limitations under the License. |
| elessair | 0:f269e3021894 | 17 | */ |
| elessair | 0:f269e3021894 | 18 | #ifndef __COAP_SECURITY_HANDLER_H__ |
| elessair | 0:f269e3021894 | 19 | #define __COAP_SECURITY_HANDLER_H__ |
| elessair | 0:f269e3021894 | 20 | |
| elessair | 0:f269e3021894 | 21 | #include <stddef.h> |
| elessair | 0:f269e3021894 | 22 | #include <inttypes.h> |
| elessair | 0:f269e3021894 | 23 | #include <stdbool.h> |
| elessair | 0:f269e3021894 | 24 | #include "mbedtls/platform.h" |
| elessair | 0:f269e3021894 | 25 | #include "mbedtls/ssl.h" |
| elessair | 0:f269e3021894 | 26 | #include "mbedtls/sha256.h" |
| elessair | 0:f269e3021894 | 27 | #include "mbedtls/entropy.h" |
| elessair | 0:f269e3021894 | 28 | #include "mbedtls/ctr_drbg.h" |
| elessair | 0:f269e3021894 | 29 | |
| elessair | 0:f269e3021894 | 30 | #define COOKIE_SIMPLE_LEN 8 |
| elessair | 0:f269e3021894 | 31 | typedef struct simple_cookie { |
| elessair | 0:f269e3021894 | 32 | unsigned char value[COOKIE_SIMPLE_LEN]; |
| elessair | 0:f269e3021894 | 33 | size_t len; |
| elessair | 0:f269e3021894 | 34 | } simple_cookie_t; |
| elessair | 0:f269e3021894 | 35 | |
| elessair | 0:f269e3021894 | 36 | #define KEY_BLOCK_LEN 40 |
| elessair | 0:f269e3021894 | 37 | typedef struct key_block { |
| elessair | 0:f269e3021894 | 38 | unsigned char value[KEY_BLOCK_LEN]; |
| elessair | 0:f269e3021894 | 39 | } key_block_t; |
| elessair | 0:f269e3021894 | 40 | |
| elessair | 0:f269e3021894 | 41 | typedef int send_cb(int8_t socket_id, uint8_t *address_ptr, uint16_t port, const unsigned char *, size_t); |
| elessair | 0:f269e3021894 | 42 | typedef int receive_cb(int8_t socket_id, unsigned char *, size_t); |
| elessair | 0:f269e3021894 | 43 | typedef void start_timer_cb(int8_t timer_id, uint32_t min, uint32_t fin); |
| elessair | 0:f269e3021894 | 44 | typedef int timer_status_cb(int8_t timer_id); |
| elessair | 0:f269e3021894 | 45 | |
| elessair | 0:f269e3021894 | 46 | #define DTLS_HANDSHAKE_TIMEOUT_MIN 25000 |
| elessair | 0:f269e3021894 | 47 | #define DTLS_HANDSHAKE_TIMEOUT_MAX 201000 |
| elessair | 0:f269e3021894 | 48 | |
| elessair | 0:f269e3021894 | 49 | typedef enum { |
| elessair | 0:f269e3021894 | 50 | DTLS = 0, |
| elessair | 0:f269e3021894 | 51 | TLS = 1 |
| elessair | 0:f269e3021894 | 52 | }SecureSocketMode; |
| elessair | 0:f269e3021894 | 53 | |
| elessair | 0:f269e3021894 | 54 | typedef enum { |
| elessair | 0:f269e3021894 | 55 | Certificate, |
| elessair | 0:f269e3021894 | 56 | PSK, |
| elessair | 0:f269e3021894 | 57 | ECJPAKE |
| elessair | 0:f269e3021894 | 58 | }SecureConnectionMode; |
| elessair | 0:f269e3021894 | 59 | |
| elessair | 0:f269e3021894 | 60 | typedef struct { |
| elessair | 0:f269e3021894 | 61 | unsigned char *_server_cert; |
| elessair | 0:f269e3021894 | 62 | uint8_t _server_cert_len; |
| elessair | 0:f269e3021894 | 63 | unsigned char *_pub_cert_or_identifier; |
| elessair | 0:f269e3021894 | 64 | uint8_t _pub_len; |
| elessair | 0:f269e3021894 | 65 | unsigned char *_priv; |
| elessair | 0:f269e3021894 | 66 | uint8_t _priv_len; |
| elessair | 0:f269e3021894 | 67 | } coap_security_keys_t; |
| elessair | 0:f269e3021894 | 68 | |
| elessair | 0:f269e3021894 | 69 | typedef struct coap_security_s { |
| elessair | 0:f269e3021894 | 70 | mbedtls_ssl_config _conf; |
| elessair | 0:f269e3021894 | 71 | mbedtls_ssl_context _ssl; |
| elessair | 0:f269e3021894 | 72 | |
| elessair | 0:f269e3021894 | 73 | mbedtls_ctr_drbg_context _ctr_drbg; |
| elessair | 0:f269e3021894 | 74 | mbedtls_entropy_context _entropy; |
| elessair | 0:f269e3021894 | 75 | bool _is_started; |
| elessair | 0:f269e3021894 | 76 | simple_cookie_t _cookie; |
| elessair | 0:f269e3021894 | 77 | key_block_t _keyblk; |
| elessair | 0:f269e3021894 | 78 | |
| elessair | 0:f269e3021894 | 79 | SecureConnectionMode _conn_mode; |
| elessair | 0:f269e3021894 | 80 | #if defined(MBEDTLS_X509_CRT_PARSE_C) |
| elessair | 0:f269e3021894 | 81 | mbedtls_x509_crt _cacert; |
| elessair | 0:f269e3021894 | 82 | mbedtls_x509_crt _owncert; |
| elessair | 0:f269e3021894 | 83 | #endif |
| elessair | 0:f269e3021894 | 84 | mbedtls_pk_context _pkey; |
| elessair | 0:f269e3021894 | 85 | |
| elessair | 0:f269e3021894 | 86 | uint8_t _remote_address[16]; |
| elessair | 0:f269e3021894 | 87 | uint16_t _remote_port; |
| elessair | 0:f269e3021894 | 88 | |
| elessair | 0:f269e3021894 | 89 | uint8_t _pw[64]; |
| elessair | 0:f269e3021894 | 90 | uint8_t _pw_len; |
| elessair | 0:f269e3021894 | 91 | |
| elessair | 0:f269e3021894 | 92 | bool _is_blocking; |
| elessair | 0:f269e3021894 | 93 | int8_t _socket_id; |
| elessair | 0:f269e3021894 | 94 | int8_t _timer_id; |
| elessair | 0:f269e3021894 | 95 | send_cb *_send_cb; |
| elessair | 0:f269e3021894 | 96 | receive_cb *_receive_cb; |
| elessair | 0:f269e3021894 | 97 | start_timer_cb *_start_timer_cb; |
| elessair | 0:f269e3021894 | 98 | timer_status_cb *_timer_status_cb; |
| elessair | 0:f269e3021894 | 99 | |
| elessair | 0:f269e3021894 | 100 | } coap_security_t; |
| elessair | 0:f269e3021894 | 101 | |
| elessair | 0:f269e3021894 | 102 | coap_security_t *coap_security_create(int8_t socket_id, int8_t timer_id, uint8_t *address_ptr, uint16_t port, |
| elessair | 0:f269e3021894 | 103 | SecureConnectionMode mode, |
| elessair | 0:f269e3021894 | 104 | send_cb *send_cb, |
| elessair | 0:f269e3021894 | 105 | receive_cb *receive_cb, |
| elessair | 0:f269e3021894 | 106 | start_timer_cb *start_timer_cb, |
| elessair | 0:f269e3021894 | 107 | timer_status_cb *timer_status_cb); |
| elessair | 0:f269e3021894 | 108 | |
| elessair | 0:f269e3021894 | 109 | void coap_security_destroy(coap_security_t *sec); |
| elessair | 0:f269e3021894 | 110 | |
| elessair | 0:f269e3021894 | 111 | int coap_security_handler_connect(coap_security_t *sec, bool is_server, SecureSocketMode sock_mode, coap_security_keys_t keys); |
| elessair | 0:f269e3021894 | 112 | |
| elessair | 0:f269e3021894 | 113 | int coap_security_handler_connect_non_blocking(coap_security_t *sec, bool is_server, SecureSocketMode sock_mode, coap_security_keys_t keys, uint32_t timeout_min, uint32_t timeout_max); |
| elessair | 0:f269e3021894 | 114 | |
| elessair | 0:f269e3021894 | 115 | int coap_security_handler_continue_connecting(coap_security_t *sec); |
| elessair | 0:f269e3021894 | 116 | |
| elessair | 0:f269e3021894 | 117 | int coap_security_handler_send_message(coap_security_t *sec, unsigned char *message, size_t len); |
| elessair | 0:f269e3021894 | 118 | |
| elessair | 0:f269e3021894 | 119 | int coap_security_send_close_alert(coap_security_t *sec); |
| elessair | 0:f269e3021894 | 120 | |
| elessair | 0:f269e3021894 | 121 | int coap_security_handler_read(coap_security_t *sec, unsigned char* buffer, size_t len); |
| elessair | 0:f269e3021894 | 122 | |
| elessair | 0:f269e3021894 | 123 | #endif |