1 /* *****************************************************************
3 * Copyright 2016 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
20 #ifndef CA_ADAPTER_NET_TLS_H_
21 #define CA_ADAPTER_NET_TLS_H_
23 #include "caadapterutils.h"
24 #include "cainterface.h"
27 * Currently TLS supported adapters(2) WIFI and ETHENET for linux platform.
29 #define MAX_SUPPORTED_ADAPTERS 2
31 typedef void (*CAPacketReceivedCallback)(const CASecureEndpoint_t *sep,
32 const void *data, uint32_t dataLength);
34 typedef void (*CAPacketSendCallback)(CAEndpoint_t *endpoint,
35 const void *data, uint32_t dataLength);
38 * Select the cipher suite for dtls handshake
40 * @param[in] cipher cipher suite
41 * 0xC018 : TLS_ECDH_anon_WITH_AES_128_CBC_SHA_256
42 * 0xC0A8 : TLS_PSK_WITH_AES_128_CCM_8
43 * 0xC0AE : TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
45 * @retval ::CA_STATUS_OK for success, otherwise some error value
47 CAResult_t CAsetTlsCipherSuite(const uint32_t cipher);
50 * Used set send and recv callbacks for different adapters(WIFI,EtherNet).
52 * @param[in] recvCallback packet received callback.
53 * @param[in] sendCallback packet sent callback.
54 * @param[in] type type of adapter.
57 void CAsetTlsAdapterCallbacks(CAPacketReceivedCallback recvCallback,
58 CAPacketSendCallback sendCallback,
59 CATransportAdapter_t type);
62 * Register callback to get credentials types.
63 * @param[in] credTypesCallback callback to get credential types.
65 void CAsetCredentialTypesCallback(CAgetCredentialTypesHandler credTypesCallback);
67 * Register callback to get credential types.
68 * @param[in] typesCallback callback to get credential types.
70 void CAsetTlsCredentialsCallback(CAGetDTLSPskCredentialsHandler credCallback);
73 * Close the TLS session
75 * @param[in] endpoint information of network address
77 * @retval ::CA_STATUS_OK for success, otherwise some error value
79 CAResult_t CAcloseTlsConnection(const CAEndpoint_t *endpoint);
82 * initialize mbedTLS library and other necessary initialization.
84 * @return 0 on success otherwise a positive error value.
85 * @retval ::CA_STATUS_OK Successful.
86 * @retval ::CA_MEMORY_ALLOC_FAILED Memory allocation failed.
87 * @retval ::CA_STATUS_FAILED Operation failed.
90 CAResult_t CAinitTlsAdapter();
93 * de-inits mbedTLS library and free the allocated memory.
95 void CAdeinitTlsAdapter();
98 * Performs TLS encryption of the CoAP PDU.
100 * If a DTLS session does not exist yet with the @dst,
101 * a TLS handshake will be started. In case where a new TLS handshake
102 * is started, pdu info is cached to be send when session setup is finished.
104 * @param[in] endpoint address to which data will be sent.
105 * @param[in] data length of data.
106 * @param[in] dataLen length of given data
108 * @return 0 on success otherwise a positive error value.
109 * @retval ::CA_STATUS_OK Successful.
110 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
111 * @retval ::CA_STATUS_FAILED Operation failed.
115 CAResult_t CAencryptTls(const CAEndpoint_t *endpoint, void *data, uint32_t dataLen);
118 * Performs TLS decryption of the data.
120 * @param[in] sep address and flags for which data will be decrypted.
121 * @param[in] data length of data.
122 * @param[in] dataLen length of given data
124 * @return 0 on success otherwise a positive error value.
125 * @retval ::CA_STATUS_OK Successful.
126 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
127 * @retval ::CA_STATUS_FAILED Operation failed.
130 CAResult_t CAdecryptTls(const CASecureEndpoint_t *sep, uint8_t *data, uint32_t dataLen);
133 * Initiate TLS handshake with selected cipher suite.
135 * @param[in] endpoint information of network address
137 * @retval ::CA_STATUS_OK for success, otherwise some error value
139 CAResult_t CAinitiateTlsHandshake(const CAEndpoint_t *endpoint);
142 * Register callback to deliver the result of TLS handshake
143 * @param[in] tlsHandshakeCallback Callback to receive the result of TLS handshake.
145 void CAsetTlsHandshakeCallback(CAErrorCallback tlsHandshakeCallback);
148 * Generate ownerPSK using the PKCS#12 derivation function
150 * @param[in,out] ownerPSK Output buffer for owner PSK
151 * @param[in] ownerPSKSize Byte length of the ownerPSK to be generated
152 * @param[in] deviceID ID of new device(Resource Server)
153 * @param[in] deviceIDLen Byte length of deviceID
155 * @retval ::CA_STATUS_OK for success, otherwise some error value
157 CAResult_t CAtlsGenerateOwnerPSK(const CAEndpoint_t *endpoint,
158 uint8_t* ownerPSK, const size_t ownerPSKSize,
159 const uint8_t* deviceID, const size_t deviceIDLen);
161 #endif /* CA_ADAPTER_NET_TLS_H_ */