1 /* *****************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
20 #ifndef CA_ADAPTER_NET_DTLS_H_
21 #define CA_ADAPTER_NET_DTLS_H_
24 #include "uarraylist.h"
26 #include "caadapterutils.h"
27 #include "cainterface.h"
31 * Currently DTLS supported adapters(2) WIFI and ETHENET for linux platform.
33 #define MAX_SUPPORTED_ADAPTERS 2
35 typedef void (*CAPacketReceivedCallback)(const CASecureEndpoint_t *sep,
36 const void *data, uint32_t dataLength);
38 typedef void (*CAPacketSendCallback)(CAEndpoint_t *endpoint,
39 const void *data, uint32_t dataLength);
42 * Data structure for holding the send and recv callbacks.
44 typedef struct CAAdapterCallbacks
46 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
47 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
48 } stCAAdapterCallbacks_t;
51 * Data structure for holding the tinyDTLS interface related info.
53 typedef struct stCADtlsContext
55 u_arraylist_t *peerInfoList; /**< peerInfo list which holds the mapping between
56 peer id to it's n/w address. */
57 u_arraylist_t *cacheList; /**< PDU's are cached until DTLS session is formed. */
58 struct dtls_context_t *dtlsContext; /**< Pointer to tinyDTLS context. */
59 struct stPacketInfo *packetInfo; /**< used by callback during
60 decryption to hold address/length. */
61 dtls_handler_t callbacks; /**< Pointer to callbacks needed by tinyDTLS. */
62 stCAAdapterCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
66 * Data structure for holding the decrypted data address
67 * and length provided by tinyDTLS callback interface.
69 typedef struct stPacketInfo
76 * tinyDTLS library error codes.
83 DTLS_SESSION_INITIATED,
88 /** Structure to have address information which will match with DTLS session_t structure.*/
91 socklen_t size; /**< Size of address. */
95 struct sockaddr_storage st;
96 struct sockaddr_in sin;
97 struct sockaddr_in6 sin6;
98 } addr; /**< Address information. */
99 uint8_t ifIndex; /**< Holds adapter index to get callback info. */
100 } stCADtlsAddrInfo_t;
103 * structure to holds the information of cache message and address info.
105 typedef struct CACacheMessage
109 stCADtlsAddrInfo_t destSession;
110 } stCACacheMessage_t;
114 * Used set send and recv callbacks for different adapters(WIFI,EtherNet).
116 * @param[in] recvCallback packet received callback.
117 * @param[in] sendCallback packet sent callback.
118 * @param[in] type type of adapter.
121 void CADTLSSetAdapterCallbacks(CAPacketReceivedCallback recvCallback,
122 CAPacketSendCallback sendCallback,
123 CATransportAdapter_t type);
126 * Register callback to get DTLS PSK credentials.
127 * @param[in] credCallback callback to get DTLS PSK credentials.
129 void CADTLSSetCredentialsCallback(CAGetDTLSPskCredentialsHandler credCallback);
132 * Select the cipher suite for dtls handshake
134 * @param[in] cipher cipher suite
135 * 0xC018 : TLS_ECDH_anon_WITH_AES_128_CBC_SHA_256
136 * 0xC0A8 : TLS_PSK_WITH_AES_128_CCM_8
137 * 0xC0AE : TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
139 * @retval ::CA_STATUS_OK for success, otherwise some error value
141 CAResult_t CADtlsSelectCipherSuite(const dtls_cipher_t cipher);
144 * Enable anonymous ECDH cipher suite for dtls handshake
146 * @param[in] enable TRUE/FALSE enables/disables anonymous cipher suite
148 * @retval ::CA_STATUS_OK for success, otherwise some error value
150 CAResult_t CADtlsEnableAnonECDHCipherSuite(const bool enable);
153 * Initiate DTLS handshake with selected cipher suite
155 * @param[in] endpoint information of network address
157 * @retval ::CA_STATUS_OK for success, otherwise some error value
159 CAResult_t CADtlsInitiateHandshake(const CAEndpoint_t *endpoint);
162 * Close the DTLS session
164 * @param[in] endpoint information of network address
166 * @retval ::CA_STATUS_OK for success, otherwise some error value
168 CAResult_t CADtlsClose(const CAEndpoint_t *endpoint);
171 * Generate ownerPSK using PRF
172 * OwnerPSK = TLS-PRF('master key' , 'oic.sec.doxm.jw',
173 * 'ID of new device(Resource Server)',
174 * 'ID of owner smart-phone(Provisioning Server)')
176 * @param[in] endpoint information of network address
177 * @param[in] label Ownership transfer method e.g)"oic.sec.doxm.jw"
178 * @param[in] labelLen Byte length of label
179 * @param[in] rsrcServerDeviceID ID of new device(Resource Server)
180 * @param[in] rsrcServerDeviceIDLen Byte length of rsrcServerDeviceID
181 * @param[in] provServerDeviceID label of previous owner
182 * @param[in] provServerDeviceIDLen byte length of provServerDeviceID
183 * @param[in,out] ownerPSK Output buffer for owner PSK
184 * @param[in] ownerPSKSize Byte length of the ownerPSK to be generated
186 * @retval ::CA_STATUS_OK for success, otherwise some error value
188 CAResult_t CADtlsGenerateOwnerPSK(const CAEndpoint_t *endpoint,
189 const uint8_t* label, const size_t labelLen,
190 const uint8_t* rsrcServerDeviceID, const size_t rsrcServerDeviceIDLen,
191 const uint8_t* provServerDeviceID, const size_t provServerDeviceIDLen,
192 uint8_t* ownerPSK, const size_t ownerPSKSize);
196 * initialize tinyDTLS library and other necessary initialization.
198 * @return 0 on success otherwise a positive error value.
199 * @retval ::CA_STATUS_OK Successful.
200 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
201 * @retval ::CA_STATUS_FAILED Operation failed.
204 CAResult_t CAAdapterNetDtlsInit();
207 * de-inits tinyDTLS library and free the allocated memory.
209 void CAAdapterNetDtlsDeInit();
212 * Performs DTLS encryption of the CoAP PDU. If a DTLS session does not exist yet
213 * with the @dst, a DTLS handshake will be started. In case where a new DTLS handshake
214 * is started, pdu info is cached to be send when session setup is finished.
216 * @param[in] endpoint address to which data will be sent.
217 * @param[in] port port to which data will be sent.
218 * @param[in] data length of data.
219 * @param[in] dataLen length of given data
221 * @return 0 on success otherwise a positive error value.
222 * @retval ::CA_STATUS_OK Successful.
223 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
224 * @retval ::CA_STATUS_FAILED Operation failed.
228 CAResult_t CAAdapterNetDtlsEncrypt(const CAEndpoint_t *endpoint,
233 * Performs DTLS decryption of the data received on
234 * secure port. This method performs in-place decryption
235 * of the cipher-text buffer. If a DTLS handshake message
236 * is received or decryption failure happens, this method
237 * returns -1. If a valid application PDU is decrypted, it
238 * returns the length of the decrypted pdu.
240 * @return 0 on success otherwise a positive error value.
241 * @retval ::CA_STATUS_OK Successful.
242 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
243 * @retval ::CA_STATUS_FAILED Operation failed.
246 CAResult_t CAAdapterNetDtlsDecrypt(const CASecureEndpoint_t *sep,
250 #endif /* CA_ADAPTER_NET_DTLS_H_ */