1 /* *****************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
20 #ifndef CA_ADAPTER_NET_DTLS_H_
21 #define CA_ADAPTER_NET_DTLS_H_
23 #include "platform_features.h"
25 #include "uarraylist.h"
27 #include "caadapterutils.h"
28 #include "cainterface.h"
32 * Currently DTLS supported adapters(2) WIFI and ETHENET for linux platform.
34 #define MAX_SUPPORTED_ADAPTERS 2
36 typedef void (*CAPacketReceivedCallback)(const CASecureEndpoint_t *sep,
37 const void *data, uint32_t dataLength);
39 typedef void (*CAPacketSendCallback)(CAEndpoint_t *endpoint,
40 const void *data, uint32_t dataLength);
43 * Data structure for holding the send and recv callbacks.
45 typedef struct CAAdapterCallbacks
47 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
48 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
49 } stCAAdapterCallbacks_t;
52 * Data structure for holding the tinyDTLS interface related info.
54 typedef struct stCADtlsContext
56 u_arraylist_t *peerInfoList; /**< peerInfo list which holds the mapping between
57 peer id to it's n/w address. */
58 u_arraylist_t *cacheList; /**< PDU's are cached until DTLS session is formed. */
59 struct dtls_context_t *dtlsContext; /**< Pointer to tinyDTLS context. */
60 struct stPacketInfo *packetInfo; /**< used by callback during
61 decryption to hold address/length. */
62 dtls_handler_t callbacks; /**< Pointer to callbacks needed by tinyDTLS. */
63 stCAAdapterCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
67 * Data structure for holding the decrypted data address
68 * and length provided by tinyDTLS callback interface.
70 typedef struct stPacketInfo
77 * tinyDTLS library error codes.
84 DTLS_SESSION_INITIATED,
89 /** Structure to have address information which will match with DTLS session_t structure.*/
92 socklen_t size; /**< Size of address. */
99 struct sockaddr_storage st;
100 struct sockaddr_in sin;
101 struct sockaddr_in6 sin6;
102 } addr; /**< Address information. */
103 uint8_t ifIndex; /**< Holds adapter index to get callback info. */
104 } stCADtlsAddrInfo_t;
107 * structure to holds the information of cache message and address info.
109 typedef struct CACacheMessage
113 stCADtlsAddrInfo_t destSession;
114 } stCACacheMessage_t;
118 * Used set send and recv callbacks for different adapters(WIFI,EtherNet).
120 * @param[in] recvCallback packet received callback.
121 * @param[in] sendCallback packet sent callback.
122 * @param[in] type type of adapter.
125 void CADTLSSetAdapterCallbacks(CAPacketReceivedCallback recvCallback,
126 CAPacketSendCallback sendCallback,
127 CATransportAdapter_t type);
130 * Register callback to deliver the result of DTLS handshake
131 * @param[in] dtlsHandshakeCallback Callback to receive the result of DTLS handshake.
133 void CADTLSSetHandshakeCallback(CAErrorCallback dtlsHandshakeCallback);
136 * Register callback to get DTLS PSK credentials.
137 * @param[in] credCallback callback to get DTLS PSK credentials.
139 void CADTLSSetCredentialsCallback(CAGetDTLSPskCredentialsHandler credCallback);
142 * Select the cipher suite for dtls handshake
144 * @param[in] cipher cipher suite
145 * 0xC018 : TLS_ECDH_anon_WITH_AES_128_CBC_SHA_256
146 * 0xC0A8 : TLS_PSK_WITH_AES_128_CCM_8
147 * 0xC0AE : TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
149 * @retval ::CA_STATUS_OK for success, otherwise some error value
151 CAResult_t CADtlsSelectCipherSuite(const dtls_cipher_t cipher);
154 * Enable anonymous ECDH cipher suite for dtls handshake
156 * @param[in] enable TRUE/FALSE enables/disables anonymous cipher suite
158 * @retval ::CA_STATUS_OK for success, otherwise some error value
160 CAResult_t CADtlsEnableAnonECDHCipherSuite(const bool enable);
163 * Initiate DTLS handshake with selected cipher suite
165 * @param[in] endpoint information of network address
167 * @retval ::CA_STATUS_OK for success, otherwise some error value
169 CAResult_t CADtlsInitiateHandshake(const CAEndpoint_t *endpoint);
172 * Close the DTLS session
174 * @param[in] endpoint information of network address
176 * @retval ::CA_STATUS_OK for success, otherwise some error value
178 CAResult_t CADtlsClose(const CAEndpoint_t *endpoint);
181 * Generate ownerPSK using PRF
182 * OwnerPSK = TLS-PRF('master key' , 'oic.sec.doxm.jw',
183 * 'ID of new device(Resource Server)',
184 * 'ID of owner smart-phone(Provisioning Server)')
186 * @param[in] endpoint information of network address
187 * @param[in] label Ownership transfer method e.g)"oic.sec.doxm.jw"
188 * @param[in] labelLen Byte length of label
189 * @param[in] rsrcServerDeviceID ID of new device(Resource Server)
190 * @param[in] rsrcServerDeviceIDLen Byte length of rsrcServerDeviceID
191 * @param[in] provServerDeviceID label of previous owner
192 * @param[in] provServerDeviceIDLen byte length of provServerDeviceID
193 * @param[in,out] ownerPSK Output buffer for owner PSK
194 * @param[in] ownerPSKSize Byte length of the ownerPSK to be generated
196 * @retval ::CA_STATUS_OK for success, otherwise some error value
198 CAResult_t CADtlsGenerateOwnerPSK(const CAEndpoint_t *endpoint,
199 const uint8_t* label, const size_t labelLen,
200 const uint8_t* rsrcServerDeviceID, const size_t rsrcServerDeviceIDLen,
201 const uint8_t* provServerDeviceID, const size_t provServerDeviceIDLen,
202 uint8_t* ownerPSK, const size_t ownerPSKSize);
206 * initialize tinyDTLS library and other necessary initialization.
208 * @return 0 on success otherwise a positive error value.
209 * @retval ::CA_STATUS_OK Successful.
210 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
211 * @retval ::CA_STATUS_FAILED Operation failed.
214 CAResult_t CAAdapterNetDtlsInit();
217 * de-inits tinyDTLS library and free the allocated memory.
219 void CAAdapterNetDtlsDeInit();
222 * Performs DTLS encryption of the CoAP PDU. If a DTLS session does not exist yet
223 * with the @dst, a DTLS handshake will be started. In case where a new DTLS handshake
224 * is started, pdu info is cached to be send when session setup is finished.
226 * @param[in] endpoint address to which data will be sent.
227 * @param[in] port port to which data will be sent.
228 * @param[in] data length of data.
229 * @param[in] dataLen length of given data
231 * @return 0 on success otherwise a positive error value.
232 * @retval ::CA_STATUS_OK Successful.
233 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
234 * @retval ::CA_STATUS_FAILED Operation failed.
238 CAResult_t CAAdapterNetDtlsEncrypt(const CAEndpoint_t *endpoint,
243 * Performs DTLS decryption of the data received on
244 * secure port. This method performs in-place decryption
245 * of the cipher-text buffer. If a DTLS handshake message
246 * is received or decryption failure happens, this method
247 * returns -1. If a valid application PDU is decrypted, it
248 * returns the length of the decrypted pdu.
250 * @return 0 on success otherwise a positive error value.
251 * @retval ::CA_STATUS_OK Successful.
252 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
253 * @retval ::CA_STATUS_FAILED Operation failed.
256 CAResult_t CAAdapterNetDtlsDecrypt(const CASecureEndpoint_t *sep,
260 #endif /* CA_ADAPTER_NET_DTLS_H_ */