1 /* *****************************************************************
3 * Copyright 2015 Samsung Electronics All Rights Reserved.
7 * Licensed under the Apache License, Version 2.0 (the "License");
8 * you may not use this file except in compliance with the License.
9 * You may obtain a copy of the License at
11 * http://www.apache.org/licenses/LICENSE-2.0
13 * Unless required by applicable law or agreed to in writing, software
14 * distributed under the License is distributed on an "AS IS" BASIS,
15 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 * See the License for the specific language governing permissions and
17 * limitations under the License.
19 ******************************************************************/
20 #ifndef CA_ADAPTER_NET_DTLS_H_
21 #define CA_ADAPTER_NET_DTLS_H_
23 #include "platform_features.h"
25 #include "uarraylist.h"
27 #include "caadapterutils.h"
28 #include "cainterface.h"
32 * Currently DTLS supported adapters(2) WIFI and ETHENET for linux platform.
34 #define MAX_SUPPORTED_ADAPTERS 2
36 typedef void (*CAPacketReceivedCallback)(const CASecureEndpoint_t *sep,
37 const void *data, uint32_t dataLength);
39 typedef void (*CAPacketSendCallback)(CAEndpoint_t *endpoint,
40 const void *data, uint32_t dataLength);
43 * Data structure for holding the send and recv callbacks.
45 typedef struct CAAdapterCallbacks
47 CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
48 CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
49 } stCAAdapterCallbacks_t;
52 * Data structure for holding the tinyDTLS interface related info.
54 typedef struct stCADtlsContext
56 u_arraylist_t *peerInfoList; /**< peerInfo list which holds the mapping between
57 peer id to it's n/w address. */
58 u_arraylist_t *cacheList; /**< PDU's are cached until DTLS session is formed. */
59 struct dtls_context_t *dtlsContext; /**< Pointer to tinyDTLS context. */
60 struct stPacketInfo *packetInfo; /**< used by callback during
61 decryption to hold address/length. */
62 dtls_handler_t callbacks; /**< Pointer to callbacks needed by tinyDTLS. */
63 stCAAdapterCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
67 * Data structure for holding the decrypted data address
68 * and length provided by tinyDTLS callback interface.
70 typedef struct stPacketInfo
77 * tinyDTLS library error codes.
84 DTLS_SESSION_INITIATED,
89 /** Structure to have address information which will match with DTLS session_t structure.*/
92 socklen_t size; /**< Size of address. */
96 struct sockaddr_storage st;
97 struct sockaddr_in sin;
98 struct sockaddr_in6 sin6;
99 } addr; /**< Address information. */
100 uint8_t ifIndex; /**< Holds adapter index to get callback info. */
101 } stCADtlsAddrInfo_t;
104 * structure to holds the information of cache message and address info.
106 typedef struct CACacheMessage
110 stCADtlsAddrInfo_t destSession;
111 } stCACacheMessage_t;
115 * Used set send and recv callbacks for different adapters(WIFI,EtherNet).
117 * @param[in] recvCallback packet received callback.
118 * @param[in] sendCallback packet sent callback.
119 * @param[in] type type of adapter.
122 void CADTLSSetAdapterCallbacks(CAPacketReceivedCallback recvCallback,
123 CAPacketSendCallback sendCallback,
124 CATransportAdapter_t type);
127 * Register callback to deliver the result of DTLS handshake
128 * @param[in] dtlsHandshakeCallback Callback to receive the result of DTLS handshake.
130 void CADTLSSetHandshakeCallback(CAErrorCallback dtlsHandshakeCallback);
133 * Register callback to get DTLS PSK credentials.
134 * @param[in] credCallback callback to get DTLS PSK credentials.
136 void CADTLSSetCredentialsCallback(CAGetDTLSPskCredentialsHandler credCallback);
139 * Select the cipher suite for dtls handshake
141 * @param[in] cipher cipher suite
142 * 0xC018 : TLS_ECDH_anon_WITH_AES_128_CBC_SHA_256
143 * 0xC0A8 : TLS_PSK_WITH_AES_128_CCM_8
144 * 0xC0AE : TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
146 * @retval ::CA_STATUS_OK for success, otherwise some error value
148 CAResult_t CADtlsSelectCipherSuite(const dtls_cipher_t cipher);
151 * Enable anonymous ECDH cipher suite for dtls handshake
153 * @param[in] enable TRUE/FALSE enables/disables anonymous cipher suite
155 * @retval ::CA_STATUS_OK for success, otherwise some error value
157 CAResult_t CADtlsEnableAnonECDHCipherSuite(const bool enable);
160 * Initiate DTLS handshake with selected cipher suite
162 * @param[in] endpoint information of network address
164 * @retval ::CA_STATUS_OK for success, otherwise some error value
166 CAResult_t CADtlsInitiateHandshake(const CAEndpoint_t *endpoint);
169 * Close the DTLS session
171 * @param[in] endpoint information of network address
173 * @retval ::CA_STATUS_OK for success, otherwise some error value
175 CAResult_t CADtlsClose(const CAEndpoint_t *endpoint);
178 * Generate ownerPSK using PRF
179 * OwnerPSK = TLS-PRF('master key' , 'oic.sec.doxm.jw',
180 * 'ID of new device(Resource Server)',
181 * 'ID of owner smart-phone(Provisioning Server)')
183 * @param[in] endpoint information of network address
184 * @param[in] label Ownership transfer method e.g)"oic.sec.doxm.jw"
185 * @param[in] labelLen Byte length of label
186 * @param[in] rsrcServerDeviceID ID of new device(Resource Server)
187 * @param[in] rsrcServerDeviceIDLen Byte length of rsrcServerDeviceID
188 * @param[in] provServerDeviceID label of previous owner
189 * @param[in] provServerDeviceIDLen byte length of provServerDeviceID
190 * @param[in,out] ownerPSK Output buffer for owner PSK
191 * @param[in] ownerPSKSize Byte length of the ownerPSK to be generated
193 * @retval ::CA_STATUS_OK for success, otherwise some error value
195 CAResult_t CADtlsGenerateOwnerPSK(const CAEndpoint_t *endpoint,
196 const uint8_t* label, const size_t labelLen,
197 const uint8_t* rsrcServerDeviceID, const size_t rsrcServerDeviceIDLen,
198 const uint8_t* provServerDeviceID, const size_t provServerDeviceIDLen,
199 uint8_t* ownerPSK, const size_t ownerPSKSize);
203 * initialize tinyDTLS library and other necessary initialization.
205 * @return 0 on success otherwise a positive error value.
206 * @retval ::CA_STATUS_OK Successful.
207 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
208 * @retval ::CA_STATUS_FAILED Operation failed.
211 CAResult_t CAAdapterNetDtlsInit();
214 * de-inits tinyDTLS library and free the allocated memory.
216 void CAAdapterNetDtlsDeInit();
219 * Performs DTLS encryption of the CoAP PDU. If a DTLS session does not exist yet
220 * with the @dst, a DTLS handshake will be started. In case where a new DTLS handshake
221 * is started, pdu info is cached to be send when session setup is finished.
223 * @param[in] endpoint address to which data will be sent.
224 * @param[in] port port to which data will be sent.
225 * @param[in] data length of data.
226 * @param[in] dataLen length of given data
228 * @return 0 on success otherwise a positive error value.
229 * @retval ::CA_STATUS_OK Successful.
230 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
231 * @retval ::CA_STATUS_FAILED Operation failed.
235 CAResult_t CAAdapterNetDtlsEncrypt(const CAEndpoint_t *endpoint,
240 * Performs DTLS decryption of the data received on
241 * secure port. This method performs in-place decryption
242 * of the cipher-text buffer. If a DTLS handshake message
243 * is received or decryption failure happens, this method
244 * returns -1. If a valid application PDU is decrypted, it
245 * returns the length of the decrypted pdu.
247 * @return 0 on success otherwise a positive error value.
248 * @retval ::CA_STATUS_OK Successful.
249 * @retval ::CA_STATUS_INVALID_PARAM Invalid input arguments.
250 * @retval ::CA_STATUS_FAILED Operation failed.
253 CAResult_t CAAdapterNetDtlsDecrypt(const CASecureEndpoint_t *sep,
257 #endif /* CA_ADAPTER_NET_DTLS_H_ */