* limitations under the License.
*
******************************************************************/
-#ifndef _CA_ADAPTER_NET_DTLS_H
-#define _CA_ADAPTER_NET_DTLS_H
+#ifndef CA_ADAPTER_NET_DTLS_H_
+#define CA_ADAPTER_NET_DTLS_H_
#include "dtls.h"
#include "uarraylist.h"
-#include "umutex.h"
+#include "camutex.h"
#include "caadapterutils.h"
+#include "ocsecurityconfig.h"
+#include "cainterface.h"
+#include "cacommon.h"
+/**
+ * Currently DTLS supported adapters(2) WIFI and ETHENET for linux platform.
+ */
#define MAX_SUPPORTED_ADAPTERS 2
-///TODO: once proper .h provided for this function, it will be removed
-extern void CAGetDtlsPskCredentials(CADtlsPskCredsBlob_t **credInfo);
+/**
+ * @brief The implementation will be provided by OIC RI layer.
+ */
+extern void OCGetDtlsPskCredentials(CADtlsPskCredsBlob_t **credInfo);
-typedef void (*CAPacketReceivedCallback)(const char *ipAddress, const uint32_t port,
- const void *data, const uint32_t dataLength, const CABool_t isSecured);
+typedef void (*CAPacketReceivedCallback)(const CAEndpoint_t *endpoint,
+ const void *data, uint32_t dataLength);
-typedef uint32_t (*CAPacketSendCallback)(const char *ipAddress, const uint32_t port,
- const void *data, const uint32_t dataLength);
+typedef uint32_t (*CAPacketSendCallback)(const CAEndpoint_t *endpoint,
+ const void *data, uint32_t dataLength);
/**
* @struct stCAAdapterCallbacks_t
*/
typedef struct CAAdapterCallbacks
{
- CAPacketReceivedCallback recvCallback;
- CAPacketSendCallback sendCallback;
-}stCAAdapterCallbacks_t;
+ CAPacketReceivedCallback recvCallback; /**< Callback used to send data to upper layer. */
+ CAPacketSendCallback sendCallback; /**< Callback used to send data to socket layer. */
+} stCAAdapterCallbacks_t;
/**
* @struct stCADtlsContext_t
*/
typedef struct stCADtlsContext
{
- u_arraylist_t *cacheList; /**< pdu's are cached until DTLS session is formed */
- struct dtls_context_t *dtlsContext; /**< pointer to tinyDTLS context */
- struct stPacketInfo *packetInfo; /**< used by callback during
- decryption to hold address/length */
- dtls_handler_t callbacks; /**< pointer to callbacks needed by tinyDTLS */
+ u_arraylist_t *peerInfoList; /**< peerInfo list which holds the mapping between
+ peer id to it's n/w address */
+ u_arraylist_t *cacheList; /**< PDU's are cached until DTLS session is formed. */
+ struct dtls_context_t *dtlsContext; /**< Pointer to tinyDTLS context. */
+ struct stPacketInfo *packetInfo; /**< used by callback during
+ decryption to hold address/length. */
+ dtls_handler_t callbacks; /**< Pointer to callbacks needed by tinyDTLS. */
stCAAdapterCallbacks_t adapterCallbacks[MAX_SUPPORTED_ADAPTERS];
} stCADtlsContext_t;
DTLS_HS_MSG
} eDtlsRet_t;
-/**
- * @struct stGattServiceInfo_t
- * @brief structure to have address information.
- *
- */
+
+/** Structure to have address information which will match with DTLS session_t struct.*/
typedef struct
{
- socklen_t size; /**< size of addr */
+ socklen_t size; /**< Size of address. */
union
{
struct sockaddr sa;
struct sockaddr_storage st;
struct sockaddr_in sin;
struct sockaddr_in6 sin6;
- } addr;
- uint8_t ifIndex;
+ } addr; /**< Address information. */
+ uint8_t ifIndex; /**< Holds adpater index to get callback info. */
} stCADtlsAddrInfo_t;
/**
{
void *data;
uint32_t dataLen;
- stCADtlsAddrInfo_t *destSession;
+ stCADtlsAddrInfo_t destSession;
} stCACacheMessage_t;
-/**
- * @enum eDtlsAdapterType_t
- * @brief adapter types
- *
- */
-typedef enum
-{
- DTLS_ETHERNET = 0,
- DTLS_WIFI
-} eDtlsAdapterType_t;
/**
* @fn CADTLSSetAdapterCallbacks
* @retval void
*
*/
-
void CADTLSSetAdapterCallbacks(CAPacketReceivedCallback recvCallback,
- CAPacketSendCallback sendCallback, eDtlsAdapterType_t type);
+ CAPacketSendCallback sendCallback,
+ CATransportAdapter_t type);
+
+/**
+ * @brief Register callback to get DTLS PSK credentials.
+ * @param credCallback [IN] callback to get DTLS credentials
+ * @retval void
+ */
+void CADTLSSetCredentialsCallback(CAGetDTLSCredentialsHandler credCallback);
+
+/**
+ * Select the cipher suite for dtls handshake
+ *
+ * @param[in] cipher cipher suite
+ * 0xC018 : TLS_ECDH_anon_WITH_AES_128_CBC_SHA
+ * 0xC0A8 : TLS_PSK_WITH_AES_128_CCM_8
+ * 0xC0AE : TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
+ *
+ * @retval CA_STATUS_OK for success, otherwise some error value
+ */
+CAResult_t CADtlsSelectCipherSuite(const dtls_cipher_t cipher);
+
+/**
+ * Enable anonymous ECDH cipher suite for dtls handshake
+ *
+ * @param[in] enable TRUE/FALSE enables/disables anonymous cipher suite
+ *
+ * @retval CA_STATUS_OK for success, otherwise some error value
+ */
+CAResult_t CADtlsEnableAnonECDHCipherSuite(const bool enable);
+
+/**
+ * Initiate DTLS handshake with selected cipher suite
+ *
+ * @param[in] endpoint information of network address
+ *
+ * @retval CA_STATUS_OK for success, otherwise some error value
+ */
+CAResult_t CADtlsInitiateHandshake(const CAEndpoint_t *endpoint);
+
+/**
+ * Close the DTLS session
+ *
+ * @param[in] endpoint information of network address
+ *
+ * @retval CA_STATUS_OK for success, otherwise some error value
+ */
+CAResult_t CADtlsClose(const CAEndpoint_t *endpoint);
+
+/**
+ * Generate ownerPSK using PRF
+ * OwnerPSK = TLS-PRF('master key' , 'oic.sec.doxm.jw',
+ * 'ID of new device(Resource Server)',
+ * 'ID of owner smart-phone(Provisioning Server)')
+ *
+ * @param[in] endpoint information of network address
+ * @param[in] label Ownership transfer method e.g)"oic.sec.doxm.jw"
+ * @param[in] labelLen Byte length of label
+ * @param[in] rsrcServerDeviceID ID of new device(Resource Server)
+ * @param[in] rsrcServerDeviceIDLen Byte length of rsrcServerDeviceID
+ * @param[in] provServerDeviceID label of previous owner
+ * @param[in] provServerDeviceIDLen byte length of provServerDeviceID
+ * @param[in,out] ownerPSK Output buffer for owner PSK
+ * @param[in] ownerPSKSize Byte length of the ownerPSK to be generated
+ *
+ * @retval CA_STATUS_OK for success, otherwise some error value
+ */
+CAResult_t CADtlsGenerateOwnerPSK(const CAEndpoint_t *endpoint,
+ const uint8_t* label, const size_t labelLen,
+ const uint8_t* rsrcServerDeviceID, const size_t rsrcServerDeviceIDLen,
+ const uint8_t* provServerDeviceID, const size_t provServerDeviceIDLen,
+ uint8_t* ownerPSK, const size_t ownerPSKSize);
+;
/**
* @fn CAAdapterNetDtlsInit
* a new DTLS handshake is started, pdu info is
* cached to be send when session setup is finished.
*
- * @param[in] remoteAddress address to which data will be sent.
+ * @param[in] endpoint address to which data will be sent.
* @param[in] port port to which data will be sent.
* @param[in] data length of data.
* @param[in] dataLen length of given data
- * @param[out] decdata output variable to store the starting address
- * of decrypted plaintext.
- * @param[out] cacheFlag utput variable to indicate if pdu
- * is cached and inform the caller to
- * NOT free the memory holding pdu.
+ *
* @return 0 on success otherwise a positive error value.
* @retval CA_STATUS_OK Successful
* @retval CA_STATUS_INVALID_PARAM Invalid input argumets
*
*/
-CAResult_t CAAdapterNetDtlsEncrypt(const char *remoteAddress,
- const uint32_t port,
- const void *data,
- uint32_t dataLen,
- uint8_t *cacheFlag,
- eDtlsAdapterType_t type);
+CAResult_t CAAdapterNetDtlsEncrypt(const CAEndpoint_t *endpoint,
+ void *data,
+ uint32_t dataLen);
/**
* @fn CAAdapterNetDtlsDecrypt
* @retval CA_STATUS_FAILED Operation failed
*
*/
-CAResult_t CAAdapterNetDtlsDecrypt(const char *remoteAddress,
- const uint32_t port,
+CAResult_t CAAdapterNetDtlsDecrypt(const CAEndpoint_t *endpoint,
uint8_t *data,
- uint32_t dataLen,
- eDtlsAdapterType_t type);
+ uint32_t dataLen);
+
+#endif /* CA_ADAPTER_NET_DTLS_H_ */
-#endif //_CA_ADAPTER_NET_DTLS_H
projects / platform / upstream / iotivity.git / blobdiff