Skip to content

Commit

Permalink
RFC8613: Add in OSCORE support
Browse files Browse the repository at this point in the history
Based on work done in https://gitlab.informatik.uni-bremen.de/obergman/libcoap

New directories with files
 include/oscore
 src/oscore

New files
 src/coap_oscore.c
 include/oscore/coap_oscore.h
 include/oscore/coap_crypto_internal.h
 include/oscore/coap_oscore_internal.h
 man/coap-oscore-conf.txt.in
 man/coap_oscore.txt.in

Supported by new option (enabled by default)
 ./configure --enable-oscore
 cmake .. -DENABLE_OSCORE=ON

Requires a TLS library configured to do the OSCORE encryption and hashing.
  • Loading branch information
mrdeep1 committed Feb 7, 2022
1 parent 0d6c7d6 commit ef216e9
Show file tree
Hide file tree
Showing 78 changed files with 9,450 additions and 167 deletions.
28 changes: 26 additions & 2 deletions CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ option(
OFF)

add_library(${COAP_LIBRARY_NAME})
set_property(TARGET ${COAP_LIBRARY_NAME} PROPERTY C_STANDARD 99)

#
# options to tweak the library
Expand Down Expand Up @@ -65,6 +66,10 @@ option(
ENABLE_SERVER_MODE
"compile with support for server mode code"
ON)
option(
ENABLE_OSCORE
"compile with support for OSCORE"
ON)
option(
WITH_EPOLL
"compile with epoll support"
Expand Down Expand Up @@ -186,6 +191,13 @@ else()
message(STATUS "compiling without server support")
endif()

if(${ENABLE_OSCORE})
set(HAVE_OSCORE "1")
message(STATUS "compiling with OSCORE support")
else()
message(STATUS "compiling without OSCORE support")
endif()

if(${WITH_EPOLL}
AND ${HAVE_EPOLL_H}
AND ${HAVE_TIMERFD_H})
Expand Down Expand Up @@ -408,6 +420,7 @@ message(STATUS "ENABLE_DTLS:.....................${ENABLE_DTLS}")
message(STATUS "ENABLE_TCP:......................${ENABLE_TCP}")
message(STATUS "ENABLE_CLIENT_MODE:..............${ENABLE_CLIENT_MODE}")
message(STATUS "ENABLE_SERVER_MODE:..............${ENABLE_SERVER_MODE}")
message(STATUS "ENABLE_OSCORE:...................${ENABLE_OSCORE}")
message(STATUS "ENABLE_DOCS:.....................${ENABLE_DOCS}")
message(STATUS "ENABLE_EXAMPLES:.................${ENABLE_EXAMPLES}")
message(STATUS "DTLS_BACKEND:....................${DTLS_BACKEND}")
Expand Down Expand Up @@ -467,6 +480,7 @@ target_sources(
${CMAKE_CURRENT_LIST_DIR}/src/coap_hashkey.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_io.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_notls.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_oscore.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_prng.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_session.c
${CMAKE_CURRENT_LIST_DIR}/src/coap_tcp.c
Expand All @@ -485,6 +499,12 @@ target_sources(
$<$<BOOL:${HAVE_LIBTINYDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_tinydtls.c>
$<$<BOOL:${HAVE_LIBGNUTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_gnutls.c>
$<$<BOOL:${HAVE_MBEDTLS}>:${CMAKE_CURRENT_LIST_DIR}/src/coap_mbedtls.c>
# needed for OSCORE is enabled
$<$<BOOL:${HAVE_OSCORE}>:${CMAKE_CURRENT_LIST_DIR}/src/oscore/oscore.c>
$<$<BOOL:${HAVE_OSCORE}>:${CMAKE_CURRENT_LIST_DIR}/src/oscore/oscore_cbor.c>
$<$<BOOL:${HAVE_OSCORE}>:${CMAKE_CURRENT_LIST_DIR}/src/oscore/oscore_context.c>
$<$<BOOL:${HAVE_OSCORE}>:${CMAKE_CURRENT_LIST_DIR}/src/oscore/oscore_cose.c>
$<$<BOOL:${HAVE_OSCORE}>:${CMAKE_CURRENT_LIST_DIR}/src/oscore/oscore_crypto.c>
# headers
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/address.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/async.h
Expand All @@ -494,7 +514,6 @@ target_sources(
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_dtls.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_event.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_hashkey.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_io.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_session.h
${CMAKE_CURRENT_LIST_DIR}/include/coap${LIBCOAP_API_VERSION}/coap_time.h
Expand Down Expand Up @@ -578,6 +597,8 @@ if(ENABLE_TESTS)
${CMAKE_CURRENT_LIST_DIR}/tests/test_error_response.h
${CMAKE_CURRENT_LIST_DIR}/tests/test_options.c
${CMAKE_CURRENT_LIST_DIR}/tests/test_options.h
${CMAKE_CURRENT_LIST_DIR}/tests/test_oscore.c
${CMAKE_CURRENT_LIST_DIR}/tests/test_oscore.h
${CMAKE_CURRENT_LIST_DIR}/tests/test_pdu.c
${CMAKE_CURRENT_LIST_DIR}/tests/test_pdu.h
${CMAKE_CURRENT_LIST_DIR}/tests/test_sendqueue.c
Expand Down Expand Up @@ -710,7 +731,10 @@ install(
PATTERN "lwippools.h" EXCLUDE
PATTERN "utlist.h" EXCLUDE
PATTERN "uthash.h" EXCLUDE
PATTERN "*_internal.h" EXCLUDE)
PATTERN "coap_hashkey.h" EXCLUDE
PATTERN "coap_mutex.h" EXCLUDE
PATTERN "*_internal.h" EXCLUDE
PATTERN "oscore*" EXCLUDE)
install(
DIRECTORY ${CMAKE_CURRENT_BINARY_DIR}/include/
DESTINATION ${CMAKE_INSTALL_INCLUDEDIR}
Expand Down
30 changes: 30 additions & 0 deletions LICENSE
Original file line number Diff line number Diff line change
Expand Up @@ -53,6 +53,36 @@ libcoap uses uthash.h and utlist.h from Troy D. Hanson
BSD license (BSD-1-Clause license) as included in these two source
files.

========================================================================
oscore cose

Copyright (c) 2018, SICS, RISE AB
All rights reserved.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
notice, this list of conditions and the following disclaimer in the
documentation and/or other materials provided with the distribution.
3. Neither the name of the Institute nor the names of its contributors
may be used to endorse or promote products derived from this software
without specific prior written permission.

THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
SUCH DAMAGE.

========================================================================
OpenSSL

Expand Down
32 changes: 32 additions & 0 deletions Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,11 @@ EXTRA_DIST = \
include/coap$(LIBCOAP_API_VERSION)/coap_async_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_block_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_cache_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_crypto_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_dtls_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_io_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_net_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_oscore_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_pdu_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_resource_internal.h \
include/coap$(LIBCOAP_API_VERSION)/coap_session_internal.h \
Expand All @@ -56,10 +58,16 @@ EXTRA_DIST = \
include/coap$(LIBCOAP_API_VERSION)/lwippools.h \
include/coap$(LIBCOAP_API_VERSION)/uthash.h \
include/coap$(LIBCOAP_API_VERSION)/utlist.h \
include/oscore/oscore_cbor.h \
include/oscore/oscore_context.h \
include/oscore/oscore_cose.h \
include/oscore/oscore_crypto.h \
include/oscore/oscore.h \
src/coap_io_riot.c \
tests/test_error_response.h \
tests/test_encode.h \
tests/test_options.h \
tests/test_oscore.h \
tests/test_pdu.h \
tests/test_sendqueue.h \
tests/test_session.h \
Expand All @@ -79,6 +87,18 @@ EXTRA_DIST = \
win32/testdriver/testdriver.vcxproj.filters \
win32/testdriver/testdriver.vcxproj.user

# This is a mirror of files depending on HAVE_OSCORE included in src as per
# libcoap_@LIBCOAP_NAME_SUFFIX@_la_SOURCES
if !HAVE_OSCORE
EXTRA_DIST += \
src/oscore/oscore.c \
src/oscore/oscore_cbor.c \
src/oscore/oscore_context.c \
src/oscore/oscore_cose.c \
src/oscore/oscore_crypto.c

endif # !HAVE_OSCORE

AM_CFLAGS = -I$(top_builddir)/include -I$(top_srcdir)/include $(WARNING_CFLAGS) \
$(DTLS_CFLAGS) -std=c99 $(EXTRA_CFLAGS) \
-DLIBCOAP_PACKAGE_BUILD='"$(LIBCOAP_PACKAGE_BUILD)"'
Expand Down Expand Up @@ -115,6 +135,7 @@ libcoap_@LIBCOAP_NAME_SUFFIX@_la_SOURCES = \
src/coap_mbedtls.c \
src/coap_notls.c \
src/coap_openssl.c \
src/coap_oscore.c \
src/coap_prng.c \
src/coap_session.c \
src/coap_tcp.c \
Expand All @@ -130,6 +151,16 @@ libcoap_@LIBCOAP_NAME_SUFFIX@_la_SOURCES = \
src/subscribe.c \
src/uri.c

if HAVE_OSCORE
libcoap_@LIBCOAP_NAME_SUFFIX@_la_SOURCES += \
src/oscore/oscore.c \
src/oscore/oscore_cbor.c \
src/oscore/oscore_context.c \
src/oscore/oscore_cose.c \
src/oscore/oscore_crypto.c

endif # HAVE_OSCORE

## Define the list of public header files and their install location.
## The API version is appended to the install folder to being able to
## co-install various versions of libcoap.
Expand All @@ -154,6 +185,7 @@ libcoap_include_HEADERS = \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_hashkey.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_io.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_mutex.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_oscore.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_session.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/coap_time.h \
$(top_srcdir)/include/coap$(LIBCOAP_API_VERSION)/encode.h \
Expand Down
2 changes: 1 addition & 1 deletion Makefile.libcoap
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
libcoap_src = pdu.c net.c coap_cache.c coap_debug.c encode.c uri.c subscribe.c resource.c str.c option.c async.c block.c mem.c coap_io.c coap_session.c coap_notls.c coap_hashkey.c address.c coap_tcp.c
libcoap_src = pdu.c net.c coap_cache.c coap_debug.c encode.c uri.c subscribe.c resource.c str.c option.c async.c block.c mem.c coap_io.c coap_session.c coap_notls.c coap_hashkey.c address.c coap_tcp.c coap_oscore.c

libcoap_dir := $(filter %libcoap,$(APPDS))
vpath %c $(libcoap_dir)/src
Expand Down
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,8 @@ The following RFCs are supported
* RFC8323: CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets
[No WebSockets support]

* RFC8613: Object Security for Constrained RESTful Environments (OSCORE)

* RFC8768: Constrained Application Protocol (CoAP) Hop-Limit Option

There is (D)TLS support for the following libraries
Expand Down
3 changes: 3 additions & 0 deletions cmake_coap_config.h.in
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,9 @@
/* Define if the system has epoll support */
#cmakedefine COAP_EPOLL_SUPPORT "@COAP_EPOLL_SUPPORT@"

/* Define if the library has OSCORE support */
#cmakedefine HAVE_OSCORE @HAVE_OSCORE@

/* Define to 1 if you have the <arpa/inet.h> header file. */
#cmakedefine HAVE_ARPA_INET_H "@HAVE_ARPA_INET_H@"

Expand Down
4 changes: 4 additions & 0 deletions coap_config.h.windows
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,10 @@
#define COAP_DISABLE_TCP 0
#endif

#ifndef HAVE_OSCORE
#define HAVE_OSCORE 1
#endif

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "libcoap-developers@lists.sourceforge.net"

Expand Down
4 changes: 4 additions & 0 deletions coap_config.h.windows.in
Original file line number Diff line number Diff line change
Expand Up @@ -71,6 +71,10 @@
#define COAP_DISABLE_TCP 0
#endif

#ifndef HAVE_OSCORE
#define HAVE_OSCORE 1
#endif

/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT "@PACKAGE_BUGREPORT@"

Expand Down
29 changes: 29 additions & 0 deletions configure.ac
Original file line number Diff line number Diff line change
Expand Up @@ -576,14 +576,36 @@ elif test "x$with_tinydtls" = "xyes"; then
LIBCOAP_DTLS_LIB_EXTENSION_NAME=-tinydtls
else
LIBCOAP_DTLS_LIB_EXTENSION_NAME=-notls
AC_DEFINE(HAVE_NOTLS, [1], [Define if libcoap has no tls library support])
fi
AM_CONDITIONAL(HAVE_NOTLS, [test "x$LIBCOAP_DTLS_LIB_EXTENSION_NAME" = "x-notls"])

LIBCOAP_NAME_SUFFIX="$LIBCOAP_API_VERSION$LIBCOAP_DTLS_LIB_EXTENSION_NAME"

AC_SUBST(LIBCOAP_NAME_SUFFIX)
AC_SUBST(LIBCOAP_DTLS_LIB_EXTENSION_NAME)
AC_SUBST([DOLLAR_SIGN],[$])

# configure options
# __OSCORE__
# Support for Object Security according to RFC 8613.
AC_ARG_ENABLE([oscore],
[AS_HELP_STRING([--enable-oscore],
[Enable building with OSCORE support [default=yes]])],
[build_oscore="$enableval"],
[build_oscore="yes"])

if test "x$build_oscore" = "xyes"; then
if test "x$LIBCOAP_DTLS_LIB_EXTENSION_NAME" = "x-notls"; then
AC_MSG_WARN([==> --enable-oscore requires crypto support from TLS library or OS])
fi
fi

if test "x$build_oscore" = "xyes"; then
AC_DEFINE(HAVE_OSCORE, [1], [Define to build with OSCORE support])
fi
AM_CONDITIONAL(HAVE_OSCORE, [test "x$build_oscore" = "xyes"])

# configure options
# __tests__
AC_ARG_ENABLE([tests],
Expand Down Expand Up @@ -904,6 +926,7 @@ man/coap_io.txt
man/coap_keepalive.txt
man/coap_logging.txt
man/coap_observe.txt
man/coap_oscore.txt
man/coap_pdu_access.txt
man/coap_pdu_setup.txt
man/coap_recovery.txt
Expand All @@ -912,6 +935,7 @@ man/coap_session.txt
man/coap_string.txt
man/coap_tls_library.txt
man/coap-client.txt
man/coap-oscore-conf.txt
man/coap-server.txt
man/coap-rd.txt
man/Makefile
Expand Down Expand Up @@ -986,6 +1010,11 @@ if test "x$build_async" != "xno"; then
else
AC_MSG_RESULT([ enable separate responses: "no"])
fi
if test "x$build_oscore" != "xno"; then
AC_MSG_RESULT([ enable OSCORE support : "yes"])
else
AC_MSG_RESULT([ enable OSCORE support : "no"])
fi
if test "x$build_doxygen" = "xyes"; then
AC_MSG_RESULT([ build doxygen pages : "yes"])
AC_MSG_RESULT([ --> Doxygen around : "yes" ($DOXYGEN $doxygen_version)])
Expand Down
2 changes: 2 additions & 0 deletions doc/Doxyfile.in
Original file line number Diff line number Diff line change
Expand Up @@ -857,7 +857,9 @@ WARN_LOGFILE =
INPUT = @top_srcdir@/doc/main.md \
@top_srcdir@/doc/module_api_wrap.h \
@top_srcdir@/src \
@top_srcdir@/src/oscore \
@top_srcdir@/include/coap@LIBCOAP_API_VERSION@ \
@top_srcdir@/include/oscore \
@top_builddir@/doc/man_tmp

# This tag can be used to specify the character encoding of the source files
Expand Down
10 changes: 7 additions & 3 deletions doc/Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ CLEANFILES = \
EXTRA_DIST = \
docbook.local.css \
upgrade_4.2.1_4.3.0.txt \
main.md
main.md \
module_api_wrap.h

if HAVE_DOXYGEN

Expand Down Expand Up @@ -55,6 +56,9 @@ man-page-build: upg-page-build man-page-start
BASE=`basename $${FILE} | cut -d. -f 1` ;\
MANUAL=`egrep -B 1 "^====" $${FILE} | head -1` ;\
SUMMARY=`egrep -B 2 "^SYNOPSIS" $${FILE} | sed 's/coap-//g' | cut -d\- -f2 | cut -c2- | head -1` ;\
if [ -z "$${SUMMARY}" ] ; then \
SUMMARY=`egrep -B 2 "^DESCRIPTION" $${FILE} | sed 's/coap-//g' | cut -d\- -f2 | cut -c2- | head -1` ;\
fi ;\
## Build the manual insert page
echo "/// @page man_$${BASE} $${MANUAL}" > $(top_builddir)/doc/man_tmp/$${MANUAL}.dox ;\
echo "/// @htmlinclude $${BASE}.html $${MANUAL}" >> $(top_builddir)/doc/man_tmp/$${MANUAL}.dox ;\
Expand All @@ -64,7 +68,7 @@ man-page-build: upg-page-build man-page-start
echo " <tr id=\"row_$${ID}_\"$${ROW_EVEN}>" >> $(top_builddir)/doc/man_tmp/manpage.dox ;\
echo " <td class=\"entry\" align=\"left\"> @ref man_$${BASE} </td><td class=\"desc\" align=\"left\">$${MANUAL} - $${SUMMARY}</td>" >> $(top_builddir)/doc/man_tmp/manpage.dox ;\
echo " </tr>" >> $(top_builddir)/doc/man_tmp/manpage.dox ;\
if [ -z $${ROW_EVEN} ] ; then \
if [ -z "$${ROW_EVEN}" ] ; then \
ROW_EVEN=" class=\"even\"" ;\
else \
ROW_EVEN= ;\
Expand Down Expand Up @@ -92,7 +96,7 @@ man-page-build: upg-page-build man-page-start
echo " <tr id=\"row_$${ID}_\"$${ROW_EVEN}>" >> $(top_builddir)/doc/man_tmp/upgrading.dox ;\
echo " <td class=\"entry\" align=\"left\"> @ref upg_$${CUPGRADE} </td><td class=\"desc\" align=\"left\">$${SUMMARY}</td>" >> $(top_builddir)/doc/man_tmp/upgrading.dox ;\
echo " </tr>" >> $(top_builddir)/doc/man_tmp/upgrading.dox ;\
if [ -z $${ROW_EVEN} ] ; then \
if [ -z "$${ROW_EVEN}" ] ; then \
ROW_EVEN=" class=\"even\"" ;\
else \
ROW_EVEN= ;\
Expand Down
2 changes: 2 additions & 0 deletions doc/main.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ The following RFCs are supported
* RFC8323: CoAP (Constrained Application Protocol) over TCP, TLS, and WebSockets
[No WebSockets support]

* RFC8613: Object Security for Constrained RESTful Environments (OSCORE)

* RFC8768: Constrained Application Protocol (CoAP) Hop-Limit Option

There is (D)TLS support for the following libraries
Expand Down
2 changes: 1 addition & 1 deletion examples/Makefile.am
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ endif # BUILD_ADD_DEFAULT_NAMES
if ! HAVE_CLIENT_SUPPORT
coap_server_CPPFLAGS=-DSERVER_CAN_PROXY=0
coap_server@LIBCOAP_DTLS_LIB_EXTENSION_NAME@_CPPFLAGS=-DSERVER_CAN_PROXY=0
endif # HAVE_CLIENT_SUPPORT
endif # ! HAVE_CLIENT_SUPPORT

endif # HAVE_SERVER_SUPPORT

Expand Down
Loading

0 comments on commit ef216e9

Please sign in to comment.