1 /*
2  *  Copyright (c) 2016, The OpenThread Authors.
3  *  All rights reserved.
4  *
5  *  Redistribution and use in source and binary forms, with or without
6  *  modification, are permitted provided that the following conditions are met:
7  *  1. Redistributions of source code must retain the above copyright
8  *     notice, this list of conditions and the following disclaimer.
9  *  2. Redistributions in binary form must reproduce the above copyright
10  *     notice, this list of conditions and the following disclaimer in the
11  *     documentation and/or other materials provided with the distribution.
12  *  3. Neither the name of the copyright holder nor the
13  *     names of its contributors may be used to endorse or promote products
14  *     derived from this software without specific prior written permission.
15  *
16  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17  *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  *  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20  *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23  *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24  *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26  *  POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 #include "coap_secure.hpp"
30 
31 #if OPENTHREAD_CONFIG_DTLS_ENABLE
32 
33 #include "common/instance.hpp"
34 #include "common/locator_getters.hpp"
35 #include "common/log.hpp"
36 #include "common/new.hpp"
37 #include "meshcop/dtls.hpp"
38 #include "thread/thread_netif.hpp"
39 
40 /**
41  * @file
42  *   This file implements the secure CoAP agent.
43  */
44 
45 namespace ot {
46 namespace Coap {
47 
48 RegisterLogModule("CoapSecure");
49 
CoapSecure(Instance & aInstance,bool aLayerTwoSecurity)50 CoapSecure::CoapSecure(Instance &aInstance, bool aLayerTwoSecurity)
51     : CoapBase(aInstance, &CoapSecure::Send)
52     , mDtls(aInstance, aLayerTwoSecurity)
53     , mTransmitTask(aInstance, CoapSecure::HandleTransmit, this)
54 {
55 }
56 
Start(uint16_t aPort)57 Error CoapSecure::Start(uint16_t aPort)
58 {
59     Error error = kErrorNone;
60 
61     mConnectedCallback.Clear();
62 
63     SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this));
64     SuccessOrExit(error = mDtls.Bind(aPort));
65 
66 exit:
67     return error;
68 }
69 
Start(MeshCoP::Dtls::TransportCallback aCallback,void * aContext)70 Error CoapSecure::Start(MeshCoP::Dtls::TransportCallback aCallback, void *aContext)
71 {
72     Error error = kErrorNone;
73 
74     mConnectedCallback.Clear();
75 
76     SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this));
77     SuccessOrExit(error = mDtls.Bind(aCallback, aContext));
78 
79 exit:
80     return error;
81 }
82 
Stop(void)83 void CoapSecure::Stop(void)
84 {
85     mDtls.Close();
86 
87     mTransmitQueue.DequeueAndFreeAll();
88     ClearRequestsAndResponses();
89 }
90 
Connect(const Ip6::SockAddr & aSockAddr,ConnectedCallback aCallback,void * aContext)91 Error CoapSecure::Connect(const Ip6::SockAddr &aSockAddr, ConnectedCallback aCallback, void *aContext)
92 {
93     mConnectedCallback.Set(aCallback, aContext);
94 
95     return mDtls.Connect(aSockAddr);
96 }
97 
SetPsk(const MeshCoP::JoinerPskd & aPskd)98 void CoapSecure::SetPsk(const MeshCoP::JoinerPskd &aPskd)
99 {
100     static_assert(static_cast<uint16_t>(MeshCoP::JoinerPskd::kMaxLength) <=
101                       static_cast<uint16_t>(MeshCoP::Dtls::kPskMaxLength),
102                   "The maximum length of DTLS PSK is smaller than joiner PSKd");
103 
104     SuccessOrAssert(mDtls.SetPsk(reinterpret_cast<const uint8_t *>(aPskd.GetAsCString()), aPskd.GetLength()));
105 }
106 
107 #if OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
SendMessage(Message & aMessage,ResponseHandler aHandler,void * aContext,otCoapBlockwiseTransmitHook aTransmitHook,otCoapBlockwiseReceiveHook aReceiveHook)108 Error CoapSecure::SendMessage(Message                    &aMessage,
109                               ResponseHandler             aHandler,
110                               void                       *aContext,
111                               otCoapBlockwiseTransmitHook aTransmitHook,
112                               otCoapBlockwiseReceiveHook  aReceiveHook)
113 {
114     Error error = kErrorNone;
115 
116     VerifyOrExit(IsConnected(), error = kErrorInvalidState);
117 
118     error = CoapBase::SendMessage(aMessage, mDtls.GetMessageInfo(), TxParameters::GetDefault(), aHandler, aContext,
119                                   aTransmitHook, aReceiveHook);
120 
121 exit:
122     return error;
123 }
124 
SendMessage(Message & aMessage,const Ip6::MessageInfo & aMessageInfo,ResponseHandler aHandler,void * aContext,otCoapBlockwiseTransmitHook aTransmitHook,otCoapBlockwiseReceiveHook aReceiveHook)125 Error CoapSecure::SendMessage(Message                    &aMessage,
126                               const Ip6::MessageInfo     &aMessageInfo,
127                               ResponseHandler             aHandler,
128                               void                       *aContext,
129                               otCoapBlockwiseTransmitHook aTransmitHook,
130                               otCoapBlockwiseReceiveHook  aReceiveHook)
131 {
132     return CoapBase::SendMessage(aMessage, aMessageInfo, TxParameters::GetDefault(), aHandler, aContext, aTransmitHook,
133                                  aReceiveHook);
134 }
135 #else  // OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
SendMessage(Message & aMessage,ResponseHandler aHandler,void * aContext)136 Error CoapSecure::SendMessage(Message &aMessage, ResponseHandler aHandler, void *aContext)
137 {
138     Error error = kErrorNone;
139 
140     VerifyOrExit(IsConnected(), error = kErrorInvalidState);
141 
142     error = CoapBase::SendMessage(aMessage, mDtls.GetMessageInfo(), aHandler, aContext);
143 
144 exit:
145     return error;
146 }
147 
SendMessage(Message & aMessage,const Ip6::MessageInfo & aMessageInfo,ResponseHandler aHandler,void * aContext)148 Error CoapSecure::SendMessage(Message                &aMessage,
149                               const Ip6::MessageInfo &aMessageInfo,
150                               ResponseHandler         aHandler,
151                               void                   *aContext)
152 {
153     return CoapBase::SendMessage(aMessage, aMessageInfo, aHandler, aContext);
154 }
155 #endif // OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
156 
Send(ot::Message & aMessage,const Ip6::MessageInfo & aMessageInfo)157 Error CoapSecure::Send(ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo)
158 {
159     OT_UNUSED_VARIABLE(aMessageInfo);
160 
161     mTransmitQueue.Enqueue(aMessage);
162     mTransmitTask.Post();
163 
164     return kErrorNone;
165 }
166 
HandleDtlsConnected(void * aContext,bool aConnected)167 void CoapSecure::HandleDtlsConnected(void *aContext, bool aConnected)
168 {
169     return static_cast<CoapSecure *>(aContext)->HandleDtlsConnected(aConnected);
170 }
171 
HandleDtlsConnected(bool aConnected)172 void CoapSecure::HandleDtlsConnected(bool aConnected) { mConnectedCallback.InvokeIfSet(aConnected); }
173 
HandleDtlsReceive(void * aContext,uint8_t * aBuf,uint16_t aLength)174 void CoapSecure::HandleDtlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength)
175 {
176     return static_cast<CoapSecure *>(aContext)->HandleDtlsReceive(aBuf, aLength);
177 }
178 
HandleDtlsReceive(uint8_t * aBuf,uint16_t aLength)179 void CoapSecure::HandleDtlsReceive(uint8_t *aBuf, uint16_t aLength)
180 {
181     ot::Message *message = nullptr;
182 
183     VerifyOrExit((message = Get<MessagePool>().Allocate(Message::kTypeIp6, Message::GetHelpDataReserved())) != nullptr);
184     SuccessOrExit(message->AppendBytes(aBuf, aLength));
185 
186     CoapBase::Receive(*message, mDtls.GetMessageInfo());
187 
188 exit:
189     FreeMessage(message);
190 }
191 
HandleTransmit(Tasklet & aTasklet)192 void CoapSecure::HandleTransmit(Tasklet &aTasklet)
193 {
194     static_cast<CoapSecure *>(static_cast<TaskletContext &>(aTasklet).GetContext())->HandleTransmit();
195 }
196 
HandleTransmit(void)197 void CoapSecure::HandleTransmit(void)
198 {
199     Error        error   = kErrorNone;
200     ot::Message *message = mTransmitQueue.GetHead();
201 
202     VerifyOrExit(message != nullptr);
203     mTransmitQueue.Dequeue(*message);
204 
205     if (mTransmitQueue.GetHead() != nullptr)
206     {
207         mTransmitTask.Post();
208     }
209 
210     SuccessOrExit(error = mDtls.Send(*message, message->GetLength()));
211 
212 exit:
213     if (error != kErrorNone)
214     {
215         LogNote("Transmit: %s", ErrorToString(error));
216         message->Free();
217     }
218     else
219     {
220         LogDebg("Transmit: %s", ErrorToString(error));
221     }
222 }
223 
224 } // namespace Coap
225 } // namespace ot
226 
227 #endif // OPENTHREAD_CONFIG_DTLS_ENABLE
228