1 /*
2  *  Copyright (c) 2016, The OpenThread Authors.
3  *  All rights reserved.
4  *
5  *  Redistribution and use in source and binary forms, with or without
6  *  modification, are permitted provided that the following conditions are met:
7  *  1. Redistributions of source code must retain the above copyright
8  *     notice, this list of conditions and the following disclaimer.
9  *  2. Redistributions in binary form must reproduce the above copyright
10  *     notice, this list of conditions and the following disclaimer in the
11  *     documentation and/or other materials provided with the distribution.
12  *  3. Neither the name of the copyright holder nor the
13  *     names of its contributors may be used to endorse or promote products
14  *     derived from this software without specific prior written permission.
15  *
16  *  THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17  *  AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  *  IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  *  ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
20  *  LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
21  *  CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
22  *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
23  *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
24  *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
25  *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
26  *  POSSIBILITY OF SUCH DAMAGE.
27  */
28 
29 #include "coap_secure.hpp"
30 
31 #if OPENTHREAD_CONFIG_DTLS_ENABLE
32 
33 #include "common/instance.hpp"
34 #include "common/locator_getters.hpp"
35 #include "common/logging.hpp"
36 #include "common/new.hpp"
37 #include "meshcop/dtls.hpp"
38 #include "thread/thread_netif.hpp"
39 
40 /**
41  * @file
42  *   This file implements the secure CoAP agent.
43  */
44 
45 namespace ot {
46 namespace Coap {
47 
CoapSecure(Instance & aInstance,bool aLayerTwoSecurity)48 CoapSecure::CoapSecure(Instance &aInstance, bool aLayerTwoSecurity)
49     : CoapBase(aInstance, &CoapSecure::Send)
50     , mDtls(aInstance, aLayerTwoSecurity)
51     , mConnectedCallback(nullptr)
52     , mConnectedContext(nullptr)
53     , mTransmitTask(aInstance, CoapSecure::HandleTransmit, this)
54 {
55 }
56 
Start(uint16_t aPort)57 Error CoapSecure::Start(uint16_t aPort)
58 {
59     Error error = kErrorNone;
60 
61     mConnectedCallback = nullptr;
62     mConnectedContext  = nullptr;
63 
64     SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this));
65     SuccessOrExit(error = mDtls.Bind(aPort));
66 
67 exit:
68     return error;
69 }
70 
Start(MeshCoP::Dtls::TransportCallback aCallback,void * aContext)71 Error CoapSecure::Start(MeshCoP::Dtls::TransportCallback aCallback, void *aContext)
72 {
73     Error error = kErrorNone;
74 
75     mConnectedCallback = nullptr;
76     mConnectedContext  = nullptr;
77 
78     SuccessOrExit(error = mDtls.Open(&CoapSecure::HandleDtlsReceive, &CoapSecure::HandleDtlsConnected, this));
79     SuccessOrExit(error = mDtls.Bind(aCallback, aContext));
80 
81 exit:
82     return error;
83 }
84 
Stop(void)85 void CoapSecure::Stop(void)
86 {
87     mDtls.Close();
88 
89     mTransmitQueue.DequeueAndFreeAll();
90     ClearRequestsAndResponses();
91 }
92 
Connect(const Ip6::SockAddr & aSockAddr,ConnectedCallback aCallback,void * aContext)93 Error CoapSecure::Connect(const Ip6::SockAddr &aSockAddr, ConnectedCallback aCallback, void *aContext)
94 {
95     mConnectedCallback = aCallback;
96     mConnectedContext  = aContext;
97 
98     return mDtls.Connect(aSockAddr);
99 }
100 
SetPsk(const MeshCoP::JoinerPskd & aPskd)101 void CoapSecure::SetPsk(const MeshCoP::JoinerPskd &aPskd)
102 {
103     Error error;
104 
105     OT_UNUSED_VARIABLE(error);
106 
107     static_assert(static_cast<uint16_t>(MeshCoP::JoinerPskd::kMaxLength) <=
108                       static_cast<uint16_t>(MeshCoP::Dtls::kPskMaxLength),
109                   "The maximum length of DTLS PSK is smaller than joiner PSKd");
110 
111     error = mDtls.SetPsk(reinterpret_cast<const uint8_t *>(aPskd.GetAsCString()), aPskd.GetLength());
112 
113     OT_ASSERT(error == kErrorNone);
114 }
115 
116 #if OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
SendMessage(Message & aMessage,ResponseHandler aHandler,void * aContext,otCoapBlockwiseTransmitHook aTransmitHook,otCoapBlockwiseReceiveHook aReceiveHook)117 Error CoapSecure::SendMessage(Message &                   aMessage,
118                               ResponseHandler             aHandler,
119                               void *                      aContext,
120                               otCoapBlockwiseTransmitHook aTransmitHook,
121                               otCoapBlockwiseReceiveHook  aReceiveHook)
122 {
123     Error error = kErrorNone;
124 
125     VerifyOrExit(IsConnected(), error = kErrorInvalidState);
126 
127     error = CoapBase::SendMessage(aMessage, mDtls.GetMessageInfo(), TxParameters::GetDefault(), aHandler, aContext,
128                                   aTransmitHook, aReceiveHook);
129 
130 exit:
131     return error;
132 }
133 
SendMessage(Message & aMessage,const Ip6::MessageInfo & aMessageInfo,ResponseHandler aHandler,void * aContext,otCoapBlockwiseTransmitHook aTransmitHook,otCoapBlockwiseReceiveHook aReceiveHook)134 Error CoapSecure::SendMessage(Message &                   aMessage,
135                               const Ip6::MessageInfo &    aMessageInfo,
136                               ResponseHandler             aHandler,
137                               void *                      aContext,
138                               otCoapBlockwiseTransmitHook aTransmitHook,
139                               otCoapBlockwiseReceiveHook  aReceiveHook)
140 {
141     return CoapBase::SendMessage(aMessage, aMessageInfo, TxParameters::GetDefault(), aHandler, aContext, aTransmitHook,
142                                  aReceiveHook);
143 }
144 #else  // OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
SendMessage(Message & aMessage,ResponseHandler aHandler,void * aContext)145 Error CoapSecure::SendMessage(Message &aMessage, ResponseHandler aHandler, void *aContext)
146 {
147     Error error = kErrorNone;
148 
149     VerifyOrExit(IsConnected(), error = kErrorInvalidState);
150 
151     error = CoapBase::SendMessage(aMessage, mDtls.GetMessageInfo(), aHandler, aContext);
152 
153 exit:
154     return error;
155 }
156 
SendMessage(Message & aMessage,const Ip6::MessageInfo & aMessageInfo,ResponseHandler aHandler,void * aContext)157 Error CoapSecure::SendMessage(Message &               aMessage,
158                               const Ip6::MessageInfo &aMessageInfo,
159                               ResponseHandler         aHandler,
160                               void *                  aContext)
161 {
162     return CoapBase::SendMessage(aMessage, aMessageInfo, aHandler, aContext);
163 }
164 #endif // OPENTHREAD_CONFIG_COAP_BLOCKWISE_TRANSFER_ENABLE
165 
Send(ot::Message & aMessage,const Ip6::MessageInfo & aMessageInfo)166 Error CoapSecure::Send(ot::Message &aMessage, const Ip6::MessageInfo &aMessageInfo)
167 {
168     OT_UNUSED_VARIABLE(aMessageInfo);
169 
170     mTransmitQueue.Enqueue(aMessage);
171     mTransmitTask.Post();
172 
173     return kErrorNone;
174 }
175 
HandleDtlsConnected(void * aContext,bool aConnected)176 void CoapSecure::HandleDtlsConnected(void *aContext, bool aConnected)
177 {
178     return static_cast<CoapSecure *>(aContext)->HandleDtlsConnected(aConnected);
179 }
180 
HandleDtlsConnected(bool aConnected)181 void CoapSecure::HandleDtlsConnected(bool aConnected)
182 {
183     if (mConnectedCallback != nullptr)
184     {
185         mConnectedCallback(aConnected, mConnectedContext);
186     }
187 }
188 
HandleDtlsReceive(void * aContext,uint8_t * aBuf,uint16_t aLength)189 void CoapSecure::HandleDtlsReceive(void *aContext, uint8_t *aBuf, uint16_t aLength)
190 {
191     return static_cast<CoapSecure *>(aContext)->HandleDtlsReceive(aBuf, aLength);
192 }
193 
HandleDtlsReceive(uint8_t * aBuf,uint16_t aLength)194 void CoapSecure::HandleDtlsReceive(uint8_t *aBuf, uint16_t aLength)
195 {
196     ot::Message *message = nullptr;
197 
198     VerifyOrExit((message = Get<MessagePool>().New(Message::kTypeIp6, Message::GetHelpDataReserved())) != nullptr);
199     SuccessOrExit(message->AppendBytes(aBuf, aLength));
200 
201     CoapBase::Receive(*message, mDtls.GetMessageInfo());
202 
203 exit:
204     FreeMessage(message);
205 }
206 
HandleTransmit(Tasklet & aTasklet)207 void CoapSecure::HandleTransmit(Tasklet &aTasklet)
208 {
209     static_cast<CoapSecure *>(static_cast<TaskletContext &>(aTasklet).GetContext())->HandleTransmit();
210 }
211 
HandleTransmit(void)212 void CoapSecure::HandleTransmit(void)
213 {
214     Error        error   = kErrorNone;
215     ot::Message *message = mTransmitQueue.GetHead();
216 
217     VerifyOrExit(message != nullptr);
218     mTransmitQueue.Dequeue(*message);
219 
220     if (mTransmitQueue.GetHead() != nullptr)
221     {
222         mTransmitTask.Post();
223     }
224 
225     SuccessOrExit(error = mDtls.Send(*message, message->GetLength()));
226 
227 exit:
228     if (error != kErrorNone)
229     {
230         otLogNoteMeshCoP("CoapSecure Transmit: %s", ErrorToString(error));
231         message->Free();
232     }
233     else
234     {
235         otLogDebgMeshCoP("CoapSecure Transmit: %s", ErrorToString(error));
236     }
237 }
238 
239 } // namespace Coap
240 } // namespace ot
241 
242 #endif // OPENTHREAD_CONFIG_DTLS_ENABLE
243