1 /* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 
3 /*
4  * Copyright (c) 2018, SICS, RISE AB
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. Neither the name of the Institute nor the names of its contributors
16  *    may be used to endorse or promote products derived from this software
17  *    without specific prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22  * ARE DISCLAIMED.  IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
23  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29  * SUCH DAMAGE.
30  *
31  */
32 
33 /**
34  * @file oscore.h
35  * @brief An implementation of the Object Security for Constrained RESTful
36  * Environments (RFC 8613).
37  *
38  * \author Martin Gunnarsson  <martin.gunnarsson@ri.se>
39  * major rewrite for libcoap
40  *      Peter van der Stok <consultancy@vanderstok.org>
41  *      on request of Fairhair alliance
42  * adapted for libcoap integration
43  *      Jon Shallow <supjps-libcoap@jpshallow.com>
44  *
45  */
46 
47 #ifndef _OSCORE_H
48 #define _OSCORE_H
49 
50 #include <coap3/coap_internal.h>
51 #include "oscore_cose.h"
52 #include "oscore_context.h"
53 
54 /**
55  * @ingroup internal_api
56  * @addtogroup oscore_internal
57  * @{
58  */
59 
60 /* Estimate your header size, especially when using Proxy-Uri. */
61 #define COAP_MAX_HEADER_SIZE 70
62 
63 /* OSCORE error messages  (to be moved elsewhere  */
64 #define OSCORE_DECRYPTION_ERROR    100
65 #define PACKET_SERIALIZATION_ERROR 102
66 
67 /* oscore_cs_params
68  * returns cbor array [[param_type], [paramtype, param]]
69  */
70 uint8_t *oscore_cs_params(int8_t param, int8_t param_type, size_t *len);
71 
72 /* oscore_cs_key_params
73  * returns cbor array [paramtype, param]
74  */
75 uint8_t *oscore_cs_key_params(cose_curve_t param, int8_t param_type, size_t *len);
76 
77 /*
78  * oscore_encode_option_value
79  */
80 size_t oscore_encode_option_value(uint8_t *option_buffer,
81                                   size_t option_buf_len,
82                                   cose_encrypt0_t *cose,
83                                   uint8_t group,
84                                   uint8_t appendix_b_2);
85 
86 /*
87  * Decodes the OSCORE option value and places decoded values into the provided
88  * cose structure */
89 int oscore_decode_option_value(const uint8_t *option_value,
90                                size_t option_len,
91                                cose_encrypt0_t *cose);
92 
93 /* Creates AAD, creates External AAD and serializes it into the complete AAD
94  * structure. Returns serialized size. */
95 size_t oscore_prepare_aad(const uint8_t *external_aad_buffer,
96                           size_t external_aad_len,
97                           uint8_t *aad_buffer,
98                           size_t aad_size);
99 
100 size_t oscore_prepare_e_aad(oscore_ctx_t *ctx,
101                             cose_encrypt0_t *cose,
102                             const uint8_t *oscore_option,
103                             size_t oscore_option_len,
104                             coap_bin_const_t *sender_public_key,
105                             uint8_t *external_aad_ptr,
106                             size_t external_aad_size);
107 
108 /* Creates Nonce */
109 void oscore_generate_nonce(cose_encrypt0_t *ptr,
110                            oscore_ctx_t *ctx,
111                            uint8_t *buffer,
112                            uint8_t size);
113 
114 /*Return 1 if OK, Error code otherwise */
115 uint8_t oscore_validate_sender_seq(oscore_recipient_ctx_t *ctx,
116                                    cose_encrypt0_t *cose);
117 
118 /* Return 0 if SEQ MAX, return 1 if OK */
119 uint8_t oscore_increment_sender_seq(oscore_ctx_t *ctx);
120 
121 /* Restore the sequence number and replay-window to the previous state. This is
122  * to be used when decryption fail. */
123 void oscore_roll_back_seq(oscore_recipient_ctx_t *ctx);
124 
125 /** @} */
126 
127 #endif /* _OSCORE_H */
128