Skip to content

Commit

Permalink
net: lwm2m: WIP: RD client BS support, use security instance info
Browse files Browse the repository at this point in the history
Signed-off-by: Michael Scott <michael@opensourcefoundries.com>
  • Loading branch information
mike-scott committed Jun 26, 2018
1 parent 1822865 commit 07cb4ec
Show file tree
Hide file tree
Showing 7 changed files with 413 additions and 206 deletions.
18 changes: 7 additions & 11 deletions include/net/lwm2m.h
Original file line number Diff line number Diff line change
Expand Up @@ -61,13 +61,10 @@ struct lwm2m_ctx {
struct coap_reply replies[CONFIG_LWM2M_ENGINE_MAX_REPLIES];
struct k_delayed_work retransmit_work;

#if defined(CONFIG_NET_APP_DTLS)
/** Pre-Shared Key Information*/
unsigned char *client_psk;
size_t client_psk_len;
char *client_psk_id;
size_t client_psk_id_len;
/* current security object index */
int sec_obj_inst;

#if defined(CONFIG_NET_APP_DTLS)
/** DTLS support structures */
char *cert_host;
u8_t *dtls_result_buf;
Expand Down Expand Up @@ -233,16 +230,16 @@ int lwm2m_engine_set_net_pkt_pool(struct lwm2m_ctx *ctx,
net_pkt_get_slab_func_t tx_slab,
net_pkt_get_pool_func_t data_pool);
#endif
int lwm2m_engine_start(struct lwm2m_ctx *client_ctx,
char *peer_str, u16_t peer_port);
int lwm2m_engine_start(struct lwm2m_ctx *client_ctx, bool is_bootstrap_mode);

/* LWM2M RD Client */

/* Client events */
enum lwm2m_rd_client_event {
LWM2M_RD_CLIENT_EVENT_NONE,
LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_FAILURE,
LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_COMPLETE,
LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_REG_FAILURE,
LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_REG_COMPLETE,
LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_TRANSFER_COMPLETE,
LWM2M_RD_CLIENT_EVENT_REGISTRATION_FAILURE,
LWM2M_RD_CLIENT_EVENT_REGISTRATION_COMPLETE,
LWM2M_RD_CLIENT_EVENT_REG_UPDATE_FAILURE,
Expand All @@ -256,7 +253,6 @@ typedef void (*lwm2m_ctx_event_cb_t)(struct lwm2m_ctx *ctx,
enum lwm2m_rd_client_event event);

int lwm2m_rd_client_start(struct lwm2m_ctx *client_ctx,
char *peer_str, u16_t peer_port,
const char *ep_name,
lwm2m_ctx_event_cb_t event_cb);

Expand Down
4 changes: 4 additions & 0 deletions samples/net/lwm2m_client/overlay-dtls.conf
Original file line number Diff line number Diff line change
Expand Up @@ -6,3 +6,7 @@ CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_MBEDTLS_CFG_FILE="config-coap.h"
CONFIG_LWM2M_PEER_PORT=5684

# DTLS urls
CONFIG_NET_APP_PEER_IPV6_ADDR="coaps://[2001:db8::2]:5684"
CONFIG_NET_APP_PEER_IPV4_ADDR="coaps://192.0.2.2:5684"
4 changes: 2 additions & 2 deletions samples/net/lwm2m_client/prj.conf
Original file line number Diff line number Diff line change
Expand Up @@ -35,6 +35,6 @@ CONFIG_LWM2M_IPSO_TEMP_SENSOR=y
CONFIG_LWM2M_IPSO_LIGHT_CONTROL=y

CONFIG_NET_APP_MY_IPV6_ADDR="2001:db8::1"
CONFIG_NET_APP_PEER_IPV6_ADDR="2001:db8::2"
CONFIG_NET_APP_PEER_IPV6_ADDR="coap://2001:db8::2"
CONFIG_NET_APP_MY_IPV4_ADDR="192.0.2.1"
CONFIG_NET_APP_PEER_IPV4_ADDR="192.0.2.2"
CONFIG_NET_APP_PEER_IPV4_ADDR="coap://192.0.2.2"
60 changes: 39 additions & 21 deletions samples/net/lwm2m_client/src/lwm2m-client.c
Original file line number Diff line number Diff line change
Expand Up @@ -77,7 +77,7 @@ static struct lwm2m_ctx client;
NET_APP_TLS_POOL_DEFINE(dtls_pool, 10);

/* "000102030405060708090a0b0c0d0e0f" */
static unsigned char client_psk[] = {
static const unsigned char client_psk[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f
};
Expand Down Expand Up @@ -222,8 +222,37 @@ static int firmware_block_received_cb(u16_t obj_inst_id,
static int lwm2m_setup(void)
{
struct float32_value float_value;
int ret;
char *server_url;
u16_t server_url_len;
u8_t server_url_flags;

/* setup SECURITY object */

/* Server URL */
ret = lwm2m_engine_get_res_data("0/0/0",
(void **)&server_url, &server_url_len,
&server_url_flags);
if (ret < 0) {
return ret;
}

snprintk(server_url, server_url_len, "%s",
IS_ENABLED(CONFIG_NET_IPV6) ? CONFIG_NET_APP_PEER_IPV6_ADDR :
CONFIG_NET_APP_PEER_IPV4_ADDR);

/* Bootstrap Mode */
lwm2m_engine_set_bool("0/0/1",
IS_ENABLED(CONFIG_LWM2M_RD_CLIENT_SUPPORT_BOOTSTRAP));
/* Security Mode */
lwm2m_engine_set_u8("0/0/2", IS_ENABLED(CONFIG_NET_APP_DTLS) ? 0 : 3);
#if defined(CONFIG_NET_APP_DTLS)
lwm2m_engine_set_opaque("0/0/3",
(void *)client_psk_id, sizeof(client_psk_id));
lwm2m_engine_set_opaque("0/0/5",
(void *)client_psk, sizeof(client_psk));
#endif /* CONFIG_NET_APP_DTLS */

/* setup SERVER object */

/* setup DEVICE object */
Expand Down Expand Up @@ -309,12 +338,16 @@ static void rd_client_event(struct lwm2m_ctx *client,
/* do nothing */
break;

case LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_FAILURE:
SYS_LOG_DBG("Bootstrap failure!");
case LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_REG_FAILURE:
SYS_LOG_DBG("Bootstrap registration failure!");
break;

case LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_COMPLETE:
SYS_LOG_DBG("Bootstrap complete");
case LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_REG_COMPLETE:
SYS_LOG_DBG("Bootstrap registration complete");
break;

case LWM2M_RD_CLIENT_EVENT_BOOTSTRAP_TRANSFER_COMPLETE:
SYS_LOG_DBG("Bootstrap transfer complete");
break;

case LWM2M_RD_CLIENT_EVENT_REGISTRATION_FAILURE:
Expand Down Expand Up @@ -367,10 +400,6 @@ void main(void)
#endif

#if defined(CONFIG_NET_APP_DTLS)
client.client_psk = client_psk;
client.client_psk_len = 16;
client.client_psk_id = (char *)client_psk_id;
client.client_psk_id_len = strlen(client_psk_id);
client.cert_host = HOSTNAME;
client.dtls_pool = &dtls_pool;
client.dtls_result_buf = dtls_result;
Expand All @@ -379,18 +408,7 @@ void main(void)
client.dtls_stack_len = K_THREAD_STACK_SIZEOF(net_app_dtls_stack);
#endif /* CONFIG_NET_APP_DTLS */

#if defined(CONFIG_NET_IPV6)
ret = lwm2m_rd_client_start(&client, CONFIG_NET_APP_PEER_IPV6_ADDR,
CONFIG_LWM2M_PEER_PORT, CONFIG_BOARD,
rd_client_event);
#elif defined(CONFIG_NET_IPV4)
ret = lwm2m_rd_client_start(&client, CONFIG_NET_APP_PEER_IPV4_ADDR,
CONFIG_LWM2M_PEER_PORT, CONFIG_BOARD,
rd_client_event);
#else
SYS_LOG_ERR("LwM2M client requires IPv4 or IPv6.");
ret = -EPROTONOSUPPORT;
#endif
ret = lwm2m_rd_client_start(&client, CONFIG_BOARD, rd_client_event);
if (ret < 0) {
SYS_LOG_ERR("LWM2M init LWM2M RD client error (%d)",
ret);
Expand Down
125 changes: 103 additions & 22 deletions subsys/net/lib/lwm2m/lwm2m_engine.c
Original file line number Diff line number Diff line change
Expand Up @@ -118,6 +118,7 @@ struct notification_attrs {
};

static struct observe_node observe_node_data[CONFIG_LWM2M_ENGINE_MAX_OBSERVER];
static bool bootstrap_mode;

#define MAX_PERIODIC_SERVICE 10

Expand Down Expand Up @@ -3926,25 +3927,88 @@ static int setup_cert(struct net_app_ctx *app_ctx, void *cert)
struct lwm2m_ctx *client_ctx = CONTAINER_OF(app_ctx,
struct lwm2m_ctx,
net_app_ctx);
char path[MAX_RESOURCE_LEN];
u8_t *psk, *psk_id;
int ret;
u16_t psk_len, psk_id_len;
u8_t psk_data_flags, psk_id_data_flags;

snprintk(path, sizeof(path), "0/%d/3", client_ctx->sec_obj_inst);
ret = lwm2m_engine_get_res_data(path, (void **)&psk_id, &psk_id_len,
&psk_id_data_flags);
if (ret < 0) {
return ret;
}

snprintk(path, sizeof(path), "0/%d/5", client_ctx->sec_obj_inst);
ret = lwm2m_engine_get_res_data(path, (void **)&psk, &psk_len,
&psk_data_flags);
if (ret < 0) {
return ret;
}

return mbedtls_ssl_conf_psk(
&app_ctx->tls.mbedtls.conf,
(const unsigned char *)client_ctx->client_psk,
client_ctx->client_psk_len,
(const unsigned char *)client_ctx->client_psk_id,
client_ctx->client_psk_id_len);
(const unsigned char *)psk, (size_t)psk_len,
(const unsigned char *)psk_id, strlen(psk_id));
#else
return 0;
#endif
}
#endif /* CONFIG_NET_APP_DTLS */

int lwm2m_engine_start(struct lwm2m_ctx *client_ctx,
char *peer_str, u16_t peer_port)
int lwm2m_engine_start(struct lwm2m_ctx *client_ctx, bool is_bootstrap_mode)
{
char pathstr[MAX_RESOURCE_LEN];
char *data_ptr, *peer_str;
struct sockaddr client_addr;
int ret = 0;
u16_t peer_strlen;
u8_t peer_data_flags;
#if defined(CONFIG_NET_APP_DTLS)
bool use_dtls = false;
#endif

/* get the server URL */
snprintk(pathstr, sizeof(pathstr), "0/%d/0", client_ctx->sec_obj_inst);
ret = lwm2m_engine_get_res_data(pathstr, (void **)&data_ptr,
&peer_strlen,
&peer_data_flags);
if (ret < 0) {
return ret;
}

/* TODO: use security object for initial setup */
/* walk forward till colon shifting to lower case */
peer_str = data_ptr;
while (*peer_str != '\0' && *peer_str != ':') {
*peer_str = tolower(*peer_str);
peer_str += 1;
}

/* check to make sure there was a colon */
if (*peer_str != ':') {
return -EINVAL;
}

if (strncmp(data_ptr, "coap:", 5) != 0 &&
strncmp(data_ptr, "coaps:", 6) != 0) {
return -EPROTONOSUPPORT;
}

if (strncmp(data_ptr, "coaps:", 6) == 0) {
#if defined(CONFIG_NET_APP_DTLS)
use_dtls = true;
#else
return -EPROTONOSUPPORT;
#endif
}

/* skip the colons and slashes */
while (*peer_str == ':' || *peer_str == '/') {
peer_str += 1;
}

SYS_LOG_DBG("URL: %s", data_ptr);

/* setup the local client port */
memset(&client_addr, 0, sizeof(client_addr));
Expand All @@ -3956,10 +4020,13 @@ int lwm2m_engine_start(struct lwm2m_ctx *client_ctx,
net_sin(&client_addr)->sin_port = htons(CONFIG_LWM2M_LOCAL_PORT);
#endif

/* save bootstrap_mode for later */
bootstrap_mode = is_bootstrap_mode;

ret = net_app_init_udp_client(&client_ctx->net_app_ctx,
&client_addr, NULL,
peer_str,
peer_port,
CONFIG_LWM2M_PEER_PORT,
client_ctx->net_init_timeout,
client_ctx);
if (ret) {
Expand All @@ -3978,20 +4045,22 @@ int lwm2m_engine_start(struct lwm2m_ctx *client_ctx,
}

#if defined(CONFIG_NET_APP_DTLS)
ret = net_app_client_tls(&client_ctx->net_app_ctx,
client_ctx->dtls_result_buf,
client_ctx->dtls_result_buf_len,
INSTANCE_INFO,
strlen(INSTANCE_INFO),
setup_cert,
client_ctx->cert_host,
NULL,
client_ctx->dtls_pool,
client_ctx->dtls_stack,
client_ctx->dtls_stack_len);
if (ret < 0) {
SYS_LOG_ERR("Cannot init DTLS (%d)", ret);
goto error_start;
if (use_dtls) {
ret = net_app_client_tls(&client_ctx->net_app_ctx,
client_ctx->dtls_result_buf,
client_ctx->dtls_result_buf_len,
INSTANCE_INFO,
strlen(INSTANCE_INFO),
setup_cert,
client_ctx->cert_host,
NULL,
client_ctx->dtls_pool,
client_ctx->dtls_stack,
client_ctx->dtls_stack_len);
if (ret < 0) {
SYS_LOG_ERR("Cannot init DTLS (%d)", ret);
goto error_start;
}
}
#endif

Expand All @@ -4002,6 +4071,18 @@ int lwm2m_engine_start(struct lwm2m_ctx *client_ctx,
goto error_start;
}

#if defined(CONFIG_NET_APP_DTLS)
if (use_dtls) {
SYS_LOG_DBG("Waiting for TLS handshake");
while (!client_ctx->net_app_ctx.tls.handshake_done) {
k_sleep(K_SECONDS(1));
SYS_LOG_DBG("Check TLS handshake: %d", client_ctx->net_app_ctx.tls.handshake_done);
}

SYS_LOG_DBG("TLS handshake complete!");
}
#endif

return 0;

error_start:
Expand Down
Loading

0 comments on commit 07cb4ec

Please sign in to comment.