libcoap-sys 0.2.2+libcoap-4.3.1

Raw bindings to the libcoap CoAP library.
Documentation
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
// -*- mode:doc; -*-
// vim: set syntax=asciidoc,tw=0:

coap_endpoint_client(3)
=======================
:doctype: manpage
:man source:   coap_endpoint_client
:man version:  @PACKAGE_VERSION@
:man manual:   libcoap Manual

NAME
----
coap_endpoint_client,
coap_new_client_session,
coap_new_client_session_psk2,
coap_new_client_session_pki,
coap_session_set_mtu,
coap_session_max_pdu_size
- Work with CoAP client endpoints

SYNOPSIS
--------
*#include <coap@LIBCOAP_API_VERSION@/coap.h>*

*coap_session_t *coap_new_client_session(coap_context_t *_context_,
const coap_address_t *_local_if_, const coap_address_t *_server_,
coap_proto_t _proto_);*

*coap_session_t *coap_new_client_session_psk2(coap_context_t *_context_,
const coap_address_t *_local_if_, const coap_address_t *_server_, coap_proto_t
_proto_, coap_dtls_cpsk_t *_setup_data_);*

*coap_session_t *coap_new_client_session_pki(coap_context_t *_context_,
const coap_address_t *_local_if_, const coap_address_t *_server_, coap_proto_t
_proto_, coap_dtls_pki_t *_setup_data_);*

*void coap_session_set_mtu(coap_session_t *_session_, unsigned _mtu_);*

*size_t coap_session_max_pdu_size(const coap_session_t *_session_);*

For specific (D)TLS library support, link with
*-lcoap-@LIBCOAP_API_VERSION@-notls*, *-lcoap-@LIBCOAP_API_VERSION@-gnutls*,
*-lcoap-@LIBCOAP_API_VERSION@-openssl*, *-lcoap-@LIBCOAP_API_VERSION@-mbedtls*
or *-lcoap-@LIBCOAP_API_VERSION@-tinydtls*.   Otherwise, link with
*-lcoap-@LIBCOAP_API_VERSION@* to get the default (D)TLS library support.

DESCRIPTION
-----------
This man page focuses on the setting up of a CoAP client endpoint and hence
creation of a CoAP Session used to connect to a server.  For a CoAP server
endpoint, see *coap_endpoint_server*(3). There is no need to call
*coap_new_endpoint*(3) for a client as well as one of the
*coap_new_client_server**() functions.

The CoAP stack's global state is stored in a coap_context_t Context object.
Resources, Endpoints and Sessions are associated with this context object.
There can be more than one coap_context_t object per application, it is up to
the application to manage each one accordingly.

A CoAP Ssssion maintains the state of an ongoing connection between a Client
and Server which is stored in a coap_session_t Session object. A CoAP session
is tracked by local port, CoAP protocol, remote IP address and remote port.

The Session network traffic can be encrypted or un-encrypted if there is an
underlying TLS library.

If TLS is going to be used for encrypting the network traffic, then the TLS
information for Pre-Shared Keys (PSK) or Public Key Infrastructure (PKI) needs
to be configured before any network traffic starts to flow. For Servers, this
has to be done before the Endpoint is created, for Clients, this is done
during the Client Endpoint/Session set up.

For Clients, all the encryption information can be held at the TLS Context and
CoAP Context levels, or at the TLS Session and CoAP Session levels.  If
defined at the Context level, then when Sessions are created, they will
inherit the Context definitions, unless they have separately been defined for
the Session level, in which case the Session version will get used.
Typically the information will be configured at the Session level for Clients.

In principle the set-up sequence for CoAP client endpoints looks like
----
coap_new_context()
coap_context_set_pki_root_cas() if the root CAs need to be updated and PKI
coap_new_client_session(), coap_new_client_session_pki() or coap_new_client_session_psk2()
----

Multiple client endpoints and hence sessions are supported per Context.

Different CoAP protocols can be defined for _proto_ - the current supported
list is:

[source, c]
----
COAP_PROTO_UDP
COAP_PROTO_DTLS
COAP_PROTO_TCP
COAP_PROTO_TLS
----

*coap_tcp_is_supported*(), *coap_dtls_is_supported*() and
*coap_tls_is_supported*() can be used for checking whether the underlying
TCP or (D)TLS protocol support is available.  See *coap_tls_library(3)* for
further information.

The *coap_new_client_session*() function creates a client endpoint for a
specific _context_ and initiates a new client session to the specified _server_
using the CoAP protocol
_proto_.  If the port is set to 0 in _server_, then the default CoAP
port is used.  Normally _local_if_ would be set to NULL, but by specifying
_local_if_ the source of the network session can be bound to a specific IP
address or port.  The session will initially have a reference count of 1.

The *coap_new_client_session_pki*() function, for a specific _context_, is
used to configure the TLS context using the _setup_data_ variables as defined
in the coap_dtls_pki_t structure in the newly created endpoint session -
see *coap_encryption*(3). The connection is to the specified _server_ using
the CoAP protocol _proto_.  If the port is set to 0 in _server_, then the
default CoAP port is used.  Normally _local_if_ would be set to NULL, but by
specifying _local_if_ the source of the network session can be bound to a
specific IP address or port. The session will initially have a reference count
of 1.

The *coap_new_client_session_psk2*() function, for a specific _context_, is
used to configure the TLS context using the _setup_data_ variables as defined
in the coap_dtls_cpsk_t structure in the newly created endpoint session -
see *coap_encryption*(3). The connection is to the specified _server_ using
the CoAP protocol _proto_.  If the port is set to 0 in _server_, then the
default CoAP port is used.  Normally _local_if_ would be set to NULL, but by
specifying _local_if_ the source of the network session can be bound to a
specific IP address or port. The session will initially have a reference count
of 1.

To stop using a client session, the reference count must be decremented to 0
by calling *coap_session_release*(). See *coap_session*(3). This will remove
the client endpoint.

The *coap_sesson_set_default_mtu*() function is used to set the MTU size
(the maximum message size) of the data in a packet, excluding any IP or
TCP/UDP overhead to _mtu_ for the client endpoint's _session_.  The default
MTU is 1152.

The *coap_session_max_pdu_size*() function is used to get the maximum MTU
size of the data for the client endpoint's _session_.

RETURN VALUES
-------------
*coap_new_client_session*(), *coap_new_client_session_psk2*(),
*coap_new_client_session_pki*() functions returns a newly created client
session or NULL if there is a creation failure.

*coap_session_max_pdu_size*() function returns the MTU size.

EXAMPLES
--------
*CoAP Client Non-Encrypted Setup*
[source, c]
----
#include <coap@LIBCOAP_API_VERSION@/coap.h>

#include <netinet/in.h>

static coap_session_t *
setup_client_session (struct in_addr ip_address) {
  coap_session_t *session;
  coap_address_t server;
  /* See coap_context(3) */
  coap_context_t *context = coap_new_context(NULL);

  if (!context)
    return NULL;
  /* See coap_block(3) */
  coap_context_set_block_mode(context,
                              COAP_BLOCK_USE_LIBCOAP | COAP_BLOCK_SINGLE_BODY);


  coap_address_init(&server);
  server.addr.sa.sa_family = AF_INET;
  server.addr.sin.sin_addr = ip_address;
  server.addr.sin.sin_port = htons (5683);

  session = coap_new_client_session(context, NULL, &server, COAP_PROTO_UDP);
  if (!session) {
    coap_free_context(context);
    return NULL;
  }
  /* The context is in session->context */
  return session;
}
----

*CoAP Client PKI Setup*
[source, c]
----
#include <coap@LIBCOAP_API_VERSION@/coap.h>

#include <netinet/in.h>

static int
verify_cn_callback(const char *cn,
                   const uint8_t *asn1_public_cert,
                   size_t asn1_length,
                   coap_session_t *c_session,
                   unsigned int depth,
                   int validated,
                   void *arg
) {
  /* Remove (void) definition if variable is used */
  (void)cn;
  (void)asn1_public_cert;
  (void)asn1_length;
  (void)c_session;
  (void)depth;
  (void)validated;
  (void)arg;

  /* Check that the CN is valid */

  /* ... */

  return 1;
}

static coap_session_t *
setup_client_session_pki (struct in_addr ip_address,
                          const char *public_cert_file,
                          const char *private_key_file,
                          const char *ca_file
) {
  coap_session_t *session;
  coap_address_t server;
  coap_dtls_pki_t dtls_pki;
  /* See coap_context(3) */
  coap_context_t *context = coap_new_context(NULL);

  if (!context)
    return NULL;
  /* See coap_block(3) */
  coap_context_set_block_mode(context,
                              COAP_BLOCK_USE_LIBCOAP | COAP_BLOCK_SINGLE_BODY);


  coap_address_init(&server);
  server.addr.sa.sa_family = AF_INET;
  server.addr.sin.sin_addr = ip_address;
  server.addr.sin.sin_port = htons (5684);

  memset (&dtls_pki, 0, sizeof (dtls_pki));

  /* See coap_encryption(3) */
  dtls_pki.version                 = COAP_DTLS_PKI_SETUP_VERSION;
  dtls_pki.verify_peer_cert        = 1;
  dtls_pki.check_common_ca         = 1;
  dtls_pki.allow_self_signed       = 1;
  dtls_pki.allow_expired_certs     = 1;
  dtls_pki.cert_chain_validation   = 1;
  dtls_pki.cert_chain_verify_depth = 1;
  dtls_pki.check_cert_revocation   = 1;
  dtls_pki.allow_no_crl            = 1;
  dtls_pki.allow_expired_crl       = 1;
  dtls_pki.allow_bad_md_hash       = 0;
  dtls_pki.allow_short_rsa_length  = 0;
  dtls_pki.is_rpk_not_cert         = 0; /* Set to 1 if RPK */
  dtls_pki.validate_cn_call_back   = verify_cn_callback;
  dtls_pki.cn_call_back_arg        = NULL;
  dtls_pki.validate_sni_call_back  = NULL;
  dtls_pki.sni_call_back_arg       = NULL;
  dtls_pki.additional_tls_setup_call_back = NULL;
  dtls_pki.client_sni              = NULL;
  dtls_pki.pki_key.key_type        = COAP_PKI_KEY_PEM;
  dtls_pki.pki_key.key.pem.ca_file = ca_file;
  dtls_pki.pki_key.key.pem.public_cert = public_cert_file;
  dtls_pki.pki_key.key.pem.private_key = private_key_file;

  session = coap_new_client_session_pki(context, NULL, &server,
                                        COAP_PROTO_DTLS, &dtls_pki);
  if (!session) {
    coap_free_context(context);
    return NULL;
  }
  /* The context is in session->context */
  return session;
}
----

*CoAP Client PSK Setup*
[source, c]
----
#include <coap@LIBCOAP_API_VERSION@/coap.h>

#include <stdio.h>
#include <netinet/in.h>

#ifndef min
#define min(a,b) ((a) < (b) ? (a) : (b))
#endif

static const coap_dtls_cpsk_info_t *
verify_ih_callback(coap_str_const_t *hint,
                   coap_session_t *c_session,
                   void *arg
) {
  coap_dtls_cpsk_info_t *psk_info = (coap_dtls_cpsk_info_t *)arg;
  /* Remove (void) definition if variable is used */
  (void)c_session;

  coap_log(LOG_INFO, "Identity Hint '%.*s' provided\n", (int)hint->length, hint->s);

  /* Just use the defined information for now as passed in by arg */
  return psk_info;
}

static coap_dtls_cpsk_t dtls_psk;
static char client_sni[256];

static coap_session_t *
setup_client_session_psk (const char *uri,
                          struct in_addr ip_address,
                          const uint8_t *identity,
                          unsigned int identity_len,
                          const uint8_t *key,
                          unsigned int key_len
) {
  coap_session_t *session;
  coap_address_t server;
  /* See coap_context(3) */
  coap_context_t *context = coap_new_context(NULL);

  if (!context)
    return NULL;
  /* See coap_block(3) */
  coap_context_set_block_mode(context,
                              COAP_BLOCK_USE_LIBCOAP | COAP_BLOCK_SINGLE_BODY);


  coap_address_init(&server);
  server.addr.sa.sa_family = AF_INET;
  server.addr.sin.sin_addr = ip_address;
  server.addr.sin.sin_port = htons (5684);

  /* See coap_encryption(3) */
  memset (&dtls_psk, 0, sizeof(dtls_psk));
  dtls_psk.version = COAP_DTLS_CPSK_SETUP_VERSION;
  dtls_psk.validate_ih_call_back = verify_ih_callback;
  dtls_psk.ih_call_back_arg = &dtls_psk.psk_info;
  if (uri)
    memcpy(client_sni, uri, min(strlen(uri), sizeof(client_sni)-1));
  else
    memcpy(client_sni, "localhost", 9);
  dtls_psk.client_sni = client_sni;
  dtls_psk.psk_info.identity.s = identity;
  dtls_psk.psk_info.identity.length = identity_len;
  dtls_psk.psk_info.key.s = key;
  dtls_psk.psk_info.key.length = key_len;
  session = coap_new_client_session_psk2(context, NULL, &server,
                                        COAP_PROTO_DTLS, &dtls_psk);
  if (!session) {
    coap_free_context(context);
    return NULL;
  }
  /* The context is in session->context */
  return session;
}
----

*CoAP Client Anonymous PKI Setup*
[source, c]
----
#include <coap@LIBCOAP_API_VERSION@/coap.h>

#include <netinet/in.h>

static coap_session_t *
setup_client_session_dtls (struct in_addr ip_address) {
  coap_session_t *session;
  coap_address_t server;
  /* See coap_context(3) */
  coap_context_t *context = coap_new_context(NULL);

  if (!context)
    return NULL;
  /* See coap_block(3) */
  coap_context_set_block_mode(context,
                              COAP_BLOCK_USE_LIBCOAP | COAP_BLOCK_SINGLE_BODY);


  coap_address_init(&server);
  server.addr.sa.sa_family = AF_INET;
  server.addr.sin.sin_addr = ip_address;
  server.addr.sin.sin_port = htons (5683);

  session = coap_new_client_session(context, NULL, &server,
                                        COAP_PROTO_DTLS);
  if (!session) {
    coap_free_context(context);
    return NULL;
  }
  /* The context is in session->context */
  return session;
}
----

SEE ALSO
--------
*coap_block*(3), *coap_context*(3), *coap_encryption*(3),
*coap_endpoint_server*(3), *coap_resource*(3), *coap_session*(3) and
*coap_tls_library*(3)

FURTHER INFORMATION
-------------------
See "RFC7252: The Constrained Application Protocol (CoAP)" for further
information.

BUGS
----
Please report bugs on the mailing list for libcoap:
libcoap-developers@lists.sourceforge.net or raise an issue on GitHub at
https://github.com/obgm/libcoap/issues

AUTHORS
-------
The libcoap project <libcoap-developers@lists.sourceforge.net>