1*cfb92d14SAndroid Build Coastguard Worker# OpenThread CLI - CoAPS Example 2*cfb92d14SAndroid Build Coastguard Worker 3*cfb92d14SAndroid Build Coastguard WorkerThe OpenThread CoAPS APIs may be invoked via the OpenThread CLI. 4*cfb92d14SAndroid Build Coastguard Worker 5*cfb92d14SAndroid Build Coastguard Worker## Quick Start 6*cfb92d14SAndroid Build Coastguard Worker 7*cfb92d14SAndroid Build Coastguard Worker### Form Network 8*cfb92d14SAndroid Build Coastguard Worker 9*cfb92d14SAndroid Build Coastguard WorkerForm a network with at least two devices. 10*cfb92d14SAndroid Build Coastguard Worker 11*cfb92d14SAndroid Build Coastguard Worker### Configure DTLS ciphersuite. 12*cfb92d14SAndroid Build Coastguard Worker 13*cfb92d14SAndroid Build Coastguard WorkerCoAPS uses DTLS to establish a secure, end-to-end connection. 14*cfb92d14SAndroid Build Coastguard Worker 15*cfb92d14SAndroid Build Coastguard WorkerThis example supports two ciphersuites: 16*cfb92d14SAndroid Build Coastguard Worker 17*cfb92d14SAndroid Build Coastguard Worker- TLS_PSK_WITH_AES_128_CCM_8 18*cfb92d14SAndroid Build Coastguard Worker 19*cfb92d14SAndroid Build Coastguard Worker ```bash 20*cfb92d14SAndroid Build Coastguard Worker > coaps psk <your-psk> <your-psk-id> 21*cfb92d14SAndroid Build Coastguard Worker Done 22*cfb92d14SAndroid Build Coastguard Worker ``` 23*cfb92d14SAndroid Build Coastguard Worker 24*cfb92d14SAndroid Build Coastguard Worker- TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 25*cfb92d14SAndroid Build Coastguard Worker ```bash 26*cfb92d14SAndroid Build Coastguard Worker > coaps x509 27*cfb92d14SAndroid Build Coastguard Worker Done 28*cfb92d14SAndroid Build Coastguard Worker ``` 29*cfb92d14SAndroid Build Coastguard Worker The X.509 certificate stored in `core/cli/x509_cert_key.hpp`. 30*cfb92d14SAndroid Build Coastguard Worker 31*cfb92d14SAndroid Build Coastguard Worker### Node 1 32*cfb92d14SAndroid Build Coastguard Worker 33*cfb92d14SAndroid Build Coastguard WorkerOn node 1, setup CoAPS server with resource `test-resource`. 34*cfb92d14SAndroid Build Coastguard Worker 35*cfb92d14SAndroid Build Coastguard Worker```bash 36*cfb92d14SAndroid Build Coastguard Worker> coaps start 37*cfb92d14SAndroid Build Coastguard WorkerDone 38*cfb92d14SAndroid Build Coastguard Worker> coaps resource test-resource 39*cfb92d14SAndroid Build Coastguard WorkerDone 40*cfb92d14SAndroid Build Coastguard Worker``` 41*cfb92d14SAndroid Build Coastguard Worker 42*cfb92d14SAndroid Build Coastguard Worker### Node 2 43*cfb92d14SAndroid Build Coastguard Worker 44*cfb92d14SAndroid Build Coastguard Worker```bash 45*cfb92d14SAndroid Build Coastguard Worker> coaps start 46*cfb92d14SAndroid Build Coastguard WorkerDone 47*cfb92d14SAndroid Build Coastguard Worker> coaps connect <peer-ip6-address> 48*cfb92d14SAndroid Build Coastguard WorkerDone 49*cfb92d14SAndroid Build Coastguard Workercoaps connected 50*cfb92d14SAndroid Build Coastguard Worker> coaps get test-resource 51*cfb92d14SAndroid Build Coastguard WorkerDone 52*cfb92d14SAndroid Build Coastguard Workercoaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 with payload: 68656c6c6f576f726c6400 53*cfb92d14SAndroid Build Coastguard Worker> coaps put test-resource con payload 54*cfb92d14SAndroid Build Coastguard WorkerDone 55*cfb92d14SAndroid Build Coastguard Workercoaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 56*cfb92d14SAndroid Build Coastguard Worker``` 57*cfb92d14SAndroid Build Coastguard Worker 58*cfb92d14SAndroid Build Coastguard Worker### Result 59*cfb92d14SAndroid Build Coastguard Worker 60*cfb92d14SAndroid Build Coastguard WorkerOn node 1, you should see output similar to below: 61*cfb92d14SAndroid Build Coastguard Worker 62*cfb92d14SAndroid Build Coastguard Worker```bash 63*cfb92d14SAndroid Build Coastguard Workercoaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 GET 64*cfb92d14SAndroid Build Coastguard Workercoaps response sent 65*cfb92d14SAndroid Build Coastguard Workercoaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 PUT with payload: 7061796c6f6164 66*cfb92d14SAndroid Build Coastguard Workercoaps response sent 67*cfb92d14SAndroid Build Coastguard Worker``` 68*cfb92d14SAndroid Build Coastguard Worker 69*cfb92d14SAndroid Build Coastguard Worker## Generate Elliptic Curve Private Key and X.509 Certificate 70*cfb92d14SAndroid Build Coastguard Worker 71*cfb92d14SAndroid Build Coastguard Worker### EC Private Key 72*cfb92d14SAndroid Build Coastguard Worker 73*cfb92d14SAndroid Build Coastguard Worker```bash 74*cfb92d14SAndroid Build Coastguard Worker> openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem 75*cfb92d14SAndroid Build Coastguard Worker``` 76*cfb92d14SAndroid Build Coastguard Worker 77*cfb92d14SAndroid Build Coastguard Worker### X.509 Certificate 78*cfb92d14SAndroid Build Coastguard Worker 79*cfb92d14SAndroid Build Coastguard Worker```bash 80*cfb92d14SAndroid Build Coastguard Worker> openssl req -x509 -new -key ec_private.pem -out x509_cert.pem -days 30 81*cfb92d14SAndroid Build Coastguard Worker``` 82*cfb92d14SAndroid Build Coastguard Worker 83*cfb92d14SAndroid Build Coastguard Worker## Command List 84*cfb92d14SAndroid Build Coastguard Worker 85*cfb92d14SAndroid Build Coastguard Worker- [help](#help) 86*cfb92d14SAndroid Build Coastguard Worker- [connect](#connect-address) 87*cfb92d14SAndroid Build Coastguard Worker- [delete](#delete-uri-path-type-payload) 88*cfb92d14SAndroid Build Coastguard Worker- [disconnect](#disconnect) 89*cfb92d14SAndroid Build Coastguard Worker- [get](#get-uri-path-type) 90*cfb92d14SAndroid Build Coastguard Worker- [isclosed](#isclosed) 91*cfb92d14SAndroid Build Coastguard Worker- [isconnactive](#isconnactive) 92*cfb92d14SAndroid Build Coastguard Worker- [isconnected](#isconnected) 93*cfb92d14SAndroid Build Coastguard Worker- [post](#post-uri-path-type-payload) 94*cfb92d14SAndroid Build Coastguard Worker- [psk](#psk-psk-pskid) 95*cfb92d14SAndroid Build Coastguard Worker- [put](#put-uri-path-type-payload) 96*cfb92d14SAndroid Build Coastguard Worker- [resource](#resource-uri-path) 97*cfb92d14SAndroid Build Coastguard Worker- [set](#set-new-content) 98*cfb92d14SAndroid Build Coastguard Worker- [start](#start) 99*cfb92d14SAndroid Build Coastguard Worker- [stop](#stop) 100*cfb92d14SAndroid Build Coastguard Worker- [x509](#x509) 101*cfb92d14SAndroid Build Coastguard Worker 102*cfb92d14SAndroid Build Coastguard Worker## Command Details 103*cfb92d14SAndroid Build Coastguard Worker 104*cfb92d14SAndroid Build Coastguard Worker### help 105*cfb92d14SAndroid Build Coastguard Worker 106*cfb92d14SAndroid Build Coastguard Worker```bash 107*cfb92d14SAndroid Build Coastguard Worker> coaps help 108*cfb92d14SAndroid Build Coastguard Workerconnect 109*cfb92d14SAndroid Build Coastguard Workerdelete 110*cfb92d14SAndroid Build Coastguard Workerdisconnect 111*cfb92d14SAndroid Build Coastguard Workerget 112*cfb92d14SAndroid Build Coastguard Workerisclosed 113*cfb92d14SAndroid Build Coastguard Workerisconnactive 114*cfb92d14SAndroid Build Coastguard Workerisconnected 115*cfb92d14SAndroid Build Coastguard Workerpost 116*cfb92d14SAndroid Build Coastguard Workerpsk 117*cfb92d14SAndroid Build Coastguard Workerput 118*cfb92d14SAndroid Build Coastguard Workerresource 119*cfb92d14SAndroid Build Coastguard Workerset 120*cfb92d14SAndroid Build Coastguard Workerstart 121*cfb92d14SAndroid Build Coastguard Workerstop 122*cfb92d14SAndroid Build Coastguard Workerx509 123*cfb92d14SAndroid Build Coastguard WorkerDone 124*cfb92d14SAndroid Build Coastguard Worker``` 125*cfb92d14SAndroid Build Coastguard Worker 126*cfb92d14SAndroid Build Coastguard WorkerList the CoAPS CLI commands. 127*cfb92d14SAndroid Build Coastguard Worker 128*cfb92d14SAndroid Build Coastguard Worker### connect \<address\> 129*cfb92d14SAndroid Build Coastguard Worker 130*cfb92d14SAndroid Build Coastguard WorkerEstablish DTLS session. 131*cfb92d14SAndroid Build Coastguard Worker 132*cfb92d14SAndroid Build Coastguard Worker- address: IPv6 address of the peer. 133*cfb92d14SAndroid Build Coastguard Worker 134*cfb92d14SAndroid Build Coastguard Worker```bash 135*cfb92d14SAndroid Build Coastguard Worker> coaps connect fdde:ad00:beef:0:9903:14b:27e0:5744 136*cfb92d14SAndroid Build Coastguard WorkerDone 137*cfb92d14SAndroid Build Coastguard Workercoaps connected 138*cfb92d14SAndroid Build Coastguard Worker``` 139*cfb92d14SAndroid Build Coastguard Worker 140*cfb92d14SAndroid Build Coastguard Worker### delete \<uri-path\> \[type\] \[payload\] 141*cfb92d14SAndroid Build Coastguard Worker 142*cfb92d14SAndroid Build Coastguard Worker- uri-path: URI path of the resource. 143*cfb92d14SAndroid Build Coastguard Worker- type: "con" for Confirmable or "non-con" for Non-confirmable (default). 144*cfb92d14SAndroid Build Coastguard Worker- payload: CoAPS request payload. 145*cfb92d14SAndroid Build Coastguard Worker 146*cfb92d14SAndroid Build Coastguard Worker```bash 147*cfb92d14SAndroid Build Coastguard Worker> coaps delete test-resource con payload 148*cfb92d14SAndroid Build Coastguard WorkerDone 149*cfb92d14SAndroid Build Coastguard Worker``` 150*cfb92d14SAndroid Build Coastguard Worker 151*cfb92d14SAndroid Build Coastguard Worker### disconnect 152*cfb92d14SAndroid Build Coastguard Worker 153*cfb92d14SAndroid Build Coastguard Worker```bash 154*cfb92d14SAndroid Build Coastguard Worker> coaps disconnect 155*cfb92d14SAndroid Build Coastguard Workercoaps disconnected 156*cfb92d14SAndroid Build Coastguard WorkerDone 157*cfb92d14SAndroid Build Coastguard Worker``` 158*cfb92d14SAndroid Build Coastguard Worker 159*cfb92d14SAndroid Build Coastguard Worker### get \<uri-path\> \[type\] 160*cfb92d14SAndroid Build Coastguard Worker 161*cfb92d14SAndroid Build Coastguard Worker- uri-path: URI path of the resource. 162*cfb92d14SAndroid Build Coastguard Worker- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" if the response should be transferred block-wise. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 163*cfb92d14SAndroid Build Coastguard Worker 164*cfb92d14SAndroid Build Coastguard Worker```bash 165*cfb92d14SAndroid Build Coastguard Worker> coaps get test-resource 166*cfb92d14SAndroid Build Coastguard WorkerDone 167*cfb92d14SAndroid Build Coastguard Worker``` 168*cfb92d14SAndroid Build Coastguard Worker 169*cfb92d14SAndroid Build Coastguard Worker```bash 170*cfb92d14SAndroid Build Coastguard Worker> coaps get test-resource block-1024 171*cfb92d14SAndroid Build Coastguard WorkerDone 172*cfb92d14SAndroid Build Coastguard Worker``` 173*cfb92d14SAndroid Build Coastguard Worker 174*cfb92d14SAndroid Build Coastguard Worker### post \<uri-path\> \[type\] \[payload\] 175*cfb92d14SAndroid Build Coastguard Worker 176*cfb92d14SAndroid Build Coastguard Worker- uri-path: URI path of the resource. 177*cfb92d14SAndroid Build Coastguard Worker- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 178*cfb92d14SAndroid Build Coastguard Worker- payload: CoAP request payload. If \[type\] is "block-<block-size>", the amount of blocks to be sent can be set here. 179*cfb92d14SAndroid Build Coastguard Worker 180*cfb92d14SAndroid Build Coastguard Worker```bash 181*cfb92d14SAndroid Build Coastguard Worker> coaps post test-resource con payload 182*cfb92d14SAndroid Build Coastguard WorkerDone 183*cfb92d14SAndroid Build Coastguard Worker``` 184*cfb92d14SAndroid Build Coastguard Worker 185*cfb92d14SAndroid Build Coastguard Worker```bash 186*cfb92d14SAndroid Build Coastguard Worker> coaps post test-resource block-1024 10 187*cfb92d14SAndroid Build Coastguard WorkerDone 188*cfb92d14SAndroid Build Coastguard Worker``` 189*cfb92d14SAndroid Build Coastguard Worker 190*cfb92d14SAndroid Build Coastguard Worker### psk \<psk\> \<pskid\> 191*cfb92d14SAndroid Build Coastguard Worker 192*cfb92d14SAndroid Build Coastguard WorkerSet DTLS ciphersuite to `TLS_PSK_WITH_AES_128_CCM_8`. 193*cfb92d14SAndroid Build Coastguard Worker 194*cfb92d14SAndroid Build Coastguard Worker- psk: pre-shared key 195*cfb92d14SAndroid Build Coastguard Worker- pskid: pre-shared key identifier 196*cfb92d14SAndroid Build Coastguard Worker 197*cfb92d14SAndroid Build Coastguard Worker```bash 198*cfb92d14SAndroid Build Coastguard Worker> coaps psk 123 pskid 199*cfb92d14SAndroid Build Coastguard WorkerDone 200*cfb92d14SAndroid Build Coastguard Worker``` 201*cfb92d14SAndroid Build Coastguard Worker 202*cfb92d14SAndroid Build Coastguard Worker### put \<uri-path\> \[type\] \[payload\] 203*cfb92d14SAndroid Build Coastguard Worker 204*cfb92d14SAndroid Build Coastguard Worker- uri-path: URI path of the resource. 205*cfb92d14SAndroid Build Coastguard Worker- type: "con" for Confirmable or "non-con" for Non-confirmable (default). Use "block-<block-size>" to send blocks with random payload. ("block-16","block-32","block-64","block-128","block-256","block-512","block-1024") 206*cfb92d14SAndroid Build Coastguard Worker- payload: CoAP request payload. If \[type\] is "block-<block-size>", the amount of blocks to be sent can be set here. 207*cfb92d14SAndroid Build Coastguard Worker 208*cfb92d14SAndroid Build Coastguard Worker```bash 209*cfb92d14SAndroid Build Coastguard Worker> coaps put test-resource con payload 210*cfb92d14SAndroid Build Coastguard WorkerDone 211*cfb92d14SAndroid Build Coastguard Worker``` 212*cfb92d14SAndroid Build Coastguard Worker 213*cfb92d14SAndroid Build Coastguard Worker```bash 214*cfb92d14SAndroid Build Coastguard Worker> coaps put test-resource block-1024 10 215*cfb92d14SAndroid Build Coastguard WorkerDone 216*cfb92d14SAndroid Build Coastguard Worker``` 217*cfb92d14SAndroid Build Coastguard Worker 218*cfb92d14SAndroid Build Coastguard Worker### resource \[uri-path\] 219*cfb92d14SAndroid Build Coastguard Worker 220*cfb92d14SAndroid Build Coastguard WorkerSets the URI path for the test resource. 221*cfb92d14SAndroid Build Coastguard Worker 222*cfb92d14SAndroid Build Coastguard Worker```bash 223*cfb92d14SAndroid Build Coastguard Worker> coaps resource test-resource 224*cfb92d14SAndroid Build Coastguard WorkerDone 225*cfb92d14SAndroid Build Coastguard Worker> coaps resource 226*cfb92d14SAndroid Build Coastguard Workertest-resource 227*cfb92d14SAndroid Build Coastguard WorkerDone 228*cfb92d14SAndroid Build Coastguard Worker``` 229*cfb92d14SAndroid Build Coastguard Worker 230*cfb92d14SAndroid Build Coastguard Worker### set \[new-content\] 231*cfb92d14SAndroid Build Coastguard Worker 232*cfb92d14SAndroid Build Coastguard WorkerSets the content sent by the test resource. 233*cfb92d14SAndroid Build Coastguard Worker 234*cfb92d14SAndroid Build Coastguard Worker```bash 235*cfb92d14SAndroid Build Coastguard Worker> coaps set Testing123 236*cfb92d14SAndroid Build Coastguard WorkerDone 237*cfb92d14SAndroid Build Coastguard Worker``` 238*cfb92d14SAndroid Build Coastguard Worker 239*cfb92d14SAndroid Build Coastguard Worker### start \[check-peer-cert\|max-conn-attempts\] 240*cfb92d14SAndroid Build Coastguard Worker 241*cfb92d14SAndroid Build Coastguard WorkerStarts the application coaps service. 242*cfb92d14SAndroid Build Coastguard Worker 243*cfb92d14SAndroid Build Coastguard WorkerThe `check-peer-cert` parameter determines if the peer-certificate check is enabled (default) or disabled. The `max-conn-attempts` parameter sets the maximum number of allowed attempts, successful or failed, to connect to the CoAP Secure server. The default value of this parameter is 0, which means that there is no limit to the number of attempts. The `check-peer-cert` and `max-conn-attempts` parameters work together in the following combinations, even though you can only specify one argument: 244*cfb92d14SAndroid Build Coastguard Worker 245*cfb92d14SAndroid Build Coastguard Worker- No argument specified: Defaults are used. 246*cfb92d14SAndroid Build Coastguard Worker- Setting `check-peer-cert` to `true`: Has the same effect as as omitting the argument, which is that the `check-peer-cert` value is `true`, and the `max-conn-attempts` value is 0. 247*cfb92d14SAndroid Build Coastguard Worker- Setting `check-peer-cert` to `false`: `check-peer-cert` value is `false`, and the `max-conn-attempts` value is `0`. 248*cfb92d14SAndroid Build Coastguard Worker- Specifying a number: `check-peer-cert` is `true`, and the `max-conn-attempts` value is the number specified in the argument. 249*cfb92d14SAndroid Build Coastguard Worker 250*cfb92d14SAndroid Build Coastguard Worker```bash 251*cfb92d14SAndroid Build Coastguard Worker> coaps start 252*cfb92d14SAndroid Build Coastguard WorkerDone 253*cfb92d14SAndroid Build Coastguard Worker``` 254*cfb92d14SAndroid Build Coastguard Worker 255*cfb92d14SAndroid Build Coastguard Worker### stop 256*cfb92d14SAndroid Build Coastguard Worker 257*cfb92d14SAndroid Build Coastguard WorkerStops the application coaps service. 258*cfb92d14SAndroid Build Coastguard Worker 259*cfb92d14SAndroid Build Coastguard Worker```bash 260*cfb92d14SAndroid Build Coastguard Worker> coaps stop 261*cfb92d14SAndroid Build Coastguard WorkerDone 262*cfb92d14SAndroid Build Coastguard Worker``` 263*cfb92d14SAndroid Build Coastguard Worker 264*cfb92d14SAndroid Build Coastguard Worker### isconnected 265*cfb92d14SAndroid Build Coastguard Worker 266*cfb92d14SAndroid Build Coastguard WorkerIndicates whether or not the CoAP secure service is connected. 267*cfb92d14SAndroid Build Coastguard Worker 268*cfb92d14SAndroid Build Coastguard Worker```bash 269*cfb92d14SAndroid Build Coastguard Worker> coaps isconnected 270*cfb92d14SAndroid Build Coastguard Workeryes 271*cfb92d14SAndroid Build Coastguard WorkerDone 272*cfb92d14SAndroid Build Coastguard Worker``` 273*cfb92d14SAndroid Build Coastguard Worker 274*cfb92d14SAndroid Build Coastguard Worker### isconnactive 275*cfb92d14SAndroid Build Coastguard Worker 276*cfb92d14SAndroid Build Coastguard WorkerIndicates whether or not the CoAP secure service connection is active (already connected or establishing a connection). 277*cfb92d14SAndroid Build Coastguard Worker 278*cfb92d14SAndroid Build Coastguard Worker```bash 279*cfb92d14SAndroid Build Coastguard Worker> coaps isconnactive 280*cfb92d14SAndroid Build Coastguard Workeryes 281*cfb92d14SAndroid Build Coastguard WorkerDone 282*cfb92d14SAndroid Build Coastguard Worker``` 283*cfb92d14SAndroid Build Coastguard Worker 284*cfb92d14SAndroid Build Coastguard Worker### isclosed 285*cfb92d14SAndroid Build Coastguard Worker 286*cfb92d14SAndroid Build Coastguard WorkerIndicates whether or not the CoAP secure service is closed. 287*cfb92d14SAndroid Build Coastguard Worker 288*cfb92d14SAndroid Build Coastguard Worker```bash 289*cfb92d14SAndroid Build Coastguard Worker> coaps isclosed 290*cfb92d14SAndroid Build Coastguard Workerno 291*cfb92d14SAndroid Build Coastguard WorkerDone 292*cfb92d14SAndroid Build Coastguard Worker``` 293*cfb92d14SAndroid Build Coastguard Worker 294*cfb92d14SAndroid Build Coastguard Worker### x509 295*cfb92d14SAndroid Build Coastguard Worker 296*cfb92d14SAndroid Build Coastguard WorkerSet DTLS ciphersuite to `TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8`. 297*cfb92d14SAndroid Build Coastguard Worker 298*cfb92d14SAndroid Build Coastguard WorkerThe X.509 certificate stored in [`src/cli/x509_cert_key.hpp`](x509_cert_key.hpp). 299*cfb92d14SAndroid Build Coastguard Worker 300*cfb92d14SAndroid Build Coastguard Worker```bash 301*cfb92d14SAndroid Build Coastguard Worker> coaps x509 302*cfb92d14SAndroid Build Coastguard WorkerDone 303*cfb92d14SAndroid Build Coastguard Worker``` 304