coapjs / node-coap

CoAP - Node.js style
MIT License
533 stars 156 forks source link

Add OSCORE (RFC 8613) support #302

Open JKRhb opened 3 years ago

JKRhb commented 3 years ago

Besides DTLS, it would be awesome if node-coap had support for OSCORE (RFC 8613) which can be used for secure end-to-end and group communication.

Motii1 commented 9 months ago

Hi @JKRhb, I would be happy to submit a PR for this issue. It would take some time as I do not have experience in the field. That's why I am asking for guidance. Do you know if there are any recommended resources that would help me understand and implement it? Or the RFC 8613 is the only one place that I should use?

JKRhb commented 8 months ago

Hi @Motii1! Thank you for comment, and sorry for the long response time :(

If you are still interested in working on this topic, then I think RFC 8613 is definitely the most important document to take into account. However, as OSCORE builds upon on COSE, it is probably good to also have a look at RFC 9052, as the OSCORE option essentially serves as a means to transmit a compressed COSE_Encrypt0 object (distributed over the option itself and the payload).

I'd assume that cose-js could probably be used as a foundation to implement this functionality, but I haven't taken a deeper look into it yet. Have you already started working on this topic? :)

Motii1 commented 8 months ago

@JKRhb I have not started yet. I had a use case at my job where I needed OSCORE so to not waste time I used californium. But I am thinking that it would be super cool if thenode-coap also had OSCORE implemented. I am busy right now but I will think about it and try to implement something next week :)