Add support for CBOR Object Signing and Encryption (COSE)

[lindemer]

Introduction

There are a number of new standards for IoT security under development at IETF which depend on CBOR Object Signing and Encryption, or COSE (see IETF RFC 8152). This is the CBOR equivalent of JSON Web Encryption (see IETF RFC 7516). Adding a COSE library is a necessary prerequisite before the following new or proposed IETF standards can be implemented in Zephyr:

• Object Security for Constrained RESTful Environments, or OSCORE (see IETF RFC 8613), a protocol for application-layer encryption of CoAP messages.
• Authentication and Authorization for Constrained Environments, or ACE (see IETF working group), the IoT equivalent of OAuth 2.0. This architecture enables token-based access control using CBOR Web Token, or CWT (see IETF RFC 8392).
• Software Updates for the Internet of Things, or SUIT (see IETF working group), a firmware update architecture for IoT devices.
• Remote ATtestation ProcedureS, or RATS (see IETF working group), a remote attestation architecture for IoT devices.
• Trusted Execution Environment Provisioning, or TEEP (see IETF working group), a protocol for interoperability between TEEs running on different architectures.

There is a growing interest in the above protocols from security researchers and certification bodies (at least in the EU), and it would be great to see this key building block available in Zephyr so others can get involved on testing implementations.

Detailed RFC

There are few existing implementations of COSE, and none are built on the encryption and CBOR libraries supported in Zephyr (i.e., TinyCrypt and tinyCBOR). It would appear that the most expedient approach is to start a new implementation from scratch.

Proposed change (Detailed)

All of the prerequisite building blocks for COSE should exist in TinyCrypt and tinyCBOR. It seems appropriate to add the new source code in the same directories as the existing JSON source code, given the number of parallels between the two:

• lib/os/cose.c
• include/data/cose.h
• include/data/cwt.h
• tests/lib/cose

Concerns and Unresolved Questions

My work in the near future will depend on a working COSE implementation in Zephyr. I am new to this community and I'd appreciate any feedback, and to hear from anyone interested before I get started working on this. (In particular, whether the file structure described above is appropriate for this type of feature addition.)

[lindemer]

I have a partial COSE implementation available as an external Zephyr module for anyone interested.

[jjmilburn]

Interesting! I'll be watching this for MAC/MAC0 support if that gets rolled in.

[carlescufi]

I have a partial COSE implementation available as an external Zephyr module for anyone interested.

@lindemer would you be willing to submit this to Zephyr as a Pull Request? We are interested in COSE and would likely review and contribute.

[carlescufi]

@rlubos just found this: https://github.com/Fraunhofer-AISEC/c_OSCORE @oberien would you be interested in contributing OSCORE to Zephyr?

[lindemer]

@carlescufi Are you mainly interested in OSCORE or do you need a generic COSE implementation? If it's the latter case I can work on this a bit and submit it. My COSE implementation depends on an LGPL 2.1-licensed CBOR library so I could use some clarification on whether that's compatible with Apache 2.0.

[StefanHri]

@carlescufi and @oberien c_OSCORE was developed at Fraunhofer AISEC as a Student project. Meanwhile, we further developed and extended it. The new version is still not on GitHub but we plan to do that in the next weeks.

Are you also interested in EDHOC? EDHOC can be used to establish symmetric keys for OSCORE. We have also an EDHOC implementation that together with OSCORE forms a light alternative to DTLS.

We will be happy to contribute both OSCORE and EDHOC to ZephyrOS. Are you interested?

[carlescufi]

@carlescufi Are you mainly interested in OSCORE or do you need a generic COSE implementation? If it's the latter case I can work on this a bit and submit it. My COSE implementation depends on an LGPL 2.1-licensed CBOR library so I could use some clarification on whether that's compatible with Apache 2.0.

@lindemer We're mostly interested in OSCORE, but having a COSE that is not bound to it would be preferable. Unfortunately we cannot accept any copyleft licenses (including LGPL) in the main Zephyr tree, so using that CBOR library is not an option for this work to be included in the main upstream repository. Let us also discuss with @StefanHri and see where we can go from here.

[carlescufi]

@carlescufi and @oberien c_OSCORE was developed at Fraunhofer AISEC as a Student project. Meanwhile, we further developed and extended it. The new version is still not on GitHub but we plan to do that in the next weeks.

Great to hear, thanks for the info

Are you also interested in EDHOC? EDHOC can be used to establish symmetric keys for OSCORE. We have also an EDHOC implementation that together with OSCORE forms a light alternative to DTLS.

Yes, we are indeed interested in EDHOC as well.

We will be happy to contribute both OSCORE and EDHOC to ZephyrOS. Are you interested?

Absolutely. Assuming your code uses a compatible license, I think this should go in the main tree, and not as a module. Ideally we´d need it to be licensed under the same Apache v2 license we use for the rest. Here is what I (on behalf of Nordic) can offer to help out in the effort:

• Extensive code review and suggestions once the Pull Request(s) is posted
• Comprehensive testing on our (nRF) platforms
• Technical help to expedite resolving the issues raised in the Pull Request(s)