OpenThread CLI - CoAPS Example

The OpenThread CoAPS APIs may be invoked via the OpenThread CLI.

Quick Start

Form Network

Form a network with at least two devices.

Configure DTLS ciphersuite.

CoAPS uses DTLS to establish a secure, end-to-end connection.

This example supports two ciphersuites:

TLS_PSK_WITH_AES_128_CCM_8

> coaps psk <your-psk> <your-psk-id>
Done

TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
```
> coaps x509
Done
```
The X.509 certificate stored in core/cli/x509_cert_key.hpp.

Node 1

On node 1, setup CoAPS server with resource test-resource.

> coaps start
Done
> coaps resource test-resource
Done

Node 2

> coaps start
Done
> coaps connect <peer-ip6-address>
Done
coaps connected
> coaps get test-resource
Done
coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744 with payload: 68656c6c6f576f726c6400
> coaps put test-resource con payload
Done
coaps response from fdde:ad00:beef:0:9903:14b:27e0:5744

Result

On node 1, you should see output similar to below:

coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 GET
coaps response sent
coaps request from fdde:ad00:beef:0:9e68:576f:714c:f395 PUT with payload: 7061796c6f6164
coaps response sent

Generate Elliptic Curve Private Key and X.509 Certificate

EC Private Key

> openssl ecparam -genkey -name prime256v1 -noout -out ec_private.pem

X.509 Certificate

> openssl req -x509 -new -key ec_private.pem -out x509_cert.pem -days 30

Command Details

help

> coaps help
help
connect
delete
disconnect
get
post
psk
put
resource
set
start
stop
x509
Done

List the CoAPS CLI commands.

connect <address>

Establish DTLS session.

address: IPv6 address of the peer.

> coaps connect fdde:ad00:beef:0:9903:14b:27e0:5744
Done
coaps connected

delete <uri-path> [type] [payload]

uri-path: URI path of the resource.
type: “con” for Confirmable or “non-con” for Non-confirmable (default).
payload: CoAPS request payload.

> coaps delete test-resource con payload
Done

disconnect

> coaps disconnect
coaps disconnected
Done

get <uri-path> [type]

uri-path: URI path of the resource.
type: “con” for Confirmable or “non-con” for Non-confirmable (default). Use “block-” if the response should be transferred block-wise. (“block-16”,“block-32”,“block-64”,“block-128”,“block-256”,“block-512”,“block-1024”)

> coaps get test-resource
Done

> coaps get test-resource block-1024
Done

post <uri-path> [type] [payload]

uri-path: URI path of the resource.
type: “con” for Confirmable or “non-con” for Non-confirmable (default). Use “block-” to send blocks with random payload. (“block-16”,“block-32”,“block-64”,“block-128”,“block-256”,“block-512”,“block-1024”)
payload: CoAP request payload. If [type] is “block-”, the amount of blocks to be sent can be set here.

> coaps post test-resource con payload
Done

> coaps post test-resource block-1024 10
Done

psk <psk> <pskid>

Set DTLS ciphersuite to TLS_PSK_WITH_AES_128_CCM_8.

psk: pre-shared key
pskid: pre-shared key identifier

> coaps psk 123 pskid
Done

put <uri-path> [type] [payload]

uri-path: URI path of the resource.
type: “con” for Confirmable or “non-con” for Non-confirmable (default). Use “block-” to send blocks with random payload. (“block-16”,“block-32”,“block-64”,“block-128”,“block-256”,“block-512”,“block-1024”)
payload: CoAP request payload. If [type] is “block-”, the amount of blocks to be sent can be set here.

> coaps put test-resource con payload
Done

> coaps put test-resource block-1024 10
Done

resource [uri-path]

Sets the URI path for the test resource.

> coaps resource test-resource
Done
> coaps resource
test-resource
Done

set [new-content]

Sets the content sent by the test resource.

> coaps set Testing123
Done

start

Starts the application coaps service.

checkPeerCert: Peer Certificate Check can be disabled by typing false.

> coaps start
Done

stop

Stops the application coaps service.

> coaps stop
Done

x509

Set DTLS ciphersuite to TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8.

The X.509 certificate stored in src/cli/x509_cert_key.hpp.

> coaps x509
Done